Compare commits
No commits in common. "51605ab23951f9d852d48cf0b7ae2ab5509b7e12" and "7f8d8654a4771cb35fbe312a174686424d06e0d0" have entirely different histories.
51605ab239
...
7f8d8654a4
@ -11,7 +11,7 @@ license_file: "LICENSE"
|
|||||||
|
|
||||||
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
|
# A list of tags you want to associate with the collection for indexing/searching. A tag name has the same character
|
||||||
# requirements as 'namespace' and 'name'
|
# requirements as 'namespace' and 'name'
|
||||||
tags: ["tools"]
|
tags: []
|
||||||
dependencies: {}
|
dependencies: {}
|
||||||
repository: https://git.ednz.fr/ansible-collections/hashistack
|
repository: https://git.ednz.fr/ansible-collections/hashistack
|
||||||
documentation: http://docs.example.com
|
documentation: http://docs.example.com
|
||||||
|
@ -36,6 +36,20 @@
|
|||||||
state: present
|
state: present
|
||||||
when: "'haproxy_servers' in group_names"
|
when: "'haproxy_servers' in group_names"
|
||||||
|
|
||||||
|
- name: "Include ednz_cloud.install_docker"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: ednz_cloud.install_docker
|
||||||
|
vars:
|
||||||
|
install_docker_edition: ce
|
||||||
|
install_docker_auto_update: false
|
||||||
|
install_docker_start_service: true
|
||||||
|
install_docker_compose: false
|
||||||
|
install_docker_python_packages: false
|
||||||
|
install_docker_users:
|
||||||
|
- "{{ ansible_user }}"
|
||||||
|
install_docker_daemon_options: {}
|
||||||
|
when: "'nomad_agents' in group_names"
|
||||||
|
|
||||||
- name: "Ensure /etc/localtime exists"
|
- name: "Ensure /etc/localtime exists"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
src: /etc/timezone
|
src: /etc/timezone
|
||||||
|
@ -18,7 +18,6 @@ configuration_credentials_vars_file: "credentials.yml"
|
|||||||
|
|
||||||
hashistack_remote_config_dir: "/etc/hashistack"
|
hashistack_remote_config_dir: "/etc/hashistack"
|
||||||
hashistack_remote_data_dir: "/opt/hashistack"
|
hashistack_remote_data_dir: "/opt/hashistack"
|
||||||
hashistack_remote_log_dir: /var/log/hashistack
|
|
||||||
|
|
||||||
default_container_extra_volumes:
|
default_container_extra_volumes:
|
||||||
- "/etc/timezone:/etc/timezone"
|
- "/etc/timezone:/etc/timezone"
|
||||||
@ -45,6 +44,4 @@ preflight_enable_host_ntp_checks: true
|
|||||||
haproxy_required_ports: [80, 443]
|
haproxy_required_ports: [80, 443]
|
||||||
vault_required_ports: [8200, 8201]
|
vault_required_ports: [8200, 8201]
|
||||||
consul_required_ports: [8300, 8301, 8302, 8500, 8501, 8502, 8503, 8600]
|
consul_required_ports: [8300, 8301, 8302, 8500, 8501, 8502, 8503, 8600]
|
||||||
nomad_required_ports: [4646, 4647, 4648]
|
nomad_required_ports: []
|
||||||
|
|
||||||
target: all, !deployment
|
|
||||||
|
@ -64,17 +64,6 @@ consul_certificates_extra_files_dir:
|
|||||||
- src: "{{ sub_configuration_directories['certificates'] }}/consul/{{ inventory_hostname }}"
|
- src: "{{ sub_configuration_directories['certificates'] }}/consul/{{ inventory_hostname }}"
|
||||||
dest: "{{ consul_certificates_directory }}"
|
dest: "{{ consul_certificates_directory }}"
|
||||||
|
|
||||||
##################
|
|
||||||
# consul logging #
|
|
||||||
##################
|
|
||||||
|
|
||||||
consul_enable_log_to_file: "{{ enable_log_to_file | bool }}"
|
|
||||||
consul_logging_configuration:
|
|
||||||
