diff options
35 files changed, 210 insertions, 694 deletions
diff --git a/chaos-at-home/ch-hroottest-obsd.yml b/chaos-at-home/ch-hroottest-obsd.yml deleted file mode 100644 index de0a051a..00000000 --- a/chaos-at-home/ch-hroottest-obsd.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Basic Setup - hosts: ch-hroottest-obsd - roles: - - role: core/base - - role: core/sshd - - role: core/zsh - - role: core/admin-users diff --git a/chaos-at-home/ch-hroottest.yml b/chaos-at-home/ch-hroottest.yml deleted file mode 100644 index d8bc019a..00000000 --- a/chaos-at-home/ch-hroottest.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Basic Setup - hosts: ch-hroottest - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd - - role: core/zsh - - role: core/cpu-microcode - - role: zfs/base - - role: apt-repo/spreadspace - - role: zfs/sanoid - # - role: vm/host - # - role: installer/debian/base - # - role: installer/openbsd/base - - role: kubernetes/base - - role: kubernetes/standalone/base diff --git a/chaos-at-home/host_vars/ch-hroottest.yml b/chaos-at-home/host_vars/ch-hroottest.yml deleted file mode 100644 index cbab0cdb..00000000 --- a/chaos-at-home/host_vars/ch-hroottest.yml +++ /dev/null @@ -1,10 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;chaos-at-home -65373866616230323066396132643136646161663638653433303266316239373062663364663538 -3533366230653363393533306133313366323731643664320a623264363537383338306332656261 -65653066396632626662633861396238316333393839393430663032336366663835653839396430 -3734393337363138620a613631663965396237633037636237333365663234353630343839366664 -64333431353863366666373965373234363439633031303535653064376237633462336165333637 -39363363316533333264643165616634636335646335633065656638326331363664383239613730 -61636366363064323232396439656431386331646365383066313438343639393965356639323565 -38626663643834306431383736306265303035396438643535393035363666323932663961646361 -6131 diff --git a/chaos-at-home/k8s-chtest.yml b/chaos-at-home/k8s-chtest.yml deleted file mode 100644 index e3daf681..00000000 --- a/chaos-at-home/k8s-chtest.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Basic Node Setup - hosts: k8s-chtest - roles: - - role: apt-repo/base - - role: core/base - - role: core/sshd - - role: core/zsh - -- import_playbook: ../common/kubernetes-cluster-layout.yml - vars: - kubernetes_cluster_layout: - nodes_group: k8s-chtest - masters: - - ch-k8s-m0 - - ch-k8s-m1 - - ch-k8s-m2 - primary_master: ch-k8s-m0 - -### hack hack hack... -- name: cook kubernetes secrets - hosts: _kubernetes_nodes_ - gather_facts: no - tasks: - - set_fact: - kubernetes_secrets_cooked: "{{ kubernetes_secrets }}" - - when: external_ip is defined - set_fact: - external_ip_cooked: "{{ external_ip }}" - -- import_playbook: ../common/kubernetes-cluster.yml -- import_playbook: ../common/kubernetes-cluster-cleanup.yml - -- name: install addons - hosts: _kubernetes_primary_master_ - roles: - - role: kubernetes/addons/metrics-server diff --git a/inventory/group_vars/emc/main.yml b/inventory/group_vars/emc/main.yml index 02a2e25c..42515184 100644 --- a/inventory/group_vars/emc/main.yml +++ b/inventory/group_vars/emc/main.yml @@ -5,8 +5,6 @@ install: cloud: credentials: token: "{{ vault_hcloud_api_token }}" - disks: - root_lvm_size: all network: {} diff --git a/inventory/group_vars/k8s-chtest/main.yml b/inventory/group_vars/k8s-chtest/main.yml deleted file mode 100644 index a7fe0120..00000000 --- a/inventory/group_vars/k8s-chtest/main.