From d2423a60b1c4da04c2831bfefd23443a7776bcd1 Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Fri, 13 Jul 2018 16:46:46 +0200 Subject: [PATCH] Put zfs to common --- doc/ariane.md | 2 +- host_vars/ariane | 2 + roles/ariane/defaults/main.yml | 2 +- roles/ariane/files/zfs_health.sh | 122 --------------------- roles/ariane/files/zfs_mount.sh | 133 ----------------------- roles/ariane/files/zfs_mount_settings.sh | 13 +++ roles/ariane/handlers/main.yml | 9 -- roles/ariane/tasks/zfs.yml | 44 +------- roles/common | 2 +- 9 files changed, 20 insertions(+), 309 deletions(-) delete mode 100644 roles/ariane/files/zfs_health.sh delete mode 100644 roles/ariane/files/zfs_mount.sh create mode 100644 roles/ariane/files/zfs_mount_settings.sh diff --git a/doc/ariane.md b/doc/ariane.md index 7359562..5122536 100644 --- a/doc/ariane.md +++ b/doc/ariane.md @@ -39,7 +39,7 @@ cryptsetup luksFormat /dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WXB1HB4MJCMM-p ``` ### Create zpools ```shell -./mountVolumes.sh mount +zfs_mount.sh mount zpool create -o ashift=12 -o autoexpand=on -o autoreplace=on -O atime=off -O compression=lz4 \ -O acltype=posixacl -O xattr=sa zv1 raidz2 \ /dev/mapper/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP32E-part1 \ diff --git a/host_vars/ariane b/host_vars/ariane index c3ac110..09f5f7d 100644 --- a/host_vars/ariane +++ b/host_vars/ariane @@ -41,3 +41,5 @@ lxc: - lxc.network.1.hwaddr = 2e:6d:b6:07:16:01 - lxc.network.1.link = br0 - lxc.network.1.flags = up + +common_zfs: True diff --git a/roles/ariane/defaults/main.yml b/roles/ariane/defaults/main.yml index 5ca482c..c9f51b5 100644 --- a/roles/ariane/defaults/main.yml +++ b/roles/ariane/defaults/main.yml @@ -1,4 +1,4 @@ --- -ariane_zfs: True ariane_lxc: True ariane_lxc_void: True +ariane_zfs: True diff --git a/roles/ariane/files/zfs_health.sh b/roles/ariane/files/zfs_health.sh deleted file mode 100644 index 4281393..0000000 --- a/roles/ariane/files/zfs_health.sh +++ /dev/null @@ -1,122 +0,0 @@ -#! /bin/sh -# -# Calomel.org -# https://calomel.org/zfs_health_check_script.html -# FreeBSD ZFS Health Check script -# zfs_health.sh @ Version 0.17 - -# Check health of ZFS volumes and drives. On any faults send email. - - -# 99 problems but ZFS aint one -problems=0 - - -# Health - Check if all zfs volumes are in good condition. We are looking for -# any keyword signifying a degraded or broken array. - -condition=$(/sbin/zpool status | egrep -i '(DEGRADED|FAULTED|OFFLINE|UNAVAIL|REMOVED|FAIL|DESTROYED|corrupt|cannot|unrecover)') -if [ "${condition}" ]; then - emailSubject="`hostname` - ZFS pool - HEALTH fault" - problems=1 -fi - - -# Capacity - Make sure the pool capacity is below 80% for best performance. The -# percentage really depends on how large your volume is. If you have a 128GB -# SSD then 80% is reasonable. If you have a 60TB raid-z2 array then you can -# probably set the warning closer to 95%. -# -# ZFS uses a copy-on-write scheme. The file system writes new data to -# sequential free blocks first and when the uberblock has been updated the new -# inode pointers become valid. This method is true only when the pool has -# enough free sequential blocks. If the pool is at capacity and space limited, -# ZFS will be have to randomly write blocks. This means ZFS can not create an -# optimal set of sequential writes and write performance is severely impacted. - -maxCapacity=80 - -if [ ${problems} -eq 0 ]; then - capacity=$(/sbin/zpool list -H -o capacity | cut -d'%' -f1) - for line in ${capacity} - do - if [ $line -ge $maxCapacity ]; then - emailSubject="`hostname` - ZFS pool - Capacity Exceeded" - problems=1 - fi - done -fi - - -# Errors - Check the columns for READ, WRITE and CKSUM (checksum) drive errors -# on all volumes and all drives using "zpool status". If any non-zero errors -# are reported an email will be sent out. You should then look to replace the -# faulty drive and run "zpool scrub" on the affected volume after resilvering. - -if [ ${problems} -eq 0 ]; then - errors=$(/sbin/zpool status | grep ONLINE | grep -v state | awk '{print $3 $4 $5}' | grep -v 000) - if [ "${errors}" ]; then - emailSubject="`hostname` - ZFS pool - Drive Errors" - problems=1 - fi -fi - - -# Scrub Expired - Check if all volumes have been scrubbed in at least the last -# 8 days. The general guide is to scrub volumes on desktop quality drives once -# a week and volumes on enterprise class drives once a month. You can always -# use cron to schedual "zpool scrub" in off hours. We scrub our volumes every -# Sunday morning for example. -# -# Scrubbing traverses all the data in the pool once and verifies all blocks can -# be read. Scrubbing proceeds as fast as the devices allows, though the -# priority of any I/O remains below that of normal calls. This operation might -# negatively impact performance, but the file system will remain usable and -# responsive while scrubbing occurs. To initiate an explicit scrub, use the -# "zpool scrub" command. -# -# The scrubExpire variable is in seconds. So for 8 days we calculate 8 days -# times 24 hours times 3600 seconds to equal 691200 seconds. - -scrubExpire=691200 - -if [ ${problems} -eq 0 ]; then - currentDate=$(date +%s) - zfsVolumes=$(/sbin/zpool list -H -o name) - - for volume in ${zfsVolumes} - do - if [ $(/sbin/zpool status $volume | egrep -c "none requested") -ge 1 ]; then - printf "ERROR: You need to run \"zpool scrub $volume\" before this script can monitor the scrub expiration time." - break - fi - if [ $(/sbin/zpool status $volume | egrep -c "scrub in progress|resilver") -ge 1 ]; then - break - fi - - ### Ubuntu with GNU supported date format - scrubRawDate=$(/sbin/zpool status $volume | grep scrub | awk '{print $11" "$12" " $13" " $14" "$15}') - scrubDate=$(date -d "$scrubRawDate" +%s) - - ### FreeBSD with *nix supported date format - #scrubRawDate=$(/sbin/zpool status $volume | grep scrub | awk '{print $15 $12 $13}') - #scrubDate=$(date -j -f '%Y%b%e-%H%M%S' $scrubRawDate'-000000' +%s) - - if [ $(($currentDate - $scrubDate)) -ge $scrubExpire ]; then - emailSubject="`hostname` - ZFS pool - Scrub Time Expired. Scrub Needed on Volume(s)" - problems=1 - fi - done -fi - - -# Email - On any problems send email with drive status information and -# capacities including a helpful subject line. Also use logger to write the -# email subject to the local logs. This is also the place you may want to put -# any other notifications like playing a sound file, beeping the internal -# speaker, paging someone or updating Nagios or even BigBrother. - -if [ "$problems" -ne 0 ]; then - printf '%s\n' "$emailSubject" "" "`/sbin/zpool list`" "" "`/sbin/zpool status`" | /usr/bin/mail -s "$emailSubject" root@localhost - logger $emailSubject -fi diff --git a/roles/ariane/files/zfs_mount.sh b/roles/ariane/files/zfs_mount.sh deleted file mode 100644 index e012f3a..0000000 --- a/roles/ariane/files/zfs_mount.sh +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash - -# https://bitbucket.org/dewoodruff/zfs-on-linux-luks-mountvolumes/src/5836def278a3e462f1f508ba02b7fa236dd28717/mountVolumes.sh - -#list our zpools to be mounted, one per line, no delimiter -pools=( - "zv1" -) -#list all devs and their aliases to be used with luksOpen -declare -A devs=( - ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP32E-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP32E-part1" - ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PPLPH-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PPLPH-part1" - ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP0K1-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP0K1-part1" - ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WXB1HB4MJCMM-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WXB1HB4MJCMM-part1" -) -#set your log file name -LOG=mountVolumes.log - -# the real work happens below -activePools=() -date >> $LOG -function getPoolStatus { - echo "Checking pool status:" | tee -a $LOG - for pool in "${pools[@]}" - do - echo -en "\t$pool: " | tee -a $LOG - status=`zpool status $pool 2>&1 | grep "state:" | cut -f2 -d:` - if [ -z "$status" ]; - then - echo "unknown - not imported" | tee -a $LOG - else - echo $status | tee -a $LOG - activePools+=($pool) - fi - done -} - -function exportActivePools { - if [ -n "$activePools" ]; - then - echo -n "Exporting pools... " | tee -a $LOG - for pool in "${activePools[@]}" - do - zpool export -f $pool 2>&1 1>>$LOG || { echo "Problem exporting $pool!" | tee -a $LOG; exit 0; } - done - echo " done." - fi -} - -function importPools { - echo -n "Importing pools..." - for pool in "${pools[@]}" - do - zpool import $pool 2>&1 1>>$LOG || { echo "Problem importing $pool!" | tee -a $LOG; exit 0; } - done - echo " done." -} - -function closeAllLUKS { - echo "Making sure all LUKS disks are closed..." - for dev in "${devs[@]}" - do - #echo $dev - cryptsetup close $dev 2>&1 | 1>>$LOG || { echo "Problem closing $dev!" | tee -a $LOG; exit 0; } - done - echo "Done." -} - -function openAllLUKS { - read -s -p "Enter LUKS passphrase: " pass1 - echo "" - read -s -p "Confirm LUKS passphrase: " pass2 - echo "" - - if [ "$pass1" = "$pass2" ]; - then - for dev in "${!devs[@]}" - do - echo "Opening $dev to ${devs["$dev"]}" | tee -a $LOG - echo "$pass1" | cryptsetup luksOpen $dev ${devs[$dev]} 2>&1 1>>$LOG || { echo "Problem opening $dev!" | tee -a $LOG; exit 0; } - done - else - echo "ERROR: passphrases don't match!" - fi - pass1="" - pass2="" -} - -function LUKSStatus { - for dev in "${devs[@]}" - do - cryptsetup status $dev | head -1 | tee -a $LOG - done | sort -} - -function unmount { - zfs unshare -a - getPoolStatus - exportActivePools - closeAllLUKS - getPoolStatus -} - -if [ "$1" = "status" ]; -then - LUKSStatus - getPoolStatus -elif [ "$1" = "mount" ]; -then - getPoolStatus - exportActivePools - closeAllLUKS - openAllLUKS - importPools - getPoolStatus - zfs share -a -elif [ "$1" = "unmount" ]; -then - unmount -elif [ "$1" = "reboot" ]; -then - unmount - reboot -elif [ "$1" = "shutdown" ]; -then - unmount - shutdown -h now -elif [ "$1" = "freespace" ]; -then - zfs list -else - echo "Usage: ./mountVolumes.sh [status|mount|unmount|reboot|shutdown|freespace]" -fi diff --git a/roles/ariane/files/zfs_mount_settings.sh b/roles/ariane/files/zfs_mount_settings.sh new file mode 100644 