log_file: "{{ hashistack_remote_log_dir }}/consul/consul.log"
|
|
||||||
log_level: info
|
|
||||||
log_rotate_duration: 24h
|
|
||||||
log_rotate_max_files: 30
|
|
||||||
|
|
||||||
#########################
|
#########################
|
||||||
# consul role variables #
|
# consul role variables #
|
||||||
#########################
|
#########################
|
||||||
@ -83,8 +72,8 @@ hashicorp_consul_start_service: true
|
|||||||
hashicorp_consul_service_name: "consul"
|
hashicorp_consul_service_name: "consul"
|
||||||
hashicorp_consul_version: "{{ consul_version }}"
|
hashicorp_consul_version: "{{ consul_version }}"
|
||||||
hashicorp_consul_env_variables: {}
|
hashicorp_consul_env_variables: {}
|
||||||
hashicorp_consul_config_dir: "{{ hashistack_remote_config_dir }}/consul.d"
|
hashicorp_consul_config_dir: "/etc/consul.d"
|
||||||
hashicorp_consul_data_dir: "{{ hashistack_remote_data_dir }}/consul"
|
hashicorp_consul_data_dir: "/opt/consul"
|
||||||
hashicorp_consul_extra_files: true
|
hashicorp_consul_extra_files: true
|
||||||
hashicorp_consul_extra_files_list: "{{ ([] +
|
hashicorp_consul_extra_files_list: "{{ ([] +
|
||||||
(consul_certificates_extra_files_dir if consul_enable_tls else []) +
|
(consul_certificates_extra_files_dir if consul_enable_tls else []) +
|
||||||
|
@ -25,12 +25,6 @@ hashistack_internal_vip_addr: "{{ hashistack_external_vip_addr }}"
|
|||||||
api_interface: "eth0"
|
api_interface: "eth0"
|
||||||
api_interface_address: "{{ ansible_facts[api_interface]['ipv4']['address'] }}"
|
api_interface_address: "{{ ansible_facts[api_interface]['ipv4']['address'] }}"
|
||||||
|
|
||||||
###################
|
|
||||||
# logging options #
|
|
||||||
###################
|
|
||||||
|
|
||||||
enable_log_to_file: true
|
|
||||||
|
|
||||||
########################
|
########################
|
||||||
# external tls options #
|
# external tls options #
|
||||||
########################
|
########################
|
||||||
@ -186,6 +180,17 @@ vault_service_registration_configuration:
|
|||||||
|
|
||||||
vault_enable_plugins: false
|
vault_enable_plugins: false
|
||||||
|
|
||||||
|
###########
|
||||||
|
# logging #
|
||||||
|
###########
|
||||||
|
|
||||||
|
vault_enable_log_to_file: false
|
||||||
|
vault_logging_configuration:
|
||||||
|
log_level: info
|
||||||
|
log_format: standard
|
||||||
|
log_rotate_duration: 24h
|
||||||
|
log_rotate_max_files: 30
|
||||||
|
|
||||||
###########################
|
###########################
|
||||||
# vault container volumes #
|
# vault container volumes #
|
||||||
###########################
|
###########################
|
||||||
@ -241,11 +246,11 @@ nomad_vault_integration_configuration: {}
|
|||||||
# nomad drivers configuration #
|
# nomad drivers configuration #
|
||||||
###############################
|
###############################
|
||||||
|
|
||||||
nomad_driver_enable_docker: true
|
nomad_driver_enable_docker: yes
|
||||||
nomad_driver_enable_podman: false
|
nomad_driver_enable_podman: no
|
||||||
nomad_driver_enable_raw_exec: false
|
nomad_driver_enable_raw_exec: no
|
||||||
nomad_driver_enable_java: false
|
nomad_driver_enable_java: no
|
||||||
nomad_driver_enable_qemu: false
|
nomad_driver_enable_qemu: no
|
||||||
|
|
||||||
nomad_driver_extra_configuration: {}
|
nomad_driver_extra_configuration: {}
|
||||||
|
|
||||||
|
@ -163,17 +163,6 @@ nomad_certificates_extra_files_dir:
|
|||||||
- src: "{{ sub_configuration_directories['certificates'] }}/nomad/{{ inventory_hostname }}"
|
- src: "{{ sub_configuration_directories['certificates'] }}/nomad/{{ inventory_hostname }}"
|
||||||
dest: "{{ nomad_certificates_directory }}"
|
dest: "{{ nomad_certificates_directory }}"
|
||||||
|
|
||||||
#################
|
|
||||||
# nomad logging #
|
|
||||||
#################
|
|
||||||
|
|
||||||
nomad_enable_log_to_file: "{{ enable_log_to_file | bool }}"
|
|
||||||
nomad_logging_configuration:
|
|
||||||
log_file: "{{ hashistack_remote_log_dir }}/nomad/nomad.log"
|
|
||||||
log_level: info
|
|
||||||
log_rotate_duration: 24h
|
|
||||||
log_rotate_max_files: 30
|
|
||||||
|
|
||||||
########################
|
########################
|
||||||
# nomad role variables #
|
# nomad role variables #
|
||||||
########################
|
########################
|
||||||
@ -185,8 +174,8 @@ hashicorp_nomad_cni_plugins_version: latest
|
|||||||
hashicorp_nomad_cni_plugins_install_path: /opt/cni/bin
|
hashicorp_nomad_cni_plugins_install_path: /opt/cni/bin
|
||||||
hashicorp_nomad_version: "{{ nomad_version }}"
|
hashicorp_nomad_version: "{{ nomad_version }}"
|
||||||
hashicorp_nomad_env_variables: {}
|
hashicorp_nomad_env_variables: {}
|
||||||
hashicorp_nomad_config_dir: "{{ hashistack_remote_config_dir }}/nomad.d"
|
hashicorp_nomad_config_dir: "/etc/nomad.d"
|
||||||
hashicorp_nomad_data_dir: "{{ hashistack_remote_data_dir }}/nomad"
|
hashicorp_nomad_data_dir: /opt/nomad
|
||||||
hashicorp_nomad_extra_files: true
|
hashicorp_nomad_extra_files: true
|
||||||
hashicorp_nomad_extra_files_list: "{{ ([] +
|
hashicorp_nomad_extra_files_list: "{{ ([] +
|
||||||
(nomad_certificates_extra_files_dir if nomad_enable_tls else []) +
|
(nomad_certificates_extra_files_dir if nomad_enable_tls else []) +
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
# #
|
# #
|
||||||
#####################################################
|
#####################################################
|
||||||
|
|
||||||
vault_init_server: "{{ (inventory_hostname == groups['vault_servers'][0]) | bool }}"
|
vault_init_cluster: "{{ (inventory_hostname == groups['vault_servers'][0]) | bool }}"
|
||||||
|
|
||||||
#########################
|
#########################
|
||||||
# vault haproxy backend #
|
# vault haproxy backend #
|
||||||
@ -60,17 +60,6 @@ vault_service_registration_policy: |
|
|||||||
policy = "write"
|
policy = "write"
|
||||||
}
|
}
|
||||||
|
|
||||||
#################
|
|
||||||
# vault logging #
|
|
||||||
#################
|
|
||||||
|
|
||||||
vault_enable_log_to_file: "{{ enable_log_to_file | bool }}"
|
|
||||||
vault_logging_configuration:
|
|
||||||
log_file: "{{ hashistack_remote_log_dir }}/vault/vault.log"
|
|
||||||
log_level: info
|
|
||||||
log_rotate_duration: 24h
|
|
||||||
log_rotate_max_files: 30
|
|
||||||
|
|
||||||
########################
|
########################
|
||||||
# vault role variables #
|
# vault role variables #
|
||||||
########################
|
########################
|
||||||
@ -79,8 +68,8 @@ hashicorp_vault_start_service: true
|
|||||||
hashicorp_vault_service_name: "vault"
|
hashicorp_vault_service_name: "vault"
|
||||||
hashicorp_vault_version: "{{ vault_version }}"
|
hashicorp_vault_version: "{{ vault_version }}"
|
||||||
hashicorp_vault_env_variables: {}
|