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -docker_pkg_provider: docker-com -docker_pkg_name: docker-ce - -kubernetes_version: 1.18.3 -kubernetes_container_runtime: docker -kubernetes_network_plugin: kubeguard -kubernetes_network_plugin_replaces_kube_proxy: true -kubernetes_network_plugin_variant: with-kube-router -kubernetes_network_plugin_version: 0.4.0 - -kubernetes: - cluster_name: chtest - - dedicated_master: True - api_extra_sans: - - 178.63.180.139 - - 178.63.180.140 - - pod_ip_range: 172.18.0.0/16 - pod_ip_range_size: 24 - service_ip_range: 172.18.192.0/18 - - -kubernetes_secrets: - encryption_config_keys: "{{ vault_kubernetes_encryption_config_keys }}" - - -kubeguard: - ## node_index must be in the range between 1 and 190 -> 189 hosts possible - ## - ## hardcoded hostnames are not nice but if we do this via host_vars - ## the info is spread over multiple files and this makes it more diffcult - ## to find mistakes, so it is nicer to keep it in one place... - node_index: - ch-k8s-w0: 1 - ch-k8s-w1: 2 - ch-k8s-m0: 100 - ch-k8s-m1: 101 - ch-k8s-m2: 102 - -kubernetes_overlay_node_ip: "{{ kubernetes.pod_ip_range | ipsubnet(kubernetes.pod_ip_range_size, kubeguard.node_index[inventory_hostname]) | ipaddr(1) | ipaddr('address') }}" - -kubernetes_metrics_server_version: 0.3.6 diff --git a/inventory/group_vars/lendwirbel-live/main.yml b/inventory/group_vars/lendwirbel-live/main.yml index 43823233..37d3ec1a 100644 --- a/inventory/group_vars/lendwirbel-live/main.yml +++ b/inventory/group_vars/lendwirbel-live/main.yml @@ -12,8 +12,6 @@ install: cloud: credentials: token: "{{ vault_hcloud_api_token }}" - disks: - root_lvm_size: all network: {} diff --git a/inventory/group_vars/vmhost-ch-hroottest/main.yml b/inventory/group_vars/vmhost-ch-hroottest/main.yml deleted file mode 100644 index 84c826b1..00000000 --- a/inventory/group_vars/vmhost-ch-hroottest/main.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -vm_host: - name: ch-hroottest - network: - dns: - - 213.133.100.100 - - 213.133.98.98 - - 213.133.99.99 - bridges: - public: - prefix: 192.168.250.0/24 - offsets: - ch-hroottest-vm1: 100 - ch-hroottest-obsd: 101 - ch-k8s-m2: 200 - ch-k8s-w0: 210 - ch-k8s-w1: 211 - ch-hroottest: 254 - nat: yes - zfs: - default: - pool: storage - name: vm - properties: - compression: lz4 diff --git a/inventory/group_vars/vmhost-sk-2019vm/main.yml b/inventory/group_vars/vmhost-sk-2019vm/main.yml index 93f7948c..254d6d8b 100644 --- a/inventory/group_vars/vmhost-sk-2019vm/main.yml +++ b/inventory/group_vars/vmhost-sk-2019vm/main.yml @@ -14,8 +14,6 @@ vm_host: # emc-master: 137 lw-master: 137 ele-gwhetzner: 138 - ch-k8s-m0: 139 - ch-k8s-m1: 140 ch-mimas: 142 sk-testvm: 253 sk-2019vm: 254 @@ -27,8 +25,6 @@ vm_host: # emc-master: 1 lw-master: 1 ele-gwhetzner: 2 - ch-k8s-m0: 3 - ch-k8s-m1: 4 ch-mimas: 6 sk-testvm: 7 zfs: diff --git a/inventory/host_vars/ch-equinox-ws.yml b/inventory/host_vars/ch-equinox-ws.yml index d71f38d8..84ca3962 100644 --- a/inventory/host_vars/ch-equinox-ws.yml +++ b/inventory/host_vars/ch-equinox-ws.yml @@ -5,6 +5,24 @@ install: efi: true disks: primary: /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_1TB_S462NF0MA04112K + system_lvm: + volumes: + - name: root + size: 30G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec + - name: home + size: 200G + filesystem: ext4 + mountpoint: /home network: nameservers: "{{ network_zones.lan.dns }}" diff --git a/inventory/host_vars/ch-hroottest-obsd.yml b/inventory/host_vars/ch-hroottest-obsd.yml deleted file mode 100644 index 96ec2fe2..00000000 --- a/inventory/host_vars/ch-hroottest-obsd.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -install: - vm: - memory: 1G - numcpus: 1 - autostart: True - disks: - primary: /dev/vda - virtio: - vda: - type: zfs - name: root - size: 10g - interfaces: - - bridge: br-public - name: vio0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - primary: &_network_primary_ - name: vio0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - interfaces: - - *_network_primary_ diff --git a/inventory/host_vars/ch-hroottest-vm1.yml b/inventory/host_vars/ch-hroottest-vm1.yml deleted file mode 100644 index a7f45252..00000000 --- a/inventory/host_vars/ch-hroottest-vm1.