index 0000000..bdc96b7 --- /dev/null +++ b/roles/ariane/files/zfs_mount_settings.sh @@ -0,0 +1,13 @@ +#list our zpools to be mounted, one per line, no delimiter +pools=( + "zv1" +) +#list all devs and their aliases to be used with luksOpen +declare -A devs=( + ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP32E-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP32E-part1" + ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PPLPH-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PPLPH-part1" + ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP0K1-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WX21D36PP0K1-part1" + ["/dev/disk/by-id/ata-WDC_WD60EFRX-68L0BN1_WD-WXB1HB4MJCMM-part1"]="ata-WDC_WD60EFRX-68L0BN1_WD-WXB1HB4MJCMM-part1" +) +#set your log file name +LOG=/var/log/zfs_mount diff --git a/roles/ariane/handlers/main.yml b/roles/ariane/handlers/main.yml index 902aaf9..077d8af 100644 --- a/roles/ariane/handlers/main.yml +++ b/roles/ariane/handlers/main.yml @@ -1,13 +1,4 @@ --- -- name: zfs - start services - service: "name={{ item }} state=restarted" - with_items: - - zfs-import-cache - - zfs-import-scan - - zfs-mount - - zfs-share - listen: zfs restart - - name: lxc - create authorized_keys file in VM for root listen: lxc - inital ssh authorized_keys copy: remote_src=yes src=/root/.ssh/authorized_keys dest="/var/lib/lxc/lxc-{{ item.name }}-{{ item.revision }}/rootfs/root/.ssh/authorized_keys" owner=root group=root mode=0600 diff --git a/roles/ariane/tasks/zfs.yml b/roles/ariane/tasks/zfs.yml index 1619aff..a219234 100644 --- a/roles/ariane/tasks/zfs.yml +++ b/roles/ariane/tasks/zfs.yml @@ -1,33 +1,6 @@ --- -- name: zfs - linux-headers - package: name=linux-headers-{{ ansible_kernel }} - -- name: zfs - install ZoL dkms - package: name=zfs-dkms - -- name: zfs - install ZoL utils - package: name=zfsutils-linux - -- name: zfs - install zfs-auto-snapshot - package: name=zfs-auto-snapshot - -- name: zfs - zfs-auto-snapshot find cron files - shell: find /etc/cron* -type f -name zfs-auto-snapshot - register: snapshot_cron - changed_when: False - -- name: zfs - zfs-auto-snapshot prefix - lineinfile: - path: "{{ item }}" - regexp: (.*zfs-auto-snapshot.*\d+)\ \ \/\/ - line: \1 --prefix= // - backrefs: yes - with_items: "{{ snapshot_cron.stdout_lines }}" - when: snapshot_cron.stdout_lines is defined - -- name: zfs - load module - modprobe: name=zfs - notify: zfs restart +- name : zfs - zfs_mount_settings.sh + copy: src=zfs_mount_settings.sh dest=/etc/ owner=root group=root mode=0755 - name: zfs - set quota zfs: @@ -54,19 +27,6 @@ - { name: zv1/daten, opts: "rw=@192.168.86.0/24,insecure,sync,no_subtree_check,root_squash,crossmnt" } - { name: zv1/fotos, opts: "rw=@192.168.86.0/24,insecure,sync,no_subtree_check,root_squash,crossmnt" } -- name : zfs - zfs_mount.sh - copy: src=zfs_mount.sh dest=/usr/local/bin/ owner=root group=root mode=0755 - -- name : zfs - zfs_health.sh - copy: src=zfs_health.sh dest=/usr/local/bin/ owner=root group=root mode=0755 - -- name: zfs - zfs_health cronjob - cron: - name: zfs check health - minute: 0 - hour: "7,11,16" - job: "/usr/local/bin/zfs_health.sh" - - name: zfs - pool scrub cronjob for zv1 cron: name: zfs scrub zv1 diff --git a/roles/common b/roles/common index ac34166..e347803 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit ac34166557fe0e9fc3d9f6da3c7f90137ca4a497 +Subproject commit e347803f6257b04aae3c3ef19a6c11ce7c56c5b6