Commit Graph

341 Commits

Author SHA1 Message Date
Joshua Boniface e4ccafee73 Add cgroup delegation override
Required to solve the occasional
  libvirt: QEMU Driver error : Requested operation is not valid:
  cgroup CPUACCT controller is not mounted
problem, as per:
  https://answers.launchpad.net/ubuntu/+question/665132
2023-09-01 15:42:28 -04:00
Joshua Boniface e8fe165e00 Further optimize ownership agent output 2023-09-01 15:42:28 -04:00
Joshua Boniface cbea6e284c Make ownership check consistent with cmk-agent 2.1
The new CheckMK agent uses UID 998 (dynamic) for itself. This causes
ownership problems with the old logic of this check. Move instead to a
range, where the UIDs from 200-599 are reserved for administrators, and
check for this range explicitly. Also eliminates the exceptions for ceph
and 2000 from previous iterations.
2023-09-01 15:42:28 -04:00
Joshua Boniface 9e20e47903 Update freshness checks 2023-09-01 15:42:28 -04:00
Joshua Boniface d47d320bb3 Replace freshness and kernel_version checks
Use an updated plugin from BLSE that uses needrestart instead of manual
parsing of these elements.
2023-09-01 15:42:28 -04:00
Joshua Boniface ea9fe5570f Add method to remove inactive SSH keys 2023-09-01 15:42:28 -04:00
Joshua Boniface 25dde4709b Ensure packages are installed as newhost 2023-09-01 15:42:28 -04:00
Joshua Boniface 4dfd877c7f Ensure Admin users are in additional groups 2023-09-01 15:42:28 -04:00
Joshua Boniface ce9304e43e Populate /etc/timezone as well 2023-09-01 15:42:28 -04:00
Joshua Boniface b28dc5b700 Add clusters.yml to setup 2023-09-01 15:42:28 -04:00
Joshua Boniface 5e1475235f Add additional hook type webhook to example 2023-09-01 15:42:28 -04:00
Joshua Boniface 33c34bd182 Update example bootstrap.yml 2023-09-01 15:42:28 -04:00
Joshua Boniface 9fe43efac2 Convert default libvirtd to template 2023-09-01 15:42:28 -04:00
Joshua Boniface aa6b4ac3dc Make locale generation universal
Don't rely on a notify/handler, just do it every time in the base role.
2023-09-01 15:42:28 -04:00
Joshua Boniface 91ca3d1510 Ensure insecure_global_id_reclaim is false 2023-09-01 15:42:28 -04:00
Joshua Boniface 3397dacab4 Fix bugs with Patroni bootstrap 2023-09-01 15:42:28 -04:00
Joshua Boniface 167599ac6c Don't reboot if purge fails 2023-09-01 15:42:28 -04:00
Joshua Boniface 8692e1fd4b Add SD-CARD example 2023-09-01 15:42:28 -04:00
Joshua Boniface 2b32cbef19 Add example of a pvcbootstrapd variables file
Also add a README to clarify some details.
2023-09-01 15:42:28 -04:00
Joshua Boniface 1838f8ff56 Add proper PostgreSQL versioning 2023-09-01 15:42:28 -04:00
Joshua Boniface 773fd5a9d4 Ensure all zkCli has -server set 2023-09-01 15:42:28 -04:00
Joshua Boniface 3c465f4e7f Purge ceph too 2023-09-01 15:42:28 -04:00
Joshua Boniface b1ca13070e Improve purge configuration 2023-09-01 15:42:28 -04:00
Joshua Boniface 0e9d0b3294 Fix incorrect postgresql version 2023-09-01 15:42:28 -04:00
Joshua Boniface f5254d7867 Add additional ceph symlink 2023-09-01 15:42:28 -04:00
Joshua Boniface 35dcf979f4 Customize grub distributor 2023-09-01 15:42:28 -04:00
Joshua Boniface ba81a106d2 Set postfix to listen on all interfaces
Binding to just localhost was causing problems.
2023-09-01 15:42:28 -04:00
Joshua Boniface a87745d640 Fix name of task 2023-09-01 15:42:28 -04:00
Joshua Boniface d6cb28b639 Add immutability to PVC subrole
1. Remove the obsolete pvc-vacuum script install.

