AnsibleでCentOS8初期セットアップ用のプレイブック(Ver4)を作成してみました

AnsibleでCentOS8インストール後の初期セットアップ用のプレイブック(ver4)を作成してみました。
bondingの設定も実施します。

今回はプロキシ環境用に作成してみます。
.bash_profileにexport http_proxyを追記することにします。
ansibleでプロキシを試用する場合は、bashログインしないので

vars:
proxy_env:
http_proxy: http://54.168.222.142:80
https_proxy: https://161.202.226.194:80

environment: “{{ proxy_env }}”

を使用します。
また、RPMをアップロードして、ローカルインストールする手順にしています。

ググるとSSH公開鍵認証での使用例が多いですが、大量の初期セットアップを時間をかけずに実施したい目的なので、
SSHパスワード認証での使用方法を記載します。

RPMローカルインストール、NFSマウント設定
を追記しました。

1.環境
コントロールノード(指示を出すサーバ):CentOS8.2
ターゲットノード(指示を受けるサーバ):CentOS8.2 2台
ホスト:centos8-12
Playbook実行前
ens192:192.168.0.35
ens224:
ens256:

Playbook実行後
ens192:bond_slave
ens224:bond_slave
ens256:
bond0:192.168.0.35

ホスト:centos8-13
Playbook実行前
ens192:192.168.0.36
ens224:
ens256:

Playbook実行後
ens192:bond_slave
ens224:bond_slave
ens256:
bond0:192.168.0.36

ansibleバージョン:2.9.11

※注意点としては、nmcliモジュールでbond0を作成すると、BOOTPROTO=dhcpの設定が残ってしまいます。
対策として、
commandモジュールでnmcli connection modify コマンドを発行して、設定を上書きします。
さらに、ens192の元の設定が残っていて同じIPで2つIFがUPしてしまうので、
元のconnection設定”System ens192″を削除します。
冪等性(べきとうせい)を担保する為にwhen句でチェックもします。

2.Ansibleの導入
コントロールノードで実行

yum install epel-release -y
yum install ansible
ansible --version

3.プレイブックの処理の内容


/etc/hosts
/etc/NetworkManager/NetworkManager.conf
/etc/resolv.conf
/etc/selinux/config
/etc/yum.conf
/etc/kdump.conf
のバックアップファイルを確認し、無ければバックアップを取得する。
②.ホスト名の変更
③.NetworkManagerのDNSオプション無効化
④.resolv.confの設定
⑤.hostsファイルの設定
⑥.NTPサービスの再起動
⑦.SELinuxの無効化
⑧.Firewalldの無効化
⑨.IPv6の無効化
⑩kdump用dir作成
⑪kdump出力先変更
⑫.NetworkManagerの起動
⑬.bondigモジュールの有効化
⑭.bonding接続プロファイルの作成
⑮.bonding接続プロファイル編集
⑯.bonding接続プロファイル編集2
⑰.”System ens192″の確認
⑱.”System ens192″の削除
⑲.bonding Slave接続プロファイル作成
⑳Static Routeの設定
㉑NetworkManagerの再起動
㉒bash_profile設定(プロキシ設定)
㉓.yum.confにてカーネル、リリースアップデートの除外設定
㉔.yum update
㉕.追加パッケージ(chronyd,nfs-utils,nvme-cli)のローカルインストール
㉖.chrony設定
㉗.chronyd再起動
㉘.NFS設定
㉙.サーバ再起動
㉚.サーバ再起動後の疎通確認

