diff --git a/deploy/main.yml b/deploy/main.yml index cebad07..a061593 100644 --- a/deploy/main.yml +++ b/deploy/main.yml @@ -1,23 +1,15 @@ --- - name: Configure compute nodes hosts: compute roles: - - role: common -# - role: slurm - - role: collectd - conf_file: compute.conf - ctrl_leds: false + - role: common + #- role: slurm + - role: collectd # tasks: # - include: roles/slurm/tasks/client.yml -- name: Configure admin nodes - hosts: admin +- name: Frontal + hosts: frontal roles: - - role: common -# - role: slurm - - role: collectd - conf_file: admin.conf - ctrl_leds: true -# tasks: -# - include: roles/slurm/tasks/server.yml - + - role: common + - role: frontal diff --git a/deploy/roles/collectd/tasks/main.yml b/deploy/roles/collectd/tasks/main.yml index 670715d..af256bf 100644 --- a/deploy/roles/collectd/tasks/main.yml +++ b/deploy/roles/collectd/tasks/main.yml @@ -1,37 +1,38 @@ --- # Packages - apt: name="{{ item }}" with_items: - - collectd-core - - libpython2.7 - - lm-sensors + - collectd-core + - libpython2.7 + - lm-sensors -- apt: - name="{{ item }}" +- name: Only for controller + block: + - apt: + name="{{ item }}" + with_items: + - python-serial + - template: + src: demo.py + dest: /root/demo.py + mode: 0755 when: ctrl_leds - with_items: - - python-serial # Configuration - name: Collectd configuration - template: - src: "{{ conf_file }}" - dest: /etc/collectd/collectd.conf - mode: 0644 - notify: restart collectd - -# Python module -- name: Python module for LEDs - template: - src: leds.py - dest: /etc/collectd/leds.py - mode: 0644 - notify: restart collectd - -- name: Python demo script for LEDs - template: - src: demo.py - dest: /root/demo.py - mode: 0755 - when: ctrl_leds + block: + - debug: + var: ctrl_leds + - template: + src: "{{ 'admin.conf' if ctrl_leds else 'compute.conf' }}" + dest: /etc/collectd/collectd.conf + mode: 0644 + notify: restart collectd + - template: + src: leds.py + dest: /etc/collectd/leds.py + mode: 0644 + notify: restart collectd + + diff --git a/deploy/roles/collectd/vars/main.yaml b/deploy/roles/collectd/vars/main.yaml new file mode 100644 index 0000000..3cfead7 --- /dev/null +++ b/deploy/roles/collectd/vars/main.yaml @@ -0,0 +1,3 @@ +--- +# file: roles/collectd/vars/main.yml +ctrl_leds: "{{ controller | default(false) }}" diff --git a/deploy/roles/common/tasks/main.yml b/deploy/roles/common/tasks/main.yml index d2990d5..2485d12 100644 --- a/deploy/roles/common/tasks/main.yml +++ b/deploy/roles/common/tasks/main.yml @@ -1,25 +1,29 @@ --- # Packages - apt: name: "{{ item }}" #update_cache: yes with_items: - htop - iotop - iftop - iperf - screen - vim - tcpdump - ntp - qtbase5-dev + - emacs-nox # SSH Keys - name: SSH Keys for root authorized_key: user=root key="{{ item }}" with_items: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCg4sLDXRNWUuF3Fx4rxeQ5u9F5MbjFggCdiQSorACh2yLMsFwj1MenWJRN5LRwmyciKGQbNwdZTqA/Oh5dsXgY7liYNWeHhagu9/DnXcs8Rtv9qXabazf7Rkqftz793pVJm8eK53vfPlckN5Jg4vYFcgIaX6qXn5KbMbfK1Zc8/urLNZM7ywByXPrDEV2X8px6BPNaldXFOO+4hvmxLufKEDf9iROMveDjcgGOU9hlNiTTeTQwD1Q+6QpKVxLNYbFTggICYWCIMmHZR9hsI0y/8EU5fMB/T7dLtVXyCuwpc2Y3ycdOMA+FEooV6tveC6RLuUA35vs32MdAcwCe4aCB