hashicorp_vault_env_variables: {}
|
||||||
hashicorp_vault_config_dir: "{{ hashistack_remote_config_dir }}/vault.d"
|
hashicorp_vault_config_dir: "/etc/vault.d"
|
||||||
hashicorp_vault_data_dir: "{{ hashistack_remote_data_dir }}/vault"
|
hashicorp_vault_data_dir: "/opt/vault"
|
||||||
hashicorp_vault_extra_files: true
|
hashicorp_vault_extra_files: true
|
||||||
hashicorp_vault_extra_files_list: "{{ ([] +
|
hashicorp_vault_extra_files_list: "{{ ([] +
|
||||||
(vault_certificates_extra_files_dir if vault_enable_tls else []) +
|
(vault_certificates_extra_files_dir if vault_enable_tls else []) +
|
||||||
@ -89,6 +78,9 @@ hashicorp_vault_extra_files_list: "{{ ([] +
|
|||||||
| unique
|
| unique
|
||||||
| sort
|
| sort
|
||||||
}}"
|
}}"
|
||||||
|
hashicorp_vault_extra_files_src: "{{ sub_configuration_directories.vault_servers }}/config"
|
||||||
|
hashicorp_vault_extra_files_dst: "{{ hashicorp_vault_config_dir }}/config"
|
||||||
|
hashicorp_vault_extra_container_volumes: "{{ default_container_extra_volumes | union(extra_vault_container_volumes) | unique | sort }}"
|
||||||
hashicorp_vault_configuration:
|
hashicorp_vault_configuration:
|
||||||
cluster_name: "{{ vault_cluster_name }}"
|
cluster_name: "{{ vault_cluster_name }}"
|
||||||
cluster_addr: "{{ 'https' if vault_enable_tls else 'http'}}://{{ api_interface_address }}:8201"
|
cluster_addr: "{{ 'https' if vault_enable_tls else 'http'}}://{{ api_interface_address }}:8201"
|
||||||
|
@ -259,7 +259,7 @@
|
|||||||
when: vault_port_results.results | length > 0
|
when: vault_port_results.results | length > 0
|
||||||
|
|
||||||
- name: "Checking if consul ports are available"
|
- name: "Checking if consul ports are available"
|
||||||
when: inventory_hostname in groups['consul_servers'] or inventory_hostname in groups['consul_agents']
|
when: inventory_hostname in groups['consul_servers']
|
||||||
block:
|
block:
|
||||||
- name: "Checking if consul ports are available"
|
- name: "Checking if consul ports are available"
|
||||||
ansible.builtin.wait_for:
|
ansible.builtin.wait_for:
|
||||||
@ -278,26 +278,6 @@
|
|||||||
with_items: "{{ consul_port_results.results }}"
|
with_items: "{{ consul_port_results.results }}"
|
||||||
when: consul_port_results.results | length > 0
|
when: consul_port_results.results | length > 0
|
||||||
|
|
||||||
- name: "Checking if nomad ports are available"
|
|
||||||
when: inventory_hostname in groups['nomad_servers'] or inventory_hostname in groups['nomad_clients']
|
|
||||||
block:
|
|
||||||
- name: "Checking if nomad ports are available"
|
|
||||||
ansible.builtin.wait_for:
|
|
||||||
host: "{{ inventory_hostname }}"
|
|
||||||
port: "{{ item }}"
|
|
||||||
state: "stopped"
|
|
||||||
timeout: 5
|
|
||||||
loop: "{{ nomad_required_ports }}"
|
|
||||||
ignore_errors: true
|
|
||||||
register: nomad_port_results
|
|
||||||
|
|
||||||
- name: "Assert that nomad ports are not currently in use"
|
|
||||||
ansible.builtin.assert:
|
|
||||||
that:
|
|
||||||
- item.failed == false
|
|
||||||
with_items: "{{ nomad_port_results.results }}"
|
|
||||||
when: nomad_port_results.results | length > 0
|
|
||||||
|
|
||||||
- name: "Checking if system uses systemd"
|
- name: "Checking if system uses systemd"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.assert:
|
ansible.builtin.assert:
|
||||||
|
Loading…
Reference in New Issue
Block a user