--- - name: install repository package: name: centos-release-gluster9 state: installed when: ansible_distribution == "CentOS" - name: install packages package: name: glusterfs-server state: installed - name: create datadir file: path: /export/glusterfs state: directory mode: 0755 owner: root group: "{{ ansible_wheel }}" - name: link tls certificates and keys file: dest: "{{ item.path }}" src: "{{ item.target }}" state: link owner: root group: "{{ ansible_wheel }}" follow: false with_items: - path: /etc/ssl/glusterfs.pem target: "{{ tls_certs }}/{{ inventory_hostname }}.crt" - path: /etc/ssl/glusterfs.key target: "{{ tls_private }}/{{ inventory_hostname }}.key" - path: /etc/ssl/glusterfs.ca target: "{{ tls_certs }}/ca.crt" notify: restart glusterd - name: enable tls on management copy: dest: /var/lib/glusterd/secure-access content: "option transport.socket.ssl-cert-depth 1\n" mode: 0644 owner: root group: "{{ ansible_wheel }}" notify: restart glusterd - name: start server service service: name: glusterd state: started enabled: true - name: discover peers gluster_peer: state: present nodes: "{{ item }}" when: - item != inventory_hostname with_items: "{{ groups[glusterfs_group] }}" delegate_to: >- {% set hosts = groups[glusterfs_group] -%} {{ hosts | reject('equalto', inventory_hostname) | list | first }} - name: configure volume gluster_volume: name: gv0 state: present brick: /export/glusterfs cluster: "{{ groups[glusterfs_group] | join(',') }}" replicas: "{{ groups[glusterfs_group] | count }}" host: "{{ inventory_hostname }}" force: true options: { client.ssl: "on", server.ssl: "on", ssl.certificate-depth: "1", } run_once: true notify: restart glusterfs volume delegate_to: >- {% set hosts = groups[glusterfs_group] -%} {{ hosts | reject('equalto', inventory_hostname) | list | first }}