├── .gitignore ├── LICENSE ├── README.md ├── ansible.cfg ├── group_vars └── all │ └── default.yml ├── host_vars └── zk-server │ ├── apt_enable.yml │ ├── dns.yml │ ├── ntp.yml │ ├── sshd.yml │ └── zstack.yml ├── playbooks ├── zk_config_sshd.yml └── zk_deploy_single.yml ├── production ├── roles ├── config_sshd │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── vars │ │ └── main.yml ├── zk_base_env │ ├── defaults │ │ └── main.yml │ ├── files │ │ ├── CentOS7-Base-163.repo │ │ ├── debian8-jessie-sources.list │ │ ├── dns-head │ │ ├── epel.repo │ │ ├── locale-default │ │ └── ubuntu16.04-sources.list │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── CentOS.yml │ │ ├── Debian.yml │ │ ├── Ubuntu.yml │ │ └── main.yml │ ├── templates │ │ ├── ntp.conf.j2 │ │ └── resolv.conf.j2 │ └── vars │ │ └── main.yml ├── zk_http_nfs │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ ├── CentOS.yml │ │ ├── Debian.yml │ │ ├── Ubuntu.yml │ │ └── main.yml │ └── templates │ │ ├── zstack-http.conf.j2 │ │ └── zstack-nfs.conf.j2 ├── zk_mgmnode │ ├── defaults │ │ └── main.yml │ ├── files │ │ ├── apache-tomcat-7.0.35.tar.gz │ │ ├── tomcat-setenv.sh │ │ ├── zstack-1.6.2.war.zip │ │ ├── zstack-consoleproxy │ │ ├── zstack-consoleproxy.service │ │ ├── zstack-kvmagent │ │ ├── zstack-kvmagent.service │ │ ├── zstack-sftpbackupstorage │ │ ├── zstack-sftpbackupstorage.service │ │ └── zstack.service │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── CentOS.yml │ │ ├── Debian.yml │ │ ├── Ubuntu.yml │ │ └── main.yml │ ├── templates │ │ └── zstack-server.j2 │ └── vars │ │ └── main.yml ├── zk_mysql_rabbitmq │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ ├── CentOS.yml │ │ ├── Debian.yml │ │ ├── Ubuntu.yml │ │ ├── init_mysql_root.yml │ │ └── main.yml │ └── vars │ │ └── main.yml ├── zk_repair_code │ ├── defaults │ │ └── main.yml │ ├── files │ │ ├── consoleproxy-virtualenv.tar.gz │ │ ├── consoleproxy.py │ │ ├── iproute2_4.6.0-4_amd64.deb │ │ ├── kvm.py │ │ └── sftpbackupstorage.py │ └── tasks │ │ ├── CentOS.yml │ │ ├── Debian.yml │ │ ├── Ubuntu.yml │ │ └── main.yml └── zk_restart_os │ ├── handlers │ └── main.yml │ └── tasks │ └── main.yml └── usage.md /.gitignore: -------------------------------------------------------------------------------- 1 | misc 2 | var 3 | roles/test_role 4 | roles/template 5 | roles/zk_repair_code/files/zstack-image-1.4.qcow2 6 | roles/zk_repair_code/files/zstack-virtualrouter-1.1.0.qcow2 7 | roles/zk_repair_code/files/bugs 8 | playbooks/test.yml 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 Steven Wang 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # zstack-ansible 2 | ``` 3 | zstack-ansible is a ZStack automation deployment project based on Ansible. 4 | zstack-ansible provides a alternative solution except ZStack All-in-one bash script. 5 | ``` 6 | 7 | # OS Support 8 | 9 | |OS| version|type| 10 | | --- |---| --- | 11 | | Debian | 8.x | support | 12 | | Ubuntu | 16.04 | support | 13 | | CentOS | 7.x | support | 14 | 15 | # Zstack version 16 | #### zstack-ansible based on zstack 1.6.2 version. 17 | 18 | # Usage 19 | 参考项目文件 usage.md 20 | 21 | # Welcome contribution 22 | > 如果你对zstack-ansible感兴趣,欢迎提交PR,也可以与我联系,共同成长! 23 | 24 | # Why zstack-ansible 25 | 26 | 1. ZStack官方仅提供All-in-one脚本部署,没有采用其他运维自动化工具的支持,诸如:ansible/Puppet etc. 27 | 2. ZStack打包好的一键部署方案,固然很好,但是其包装的过于厉害,导致很多有兴趣了解其软件架构的同学,无法知道ZStack到底用到了哪些开源软件,然后如何通过ZStack核心代码进行整合关联. 而zstack-ansible将会把ZStack用到的开源软件一一展示出来,让研究学习的同学能够清楚知道,哪些是开源组件,哪些是Zstack官方开发的代码和模块. 28 | 29 | 30 | # What is ZStack 31 | > ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Users can setup ZStack environments in a download-and-run manner, spending 5 minutes building a POC environment all on a single Linux machine, or 30 minutes building a multi-node production environment that can scale to hundreds of thousands of physical servers. 32 | 33 | # Help links 34 | - ZStack english site: http://zstack.org/ 35 | - ZStack chinese site: http://zstack.org.cn/ 36 | - Zstack github site: https://github.com/zstackorg/zstack 37 | - ZStack issues site: https://github.com/zstackorg/zstack/issues 38 | 39 | 40 | # Contact me 41 | ``` 42 | 小鱼人 43 | QQ: 785644342 44 | Wechat: steven_diwen 45 | Email: wangdiwen1@corp.netease.com 46 | ``` 47 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | gathering = smart 3 | fact_caching = jsonfile 4 | fact_caching_timeout = 86400 5 | fact_caching_connection = var/facts 6 | 7 | forks = 8 8 | inventory = production 9 | host_key_checking = False 10 | log_path = var/ansible.log 11 | remote_port = 32200 12 | retry_files_save_path = var 13 | roles_path = roles:roles_common 14 | transport = ssh 15 | # vault_password_file = vault_password 16 | deprecation_warnings = False 17 | # filter_plugins = filter_plugins 18 | no_log = False 19 | 20 | ansible_managed = Ansible managed: modified on %Y-%m-%d %H:%M:%S by {uid} on {host} 21 | 22 | [ssh_connection] 23 | scp_if_ssh = True 24 | pipelining = True 25 | -------------------------------------------------------------------------------- /group_vars/all/default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/group_vars/all/default.yml -------------------------------------------------------------------------------- /host_vars/zk-server/apt_enable.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # if you want to use defined apt sources, change it to 'no' 3 | use_apt_sources_list: yes 4 | -------------------------------------------------------------------------------- /host_vars/zk-server/dns.yml: -------------------------------------------------------------------------------- 1 | --- 2 | use_dns_servers: yes 3 | dns_servers: 4 | - "192.168.130.33" 5 | - "192.168.130.31" 6 | -------------------------------------------------------------------------------- /host_vars/zk-server/ntp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # if you want to use defined ntp server addrs, change it to 'yes' 3 | use_ntp_servers: yes 4 | ntp_servers: 5 | - hz.ntp.x.netease.com 6 | - ntp.x.netease.com 7 | -------------------------------------------------------------------------------- /host_vars/zk-server/sshd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # set your server sshd port 3 | ssh_port: 22 4 | ssh_root_pwd: 'netease' 5 | -------------------------------------------------------------------------------- /host_vars/zk-server/zstack.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # below are zstack common variables, 3 | # you can defined them by yourself 4 | zstack_backup_dir: /backup_root 5 | zstack_http_user: www-data 6 | zstack_http_dir: /var/www/html/http_root 7 | zstack_nfs_user: zstack 8 | zstack_nfs_dir: /var/www/html/nfs_root 9 | zstack_basedir: /usr/local/zstack 10 | zstack_tomcatdir: "{{ zstack_basedir }}/apache-tomcat" 11 | zstack_wardir: "{{ zstack_tomcatdir }}/webapps/zstack" 12 | zstack_install_sh_script: "{{ zstack_wardir }}/WEB-INF/classes/tools/install.sh" 13 | zstack_user: zstack 14 | zstack_licensedir: /var/lib/zstack 15 | zstack_mysql_host: localhost 16 | zstack_mysql_root_pwd: netease 17 | zstack_mysql_zstack_pwd: netease 18 | zstack_rabbitmq_host: localhost 19 | zstack_rabbitmq_user: zstack 20 | zstack_rabbitmq_pwd: netease 21 | zstack_rabbitmq_tags: administrator 22 | zstack_rabbitmq_priv_vhost: "/" 23 | zstack_rabbitmq_config_priv: ".*" 24 | zstack_rabbitmq_read_priv: ".*" 25 | zstack_rabbitmq_write_priv: ".*" 26 | # zstack example tinny image path is in roles/zk_start/files/zstack-image-1.4.qcow2 27 | # you can download it first and put it to the path before 28 | trans_tinny_image: no 29 | # zstack example tinny image path is in roles/zk_start/files/zstack-virtualrouter-1.1.0.qcow2 30 | # you can download it first and put it to the path before 31 | trans_vr_image: no 32 | -------------------------------------------------------------------------------- /playbooks/zk_config_sshd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Notice: 3 | # open remote sshd and permit root user to login 4 | # 5 | # tips: 6 | # compute node must be permit to root remote connnect when we add a host 7 | # modify the sshd configure file '/etc/ssh/sshd_config', 'PermitRootLogin no' -> 'PermitRootLogin yes' 8 | # and add the root password, passwd root 9 | 10 | # Usage: 11 | # ansible-playbook -vv playbooks/zk_config_sshd.yml -c paramiko --extra-vars 'host=zk-server ansible_port=' 12 | 13 | - name: deploy zstack POC env 14 | remote_user: "{{ ansible_user }}" 15 | gather_facts: yes 16 | hosts: 17 | - "{{ host }}" 18 | become: yes 19 | become_user: root 20 | become_method: sudo 21 | 22 | roles: 23 | - config_sshd 24 | -------------------------------------------------------------------------------- /playbooks/zk_deploy_single.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Notice: 3 | # This is zstack ansible deployment mini project. 4 | # Anybody can use it to deploy a complete zstack POC environment all on a single Linux machine. 5 | # But just support Debian 8.x system. 6 | 7 | # Usage: 8 | # ansible-playbook -vv playbooks/zk_deploy_single.yml -c paramiko --extra-vars 'host=zk-server ansible_port=' 9 | 10 | - name: deploy zstack POC env 11 | remote_user: "{{ ansible_user }}" 12 | gather_facts: yes 13 | hosts: 14 | - "{{ host }}" 15 | become: yes 16 | become_user: root 17 | become_method: sudo 18 | 19 | roles: 20 | # - zk_base_env 21 | # - zk_restart_os 22 | # - zk_mysql_rabbitmq 23 | - zk_mgmnode 24 | - zk_http_nfs 25 | - zk_repair_code 26 | -------------------------------------------------------------------------------- /production: -------------------------------------------------------------------------------- 1 | ### all hosts 2 | 3 | [all] 4 | 5 | # your physical server 6 | zk-server ansible_host=192.168.124.172 ansible_port=22 ansible_user=diwen 7 | -------------------------------------------------------------------------------- /roles/config_sshd/defaults/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/config_sshd/defaults/main.yml -------------------------------------------------------------------------------- /roles/config_sshd/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/config_sshd/handlers/main.yml -------------------------------------------------------------------------------- /roles/config_sshd/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | # modify the sshd configure 4 | - name: add root login of sshd 5 | lineinfile: dest=/etc/ssh/sshd_config state=present regexp='^PermitRootLogin' line='PermitRootLogin yes' backup=yes 6 | - name: open password auth 7 | lineinfile: dest=/etc/ssh/sshd_config state=present regexp='^PasswordAuthentication' line='PasswordAuthentication yes' backup=yes 8 | - name: changed sshd port 9 | lineinfile: dest=/etc/ssh/sshd_config state=present regexp='^Port' line="Port {{ ssh_port }}" backup=yes 10 | 11 | - name: make root passwd 12 | local_action: shell python -c 'import crypt; print crypt.crypt("{{ ssh_root_pwd }}", "$6$LVYzwshvca5o")' 13 | register: result 14 | 15 | - name: fetch root passwd 16 | debug: var=result.stdout 17 | 18 | - name: check root passwd 19 | fail: msg="make root passwd failed !" 20 | when: result.rc != 0 21 | 22 | - name: add root passwd 23 | user: name=root password={{ result.stdout }} state=present update_password=always 24 | 25 | - name: restart the sshd 26 | service: name=sshd state=restarted enabled=yes 27 | -------------------------------------------------------------------------------- /roles/config_sshd/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/config_sshd/vars/main.yml -------------------------------------------------------------------------------- /roles/zk_base_env/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ntp_servers: 3 | - hz.ntp.x.netease.com 4 | - ntp.x.netease.com 5 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/CentOS7-Base-163.repo: -------------------------------------------------------------------------------- 1 | [base] 2 | name=CentOS-$releasever - Base - 163.com 3 | baseurl=http://mirrors.163.com/centos/$releasever/os/$basearch/ 4 | gpgcheck=1 5 | gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7 6 | 7 | [updates] 8 | name=CentOS-$releasever - Updates - 163.com 9 | baseurl=http://mirrors.163.com/centos/$releasever/updates/$basearch/ 10 | gpgcheck=1 11 | gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7 12 | 13 | [extras] 14 | name=CentOS-$releasever - Extras - 163.com 15 | baseurl=http://mirrors.163.com/centos/$releasever/extras/$basearch/ 16 | gpgcheck=1 17 | gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7 18 | 19 | [centosplus] 20 | name=CentOS-$releasever - Plus - 163.com 21 | baseurl=http://mirrors.163.com/centos/$releasever/centosplus/$basearch/ 22 | gpgcheck=1 23 | enabled=0 24 | gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7 25 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/debian8-jessie-sources.list: -------------------------------------------------------------------------------- 1 | # 163 sources 2 | deb http://mirrors.163.com/debian/ jessie main non-free contrib 3 | deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib 4 | deb http://mirrors.163.com/debian/ jessie-backports main non-free contrib 5 | deb-src http://mirrors.163.com/debian/ jessie main non-free contrib 6 | deb-src http://mirrors.163.com/debian/ jessie-updates main non-free contrib 7 | deb-src http://mirrors.163.com/debian/ jessie-backports main non-free contrib 8 | deb http://mirrors.163.com/debian-security/ jessie/updates main non-free contrib 9 | deb-src http://mirrors.163.com/debian-security/ jessie/updates main non-free contrib 10 | # below 2 is kernel update sources 11 | deb http://http.debian.net/debian jessie-backports main 12 | deb-src http://http.debian.net/debian jessie-backports main 13 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/dns-head: -------------------------------------------------------------------------------- 1 | # netease dns 2 | # nameserver 192.168.130.33 3 | # nameserver 192.168.130.31 4 | nameserver 192.168.124.1 5 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/epel.repo: -------------------------------------------------------------------------------- 1 | [epel] 2 | name=Extra Packages for Enterprise Linux 7 - $basearch 3 