now persists hostkeys on ood/login by default

Author: wtripp180901

ansible/roles/persist_hostkeys/tasks/main.yml

@@ -2,7 +2,7 @@
 
 - name: Ensure hostkeys directory exists on persistent storage
   file:
-    path: "{{ appliances_state_dir }}/hostkeys/{{ inventory_hostname }}"
+    path: "/mnt/hostkeys/{{ inventory_hostname }}"
     state: directory
     owner: root
     group: root
@@ -11,7 +11,7 @@
 - name: Copy hostkeys from persistent storage
   # won't fail if no keys are in persistent storage
   copy:
-    src: "{{ appliances_state_dir }}/hostkeys/{{ inventory_hostname }}/"
+    src: "/mnt/hostkeys/{{ inventory_hostname }}/"
     dest: /etc/ssh/
     remote_src: true
 
@@ -23,7 +23,7 @@
 
 - name: Persist hostkeys
   copy:
-    dest: "{{ appliances_state_dir }}/hostkeys/{{ inventory_hostname }}/"
+    dest: "/mnt/hostkeys/{{ inventory_hostname }}/"
     src: "{{ item }}"
     remote_src: true
     mode: preserve

environments/common/inventory/group_vars/all/nfs.yml

@@ -21,3 +21,12 @@ nfs_configurations:
         server: "{{ inventory_hostname in groups['control'] }}"
         clients: false
     nfs_export: "/exports/cluster"
+
+  - comment: Export hostkeys from Slurm control node to OOD
+    nfs_enable:
+        server:  "{{ inventory_hostname in groups['control'] }}"
+        clients: "{{ inventory_hostname in groups['openondemand'] or inventory_hostname in groups['login'] }}"
+    nfs_export: "{{ appliances_state_dir | default('/var/lib/state') }}/hostkeys"
+    nfs_server: "{{ nfs_server_default }}"
+    nfs_client_mnt_point: "/mnt/hostkeys"
+    nfs_client_mnt_options: "x-systemd.required-by=zenith-ood.service,x-systemd.before=zenith-ood.service"

environments/common/layouts/everything

@@ -69,8 +69,10 @@ openhpc
 [manila]
 # Hosts to configure for manila fileshares
 
-[persist_hostkeys]
+[persist_hostkeys:children]
 # Hosts to persist hostkeys for across reimaging. NB: Requires appliances_state_dir on hosts.
+login
+openondemand
 
 [squid]
 # Hosts to run squid proxy