From bcae52f10e28982225c5102e42feed9e7c1f6b67 Mon Sep 17 00:00:00 2001 From: Baptiste Mille-Mathias Date: Tue, 22 Dec 2020 21:37:20 +0100 Subject: [PATCH] initial commit after personal refactoring --- README.md | 190 +++++--------------------- defaults/main.yml | 30 ++-- handlers/main.yml | 20 ++- meta/main.yml | 33 +++-- tasks/iptables.yml | 23 ---- tasks/main.yml | 173 +++++++++++++++++------ templates/seaweedfs-filer.service.j2 | 17 +++ templates/seaweedfs-master.service.j2 | 13 ++ templates/seaweedfs-volume.service.j2 | 15 ++ templates/seaweedfs.service.j2 | 15 -- tests/test.yml | 2 +- vars/main.yml | 53 +------ 12 files changed, 276 insertions(+), 308 deletions(-) delete mode 100644 tasks/iptables.yml create mode 100644 templates/seaweedfs-filer.service.j2 create mode 100644 templates/seaweedfs-master.service.j2 create mode 100644 templates/seaweedfs-volume.service.j2 delete mode 100644 templates/seaweedfs.service.j2 diff --git a/README.md b/README.md index 9536ab3..6796f25 100644 --- a/README.md +++ b/README.md @@ -1,161 +1,39 @@ -egeneralov.seaweedfs -==================== - -Provision installation for [seaweedfs](https://github.com/chrislusf/seaweedfs) - -Requirements ------------- - -Debian. - -Role Variables --------------- - -- **domain**: `weed.domain.tld` -- **weed**: - - **version**: `0.76` - - **bind**: `127.0.0.1` - - **ip**: `127.0.0.1` - - **destination**: `/usr/local/sbin` - - **master**: - - **dir**: `/opt/seaweedfs/{{ domain }}/master` - - **volume**: - - **dir**: `/opt/seaweedfs/{{ domain }}/volume` - - **dataCenter**: `DefaultDataCenter` - - **rack**: `DefaultRack` -- **download_url**: `https://github.com/chrislusf/seaweedfs/releases/download/{{ weed.version }}/{{ ansible_system|lower }}_{{ arch[ansible_architecture] }}.tar.gz` -- **manage_iptables**: `false` - -Example Playbook ----------------- - - --- - - - hosts: weed.domain.tld - gather_facts: no - # no_log: true - vars: - domains: - - weed.domain.tld - - master-weed.domain.tld - tasks: - - - sysctl: - name: "{{ item }}" - value: 1 - sysctl_set: yes - state: present - reload: yes - with_items: - - net.ipv6.conf.lo.disable_ipv6 - - net.ipv6.conf.all.disable_ipv6 - - net.ipv6.conf.default.disable_ipv6 - - - file: - path: /etc/nginx/ssl/ - state: directory - - - apt: - name: - - python-pip - - python-setuptools - - openssl - update_cache: yes - cache_valid_time: 3600 - - - pip: - name: - - setuptools - - pyopenssl - - - openssl_privatekey: - path: "/etc/nginx/ssl/{{ item }}.key" - with_items: "{{ domains }}" - - - openssl_csr: - path: "/etc/nginx/ssl/{{ item }}.csr" - privatekey_path: "/etc/nginx/ssl/{{ item }}.key" - common_name: "{{ item }}" - with_items: "{{ domains }}" - - - openssl_certificate: - path: "/etc/nginx/ssl/{{ item }}.crt" - privatekey_path: "/etc/nginx/ssl/{{ item }}.key" - csr_path: "/etc/nginx/ssl/{{ item }}.csr" - provider: selfsigned - with_items: "{{ domains }}" - - - file: - path: /usr/local/share/ca-certificates/extra - state: directory - - - copy: - remote_src: yes - src: "/etc/nginx/ssl/{{ item }}.crt" - dest: "/usr/local/share/ca-certificates/extra/{{ item }}.crt" - with_items: "{{ domains }}" - register: copy - - - shell: update-ca-certificates - changed_when: copy is changed - - - - - hosts: weed.domain.tld - # no_log: true - vars: - manage_iptables: yes - vhosts: - - domain: "weed.domain.tld" - ssl: true - rewrite_ssl: true - rewrite_www: false - ssl_certificate: /etc/nginx/ssl/weed.domain.tld.crt - ssl_certificate_key: /etc/nginx/ssl/weed.domain.tld.key - root: /opt/seaweedfs/weed.ccbh.tf - client_max_body_size: 100m - locations: - - path: / - type: proxy - schema: "http://" - proxy_to: - - "127.0.0.1:8080" - - domain: "master-weed.domain.tld" - ssl: true - rewrite_ssl: true - rewrite_www: false - ssl_certificate: /etc/nginx/ssl/master-weed.domain.tld.crt - ssl_certificate_key: /etc/nginx/ssl/master-weed.domain.tld.key - root: /opt/seaweedfs/weed.ccbh.tf - client_max_body_size: 100m - locations: - - path: / - type: proxy - schema: "http://" - proxy_to: - - "127.0.0.1:9333" - domain: weed.domain.tld - weed: - version: 0.76 - destination: /usr/local/sbin - master: - dir: "/opt/seaweedfs/{{ domain }}/master" - volume: - dir: "/opt/seaweedfs/{{ domain }}/volume" - dataCenter: "fra1" - rack: "rack1" - roles: - - egeneralov.sshd_config - - egeneralov.iptables - - egeneralov.seaweedfs - - egeneralov.nginx - -License -------- +# Ansible Role: seaweedfs + +Provision installation for [seaweedfs](https://github.com/chrislusf/seaweedfs) a distributed object storage. +It installs the components master, volume and filer. +This role was based on the work of egeneralov.seaweedfs + +## Requirements + +None + +## Role Defaults Variables + + weed.version: '2.10' + weed.bind: 0.0.0.0 + weed.ip: "{{ ansible_default_ipv4.address }}" + weed.location: /usr/local/sbin # where the binary weed is installed + weed.user.name: seaweed + weed.user.uid: + weed.user.gid: + weed.defaultReplication: "002" + weed.master.port: 9333 + weed.master.dir: "/opt/seaweedfs/{{ domain }}/master" + weed.volume.port: 8080 + weed.volume.dir: "/opt/seaweedfs/{{ domain }}/volume" + weed.volume.dataCenter: DefaultDataCenter + weed.volume.rack: DefaultRack + weed.volume.max_volumes: 16 + weed.filer.port: 8889 + weed.filer.dir: "/opt/seaweedfs/{{ domain }}/filer" + weed.filer.encryptData: false + +## License MIT -Author Information ------------------- +## Author Information Eduard Generalov +Baptiste Mille-Mathias diff --git a/defaults/main.yml b/defaults/main.yml index 4016058..98222f6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,5 @@ --- -# defaults file for egeneralov.seaweedfs +# defaults file for bmillemathias.seaweedfs arch: x86_64: amd64 @@ -7,18 +7,32 @@ arch: domain: weed.domain.tld -weed: - version: 0.76 - bind: 127.0.0.1 - ip: 127.0.0.1 - destination: /usr/local/sbin +default_weed: + # version has to be quoted, else the the value will be treated as float and + # trailing zeros may be trimmed. + version: '2.10' + bind: 0.0.0.0 + ip: "{{ ansible_default_ipv4.address }}" + location: /usr/local/sbin + user: + name: seaweed + uid: + gid: + # defaultReplication is set by a triplet + # 002 => 2 replicas in the same rack + defaultReplication: "002" master: + port: 9333 dir: "/opt/seaweedfs/{{ domain }}/master" volume: + port: 8080 dir: "/opt/seaweedfs/{{ domain }}/volume" dataCenter: DefaultDataCenter rack: DefaultRack + max_volumes: 16 + filer: + port: 8889 + dir: "/opt/seaweedfs/{{ domain }}/filer" + encryptData: false download_url: "https://github.com/chrislusf/seaweedfs/releases/download/{{ weed.version }}/{{ ansible_system|lower }}_{{ arch[ansible_architecture] }}.tar.gz" - -manage_iptables: false diff --git a/handlers/main.yml b/handlers/main.yml index 41b8260..8d43f34 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,2 +1,20 @@ --- -# handlers file for egeneralov.seaweedfs \ No newline at end of file +# handlers file for bmillemathias.seaweedfs + +- name: restart seaweedfs-master.service + systemd: + name: seaweedfs-master.service + state: "{% if weed_download.changed or weed_master_service_file.changed %}restarted{% else %}started{% endif %}" + daemon_reload: "{% if weed_master_service_file.changed %}yes{% else %}no{% endif %}" + +- name: restart seaweedfs-volume.service + systemd: + name: seaweedfs-volume.service + state: "{% if weed_download.changed or weed_volume_service_file.changed %}restarted{% else %}started{% endif %}" + daemon_reload: "{% if weed_volume_service_file.changed %}yes{% else %}no{% endif %}" + +- name: restart seaweedfs-filer.service + systemd: + name: seaweedfs-filer.service + state: "{% if weed_download.changed or weed_filer_service_file.changed %}restarted{% else %}started{% endif %}" + daemon_reload: "{% if weed_filer_service_file.changed %}yes{% else %}no{% endif %}" diff --git a/meta/main.yml b/meta/main.yml index 772e078..c219eac 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,17 +1,30 @@ +--- +dependencies: [] + galaxy_info: - author: Eduard Generalov - description: Provision installation for seaweedfs + role_name: seaweedfs + author: Baptiste Mille-Mathias + description: Provision installation for seaweedfs initially created by Eduard Generalov license: MIT - min_ansible_version: 2.4 + min_ansible_version: 2.6 github_branch: master - issue_tracker_url: https://github.com/egeneralov/seaweedfs + issue_tracker_url: https://github.com/bmillemathias/ansible-role-seaweedfs/issues platforms: - - name: Debian - versions: - - stretch + - name: EL + versions: + - all + - name: Fedora + versions: + - all + - name: Debian + versions: + - all + - name: Ubuntu + versions: + - all galaxy_tags: - seaweedfs - - weed - -dependencies: [] + - cloud + - storage +... diff --git a/tasks/iptables.yml b/tasks/iptables.yml deleted file mode 100644 index 25d4de3..0000000 --- a/tasks/iptables.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -- name: "iptables: Allow new incoming connections to {{ port }}" - iptables: - chain: INPUT - protocol: tcp - source: "{{ ips }}" - destination_port: "{{ port }}" - ctstate: NEW,ESTABLISHED - jump: ACCEPT - comment: "Allow new incoming connections to {{ port }}" - with_items: "{{ ansible_all_ipv4_addresses }}" - loop_control: - loop_var: ips - -- name: "iptables: Allow {{ port }} ESTABLISHED connections" - iptables: - chain: OUTPUT - protocol: tcp - source_port: "{{ port }}" - ctstate: ESTABLISHED - jump: ACCEPT - comment: "Allow {{ port }} ESTABLISHED connections" diff --git a/tasks/main.yml b/tasks/main.yml index 0f0a030..ce26470 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,58 +1,147 @@ --- -# tasks file for egeneralov.seaweedfs - -- name: "assert if {{ weed.version }} is supported by role" - assert: - that: - - "weed.version in weed_supported_versions" - fail_msg: "{{ weed.version }} is not supported version" - success_msg: "Provisioning seaweedfs=={{ weed.version }}" - -- include_tasks: iptables.yml - when: manage_iptables - loop_control: - loop_var: port - with_items: - - 1933 - - 9333 - - 8080 - -- name: Ensure tar installed - apt: +- name: merge variables passed to role and the defaults + set_fact: + weed: "{{ default_weed | combine(weed) }}" + +- name: "check the release {{ weed.version }} exists on GitHub" + uri: + url: "https://api.github.com/repos/chrislusf/seaweedfs/releases/tags/{{ weed.version }}" + run_once: true + delegate_to: localhost + check_mode: false + +- name: define seaweed master host if not done + add_host: + hostname: "{{ groups['all'][0] }}" + groups: weed_master + when: groups['weed_master'] is not defined + +- name: define seaweed filer host if not done + add_host: + hostname: "{{ groups['all'][0] }}" + groups: weed_filer + when: groups['weed_filer'] is not defined + +- name: gather fact from weed masters + setup: + delegate_to: "{{ item }}" + loop: "{{ groups['weed_master'] }}" + +- name: gather fact from weed filers + setup: + delegate_to: "{{ item }}" + loop: "{{ groups['weed_filer'] }}" + +- name: ensure tools are installed + package: name: - tar - gzip - update_cache: yes - cache_valid_time: 3600 +- name: create seaweedfs user + user: + name: seaweed + shell: /bin/false + system: true + create_home: false -- name: Download weed +- name: Download seaweed archive unarchive: src: "{{ download_url }}" - dest: "{{ weed.destination }}" + dest: "{{ weed.location }}" remote_src: yes register: weed_download +- name: check correct weed version is installed + command: + cmd: weed version + register: weed_installed_version + failed_when: weed_installed_version.stdout.split()[2] is version(weed.version, '<>') + +- name: configure master server + when: "'weed_master' in group_names" + block: + - name: Ensure master datapath exists + file: + path: "{{ weed.master.dir }}" + state: directory + owner: "{{ weed.user.name }}" + mode: "700" + + - name: place seaweedfs-master.service file + template: + src: seaweedfs-master.service.j2 + dest: /etc/systemd/system/seaweedfs-master.service + mode: 0444 + register: weed_master_service_file + notify: + - restart seaweedfs-master.service + + - name: manage seaweedfs-master.service runtime + systemd: + name: seaweedfs-master.service + enabled: true + state: started + daemon_reload: true + + - name: check master port is opened + wait_for: + port: "{{ weed.master.port | int }}" + timeout: 30 + +- name: configure volume server + block: + - name: Ensure volume datapath exists + file: + path: "{{ weed.volume.dir }}" + state: directory + owner: "{{ weed.user.name }}" + mode: "700" + + - name: place seaweedfs-volume.service file + template: + src: seaweedfs-volume.service.j2 + dest: /etc/systemd/system/seaweedfs-volume.service + mode: 0444 + register: weed_volume_service_file + + - name: manage seaweedfs-volume.service runtime + systemd: + name: seaweedfs-volume.service + enabled: true + state: started + daemon_reload: true -- name: Ensure datapath exist - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ weed.master.dir }}" - - "{{ weed.volume.dir }}" + - name: check volume port is opened + wait_for: + port: "{{ weed.volume.port | int }}" + timeout: 30 +- name: configure filer server + when: "'weed_filer' in group_names" + block: + - name: Ensure filer datapath exists + file: + path: "{{ weed.filer.dir }}" + state: directory + owner: "{{ weed.user.name }}" + mode: "700" -- name: place seaweedfs.service - template: - src: seaweedfs.service.j2 - dest: /etc/systemd/system/seaweedfs.service - register: weed_service + - name: place seaweedfs-filer.service file + template: + src: seaweedfs-filer.service.j2 + dest: /etc/systemd/system/seaweedfs-filer.service + mode: 0444 + register: weed_filer_service_file + - name: manage seaweedfs-filer.service runtime + systemd: + name: seaweedfs-filer.service + enabled: true + state: started + daemon_reload: true -- name: manage seaweedfs.service runtime - systemd: - name: seaweedfs.service - state: "{% if weed_download.changed or weed_service.changed %}restarted{% else %}started{% endif %}" - daemon_reload: "{% if weed_service.changed %}yes{% else %}no{% endif %}" - register: some + - name: check filer port is opened + wait_for: + port: "{{ weed.filer.port | int }}" + timeout: 30 diff --git a/templates/seaweedfs-filer.service.j2 b/templates/seaweedfs-filer.service.j2 new file mode 100644 index 0000000..f61adda --- /dev/null +++ b/templates/seaweedfs-filer.service.j2 @@ -0,0 +1,17 @@ +[Unit] +Description=SeaweedFS filer +After=network.target + +[Service] +Type=simple +Restart=always +ExecStart={{ weed.location }}/weed filer -port {{ weed.filer.port }} -ip.bind {{ weed.bind }} -ip {{ weed.ip }} \ + -s3 {% if weed.filer.encryptData %}--encryptVolumeData {% endif %}-master {% for node in groups['weed_master'] %}{{ hostvars[node].ansible_default_ipv4.address }}:{{ weed.master.port }}{%if not loop.last %},{% endif %}{% endfor %} \ + -dataCenter={{ weed.volume.dataCenter | default('DefaultDataCenter') }} -rack={{ weed.volume.rack | default('DefaultRack') }} +User={{ weed.user.name }} +# As to set WorkingDirectory because there is no directory options +# bug: https://github.com/chrislusf/seaweedfs/issues/1659 +WorkingDirectory={{ weed.filer.dir }} + +[Install] +WantedBy=multi-user.target diff --git a/templates/seaweedfs-master.service.j2 b/templates/seaweedfs-master.service.j2 new file mode 100644 index 0000000..5ddca41 --- /dev/null +++ b/templates/seaweedfs-master.service.j2 @@ -0,0 +1,13 @@ +[Unit] +Description=SeaweedFS master +After=network.target + +[Service] +Type=simple +Restart=always +ExecStart={{ weed.location }}/weed master -ip.bind {{ weed.bind }} -ip {{ weed.ip }} \ + -mdir {{ weed.master.dir }} -defaultReplication {{ weed.defaultReplication }} +User={{ weed.user.name }} + +[Install] +WantedBy=multi-user.target diff --git a/templates/seaweedfs-volume.service.j2 b/templates/seaweedfs-volume.service.j2 new file mode 100644 index 0000000..c9c4f63 --- /dev/null +++ b/templates/seaweedfs-volume.service.j2 @@ -0,0 +1,15 @@ +[Unit] +Description=SeaweedFS volume +After=network.target + +[Service] +Type=simple +Restart=always +ExecStart={{ weed.location }}/weed volume -publicUrl http://{{ domain }} -max {{ weed.volume.max_volumes }} \ + -ip.bind {{ weed.bind }} -ip {{ weed.ip }} -dir {{ weed.volume.dir }} \ + -mserver {% for host in groups['weed_master'] %}{{ hostvars[host].ansible_default_ipv4.address }}:{{ weed.master.port }}{%if not loop.last %},{% endif %}{% endfor %} \ + -dataCenter {{ weed.volume.dataCenter | default('DefaultDataCenter') }} -rack {{ weed.volume.rack | default('DefaultRack') }} +User={{ weed.user.name }} + +[Install] +WantedBy=multi-user.target diff --git a/templates/seaweedfs.service.j2 b/templates/seaweedfs.service.j2 deleted file mode 100644 index 4e2ce70..0000000 --- a/templates/seaweedfs.service.j2 +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=SeaweedFS {{ weed.version }} -After=network.target - - -[Service] -Type=simple -Restart=always - -ExecStart={{ weed.destination }}/weed server -volume.publicUrl=http://{{ domain }} -volume.max 17 -ip.bind 127.0.0.1 -master.dir {{ weed.master.dir }} -dir {{ weed.volume.dir }} -ip 127.0.0.1 -dataCenter={{ weed.volume.dataCenter | default('DefaultDataCenter') }} -rack={{ weed.volume.rack | default('DefaultRack') }} - - -[Install] -WantedBy=multi-user.target - diff --git a/tests/test.yml b/tests/test.yml index 425cb68..0eb8401 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -2,4 +2,4 @@ - hosts: seaweedfs remote_user: root roles: - - egeneralov.seaweedfs + - bmillemathias.seaweedfs diff --git a/vars/main.yml b/vars/main.yml index cd34386..dff995d 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,53 +1,2 @@ --- -# vars file for egeneralov.seaweedfs - - -weed_supported_versions: - - v0.69 - - v0.70beta - - 0.72 - - 0.72.release - - 0.73 - - 0.74 - - 0.75 - - 0.76 - - 0.77 - - 0.90 - - 0.91 - - 0.92 - - 0.93 - - 0.94 - - 0.95 - - 0.96 - - 0.97 - - 0.98 - - 0.99 - - 1.00 - - 1.01 - - 1.02 - - 1.03 - - 1.04 - - 1.05 - - 1.06 - - 1.07 - - 1.08 - - 1.09 - - 1.10 - - 1.11 - - 1.12 - - 1.14 - - 1.15 - - 1.16 - - 1.17 - - 1.18 - - 1.19 - - 1.20 - - 1.21 - - 1.22 - - 1.23 - - 1.24 - - 1.25 - - 1.26 - - 1.27 - - 1.28 - +# vars file for bmillemathias.seaweedfs