rorist@blackeye" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+YXgLj0Yy4B2CT1MTIo5T5k61WvvGDHeDMqd+hxIfhNnJUpqeJ8B7s6JyWS3c1pk7djcie0ozHKRzCkEocwre1wgFvYc3pfuuKYwS50/OOwoNHwO8Yz12M6DMnGD8Q4FjjQrUx6GE2i/NtX9grlzqC8pe2qyg8szdmGrdx95+5Cej57e9iE4xH+9/X4kvO4qy8/RWWcpe6gdhyk+rlonO3GLakAHHhwuwit151KxJGD9qjW9+G9iQWTH9+IlCoHOtD9wYbNG5x117NhRTPVKc4UShKttmJ7DQ2dofXUfIEXSNSnHVnhyHosr32fG0+a1l7gAgXNvGtJbHjSYd+d3J aubort@pleiad" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtugT/NP/HYCMJ0QfLFqASBHiYtHMIlxGsCtMCNgCkxMwjbSCH06/dGRhq9MX5TgL/LUcxIRUP4Mw7GQEHtXxwIo+RfNwStoNYV4VAsxiXZy0maBbWWIxVsaaE5fvhRE84rpqAcWJo9JaoTF08gG8GvlTEa7pnOMqboRrQTl/0AVLDyzFEEWqxdZVNT/RAB9pZ/rikPg2ba0XvL7geZ8fyF/D7XBi5kuD8gAyjf//i/MHEX43FWJV59xyQFPddYqJSsFc4UaJaYyX3fJWByDk6Bda8pPMxnGLzKGwUnouwWLoJa0kkHlFB43uRqKmKNQmL4fGXnLCZqwUuvhd7qs/mBh4B4MIiRFt3KQmNRHfcVVY1U1z+7cqnN2S//u2jhM/ONkxVXxWfGmG+SC4asvBsmvxnDQHkg0WvNDabsiyzee7i+epbR/hINEYTthMqgeQYNW567l+xBKglcrVy8I8Cb9KDUzkha87BAxBcsbOuHyQhzGQniGxGPjEPS2jyKs5XXIJ4w92FembB1i3P/RZWs5UAfMV8cejEv2CEBOT9w1casLRmMuY7gKTlXwp2hgExQwZ9T8zJ5saViNEwQc7eya6oY2Jsoiyid5j9YAREvsoHGJv7SYfTqJLeYImn4VB2dk/+GpH3tVB3KO89DaALVH8G3u2hzf7xals31v4ugQ== ricardo.silva@epfl.ch" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDUgK6gZ+bIbRDEeA+pe6Uf3nvMPXXgsonJnQLgz6uO7dpS7//Zla377Yc/hj3eNzI3GOcal1F0et73gPxVP24auF34qUfebcz12puHqS3y+60HK+pWxPNpfdyJu1VIQSm19mbJTeoArW+3ihDlRJk9CmreHnPjyG4PEeoFB3Qk38417UcGhdMxO2QoqaRwUytjMssyZCIuaEn+Pd/0/RyyZ6xojF1fQs3Zy33ZGYhv0X9NIqpymgcx6XZqOrn39zXWB3IagYg1G1w57uCjnZAMzmMXsKuqG7hqyjK3GJwp3rO4u0BZCdQqmNofZo5BU9jFtbP6jlWgqWe4F4Rdv07I/a1vJY87+DCCCjPG6l9W8VFUS8/7+N+5XGvMnX47n82YWnYjN7SP5NUmHxCK+d2R9lH8GDMe7siQb2V0H3/baOXTLpsiyJbCyUyS9ZnIefzas8Qy++CN5El2TU5V4t2pzMwUuNHQVk2I/YSPDcioxuVGJEmUMqB0SX344SOTnYQFNcj9+jy1a/FELMxRZzY7ZzBH/bGx2oCFE7q0HoQpcU2I2JVfCK1LRtfVS1hWppdfEw+Qp2kMWYES4ZZE9KdKWeOjNF1Vz+hlZszziCNBFrwhFuiLIvDASc+GdHvQFY3rJC9qMogdknMtaCoxIrDQq3M+RHb0CEg1/o8nZcqr/SSXO7JOBIUuBOfK5rQyqYD4LzTmVTyUGvThhRsjm2UH76cC46x3ZDG5mcfka4lHoGnNkorSY3OvlbEXNFD2nnVZCqyftMsIlsNGmOXU+lKwfHultvCS8NRfFjGq2fJmDUWK7GN/oI9yqJ3XWh+xmwtoedZX4tgZW0JHb2TF9PqJspomYwCTUOni1OryZ9DMq6P01NRGUAkoA/TIs0cWtyb4u8KOMqQyhRyOcn1BilMXI2IXFHfu9Ug5yqimmmV5YrWWmCeNrRPBguO6Fiu5FWVimLFCFcw6M9L6sFt8h8L+EbWG8AtVcxvONmHcuHe1/Jty6lvw+i+6v5ptF8TW4eKmEGvAfeK0mfjTbIx00HGR18zdjELmysifOMlB1QFL8fAP52mUY08EXh6QJW8pmC3NYfHmlRfJjlthrGyiRVu0XHHStFiYolbMwHmkSncsvsQGHJxkiDMKQG7iL4+AiULNkSWZk0A08jnKzuEUU0Xnvw0gU8lTeL7Jj8H3oW8jnTvviKA7z7MI5pP4r+d9uFq7/3nbu4OWknK235AbmBY2mVfLp/3ja7b15qtd8sjTtFjToY6zTb8G6sV2eQKsAxGbw4bedqOSZljL9gDxQfeLYMCxo8whkbu9GBIIveZyeBEFyBH2Ja6s71iRWPllFlfIX4OM8j5hAM/gpI8ppmkj clusters" + - hostname: - name: "{{ inventory_hostname }}" \ No newline at end of file + name: "{{ inventory_hostname }}" diff --git a/deploy/roles/frontal/files/boot/firmware/cmdline.txt b/deploy/roles/frontal/files/boot/firmware/cmdline.txt new file mode 100755 index 0000000..f52840b --- /dev/null +++ b/deploy/roles/frontal/files/boot/firmware/cmdline.txt @@ -0,0 +1 @@ +console=tty0 console=ttyS1,115200 root=/dev/mmcblk0p2 rw elevator=deadline fsck.repair=yes rootwait diff --git a/deploy/roles/frontal/files/etc/dhcp/dhclient.conf b/deploy/roles/frontal/files/etc/dhcp/dhclient.conf new file mode 100644 index 0000000..d125a6c --- /dev/null +++ b/deploy/roles/frontal/files/etc/dhcp/dhclient.conf @@ -0,0 +1,54 @@ +# Configuration file for /sbin/dhclient. +# +# This is a sample configuration file for dhclient. See dhclient.conf's +# man page for more information about the syntax of this file +# and a more comprehensive list of the parameters