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 4 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 20g - properties: - refreservation: none - sdb: - type: zfs - name: data - size: 100g - properties: - refreservation: none - compression: off - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - interfaces: - - *_network_primary_ diff --git a/inventory/host_vars/ch-hroottest.yml b/inventory/host_vars/ch-hroottest.yml deleted file mode 100644 index 4ed4449f..00000000 --- a/inventory/host_vars/ch-hroottest.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -install: - cloud: - credentials: "{{ vault_hroot_robot_account }}" - server_name: "{{ host_name }}" - disks: - primary: software-raid - raid: - level: 1 - members: - - /dev/sda - - /dev/sdb - root_lvm_size: 10G - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - interfaces: - - name: br-public - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - - -apt_repo_components: - - main - - contrib ## for zfs - - non-free ## for microcode updates - - -zfs_arc_size: - min: "{{ 1 * 1024 * 1024 * 1024 }}" - max: "{{ 4 * 1024 * 1024 * 1024 }}" - -zfs_zpools: - storage: - mountpoint: /srv/storage - create_vdevs: mirror /dev/disk/by-id/ata-SAMSUNG_HD753LJ_S13UJ1LS801071-part3 /dev/disk/by-id/ata-SAMSUNG_HD753LJ_S13UJ1BQ802393-part3 - -# zfs_sanoid_modules: -# storage/vm: -# use_template: production -# recursive: yes -# process_children_only: yes - -docker_zfs: - pool: storage - name: docker - properties: - quota: 15G - -kubelet_zfs: - pool: storage - name: kubelet - properties: - quota: 15G - -kubernetes_version: 1.18.5 -kubernetes_container_runtime: docker -kubernetes_standalone_max_pods: 15 -kubernetes_standalone_pod_cidr: 192.168.255.0/24 -kubernetes_standalone_cni_variant: with-portmap diff --git a/inventory/host_vars/ch-k8s-m0.yml b/inventory/host_vars/ch-k8s-m0.yml deleted file mode 100644 index 7d81b792..00000000 --- a/inventory/host_vars/ch-k8s-m0.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 2 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 20g - properties: - refreservation: none - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" - interfaces: - - *_network_primary_ - -external_ip: "{{ network.primary.overlay }}" - -docker_lvm: - vg: "{{ host_name }}" - lv: docker - size: 7G - fs: ext4 - -kubelet_lvm: - vg: "{{ host_name }}" - lv: kubelet - size: 5G - fs: ext4 diff --git a/inventory/host_vars/ch-k8s-m1.yml b/inventory/host_vars/ch-k8s-m1.yml deleted file mode 100644 index 7d81b792..00000000 --- a/inventory/host_vars/ch-k8s-m1.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 2 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 20g - properties: - refreservation: none - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - overlay: "{{ (vm_host.network.bridges.public.overlay.prefix | ipaddr(vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" - interfaces: - - *_network_primary_ - -external_ip: "{{ network.primary.overlay }}" - -docker_lvm: - vg: "{{ host_name }}" - lv: docker - size: 7G - fs: ext4 - -kubelet_lvm: - vg: "{{ host_name }}" - lv: kubelet - size: 5G - fs: ext4 diff --git a/inventory/host_vars/ch-k8s-m2.yml b/inventory/host_vars/ch-k8s-m2.yml deleted file mode 100644 index 6de6fbfb..00000000 --- a/inventory/host_vars/ch-k8s-m2.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 2 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 20g - properties: - refreservation: none - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - interfaces: - - *_network_primary_ - - -docker_lvm: - vg: "{{ host_name }}" - lv: docker - size: 7G - fs: ext4 - -kubelet_lvm: - vg: "{{ host_name }}" - lv: kubelet - size: 5G - fs: ext4 diff --git a/inventory/host_vars/ch-k8s-w0.yml b/inventory/host_vars/ch-k8s-w0.yml deleted file mode 100644 index 51095a86..00000000 --- a/inventory/host_vars/ch-k8s-w0.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 4 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 100g - properties: - refreservation: none - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - interfaces: - - *_network_primary_ - - -docker_lvm: - vg: "{{ host_name }}" - lv: docker - size: 15G - fs: ext4 - -kubelet_lvm: - vg: "{{ host_name }}" - lv: kubelet - size: 15G - fs: ext4 diff --git a/inventory/host_vars/ch-k8s-w1.yml b/inventory/host_vars/ch-k8s-w1.yml deleted file mode 100644 index 51095a86..00000000 --- a/inventory/host_vars/ch-k8s-w1.