Those Ansible roles should allow you to install, from a deployment host, iRODS [4.2.0 - 4.2.8] on one or more CentOS 7.x / 8.x x86_64 hosts. PostgreSQL (9.6 on CentOS 7.x or 10.6 on CentOS 8.x) will be used to serve the iCAT catalogue. All firewalls should be stopped before attempting a deployment.
Those Ansible roles allow you to install, from a deployment host, iRODS [4.2.0 - 4.2.8] on one or more CentOS 7.x x86_64 hosts. The iRODS role is compatible with both provider and consumer installation modes. PostgreSQL (9.6 on CentOS 7.x or 10.6 on CentOS 8.x) will be used to serve the iCAT catalogue. All firewalls should be stopped before attempting a deployment.
2. Ansible installation
```bash
yum install python2-pip # en tant que root
pip install ansible --user# installation initiale
pip install-U ansible --user# mise à jour
yum install python2-pip # as root
pip install ansible --user# first installation
pip install-U ansible --user# update
```
3. Gitlab repository
...
...
@@ -23,7 +23,7 @@ This Gitlab repository is comprised of two Ansible roles:
negotiation_key: "A 32-byte encryption key shared by the zone for use in the advanced negotiation handshake at the beginning of an iRODS client connection"
database_hostname: myhost2.mydomain.tld
database_name: ICAT
database_password:
database_user: irods
server_control_plane_key: "The encryption key required for communicating with the iRODS grid control plane. Must be 32 bytes long. This must be the same across all iRODS servers in a Zone."
zone_key: "The shared secret used for authentication and identification of server-to-server communication - this can be a string of any length, excluding the use of hyphens, for historical purposes. This must be the same across all iRODS servers in a Zone."
path_to_icat: /data/icat
irods_server: the IP of myhost1.mydomain.tld
# Misc
selinux_mode: enforcing
...
```
9. SSH keys
Ansible has only two dependencies: SSH and Python. For that reason you need to generate a pair of SSH keys (without password) on the deployment host and copy the public part of it to each target machines:
N.B: if SELinux is set to "enforcing", please don't forget to run "/usr/sbin/restorecon -r -v .ssh" on each target machine, else your public key won't work.