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch 4 | enabled=1 5 | gpgcheck=0 6 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/locale-default: -------------------------------------------------------------------------------- 1 | # File generated by update-locale 2 | LANG=en_US.UTF-8 3 | LANGUAGE=en_US:en 4 | LC_TIME=en_US.UTF-8 5 | LC_MONETARY=en_US.UTF-8 6 | LC_MEASUREMENT=en_US.UTF-8 7 | LC_NUMERIC=en_US.UTF-8 8 | LC_PAPER=en_US.UTF-8 9 | LC_ALL=en_US.UTF-8 10 | -------------------------------------------------------------------------------- /roles/zk_base_env/files/ubuntu16.04-sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.163.com/ubuntu/ xenial main restricted universe multiverse 2 | deb http://mirrors.163.com/ubuntu/ xenial-security main restricted universe multiverse 3 | deb http://mirrors.163.com/ubuntu/ xenial-updates main restricted universe multiverse 4 | deb http://mirrors.163.com/ubuntu/ xenial-proposed main restricted universe multiverse 5 | deb http://mirrors.163.com/ubuntu/ xenial-backports main restricted universe multiverse 6 | deb-src http://mirrors.163.com/ubuntu/ xenial main restricted universe multiverse 7 | deb-src http://mirrors.163.com/ubuntu/ xenial-security main restricted universe multiverse 8 | deb-src http://mirrors.163.com/ubuntu/ xenial-updates main restricted universe multiverse 9 | deb-src http://mirrors.163.com/ubuntu/ xenial-proposed main restricted universe multiverse 10 | deb-src http://mirrors.163.com/ubuntu/ xenial-backports main restricted universe multiverse 11 | -------------------------------------------------------------------------------- /roles/zk_base_env/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart ntp server 3 | service: name=ntp state=restarted enabled=yes 4 | -------------------------------------------------------------------------------- /roles/zk_base_env/meta/main.yml: -------------------------------------------------------------------------------- 1 | # --- 2 | # dependencies: 3 | # - { role: common } 4 | -------------------------------------------------------------------------------- /roles/zk_base_env/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - debug: msg="this is CentOS task." 3 | 4 | - name: check os version 5 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 6 | when: ansible_distribution_major_version|int != 7 7 | 8 | - name: enable 163 sources 9 | copy: 10 | src=CentOS7-Base-163.repo 11 | dest=/etc/yum.repos.d/CentOS-Base.repo 12 | owner=root 13 | group=root 14 | mode=644 15 | backup=yes 16 | when: use_apt_sources_list 17 | 18 | # - name: enable epel repo 19 | # copy: 20 | # src=epel.repo 21 | # dest=/etc/yum.repos.d/epel.repo 22 | # owner=root 23 | # group=root 24 | # mode=644 25 | # backup=yes 26 | 27 | - name: update yum 28 | yum: 29 | name=vim 30 | update_cache=yes 31 | 32 | - name: enable epel 33 | yum: name=epel-release state=present 34 | 35 | - name: configure default locale 36 | copy: 37 | src=locale-default 38 | dest=/etc/locale.conf 39 | owner=root 40 | group=root 41 | mode=644 42 | backup=yes 43 | 44 | - name: install some base libs 45 | yum: name={{ item }} state=present update_cache=yes 46 | with_items: 47 | - bridge-utils 48 | - wget 49 | - curl 50 | # - vlan 51 | - gcc 52 | - tar 53 | - gzip 54 | - sshpass 55 | - ntp 56 | - ntpdate 57 | - bzip2 58 | - bash-completion 59 | - autoconf 60 | - libffi-devel 61 | # - libssl-devel 62 | - zip 63 | - unzip 64 | - dnsmasq 65 | - dnsmasq-utils 66 | - ebtables 67 | - net-tools 68 | - bison 69 | - flex 70 | - iptables-devel 71 | - iptables 72 | - iptables-services 73 | - libselinux-python 74 | - rpcbind 75 | - openssh 76 | - openssh-clients 77 | - openssh-server 78 | # - openssl-devel 79 | 80 | - name: install python modules 81 | yum: name={{ item }} state=present 82 | with_items: 83 | - python-devel 84 | - python-pip 85 | - python-setuptools 86 | - openssl-devel 87 | - libffi-devel 88 | - python-virtualenv 89 | - python-cffi 90 | - python-cryptography 91 | # - python-libvirt 92 | 93 | - name: install python openssl 94 | pip: name=pyopenssl state=present 95 | 96 | - name: configure ntp 97 | template: 98 | src=ntp.conf.j2 99 | dest=/etc/ntp.conf 100 | owner=root 101 | group=root 102 | mode=644 103 | backup=yes 104 | when: use_ntp_servers 105 | notify: 106 | - restart ntp server 107 | 108 | - name: configure dns 109 | template: 110 | src=resolv.conf.j2 111 | dest=/etc/resolv.conf 112 | owner=root 113 | group=root 114 | mode=644 115 | backup=yes 116 | when: use_dns_servers 117 | 118 | - name: restart ntp server 119 | service: name=ntpd state=restarted enabled=yes 120 | 121 | # - name: install iptables-persistent 122 | # apt: name=iptables-persistent state=present 123 | 124 | # - name: enable netfilter-persistent 125 | # service: name=netfilter-persistent enabled=yes state=started 126 | 127 | - name: disable selinux 128 | lineinfile: dest=/etc/selinux/config state=present regexp='^SELINUX=enforcing' line='SELINUX=disabled' backup=yes 129 | -------------------------------------------------------------------------------- /roles/zk_base_env/tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 8 8 | 9 | - name: enable 163 sources 10 | copy: 11 | src=debian8-jessie-sources.list 12 | dest=/etc/apt/sources.list 13 | owner=root 14 | group=root 15 | mode=644 16 | backup=yes 17 | when: use_apt_sources_list 18 | 19 | - name: clean apt lock 20 | file: 21 | path={{ item }} 22 | state=absent 23 | with_items: 24 | - /var/cache/apt/archives/lock 25 | - /var/lib/dpkg/lock 26 | 27 | - name: update apt 28 | apt: 29 | update_cache=yes 30 | 31 | - name: install network bridge tool 32 | apt: name=uml-utilities state=present 33 | 34 | - name: install locale 35 | command: locale-gen en_US.UTF-8 36 | 37 | - name: set locale 38 | locale_gen: name=en_US.UTF-8 state=present 39 | 40 | - name: configure default locale 41 | copy: 42 | src=locale-default 43 | dest=/etc/default/locale 44 | owner=root 45 | group=root 46 | mode=644 47 | backup=yes 48 | 49 | - name: install some base libs 50 | apt: name={{ item }} state=present 51 | with_items: 52 | - bridge-utils 53 | - wget 54 | - curl 55 | - vlan 56 | - gcc 57 | - tar 58 | - gzip 59 | - sshpass 60 | - ntp 61 | - ntpdate 62 | - bzip2 63 | - bash-completion 64 | - autoconf 65 | - iptables 66 | - build-essential 67 | - libffi-dev 68 | - libssl-dev 69 | - zip 70 | - unzip 71 | - dnsmasq 72 | - ebtables 73 | - bison 74 | - flex 75 | - iptables-dev 76 | 77 | - name: install python modules 78 | apt: name={{ item }} state=present 79 | with_items: 80 | - python-dev 81 | - python-pip 82 | - python-dev 83 | - python-openssl 84 | - python-virtualenv 85 | - python-cffi 86 | - python-cryptography 87 | - python-libvirt 88 | 89 | - name: configure ntp 90 | template: 91 | src=ntp.conf.j2 92 | dest=/etc/ntp.conf 93 | owner=root 94 | group=root 95 | mode=644 96 | backup=yes 97 | when: use_ntp_servers 98 | notify: 99 | - restart ntp server 100 | 101 | - name: configure dns 102 | template: 103 | src=resolv.conf.j2 104 | dest=/etc/resolv.conf 105 | owner=root 106 | group=root 107 | mode=644 108 | backup=yes 109 | when: use_dns_servers 110 | 111 | - name: install iptables-persistent 112 | apt: name=iptables-persistent state=present 113 | 114 | - name: enable netfilter-persistent 115 | service: name=netfilter-persistent enabled=yes state=started 116 | 117 | - name: upgrade kernel 118 | apt: name=linux-image-4.7.0-0.bpo.1-amd64-unsigned state=present default_release=jessie-backports update_cache=yes 119 | -------------------------------------------------------------------------------- /roles/zk_base_env/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 16 8 | 9 | - name: set dns head 10 | copy: 11 | src=dns-head 12 | dest=/etc/resolvconf/resolv.conf.d/head 13 | owner=root 14 | group=root 15 | mode=644 16 | backup=yes 17 | 18 | - name: update new dns 19 | command: resolvconf -u 20 | 21 | - name: enable 163 sources 22 | copy: 23 | src=ubuntu16.04-sources.list 24 | dest=/etc/apt/sources.list 25 | owner=root 26 | group=root 27 | mode=644 28 | backup=yes 29 | when: use_apt_sources_list 30 | 31 | - name: kill dpkg 32 | command: pkill dpkg 33 | ignore_errors: yes 34 | 35 | - name: clean apt lock 36 | file: 37 | path={{ item }} 38 | state=absent 39 | with_items: 40 | - /var/cache/apt/archives/lock 41 | - /var/lib/dpkg/lock 42 | 43 | - name: update apt 44 | apt: 45 | update_cache=yes 46 | 47 | - name: install network bridge tool 48 | apt: name=uml-utilities state=present 49 | 50 | - name: install locale 51 | command: locale-gen en_US.UTF-8 52 | 53 | - name: set locale 54 | locale_gen: name=en_US.UTF-8 state=present 55 | 56 | - name: configure default locale 57 | copy: 58 | src=locale-default 59 | dest=/etc/default/locale 60 | owner=root 61 | group=root 62 | mode=644 63 | backup=yes 64 | 65 | - name: install some base libs 66 | apt: name={{ item }} state=present 67 | with_items: 68 | - bridge-utils 69 | - wget 70 | - curl 71 | - vlan 72 | - gcc 73 | - tar 74 | - gzip 75 | - sshpass 76 | - ntp 77 | - ntpdate 78 | - bzip2 79 | - bash-completion 80 | - autoconf 81 | - iptables 82 | - build-essential 83 | - libffi-dev 84 | - libssl-dev 85 | - zip 86 | - unzip 87 | - dnsmasq 88 | - ebtables 89 | - bison 90 | - flex 91 | - iptables-dev 92 | 93 | - name: install python modules 94 | apt: name={{ item }} state=present 95 | with_items: 96 | - python-dev 97 | - python-pip 98 | - python-dev 99 | - python-openssl 100 | - python-virtualenv 101 | - python-cffi 102 | - python-cryptography 103 | - python-libvirt 104 | 105 | - name: configure ntp 106 | template: 107 | src=ntp.conf.j2 108 | dest=/etc/ntp.conf 109 | owner=root 110 | group=root 111 | mode=644 112 | backup=yes 113 | when: use_ntp_servers 114 | notify: 115 | - restart ntp server 116 | 117 | - name: configure dns 118 | template: 119 | src=resolv.conf.j2 120 | dest=/etc/resolv.conf 121 | owner=root 122 | group=root 123 | mode=644 124 | backup=yes 125 | when: use_dns_servers 126 | 127 | - name: install iptables-persistent 128 | apt: name=iptables-persistent state=present 129 | 130 | - name: enable netfilter-persistent 131 | service: name=netfilter-persistent enabled=yes state=started 132 | 133 | # - name: upgrade kernel 134 | # apt: name=linux-image-4.7.0-0.bpo.1-amd64-unsigned state=present default_release=jessie-backports update_cache=yes 135 | -------------------------------------------------------------------------------- /roles/zk_base_env/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: check os 3 | debug: msg="os={{ ansible_distribution }} major={{ ansible_distribution_major_version }}" 4 | 5 | - include: "{{ ansible_distribution }}.yml" 6 | -------------------------------------------------------------------------------- /roles/zk_base_env/templates/ntp.conf.j2: -------------------------------------------------------------------------------- 1 | # ntp.conf 2 | # {{ ansible_managed }} 3 | 4 | driftfile /var/lib/ntp/ntp.drift 5 | statistics loopstats peerstats clockstats 6 | filegen loopstats file loopstats type day enable 7 | filegen peerstats file peerstats type day enable 8 | filegen clockstats file clockstats type day enable 9 | 10 | # servers of your ntp server 11 | {% for ntpdns in ntp_servers %} 12 | server {{ ntpdns }} 13 | {% endfor %} 14 | 15 | restrict -4 default kod notrap nomodify nopeer noquery 16 | restrict -6 default kod notrap nomodify nopeer noquery 17 | restrict 127.0.0.1 18 | restrict ::1 19 | -------------------------------------------------------------------------------- /roles/zk_base_env/templates/resolv.conf.j2: -------------------------------------------------------------------------------- 1 | # resolv.conf 2 | # {{ ansible_managed }} 3 | nameserver 192.168.130.33 4 | nameserver 192.168.130.31 5 | -------------------------------------------------------------------------------- /roles/zk_base_env/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_base_env/vars/main.yml -------------------------------------------------------------------------------- /roles/zk_http_nfs/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | zstack_http_user: www-data 3 | zstack_http_dir: /var/www/html/http_root 4 | zstack_nfs_user: zstack 5 | zstack_nfs_dir: /var/www/html/nfs_root 6 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_http_nfs/handlers/main.yml -------------------------------------------------------------------------------- /roles/zk_http_nfs/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is CentOS task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 7 8 | 9 | - name: install nfs and httpd 10 | yum: name={{ item }} state=present 11 | with_items: 12 | - nfs-utils 13 | - httpd 14 | 15 | - name: create http root dir 16 | file: path={{ zstack_http_dir }} owner=apache group=apache state=directory mode=777 recurse=yes 17 | 18 | # - name: delete apache2 default conf 19 | # file: path=/etc/apache2/sites-enabled/000-default.conf state=absent 20 | 21 | - name: create http conf file 22 | template: 23 | src=zstack-http.conf.j2 24 | dest=/etc/httpd/conf.d/zstack-http.conf 25 | owner=root 26 | group=root 27 | mode=644 28 | backup=no 29 | 30 | # - name: enable http conf file 31 | # file: src=/etc/apache2/conf-available/zstack-http.conf dest=/etc/apache2/conf-enabled/zstack-http.conf state=link 32 | 33 | - name: restart httpd 34 | service: name=httpd state=restarted enabled=yes 35 | 36 | - name: create nfs dir 37 | file: path={{ zstack_nfs_dir }} owner={{ zstack_nfs_user }} group={{ zstack_nfs_user }} state=directory mode=777 recurse=yes 38 | 39 | - name: configure nfs 40 | template: 41 | src=zstack-nfs.conf.j2 42 | dest=/etc/exports 43 | owner=root 44 | group=root 45 | mode=644 46 | backup=yes 47 | 48 | - name: restart nfs server 49 | service: name=nfs-server state=restarted enabled=yes 50 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 8 8 | 9 | - name: install nfs and apache2 10 | apt: name={{ item }} state=present 11 | with_items: 12 | - nfs-common 13 | - nfs-kernel-server 14 | - apache2 15 | 16 | - name: create http root dir 17 | file: path={{ zstack_http_dir }} owner={{ zstack_http_user }} group={{ zstack_http_user }} state=directory mode=777 recurse=yes 18 | 19 | - name: delete apache2 default conf 20 | file: path=/etc/apache2/sites-enabled/000-default.conf state=absent 21 | 22 | - name: create http conf file 23 | template: 24 | src=zstack-http.conf.j2 25 | dest=/etc/apache2/conf-available/zstack-http.conf 26 | owner=root 27 | group=root 28 | mode=644 29 | backup=no 30 | 31 | - name: enable http conf file 32 | file: src=/etc/apache2/conf-available/zstack-http.conf dest=/etc/apache2/conf-enabled/zstack-http.conf state=link 33 | 34 | - name: restart apache2 35 | service: name=apache2 state=restarted enabled=yes 36 | 37 | - name: create nfs dir 38 | file: path={{ zstack_nfs_dir }} owner={{ zstack_nfs_user }} group={{ zstack_nfs_user }} state=directory mode=777 recurse=yes 39 | 40 | - name: configure nfs 41 | template: 42 | src=zstack-nfs.conf.j2 43 | dest=/etc/exports 44 | owner=root 45 | group=root 46 | mode=644 47 | backup=yes 48 | 49 | - name: restart nfs server 50 | service: name=nfs-kernel-server state=restarted enabled=yes 51 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 16 8 | 9 | - name: install nfs and apache2 10 | apt: name={{ item }} state=present 11 | with_items: 12 | - nfs-common 13 | - nfs-kernel-server 14 | - apache2 15 | 16 | - name: create http root dir 17 | file: path={{ zstack_http_dir }} owner={{ zstack_http_user }} group={{ zstack_http_user }} state=directory mode=777 recurse=yes 18 | 19 | - name: delete apache2 default conf 20 | file: path=/etc/apache2/sites-enabled/000-default.conf state=absent 21 | 22 | - name: create http conf file 23 | template: 24 | src=zstack-http.conf.j2 25 | dest=/etc/apache2/conf-available/zstack-http.conf 26 | owner=root 27 | group=root 28 | mode=644 29 | backup=no 30 | 31 | - name: enable http conf file 32 | file: src=/etc/apache2/conf-available/zstack-http.conf dest=/etc/apache2/conf-enabled/zstack-http.conf state=link 33 | 34 | - name: restart apache2 35 | service: name=apache2 state=restarted enabled=yes 36 | 37 | - name: create nfs dir 38 | file: path={{ zstack_nfs_dir }} owner={{ zstack_nfs_user }} group={{ zstack_nfs_user }} state=directory mode=777 recurse=yes 39 | 40 | - name: configure nfs 41 | template: 42 | src=zstack-nfs.conf.j2 43 | dest=/etc/exports 44 | owner=root 45 | group=root 46 | mode=644 47 | backup=yes 48 | 49 | - name: restart nfs server 50 | service: name=nfs-kernel-server state=restarted enabled=yes 51 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: check os 3 | debug: msg="os={{ ansible_distribution }} major={{ ansible_distribution_major_version }}" 4 | 5 | - include: "{{ ansible_distribution }}.yml" 6 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/templates/zstack-http.conf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | Alias /image "{{ zstack_http_dir }}/" 4 | 5 | Options Indexes FollowSymLinks 6 | AllowOverride FileInfo AuthConfig Limit 7 | Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec 8 | Allow from all 9 | 10 | -------------------------------------------------------------------------------- /roles/zk_http_nfs/templates/zstack-nfs.conf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | {{ zstack_nfs_dir }} *(rw,sync,no_root_squash) 3 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | zstack_basedir: /usr/local/zstack 3 | zstack_tomcatdir: "{{ zstack_basedir }}/apache-tomcat" 4 | zstack_wardir: "{{ zstack_tomcatdir }}/webapps/zstack" 5 | zstack_install_sh_script: "{{ zstack_wardir }}/WEB-INF/classes/tools/install.sh" 6 | zstack_user: zstack 7 | zstack_licensedir: /var/lib/zstack 8 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/apache-tomcat-7.0.35.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mgmnode/files/apache-tomcat-7.0.35.tar.gz -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/tomcat-setenv.sh: -------------------------------------------------------------------------------- 1 | export CATALINA_OPTS=" -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote=true -Djava.security.egd=file:/dev/./urandom" 2 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-1.6.2.war.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mgmnode/files/zstack-1.6.2.war.zip -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-consoleproxy: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # the following is chkconfig init header 4 | # 5 | # zstack-console-proxy: zstack sftp-console-proxy agent daemon 6 | # 7 | # chkconfig: 345 97 03 8 | # description: This is a daemon instructed by zstack management server \ 9 | # to perform console proxy related operations\ 10 | # See http://zstack.org 11 | # 12 | # processname: cdaemon 13 | # pidfile: /var/run/zstack/zstack-console-proxy.pid 14 | # 15 | 16 | check_status() { 17 | pidfile='/var/run/zstack/zstack-console-proxy.pid' 18 | if [ ! -f $pidfile ]; then 19 | echo "zstack-console-proxy agent is stopped" 20 | exit 1 21 | else 22 | pid=`cat $pidfile` 23 | ps -p $pid > /dev/null 24 | if [ $? -eq 0 ]; then 25 | echo "zstack-console-proxy agent is running, pid is $pid" 26 | exit 0 27 | else 28 | echo "zstack-console-proxy is stopped, but pidfile at $pidfile is not cleaned. It may be caused by the agent crashed at last time, manually cleaning it would be ok" 29 | exit 1 30 | fi 31 | fi 32 | } 33 | 34 | if [ $# -eq 0 ]; then 35 | echo "usage: $0 36 | [start|stop|restart|status]" 37 | exit 1 38 | fi 39 | 40 | if [ "$@" = "status" ]; then 41 | check_status 42 | else 43 | . /var/lib/zstack/virtualenv/consoleproxy/bin/activate && python -c "from consoleproxy import cdaemon; cdaemon.main()" $@ 44 | fi 45 | 46 | if [ $? -eq 0 ]; then 47 | echo "$@ zstack-console-proxy agent .... SUCCESS" 48 | exit 0 49 | else 50 | echo "$@ zstack-console-proxy agent .... FAILED" 51 | exit 1 52 | fi 53 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-consoleproxy.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=zstack kvmagent Service 3 | After=syslog.target network.target rabbitmq-server.service mariadb.service 4 | Before=shutdown.target reboot.target halt.target 5 | 6 | [Service] 7 | Type=forking 8 | User=root 9 | ExecStart=/usr/bin/zstack-consoleproxy start 10 | ExecStop=/usr/bin/zstack-consoleproxy stop 11 | Restart=on-abort 12 | RemainAfterExit=Yes 13 | TimeoutStartSec=300 14 | TimeoutStopSec=30 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-kvmagent: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # the following is chkconfig init header 4 | # 5 | # zstack-kvmagent: zstack kvm agent daemon 6 | # 7 | # chkconfig: 345 97 03 -- abolished 8 | # Default-Start: 2 3 4 5 9 | # description: This is a daemon instructed by zstack management server \ 10 | # to perform kvm related operations\ 11 | # See http://zstack.org 12 | # 13 | # processname: kvmagent 14 | # pidfile: /var/run/zstack/kvmagent.pid 15 | # 16 | 17 | check_status() { 18 | pidfile='/var/run/zstack/kvmagent.pid' 19 | if [ ! -f $pidfile ]; then 20 | echo "zstack kvm agent is stopped" 21 | exit 1 22 | else 23 | pid=`cat $pidfile` 24 | ps -p $pid > /dev/null 25 | if [ $? -eq 0 ]; then 26 | echo "zstack kvm agent is running, pid is $pid" 27 | exit 0 28 | else 29 | echo "zstack kvm agent is stopped, but pidfile at $pidfile is not cleaned. It may be caused by kvm agent crashed at last time, manually cleaning it would be ok" 30 | exit 1 31 | fi 32 | fi 33 | } 34 | 35 | if [ $# -eq 0 ]; then 36 | echo "usage: $0 37 | [start|stop|restart|status]" 38 | exit 1 39 | fi 40 | 41 | if [ "$@" = "status" ]; then 42 | check_status 43 | else 44 | . /var/lib/zstack/virtualenv/kvm/bin/activate && python -c "from kvmagent import kdaemon; kdaemon.main()" $@ 45 | fi 46 | 47 | if [ $? -eq 0 ]; then 48 | echo "$@ zstack kvm agent .... SUCCESS" 49 | exit 0 50 | else 51 | echo "$@ zstack kvm agent .... FAILED" 52 | exit 1 53 | fi 54 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-kvmagent.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=zstack kvmagent Service 3 | After=syslog.target network.target rabbitmq-server.service mariadb.service 4 | Before=shutdown.target reboot.target halt.target 5 | 6 | [Service] 7 | Type=forking 8 | User=root 9 | ExecStart=/usr/bin/zstack-kvmagent start 10 | ExecStop=/usr/bin/zstack-kvmagent stop 11 | Restart=on-abort 12 | RemainAfterExit=Yes 13 | TimeoutStartSec=300 14 | TimeoutStopSec=30 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-sftpbackupstorage: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # the following is chkconfig init header 4 | # 5 | # zstack-sftpbackupstorage: zstack sftp-backup-storage agent daemon 6 | # 7 | # chkconfig: 345 97 03 8 | # description: This is a daemon instructed by zstack management server \ 9 | # to perform backup storage related operations\ 10 | # See http://zstack.org 11 | # 12 | # processname: sftpbackupstorage 13 | # pidfile: /var/run/zstack/sftpbackupstorageagent.pid 14 | # 15 | 16 | check_status() { 17 | pidfile='/var/run/zstack/sftpbackupstorageagent.pid' 18 | if [ ! -f $pidfile ]; then 19 | echo "zstack sftp-backup-storage agent is stopped" 20 | exit 1 21 | else 22 | pid=`cat $pidfile` 23 | ps -p $pid > /dev/null 24 | if [ $? -eq 0 ]; then 25 | echo "zstack sftp-backup-storage agent is running, pid is $pid" 26 | exit 0 27 | else 28 | echo "zstack sftp-backup-storage is stopped, but pidfile at $pidfile is not cleaned. It may be caused by the agent crashed at last time, manually cleaning it would be ok" 29 | exit 1 30 | fi 31 | fi 32 | } 33 | 34 | if [ $# -eq 0 ]; then 35 | echo "usage: $0 36 | [start|stop|restart|status]" 37 | exit 1 38 | fi 39 | 40 | if [ "$@" = "status" ]; then 41 | check_status 42 | else 43 | . /var/lib/zstack/virtualenv/sftpbackupstorage/bin/activate && python -c "from sftpbackupstorage import sftpbackupstoragedaemon; sftpbackupstoragedaemon.main()" $@ 44 | fi 45 | 46 | if [ $? -eq 0 ]; then 47 | echo "$@ zstack sftp-backup-storage agent .... SUCCESS" 48 | exit 0 49 | else 50 | echo "$@ zstack sftp-backup-storage agent .... FAILED" 51 | exit 1 52 | fi 53 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack-sftpbackupstorage.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=zstack kvmagent Service 3 | After=syslog.target network.target rabbitmq-server.service mariadb.service 4 | Before=shutdown.target reboot.target halt.target 5 | 6 | [Service] 7 | Type=forking 8 | User=root 9 | ExecStart=/usr/bin/zstack-sftpbackupstorage start 10 | ExecStop=/usr/bin/zstack-sftpbackupstorage stop 11 | Restart=on-abort 12 | RemainAfterExit=Yes 13 | TimeoutStartSec=300 14 | TimeoutStopSec=30 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/files/zstack.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=zstack Service 3 | After=syslog.target network.target rabbitmq-server.service mariadb.service 4 | Before=shutdown.target reboot.target halt.target 5 | 6 | [Service] 7 | Type=forking 8 | User=root 9 | ExecStart=/usr/bin/zstack-ctl start --daemon 10 | ExecStop=/usr/bin/zstack-ctl stop 11 | Restart=on-abort 12 | RemainAfterExit=Yes 13 | TimeoutStartSec=300 14 | TimeoutStopSec=30 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mgmnode/handlers/main.yml -------------------------------------------------------------------------------- /roles/zk_mgmnode/meta/main.yml: -------------------------------------------------------------------------------- 1 | # --- 2 | # dependencies: 3 | # - { role: common } 4 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 7 8 | 9 | - name: install virtual software 10 | yum: name={{ item }} state=present 11 | with_items: 12 | - qemu-kvm 13 | - libvirt-python 14 | - libvirt 15 | - libvirt-client 16 | - libvirt-daemon 17 | 18 | - name: install ansible 19 | pip: name=ansible state=forcereinstall 20 | 21 | # --------- continue ----------- 22 | - name: install java-8 23 | yum: name=java-1.8.0-openjdk state=present 24 | 25 | - name: set java-8 as default jre 26 | command: "{{ item }}" 27 | with_items: 28 | - "/usr/sbin/update-alternatives --install /usr/bin/java java /usr/lib/jvm/jre-1.8.0/bin/java 0" 29 | - "/usr/sbin/update-alternatives --set java /usr/lib/jvm/jre-1.8.0/bin/java" 30 | 31 | # - name: create zstack basedir 32 | # file: path={{ zstack_basedir }} state=directory mode=0755 33 | 34 | # - name: del zstack user 35 | # user: name={{ zstack_user }} state=absent remove=yes 36 | 37 | - name: create zstack user 38 | user: name={{ zstack_user }} shell=/bin/bash home={{ zstack_basedir }} 39 | 40 | - name: add wheel group 41 | user: name={{ zstack_user }} group=wheel append=yes 42 | 43 | - name: install tomcat 44 | unarchive: src=apache-tomcat-7.0.35.tar.gz dest={{ zstack_basedir }} 45 | 46 | - name: rename tomcat dir 47 | command: mv {{ zstack_basedir }}/apache-tomcat-7.0.35 {{ zstack_tomcatdir }} 48 | 49 | - name: create zstack wardir 50 | file: path={{ zstack_wardir }} state=directory mode=0755 51 | 52 | - name: install zstack war 53 | unarchive: src=zstack-1.6.2.war.zip dest={{ zstack_wardir }} 54 | 55 | - name: change exec mode of install script 56 | file: path={{ zstack_install_sh_script }} mode=755 57 | 58 | - name: install zstack-ctl 59 | shell: "{{ zstack_install_sh_script }} zstack-ctl >> /tmp/install.log 2>&1" 60 | args: 61 | executable: /bin/bash 62 | become: yes 63 | 64 | - name: install zstack command line tool 65 | shell: "{{ zstack_install_sh_script }} zstack-cli >> /tmp/install.log 2>&1" 66 | args: 67 | executable: /bin/bash 68 | become: yes 69 | 70 | - name: install zstack webui 71 | shell: "{{ zstack_install_sh_script }} zstack-dashboard >> /tmp/install.log 2>&1" 72 | args: 73 | executable: /bin/bash 74 | become: yes 75 | 76 | 77 | - name: change zstack user home mode 78 | file: path={{ zstack_basedir }} owner={{ zstack_user }} group={{ zstack_user }} state=directory recurse=yes 79 | 80 | - name: create license dir 81 | file: path={{ zstack_licensedir }}/license state=directory recurse=yes 82 | 83 | - name: set license dir owner 84 | file: path={{ zstack_licensedir }} mode=0755 owner={{ zstack_user }} group={{ zstack_user }} recurse=yes 85 | 86 | - name: install license 87 | command: "zstack-ctl install_license --license {{ zstack_tomcatdir }}/LICENSE >> /tmp/install.log 2>&1" 88 | 89 | - name: enable root user nopasswd 90 | lineinfile: dest=/etc/sudoers state=present regexp='^root' line='root ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 91 | 92 | - name: add zstack user to nopasswd 93 | lineinfile: dest=/etc/sudoers state=present insertafter=EOF line='zstack ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 94 | 95 | - name: disable the requiretty 96 | lineinfile: dest=/etc/sudoers state=present regexp='^Defaults requiretty' line='#Defaults requiretty' validate='visudo -cf %s' backup=yes 97 | 98 | - name: check zstack status 99 | command: zstack-ctl status 100 | 101 | - name: set ZSTACK_HOME env 102 | command: zstack-ctl setenv ZSTACK_HOME={{ zstack_wardir }} 103 | 104 | # ---------------------------------------------------------------------------- 105 | # Below task is for install some zstack systemd service 106 | 107 | - name: create zstack-server start script 108 | template: 109 | src=zstack-server.j2 110 | dest=/etc/init.d/zstack-server 111 | owner=root 112 | group=root 113 | mode=755 114 | backup=yes 115 | 116 | - name: create zstack service 117 | copy: 118 | src=zstack.service 119 | dest=/etc/systemd/system/zstack.service 120 | owner=root 121 | group=root 122 | mode=644 123 | backup=yes 124 | 125 | - name: enable the zstack service 126 | service: name=zstack enabled=yes 127 | 128 | - name: create zstack kvmagent script 129 | copy: 130 | src=zstack-kvmagent 131 | dest=/usr/bin/zstack-kvmagent 132 | owner=root 133 | group=root 134 | mode=755 135 | backup=yes 136 | 137 | - name: create zstack kvmagent service 138 | copy: 139 | src=zstack-kvmagent.service 140 | dest=/etc/systemd/system/zstack-kvmagent.service 141 | owner=root 142 | group=root 143 | mode=755 144 | backup=yes 145 | 146 | - name: enable zstack kvmagent service 147 | service: name=zstack-kvmagent enabled=yes 148 | 149 | - name: create zstack sftpbackupstorage script 150 | copy: 151 | src=zstack-sftpbackupstorage 152 | dest=/usr/bin/zstack-sftpbackupstorage 153 | owner=root 154 | group=root 155 | mode=755 156 | backup=yes 157 | 158 | - name: create zstack sftpbackupstorage service 159 | copy: 160 | src=zstack-sftpbackupstorage.service 161 | dest=/etc/systemd/system/zstack-sftpbackupstorage.service 162 | owner=root 163 | group=root 164 | mode=755 165 | backup=yes 166 | 167 | - name: enable zstack sftpbackupstorage service 168 | service: name=zstack-sftpbackupstorage enabled=yes 169 | 170 | - name: create zstack consoleproxy script 171 | copy: 172 | src=zstack-consoleproxy 173 | dest=/usr/bin/zstack-consoleproxy 174 | owner=root 175 | group=root 176 | mode=755 177 | backup=yes 178 | 179 | - name: create zstack consoleproxy service 180 | copy: 181 | src=zstack-consoleproxy.service 182 | dest=/etc/systemd/system/zstack-consoleproxy.service 183 | owner=root 184 | group=root 185 | mode=755 186 | backup=yes 187 | 188 | - name: enable zstack consoleproxy service 189 | service: name=zstack-consoleproxy enabled=yes 190 | 191 | # ---------------------------------------------------------------------------- 192 | 193 | - name: configure tomcat java option 194 | copy: 195 | src=tomcat-setenv.sh 196 | dest={{ zstack_tomcatdir }}/bin/setenv.sh 197 | owner=root 198 | group=root 199 | mode=755 200 | backup=yes 201 | 202 | - name: deploy database 203 | command: "zstack-ctl deploydb --host={{ zstack_mysql_host }} --root-password={{ zstack_mysql_root_pwd }} --zstack-password={{ zstack_mysql_zstack_pwd }} >> /tmp/install.log 2>&1" 204 | 205 | - name: config zstack properties for rabbitmq 206 | command: "{{ item }}" 207 | with_items: 208 | - "zstack-ctl configure CloudBus.rabbitmqUsername={{ zstack_rabbitmq_user }}" 209 | - "zstack-ctl configure CloudBus.rabbitmqPassword={{ zstack_rabbitmq_pwd }}" 210 | 211 | 212 | - name: restart the libvirtd 213 | service: name=libvirtd state=restarted enabled=yes 214 | 215 | - name: stop the firewall 216 | service: name=firewalld enabled=no state=stopped 217 | 218 | - name: start the zstack management node 219 | # if the dashboard installed on same server, 220 | # you can also use below cmd to start zstack node and ui: 221 | # /etc/init.d/zstack-server start 222 | # zstack-ctl start 223 | service: name=zstack state=restarted enabled=yes 224 | 225 | - name: management node installed 226 | debug: msg="zstack management node installed successfully" 227 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 8 8 | 9 | - name: install virtual software 10 | apt: name={{ item }} state=present 11 | with_items: 12 | - qemu-kvm 13 | - libvirt-bin 14 | - libvirt-daemon 15 | # - libvirtd 16 | - virtinst 17 | 18 | # - name: upgrade the python cffi 19 | # command: pip install cffi --upgrade 20 | # 21 | # - name: upgrade the python cryptography 22 | # command: pip install cryptography --upgrade 23 | 24 | - name: install ansible 25 | pip: name=ansible state=forcereinstall 26 | 27 | # --------- continue ----------- 28 | - name: install java-8 29 | apt: name=openjdk-8-jdk state=present 30 | 31 | - name: set java-8 as default jre 32 | command: "{{ item }}" 33 | with_items: 34 | - "/usr/bin/update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-1.8.0-openjdk-amd64/bin/java 0" 35 | - "/usr/bin/update-alternatives --set java /usr/lib/jvm/java-1.8.0-openjdk-amd64/bin/java" 36 | 37 | # - name: create zstack basedir 38 | # file: path={{ zstack_basedir }} state=directory mode=0755 39 | 40 | # - name: del zstack user 41 | # user: name={{ zstack_user }} state=absent remove=yes 42 | 43 | - name: create zstack user 44 | user: name={{ zstack_user }} shell=/bin/bash home={{ zstack_basedir }} groups=sudo append=yes 45 | 46 | - name: install tomcat 47 | unarchive: src=apache-tomcat-7.0.35.tar.gz dest={{ zstack_basedir }} 48 | 49 | - name: rename tomcat dir 50 | command: mv {{ zstack_basedir }}/apache-tomcat-7.0.35 {{ zstack_tomcatdir }} 51 | 52 | - name: create zstack wardir 53 | file: path={{ zstack_wardir }} state=directory mode=0755 54 | 55 | - name: install zstack war 56 | unarchive: src=zstack-1.6.2.war.zip dest={{ zstack_wardir }} 57 | 58 | - name: change exec mode of install script 59 | file: path={{ zstack_install_sh_script }} mode=755 60 | 61 | - name: install zstack-ctl 62 | shell: "{{ zstack_install_sh_script }} zstack-ctl >> /tmp/install.log 2>&1" 63 | args: 64 | executable: /bin/bash 65 | become: yes 66 | 67 | - name: install zstack command line tool 68 | shell: "{{ zstack_install_sh_script }} zstack-cli >> /tmp/install.log 2>&1" 69 | args: 70 | executable: /bin/bash 71 | become: yes 72 | 73 | - name: install zstack webui 74 | shell: "{{ zstack_install_sh_script }} zstack-dashboard >> /tmp/install.log 2>&1" 75 | args: 76 | executable: /bin/bash 77 | become: yes 78 | 79 | - name: change zstack user home mode 80 | file: path={{ zstack_basedir }} owner={{ zstack_user }} group={{ zstack_user }} state=directory recurse=yes 81 | 82 | - name: create license dir 83 | file: path={{ zstack_licensedir }}/license state=directory recurse=yes 84 | 85 | - name: set license dir owner 86 | file: path={{ zstack_licensedir }} mode=0755 owner={{ zstack_user }} group={{ zstack_user }} recurse=yes 87 | 88 | - name: install license 89 | command: "zstack-ctl install_license --license {{ zstack_tomcatdir }}/LICENSE >> /tmp/install.log 2>&1" 90 | 91 | - name: enable root user nopasswd 92 | lineinfile: dest=/etc/sudoers state=present regexp='^root' line='root ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 93 | 94 | - name: add zstack user to nopasswd 95 | lineinfile: dest=/etc/sudoers state=present insertafter=EOF line='zstack ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 96 | 97 | - name: check zstack status 98 | command: zstack-ctl status 99 | 100 | - name: set ZSTACK_HOME env 101 | command: zstack-ctl setenv ZSTACK_HOME={{ zstack_wardir }} 102 | 103 | # ---------------------------------------------------------------------------- 104 | # Below task is for install some zstack systemd service 105 | 106 | - name: create zstack-server start script 107 | template: 108 | src=zstack-server.j2 109 | dest=/etc/init.d/zstack-server 110 | owner=root 111 | group=root 112 | mode=755 113 | backup=yes 114 | 115 | - name: create zstack service 116 | copy: 117 | src=zstack.service 118 | dest=/etc/systemd/system/zstack.service 119 | owner=root 120 | group=root 121 | mode=644 122 | backup=yes 123 | 124 | - name: enable the zstack service 125 | service: name=zstack enabled=yes 126 | 127 | - name: create zstack kvmagent script 128 | copy: 129 | src=zstack-kvmagent 130 | dest=/usr/bin/zstack-kvmagent 131 | owner=root 132 | group=root 133 | mode=755 134 | backup=yes 135 | 136 | - name: create zstack kvmagent service 137 | copy: 138 | src=zstack-kvmagent.service 139 | dest=/etc/systemd/system/zstack-kvmagent.service 140 | owner=root 141 | group=root 142 | mode=755 143 | backup=yes 144 | 145 | - name: enable zstack kvmagent service 146 | service: name=zstack-kvmagent enabled=yes 147 | 148 | - name: create zstack sftpbackupstorage script 149 | copy: 150 | src=zstack-sftpbackupstorage 151 | dest=/usr/bin/zstack-sftpbackupstorage 152 | owner=root 153 | group=root 154 | mode=755 155 | backup=yes 156 | 157 | - name: create zstack sftpbackupstorage service 158 | copy: 159 | src=zstack-sftpbackupstorage.service 160 | dest=/etc/systemd/system/zstack-sftpbackupstorage.service 161 | owner=root 162 | group=root 163 | mode=755 164 | backup=yes 165 | 166 | - name: enable zstack sftpbackupstorage service 167 | service: name=zstack-sftpbackupstorage enabled=yes 168 | 169 | - name: create zstack consoleproxy script 170 | copy: 171 | src=zstack-consoleproxy 172 | dest=/usr/bin/zstack-consoleproxy 173 | owner=root 174 | group=root 175 | mode=755 176 | backup=yes 177 | 178 | - name: create zstack consoleproxy service 179 | copy: 180 | src=zstack-consoleproxy.service 181 | dest=/etc/systemd/system/zstack-consoleproxy.service 182 | owner=root 183 | group=root 184 | mode=755 185 | backup=yes 186 | 187 | - name: enable zstack consoleproxy service 188 | service: name=zstack-consoleproxy enabled=yes 189 | 190 | # ---------------------------------------------------------------------------- 191 | 192 | - name: configure tomcat java option 193 | copy: 194 | src=tomcat-setenv.sh 195 | dest={{ zstack_tomcatdir }}/bin/setenv.sh 196 | owner=root 197 | group=root 198 | mode=755 199 | backup=yes 200 | 201 | - name: deploy database 202 | command: "zstack-ctl deploydb --host={{ zstack_mysql_host }} --root-password={{ zstack_mysql_root_pwd }} --zstack-password={{ zstack_mysql_zstack_pwd }} >> /tmp/install.log 2>&1" 203 | 204 | - name: config zstack properties for rabbitmq 205 | command: "{{ item }}" 206 | with_items: 207 | - "zstack-ctl configure CloudBus.rabbitmqUsername={{ zstack_rabbitmq_user }}" 208 | - "zstack-ctl configure CloudBus.rabbitmqPassword={{ zstack_rabbitmq_pwd }}" 209 | 210 | 211 | - name: restart the libvirtd 212 | service: name=libvirtd state=restarted enabled=yes 213 | 214 | - name: start the zstack management node 215 | # if the dashboard installed on same server, 216 | # you can also use below cmd to start zstack node and ui: 217 | # /etc/init.d/zstack-server start 218 | # zstack-ctl start 219 | service: name=zstack state=restarted enabled=yes 220 | 221 | - name: management node installed 222 | debug: msg="zstack management node installed successfully" 223 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Ubuntu task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 16 8 | 9 | - name: install virtual software 10 | apt: name={{ item }} state=present 11 | with_items: 12 | - qemu-kvm 13 | - libvirt-bin 14 | # - libvirt-daemon 15 | # - libvirtd 16 | - virtinst 17 | 18 | # - name: upgrade the python cffi 19 | # command: pip install cffi --upgrade 20 | # 21 | # - name: upgrade the python cryptography 22 | # command: pip install cryptography --upgrade 23 | 24 | - name: install ansible 25 | pip: name=ansible state=forcereinstall 26 | 27 | # --------- continue ----------- 28 | - name: install java-8 29 | apt: name=openjdk-8-jdk state=present 30 | 31 | - name: set java-8 as default jre 32 | command: "{{ item }}" 33 | with_items: 34 | - "/usr/bin/update-alternatives --install /usr/bin/java java /usr/lib/jvm/java-1.8.0-openjdk-amd64/bin/java 0" 35 | - "/usr/bin/update-alternatives --set java /usr/lib/jvm/java-1.8.0-openjdk-amd64/bin/java" 36 | 37 | # - name: create zstack basedir 38 | # file: path={{ zstack_basedir }} state=directory mode=0755 39 | 40 | # - name: del zstack user 41 | # user: name={{ zstack_user }} state=absent remove=yes 42 | 43 | - name: create zstack user 44 | user: name={{ zstack_user }} shell=/bin/bash home={{ zstack_basedir }} groups=sudo append=yes 45 | 46 | - name: remove old tomcat 47 | file: path={{ item }} state=absent 48 | with_items: 49 | - "{{ zstack_basedir }}/apache-tomcat-7.0.35" 50 | - "{{ zstack_tomcatdir }}" 51 | 52 | - name: install tomcat 53 | unarchive: src=apache-tomcat-7.0.35.tar.gz dest={{ zstack_basedir }} 54 | 55 | - name: rename tomcat dir 56 | shell: cp -ar {{ zstack_basedir }}/apache-tomcat-7.0.35 {{ zstack_tomcatdir }} && rm -rf {{ zstack_basedir }}/apache-tomcat-7.0.35 57 | 58 | - name: create zstack wardir 59 | file: path={{ zstack_wardir }} state=directory mode=0755 60 | 61 | - name: install zstack war 62 | unarchive: src=zstack-1.6.2.war.zip dest={{ zstack_wardir }} 63 | 64 | - name: change exec mode of install script 65 | file: path={{ zstack_install_sh_script }} mode=755 66 | 67 | - name: install zstack-ctl 68 | shell: "{{ zstack_install_sh_script }} zstack-ctl >> /tmp/install.log 2>&1" 69 | args: 70 | executable: /bin/bash 71 | become: yes 72 | 73 | - name: install zstack command line tool 74 | shell: "{{ zstack_install_sh_script }} zstack-cli >> /tmp/install.log 2>&1" 75 | args: 76 | executable: /bin/bash 77 | become: yes 78 | 79 | - name: install zstack webui 80 | shell: "{{ zstack_install_sh_script }} zstack-dashboard >> /tmp/install.log 2>&1" 81 | args: 82 | executable: /bin/bash 83 | become: yes 84 | 85 | 86 | - name: change zstack user home mode 87 | file: path={{ zstack_basedir }} owner={{ zstack_user }} group={{ zstack_user }} state=directory recurse=yes 88 | 89 | - name: create license dir 90 | file: path={{ zstack_licensedir }}/license state=directory recurse=yes 91 | 92 | - name: set license dir owner 93 | file: path={{ zstack_licensedir }} mode=0755 owner={{ zstack_user }} group={{ zstack_user }} recurse=yes 94 | 95 | - name: install license 96 | command: "zstack-ctl install_license --license {{ zstack_tomcatdir }}/LICENSE >> /tmp/install.log 2>&1" 97 | 98 | - name: enable root user nopasswd 99 | lineinfile: dest=/etc/sudoers state=present regexp='^root' line='root ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 100 | 101 | - name: add zstack user to nopasswd 102 | lineinfile: dest=/etc/sudoers state=present insertafter=EOF line='zstack ALL=(ALL:ALL) NOPASSWD:ALL' validate='visudo -cf %s' backup=yes 103 | 104 | - name: check zstack status 105 | command: zstack-ctl status 106 | 107 | - name: set ZSTACK_HOME env 108 | command: zstack-ctl setenv ZSTACK_HOME={{ zstack_wardir }} 109 | 110 | # ---------------------------------------------------------------------------- 111 | # Below task is for install some zstack systemd service 112 | 113 | - name: create zstack-server start script 114 | template: 115 | src=zstack-server.j2 116 | dest=/etc/init.d/zstack-server 117 | owner=root 118 | group=root 119 | mode=755 120 | backup=yes 121 | 122 | - name: create zstack service 123 | copy: 124 | src=zstack.service 125 | dest=/etc/systemd/system/zstack.service 126 | owner=root 127 | group=root 128 | mode=644 129 | backup=yes 130 | 131 | - name: enable the zstack service 132 | service: name=zstack enabled=yes 133 | 134 | - name: create zstack kvmagent script 135 | copy: 136 | src=zstack-kvmagent 137 | dest=/usr/bin/zstack-kvmagent 138 | owner=root 139 | group=root 140 | mode=755 141 | backup=yes 142 | 143 | - name: create zstack kvmagent service 144 | copy: 145 | src=zstack-kvmagent.service 146 | dest=/etc/systemd/system/zstack-kvmagent.service 147 | owner=root 148 | group=root 149 | mode=755 150 | backup=yes 151 | 152 | - name: enable zstack kvmagent service 153 | service: name=zstack-kvmagent enabled=yes 154 | 155 | - name: create zstack sftpbackupstorage script 156 | copy: 157 | src=zstack-sftpbackupstorage 158 | dest=/usr/bin/zstack-sftpbackupstorage 159 | owner=root 160 | group=root 161 | mode=755 162 | backup=yes 163 | 164 | - name: create zstack sftpbackupstorage service 165 | copy: 166 | src=zstack-sftpbackupstorage.service 167 | dest=/etc/systemd/system/zstack-sftpbackupstorage.service 168 | owner=root 169 | group=root 170 | mode=755 171 | backup=yes 172 | 173 | - name: enable zstack sftpbackupstorage service 174 | service: name=zstack-sftpbackupstorage enabled=yes 175 | 176 | - name: create zstack consoleproxy script 177 | copy: 178 | src=zstack-consoleproxy 179 | dest=/usr/bin/zstack-consoleproxy 180 | owner=root 181 | group=root 182 | mode=755 183 | backup=yes 184 | 185 | - name: create zstack consoleproxy service 186 | copy: 187 | src=zstack-consoleproxy.service 188 | dest=/etc/systemd/system/zstack-consoleproxy.service 189 | owner=root 190 | group=root 191 | mode=755 192 | backup=yes 193 | 194 | - name: enable zstack consoleproxy service 195 | service: name=zstack-consoleproxy enabled=yes 196 | 197 | # ---------------------------------------------------------------------------- 198 | 199 | - name: configure tomcat java option 200 | copy: 201 | src=tomcat-setenv.sh 202 | dest={{ zstack_tomcatdir }}/bin/setenv.sh 203 | owner=root 204 | group=root 205 | mode=755 206 | backup=yes 207 | 208 | - name: deploy database 209 | command: "zstack-ctl deploydb --host={{ zstack_mysql_host }} --root-password={{ zstack_mysql_root_pwd }} --zstack-password={{ zstack_mysql_zstack_pwd }} --drop >> /tmp/install.log 2>&1" 210 | # become: yes 211 | 212 | - name: config zstack properties for rabbitmq 213 | command: "{{ item }}" 214 | with_items: 215 | - "zstack-ctl configure CloudBus.rabbitmqUsername={{ zstack_rabbitmq_user }}" 216 | - "zstack-ctl configure CloudBus.rabbitmqPassword={{ zstack_rabbitmq_pwd }}" 217 | 218 | # in Ubuntu, the libvirtd is libvirt-bin 219 | - name: restart the libvirt-bin 220 | service: name=libvirt-bin state=restarted enabled=yes 221 | 222 | - name: start the zstack management node 223 | # if the dashboard installed on same server, 224 | # you can also use below cmd to start zstack node and ui: 225 | # /etc/init.d/zstack-server start 226 | # zstack-ctl start 227 | service: name=zstack state=restarted enabled=yes 228 | 229 | - name: management node installed 230 | debug: msg="zstack management node installed successfully" 231 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: check os 3 | debug: msg="os={{ ansible_distribution }} major={{ ansible_distribution_major_version }}" 4 | 5 | - include: "{{ ansible_distribution }}.yml" 6 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/templates/zstack-server.j2: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # {{ ansible_managed }} 4 | 5 | # the following is chkconfig init header 6 | # 7 | # zstack-server: zstack server daemon 8 | # 9 | # chkconfig: 345 97 03 10 | # description: This is a daemon instructed by zstack management server \ 11 | # to perform zstack related operations\ 12 | # zstack server was launched by apache-tomcat 13 | # See http://zstack.org 14 | # 15 | # processname: /usr/bin/java org.apache.catalina.startup.Bootstrap start 16 | # pidfile: /var/run/zstack/zstackserver.pid 17 | # 18 | 19 | pidfile='/var/run/zstack/zstack-server.pid' 20 | TOMCAT_PATH="{{ zstack_tomcatdir }}" 21 | zstack_app=${ZSTACK_HOME-"$TOMCAT_PATH/webapps/zstack"} 22 | 23 | which zstack-ctl &>/dev/null 24 | if [ $? -ne 0 ]; then 25 | echo "Does not find zstack-ctl. Can not execute zstack-server service." 26 | exit 1 27 | fi 28 | 29 | check_status() { 30 | ZSTACK_HOME=$zstack_app zstack-ctl status 31 | } 32 | 33 | stop_zstack(){ 34 | ZSTACK_HOME=$zstack_app zstack-ctl stop 35 | } 36 | 37 | start_zstack(){ 38 | ZSTACK_HOME=$zstack_app zstack-ctl start 39 | } 40 | 41 | 42 | if [ $# -eq 0 ]; then 43 | echo "usage: $0 44 | [start|stop|restart|status]" 45 | exit 1 46 | fi 47 | 48 | if [ "$@" = "status" ]; then 49 | check_status 50 | elif [ "$@" = "start" ]; then 51 | start_zstack 52 | elif [ "$@" = "stop" ]; then 53 | stop_zstack 54 | elif [ "$@" = "restart" ]; then 55 | stop_zstack 56 | start_zstack 57 | else 58 | echo "Not support service: $@. Please use [start|stop|restart|status]" 59 | exit 1 60 | fi 61 | 62 | if [ $? -eq 0 ]; then 63 | echo "$@ zstack service .... SUCCESS" 64 | exit 0 65 | else 66 | echo "$@ zstack service .... FAILED" 67 | exit 1 68 | fi 69 | -------------------------------------------------------------------------------- /roles/zk_mgmnode/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mgmnode/vars/main.yml -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | zstack_mysql_host: localhost 3 | zstack_mysql_root_pwd: netease 4 | zstack_mysql_zstack_pwd: netease 5 | zstack_rabbitmq_host: localhost 6 | zstack_rabbitmq_user: zstack 7 | zstack_rabbitmq_pwd: netease 8 | zstack_rabbitmq_tags: administrator 9 | zstack_rabbitmq_priv_vhost: "/" 10 | zstack_rabbitmq_config_priv: ".*" 11 | zstack_rabbitmq_read_priv: ".*" 12 | zstack_rabbitmq_write_priv: ".*" 13 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mysql_rabbitmq/handlers/main.yml -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/meta/main.yml: -------------------------------------------------------------------------------- 1 | # --- 2 | # dependencies: 3 | # - { role: common } 4 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is CentOS task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 7 8 | 9 | # mysql and rabbitmq server can deploy to other host 10 | - name: install mysql 11 | yum: name={{ item }} state=present 12 | with_items: 13 | - mariadb-server 14 | - mariadb 15 | 16 | - name: install rabbitmq 17 | yum: name=rabbitmq-server state=present 18 | 19 | - name: enable mysql and rabbitmq 20 | service: name={{ item }} enabled=yes state=started 21 | with_items: 22 | - mariadb 23 | - rabbitmq-server 24 | 25 | - name: install python mysqldb 26 | yum: name=MySQL-python state=present 27 | 28 | - name: set mysql root password 29 | mysql_user: 30 | name=root 31 | host={{ zstack_mysql_host }} 32 | password={{ zstack_mysql_root_pwd }} 33 | check_implicit_admin=yes 34 | login_user=root 35 | login_password="" 36 | state=present 37 | 38 | - name: set mysql zstack user password 39 | mysql_user: 40 | name={{ zstack_user }} 41 | host={{ zstack_mysql_host }} 42 | password={{ zstack_mysql_zstack_pwd }} 43 | check_implicit_admin=yes 44 | login_user=root 45 | login_password={{ zstack_mysql_root_pwd }} 46 | state=present 47 | 48 | - name: install rabbitmq-plugins 49 | command: rabbitmq-plugins enable rabbitmq_management 50 | 51 | - name: restart rabbitmq 52 | service: name=rabbitmq-server state=restarted 53 | 54 | - name: deploy rabbitmq 55 | rabbitmq_user: 56 | user={{ zstack_rabbitmq_user }} 57 | password={{ zstack_rabbitmq_pwd }} 58 | vhost={{ zstack_rabbitmq_priv_vhost }} 59 | configure_priv={{ zstack_rabbitmq_config_priv }} 60 | read_priv={{ zstack_rabbitmq_read_priv }} 61 | write_priv={{ zstack_rabbitmq_write_priv }} 62 | tags={{ zstack_rabbitmq_tags }} 63 | state=present 64 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 8 8 | 9 | # mysql and rabbitmq server can deploy to other host 10 | - name: install mysql 11 | apt: name={{ item }} state=present 12 | with_items: 13 | - mysql-server 14 | - mysql-client 15 | - libmysqld-dev 16 | 17 | - name: install rabbitmq 18 | apt: name=rabbitmq-server state=present 19 | 20 | - name: enable mysql and rabbitmq 21 | service: name={{ item }} enabled=yes state=started 22 | with_items: 23 | - mysql 24 | - rabbitmq-server 25 | 26 | - name: install python mysqldb 27 | apt: name=python-mysqldb state=present 28 | 29 | - name: set mysql root password 30 | mysql_user: 31 | name=root 32 | host={{ zstack_mysql_host }} 33 | password={{ zstack_mysql_root_pwd }} 34 | check_implicit_admin=yes 35 | login_user=root 36 | login_password="" 37 | state=present 38 | 39 | - name: set mysql zstack user password 40 | mysql_user: 41 | name={{ zstack_user }} 42 | host={{ zstack_mysql_host }} 43 | password={{ zstack_mysql_zstack_pwd }} 44 | check_implicit_admin=yes 45 | login_user=root 46 | login_password={{ zstack_mysql_root_pwd }} 47 | state=present 48 | 49 | - name: install rabbitmq-plugins 50 | command: rabbitmq-plugins enable rabbitmq_management 51 | 52 | - name: restart rabbitmq 53 | service: name=rabbitmq-server state=restarted 54 | 55 | - name: deploy rabbitmq 56 | rabbitmq_user: 57 | user={{ zstack_rabbitmq_user }} 58 | password={{ zstack_rabbitmq_pwd }} 59 | vhost={{ zstack_rabbitmq_priv_vhost }} 60 | configure_priv={{ zstack_rabbitmq_config_priv }} 61 | read_priv={{ zstack_rabbitmq_read_priv }} 62 | write_priv={{ zstack_rabbitmq_write_priv }} 63 | tags={{ zstack_rabbitmq_tags }} 64 | state=present 65 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - debug: msg="this is Ubuntu task." 3 | 4 | - name: check os version 5 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 6 | when: ansible_distribution_major_version|int != 16 7 | 8 | # mysql and rabbitmq server can deploy to other host 9 | - name: install mysql 10 | apt: name={{ item }} state=present 11 | with_items: 12 | # mysql 5.7 in Ubuntu 16.04 cannot be used, because zstack db-sql syntax cannot compatiable. 13 | # so we use mariadb-server 14 | - mariadb-server 15 | - mariadb-client 16 | - libmysqld-dev 17 | 18 | - name: install python mysqldb 19 | apt: name=python-mysqldb state=present 20 | 21 | - name: install rabbitmq 22 | apt: name=rabbitmq-server state=present 23 | 24 | - name: enable mysql and rabbitmq 25 | service: name={{ item }} enabled=yes state=started 26 | with_items: 27 | - mysql 28 | - rabbitmq-server 29 | 30 | # --------- 31 | - include: init_mysql_root.yml 32 | 33 | 34 | - name: set mysql zstack user password 35 | mysql_user: 36 | name={{ zstack_user }} 37 | host={{ zstack_mysql_host }} 38 | password={{ zstack_mysql_zstack_pwd }} 39 | check_implicit_admin=yes 40 | login_user=root 41 | login_password={{ zstack_mysql_root_pwd }} 42 | state=present 43 | 44 | - name: install rabbitmq-plugins 45 | command: rabbitmq-plugins enable rabbitmq_management 46 | 47 | - name: restart rabbitmq 48 | service: name=rabbitmq-server state=restarted 49 | 50 | - name: deploy rabbitmq 51 | rabbitmq_user: 52 | user={{ zstack_rabbitmq_user }} 53 | password={{ zstack_rabbitmq_pwd }} 54 | vhost={{ zstack_rabbitmq_priv_vhost }} 55 | configure_priv={{ zstack_rabbitmq_config_priv }} 56 | read_priv={{ zstack_rabbitmq_read_priv }} 57 | write_priv={{ zstack_rabbitmq_write_priv }} 58 | tags={{ zstack_rabbitmq_tags }} 59 | state=present 60 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/tasks/init_mysql_root.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # init mysql root password 3 | - name: delete anonymous MySQL server user for {{ ansible_hostname }} 4 | action: mysql_user user="" host="{{ ansible_hostname }}" state="absent" 5 | 6 | - name: delete anonymous MySQL server user for localhost 7 | action: mysql_user user="" state="absent" 8 | 9 | - name: remove the MySQL test database 10 | action: mysql_db db=test state=absent 11 | 12 | - name: Change root user password on first run 13 | mysql_user: login_user=root 14 | login_password='' 15 | name=root 16 | password="{{ zstack_mysql_root_pwd }}" 17 | priv=*.*:ALL,GRANT 18 | host={{ item }} 19 | with_items: 20 | - "{{ ansible_hostname }}" 21 | - 127.0.0.1 22 | - ::1 23 | - localhost 24 | 25 | - name: repair the mysql plugin problem 26 | command: mysql -uroot -p{{ zstack_mysql_root_pwd }} -e 'use mysql; update mysql.user set authentication_string=PASSWORD("{{ zstack_mysql_root_pwd }}"), plugin="mysql_native_password" where user="root"; flush privileges;' 27 | when: ansible_distribution == "Ubuntu" 28 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: check os 3 | debug: msg="os={{ ansible_distribution }} major={{ ansible_distribution_major_version }}" 4 | 5 | - include: "{{ ansible_distribution }}.yml" 6 | -------------------------------------------------------------------------------- /roles/zk_mysql_rabbitmq/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_mysql_rabbitmq/vars/main.yml -------------------------------------------------------------------------------- /roles/zk_repair_code/defaults/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_repair_code/defaults/main.yml -------------------------------------------------------------------------------- /roles/zk_repair_code/files/consoleproxy-virtualenv.