remove zfs support, install webmanager

Readme.md

@@ -16,10 +16,10 @@ ansible-playbook -i inventory -u root node.yml
 # setup master
 ansible-playbook -i inventory -u root master.yml
 
-# setup workers
-ansible-playbook -i inventory -u root worker.yml
+# setup ganeti web manager
+ansible-playbook -i inventory -u root web-manager.yml
 ```
 
 ## Features
 - static IP using systemd-networkd (using the last IP of the server before running the playbook)
-- zfs extstorage
+- ganeti web manager

group_vars/all.yml

@@ -2,8 +2,6 @@ packages:
   - git
   - lvm2
   - linux-headers-amd64
-  - zfs-dkms
-  - zfsutils-linux
   - ganeti
   - ganeti-instance-debootstrap
   - drbd-utils
@@ -22,7 +20,7 @@ bridge_name: xenbr0
 mac_prefix: "02:42:ac"
 gateway: "192.168.50.254"
 dns_servers:
-  - "192.168.11.1"
+  - "192.168.1.1"
   - "1.1.1.1"
 
 # hostnames:
@@ -40,12 +38,9 @@ hostnames:
     name: test-33.ganeti
 
 # storage
-zpool_name: ganeti-pool
-zpool_dev: /dev/vdc
-
 vg_name: xenvg
 pvs:
-  - /dev/vdb
+  - /dev/vda3
 
 # ganeti
 instance_debootstrap:
@@ -53,3 +48,8 @@ instance_debootstrap:
     arch: amd64
     suite: bookworm
     extra_pkgs: "acpi-support-base,udev,linux-image-amd64,sudo,vim,grub-pc,openssh-server"
+
+rapi:
+  - name: admin
+    hash: b0e8418ff15cda34f6942ead9ed96aae
+    write: true

inventory

@@ -1,11 +1,12 @@
 [nodes]
 192.168.50.20
 192.168.50.21
-192.168.50.22
 
 [master]
 192.168.50.20
 
 [workers]
 192.168.50.21
-192.168.50.22
+
+[web-manager]
+192.168.50.20

roles/master/tasks/main.yml

@@ -31,7 +31,3 @@
   register: node_add_result
   changed_when: node_add_result.rc == 0
   loop: "{{ groups['workers'] }}"
-
-- name: Install ZFS extstorage
-  ansible.builtin.include_role:
-    name: zfs-extstorage

roles/node/tasks/main.yml

@@ -29,3 +29,9 @@
 - name: Configure debootstrap
   ansible.builtin.include_tasks:
     file: debootstrap.yml
+
+- name: Add RAPI users
+  ansible.builtin.template:
+    src: var-lib-ganeti-rapi-users.j2
+    dest: /var/lib/ganeti/rapi/users
+    mode: "0644"

roles/node/tasks/modules.yml

@@ -1,9 +1,3 @@
-- name: Enable ZFS
-  community.general.modprobe:
-    name: zfs
-    state: present
-    persistent: present
-
 - name: Enable KVM
   community.general.modprobe:
     name: kvm

roles/node/tasks/storage.yml

@@ -1,20 +1,3 @@
-- name: Create zpool
-  ansible.builtin.command:
-    cmd: zpool create {{ zpool_name }} {{ zpool_dev }}
-    creates: /{{ zpool_name }}
-
-- name: Check if the folder exists
-  ansible.builtin.stat:
-    path: /usr/share/ganeti/extstorage/zfs
-  register: folder_check
-
-- name: Reinstall lvm2 if ZFS extstorage is installed
-  ansible.builtin.command:
-    cmd: apt reinstall lvm2
-  register: lvm2_reinstall_result
-  changed_when: lvm2_reinstall_result.rc == 0
-  when: folder_check.stat.exists
-
 - name: Create LVM vg
   community.general.lvg:
     vg: "{{ vg_name }}"

roles/node/templates/var-lib-ganeti-rapi-users.j2

@@ -0,0 +1,3 @@
+{% for user in rapi %}
+{{ user.name }} {HA1}{{ user.hash }} {% if user.write %}write{% endif %}
+{% endfor %}

roles/web-manager/defaults/main.yml

@@ -0,0 +1,35 @@
+web_manager:
+  dependencies:
+    - curl
+    - tar
+    - libldap2-dev
+    - libsasl2-dev
+    - libssl-dev
+    - libffi-dev
+    - build-essential
+    - make
+  version: 0.11.1
+  tz: Europe/Budapest
+
+python:
+  src: https://www.python.org/ftp/python/2.7.18/Python-2.7.18.tgz
+  pip_src: https://bootstrap.pypa.io/pip/2.7/get-pip.py
+  dependencies:
+    - build-essential
+    - gdb
+    - lcov
+    - pkg-config
+    - libbz2-dev
+    - libffi-dev
+    - libgdbm-dev
+    - libgdbm-compat-dev
+    - liblzma-dev
+    - libncurses5-dev
+    - libreadline6-dev
+    - libsqlite3-dev
+    - libssl-dev
+    - lzma
+    - lzma-dev
+    - tk-dev
+    - uuid-dev