4.インベントリファイルとプレイブック配置用ディレクトリ作成

mkdir /etc/ansible/setup_centos8
mkdir /etc/ansible/setup_centos8/inventory
mkdir /etc/ansible/setup_centos8/group_vars
mkdir /etc/ansible/setup_centos8/host_vars
mkdir /etc/ansible/setup_centos8/roles
mkdir /etc/ansible/setup_centos8/roles/common
mkdir /etc/ansible/setup_centos8/roles/common/resolver
mkdir /etc/ansible/setup_centos8/roles/common/resolver/tasks
mkdir /etc/ansible/setup_centos8/roles/common/resolver/files
mkdir /etc/ansible/setup_centos8/roles/common/resolver/templates
mkdir /etc/ansible/setup_centos8/roles/common/networks
mkdir /etc/ansible/setup_centos8/roles/common/networks/tasks
mkdir /etc/ansible/setup_centos8/roles/common/networks/files
mkdir /etc/ansible/setup_centos8/roles/common/proxyset
mkdir /etc/ansible/setup_centos8/roles/common/proxyset/tasks
mkdir /etc/ansible/setup_centos8/roles/common/packages
mkdir /etc/ansible/setup_centos8/roles/common/packages/tasks
mkdir /etc/ansible/setup_centos8/roles/common/packages/files
mkdir /etc/ansible/setup_centos8/roles/common/packages/vars
mkdir /etc/ansible/setup_centos8/roles/common/chronyset
mkdir /etc/ansible/setup_centos8/roles/common/chronyset/tasks
mkdir /etc/ansible/setup_centos8/roles/common/mount
mkdir /etc/ansible/setup_centos8/roles/common/mount/tasks
mkdir /etc/ansible/setup_centos8/roles/common/reboot
mkdir /etc/ansible/setup_centos8/roles/common/reboot/tasks

5.インベントリファイルの作成
グループ毎にパスワードが異なる前提で記述してみました。

vi /etc/ansible/setup_centos8/inventory/inventory.ini

[webservers]
centos8-12 ansible_host=192.168.0.35

[dbservers]
centos8-13.test.local ansible_host=192.168.0.36

[linux_servers:children]
webservers
dbservers



[webservers:vars]
ansible_ssh_port=22
ansible_ssh_user=root
ansible_ssh_pass=password1
ansible_sudo_pass=password1

[dbservers:vars]
ansible_ssh_port=22
ansible_ssh_user=root
ansible_ssh_pass=password2
ansible_sudo_pass=password2

6.pingによる疎通確認
インベントリファイルを作成したら、まずは対象ノードと疎通できるか確認してみましょう。

事前キー登録

ssh 192.168.0.35
ssh 192.168.0.36

でyesを応答する。

cd /etc/ansible/setup_centos8
ansible all -i ./inventory/inventory.ini -m ping

7.プレイブックの作成

#起点になるymlファイルの作成
vi /etc/ansible/setup_centos8/linux_initialsetup.yml

- hosts: all
  become: true
#  become_method: su

  vars:
    proxy_env:
      http_proxy: http://54.168.222.142:80
      https_proxy: https://161.202.226.194:80

  roles:
   - name: common/resolver
     tags: resolver
   - name: common/networks
     tags: networks
   - name: common/proxyset
     tags: proxyset
   - name: common/packages
     tags: packages
   - name: common/chronyset
     tags: chronyset
   - name: common/mount
     tags: mount
   - name: common/reboot
     tags: reboot

#設定変更処理の記述
vi /etc/ansible/setup_centos8/roles/common/resolver/tasks/main.yml

#バックアップの確認1(/etc/hosts)
- name: main / backup_check(/etc/hosts)
  stat:
    path: /etc/hosts_org
  register: hosts_org

#バックアップの取得1(/etc/hosts)
- name: main / backup(/etc/hosts)
  copy:
    src: /etc/hosts
    dest: /etc/hosts_org
    remote_src: yes
  when: not hosts_org.stat.exists


#バックアップの確認2(/etc/NetworkManager/NetworkManager.conf)
- name: main / backup_check(/etc/NetworkManager/NetworkManager.conf)
  stat:
    path: /etc/NetworkManager/NetworkManager.conf_org
  register: NetworkManager_conf_org

#バックアップの取得2(/etc/NetworkManager/NetworkManager.conf)
- name: main / backup(/etc/NetworkManager/NetworkManager.conf)
  copy:
    src: /etc/NetworkManager/NetworkManager.conf
    dest: /etc/NetworkManager/NetworkManager.conf_org
    remote_src: yes
  when: not NetworkManager_conf_org.stat.exists

#バックアップの確認3(/etc/resolv.conf)
- name: main / backup_check(/etc/resolv.conf)
  stat:
    path: /etc/resolv.conf_org
  register: resolv_conf_org

#バックアップの取得3(/etc/resolv.conf)
- name: main / backup(/etc/resolv.conf)
  copy:
    src: /etc/resolv.conf
    dest: /etc/resolv.conf_org
    remote_src: yes
  when: not resolv_conf_org.stat.exists

#バックアップの確認4(/etc/selinux/config)
- name: main / backup_check(/etc/selinux/config)
  stat:
    path: /etc/selinux/config_org
  register: selinux_config_org