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -install: - vm: - memory: 4G - numcpus: 4 - autostart: True - disks: - primary: /dev/sda - scsi: - sda: - type: zfs - name: root - size: 100g - properties: - refreservation: none - interfaces: - - bridge: br-public - name: primary0 - -network: - nameservers: "{{ vm_host.network.dns }}" - domain: "{{ host_domain }}" - systemd_link: - interfaces: "{{ install.interfaces }}" - primary: &_network_primary_ - name: primary0 - address: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ vm_host.network.bridges.public.prefix | ipaddr(vm_host.network.bridges.public.offsets[vm_host.name]) | ipaddr('address') }}" - interfaces: - - *_network_primary_ - - -docker_lvm: - vg: "{{ host_name }}" - lv: docker - size: 15G - fs: ext4 - -kubelet_lvm: - vg: "{{ host_name }}" - lv: kubelet - size: 15G - fs: ext4 diff --git a/inventory/host_vars/ch-mimas2.yml b/inventory/host_vars/ch-mimas2.yml index 46fc78d2..49973cd1 100644 --- a/inventory/host_vars/ch-mimas2.yml +++ b/inventory/host_vars/ch-mimas2.yml @@ -4,8 +4,6 @@ install: credentials: token: "{{ vault_hcloud_api_token }}" server_name: "{{ host_name }}" - disks: - root_lvm_size: all network: {} diff --git a/inventory/host_vars/ch-oulu.yml b/inventory/host_vars/ch-oulu.yml index d0d035d2..e63e6f2d 100644 --- a/inventory/host_vars/ch-oulu.yml +++ b/inventory/host_vars/ch-oulu.yml @@ -2,13 +2,14 @@ install: efi: true disks: - root_lvm_size: 15G primary: software-raid raid: level: 1 members: - /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_1TB_S462NF0M800161Z - /dev/disk/by-id/nvme-Samsung_SSD_970_PRO_1TB_S462NF0M800191M + system_lvm: + size: 15G network: nameservers: diff --git a/inventory/host_vars/ele-lt.yml b/inventory/host_vars/ele-lt.yml index 5ef66f54..1bfcf901 100644 --- a/inventory/host_vars/ele-lt.yml +++ b/inventory/host_vars/ele-lt.yml @@ -3,8 +3,6 @@ install: cloud: credentials: token: "{{ vault_hcloud_api_token }}" - disks: - root_lvm_size: all network: {} diff --git a/inventory/host_vars/ele-telesto.yml b/inventory/host_vars/ele-telesto.yml index a8b2b162..8fe1376d 100644 --- a/inventory/host_vars/ele-telesto.yml +++ b/inventory/host_vars/ele-telesto.yml @@ -1,9 +1,30 @@ --- base_modules_blacklist: "{{ base_modules_blacklist_all_but_sound }}" -preseed_template_name: "xubuntu-eoan-desktop-with-raid" +preseed_template_name: "xubuntu-focal-desktop" -install: {} +install: + disks: + primary: software-raid + raid: + level: 1 + members: + - /dev/sda + - /dev/sdb + system_lvm: + volumes: + - name: root + size: 20G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec network: nameservers: "{{ network_zones.lan.dns }}" diff --git a/inventory/host_vars/lw-telesto.yml b/inventory/host_vars/lw-telesto.yml index 4a10338e..a225d787 100644 --- a/inventory/host_vars/lw-telesto.yml +++ b/inventory/host_vars/lw-telesto.yml @@ -1,9 +1,30 @@ --- base_modules_blacklist: "{{ base_modules_blacklist_all_but_sound }}" -preseed_template_name: "xubuntu-eoan-desktop-with-raid" +preseed_template_name: "xubuntu-focal-desktop" -install: {} +install: + disks: + primary: software-raid + raid: + level: 1 + members: + - /dev/sda + - /dev/sdb + system_lvm: + volumes: + - name: root + size: 20G + filesystem: ext4 + mountpoint: / + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec network: nameservers: diff --git a/inventory/host_vars/sk-2019.yml b/inventory/host_vars/sk-2019.yml index 353fe8c1..23dbbc15 100644 --- a/inventory/host_vars/sk-2019.yml +++ b/inventory/host_vars/sk-2019.yml @@ -10,7 +10,8 @@ install: members: - /dev/nvme0n1 - /dev/nvme1n1 - root_lvm_size: 20G + system_lvm: + size: 20G network: {} diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index e989d37e..a131189c 