understood by +# dhclient. +# +# Normally, if the DHCP server provides reasonable information and does +# not leave anything out (like the domain name, for example), then +# few changes must be made to this file, if any. +# + +option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; + +send host-name = gethostname(); +request subnet-mask, broadcast-address, time-offset, routers, + domain-name, domain-name-servers, domain-search, host-name, + dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, + netbios-name-servers, netbios-scope, interface-mtu, + rfc3442-classless-static-routes, ntp-servers; + +#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; +#send dhcp-lease-time 3600; +supersede domain-name "agamemnon.hpc.epfl.ch"; +prepend domain-name-servers 127.0.0.1; +#require subnet-mask, domain-name-servers; +#timeout 60; +#retry 60; +#reboot 10; +#select-timeout 5; +#initial-interval 2; +#script "/sbin/dhclient-script"; +#media "-link0 -link1 -link2", "link0 link1"; +#reject 192.33.137.209; + +#alias { +# interface "eth0"; +# fixed-address 192.5.5.213; +# option subnet-mask 255.255.255.255; +#} + +#lease { +# interface "eth0"; +# fixed-address 192.33.137.200; +# medium "link0 link1"; +# option host-name "andare.swiftmedia.com"; +# option subnet-mask 255.255.255.0; +# option broadcast-address 192.33.137.255; +# option routers 192.33.137.250; +# option domain-name-servers 127.0.0.1; +# renew 2 2000/1/12 00:00:01; +# rebind 2 2000/1/12 00:00:01; +# expire 2 2000/1/12 00:00:01; +#} diff --git a/deploy/roles/frontal/files/etc/dnsmasq.d/cluster-conf b/deploy/roles/frontal/files/etc/dnsmasq.d/cluster-conf new file mode 100644 index 0000000..1971b33 --- /dev/null +++ b/deploy/roles/frontal/files/etc/dnsmasq.d/cluster-conf @@ -0,0 +1,51 @@ +# Never forward plain names (without a dot or domain part) +domain-needed + +# Never forward addresses in the non-routed address spaces. +bogus-priv + + +# If you want dnsmasq to listen for DHCP and DNS requests only on +# specified interfaces (and the loopback) give the name of the +# interface (eg eth0) here. +# Repeat the line for more than one interface. +interface=lo +interface=enxb827ebbb7f89 + +# Add other name servers here, with domain specs if they are for +# non-public domains. +#server=128.178.15.7 +#server=128.178.15.8 + +# Set this (and domain: see below) if you want to have a domain +# automatically added to simple names in a hosts-file. +expand-hosts + +# Set the domain for dnsmasq. this is optional, but if it is set, it +# does the following things. +# 1) Allows DHCP hosts to have fully qualified domain names, as long +# as the domain part matches this setting. +# 2) Sets the "domain" DHCP option thereby potentially setting the +# domain of all systems configured by DHCP +# 3) Provides the domain part for "expand-hosts" +domain=agamemnon.hpc.epfl.ch + +# Uncomment this to enable the integrated DHCP server, you need +# to supply the range of addresses available for lease and optionally +# a lease time. If you have more than one network, you will need to +# repeat this for each network on which you want to supply DHCP +# service. +dhcp-range=192.168.255.200,192.168.255.250,12h + +# If this line is uncommented, dnsmasq will read /etc/ethers and act +# on the ethernet-address/IP pairs found there just as if they had +# been given as --dhcp-host