2. Remove notifies when modifying configs; we do not want to restart the
daemons uncontrolled.

3. Add bootstrap check to package installs so they only happen on
bootstrap.

This ensures this part of the role, on re-runs, will *only* update
configs and not actually touch the running daemon. This makes it safe to
run before a oneshot/update-pvc-daemons.yml playbook run.
2023-09-01 15:42:28 -04:00
Joshua Boniface 77be96bf6f Fix a few more splits 2023-09-01 15:42:28 -04:00
Joshua Boniface 95b47f8b09 Fix a few more extraneous splits
Just use this_node if applicable, or the raw node.hostname.
2023-09-01 15:42:28 -04:00
Joshua Boniface 87803cb7a2 Remove extraneous splits
The node.hostname should always be short.
2023-09-01 15:42:28 -04:00
Joshua Boniface d24cb8a8ef Unify and standardize inventory_hostname
This was causing some confusing conflicts, so create a new fact called
"this_node" which is inventory_hostname.split('.')[0], i.e. the short
name, and use that everywhere instead of an FQDN or true inventory
hostname.
2023-09-01 15:42:28 -04:00
Joshua Boniface 5de3ab0c3a Move pvc maintenance to separate plays
This ensures that the maintenance on/off happens before all tasks and
after all tasks and not intermittently.
2023-09-01 15:42:28 -04:00
Joshua Boniface 056c325486 Add option for setting CPU governor
Allows the administrator to set a CPU frequency governor if they need
to, though the default of ondemand is usually sufficient.
2023-09-01 15:42:28 -04:00
Joshua Boniface fc5bcf139c Fix name of IPMI check again 2023-09-01 15:42:28 -04:00
Joshua Boniface 44cedf66c9 Fix name of ipmi check 2023-09-01 15:42:28 -04:00
Joshua Boniface 9f7dbfb4f8 Add IPMI check to tasks 2023-09-01 15:42:28 -04:00
Joshua Boniface b9ae4d1009 Adjust headers and add LOM check 2023-09-01 15:42:27 -04:00
Joshua Boniface 48fb21af75 Add node list to PVC MOTD 2023-09-01 15:42:27 -04:00
Joshua Boniface 94e9bf9133 Ignore errors during flush commands
These might inexplicably fail, but that is fine.
2023-09-01 15:42:27 -04:00
Joshua Boniface e009cf4076 Fix whitespaced manufacturer and bad [[ 2023-09-01 15:42:27 -04:00
Joshua Boniface e65f1d15a6 Add coordinator state to MOTD 2023-09-01 15:42:27 -04:00
Joshua Boniface 894ce9b517 Support unknown manufacturers in MOTD 2023-09-01 15:42:27 -04:00
Joshua Boniface 55ec177919 Ignore errors restarting libvirtd
This seems to inexplicably fail sometimes. We can just ignore it.
2023-09-01 15:42:27 -04:00
Joshua Boniface b814ec60f6 Add resolv.conf customization 2023-09-01 15:42:27 -04:00
Joshua Boniface cf1d8114e2 Add note about moving files up 2023-09-01 15:42:27 -04:00
Joshua Boniface 197000a48d Revert "Add symlink for Ceph file pickup"
This reverts commit 3ac946bf2e.
2023-09-01 15:42:27 -04:00
Joshua Boniface 94c019f960 Add symlink for Ceph file pickup 2023-09-01 15:42:27 -04:00
Joshua Boniface 3161708593 Include another upgrade in deb11 playbook
Ensures that the system is fully updated after re-enabling the security
repository during the base run.
2023-09-01 15:42:27 -04:00