add ansible

ansible/.editorconfig

@@ -0,0 +1,35 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+# Matches multiple files with brace expansion notation
+# Set default charset
+[*.{js,py}]
+charset = utf-8
+
+# 4 space indentation
+[*.py]
+indent_style = space
+indent_size = 4
+
+# Tab indentation (no size specified)
+[Makefile]
+indent_style = tab
+
+# Tab indentation (no size specified)
+[*.yml, *.yaml]
+indent_style = tab
+
+# Indentation override for all JS under lib directory
+[lib/**.js]
+indent_style = space
+indent_size = 2
+
+# Matches the exact files either package.json or .travis.yml
+[{package.json,.travis.yml}]
+indent_style = space
+indent_size = 2

ansible/.gitignore

@@ -0,0 +1,14 @@
+fact_files/
+retry_files/
+
+*.log
+
+
+*.pyc
+
+*.idea
+packages
+
+poetry.lock
+pyproject.toml
+test.yml

ansible/README.md

@@ -0,0 +1,83 @@
+# nebula-ansible
+
+English | [中文](README_zh.md)
+
+**Attention**: Now nebula-ansible is only usable for CentOS 7
+
+## Introduction
+
+nebula-ansible is a `Nebula` cluster deployment tool based on [ansible playbook](https://docs.ansible.com/ansible/latest/cli/ansible-playbook.html).
+
+## Usage
+
+### Prepare
+
+Prepare linux user, nebula directory on deployment machine.
+
+```bash
+useradd nebula
+passwd nebula
+# nebula directory is  '/home/nebula/nebula' by default. Could change it by yourself.
+mkdir -p /data
+chown -R nebula:nebula /data
+```
+
+Perform SSH login without password on control machine.
+
+```bash
+ssh-keygen
+ssh-copy-id nebula@{your_deployment_machine}
+
+```
+
+### Install ansible
+
+```bash
+
+sudo yum install ansible
+
+```
+
+Execute
+
+```shell
+ansible --version
+```
+
+and make sure your ansible version is > `2.5`.
+
+Other installation methods can be seen [here](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
+
+### Config ansible-playbook
+
+* Git clone the project.
+* Change `inventory.ini`
+    - `install_source_type`, choose nebula package type, `GA` or `nightly`.
+    - `ansible_ssh_user`, the Linux ssh user, e.g. `nebula`
+    - `packages_dir`, RPM download directory on control machine.
+    - `deploy_dir`, nebula directory on deployment machine. e.g. `/home/nebula/nebula`
+
+* Change templates configuration if needed.  **IMPORTANT**, DO NOT CHANGE `--local_ip` and `--meta_server_addrs`
+
+* Run `ansible -m ping all` to verify if all machines can be reached via SSH.
+
+### Run playbooks
+
+```bash
+# install
+ansible-playbook install.yml
+
+# start
+ansible-playbook start.yml
+
+# stop
+ansible-playbook stop.yml
+
+# status
+ansible-playbook status.yml
+
+# remove
+# remote binary firstly, then remove the whole directory.
+ansible-playbook remove.yml
+
+```

ansible/README_zh.md

@@ -0,0 +1,77 @@
+# nebula-ansible
+
+Nebula-Graph ansible 安装工具，用于部署 nebula 集群。
+
+## 前提
+
+1. 操作系统是 Centos7
+2. 操作机有外网权限，可以下载 OSS 的 RPM 包
+3. 部署的机器已经建好用户，而且打通从控制机到部署机的 SSH。
+4. 所有机器的端口、数据盘等配置是一样的。
+
+## 步骤
+
+### 准备
+
+部署机，创建用户，给用户目录权限，示例
+
+```bash
+useradd nebula
+passwd nebula
+# 默认安装在 /home/nebula/nebula，也可以自己制定部署目录
+mkdir -p /data
+chown -R nebula:nebula /data
+```
+
+控制机，打通 ssh
+
+```bash
+ssh-keygen
+ssh-copy-id nebula@{your_deploy_machine}
+
+```
+
+### 安装 ansible
+
+```bash
+
+sudo yum install ansible
+
+```
+
+### 配置 ansible-playbook
+
+* Git clone 工程。
+* 修改 `inventory.ini` 文件
+    - `install_source_type`，配置安装 GA 还是 nightly 的包。
+    - `ansible_ssh_user`， SSH 的 Linux 用户，如 `nebula`
+    - `packages_dir`，操作机下载 rpm 包的目录。
+    - `deploy_dir`，部署服务所在目录，如 `/home/nebula/nebula`
+
+* 修改 templates 中的各个配置 （如需要）。**注意**，不要更改 `--local_ip` 和 `--meta_server_addrs`
+
+* 运行 `ansible -m ping all` 看是否 ssh 已经打通
+
+### 运行
+
+```bash
+# 安装
+# 如果只修改配置文件，不会重复覆盖二进制文件。
+# 即当目录有二进制文件时不会替换，如果要替换二进制，先执行删除
+# 需要安装的 rpm 包，会先下载到执行机的 package 文件夹
+ansible-playbook install.yml
+
+# 启动
+ansible-playbook start.yml
+
+# 停止
+ansible-playbook stop.yml
+
+# 查看状态
+ansible-playbook status.yml
+
+# 删除
+# 先删除二进制文件，后删除整个部署目录，两个操作分别有提示。
+ansible-playbook remove.yml
+
+```