options. Useful if you keep +# MAC-address/host mappings there for other purposes. +read-ethers + +# For debugging purposes, log each DNS query as it passes through +# dnsmasq. +#log-queries + +# Log lots of extra information about DHCP transactions. +#log-dhcp diff --git a/deploy/roles/frontal/files/etc/iptables/rules.v4 b/deploy/roles/frontal/files/etc/iptables/rules.v4 new file mode 100644 index 0000000..6723752 --- /dev/null +++ b/deploy/roles/frontal/files/etc/iptables/rules.v4 @@ -0,0 +1,16 @@ +# Generated by iptables-save v1.6.2 on Thu Sep 20 12:39:19 2018 +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +COMMIT +# Completed on Thu Sep 20 12:39:19 2018 +# Generated by iptables-save v1.6.2 on Thu Sep 20 12:39:19 2018 +*nat +:PREROUTING ACCEPT [38:3819] +:INPUT ACCEPT [16:2520] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +-A POSTROUTING -o enx0010602342fb -j MASQUERADE +COMMIT +# Completed on Thu Sep 20 12:39:19 2018 diff --git a/deploy/roles/frontal/files/etc/iptables/rules.v6 b/deploy/roles/frontal/files/etc/iptables/rules.v6 new file mode 100644 index 0000000..b19f65b --- /dev/null +++ b/deploy/roles/frontal/files/etc/iptables/rules.v6 @@ -0,0 +1,11 @@ +# Generated by ip6tables-save v1.6.2 on Thu Sep 20 12:39:19 2018 +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -s ::1/128 -m comment --comment "RFC3513 loopback" -j ACCEPT +-A INPUT -s fc00::/7 -m comment --comment "RFC4193 reserved" -j ACCEPT +-A INPUT -s fe80::/10 -m comment --comment "RFC4291 link-local" -j ACCEPT +-A INPUT -p tcp -m tcp --dport 22 -m comment --comment SSH -j REJECT --reject-with icmp6-port-unreachable +COMMIT +# Completed on Thu Sep 20 12:39:19 2018 diff --git a/deploy/roles/frontal/files/etc/modprobe.d/vc4.conf b/deploy/roles/frontal/files/etc/modprobe.d/vc4.conf new file mode 100644 index 0000000..caf9787 --- /dev/null +++ b/deploy/roles/frontal/files/etc/modprobe.d/vc4.conf @@ -0,0 +1 @@ +blacklist vc4 \ No newline at end of file diff --git a/deploy/roles/frontal/files/etc/network/interfaces.d/enx0010602342fb b/deploy/roles/frontal/files/etc/network/interfaces.d/enx0010602342fb new file mode 100644 index 0000000..ab84de3 --- /dev/null +++ b/deploy/roles/frontal/files/etc/network/interfaces.d/enx0010602342fb @@ -0,0 +1,5 @@ +auto enx0010602342fb +allow-hotplug enx0010602342fb +iface enx0010602342fb inet dhcp + + diff --git a/deploy/roles/frontal/files/etc/network/interfaces.d/enxb827ebbb7f89 b/deploy/roles/frontal/files/etc/network/interfaces.d/enxb827ebbb7f89 new file mode 100644 index 0000000..b0674f9 --- /dev/null +++ b/deploy/roles/frontal/files/etc/network/interfaces.d/enxb827ebbb7f89 @@ -0,0 +1,5 @@ +auto enxb827ebbb7f89 +allow-hotplug enxb827ebbb7f89 +iface enxb827ebbb7f89 inet static + address 192.168.255.1 + netmask 255.255.255.0 \ No newline at end of file diff --git a/deploy/roles/frontal/files/etc/network/interfaces.d/wlan0 b/deploy/roles/frontal/files/etc/network/interfaces.d/wlan0 new file mode 100644 index 0000000..cf09e33 --- /dev/null +++ b/deploy/roles/frontal/files/etc/network/interfaces.d/wlan0 @@ -0,0 +1,3 @@ +auto wlan0 +iface wlan0 inet dhcp + wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf \ No newline at end of file diff --git a/deploy/roles/frontal/files/etc/sysctl.d/90-net.conf b/deploy/roles/frontal/files/etc/sysctl.d/90-net.conf new file mode 100644 index 