#バックアップの取得4(/etc/selinux/config)
- name: main / backup(/etc/selinux/config)
  copy:
    src: /etc/selinux/config
    dest: /etc/selinux/config_org
    remote_src: yes
  when: not selinux_config_org.stat.exists

#バックアップの確認5(/etc/yum.conf)
- name: main / backup_check(/etc/yum.conf)
  stat:
    path: /etc/yum.conf_org
  register: yum_conf_org

#バックアップの取得5(/etc/yum.conf)
- name: main / backup(/etc/yum.conf)
  copy:
    src: /etc/yum.conf
    dest: /etc/yum.conf_org
    remote_src: yes
  when: not yum_conf_org.stat.exists

#バックアップの確認6(/etc/kdump.conf)
- name: main / backup_check(/etc/kdump.conf)
  stat:
    path: /etc/kdump.conf_org
  register: kdump_conf_org

#バックアップの取得6(/etc/kdump.conf)
- name: main / backup(/etc/kdump.conf)
  copy:
    src: /etc/kdump.conf
    dest: /etc/kdump.conf_org
    remote_src: yes
  when: not kdump_conf_org.stat.exists

#ホスト名の設定
- name: main / Set_hostname
#      become: true
  hostname: name="{{ inventory_hostname_short }}"

#NetworkManagerのリゾルバ設定
- name: main / Set resolver setting
  ini_file:
        dest: /etc/NetworkManager/NetworkManager.conf
        section: main
        option: dns
        value: none

#resolv.confの設定
- name: main / Deploy resolv.conf
  copy:
        src: resolv.conf
        dest: /etc/resolv.conf
        owner: root
        group: root
        mode: 0644

#hostsファイルの設定
- name: main / Deploy hosts file
  template:
        src: hosts.j2
        dest: /etc/hosts
        owner: root
        group: root
        mode: 0644

#NTPサービスの再起動
#- name: main / restart NTP sevice
#  systemd:
#        name: ntpd
#        state: restarted
#        enabled: yes

#SELinuxの無効化
- name: main / Disable SELinux
  selinux:
         state: disabled

#firewalldの無効化
- name: main / Disable firewalld
  systemd:
        name: firewalld
        state: stopped
        enabled: no

#IPv6の無効化
- name: main / Disable IPv6
  sysctl:
        name: '{{ item }}'
        value: '1'
  with_items:
        - net.ipv6.conf.all.disable_ipv6
        - net.ipv6.conf.default.disable_ipv6

#kdump用dir作成
- name: main / kdump create directory
  file:
    path=/var/crash2
    state=directory
    owner=root
    group=root
    mode=0755

#kdump.conf設定変更
- name: main / kdump.conf setting
  replace:
    dest=/etc/kdump.conf
    regexp='^path /var/crash' 
    replace='path /var/crash2'



#配布用ファイルの準備

vi /etc/ansible/setup_centos8/roles/common/resolver/files/resolv.conf
# Generated by NetworkManager
nameserver 192.168.0.1


#hostsファイル作成用処理
vi /etc/ansible/setup_centos8/roles/common/resolver/templates/hosts.j2
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 {{ inventory_hostname }}

{% for item in play_hosts %}
{% set short_name = item.split('.') %}
{{ hostvars[item]['ansible_default_ipv4']['address'] }}  {{ item }} {{ short_name[0] }}
{% endfor %}


#リブート処理
vi /etc/ansible/setup_centos8/roles/common/reboot/tasks/main.yml

- name: main / do sync             # sync実行
  shell: sync
- name: main / reboot              # 再起動
  shell: reboot
  async: 1                  # 非同期実行(一旦sshのコネクションが切れるが、それをエラーとしない為の対処)
  poll: 0                   # 非同期実行時にshellモジュールの戻りを待たない(同上)
- name: main / wait for reboot     # 再起動後のssh再接続待ち
  wait_for_connection:
   delay: 20               # reboot後20秒後から確認実施
   timeout: 300            # 確認タイムアウトは5分
- name: main / check connection    # 導通チェック
  ping:

8.グループ変数の設定

vi /etc/ansible/setup_centos8/group_vars/linux_servers.yml
---
operation_gw: "192.168.0.1"

network_bond:
    - {conn_name: 'bond0', ip4: "{{ operation_ip }}", gw4: "{{ operation_gw }}"}
network_bond_slave:
    - {conn_name: 'ens192' , master: 'bond0'}
    - {conn_name: 'ens224' , master: 'bond0'}