ansible/ansible.cfg

@@ -0,0 +1,23 @@
+[defaults]
+inventory = inventory.ini
+forks = 12
+
+transport = ssh
+host_key_checking = Fasle
+
+gathering = smart
+gather_subset = network,hardware
+fact_caching = jsonfile
+fact_caching_connection = fact_files
+retry_files_save_path = retry_files
+
+stdout_callback = yaml
+callback_whitelist = profile_tasks, timer
+
+deprecation_warnings = False
+log_path = ansible.log
+
+[ssh_connection]
+pipelining=True
+ssh_args = -o ControlMaster=auto -o ControlPersist=30m -o ConnectionAttempts=100 -o UserKnownHostsFile=/dev/null
+

ansible/create_users.yml

@@ -0,0 +1,21 @@
+---
+
+- hosts: all
+  tasks:
+    - name: create user
+      user: name={{ username }} shell=/bin/bash createhome=yes
+
+    - name: set authorized key
+      authorized_key:
+        user: "{{ username }}"
+        key: "{{ lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}"
+        state: present
+
+    - name: update sudoers file
+      lineinfile:
+        path: /etc/sudoers
+        insertafter: EOF
+        line: '{{ username }} ALL=(ALL) NOPASSWD: ALL'
+        regexp: '^{{ username }} .*'
+        state: present
+

ansible/deploy.yml

@@ -0,0 +1,38 @@
+---
+# deploy Nebula Graph cluster
+
+- name: set environment
+  hosts: all
+  become: true
+  roles:
+    - environment
+
+- name: copy nebula package to all machines in the cluster and install nebula on them
+  hosts: all
+  become: true
+  roles: 
+    - install
+
+- name: configuration for metad service
+  hosts: metad_servers
+  become: true
+  roles:
+    - metad
+
+- name: configuration for graphd service
+  hosts: graphd_servers
+  become: true
+  roles:
+    - graphd
+
+- name: configuration for storaged service
+  hosts: storaged_servers
+  become: true
+  roles:
+    - storaged
+
+- name: configuration for firewall
+  hosts: all
+  become: true
+  roles:
+    - { role: firewalld, when: enable_firewalld is defined and enable_firewalld }

ansible/filter_plugins/datetime_format.py

@@ -0,0 +1,16 @@
+# -*- encoding: utf-8 -*-
+import datetime
+
+
+def yesterday_format(value):
+    yesterday = value - datetime.timedelta(days=1)
+    return yesterday.strftime('%Y.%m.%d')
+
+
+class FilterModule(object):
+    """ jinja2 filters """
+
+    def filters(self):
+        return {
+            'yesterday_format': yesterday_format,
+        }

ansible/filter_plugins/map_format.py

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+
+from jinja2.utils import soft_unicode
+
+
+def map_format(value, pattern):
+    """
+    e.g.  
+    "{{ groups['metad']|map('map_format', '%s:9559')|join(',') }}"
+    """
+    return soft_unicode(pattern) % (value)
+
+
+class FilterModule(object):
+    """ jinja2 filters """
+
+    def filters(self):
+        return {
+            'map_format': map_format,
+        }

ansible/group_vars/all.yml

@@ -0,0 +1,24 @@
+nebula_packages:
+    name: 
+        "{%- if install_source_type == 'GA' -%} 
+        nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }}
+        {%- else -%} 
+        nebula-graph-{{ now()|yesterday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }}
+        {%- endif -%}"
+
+    version: 
+        "{%- if install_source_type.lower() == 'ga' -%} 
+        {{ nebula_version }}
+        {%- else -%} 
+        {{ nebula_version }}-{{ now()|yesterday_format }}-nightly
+        {%- endif -%}"
+
+    url: 
+        "{%- if install_source_type.lower() == 'ga' -%} 
+        https://oss-cdn.nebula-graph.io/package/{{ nebula_version }}/nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }}
+        {%- else -%} 
+        https://oss-cdn.nebula-graph.io/package/v2-nightly/{{ now()|yesterday_format }}/nebula-graph-{{ now()|yesterday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }}
+        {%- endif -%}"
+
+
+

ansible/install.yml

@@ -0,0 +1,22 @@
+---
+- hosts: localhost
+  connection: local
+  gather_facts: false
+  roles:
+    - local
+
+- hosts: all
+  roles:
+    - prepare
+
+- hosts: metad
+  roles:
+    - nebula-metad
+
+- hosts: storaged
+  roles:
+    - nebula-storaged
+
+- hosts: graphd
+  roles:
+    - nebula-graphd