0000000..a1665b4 --- /dev/null +++ b/deploy/roles/frontal/files/etc/sysctl.d/90-net.conf @@ -0,0 +1 @@ +net.ipv4.ip_forward=1 \ No newline at end of file diff --git a/deploy/roles/frontal/files/root/.emacs.d/init.el b/deploy/roles/frontal/files/root/.emacs.d/init.el new file mode 100644 index 0000000..e96170f --- /dev/null +++ b/deploy/roles/frontal/files/root/.emacs.d/init.el @@ -0,0 +1,36 @@ +;;; Package management +(require 'package) +;; we use use-package to do this for us +(setq package-enable-at-startup nil) +;; use https for both melpa and gelpa if available +(if (gnutls-available-p) + (setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/") + ("melpa" . "https://melpa.org/packages/"))) + (setq package-archives '(("gnu" . "http://elpa.gnu.org/packages/") + ("melpa" . "http://melpa.org/packages/")))) + +(package-initialize) + +;; uncomment to debug package loading times +;; (setq use-package-verbose t) + +;; Bootstrap `use-package' from melpa +(unless (package-installed-p 'use-package) + (package-refresh-contents) + (package-install 'use-package)) + +(eval-when-compile + (require 'use-package)) + +(use-package paradox + :ensure t + :commands (paradox-list-packages) + ;; don't bother trying to integrate with github + :init (setq paradox-github-token nil)) + +(use-package yaml-mode + :ensure t) + +(use-package json-mode + :ensure t) + diff --git a/deploy/roles/frontal/files/root/.screenrc b/deploy/roles/frontal/files/root/.screenrc new file mode 100644 index 0000000..1b38b18 --- /dev/null +++ b/deploy/roles/frontal/files/root/.screenrc @@ -0,0 +1,5 @@ +#altscreen on +#term screen-256color + +hardstatus alwayslastline +hardstatus string '%{= kG}[ %{G}%H %{g}][%= %{= kw}%?%-Lw%?%{r}(%{W}%n*%f%t%?(%u)%?%{r})%{w}%?%+Lw%?%?%= %{g}][%{B} %m-%d %{W}%c %{g}]' diff --git a/deploy/roles/frontal/handlers/main.yml b/deploy/roles/frontal/handlers/main.yml new file mode 100644 index 0000000..6535b78 --- /dev/null +++ b/deploy/roles/frontal/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart dnsmasq + service: + name: collectd + state: restarted diff --git a/deploy/roles/frontal/tasks/main.yaml b/deploy/roles/frontal/tasks/main.yaml new file mode 100644 index 0000000..be72753 --- /dev/null +++ b/deploy/roles/frontal/tasks/main.yaml @@ -0,0 +1,45 @@ +--- +# Packages +- apt: + name: "{{ item }}" + #update_cache: yes + with_items: + - bash-completion + - dnsmasq + - iptables-persistent + - acl + - git + - ansible + - binutils + - make + - man-db + - locales + +- name: Setting config files + block: + - copy: + src: "etc/{{ item }}" + dest: /etc/ + with_items: + - dhcp + - modprobe.d + - network + - iptables + - sysctl: + name: net.ipv4.ip_forward + value: 1 + sysctl_set: yes + state: present + reload: yes + - copy: + src: boot/firmware/cmdline.txt + dest: /boot/firmware/cmdline.txt + - template: + src: etc/ethers + dest: /etc/ethers + mode: 0644 + notify: restart dnsmasq + - copy: + src: etc/dnsmaq.d + dest: /etc/ + notify: restart dnsmasq diff --git a/deploy/roles/frontal/templates/etc/ethers b/deploy/roles/frontal/templates/etc/ethers new file mode 100644 index 0000000..70f6743 --- /dev/null +++ b/deploy/roles/frontal/templates/etc/ethers @@ -0,0 +1,3 @@ +{% for host in groups['compute'] %} +{{ hostvars[host]['hwaddr'] }} {{ hostvars[host]['inventory_hostname_short'] }} +{% endfor %} \ No newline at end of file