9.host変数の設定

vi /etc/ansible/setup_centos8/host_vars/centos8-12.yml
---
operation_ip: "{{ ansible_host }}/24"

vi /etc/ansible/setup_centos8/host_vars/centos8-13.yml
---
operation_ip: "{{ ansible_host }}/24"

10.ネットワーク設定変更処理の記述

#配布用ファイルの準備
vi /etc/ansible/setup_centos8/roles/common/networks/files/route-bond0

# Static route for metadata service
172.31.0.0/24 via 192.168.0.1 dev bond0


# ネットワーク設定処理
vi /etc/ansible/setup_centos8/roles/common/networks/tasks/main.yml

#NetworkManagerの起動
- name: main / Start NetworkManager
  systemd:
    name: NetworkManager
    state: started
    enabled: yes

#bondigモジュールの有効化
- name: main / Load bonding module
  modprobe:
    name: bonding
    state: present

#bonding接続プロファイルの作成
- name: main / Add bonding connection
  nmcli:
    type: bond
    conn_name: "{{ item.conn_name }}"
    mode: "balance-rr"
    state: present
  with_items:
    - "{{ network_bond }}"
  when: ansible_bond0 is not defined

#bonding接続プロファイル編集
- name: main / Modify bonding connection
  nmcli:
    type: bond
    conn_name: "{{ item.conn_name }}"
    ip4: "{{ item.ip4 }}"
    gw4: "{{ item.gw4 }}"
    state: present
  with_items:
    - "{{ network_bond }}"

#bonding接続プロファイル編集2
- name: main / Modify bonding connection2
  command: nmcli connection modify {{ item.conn_name }} ipv4.method manual ipv4.addresses {{ item.ip4 }} ipv4.gateway {{ item.gw4 }}
  with_items:
    - "{{ network_bond }}"

#"System ens192"の確認
- name: main / Check connection "System ens192"
  command: nmcli connection
  register: con_sys_ens192

#"System ens192"の削除
- name: main / Delete connection "System ens192"
  command: nmcli connection delete "System ens192"
  when: "'System ens192' in con_sys_ens192.stdout"

#bonding Slave接続プロファイル作成
- name: main / Add bonding slave connection
  nmcli:
    type: bond-slave
    conn_name: "{{ item.conn_name }}"
    master: "{{ item.master }}"
    state: present
  with_items:
    - "{{ network_bond_slave }}"

#Static Routeの設定
- name: main / Deploy route-bond0
  copy:
        src: route-bond0
        dest: /etc/sysconfig/network-scripts/route-bond0
        owner: root
        group: root
        mode: 0644

#NetworkManagerの再起動
- name: main / Restart NetworkManager
  systemd:
    name: NetworkManager
    state: restarted
    enabled: yes

11.パッケージタスク処理の準備

#配布用ファイルの準備
yum install yum-utils

mkdir /root/rpms
cd /root/rpms

#配布用ファイルのダウンロード

#chrony関連RPMのダウンロード
dnf download --resolve chrony
dnf download --resolve timedatex

#nfs関連RPMのダウンロード
dnf download --resolve nfs-utils

Last metadata expiration check: 0:09:45 ago on Sat 26 Sep 2020 01:04:56 PM JST.
(1/7): libverto-libevent-0.3.0-5.el8.x86_64.rpm 197 kB/s |  16 kB     00:00
(2/7): keyutils-1.5.10-6.el8.x86_64.rpm         649 kB/s |  63 kB     00:00
(3/7): gssproxy-0.8.0-15.el8.x86_64.rpm         1.0 MB/s | 118 kB     00:00
(4/7): quota-nls-4.04-10.el8.noarch.rpm         3.7 MB/s |  94 kB     00:00
(5/7): quota-4.04-10.el8.x86_64.rpm             4.5 MB/s | 214 kB     00:00
(6/7): rpcbind-1.2.5-7.el8.x86_64.rpm           3.5 MB/s |  70 kB     00:00
(7/7): nfs-utils-2.3.3-31.el8.x86_64.rpm        4.9 MB/s | 468 kB     00:00


