From fd00e35dbadedd40867e1595644b6fcc2bbbc003 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lucas=20Ple=C3=9F?= Date: Sun, 12 Jan 2020 13:08:05 +0100 Subject: [PATCH] added dhcp config and ansible project --- ansible-ctdo/.gitignore | 1 + ansible-ctdo/group_vars/all/main.yml | 15 ++ ansible-ctdo/group_vars/nodes/main.yml | 11 ++ ansible-ctdo/inventory | 42 +++++ ansible-ctdo/roles/authkeys/tasks/main.yml | 27 +++ ansible-ctdo/roles/authkeys/vars/main.yml | 8 + ansible-ctdo/roles/base/defaults/main.yml | 1 + ansible-ctdo/roles/base/handlers/main.yml | 4 + ansible-ctdo/roles/base/tasks/main.yml | 7 + .../templates/etc/systemd/timesyncd.conf.j2 | 16 ++ ansible-ctdo/roles/hostname/tasks/main.yml | 9 + .../roles/hostname/templates/hosts.j2 | 8 + ansible-ctdo/roles/packages/files/.bashrc | 104 ++++++++++++ ansible-ctdo/roles/packages/files/.screenrc | 17 ++ ansible-ctdo/roles/packages/files/.vimrc | 23 +++ ansible-ctdo/roles/packages/tasks/main.yml | 54 ++++++ ansible-ctdo/site.yml | 17 ++ dhcp/README.md | 12 ++ dhcp/ctdo.conf | 155 ++++++++++++++++++ 19 files changed, 531 insertions(+) create mode 100644 ansible-ctdo/.gitignore create mode 100644 ansible-ctdo/group_vars/all/main.yml create mode 100644 ansible-ctdo/group_vars/nodes/main.yml create mode 100644 ansible-ctdo/inventory create mode 100644 ansible-ctdo/roles/authkeys/tasks/main.yml create mode 100644 ansible-ctdo/roles/authkeys/vars/main.yml create mode 100644 ansible-ctdo/roles/base/defaults/main.yml create mode 100644 ansible-ctdo/roles/base/handlers/main.yml create mode 100644 ansible-ctdo/roles/base/tasks/main.yml create mode 100644 ansible-ctdo/roles/base/templates/etc/systemd/timesyncd.conf.j2 create mode 100644 ansible-ctdo/roles/hostname/tasks/main.yml create mode 100644 ansible-ctdo/roles/hostname/templates/hosts.j2 create mode 100755 ansible-ctdo/roles/packages/files/.bashrc create mode 100644 ansible-ctdo/roles/packages/files/.screenrc create mode 100644 ansible-ctdo/roles/packages/files/.vimrc create mode 100644 ansible-ctdo/roles/packages/tasks/main.yml create mode 100644 ansible-ctdo/site.yml create mode 100644 dhcp/README.md create mode 100644 dhcp/ctdo.conf diff --git a/ansible-ctdo/.gitignore b/ansible-ctdo/.gitignore new file mode 100644 index 0000000..a8b42eb --- /dev/null +++ b/ansible-ctdo/.gitignore @@ -0,0 +1 @@ +*.retry diff --git a/ansible-ctdo/group_vars/all/main.yml b/ansible-ctdo/group_vars/all/main.yml new file mode 100644 index 0000000..24d8ec1 --- /dev/null +++ b/ansible-ctdo/group_vars/all/main.yml @@ -0,0 +1,15 @@ +--- +cron_apt_mailto: hostmaster@ctdo.de + + +ssmtp_rewrite_domain: "{{ansible_hostname}}.cluster.ctdo.de" + +additional_packages: + - build-essential + - curl + - unzip + - findutils + - dos2unix + - gawk + - sed + - stress diff --git a/ansible-ctdo/group_vars/nodes/main.yml b/ansible-ctdo/group_vars/nodes/main.yml new file mode 100644 index 0000000..5355ff9 --- /dev/null +++ b/ansible-ctdo/group_vars/nodes/main.yml @@ -0,0 +1,11 @@ +network_interfaces: + - device: enp3s0f0 + auto: true + family: inet + method: static + address: "{{ ansible_host }}" + netmask: 23 + gateway: 10.10.0.1 + nameservers: + - 1.1.1.1 + - 1.0.0.1 \ No newline at end of file diff --git a/ansible-ctdo/inventory b/ansible-ctdo/inventory new file mode 100644 index 0000000..8be912c --- /dev/null +++ b/ansible-ctdo/inventory @@ -0,0 +1,42 @@ +[all] +master ansible_host=10.10.0.1 + +[all:children] +nodes + +[nodes] +node00 ansible_host=10.10.0.100 +node01 ansible_host=10.10.0.101 +node02 ansible_host=10.10.0.102 +node03 ansible_host=10.10.0.103 +node04 ansible_host=10.10.0.104 +node05 