+    - zlib1g-dev

roles/web-manager/tasks/main.yml

@@ -0,0 +1,79 @@
+- name: Install dependencies
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    state: present
+    install_recommends: false
+  loop: "{{ web_manager.dependencies }}"
+
+- name: Install Python 2.7
+  ansible.builtin.include_tasks:
+    file: python.yml
+
+- name: Clone Ganeti Web Manager
+  ansible.builtin.git:
+    repo: "https://github.com/osuosl/ganeti_webmgr.git"
+    dest: "/tmp/ganeti_webmgr"
+    force: true
+    version: "{{ web_manager.version }}"
+
+- name: Create virtualenv for Ganeti Web Manager
+  ansible.builtin.command:
+    cmd: bash -c "python -m pip install virtualenv && python -m virtualenv /opt/ganeti_webmgr"
+  register: venv_result
+  changed_when: venv_result.rc == 0
+
+- name: Fix Ganeti Web Manager setup script
+  ansible.builtin.replace:
+    path: "/tmp/ganeti_webmgr/scripts/setup.sh"
+    regexp: "(--use-wheel)|(--setuptools)|(--no-site-packages)"
+    replace: ""
+
+- name: Install Ganeti Web Manager
+  ansible.builtin.command:
+    cmd: ./scripts/setup.sh -D sqlite -N -u
+  register: setup_result
+  changed_when: setup_result.rc == 0
+  args:
+    chdir: "/tmp/ganeti_webmgr"
+
+- name: Configure Ganeti Web Manager
+  ansible.builtin.template:
+    src: "config.yml.j2"
+    dest: "/opt/ganeti_webmgr/config/config.yml"
+    mode: "0644"
+  vars:
+    secret_key: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_letters', 'digits'], length=32) }}"
+    web_mgr_api_key: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_letters', 'digits'], length=32) }}"
+
+- name: Install VNCAuthProxy systemd service
+  ansible.builtin.copy:
+    src: "/tmp/ganeti_webmgr/scripts/vncauthproxy/init-systemd"
+    dest: "/lib/systemd/system/vncauthproxy.service"
+    mode: "0644"
+    remote_src: true
+
+- name: Enable VNCAuthProxy systemd service
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+    name: vncauthproxy
+    enabled: true
+    state: restarted
+
+- name: Init Ganeti Web Manager
+  ansible.builtin.command:
+    cmd: bash -c "source /opt/ganeti_webmgr/bin/activate && export DJANGO_SETTINGS_MODULE=ganeti_webmgr.ganeti_web.settings && django-admin.py syncdb --migrate && django-admin.py refreshcache"
+  register: init_result
+  changed_when: init_result.rc == 0
+
+- name: Install Ganeti Web Manager systemd service
+  ansible.builtin.template:
+    src: "ganeti-web-manager.service.j2"
+    dest: "/etc/systemd/system/ganeti-web-manager.service"
+    mode: "0644"
+
+- name: Enable Ganeti Web Manager
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+    name: ganeti-web-manager
+    enabled: true
+    state: restarted

roles/web-manager/tasks/python.yml

@@ -0,0 +1,38 @@
+- name: Download sources
+  ansible.builtin.get_url:
+    url: "{{ python.src }}"
+    dest: /tmp/python.tgz
+    mode: "0644"
+
+- name: Extract python sources
+  ansible.builtin.unarchive:
+    src: /tmp/python.tgz
+    dest: /tmp
+    remote_src: true
+
+- name: Install dependencies
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    state: present
+    install_recommends: false
+  loop: "{{ python.dependencies }}"
+
+- name: Compile and install python
+  ansible.builtin.command:
+    cmd: bash -c "./configure && make install"
+  register: python_compile_result
+  changed_when: python_compile_result.rc == 0
+  args:
+    chdir: /tmp/Python-2.7.18
+
+- name: Download get-pip.py
+  ansible.builtin.get_url:
+    url: "{{ python.pip_src }}"
+    dest: /tmp
+    mode: "0644"
+
+- name: Install pip
+  ansible.builtin.command:
+    cmd: python /tmp/get-pip.py
+  register: pip_install_result
+  changed_when: pip_install_result.rc == 0

roles/web-manager/templates/config.yml.j2

@@ -0,0 +1,111 @@
+# config.yml
+
+# Django settings for ganeti_webmgr project.
