146 lines
3.9 KiB
YAML
146 lines
3.9 KiB
YAML
---
|
|
- name: Unidirectional Access Diagnosis
|
|
hosts: pve_cluster
|
|
gather_facts: yes
|
|
tasks:
|
|
- name: Check PVE proxy binding configuration
|
|
command: ss -tlnp | grep :8006
|
|
register: pve_proxy_binding
|
|
|
|
- name: Display PVE proxy binding
|
|
debug:
|
|
msg: "{{ pve_proxy_binding.stdout_lines }}"
|
|
|
|
- name: Check PVE firewall status
|
|
command: pve-firewall status
|
|
register: firewall_status
|
|
|
|
- name: Display firewall status
|
|
debug:
|
|
msg: "{{ firewall_status.stdout_lines }}"
|
|
|
|
- name: Check PVE firewall rules
|
|
command: pve-firewall show
|
|
register: firewall_rules
|
|
ignore_errors: yes
|
|
|
|
- name: Display firewall rules
|
|
debug:
|
|
msg: "{{ firewall_rules.stdout_lines }}"
|
|
when: firewall_rules.rc == 0
|
|
|
|
- name: Check iptables rules
|
|
command: iptables -L -n
|
|
register: iptables_rules
|
|
ignore_errors: yes
|
|
|
|
- name: Display iptables rules
|
|
debug:
|
|
msg: "{{ iptables_rules.stdout_lines }}"
|
|
when: iptables_rules.rc == 0
|
|
|
|
- name: Check PVE proxy configuration
|
|
stat:
|
|
path: /etc/pveproxy.conf
|
|
register: proxy_config_stat
|
|
|
|
- name: Display proxy config status
|
|
debug:
|
|
msg: "Proxy config exists: {{ proxy_config_stat.stat.exists }}"
|
|
|
|
- name: Check PVE proxy logs
|
|
command: journalctl -u pveproxy -n 20 --no-pager
|
|
register: proxy_logs
|
|
ignore_errors: yes
|
|
|
|
- name: Display proxy logs
|
|
debug:
|
|
msg: "{{ proxy_logs.stdout_lines }}"
|
|
when: proxy_logs.rc == 0
|
|
|
|
- name: Test local access to PVE web
|
|
uri:
|
|
url: "https://localhost:8006"
|
|
method: GET
|
|
validate_certs: no
|
|
timeout: 10
|
|
register: local_access
|
|
ignore_errors: yes
|
|
|
|
- name: Display local access result
|
|
debug:
|
|
msg: "Local access: {{ 'SUCCESS' if local_access.status == 200 else 'FAILED' }}"
|
|
|
|
- name: Test access from other nodes to PVE
|
|
uri:
|
|
url: "https://pve:8006"
|
|
method: GET
|
|
validate_certs: no
|
|
timeout: 10
|
|
register: remote_access
|
|
ignore_errors: yes
|
|
when: inventory_hostname != 'pve'
|
|
|
|
- name: Display remote access result
|
|
debug:
|
|
msg: "{{ inventory_hostname }} -> pve: {{ 'SUCCESS' if remote_access.status == 200 else 'FAILED' }}"
|
|
when: inventory_hostname != 'pve' and remote_access is defined
|
|
|
|
- name: Check PVE cluster communication
|
|
command: pvecm status
|
|
register: cluster_status
|
|
ignore_errors: yes
|
|
|
|
- name: Display cluster status
|
|
debug:
|
|
msg: "{{ cluster_status.stdout_lines }}"
|
|
when: cluster_status.rc == 0
|
|
|
|
- name: Check network interfaces
|
|
command: ip addr show
|
|
register: network_interfaces
|
|
|
|
- name: Display network interfaces
|
|
debug:
|
|
msg: "{{ network_interfaces.stdout_lines }}"
|
|
|
|
- name: Check routing table
|
|
command: ip route show
|
|
register: routing_table
|
|
|
|
- name: Display routing table
|
|
debug:
|
|
msg: "{{ routing_table.stdout_lines }}"
|
|
|
|
- name: Test connectivity from PVE to other nodes
|
|
command: ping -c 3 {{ item }}
|
|
loop: "{{ groups['pve_cluster'] }}"
|
|
when: item != inventory_hostname
|
|
register: ping_tests
|
|
ignore_errors: yes
|
|
|
|
- name: Display ping test results
|
|
debug:
|
|
msg: "{{ inventory_hostname }} -> {{ item.item }}: {{ 'SUCCESS' if item.rc == 0 else 'FAILED' }}"
|
|
loop: "{{ ping_tests.results }}"
|
|
when: ping_tests is defined
|
|
|
|
- name: Check PVE proxy process details
|
|
command: ps aux | grep pveproxy
|
|
register: proxy_processes
|
|
|
|
- name: Display proxy processes
|
|
debug:
|
|
msg: "{{ proxy_processes.stdout_lines }}"
|
|
|
|
- name: Check PVE proxy configuration files
|
|
find:
|
|
paths: /etc/pve
|
|
patterns: "*.conf"
|
|
file_type: file
|
|
register: pve_config_files
|
|
|
|
- name: Display PVE config files
|
|
debug:
|
|
msg: "{{ pve_config_files.files | map(attribute='path') | list }}"
|