#nvme関連RPMのダウンロード
dnf download --resolve nvme-cli

#RPM一覧取得
ls /root/rpms

chrony-3.5-1.el8.x86_64.rpm               nvme-cli-1.9-7.el8_2.x86_64.rpm
gssproxy-0.8.0-15.el8.x86_64.rpm          quota-4.04-10.el8.x86_64.rpm
keyutils-1.5.10-6.el8.x86_64.rpm          quota-nls-4.04-10.el8.noarch.rpm
libverto-libevent-0.3.0-5.el8.x86_64.rpm  rpcbind-1.2.5-7.el8.x86_64.rpm
nfs-utils-2.3.3-31.el8.x86_64.rpm         timedatex-0.5-3.el8.x86_64.rpm

#配布用ファイルの準備2
cp *.rpm /etc/ansible/setup_centos8/roles/common/packages/files

12.パッケージタスク処理の記述

vi /etc/ansible/setup_centos8/roles/common/packages/tasks/main.yml

#変数読み込み
#- name: mail / Add packages var
#  include_vars: "packages.yml"

#yum.conf設定
- name: main / yum.conf setting
  lineinfile:
    dest=/etc/yum.conf
    line={{ item }}
  with_items:
        - 'exclude=kernel* centos-release*'

#yum update
- name: main / Update yum packages
  yum:
    name: "{{ item }}"
    state: latest
    update_cache: yes
   environment: "{{ proxy_env }}"
  with_items:
    - "*"

#yum network install
#- name: main / Install the required packages
#  yum:
#    name: "{{ item }}"
#    state: present
#  environment: "{{ proxy_env }}"
#  with_items: "{{ required_packages }}"


# リモートサーバ上にRPMパッケージ格納ディレクトを作成
- name: main / Create /tmp/rpms directory
  file:
    path: /tmp/rpms
    state: directory
    owner: root
    group: root
    mode: 0755

# ローカルサーバ上のとfiles/配下にある「*.rpm」ファイルを
# リモートサーバ上にアップロード
- name: main / Upload rpm packages
  copy:
    src: "{{ item }}"
    dest: /tmp/rpms/
    owner: root
    mode: 0644
  with_fileglob:
    - "files/*.rpm"
  become: yes

# リモートサーバ上にアップしたファイル一覧を「find_result」に収める
- name: main / Find rpm files
  find:
    paths: "/tmp/rpms"
    patterns: "*.rpm"
  register: find_result

# 「find_result」から「rpm_list」を作成
- name: main / Create file list
  set_fact:
    rpm_list: "{{ find_result.files | map(attribute='path') | list }}"

# 「rpm_list」を元にyumlocalinstall
- name: yum localinstall
  yum:
    name: "{{ rpm_list }}"
    state: present


#vi /etc/ansible/setup_centos8/roles/common/packages/vars/packages.yml
#---
#required_packages:
# - "chrony"
#追加リポジトリ
# - "epel-release"
# - "https://rpms.remirepo.net/enterprise/remi-release-8.rpm"

13.NTP設定処理の記述

vi /etc/ansible/setup_centos8/roles/common/chronyset/tasks/main.yml

#バックアップの確認(/etc/chrony.conf)
- name: main / backup_check(/etc/chrony.conf)
  stat:
    path: /etc/chrony.conf_org
  register: chrony_conf_org

#バックアップの取得(/etc/chrony.conf)
- name: main / backup(/etc/chrony.conf)
  copy:
    src: /etc/chrony.conf
    dest: /etc/chrony.conf_org
    remote_src: yes
  when: not chrony_conf_org.stat.exists

#chrony.conf設定変更
- name: main / chrony.conf setting
  replace:
    dest=/etc/chrony.conf
    regexp='^pool 2.centos.pool.ntp.org iburst' 
    replace='pool 192.168.0.1 iburst'

#chronydの再起動
- name: Restart chronyd
  systemd:
        name: chronyd
        state: restarted
        enabled: yes

14.Proxy設定処理の記述

vi /etc/ansible/setup_centos8/roles/common/proxyset/tasks/main.yml

#バックアップの確認(/root/.bash_profile)
- name: main / backup_check(/root/.bash_profile)
  stat:
    path: /root/.bash_profile_org
  register: bash_profile_org

#バックアップの取得(/root/.bash_profile)
- name: main / backup(/root/.bash_profile)
  copy:
    src: /root/.bash_profile
    dest: /root/.bash_profile_org
    remote_src: yes
  when: not bash_profile_org.stat.exists