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_repair_code/files/consoleproxy-virtualenv.tar.gz -------------------------------------------------------------------------------- /roles/zk_repair_code/files/consoleproxy.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # encoding: utf-8 3 | import argparse 4 | from zstacklib import * 5 | 6 | start_time = datetime.now() 7 | # set default value 8 | file_root = "files/consoleproxy" 9 | pip_url = 'https://pypi.python.org/simple/' 10 | proxy = "" 11 | sproxy = "" 12 | chroot_env = 'false' 13 | zstack_repo = 'false' 14 | post_url = "" 15 | pkg_consoleproxy = "" 16 | virtualenv_version = "12.1.1" 17 | remote_user = "root" 18 | remote_pass = None 19 | remote_port = None 20 | 21 | # get parameter from shell 22 | parser = argparse.ArgumentParser(description='Deploy consoleproxy to management node') 23 | parser.add_argument('-i', type=str, help="""specify inventory host file 24 | default=/etc/ansible/hosts""") 25 | parser.add_argument('--private-key', type=str, help='use this file to authenticate the connection') 26 | parser.add_argument('-e', type=str, help='set additional variables as key=value or YAML/JSON') 27 | 28 | args = parser.parse_args() 29 | argument_dict = eval(args.e) 30 | locals().update(argument_dict) 31 | # update the variable from shell arguments 32 | virtenv_path = "%s/virtualenv/consoleproxy/" % zstack_root 33 | consoleproxy_root = "%s/console/package" % zstack_root 34 | host_post_info = HostPostInfo() 35 | # create log 36 | logger_dir = "/var/log/zstack/" 37 | create_log(logger_dir) 38 | host_post_info.host = host 39 | host_post_info.host_inventory = args.i 40 | 41 | host_post_info.post_url = post_url 42 | host_post_info.transport = 'local' 43 | 44 | # include zstacklib.py 45 | (distro, distro_version, distro_release) = get_remote_host_info(host_post_info) 46 | zstacklib_args = ZstackLibArgs() 47 | zstacklib_args.distro = distro 48 | zstacklib_args.distro_release = distro_release 49 | zstacklib_args.distro_version = distro_version 50 | zstacklib_args.zstack_repo = zstack_repo 51 | zstacklib_args.yum_server = yum_server 52 | zstacklib_args.zstack_root = zstack_root 53 | zstacklib_args.host_post_info = host_post_info 54 | zstacklib_args.pip_url = pip_url 55 | zstacklib_args.trusted_host = trusted_host 56 | zstacklib = ZstackLib(zstacklib_args) 57 | 58 | # name: judge this process is init install or upgrade 59 | if file_dir_exist("path=" + consoleproxy_root, host_post_info): 60 | init_install = False 61 | else: 62 | init_install = True 63 | # name: create root directories 64 | command = 'mkdir -p %s %s' % (consoleproxy_root, virtenv_path) 65 | run_remote_command(command, host_post_info) 66 | 67 | run_remote_command("rm -rf %s/*" % consoleproxy_root, host_post_info) 68 | 69 | # name: copy zstacklib 70 | copy_arg = CopyArg() 71 | copy_arg.src = "files/zstacklib/%s" % pkg_zstacklib 72 | copy_arg.dest = "%s/%s" % (consoleproxy_root, pkg_zstacklib) 73 | copy_zstacklib = copy(copy_arg, host_post_info) 74 | # name: copy consoleproxy 75 | copy_arg = CopyArg() 76 | copy_arg.src = "%s/%s" % (file_root, pkg_consoleproxy) 77 | copy_arg.dest = "%s/%s" % (consoleproxy_root, pkg_consoleproxy) 78 | copy_consoleproxy = copy(copy_arg, host_post_info) 79 | # only for os using init.d not systemd -- by diwen 80 | # copy_arg = CopyArg() 81 | # copy_arg.src = "%s/zstack-consoleproxy" % file_root 82 | # copy_arg.dest = "/etc/init.d/" 83 | # copy_arg.args = "mode=755" 84 | # copy(copy_arg, host_post_info) 85 | 86 | # name: install virtualenv 87 | virtual_env_status = check_and_install_virtual_env(virtualenv_version, trusted_host, pip_url, host_post_info) 88 | if virtual_env_status is False: 89 | command = "rm -rf %s && rm -rf %s" % (virtenv_path, consoleproxy_root) 90 | run_remote_command(command, host_post_info) 91 | sys.exit(1) 92 | 93 | # name: make sure virtualenv has been setup 94 | command = "[ -f %s/bin/python ] || virtualenv %s " % (virtenv_path, virtenv_path) 95 | run_remote_command(command, host_post_info) 96 | 97 | # name: install zstacklib 98 | if copy_zstacklib != "changed:False": 99 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 100 | agent_install_arg.agent_name = "zstacklib" 101 | agent_install_arg.agent_root = consoleproxy_root 102 | agent_install_arg.pkg_name = pkg_zstacklib 103 | agent_install(agent_install_arg, host_post_info) 104 | 105 | # name: install consoleproxy 106 | if copy_consoleproxy != "changed:False": 107 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 108 | agent_install_arg.agent_name = "consoleproxy" 109 | agent_install_arg.agent_root = consoleproxy_root 110 | agent_install_arg.pkg_name = pkg_consoleproxy 111 | agent_install(agent_install_arg, host_post_info) 112 | 113 | # name: restart consoleproxy 114 | if chroot_env == 'false': 115 | if distro == "RedHat" or distro == "CentOS": 116 | command = "systemctl stop zstack-consoleproxy && systemctl start zstack-consoleproxy" 117 | elif distro == "Debian" or distro == "Ubuntu": 118 | command = "systemctl stop zstack-consoleproxy && systemctl start zstack-consoleproxy" # by diwen 119 | run_remote_command(command, host_post_info) 120 | 121 | host_post_info.start_time = start_time 122 | handle_ansible_info("SUCC: Deploy consoleproxy agent successful", host_post_info, "INFO") 123 | 124 | sys.exit(0) 125 | -------------------------------------------------------------------------------- /roles/zk_repair_code/files/iproute2_4.6.0-4_amd64.deb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_repair_code/files/iproute2_4.6.0-4_amd64.deb -------------------------------------------------------------------------------- /roles/zk_repair_code/files/kvm.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # encoding=utf-8 3 | import argparse 4 | from zstacklib import * 5 | 6 | start_time = datetime.now() 7 | # set default value 8 | file_root = "files/kvm" 9 | pip_url = "https=//pypi.python.org/simple/" 10 | proxy = "" 11 | sproxy = "" 12 | chroot_env = 'false' 13 | init = 'false' 14 | zstack_repo = 'false' 15 | post_url = "" 16 | pkg_kvmagent = "" 17 | libvirtd_status = "" 18 | virtualenv_version = "12.1.1" 19 | remote_user = "root" 20 | remote_pass = None 21 | remote_port = None 22 | 23 | # get parameter from shell 24 | parser = argparse.ArgumentParser(description='Deploy kvm to host') 25 | parser.add_argument('-i', type=str, help="""specify inventory host file 26 | default=/etc/ansible/hosts""") 27 | parser.add_argument('--private-key', type=str, help='use this file to authenticate the connection') 28 | parser.add_argument('-e', type=str, help='set additional variables as key=value or YAML/JSON') 29 | args = parser.parse_args() 30 | argument_dict = eval(args.e) 31 | 32 | # update the variable from shell arguments 33 | locals().update(argument_dict) 34 | virtenv_path = "%s/virtualenv/kvm/" % zstack_root 35 | kvm_root = "%s/kvm/package" % zstack_root 36 | iproute_pkg = "%s/iproute-2.6.32-130.el6ost.netns.2.x86_64.rpm" % file_root 37 | iproute_local_pkg = "%s/iproute-2.6.32-130.el6ost.netns.2.x86_64.rpm" % kvm_root 38 | dnsmasq_pkg = "%s/dnsmasq-2.68-1.x86_64.rpm" % file_root 39 | dnsmasq_local_pkg = "%s/dnsmasq-2.68-1.x86_64.rpm" % kvm_root 40 | # create log 41 | logger_dir = "/var/log/zstack/" 42 | create_log(logger_dir) 43 | 44 | host_post_info = HostPostInfo() 45 | host_post_info.host_inventory = args.i 46 | host_post_info.host = host 47 | host_post_info.post_url = post_url 48 | host_post_info.private_key = args.private_key 49 | host_post_info.remote_user = remote_user 50 | host_post_info.remote_pass = remote_pass 51 | host_post_info.remote_port = remote_port 52 | if remote_pass is not None and remote_user != 'root': 53 | host_post_info.become = True 54 | 55 | # include zstacklib.py 56 | (distro, distro_version, distro_release) = get_remote_host_info(host_post_info) 57 | zstacklib_args = ZstackLibArgs() 58 | zstacklib_args.distro = distro 59 | zstacklib_args.distro_release = distro_release 60 | zstacklib_args.distro_version = distro_version 61 | zstacklib_args.zstack_repo = zstack_repo 62 | zstacklib_args.yum_server = yum_server 63 | zstacklib_args.zstack_root = zstack_root 64 | zstacklib_args.host_post_info = host_post_info 65 | zstacklib_args.pip_url = pip_url 66 | zstacklib_args.trusted_host = trusted_host 67 | zstacklib = ZstackLib(zstacklib_args) 68 | 69 | # name: judge this process is init install or upgrade 70 | if file_dir_exist("path=" + kvm_root, host_post_info): 71 | init_install = False 72 | else: 73 | init_install = True 74 | # name: create root directories 75 | command = 'mkdir -p %s %s' % (kvm_root, virtenv_path) 76 | host_post_info.post_label = "ansible.shell.mkdir" 77 | host_post_info.post_label_param = "%s, %s" % (kvm_root, virtenv_path) 78 | run_remote_command(command, host_post_info) 79 | 80 | run_remote_command("rm -rf %s/*" % kvm_root, host_post_info) 81 | 82 | if distro == "RedHat" or distro == "CentOS": 83 | # handle zstack_repo 84 | if zstack_repo != 'false': 85 | if distro_version >= 7: 86 | qemu_pkg = 'qemu-kvm-ev-2.3.0' 87 | else: 88 | qemu_pkg = 'qemu-kvm' 89 | # name: install kvm related packages on RedHat based OS from user defined repo 90 | command = ("pkg_list=`rpm -q openssh-clients %s bridge-utils wget libvirt-python libvirt nfs-utils " 91 | "vconfig libvirt-client net-tools iscsi-initiator-utils lighttpd dnsmasq iproute sshpass iputils " 92 | "rsync nmap | grep \"not installed\" | awk '{ print $2 }'` && for pkg in $pkg_list; do yum " 93 | "--disablerepo=* --enablerepo=%s install -y $pkg; done;") % (qemu_pkg, zstack_repo) 94 | host_post_info.post_label = "ansible.shell.install.pkg" 95 | host_post_info.post_label_param = "openssh-clients,%s,bridge-utils,wget," \ 96 | "libvirt-python,libvirt,nfs-utils,vconfig,libvirt-client,net-tools," \ 97 | "iscsi-initiator-utils,lighttpd,dnsmasq,iproute,sshpass,iputils,rsync,nmap" % qemu_pkg 98 | run_remote_command(command, host_post_info) 99 | if distro_version >= 7: 100 | # name: RHEL7 specific packages from user defined repos 101 | command = ("pkg_list=`rpm -q iptables-services | grep \"not installed\" | awk '{ print $2 }'` && for pkg " 102 | "in $pkg_list; do yum --disablerepo=* --enablerepo=%s " 103 | "--nogpgcheck install -y $pkg; done;") % zstack_repo 104 | host_post_info.post_label = "ansible.shell.install.pkg" 105 | host_post_info.post_label_param = "iptables-services" 106 | run_remote_command(command, host_post_info) 107 | else: 108 | # name: install kvm related packages on RedHat based OS from online 109 | for pkg in ['openssh-clients', 'bridge-utils', 'wget', 'libvirt-python', 'libvirt', 'nfs-utils', 'vconfig', 110 | 'libvirt-client', 'net-tools', 'iscsi-initiator-utils', 'lighttpd', 'dnsmasq', 'iproute', 'sshpass', 111 | 'rsync', 'nmap']: 112 | yum_install_package(pkg, host_post_info) 113 | if distro_version >= 7: 114 | # name: RHEL7 specific packages from online 115 | for pkg in ['qemu-kvm-ev-2.3.0', 'qemu-img-ev-2.3.0', 'iptables-services']: 116 | yum_install_package(pkg, host_post_info) 117 | else: 118 | for pkg in ['qemu-kvm', 'qemu-img']: 119 | yum_install_package(pkg, host_post_info) 120 | 121 | 122 | # handle distro version specific task 123 | if distro_version < 7: 124 | # name: copy name space supported iproute for RHEL6 125 | copy_arg = CopyArg() 126 | copy_arg.src = iproute_pkg 127 | copy_arg.dest = iproute_local_pkg 128 | copy(copy_arg, host_post_info) 129 | # name: Update iproute for RHEL6 130 | command = "rpm -q iproute-2.6.32-130.el6ost.netns.2.x86_64 || yum install --nogpgcheck -y %s" % iproute_local_pkg 131 | host_post_info.post_label = "ansible.shell.install.pkg" 132 | host_post_info.post_label_param = "iproute-2.6.32-130.el6ost.netns.2.x86_64" 133 | run_remote_command(command, host_post_info) 134 | # name: disable NetworkManager in RHEL6 and Centos6 135 | network_manager_installed = yum_check_package("NetworkManager", host_post_info) 136 | if network_manager_installed is True: 137 | service_status("NetworkManager", "state=stopped enabled=no", host_post_info) 138 | 139 | else: 140 | # name: disable firewalld in RHEL7 and Centos7 141 | command = "(which firewalld && service firewalld stop && chkconfig firewalld off) || true" 142 | host_post_info.post_label = "ansible.shell.disable.service" 143 | host_post_info.post_label_param = "firewalld" 144 | run_remote_command(command, host_post_info) 145 | # name: disable NetworkManager in RHEL7 and Centos7 146 | service_status("NetworkManager", "state=stopped enabled=no", host_post_info, ignore_error=True) 147 | 148 | if init == 'true': 149 | # name: copy iptables initial rules in RedHat 150 | copy_arg = CopyArg() 151 | copy_arg.src = "%s/iptables" % file_root 152 | copy_arg.dest = "/etc/sysconfig/iptables" 153 | copy(copy_arg, host_post_info) 154 | if chroot_env == 'false': 155 | # name: restart iptables 156 | service_status("iptables", "state=restarted enabled=yes", host_post_info) 157 | 158 | if chroot_env == 'false': 159 | # name: enable libvirt daemon on RedHat based OS 160 | service_status("libvirtd", "state=started enabled=yes", host_post_info) 161 | if distro_version >= 7: 162 | # name: enable virtlockd daemon on RedHat based OS 163 | service_status("virtlockd", "state=started enabled=yes", host_post_info) 164 | 165 | # name: copy updated dnsmasq for RHEL6 and RHEL7 166 | copy_arg = CopyArg() 167 | copy_arg.src = "%s" % dnsmasq_pkg 168 | copy_arg.dest = "%s" % dnsmasq_local_pkg 169 | copy(copy_arg, host_post_info) 170 | # name: Update dnsmasq for RHEL6 and RHEL7 171 | command = "rpm -q dnsmasq-2.68-1 || yum install --nogpgcheck -y %s" % dnsmasq_local_pkg 172 | host_post_info.post_label = "ansible.shell.install.pkg" 173 | host_post_info.post_label_param = "dnsmasq-2.68-1" 174 | run_remote_command(command, host_post_info) 175 | # name: disable selinux on RedHat based OS 176 | set_selinux("state=disabled", host_post_info) 177 | run_remote_command("setenforce 0 || true", host_post_info) 178 | # name: copy sysconfig libvirtd conf in RedHat 179 | copy_arg = CopyArg() 180 | copy_arg.src = "%s/libvirtd" % file_root 181 | copy_arg.dest = "/etc/sysconfig/libvirtd" 182 | libvirtd_status = copy(copy_arg, host_post_info) 183 | 184 | elif distro == "Debian" or distro == "Ubuntu": 185 | # name: install kvm related packages on Debian based OS -- by diwen 186 | install_pkg_list = ['qemu-kvm', 'bridge-utils', 'wget', 'qemu-utils', 'python-libvirt', 'vlan', 187 | 'nfs-common', 'open-iscsi', 'dnsmasq', 'sshpass', 'rsync', 'iputils-arping', 'nmap'] 188 | if distro == "Debian": # -- by diwen 189 | install_pkg_list.append('libvirt-daemon') 190 | else: 191 | install_pkg_list.append('libvirt-bin') 192 | 193 | apt_install_packages(install_pkg_list, host_post_info) 194 | # name: copy default libvirtd conf in Debian 195 | copy_arg = CopyArg() 196 | copy_arg.src = "%s/libvirtd" % file_root 197 | copy_arg.dest = '/etc/default/libvirtd' 198 | libvirt_bin_status = copy(copy_arg, host_post_info) 199 | # name: enable bridge forward on UBUNTU 200 | command = "modprobe br_netfilter; echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables ; " \ 201 | "echo 1 > /proc/sys/net/ipv4/conf/default/forwarding" 202 | host_post_info.post_label = "ansible.shell.enable.module" 203 | host_post_info.post_label_param = "br_netfilter" 204 | run_remote_command(command, host_post_info) 205 | 206 | if libvirt_bin_status != "changed:False": 207 | # name: restart debian libvirtd 208 | service_status("libvirtd", "state=restarted enabled=yes", host_post_info) 209 | 210 | else: 211 | error("unsupported OS!") 212 | 213 | #add kvm module and tun module 214 | modprobe_arg = ModProbeArg() 215 | modprobe_arg.name = 'kvm' 216 | modprobe_arg.state = 'present' 217 | modprobe(modprobe_arg, host_post_info) 218 | 219 | modprobe_arg = ModProbeArg() 220 | if 'intel' in get_remote_host_cpu(host_post_info).lower(): 221 | modprobe_arg.name = 'kvm_intel' 222 | elif 'amd' in get_remote_host_cpu(host_post_info).lower(): 223 | modprobe_arg.name = 'kvm_amd' 224 | else: 225 | handle_ansible_info("Unknown CPU type detected when modprobe kvm", host_post_info, "WARNING") 226 | modprobe_arg.state = 'present' 227 | modprobe(modprobe_arg, host_post_info) 228 | 229 | modprobe_arg = ModProbeArg() 230 | modprobe_arg.name = 'tun' 231 | modprobe_arg.state = 'present' 232 | modprobe(modprobe_arg, host_post_info) 233 | 234 | # name: remove libvirt default bridge 235 | command = '(ifconfig virbr0 &> /dev/null && virsh net-destroy default > ' \ 236 | '/dev/null && virsh net-undefine default > /dev/null) || true' 237 | host_post_info.post_label = "ansible.shell.virsh.destroy.bridge" 238 | host_post_info.post_label_param = None 239 | run_remote_command(command, host_post_info) 240 | 241 | # name: copy libvirtd conf 242 | copy_arg = CopyArg() 243 | copy_arg.src = "%s/libvirtd.conf" % file_root 244 | copy_arg.dest = "/etc/libvirt/libvirtd.conf" 245 | libvirtd_conf_status = copy(copy_arg, host_post_info) 246 | 247 | # name: copy qemu conf 248 | copy_arg = CopyArg() 249 | copy_arg.src = "%s/qemu.conf" % file_root 250 | copy_arg.dest = "/etc/libvirt/qemu.conf" 251 | qemu_conf_status = copy(copy_arg, host_post_info) 252 | 253 | # name: delete A2 qemu hook 254 | command = "rm -f /etc/libvirt/hooks/qemu" 255 | host_post_info.post_label = "ansible.shell.remove.file" 256 | host_post_info.post_label_param = "/etc/libvirt/hooks/qemu" 257 | run_remote_command(command, host_post_info) 258 | 259 | # name: enable bridge forward 260 | command = "echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables ; echo 1 > /proc/sys/net/ipv4/conf/default/forwarding" 261 | host_post_info.post_label = "ansible.shell.enable.service" 262 | host_post_info.post_label_param = "bridge forward" 263 | run_remote_command(command, host_post_info) 264 | 265 | 266 | # name: copy zstacklib 267 | copy_arg = CopyArg() 268 | copy_arg.src = "files/zstacklib/%s" % pkg_zstacklib 269 | copy_arg.dest = "%s/%s" % (kvm_root, pkg_zstacklib) 270 | copy_zstacklib = copy(copy_arg, host_post_info) 271 | 272 | # name: copy kvmagent 273 | copy_arg = CopyArg() 274 | copy_arg.src = "%s/%s" % (file_root, pkg_kvmagent) 275 | copy_arg.dest = "%s/%s" % (kvm_root, pkg_kvmagent) 276 | copy_kvmagent = copy(copy_arg, host_post_info) 277 | 278 | # only for os using init.d not systemd -- by diwen 279 | # name: copy kvm service file 280 | # copy_arg = CopyArg() 281 | # copy_arg.src = "files/kvm/zstack-kvmagent" 282 | # copy_arg.dest = "/etc/init.d/" 283 | # copy_arg.args = "mode=755" 284 | # copy(copy_arg, host_post_info) 285 | 286 | # name: install virtualenv 287 | virtual_env_status = check_and_install_virtual_env(virtualenv_version, trusted_host, pip_url, host_post_info) 288 | if virtual_env_status is False: 289 | command = "rm -rf %s && rm -rf %s" % (virtenv_path, kvm_root) 290 | host_post_info.post_label = "ansible.shell.remove.file" 291 | host_post_info.post_label_param = "%s, %s" % (virtenv_path, kvm_root) 292 | run_remote_command(command, host_post_info) 293 | sys.exit(1) 294 | # name: make sure virtualenv has been setup 295 | command = "[ -f %s/bin/python ] || virtualenv --system-site-packages %s " % (virtenv_path, virtenv_path) 296 | host_post_info.post_label = "ansible.shell.check.virtualenv" 297 | host_post_info.post_label_param = None 298 | run_remote_command(command, host_post_info) 299 | 300 | # name: install zstacklib 301 | if copy_zstacklib != "changed:False": 302 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 303 | agent_install_arg.agent_name = "zstacklib" 304 | agent_install_arg.agent_root = kvm_root 305 | agent_install_arg.pkg_name = pkg_zstacklib 306 | agent_install_arg.virtualenv_site_packages = "yes" 307 | agent_install(agent_install_arg, host_post_info) 308 | 309 | # name: install kvm agent 310 | if copy_kvmagent != "changed:False": 311 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 312 | agent_install_arg.agent_name = "kvm agent" 313 | agent_install_arg.agent_root = kvm_root 314 | agent_install_arg.pkg_name = pkg_kvmagent 315 | agent_install_arg.virtualenv_site_packages = "yes" 316 | agent_install(agent_install_arg, host_post_info) 317 | 318 | # handlers 319 | if chroot_env == 'false': 320 | if distro == "RedHat" or distro == "CentOS": 321 | if libvirtd_status != "changed:False" or libvirtd_conf_status != "changed:False" \ 322 | or qemu_conf_status != "changed:False": 323 | # name: restart redhat libvirtd 324 | service_status("libvirtd", "state=restarted enabled=yes", host_post_info) 325 | elif distro == "Debian" or distro == "Ubuntu": 326 | if libvirtd_conf_status != "changed:False" or qemu_conf_status != "changed:False": 327 | # name: restart debian libvirtd 328 | service_status("libvirtd", "state=restarted enabled=yes", host_post_info) 329 | # name: restart kvmagent, do not use ansible systemctl due to kvmagent can start by itself, so systemctl will not know 330 | # the kvm agent status when we want to restart it to use the latest kvm agent code 331 | if distro == "RedHat" or distro == "CentOS": 332 | command = "systemctl stop zstack-kvmagent.service && systemctl start zstack-kvmagent.service" # by diwen 333 | elif distro == "Debian" or distro == "Ubuntu": 334 | command = "systemctl stop zstack-kvmagent.service && systemctl start zstack-kvmagent.service" # by diwen 335 | host_post_info.post_label = "ansible.shell.restart.service" 336 | host_post_info.post_label_param = "zstack-kvmagent.service" 337 | run_remote_command(command, host_post_info) 338 | 339 | 340 | host_post_info.start_time = start_time 341 | handle_ansible_info("SUCC: Deploy kvm agent successful", host_post_info, "INFO") 342 | 343 | sys.exit(0) 344 | -------------------------------------------------------------------------------- /roles/zk_repair_code/files/sftpbackupstorage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # encoding: utf-8 3 | import argparse 4 | from zstacklib import * 5 | from datetime import datetime 6 | 7 | 8 | start_time = datetime.now() 9 | # set default value 10 | file_root = "files/sftpbackupstorage" 11 | pip_url = "https=//pypi.python.org/simple/" 12 | proxy = "" 13 | sproxy = "" 14 | chroot_env = 'false' 15 | zstack_repo = 'false' 16 | current_dir = os.path.dirname(os.path.realpath(__file__)) 17 | post_url = "" 18 | pkg_sftpbackupstorage = "" 19 | virtualenv_version = "12.1.1" 20 | remote_user = "root" 21 | remote_pass = None 22 | remote_port = None 23 | 24 | # get parameter from shell 25 | parser = argparse.ArgumentParser(description='Deploy sftpbackupstorage to host') 26 | parser.add_argument('-i', type=str, help="""specify inventory host file 27 | default=/etc/ansible/hosts""") 28 | parser.add_argument('--private-key', type=str, help='use this file to authenticate the connection') 29 | parser.add_argument('-e', type=str, help='set additional variables as key=value or YAML/JSON') 30 | 31 | args = parser.parse_args() 32 | argument_dict = eval(args.e) 33 | 34 | # update the variable from shell arguments 35 | locals().update(argument_dict) 36 | virtenv_path = "%s/virtualenv/sftpbackupstorage/" % zstack_root 37 | sftp_root = "%s/sftpbackupstorage/package" % zstack_root 38 | # create log 39 | logger_dir = "/var/log/zstack/" 40 | create_log(logger_dir) 41 | host_post_info = HostPostInfo() 42 | host_post_info.host_inventory = args.i 43 | host_post_info.host = host 44 | host_post_info.post_url = post_url 45 | host_post_info.private_key = args.private_key 46 | host_post_info.remote_user = remote_user 47 | host_post_info.remote_pass = remote_pass 48 | host_post_info.remote_port = remote_port 49 | if remote_pass is not None and remote_user != 'root': 50 | host_post_info.become = True 51 | 52 | # include zstacklib.py 53 | (distro, distro_version, distro_release) = get_remote_host_info(host_post_info) 54 | zstacklib_args = ZstackLibArgs() 55 | zstacklib_args.distro = distro 56 | zstacklib_args.distro_release = distro_release 57 | zstacklib_args.distro_version = distro_version 58 | zstacklib_args.zstack_repo = zstack_repo 59 | zstacklib_args.yum_server = yum_server 60 | zstacklib_args.zstack_root = zstack_root 61 | zstacklib_args.host_post_info = host_post_info 62 | zstacklib_args.pip_url = pip_url 63 | zstacklib_args.trusted_host = trusted_host 64 | zstacklib = ZstackLib(zstacklib_args) 65 | 66 | # name: judge this process is init install or upgrade 67 | if file_dir_exist("path=" + sftp_root, host_post_info): 68 | init_install = False 69 | else: 70 | init_install = True 71 | # name: create root directories 72 | command = 'mkdir -p %s %s' % (sftp_root, virtenv_path) 73 | run_remote_command(command, host_post_info) 74 | 75 | run_remote_command("rm -rf %s/*" % sftp_root, host_post_info) 76 | 77 | if distro == "RedHat" or distro == "CentOS": 78 | if zstack_repo != 'false': 79 | # name: install sftp backup storage related packages on RedHat based OS from local 80 | command = ("pkg_list=`rpm -q openssh-clients qemu-img-ev-2.3.0 | grep \"not installed\" | awk '{ print $2 }'` && for pkg" 81 | " in $pkg_list; do yum --disablerepo=* --enablerepo=%s install -y $pkg; done;") % zstack_repo 82 | run_remote_command(command, host_post_info) 83 | else: 84 | # name: install sftp backup storage related packages on RedHat based OS from online 85 | yum_install_package("openssh-clients", host_post_info) 86 | #For install Qemu 2.3. Need to enable extras repo 87 | yum_install_package("qemu-img-ev-2.3.0", host_post_info) 88 | 89 | elif distro == "Debian" or distro == "Ubuntu": 90 | apt_install_packages(["openssh-client"], host_post_info) 91 | apt_install_packages(["qemu-utils"], host_post_info) 92 | 93 | else: 94 | error("unsupported OS!") 95 | 96 | # name: install virtualenv 97 | virtual_env_status = check_and_install_virtual_env(virtualenv_version, trusted_host, pip_url, host_post_info) 98 | if virtual_env_status is False: 99 | command = "rm -rf %s && rm -rf %s" % (virtenv_path, sftp_root) 100 | run_remote_command(command, host_post_info) 101 | sys.exit(1) 102 | 103 | # name: make sure virtualenv has been setup 104 | command = "[ -f %s/bin/python ] || virtualenv %s " % (virtenv_path, virtenv_path) 105 | run_remote_command(command, host_post_info) 106 | 107 | # name: add public key 108 | authorized_key("root", current_dir + "/id_rsa.sftp.pub", host_post_info) 109 | 110 | # name: copy zstacklib 111 | copy_arg = CopyArg() 112 | copy_arg.src = "files/zstacklib/%s" % pkg_zstacklib 113 | copy_arg.dest = "%s/%s" % (sftp_root, pkg_zstacklib) 114 | zstacklib_copy_result = copy(copy_arg, host_post_info) 115 | 116 | # name: install zstacklib 117 | if zstacklib_copy_result != "changed:False": 118 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 119 | agent_install_arg.agent_name = "zstacklib" 120 | agent_install_arg.agent_root = sftp_root 121 | agent_install_arg.pkg_name = pkg_zstacklib 122 | agent_install(agent_install_arg, host_post_info) 123 | 124 | # name: copy sftp 125 | copy_arg = CopyArg() 126 | copy_arg.src = "%s/%s" % (file_root, pkg_sftpbackupstorage) 127 | copy_arg.dest = "%s/%s" % (sftp_root, pkg_sftpbackupstorage) 128 | sftp_copy_result = copy(copy_arg, host_post_info) 129 | 130 | # name: copy sftp backup storage service file -- by diwen 131 | # copy_arg = CopyArg() 132 | # copy_arg.src = "%s/zstack-sftpbackupstorage" % file_root 133 | # copy_arg.dest = "/etc/init.d/" 134 | # copy_arg.args = "mode=755" 135 | # copy(copy_arg, host_post_info) 136 | 137 | # name: install sftp 138 | if sftp_copy_result != "changed:False": 139 | agent_install_arg = AgentInstallArg(trusted_host, pip_url, virtenv_path, init_install) 140 | agent_install_arg.agent_name = "sftpbackupstorage" 141 | agent_install_arg.agent_root = sftp_root 142 | agent_install_arg.pkg_name = pkg_sftpbackupstorage 143 | agent_install(agent_install_arg, host_post_info) 144 | 145 | # name: restart sftp 146 | if chroot_env == 'false': 147 | if distro == "RedHat" or distro == "CentOS": 148 | # some users meet restart can't work on their system 149 | command = "systemctl stop zstack-sftpbackupstorage && systemctl start zstack-sftpbackupstorage" # by diwen 150 | elif distro == "Debian" or distro == "Ubuntu": 151 | command = "systemctl stop zstack-sftpbackupstorage && systemctl start zstack-sftpbackupstorage" # by diwen 152 | run_remote_command(command, host_post_info) 153 | 154 | host_post_info.start_time = start_time 155 | handle_ansible_info("SUCC: Deploysftpbackupstorage agent successful", host_post_info, "INFO") 156 | sys.exit(0) 157 | -------------------------------------------------------------------------------- /roles/zk_repair_code/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is CentOS task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 7 8 | 9 | # ---------- 10 | # Below for repair some bugs 11 | 12 | # In ansible 2.1.1.0 version, 13 | # donnot has 'to_str' func in /usr/local/lib/python2.7/dist-packages/ansible/utils/unicode.py, 14 | # but /usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py also uses the 'to_str' func, 15 | # we must change 'to_str' to 'to_bytes' !!! 