+
+##### Database Configuration #####
+DATABASES:
+    default:
+        ENGINE: django.db.backends.sqlite3
+                    # django.db.backends.sqlite3
+                    # django.db.backends.postgresql
+                    # django.db.backends.mysql
+                    # django.db.backends.oracle
+                    # django.db.backends.postgresql_psycopg2
+
+        # Or path to database file if using sqlite3.
+        NAME: /opt/ganeti_webmgr/ganeti.db
+        USER: ""
+        PASSWORD: ""
+        HOST: ""
+        PORT: ""
+##### End Database Configuration #####
+
+# Site name and domain referenced by some modules to provide links back to
+#  the site.
+SITE_NAME: Ganeti Web Manager
+SITE_DOMAIN: "localhost:8000"
+
+# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
+TIME_ZONE: "{{ web_manager.tz }}"
+DATE_FORMAT: d/m/Y
+DATETIME_FORMAT: "d/m/Y H:i"
+
+# Language code for this installation. All choices can be found here:
+# http://www.i18nguy.com/unicode/language-identifiers.html
+LANGUAGE_CODE: "en-US"
+##### End Locale Configuration #####
+
+# Enable i18n (translations) and l10n (locales, currency, times).
+# You really have no good reason to disable these unless you are only
+# going to be using GWM in English.
+USE_I18N: True
+
+# If you set this to False, Django will not format dates, numbers and
+# calendars according to the current locale
+USE_L10N: True
+
+# prefix used for the site.  ie. http://myhost.com/<SITE_ROOT>
+# for the django standalone server this should be
+# for apache this is the url the site is mapped to, probably /tracker
+SITE_ROOT: ""
+
+# Absolute path to the directory that holds media.
+# Example: /home/media/media.lawrence.com/
+STATIC_ROOT: /opt/ganeti_webmgr/collected_static
+
+# URL that handles the media served from STATIC_ROOT.
+# XXX contrary to django docs, do not use a trailing slash.  It makes urls
+# using this url easier to read.  ie.  <STATIC_URL>/images/foo.png
+STATIC_URL: /static
+
+##### Registration Settings #####
+ACCOUNT_ACTIVATION_DAYS: 7
+
+# Email settings for registration
+EMAIL_HOST: localhost
+EMAIL_PORT: 25
+DEFAULT_FROM_EMAIL: noreply@example.org
+
+# Whether users should be able to create their own accounts.
+# False if accounts can only be created by admins.
+ALLOW_OPEN_REGISTRATION: True
+##### End Registration Settings #####
+
+####### Haystack Search Index settings #######
+HAYSTACK_WHOOSH_PATH: /opt/ganeti_webmgr/whoosh_index
+####### End Haystack Search Index settings #######
+
+
+# GWM Specifics
+
+# The maximum number of items on a single list page
+ITEMS_PER_PAGE: 15
+
+# Ganeti Cached Cluster Objects Timeouts
+#    LAZY_CACHE_REFRESH (milliseconds) is the fallback cache timer that is
+#    checked when the object is instantiated. It defaults to 600000ms, or ten
+#    minutes.