ansible_host=10.10.0.105 +node06 ansible_host=10.10.0.106 +node07 ansible_host=10.10.0.107 +node08 ansible_host=10.10.0.108 +node09 ansible_host=10.10.0.109 +node10 ansible_host=10.10.0.110 +node11 ansible_host=10.10.0.111 +node12 ansible_host=10.10.0.112 +node13 ansible_host=10.10.0.113 +node14 ansible_host=10.10.0.114 +node15 ansible_host=10.10.0.115 +node16 ansible_host=10.10.0.116 +node17 ansible_host=10.10.0.117 +node18 ansible_host=10.10.0.118 +node19 ansible_host=10.10.0.119 +node20 ansible_host=10.10.0.120 +node21 ansible_host=10.10.0.121 +node22 ansible_host=10.10.0.122 +node23 ansible_host=10.10.0.123 +node24 ansible_host=10.10.0.124 +node25 ansible_host=10.10.0.125 +node26 ansible_host=10.10.0.126 +node27 ansible_host=10.10.0.127 +node28 ansible_host=10.10.0.128 +node29 ansible_host=10.10.0.129 +node30 ansible_host=10.10.0.130 +node31 ansible_host=10.10.0.131 +node32 ansible_host=10.10.0.132 +node33 ansible_host=10.10.0.133 + diff --git a/ansible-ctdo/roles/authkeys/tasks/main.yml b/ansible-ctdo/roles/authkeys/tasks/main.yml new file mode 100644 index 0000000..16a44c6 --- /dev/null +++ b/ansible-ctdo/roles/authkeys/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: add authorized keys for user root (for {{group}}) + tags: + - authkeys + authorized_key: + user: root + state: present + key: "{{ sshkeys[group]|map(attribute='publish_ssh_key')|join('\n') }}" + + +- name: add authorized keys for user debian + tags: + - authkeys + authorized_key: + user: debian + state: present + key: "{{ sshkeys[group]|map(attribute='publish_ssh_key')|join('\n') }}" + + +#- name: remove authorized keys for user root +# tags: +# - authkeys +# authorized_key: +# user: root +# state: absent +# key: "{{removed|map(attribute='publish_ssh_key')|join('\n') }}" + diff --git a/ansible-ctdo/roles/authkeys/vars/main.yml b/ansible-ctdo/roles/authkeys/vars/main.yml new file mode 100644 index 0000000..ab594aa --- /dev/null +++ b/ansible-ctdo/roles/authkeys/vars/main.yml @@ -0,0 +1,8 @@ +--- + +sshkeys: + admins: + - name: lucas + publish_ssh_key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvyZgx/+b0YU+CqDXLPbgOoRmpiyKYDkAsfXMpZ+aKVCtGZzmg8OeIVUDv1lbq+qQwNl+fOi7/V+U8w7BpyVUSf5Pn+ld/+eQK1IgkjsDyfdsFiXr4stzCDjpOzRTs/fludZ4WXEtBRJ0IsfX6VJWU2xXBZKrgw62XnbUv/I0hzpckf9Ug9RsCOdS70FfrmRxh2rCEpVdukS4KNyq8MHkwIQM381k26wvsAH6fhNJucICeBIDzfcP61bg4zWLiKQ+q+5c4U7cRoz/N0G2FNOWwQHooQueVC7+SY3Vh2o9AGG2H+Lbrg03e5NSSUBJa2ixZM933evno1yniv/NiTYbGw== lucas@luwo + - name: blastor + publish_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFNMlzpRFjkANy1tVafcLpkidbu1GF8cmmJK8dTwMZY4 fabian@fabian-T460s diff --git a/ansible-ctdo/roles/base/defaults/main.yml b/ansible-ctdo/roles/base/defaults/main.yml new file mode 100644 index 0000000..7f43e78 --- /dev/null +++ b/ansible-ctdo/roles/base/defaults/main.yml @@ -0,0 +1 @@ +ntp_server: ptbtime1.ptb.de ptbtime2.ptb.de ptbtime3.ptb.de diff --git a/ansible-ctdo/roles/base/handlers/main.yml b/ansible-ctdo/roles/base/handlers/main.yml new file mode 100644 index 0000000..f287596 --- /dev/null +++ b/ansible-ctdo/roles/base/handlers/main.yml @@ -0,0 +1,4 @@ +--- +- name: enable timesyncd + command: timedatectl set-ntp true + diff --git a/ansible-ctdo/roles/base/tasks/main.yml b/ansible-ctdo/roles/base/tasks/main.yml new file mode 100644 index 0000000..3a80eb4 --- /dev/null +++ b/ansible-ctdo/roles/base/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: configure timesyncd + template: + src: etc/systemd/timesyncd.conf.j2 + dest: /etc/systemd/timesyncd.conf + notify: enable timesyncd + when: ansible_service_mgr == "systemd" diff --git a/ansible-ctdo/roles/base/templates/etc/systemd/timesyncd.conf.j2 