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -10,7 +10,8 @@ install: members: - /dev/nvme0n1 - /dev/nvme1n1 - root_lvm_size: 10G + system_lvm: + size: 10G network: nameservers: "{{ vm_host.network.dns }}" diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index f8167017..0e4e1340 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -10,7 +10,8 @@ install: members: - /dev/nvme0n1 - /dev/nvme1n1 - root_lvm_size: 15G + system_lvm: + size: 15G network: {} diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index 3702bd54..410a1d29 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -10,7 +10,8 @@ install: members: - /dev/nvme0n1 - /dev/nvme1n1 - root_lvm_size: 10G + system_lvm: + size: 10G network: nameservers: "{{ vm_host.network.dns }}" diff --git a/inventory/hosts.ini b/inventory/hosts.ini index bd6add33..5d19bee4 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -25,16 +25,12 @@ ch-router-obsd host_name=router ch-gw-lan host_name=gw-lan ch-jump host_name=jump ansible_port=2342 ansible_host=ch-jump ch-nic host_name=nic -ch-hroottest host_name=hroot-test -ch-hroottest-vm1 host_name=hroot-test-vm1 -ch-hroottest-obsd host_name=hroot-test-obsd ch-oulu host_name=oulu host_domain=helsinki.at [chaos-at-home:children] mz-chaos-at-home chaos-at-home-switches chaos-at-home-ap -chaos-at-home-k8s [mz-chaos-at-home] mz-router ansible_host=chmz-router @@ -56,13 +52,6 @@ ch-ap1 host_name=ap1 ch-router ch-pan -[chaos-at-home-k8s] -ch-k8s-m0 host_name=k8s-master0 -ch-k8s-m1 host_name=k8s-master1 -ch-k8s-m2 host_name=k8s-master2 -ch-k8s-w0 host_name=k8s-worker0 -ch-k8s-w1 host_name=k8s-worker1 - [realraum:vars] host_domain=realraum.at @@ -218,7 +207,6 @@ chaos-at-home-switches [openbsd] ch-router-obsd -ch-hroottest-obsd ## virtualization @@ -243,22 +231,11 @@ ch-atlas [vmhost-ch-atlas:children] vmhost-ch-atlas-guests -[vmhost-ch-hroottest-guests] -ch-hroottest-vm1 -ch-hroottest-obsd -ch-k8s-m2 -ch-k8s-w[0:1] -[vmhost-ch-hroottest] -ch-hroottest -[vmhost-ch-hroottest:children] -vmhost-ch-hroottest-guests - [vmhost-sk-2019vm-guests] sk-testvm sk-torrent ch-mimas ele-gwhetzner -ch-k8s-m[0:1] emc-master lw-master [vmhost-sk-2019vm] @@ -278,14 +255,12 @@ vmhost-sk-tomnext-guests [kvmhosts] ch-gnocchi ch-atlas -ch-hroottest sk-2019vm sk-tomnext [kvmguests:children] vmhost-ch-gnocchi-guests vmhost-ch-atlas-guests -vmhost-ch-hroottest-guests vmhost-sk-2019vm-guests vmhost-sk-tomnext-guests @@ -296,7 +271,6 @@ sk-2019 sk-cloudia sk-2019vm sk-tomnext -ch-hroottest [hcloud] ch-mimas2 @@ -313,8 +287,6 @@ emc-master lw-master sk-testvm sk-torrent -ch-hroottest-vm1 -ch-hroottest-obsd [hetzner:children] hroot @@ -351,14 +323,12 @@ k8s-emc [kubernetes-cluster:children] k8s-emc k8s-lwl -k8s-chtest [standalone-kubelet] sk-cloudia ele-thetys lw-thetys sk-tomnext-nc -ch-hroottest [kubernetes:children] kubernetes-cluster @@ -406,15 +376,3 @@ k8s-lwl-master k8s-lwl-encoder k8s-lwl-distribution k8s-lwl-streamer - - -### Kubernetes Cluster: ch-test -[k8s-chtest-master] -ch-k8s-m[0:2] - -[k8s-chtest-worker] -ch-k8s-w[0:1] - -[k8s-chtest:children] -k8s-chtest-master -k8s-chtest-worker diff --git a/roles/cloud/install/defaults/main.yml b/roles/cloud/install/defaults/main.yml new file mode 100644 index 00000000..975400a5 --- /dev/null +++ b/roles/cloud/install/defaults/main.yml @@ -0,0 +1,21 @@ +--- +hetzner_boot_size: 512M + +hetzner_system_lvm_size_default: all +hetzner_system_lvm_volumes_default: + - name: root + size: 2560M + filesystem: ext4 + mountpoint: / + - name: var + size: 1280M + filesystem: ext4 + mountpoint: /var + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec diff --git a/roles/cloud/install/templates/hetzner_installimage.conf.j2 b/roles/cloud/install/templates/hetzner_installimage.conf.j2 index ed22f286..e3cd4c4e 100644 --- a/roles/cloud/install/templates/hetzner_installimage.conf.j2 +++ b/roles/cloud/install/templates/hetzner_installimage.conf.j2 @@ -13,12 +13,14 @@ DRIVE1 {{ install_cooked.disks.primary }} DRIVE1 /dev/sda {% endif %} BOOTLOADER grub -PART /boot ext4 512M -PART lvm {{ host_name }} {{ install_cooked.disks.root_lvm_size }} -{% if install_cooked.disks.root_lvm_size != "all" %} +PART /boot ext4 {{ hetzner_boot_size }} +{% set system_lvm_size = install_cooked.system_lvm.size | default(hetzner_system_lvm_size_default) %} +PART lvm {{ host_name }} {{ system_lvm_size }} +{% if system_lvm_size != "all" %} PART /dummy ext4 all {% endif %} -LV {{ host_name }} root / ext4 2560M -LV {{ host_name }} var /var ext4 1280M -LV {{ host_name }} var+log /var/log ext4 768M +{% set system_lvm_volumes = install_cooked.system_lvm.volumes | default(hetzner_system_lvm_volumes_default) %} +{% for volume in system_lvm_volumes %} +LV {{ host_name }} {{ volume.name }} {{ volume.mountpoint }} {{ volume.filesystem }} {{ volume.size }} +{% endfor %} IMAGE {{ latest_image.stdout }} diff --git a/roles/cloud/install/templates/hetzner_postinst.sh.j2 b/roles/cloud/install/templates/hetzner_postinst.sh.j2 index 613f57ac..d9de15c9 100644 --- a/roles/cloud/install/templates/hetzner_postinst.sh.j2 +++ b/roles/cloud/install/templates/hetzner_postinst.sh.j2 @@ -27,7 +27,12 @@ passwd -d root && passwd -l root {% if install_distro == "debian" %} sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces {% endif %} -sed -r 's#(\s+/var/log\s+ext4\s+)defaults#\1noatime,nodev,noexec#g' -i /etc/fstab +{% set system_lvm_volumes = install_cooked.system_lvm.volumes | default(hetzner_system_lvm_volumes_default) %} +{% for volume in system_lvm_volumes %} +{% if 'mount_options' in volume %} +sed -r 's#(\s+{{ volume.mountpoint }}\s+{{ volume.filesystem }}\s+)defaults#\1{{ volume.mount_options | join(",") }}#g' -i /etc/fstab +{% endif %} +{% endfor %} mkdir -p -m 0700 /target/root/.ssh cat <<EOK > /root/.ssh/authorized_keys @@ -42,7 +47,8 @@ swapoff -a sed -e '/^\/swapfile/d' -i /etc/fstab rm -f /swapfile -{% if install_cooked.disks.root_lvm_size != "all" %} +{% set system_lvm_size = install_cooked.system_lvm.size | default('all') %} +{% if system_lvm_size != "all" %} sed -e '/\/dummy/d' -i /etc/fstab cat > /post-install-finalize <<EOF diff --git a/roles/installer/debian/preseed/defaults/main.yml b/roles/installer/debian/preseed/defaults/main.yml index a864c1bd..cfdef902 100644 --- a/roles/installer/debian/preseed/defaults/main.yml +++ b/roles/installer/debian/preseed/defaults/main.yml @@ -5,3 +5,26 @@ preseed_no_netplan: no preseed_virtual_machine: no + +preseed_efi_esp_size: 128 +preseed_swraid_boot_size: 256 + +preseed_system_lvm_reserve: 384 +preseed_system_lvm_size_default: all +preseed_system_lvm_volumes_default: + - name: root + size: 2560M + filesystem: ext4 + mountpoint: / + - name: var + size: 1280M + filesystem: ext4 + mountpoint: /var + - name: var+log + size: 768M + filesystem: ext4 + mountpoint: /var/log + mount_options: + - noatime + - nodev + - noexec diff --git a/roles/installer/debian/preseed/templates/partman_config.j2 b/roles/installer/debian/preseed/templates/partman_config.j2 index ca6feb41..4ae3241f 100644 --- a/roles/installer/debian/preseed/templates/partman_config.j2 +++ b/roles/installer/debian/preseed/templates/partman_config.j2 @@ -32,89 +32,84 @@ d-i partman-basicfilesystems/choose_label string msdos d-i partman-basicfilesystems/default_label string msdos {% endif %} +{% set system_lvm_size = hostvars[install_hostname].install_cooked.system_lvm.size | default(preseed_system_lvm_size_default) %} +{% set system_lvm_volumes = hostvars[install_hostname].install_cooked.system_lvm.volumes | default(preseed_system_lvm_volumes_default) %} +{# on small disks this probably triggers: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896826 ... #} +{# set system_lvm_pv_size_min_mb = (((system_lvm_volumes | map(attribute='size') | map('human_to_bytes') | sum) / (1024*1024)) | int) + preseed_system_lvm_reserve #} +{# ... so let's go for a 1 MB minimum. #} +{% set system_lvm_pv_size_min_mb = 1 %} {% if hostvars[install_hostname].install_cooked.disks.primary == "software-raid" %} d-i partman-auto/method string raid {% else %} d-i partman-auto/method string lvm {% endif %} - -d-i partman-auto/expert_recipe string \ - ansible :: \ +d-i partman-auto/expert_recipe string \ + ansible :: \ {% if (hostvars[install_hostname].install_cooked.efi | default(false)) %} - 128 128 128 fat16 \ - $primary{ } $bootable{ } \ - method{ efi } format{ } \ - . \ + {{ preseed_efi_esp_size }} {{ preseed_efi_esp_size }} {{ preseed_efi_esp_size }} fat16 \ + $primary{ } $bootable{ } \ + method{ efi } format{ } \ + . \ {% endif %} {% if hostvars[install_hostname].install_cooked.disks.primary == "software-raid" %} - 256 256 256 raid \ - $lvmignore{ } $primary{ } $bootable{ } \ - method{ raid } \ - . \ -{% if 'root_lvm_size' in hostvars[install_hostname].install_cooked.disks and hostvars[install_hostname].install_cooked.disks.root_lvm_size != 'all' %} -{% set root_lvm_size = ((hostvars[install_hostname].install_cooked.disks.root_lvm_size | human_to_bytes) / (1024*1024)) | int %} - {{ root_lvm_size }} {{ root_lvm_size }} {{ root_lvm_size }} raid \ - $lvmignore{ } $primary{ } \ - method{ raid } \ - . \ - 8 108 -1 ext4 \ - $lvmignore{ } $primary{ } \ - method{ unused } \ - . \ + {{ preseed_swraid_boot_size }} {{ preseed_swraid_boot_size }} {{ preseed_swraid_boot_size }} raid \ + $lvmignore{ } $primary{ } $bootable{ } \ + method{ raid } \ + . \ + +{% if system_lvm_size != 'all' %} +{% set system_lvm_size_mb = ((system_lvm_size | human_to_bytes) / (1024*1024)) | int %} + {{ system_lvm_size_mb }} {{ system_lvm_size_mb }} {{ system_lvm_size_mb }} raid \ + $lvmignore{ } $primary{ } \ + method{ raid } \ + . \ + 1 101 -1 ext4 \ + $lvmignore{ } $primary{ } \ + method{ unused } \ + . \ {% else %} - 5120 5120 5120 raid \ - $lvmignore{ } $primary{ } \ - method{ raid } \ - . \ + {{ system_lvm_pv_size_min_mb }} {{ system_lvm_pv_size_min_mb + 100 }} -1 raid \ + $lvmignore{ } $primary{ } \ + method{ raid } \ + . \ {% endif %} {% else %} -{% if 'root_lvm_size' in hostvars[install_hostname].install_cooked.disks and hostvars[install_hostname].install_cooked.disks.root_lvm_size != 'all' %} -{% set root_lvm_size = ((hostvars[install_hostname].install_cooked.disks.root_lvm_size | human_to_bytes) / (1024*1024)) | int %} - {{ root_lvm_size }} {{ root_lvm_size }} {{ root_lvm_size }} lvm \ - $defaultignore{ } $primary{ } \ - method{ lvm } vg_name{ {{ hostvars[install_hostname].host_name }} } \ - . \ - 8 108 -1 ext4 \ - $defaultignore{ } $primary{ } \ - method{ unused } \ - . \ +{% if system_lvm_size != 'all' %} +{% set system_lvm_size_mb = ((system_lvm_size | human_to_bytes) / (1024*1024)) | int %} + {{ system_lvm_size_mb }} {{ system_lvm_size_mb }} {{ system_lvm_size_mb }} lvm \ + $defaultignore{ } $primary{ } \ + method{ lvm } vg_name{ {{ hostvars[install_hostname].host_name }} } \ + . \ + 1 101 -1 ext4 \ + $defaultignore{ } $primary{ } \ + method{ unused } \ + . \ {% else %} - 5120 5120 5120 lvm \ - $defaultignore{ } $primary{ } \ - method{ lvm } vg_name{ {{ hostvars[install_hostname].host_name }} } \ - . \ + {{ system_lvm_pv_size_min_mb }} {{ system_lvm_pv_size_min_mb + 100 }} -1 lvm \ + $defaultignore{ } $primary{ } \ + method{ lvm } vg_name{ {{ hostvars[install_hostname].host_name }} } \ + . \ {% endif %} {% endif %} - 2560 2560 2560 ext4 \ - $defaultignore{ } $lvmok{ } \ - in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 1280 1280 1280 ext4 \ - $defaultignore{ } $lvmok{ } \ - in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var } \ - . \ - 768 768 768 ext4 \ - $defaultignore{ } $lvmok{ } \ - in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } \ - options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 8 108 -1 ext4 \ - $defaultignore{ } $lvmok{ } \ - in_vg{ {{ hostvars[install_hostname].host_name }} } \ - lv_name{ dummy } \ - method{ unused } \ +{% for volume in system_lvm_volumes %} +{% set volume_size = ((volume.size | human_to_bytes) / (1024*1024)) | int %} + {{ volume_size }} {{ volume_size }} {{ volume_size }} {{ volume.filesystem }} \ + $defaultignore{ } $lvmok{ } \ + in_vg{ {{ hostvars[install_hostname].host_name }} } lv_name{ {{ volume.name }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ {{ volume.filesystem }} } \ + mountpoint{ {{ volume.mountpoint }} } \ + mountpoint{ {{ volume.mountpoint }} } \ +{% for option in volume.mount_options | default([]) %} + options/{{ option }}{ {{ option }} } \ +{% endfor %} + . \ +{% endfor %} + 1 101 -1 ext4 \ + $defaultignore{ } $lvmok{ } \ + in_vg{ {{ hostvars[install_hostname].host_name }} } lv_name{ dummy } \ + method{ unused } \ . diff --git a/roles/installer/debian/preseed/templates/partman_early-command.sh.j2 b/roles/installer/debian/preseed/templates/partman_early-command.sh.j2 index 9c720e92..f13290e4 100644 --- a/roles/installer/debian/preseed/templates/partman_early-command.sh.j2 +++ b/roles/installer/debian/preseed/templates/partman_early-command.sh.j2 @@ -31,3 +31,15 @@ debconf-set grub-installer/bootdev "$disks" ## https://unix.stackexchange.com/questions/510445/install-grub-bootloader-dynamically-to-multiple-disks . /usr/share/debconf/confmodule db_fset grub-installer/bootdev seen true + +mkdir -p /lib/partman/not-enough-space.d/ +cat <<EOF > /lib/partman/not-enough-space.d/00-ansible +#!/bin/sh + +. /usr/share/debconf/confmodule +db_input critical partman-auto/autopartitioning_failed || true +db_go || true + +exit 1 +EOF +chmod +x /lib/partman/not-enough-space.d/00-ansible diff --git a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 index eeda9943..2312f2b0 100644 --- a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 @@ -57,78 +57,7 @@ d-i time/zone string Europe/Vienna d-i clock-setup/ntp boolean false -d-i partman/early_command string \ - debconf-set partman-auto/disk "$(readlink -f {{ hostvars[install_hostname].install_cooked.disks.primary }})"; \ - debconf-set grub-installer/bootdev "$(readlink -f {{ hostvars[install_hostname].install_cooked.disks.primary }})"; \ - umount -l /media || true - -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true -d-i partman-md/device_remove_md boolean true -d-i partman-md/confirm boolean true -d-i partman-md/confirm_nooverwrite boolean true -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -d-i partman-auto/method string lvm -d-i partman-auto/purge_lvm_from_device boolean true -d-i partman-auto-lvm/new_vg_name string {{ hostvars[install_hostname].host_name }} -d-i partman-auto-lvm/guided_size string max -d-i partman-auto-lvm/no_boot boolean true - -{% if (hostvars[install_hostname].install_cooked.efi | default(false)) %} -d-i partman-efi/non_efi_system boolean true -d-i partman/choose_label string gpt -d-i partman/default_label string gpt -{% endif %} -d-i partman-auto/expert_recipe string \ - boot-root :: \ -{% if (hostvars[install_hostname].install_cooked.efi | default(false)) %} - 100 100 128 fat16 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ efi } format{ } \ - . \ -{% endif %} - 1000 10000 -1 ext4 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ lvm } vg_name{ {{ hostvars[install_hostname].host_name }} } \ - . \ - 15360 10000 20480 ext4 \ - $lvmok{ } in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 768 10000 768 ext4 \ - $lvmok{ } in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 20480 10000 40960 ext4 \ - $lvmok{ } in_vg{ {{ hostvars[install_hostname].host_name }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /home } \ - . \ - 16 20000 -1 ext4 \ - $lvmok{ } in_vg{ {{ hostvars[install_hostname].host_name }} } \ - lv_name{ dummy } \ - . - -d-i partman-basicfilesystems/no_swap true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish - - -## boot devices are configured by partman/early_command -d-i grub-installer/bootdev seen true -d-i grub-installer/choose_bootdev seen true -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean false +{% include 'partman_config.j2' %} d-i base-installer/install-recommends boolean false |