16 | # - name: repair python ansible module bug 17 | # replace: 18 | # dest=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py 19 | # regexp='to_str' 20 | # replace='to_bytes' 21 | # mode=644 22 | # backup=yes 23 | # when: ansible_distribution == 'Ubuntu' 24 | # 25 | # - name: repair python ansible bug to del pyc file 26 | # file: name=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.pyc state=absent 27 | # when: ansible_distribution == 'Ubuntu' 28 | 29 | # In Ubuntu 8, repair smome zstack bugs 30 | - name: repair zstack kvm code 31 | copy: 32 | src=kvm.py 33 | dest="{{ item }}" 34 | owner={{ zstack_user }} 35 | group={{ zstack_user }} 36 | mode=644 37 | backup=yes 38 | with_items: 39 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/kvm/kvm.py" 40 | - "/usr/local/zstack/ansible/files/kvm/kvm.py" 41 | 42 | - name: repair zstack sftpbackupstorage code 43 | copy: 44 | src=sftpbackupstorage.py 45 | dest="{{ item }}" 46 | owner={{ zstack_user }} 47 | group={{ zstack_user }} 48 | mode=644 49 | backup=yes 50 | with_items: 51 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/sftpbackupstorage/sftpbackupstorage.py" 52 | - "/usr/local/zstack/ansible/files/sftpbackupstorage/sftpbackupstorage.py" 53 | 54 | - name: create consoleproxy dir 55 | file: path={{ zstack_licensedir }}/virtualenv/consoleproxy owner={{ zstack_user }} group={{ zstack_user }} mode=0755 state=directory recurse=yes 56 | 57 | - name: install consoleproxy 58 | unarchive: src=consoleproxy-virtualenv.tar.gz dest={{ zstack_licensedir }}/virtualenv/consoleproxy 59 | 60 | - name: repair zstack consoleproxy code 61 | copy: 62 | src=consoleproxy.py 63 | dest="{{ item }}" 64 | owner={{ zstack_user }} 65 | group={{ zstack_user }} 66 | mode=644 67 | backup=yes 68 | with_items: 69 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/consoleproxy/consoleproxy.py" 70 | - "/usr/local/zstack/ansible/files/consoleproxy/consoleproxy.py" 71 | 72 | # ------ end of repair bugs 73 | 74 | 75 | - name: create the backup storage 76 | file: path={{ zstack_backup_dir }} state=directory owner={{ zstack_user }} group={{ zstack_user }} mode=0777 recurse=yes 77 | 78 | # - name: upgrade iproute2 to 4.6 79 | # apt: deb=http://ftp.hk.debian.org/debian/pool/main/i/iproute2/iproute2_4.6.0-4_amd64.deb 80 | 81 | - name: copy zstack tinny image to http server 82 | copy: 83 | src=zstack-image-1.4.qcow2 84 | dest="{{ zstack_http_dir }}" 85 | owner={{ zstack_user }} 86 | group={{ zstack_user }} 87 | mode=644 88 | backup=no 89 | when: trans_tinny_image 90 | 91 | - name: copy zstack virtualrouter image to http server 92 | copy: 93 | src=zstack-virtualrouter-1.1.0.qcow2 94 | dest="{{ zstack_http_dir }}" 95 | owner={{ zstack_user }} 96 | group={{ zstack_user }} 97 | mode=644 98 | backup=no 99 | when: trans_vr_image 100 | 101 | # some tips 102 | - debug: msg="{{ item }}" 103 | with_items: 104 | - "zstack_dashboard: http://{{ ansible_host }}:5000" 105 | - "zstack_file_browser: http://{{ ansible_host }}/image" 106 | - "zstack_http_dir: {{ zstack_http_dir }}" 107 | - "zstack_nfs_dir: {{ zstack_nfs_dir }}" 108 | - "zstack_backup_dir: {{ zstack_backup_dir }}" 109 | 110 | # ------ 111 | # game end 112 | -------------------------------------------------------------------------------- /roles/zk_repair_code/tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Debian task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 8 8 | 9 | # ---------- 10 | # Below for repair some bugs 11 | 12 | # In ansible 2.1.1.0 version, 13 | # donnot has 'to_str' func in /usr/local/lib/python2.7/dist-packages/ansible/utils/unicode.py, 14 | # but /usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py also uses the 'to_str' func, 15 | # we must change 'to_str' to 'to_bytes' !!! 16 | - name: repair python ansible module bug 17 | replace: 18 | dest=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py 19 | regexp='to_str' 20 | replace='to_bytes' 21 | mode=644 22 | backup=yes 23 | when: ansible_distribution == 'Debian' 24 | 25 | - name: repair python ansible bug to del pyc file 26 | file: name=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.pyc state=absent 27 | when: ansible_distribution == 'Debian' 28 | 29 | # In Debian 8, repair smome zstack bugs 30 | - name: repair zstack kvm code 31 | copy: 32 | src=kvm.py 33 | dest="{{ item }}" 34 | owner={{ zstack_user }} 35 | group={{ zstack_user }} 36 | mode=644 37 | backup=yes 38 | with_items: 39 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/kvm/kvm.py" 40 | - "/usr/local/zstack/ansible/files/kvm/kvm.py" 41 | 42 | - name: repair zstack sftpbackupstorage code 43 | copy: 44 | src=sftpbackupstorage.py 45 | dest="{{ item }}" 46 | owner={{ zstack_user }} 47 | group={{ zstack_user }} 48 | mode=644 49 | backup=yes 50 | with_items: 51 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/sftpbackupstorage/sftpbackupstorage.py" 52 | - "/usr/local/zstack/ansible/files/sftpbackupstorage/sftpbackupstorage.py" 53 | 54 | - name: create consoleproxy dir 55 | file: path={{ zstack_licensedir }}/virtualenv/consoleproxy owner={{ zstack_user }} group={{ zstack_user }} mode=0755 state=directory recurse=yes 56 | 57 | - name: install consoleproxy 58 | unarchive: src=consoleproxy-virtualenv.tar.gz dest={{ zstack_licensedir }}/virtualenv/consoleproxy 59 | 60 | - name: repair zstack consoleproxy code 61 | copy: 62 | src=consoleproxy.py 63 | dest="{{ item }}" 64 | owner={{ zstack_user }} 65 | group={{ zstack_user }} 66 | mode=644 67 | backup=yes 68 | with_items: 69 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/consoleproxy/consoleproxy.py" 70 | - "/usr/local/zstack/ansible/files/consoleproxy/consoleproxy.py" 71 | 72 | # ------ end of repair bugs 73 | 74 | 75 | - name: create the backup storage 76 | file: path={{ zstack_backup_dir }} state=directory owner={{ zstack_user }} group={{ zstack_user }} mode=0777 recurse=yes 77 | 78 | - name: upgrade iproute2 to 4.6 79 | apt: deb=http://ftp.hk.debian.org/debian/pool/main/i/iproute2/iproute2_4.6.0-4_amd64.deb 80 | 81 | - name: copy zstack tinny image to http server 82 | copy: 83 | src=zstack-image-1.4.qcow2 84 | dest="{{ zstack_http_dir }}" 85 | owner={{ zstack_user }} 86 | group={{ zstack_user }} 87 | mode=644 88 | backup=no 89 | when: trans_tinny_image 90 | 91 | - name: copy zstack virtualrouter image to http server 92 | copy: 93 | src=zstack-virtualrouter-1.1.0.qcow2 94 | dest="{{ zstack_http_dir }}" 95 | owner={{ zstack_user }} 96 | group={{ zstack_user }} 97 | mode=644 98 | backup=no 99 | when: trans_vr_image 100 | 101 | # some tips 102 | - debug: msg="{{ item }}" 103 | with_items: 104 | - "zstack_dashboard: http://{{ ansible_host }}:5000" 105 | - "zstack_file_browser: http://{{ ansible_host }}/image" 106 | - "zstack_http_dir: {{ zstack_http_dir }}" 107 | - "zstack_nfs_dir: {{ zstack_nfs_dir }}" 108 | - "zstack_backup_dir: {{ zstack_backup_dir }}" 109 | 110 | # ------ 111 | # game end 112 | -------------------------------------------------------------------------------- /roles/zk_repair_code/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - debug: msg="this is Ubuntu task." 4 | 5 | - name: check os version 6 | fail: msg="your system version is {{ ansible_distribution_major_version|int }}, cannot be supported !!" 7 | when: ansible_distribution_major_version|int != 16 8 | 9 | # ---------- 10 | # Below for repair some bugs 11 | 12 | # In ansible 2.1.1.0 version, 13 | # donnot has 'to_str' func in /usr/local/lib/python2.7/dist-packages/ansible/utils/unicode.py, 14 | # but /usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py also uses the 'to_str' func, 15 | # we must change 'to_str' to 'to_bytes' !!! 16 | - name: repair python ansible module bug 17 | replace: 18 | dest=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.py 19 | regexp='to_str' 20 | replace='to_bytes' 21 | mode=644 22 | backup=yes 23 | when: ansible_distribution == 'Ubuntu' 24 | 25 | - name: repair python ansible bug to del pyc file 26 | file: name=/usr/local/lib/python2.7/dist-packages/ansible/errors/__init__.pyc state=absent 27 | when: ansible_distribution == 'Ubuntu' 28 | 29 | # In Ubuntu 8, repair smome zstack bugs 30 | - name: repair zstack kvm code 31 | copy: 32 | src=kvm.py 33 | dest="{{ item }}" 34 | owner={{ zstack_user }} 35 | group={{ zstack_user }} 36 | mode=644 37 | backup=yes 38 | with_items: 39 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/kvm/kvm.py" 40 | - "/usr/local/zstack/ansible/files/kvm/kvm.py" 41 | 42 | - name: repair zstack sftpbackupstorage code 43 | copy: 44 | src=sftpbackupstorage.py 45 | dest="{{ item }}" 46 | owner={{ zstack_user }} 47 | group={{ zstack_user }} 48 | mode=644 49 | backup=yes 50 | with_items: 51 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/sftpbackupstorage/sftpbackupstorage.py" 52 | - "/usr/local/zstack/ansible/files/sftpbackupstorage/sftpbackupstorage.py" 53 | 54 | - name: create consoleproxy dir 55 | file: path={{ zstack_licensedir }}/virtualenv/consoleproxy owner={{ zstack_user }} group={{ zstack_user }} mode=0755 state=directory recurse=yes 56 | 57 | - name: install consoleproxy 58 | unarchive: src=consoleproxy-virtualenv.tar.gz dest={{ zstack_licensedir }}/virtualenv/consoleproxy 59 | 60 | - name: repair zstack consoleproxy code 61 | copy: 62 | src=consoleproxy.py 63 | dest="{{ item }}" 64 | owner={{ zstack_user }} 65 | group={{ zstack_user }} 66 | mode=644 67 | backup=yes 68 | with_items: 69 | - "/usr/local/zstack/apache-tomcat/webapps/zstack/WEB-INF/classes/ansible/consoleproxy/consoleproxy.py" 70 | - "/usr/local/zstack/ansible/files/consoleproxy/consoleproxy.py" 71 | 72 | # ------ end of repair bugs 73 | 74 | 75 | - name: create the backup storage 76 | file: path={{ zstack_backup_dir }} state=directory owner={{ zstack_user }} group={{ zstack_user }} mode=0777 recurse=yes 77 | 78 | # - name: upgrade iproute2 to 4.6 79 | # apt: deb=http://ftp.hk.debian.org/debian/pool/main/i/iproute2/iproute2_4.6.0-4_amd64.deb 80 | 81 | - name: copy zstack tinny image to http server 82 | copy: 83 | src=zstack-image-1.4.qcow2 84 | dest="{{ zstack_http_dir }}" 85 | owner={{ zstack_user }} 86 | group={{ zstack_user }} 87 | mode=644 88 | backup=no 89 | when: trans_tinny_image 90 | 91 | - name: copy zstack virtualrouter image to http server 92 | copy: 93 | src=zstack-virtualrouter-1.1.0.qcow2 94 | dest="{{ zstack_http_dir }}" 95 | owner={{ zstack_user }} 96 | group={{ zstack_user }} 97 | mode=644 98 | backup=no 99 | when: trans_vr_image 100 | 101 | # some tips 102 | - debug: msg="{{ item }}" 103 | with_items: 104 | - "zstack_dashboard: http://{{ ansible_host }}:5000" 105 | - "zstack_file_browser: http://{{ ansible_host }}/image" 106 | - "zstack_http_dir: {{ zstack_http_dir }}" 107 | - "zstack_nfs_dir: {{ zstack_nfs_dir }}" 108 | - "zstack_backup_dir: {{ zstack_backup_dir }}" 109 | 110 | # ------ 111 | # game end 112 | -------------------------------------------------------------------------------- /roles/zk_repair_code/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: check os 3 | debug: msg="os={{ ansible_distribution }} major={{ ansible_distribution_major_version }}" 4 | 5 | - include: "{{ ansible_distribution }}.yml" 6 | -------------------------------------------------------------------------------- /roles/zk_restart_os/handlers/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wangdiwen/zstack-ansible/caefc027be4674e45fa62bbc7a4c1e890fee0525/roles/zk_restart_os/handlers/main.yml -------------------------------------------------------------------------------- /roles/zk_restart_os/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart server 3 | shell: sleep 2 && /sbin/shutdown -r now "Ansible system package upgraded" 4 | async: 1 5 | poll: 0 6 | ignore_errors: true 7 | 8 | - pause: seconds=30 9 | - name: waiting for server to come back 10 | local_action: shell ping -c 1 -w 1 {{ ansible_host }} 11 | # command: uptime 12 | register: result 13 | until: result.rc == 0 14 | retries: 30 15 | delay: 5 16 | 17 | - name: test server already reboot 18 | command: uptime 19 | register: result 20 | 21 | - name: quit this task 22 | fail: msg="server reboot failed!" 23 | when: result.rc != 0 24 | 25 | - name: restart ok 26 | command: echo "restart {{ ansible_distribution }} ok" 27 | -------------------------------------------------------------------------------- /usage.md: -------------------------------------------------------------------------------- 1 | # 使用说明 2 | 3 | - 确保你在Linux/Unix下面工作. 4 | - zstack-ansible通过命令行执行,所以需要你的操作系统已经安装了ansible工具 5 | > sudo pip install ansible 6 | 7 | - 在你的物理服务器上,增加一个用户,并且可以执行无密码sudo指令. 8 | 9 | - 设置你的服务器地址 10 | > 修改ansible.cfg 11 | 12 | - 自定义变量 13 | > 所有安装需要的变量都定义在 host_vars/zk-server 目录下面,你可以根据需要自己进行修改! 14 | 15 | - 执行剧本 16 | 在playbooks下面有2个剧本 17 | 18 | zk_config_sshd.yml:配置安装服务器的sshd端口,允许root访问,设置自定义root密码可以修改ssh_root_pwd变量,根据剧本注释进行操作. 如果你的安装服务器之前没有开启root密码和远程登陆,可以执行该剧本! 否则,不执行改剧本! 19 | 20 | zk_deploy_single.yml: 自动部署zstack到安装服务器,可以自定义剧本中的vars下面的各个变量,zstack_开头的变量请不要改动. 21 | 22 | 23 | > $ ansible-playbook -vv playbooks/zk_config_sshd.yml -c paramiko --extra-vars 'host=zk-server ansible_port=(ssh-old-port)' 24 | 25 | > $ ansible-playbook -vv playbooks/zk_deploy_single.yml -c paramiko --extra-vars 'host=zk-server ansible_port=(ssh-port)' 26 | 27 | 28 | # 部署信息 29 | ``` 30 | 剧本执行过程中,会进行一次重启服务器,需要耐心等待. 31 | 部署结束后,安装服务器上的zstack信息如下: 32 | zstack UI面板:http://xxx:5000 33 | image的文件列表:http://xxx/image 34 | 35 | 如果采用默认zstack_开头的变量配置, 36 | http路径为:/var/www/html/http_root 37 | nfs路径为: /var/www/html/nfs_root 38 | backup存储路径为:/backup_root 39 | ``` 40 | --------------------------------------------------------------------------------