b/ansible-ctdo/roles/base/templates/etc/systemd/timesyncd.conf.j2 new file mode 100644 index 0000000..4935c1e --- /dev/null +++ b/ansible-ctdo/roles/base/templates/etc/systemd/timesyncd.conf.j2 @@ -0,0 +1,16 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. +# +# Entries in this file show the compile time defaults. +# You can change settings by editing this file. +# Defaults can be restored by simply deleting this file. +# +# See timesyncd.conf(5) for details. + +[Time] +NTP={{ ntp_server }} +FallbackNTP=ptbtime1.ptb.de diff --git a/ansible-ctdo/roles/hostname/tasks/main.yml b/ansible-ctdo/roles/hostname/tasks/main.yml new file mode 100644 index 0000000..f756eb0 --- /dev/null +++ b/ansible-ctdo/roles/hostname/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: configure hosts file + template: + src: hosts.j2 + dest: /etc/hosts + +- name: configure hostname + hostname: + name: "{{ inventory_hostname }}" \ No newline at end of file diff --git a/ansible-ctdo/roles/hostname/templates/hosts.j2 b/ansible-ctdo/roles/hostname/templates/hosts.j2 new file mode 100644 index 0000000..15f5c95 --- /dev/null +++ b/ansible-ctdo/roles/hostname/templates/hosts.j2 @@ -0,0 +1,8 @@ +# {{ ansible_managed }} +127.0.0.1 localhost localhost.localdomain {{ inventory_hostname }} +::1 localhost localhost.localdomain + +# The following lines are desirable for IPv6 capable hosts +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/ansible-ctdo/roles/packages/files/.bashrc b/ansible-ctdo/roles/packages/files/.bashrc new file mode 100755 index 0000000..f010a23 --- /dev/null +++ b/ansible-ctdo/roles/packages/files/.bashrc @@ -0,0 +1,104 @@ + + +# If not running interactively, don't do anything +case $- in + *i*) ;; + *) return;; +esac + + +genpasswd() { + local l=$1 + [ "$l" == "" ] && l=16 + tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs +} + +[ -z "$PS1" ] && return + +export HISTCONTROL=ignoreboth:erasedups +export HISTSIZE=10000 + +shopt -s histappend +shopt -s checkwinsize + +if [ "$TERM" != "dumb" ]; then + eval "`dircolors -b`" + alias ls='ls --color=auto' +fi + +#PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +#case "$TERM" in +#xterm*|rxvt*) +# PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}\007"' +# ;; +#*) +# ;; +#esac + + + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, unless we know we "want" color) +case "$TERM" in + xterm-color) color_prompt=yes;; +esac + +# uncomment for a colored prompt, if the terminal has the capability; turned +# off by default to not distract the user: the focus in a terminal window +# should be on the output of commands, not on the prompt +force_color_prompt=yes + +if [ -n "$force_color_prompt" ]; then + if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then + # We have color support; assume it's compliant with Ecma-48 + # (ISO/IEC-6429). (Lack of such support is extremely rare, and such + # a case would tend to support setf rather than setaf.) + color_prompt=yes + else + color_prompt= + fi +fi + +if [ "$color_prompt" = yes ]; then + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +else + PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' +fi +unset color_prompt force_color_prompt + +# If this is an xterm set the title to user@host:dir +case "$TERM" in +xterm*|rxvt*) + PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" + ;; +*) + ;; +esac + +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" + alias ls='ls --color=auto' + #alias dir='dir --color=auto' + #alias vdir='vdir --color=auto' + + alias grep='grep --color=auto' + alias fgrep='fgrep --color=auto' + alias egrep='egrep --color=auto' +fi + + +alias ll='ls -lAh' +alias l='ls -lh' +alias la='ls -a' +alias screen='screen -RD' +alias lemonupdate='apt autoremove -y && apt update -y && apt upgrade && apt autoremove -y' + + +stty stop undef +stty start undef + diff --git a/ansible-ctdo/roles/packages/files/.screenrc b/ansible-ctdo/roles/packages/files/.screenrc new file mode 100644 index 0000000..9986715 --- /dev/null +++ b/ansible-ctdo/roles/packages/files/.screenrc @@ -0,0 +1,17 @@ +# disable the blinky terminal on audible bell +vbell off + +autodetach on +startup_message off +crlf off +defscrollback 3000 +silencewait 15 +hardstatus alwayslastline "%{= kg}[%H %l] [%c] [%w]" + +#so wird auch das bell zeichen ans terminal geschickt +bell_msg 'Bell in window %n ^G' + +# Default Buffers +#screen -t Shell 1 +#screen -t Shell 2 +#select 0 diff --git a/ansible-ctdo/roles/packages/files/.vimrc b/ansible-ctdo/roles/packages/files/.vimrc new file mode 100644 index 0000000..667bd9a --- /dev/null +++ b/ansible-ctdo/roles/packages/files/.vimrc @@ -0,0 +1,23 @@ +syntax enable +set background=dark +set tabstop=2 +set shiftwidth=2 +set ruler +set nobackup +set nowb +set noswapfile +set smarttab +set ai "Auto indent +set si "Smart indent + +set showcmd " Show (partial) command in status line. +set showmatch " Show matching brackets. +set ignorecase " Do case insensitive matching +set smartcase " Do smart case matching +set incsearch " Incremental search +set autowrite " Automatically save before commands like :next and :make +set hidden " Hide buffers when they are abandoned + +"set autoindent +"set smartindent +set mouse= diff --git a/ansible-ctdo/roles/packages/tasks/main.yml b/ansible-ctdo/roles/packages/tasks/main.yml new file mode 100644 index 0000000..90ae7d3 --- /dev/null +++ b/ansible-ctdo/roles/packages/tasks/main.yml @@ -0,0 +1,54 @@ +--- +- name: install default packages + tags: + - packages + apt: name={{item}} state=present update_cache=yes + with_items: + - vim + - sudo + - bash-completion + - rsync + - apt-transport-https + - curl + - git + - htop + - screen + - iptraf-ng + +- name: remove packages + tags: + - packages + apt: name={{item}} state=absent purge=yes + with_items: + - command-not-found + - command-not-found-data + +- name: remove additional packages + tags: + - packages + apt: name={{item}} state=absent purge=yes + with_items: "{{ additional_remove_packages }}" + when: additional_remove_packages is defined and additional_remove_packages + +- name: install additional packages + tags: + - packages + apt: name={{item}} state=present update_cache=yes + with_items: "{{ additional_packages }}" + when: additional_packages is defined and additional_packages + +- name: configure dotfiles + tags: + - packages + copy: src=files/{{ item }} dest=/home/{{ansible_user}}/{{ item }} + with_items: + - .bashrc + - .screenrc + - .vimrc + +- name: set default editor + tags: + - packages + alternatives: + name: editor + path: /usr/bin/vim diff --git a/ansible-ctdo/site.yml b/ansible-ctdo/site.yml new file mode 100644 index 0000000..3ff14b2 --- /dev/null +++ b/ansible-ctdo/site.yml @@ -0,0 +1,17 @@ +- hosts: all + roles: + - { role: packages, tags: 'packages' } + - { role: base, tags: 'base' } + - { role: authkeys, tags: 'authkeys', group: 'admins' } + remote_user: debian + become_method: su + become: true + +- hosts: nodes + roles: + - { role: dresden-weekly.network-interfaces, tags: 'interfaces' } + - { role: hostname, tags: 'hostname' } + remote_user: debian + become_method: su + become: true + diff --git a/dhcp/README.md b/dhcp/README.md new file mode 100644 index 0000000..5c5f3d6 --- /dev/null +++ b/dhcp/README.md @@ -0,0 +1,12 @@ +# isc-dhcp-server + +install the debian package, check out the hpc-cluster repo to /home/debian/hpc-cluster/ + +configure /etc/dhcp/dhcpd.conf to + +``` +include "/home/debian/hpc-cluster/dhcp/ctdo.conf"; +``` + + + diff --git a/dhcp/ctdo.conf b/dhcp/ctdo.conf new file mode 100644 index 0000000..bf64ff8 --- /dev/null +++ b/dhcp/ctdo.conf @@ -0,0 +1,155 @@ +option domain-name "cluster.ctdo.de"; +option domain-name-servers 1.1.1.1; + +default-lease-time 600; +max-lease-time 7200; +ddns-update-style none; + +authoritative; +filename "pxelinux.0"; + +subnet 10.10.0.0 netmask 255.255.254.0 { + range 10.10.1.1 10.10.1.250; + option routers 10.10.0.1; + + +host node00 { + hardware ethernet 00:30:48:bc:84:56; + fixed-address 10.10.0.100; +} +host node01 { + hardware ethernet 00:30:48:bc:84:7a; + fixed-address 10.10.0.101; +} +host node02 { + hardware ethernet 00:30:48:bc:85:5e; + fixed-address 10.10.0.102; +} +host node03 { + hardware ethernet 00:30:48:bc:84:32; + fixed-address 10.10.0.103; +} +host node04 { + hardware ethernet 00:30:48:bc:86:2e; + fixed-address 10.10.0.104; +} +host node05 { + hardware ethernet 00:30:48:bc:84:0a; + fixed-address 10.10.0.105; +} +host node06 { + hardware ethernet 00:30:48:bc:83:4e; + fixed-address 10.10.0.106; +} +host node07 { + hardware ethernet 00:30:48:bc:34:24; + fixed-address 10.10.0.107; +} +host node08 { + hardware ethernet 00:30:48:bc:85:d2; + fixed-address 10.10.0.108; +} +host node09 { + hardware ethernet 00:30:48:bc:84:de; + fixed-address 10.10.0.109; +} +host node10 { + hardware ethernet 00:30:48:bc:83:6a; + fixed-address 10.10.0.110; +} +host node11 { + hardware ethernet 00:30:48:bc:83:82; + fixed-address 10.10.0.111; +} +host node12 { + hardware ethernet 00:30:48:bc:86:1a; + fixed-address 10.10.0.112; +} +host node13 { + hardware ethernet 00:30:48:bc:66:32; + fixed-address 10.10.0.113; +} +host node14 { + hardware ethernet 00:30:48:bc:86:56; + fixed-address 10.10.0.114; +} +host node15 { + hardware ethernet 00:30:48:bc:36:5c; + fixed-address 10.10.0.115; +} +host node16 { + hardware ethernet 00:30:48:bc:85:e6; + fixed-address 10.10.0.116; +} +host node17 { + hardware ethernet 00:30:48:bc:86:4e; + fixed-address 10.10.0.117; +} +host node18 { + hardware ethernet 00:30:48:bc:85:aa; + fixed-address 10.10.0.118; +} +host node19 { + hardware ethernet 00:30:48:bc:85:ce; + fixed-address 10.10.0.119; +} +host node20 { + hardware ethernet 00:30:48:bc:36:8c; + fixed-address 10.10.0.120; +} +host node21 { + hardware ethernet 00:30:48:bc:36:94; + fixed-address 10.10.0.121; +} +host node22 { + hardware ethernet 00:30:48:bc:86:5a; + fixed-address 10.10.0.122; +} +host node23 { + hardware ethernet 00:30:48:bc:86:36; + fixed-address 10.10.0.123; +} +host node24 { + hardware ethernet 00:30:48:bc:83:9e; + fixed-address 10.10.0.124; +} +host node25 { + hardware ethernet 00:30:48:bc:85:1e; + fixed-address 10.10.0.125; +} +host node26 { + hardware ethernet 00:30:48:bc:86:16; + fixed-address 10.10.0.126; +} +host node27 { + hardware ethernet 00:30:48:bc:34:94; + fixed-address 10.10.0.127; +} +host node28 { + hardware ethernet 00:30:48:bc:86:62; + fixed-address 10.10.0.128; +} +host node29 { + hardware ethernet 00:30:48:bc:84:62; + fixed-address 10.10.0.129; +} +host node30 { + hardware ethernet 00:30:48:bc:85:da; + fixed-address 10.10.0.130; +} +host node31 { + hardware ethernet 00:30:48:bc:85:de; + fixed-address 10.10.0.131; +} +host node32 { + hardware ethernet 00:30:48:bc:85:72; + fixed-address 10.10.0.132; +} +host node33 { + hardware ethernet 00:30:48:bc:84:4e; + fixed-address 10.10.0.133; +} + + + +}