Attention: Now nebula-ansible is only usable for CentOS 7.5
nebula-ansible is a Nebula cluster deployment tool based on ansible playbook.
For CentOS,
yum install epel-release -y
yum install ansible -yFor Ubuntu,
sudo apt-get update
sudo apt-get install software-properties-common
sudo apt-add-repository --yes ppa:ansible/ansible
sudo apt install ansibleExecute
ansible --versionand make sure your ansible version is > 2.4.2.
Other installation methods can be seen here
Login as root user on the control host(node),and create nebula user account
root@localhost:~$ useradd -m -d /home/nebula nebulaSet password of nebula
root@localhost:~$ passwd nebulaExecute visudo and append nebula ALL=(ALL) NOPASSWD: ALL at the bottom
root@localhost:~$ visudonebula ALL=(ALL) NOPASSWD: ALL
Switch from root user to nebula user
root@localhost:~$ su - nebulaCreate ssh key of nebula user
nebula@localhost:~$ ssh-keygen -t rsaPress the Enter key three times until the ssh key is created successfully.
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RWnqJ7y9+kX+2KoUYCZrUAwLBLc7UMxOP1bF6P6sY6o root@localhost
The key's randomart image is:
+---[RSA 2048]----+
|.== .o.+. .. |
| o+o o+ ..o |
|.o..oo. +o. |
| ...+..=.o |
| o. oooS . . |
| . .. + .+ |
| o =. o |
| o +... + |
| E..o.o.o+oo.o |
+----[SHA256]-----+
Download nebula-ansible to control node
nebula@localhost:~$ git clone https://github.com/jievince/nebula-ansible.gitLogin as user nebula on the control host. Add the ip list to the [servers] group in the hosts file.
nebula@localhost:~$ cd /home/nebula/nebula-ansible
nebula@localhost:~$ vi hosts[servers]
192.168.8.16
192.168.8.18
192.168.8.122
192.168.8.188Execute the following command and enter the root password of the deployment target host as prompted.
This step will create a nebula user on the target host and configure the sudo rule to configure ssh mutual trust between the control host and the target hosts.
nebula@localhost:~$ ansible-playbook -i hosts create_users.yml -u root -kExecute the following command, and if all hosts return nebula, the ssh mutual trust configuration is successful
nebula@localhost:~$ ansible -i inventory.ini all -m shell -a 'whoami'Execute the following command and if all hosts return root, it indicates that nebula user sudo password-free configuration is successful
nebula@localhost:~$ ansible -i inventory.ini all -m shell -a 'whoami' -bEdit the inventory.ini file, and set the ip list of the corresponding [metad_servers], [graphd_servers] and [storaged_servers] groups.
[metad_servers]
192.168.8.18
192.168.8.122
192.168.8.188
[graphd_servers]
192.168.8.16
192.168.8.18
192.168.8.122
[storaged_servers]
192.168.8.16
192.168.8.18
192.168.8.122
192.168.8.188Set the following configurations of Nebula rpm/deb package version.
For CentOS,
nebula_version = 1.0.0-rc1
os_version = el7-5 # or el6-5
arc = x86_64
pkg = rpm
For Ubuntu,
nebula_version = 1.0.0-rc1
os_version = ubuntu1604 # or ubuntu1804
arc = amd64
pkg = deb
The script will check the exists of the package (nebula-1.0.0-rc1.el6-5.x86_64.rpm or
nebula-1.0.0-rc1.ubuntu1604.amd64.deb, likewise) from packages_dir (in inventory.ini) and download for GitHub.
nebula@localhost:~$ ansible-playbook local_prepare.ymlBesides, you can also build packages and put in packages_dir to skip the download.
Send and install package.
nebula@localhost:~$ ansible-playbook deploy.ymlnebula@localhost:~$ ansible-playbook start.ymlThis step will start metad, graphd, and storaged services on the cluster.
You can also add -t metad/graphd/storaged to start a specific service. For example,
nebula@localhost:~$ ansible-playbook start.yml -t graphdThis command will start only the graphd services on the cluster.
To stop nebula services
ansible-playbook stop.ymlThis command will stop all of the services in the cluster.
Similarly, you can also add -t metad/graphd/storaged to stop a specific service.