Logic separation of tasks for node bootstrap

Dario Tranchitella · Dario Tranchitella · commit ca82ff03184f · 2018-02-23T19:03:44.000+01:00
diff --git a/roles/nodes-bootstrap/tasks/main.yml b/roles/nodes-bootstrap/tasks/main.yml
@@ -1,32 +1,9 @@
 ---
-  - name: Disabling SELinux
-    selinux:
-      policy: targeted
-      state: permissive
-    register: selinux
+- name: SELinux
+  import_tasks: selinux.yml
 
-  - name: Reboot the system to enable new SELinux policy
-    shell: sleep 2 && shutdown -r now 'Reboot after SELinux policy' removes=/var/run/reboot-required
-    async: 1
-    poll: 0
-    when: selinux.changed
-    ignore_errors: true
-  
-  - name: Wait for the server to come back online (part 1)
-    set_fact:
-      wait_for_host: "{{ ansible_host }}"
-    when: selinux.changed
-  - name: Wait for the server to come back online (part 2)
-    local_action:
-      module: wait_for
-        host="{{ wait_for_host }}"
-        state=started
-        delay=10
-        timeout=600
-        port=22
-    become: no
-    when: selinux.changed
+- name: Time sync
+  import_tasks: time-sync.yml
 
-  - name: Updating clock without NTPD
-    shell: |
-      date -u --set="$(curl -H 'Cache-Control: no-cache' -sD - http://google.com |grep '^Date:' |cut -d' ' -f3-6)"
+- name: Swap space
+  import_tasks: swap.yml
diff --git a/roles/nodes-bootstrap/tasks/selinux.yml b/roles/nodes-bootstrap/tasks/selinux.yml
@@ -0,0 +1,30 @@
+---
+- name: Disabling SELinux
+  selinux:
+    policy: targeted
+    state: permissive
+  register: selinux
+
+- name: Reboot the system to enable new SELinux policy
+  shell: sleep 2 && shutdown -r now 'Reboot after SELinux policy' removes=/var/run/reboot-required
+  async: 1
+  poll: 0
+  when: selinux.changed
+  ignore_errors: true
+
+- name: Wait for the server to come back online (part 1)
+  set_fact:
+    wait_for_host: "{{ ansible_host }}"
+    on_port: "{{ ansible_port|default(22) }}"
+  when: selinux.changed
+
+- name: Wait for the server to come back online (part 2)
+  local_action:
+    module: wait_for
+      host="{{ wait_for_host }}"
+      state=started
+      delay=10
+      timeout=600
+      port={{ on_port }}
+  become: no
+  when: selinux.changed
diff --git a/roles/nodes-bootstrap/tasks/swap.yml b/roles/nodes-bootstrap/tasks/swap.yml
@@ -0,0 +1,11 @@
+---
+- name: Remove swapfile from /etc/fstab
+  mount:
+    name: swap
+    fstype: swap
+    state: absent
+
+- name: Disable swap
+  shell: |
+    swapoff -a
+  when: ansible_swaptotal_mb > 0
diff --git a/roles/nodes-bootstrap/tasks/time-sync.yml b/roles/nodes-bootstrap/tasks/time-sync.yml
@@ -0,0 +1,23 @@
+---
+- name: Installing NTPD
+  package:
+    name: ntp
+    state: present
+
+- name: Enabling NTPD
+  systemd:
+    daemon_reload: yes
+    service: ntpd
+    enabled: yes
+    state: started
+
+- name: Updating clock with NTP
+  shell: |
+    ntpdate -u pool.ntp.org
+  ignore_errors: yes
+  register: ntpd
+
+- name: Updating clock without NTPD (fallback)
+  shell: |
+    date -u --set="$(curl -H 'Cache-Control: no-cache' -sD - http://google.com |grep '^Date:' |cut -d' ' -f3-6)"
+  when: ntpd.rc != 0
