-
Notifications
You must be signed in to change notification settings - Fork 15
/
prechecks.yml
123 lines (104 loc) · 4.33 KB
/
prechecks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
---
# A simple playbook with Tendrl installation pre checks as listed in:
# https://tendrl.atlassian.net/browse/TEN-257
# This playbook doesn't modify machines in any way.
- hosts: localhost
connection: local
tasks:
- name: Check if python dns is installed on ansible control machine
command: python2 -c 'import dns'
register: python2_c_import_dns
changed_when: False
failed_when: python2_c_import_dns.rc > 1
- name: Abort the playbook if python dns is not installed
assert:
that:
- python2_c_import_dns.rc == 0
msg: >
This playbook uses dig lookup module[1], which requires python
dns module[2] installed[3] on ansible control machine (the
machine where you run this ansible playbook from).
[1] https://docs.ansible.com/ansible/latest/playbooks_lookups.html#the-dns-lookup-dig
[2] http://www.dnspython.org/
[3] Fedora package: python2-dns, RHEL 7 package: python-dns
#
# Check requirements for *Tendrl Server* only
#
- hosts: tendrl_server
tags:
- production
user: root
# become: yes
tasks:
# Based on Tendrl Server System Requirements
# From https://github.com/Tendrl/documentation/wiki/Tendrl-release-v1.6.0-(install-guide)#tendrl-server-system-requirements
- name: Assert that hw requirements are met
assert:
that:
- ansible_memtotal_mb >= 3700
- ansible_processor_vcpus >= 4
- name: Check if /var/lib/etcd is a mountpoint
command: mountpoint /var/lib/etcd
register: mountpoint_var_lib_etcd
changed_when: False
failed_when: mountpoint_var_lib_etcd.rc > 1
- name: Assert that /var/lib/etcd is a mount point
assert:
that:
- mountpoint_var_lib_etcd.rc == 0
msg: >
Directory /var/lib/etcd is not a mountpoint.
Ensure that Etcd data directory is located on an separate
dedicated disk which is not being used by any other process
or the OS.
See *Tendrl Server System Requirements* section in the
documentation for more details.
#
# General checks applicable to all machines.
#
- hosts: tendrl_server:gluster_servers
user: root
# become: yes
tasks:
# example of the transforamtion: "7.10.123" -> "10"
- name: Extract minor version number from full ansible_distribution_version
set_fact:
distribution_minor_version: "{{ ansible_distribution_version|regex_replace('[0-9]\\.([0-9]+).*', '\\1') }}"
- name: Check that we run on CentOS or Red Hat Enterprise Linux >= 7.6
assert:
that:
- ansible_distribution == "CentOS" or ansible_distribution == "RedHat"
- ansible_distribution_major_version == '7'
- distribution_minor_version|int >= 6
# Checking that NTP is configured. Based on RHEL 7 *System Administrators
# Guide*.
- name: Run timedatectl to see if NTP is enabled and synchronized
command: timedatectl
changed_when: False
register: timedatectl_run
- name: Check that NTP is enabled
assert:
that:
- '"NTP enabled: yes" in timedatectl_run.stdout'
- name: Check that NTP is synchronized
assert:
that:
- '"NTP synchronized: yes" in timedatectl_run.stdout'
# Check that hostnames are reachable and available via dns
# Note that the dns lookup is performed on the ansible control machine (as
# all ansible lookup plugins are executed locally).
- name: Check that fqdn of the host is available via dns
assert:
that:
- lookup('dig', ansible_fqdn) != 'NXDOMAIN'
# This check doesn't use assert, but expects that getent tool ends with
# nonzero error code when the translation can't be done, so that ansible
# would consider such state as an failure anyway by default.
# And again, the implementation is not very efficient (linear check on
# each machine ... o(n^2)), but here we don't have any other choice: we
# have to make sure that on each machine, we can get an ip address of all
# the others to be sure that the dns is configured right.
- name: Check that the host can get an ip address for all the others
command: getent hosts "{{ hostvars[item]['ansible_fqdn'] }}"
changed_when: False
with_items: "{{ groups['tendrl_server'] + groups['gluster_servers'] }}"