#bash_profile設定
- name: main / bash_profile setting
  lineinfile:
    dest=/root/.bash_profile
    line={{ item }}
  with_items:
        - 'export http_proxy=http://54.168.222.142:80'
        - 'export https_proxy=https://161.202.226.194:80'

15.NFSマウント処理の実行

#NFSマウント用dir作成
- name: main / nfs create directory
  file:
    path=/mnt/nfs
    state=directory
    owner=root
    group=root
    mode=0755

#バックアップの確認(/etc/fstab)
- name: main / backup_check(/etc/kdump.conf)
  stat:
    path: /etc/fstab_org
  register: fstab_org

#バックアップの取得(/etc/fstab)
- name: main / backup(/etc/fstab)
  copy:
    src: /etc/fstab
    dest: /etc/fstab_org
    remote_src: yes
  when: not fstab_org.stat.exists

#/etc/fstab設定
- name: main / fstab setting
  lineinfile:
    dest=/etc/fstab
    line={{ item }}
  with_items:
        - '192.168.0.33:/home/nfsshare /mnt/nfs               nfs     defaults        0 0'

16.プレイブックの処理の実行

PLAY [all] ************************************************************************************

TASK [Gathering Facts] ************************************************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / backup_check(/etc/hosts)] **************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / backup(/etc/hosts)] ********************************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / backup_check(/etc/NetworkManager/NetworkManager.conf)] *********
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / backup(/etc/NetworkManager/NetworkManager.conf)] ***************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / backup_check(/etc/resolv.conf)] ********************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / backup(/etc/resolv.conf)] **************************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / backup_check(/etc/selinux/config)] *****************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / backup(/etc/selinux/config)] ***********************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / backup_check(/etc/yum.conf)] ***********************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / backup(/etc/yum.conf)] *****************************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / backup_check(/etc/kdump.conf)] *********************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / backup(/etc/kdump.conf)] ***************************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/resolver : main / Set_hostname] **************************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / Set resolver setting] ******************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / Deploy resolv.conf] ********************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / Deploy hosts file] *********************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / Disable SELinux] ***********************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / Disable firewalld] *********************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/resolver : main / Disable IPv6] **************************************************
ok: [centos8-13.test.local] => (item=net.ipv6.conf.all.disable_ipv6)
ok: [centos8-12] => (item=net.ipv6.conf.all.disable_ipv6)
ok: [centos8-12] => (item=net.ipv6.conf.default.disable_ipv6)
ok: [centos8-13.test.local] => (item=net.ipv6.conf.default.disable_ipv6)

TASK [common/resolver : main / kdump create directory] ****************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/resolver : main / kdump.conf setting] ********************************************
changed: [centos8-13.test.local]
changed: [centos8-12]

TASK [common/networks : main / Start NetworkManager] ******************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/networks : main / Load bonding module] *******************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/networks : main / Add bonding connection] ****************************************
skipping: [centos8-12] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.35/24', 'gw4': '192.168.0.1'})
skipping: [centos8-13.test.local] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.36/24', 'gw4': '192.168.0.1'})

TASK [common/networks : main / Modify bonding connection] *************************************
changed: [centos8-12] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.35/24', 'gw4': '192.168.0.1'})
changed: [centos8-13.test.local] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.36/24', 'gw4': '192.168.0.1'})

TASK [common/networks : main / Modify bonding connection2] ************************************
changed: [centos8-12] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.35/24', 'gw4': '192.168.0.1'})
changed: [centos8-13.test.local] => (item={'conn_name': 'bond0', 'ip4': '192.168.0.36/24', 'gw4': '192.168.0.1'})

TASK [common/networks : main / Check connection "System ens192"] ******************************
changed: [centos8-12]
changed: [centos8-13.test.local]

TASK [common/networks : main / Delete connection "System ens192"] *****************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/networks : main / Add bonding slave connection] **********************************
changed: [centos8-12] => (item={'conn_name': 'ens192', 'master': 'bond0'})
changed: [centos8-13.test.local] => (item={'conn_name': 'ens192', 'master': 'bond0'})
changed: [centos8-12] => (item={'conn_name': 'ens224', 'master': 'bond0'})
changed: [centos8-13.test.local] => (item={'conn_name': 'ens224', 'master': 'bond0'})

