search

marvel-nccr / ansible-role-aiida

An ansible role that installs and configures AiiDA on Ubuntu.
Other
2 stars 5 forks source link

reintroduce testing on RedHat distro line #79

Open ltalirz opened 1 year ago

ltalirz commented 1 year ago

https://github.com/marvel-nccr/ansible-role-aiida/commit/e37869de1ff71e97870c9692ca3ccf4850f2935b completely dropped any testing on the RedHat line (CentOS/Rocky/Alma), which is still a popular Linux distribution. This is especially true in high-performance computing. E.g. in 2020, 12 of the 20 top machines in the Top 500 were RHEL or CentOS.

@chrisjsewell Could you please comment on why testing on CentOS was dropped, and what would be required to bring it back?

ltalirz commented 1 year ago

One aspect I notice on older CentOS (7.8) is that the default postgresql (9.2) does not yet support JSON binary fields.

Postgresql provides repositories for both the Debian/Ubuntu and CentOS/Fedora line, but the corresponding systemd service is then named after the postgresql version - e.g. postgresql-12 instead of postgresql.

Happy to add support for choosing the postgres version across distros if desired

JPchico commented 1 year ago

I have more or less managed to make the role work with CentOS 7, quite a bit needed to be changed, mostly due to the types of packages that needed to be installed and the order, plus some other issues.

I've still not managed to put the entire thing since I'm dealing with the authentication still, but if you want I can add my progress on CentOS roles here. Would that be good? What do you think @ltalirz ?

ltalirz commented 1 year ago

Hi @JPchico , thank you - yes, that would be much appreciated!

I also have a version with some modifications that works for CentOS 7, here is my aiida-deps-rhel.yml:

- name: Add Postgresql repo.
  become: true
  become_user: "{{ root_user }}"
  dnf:
    #name: "{{ aiida_postgres_repository_url['RedHat'] }}"
    name: https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
    disable_gpg_check: true
  tags: aiida-postgresql

- name: Install Postgresql, and other necessary packages
  become: true
  become_user: "{{ root_user }}"
  dnf:
    name:
    - gcc
    - gcc-c++    # for building pymatgen C extensions
      # To get rid of the locale errors on the Centos 8 containers
    #- glibc-langpack-en
    - git
      # database
    - postgresql{{ aiida_postgres_version }}
    - postgresql{{ aiida_postgres_version }}-server
    #- libpq-devel
      # misc
    #- libffi-devel
    #- openssl-devel
    #- graphviz  # for provenance graph visualisation
    - python3-psycopg2  # required for postgresql_db role
      # Needed for setenforce to disable SELinux
    - libselinux-utils
      # Needed to control SELinux from Ansible
      # We instead need to do this manually as installing the selinux-policy package brings in a dependency that
      # breaks the package manager (Failed to synchronize cache for repo 'AppStream').
      # - selinux-policy
  tags: aiida-postgresql

- name: Get PackageCloud Erlang repo on CentOS.
  become: true
  become_user: "{{ root_user }}"
  get_url:
    url: "{{ aiida_erlang_repository_url }}"
    dest: "{{ aiida_erlang_repository_path }}"
    force: true
  when: ansible_distribution == "CentOS"

- name: Get PackageCloud RabbitMQ repo on CentOS.
  become: true
  become_user: "{{ root_user }}"
  get_url:
    url: "{{ aiida_rabbitmq_repository_url }}"
    dest: "{{ aiida_rabbitmq_repository_path }}"
    force: true
  #when: ansible_distribution == "CentOS"
  tags: aiida-rabbitmq

- name: Add PackageCloud GPG key on CentOS
  become: true
  become_user: "{{ root_user }}"
  rpm_key:
    key: "https://packagecloud.io/gpg.key"
    state: present
  when: ansible_distribution == "CentOS"

- name: Install Erlang and RabbitMQ on CentOS
  become: true
  become_user: "{{ root_user }}"
  dnf:
    name: "{{ aiida_rabbitmq_basename }}-{{ aiida_rabbitmq_version }}"
    state: "present"
    disablerepo: "epel"
    enablerepo:
    - rabbitmq_erlang
    - rabbitmq_rabbitmq-server
  when: ansible_distribution == "CentOS"

- name: Install gcc-g++ and RabbitMQ using dnf on Fedora
  become: true
  become_user: "{{ root_user }}"
  dnf:
    name:
    - gcc-g++
    - rabbitmq-server
      # To enable find
    - findutils
      # To enable pgrep
    - procps
  when: ansible_distribution == "Fedora"

# We have to disable SELinux when running the verdi daemon in systemd. SELinux does not
# allow user domain files to run in init. Consider redesign or write a custom SELinux rule.
# See comment in the dnf package section why we need to run the command manually.
- name: Disable SELinux
  become: true
  become_user: "{{ root_user }}"
  # selinux:
  #  state: disabled
  shell: setenforce 0
  changed_when: false
  ignore_errors: true

- name: Set binary location for Postgresql executables
  set_fact:
    aiida_postgres_bin_location: /usr/pgsql-{{ aiida_postgres_version}}/bin

- name: Set data location for Postgresql
  set_fact:
    aiida_postgres_data_location: /var/lib/pgsql/{{ aiida_postgres_version }}/data

- name: "Create Postgres database directory {{ aiida_postgres_data_location }}"
  become: true
  become_user: "{{ root_user }}"
  file:
    path: "{{ aiida_postgres_data_location }}"
    state: directory
    owner: "{{ aiida_postgres_user }}"

- name: Initialize database
  become: true
  become_user: "{{ aiida_postgres_user }}"
  command: "{{ aiida_postgres_bin_location }}/initdb {{ aiida_postgres_data_location }}"
  args:
    creates: "{{ aiida_postgres_data_location }}/pg_hba.conf"

# Avoid password on postgres, fix in future so that we can use md5
- name: put a trust configured pg_hba in place of the default
  become: true
  become_user: "{{ aiida_postgres_user }}"
  template:
    src: pg_hba.template
    dest: "{{ aiida_postgres_data_location }}"
    owner: "{{ aiida_postgres_user }}"
    group: "{{ aiida_postgres_user }}"
    mode: 0600