+LAZY_CACHE_REFRESH: 600000
+
+# VNC Proxy. This will use a proxy to create local ports that are forwarded to
+# the virtual machines.  It allows you to control access to the VNC servers.
+#
+# Expected values:
+#   String syntax: HOST:CONTROL_PORT, for example: localhost:8888. If
+#   localhost is used then the proxy will only be accessible to clients and
+#   browsers on localhost. Production servers should use a publicly accessible
+#   hostname or IP
+#
+# Firewall Rules:
+#   Control Port: 8888, must be open between Ganeti Web Manager and Proxy
+#   Internal Ports: 12000+ must be open between the Proxy and Ganeti Nodes
+#   External Ports: default is 7000-8000, must be open between Proxy and Client
+#   Flash Policy Server: 843, must open between Proxy and Clients
+VNC_PROXY: "localhost:8888"
+
+# This is how long gwm will wait before timing out when requesting data from the
+# ganeti cluster.
+RAPI_CONNECT_TIMEOUT: 3
+
+SECRET_KEY: "{{ secret_key }}"
+WEB_MGR_API_KEY: "{{ web_mgr_api_key }}"

roles/web-manager/templates/ganeti-web-manager.service.j2

@@ -0,0 +1,11 @@
+[Unit]
+Description=Ganeti Web Manager
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+ExecStart=bash -c "source /opt/ganeti_webmgr/bin/activate && django-admin.py runserver 0.0.0.0:8000 --insecure"
+Environment="DJANGO_SETTINGS_MODULE=ganeti_webmgr.ganeti_web.settings"
+
+[Install]
+WantedBy=multi-user.target

roles/worker/tasks/main.yml

@@ -1,3 +0,0 @@
-- name: Install ZFS extstorage
-  ansible.builtin.include_role:
-    name: zfs-extstorage

roles/zfs-extstorage/tasks/main.yml

@@ -1,41 +0,0 @@
-- name: Clone ZFS extsotarge module
-  ansible.builtin.git:
-    repo: https://github.com/brigriffin/ganeti-extstorage-zfs.git
-    dest: /usr/share/ganeti/extstorage/zfs
-    single_branch: true
-    version: master
-    force: true
-
-- name: Set zpool for extstorage module
-  ansible.builtin.template:
-    src: exstorage.sh.j2
-    dest: /usr/share/ganeti/extstorage/zfs/etc/ganeti-{{ groups['nodes'].index(inventory_hostname) + 1 }}.sh
-    mode: "0644"
-
-- name: Make everything executable
-  ansible.builtin.file:
-    dest: /usr/share/ganeti/extstorage/zfs
-    recurse: true
-    mode: "0755"
-
-- name: Enable ext template
-  ansible.builtin.command:
-    cmd: /usr/share/ganeti/extstorage/zfs/install/1-enable-ext-template.sh
-    chdir: /usr/share/ganeti/extstorage/zfs/install/
-  register: enable_ext_template_result
-  changed_when: enable_ext_template_result.rc == 0
-  when: inventory_hostname in groups['master']
-
-- name: Create log directory
-  ansible.builtin.command:
-    cmd: /usr/share/ganeti/extstorage/zfs/install/2-create-log-directory.sh
-    chdir: /usr/share/ganeti/extstorage/zfs/install/
-    creates: /var/log/ganeti/extstorage
-  register: create_log_directory_result
-
-# - name: Create lvm wrappers
-#   ansible.builtin.command:
-#     cmd: /usr/share/ganeti/extstorage/zfs/install/3-lvm-wrappers.sh
-#     chdir: /usr/share/ganeti/extstorage/zfs/install/
-#   register: lvm_wrappers_result
-#   changed_when: lvm_wrappers_result.rc == 0

roles/zfs-extstorage/templates/exstorage.sh.j2

@@ -1 +0,0 @@
-EXTP_ZFS={{ zpool_name }}

web-manager.yml

@@ -0,0 +1,6 @@
+- name: Ganeti Web Manager setup
+  hosts: web-manager
+  become: true
+  gather_facts: true
+  roles:
+    - web-manager