TASK [common/networks : main / Deploy route-bond0] ********************************************
changed: [centos8-13.test.local]
changed: [centos8-12]

TASK [common/networks : main / Restart NetworkManager] ****************************************
changed: [centos8-13.test.local]
changed: [centos8-12]

TASK [common/proxyset : main / backup_check(/root/.bash_profile)] *****************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/proxyset : main / backup(/root/.bash_profile)] ***********************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/proxyset : main / bash_profile setting] ******************************************
ok: [centos8-12] => (item=export http_proxy=http://54.168.222.142:80)
ok: [centos8-13.test.local] => (item=export http_proxy=http://54.168.222.142:80)
ok: [centos8-12] => (item=export https_proxy=https://161.202.226.194:80)
ok: [centos8-13.test.local] => (item=export https_proxy=https://161.202.226.194:80)

TASK [common/packages : main / yum.conf setting] **********************************************
ok: [centos8-12] => (item=exclude=kernel* centos-release*)
ok: [centos8-13.test.local] => (item=exclude=kernel* centos-release*)

TASK [common/packages : main / Create /tmp/rpms directory] ************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/packages : main / Upload rpm packages] *******************************************
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/chrony-3.5-1.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/chrony-3.5-1.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/gssproxy-0.8.0-15.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/gssproxy-0.8.0-15.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/keyutils-1.5.10-6.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/keyutils-1.5.10-6.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/libverto-libevent-0.3.0-5.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/libverto-libevent-0.3.0-5.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/nfs-utils-2.3.3-31.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/nfs-utils-2.3.3-31.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/nvme-cli-1.9-7.el8_2.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/nvme-cli-1.9-7.el8_2.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/quota-4.04-10.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/quota-4.04-10.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/quota-nls-4.04-10.el8.noarch.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/quota-nls-4.04-10.el8.noarch.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/rpcbind-1.2.5-7.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/rpcbind-1.2.5-7.el8.x86_64.rpm)
ok: [centos8-13.test.local] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/timedatex-0.5-3.el8.x86_64.rpm)
ok: [centos8-12] => (item=/etc/ansible/setup_centos8/roles/common/packages/files/timedatex-0.5-3.el8.x86_64.rpm)

TASK [common/packages : main / Find rpm files] ************************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/packages : main / Create file list] **********************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/packages : yum localinstall] *****************************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/chronyset : main / backup_check(/etc/chrony.conf)] *******************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/chronyset : main / backup(/etc/chrony.conf)] *************************************
skipping: [centos8-12]
skipping: [centos8-13.test.local]

TASK [common/chronyset : main / chrony.conf setting] ******************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/chronyset : Restart chronyd] *****************************************************
changed: [centos8-13.test.local]
changed: [centos8-12]

TASK [common/mount : main / nfs create directory] *********************************************
changed: [centos8-12]
changed: [centos8-13.test.local]

TASK [common/mount : main / backup_check(/etc/kdump.conf)] ************************************
ok: [centos8-13.test.local]
ok: [centos8-12]

TASK [common/mount : main / backup(/etc/fstab)] ***********************************************
changed: [centos8-12]
changed: [centos8-13.test.local]

TASK [common/mount : main / fstab setting] ****************************************************
changed: [centos8-12] => (item=192.168.0.33:/home/nfsshare /mnt/nfs               nfs     defaults        0 0)
changed: [centos8-13.test.local] => (item=192.168.0.33:/home/nfsshare /mnt/nfs               nfs     defaults        0 0)

TASK [common/reboot : main / do sync] *********************************************************
changed: [centos8-12]
changed: [centos8-13.test.local]

TASK [common/reboot : main / reboot] **********************************************************
changed: [centos8-13.test.local]
changed: [centos8-12]

TASK [common/reboot : main / wait for reboot] *************************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

TASK [common/reboot : main / check connection] ************************************************
ok: [centos8-12]
ok: [centos8-13.test.local]

PLAY RECAP ************************************************************************************
centos8-12                 : ok=43   changed=13   unreachable=0    failed=0    skipped=10   rescued=0    ignored=0
centos8-13.test.local      : ok=43   changed=13   unreachable=0    failed=0    skipped=10   rescued=0    ignored=0

17.あとがき

だいぶ完成度が高まってきました。
SNMP設定はv3 or v2が決まってから作成しようと思います。

Comments are closed.