ansible-collections/hcp-ansible
ansible-collections/hcp-ansible
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
c551fb7b04
hcp-ansible/playbooks/tasks/nomad/nomad_control_plane.yml
Bertrand Lanson 54a86d7af3
All checks were successful
development / Check commit compliance (push) Successful in 25s
Details
feat: new tls_multi_node test for molecule with some adjustment to tags
2024-08-26 23:10:04 +02:00

102 lines
4.2 KiB
YAML
Raw Blame History

---
- name: "Nomad control plane"
block:
- name: "Nomad | Create consul tokens for service registration"
when:
- nomad_init_server
- enable_consul
- nomad_enable_consul_integration
vars:
_consul_host: "{{ hostvars[groups['consul_servers'][0]].api_interface_address }}"
_consul_port: "{{ hostvars[groups['consul_servers'][0]].consul_api_port[hostvars[groups['consul_servers'][0]].consul_api_scheme] }}"
_consul_scheme: "{{ hostvars[groups['consul_servers'][0]].consul_api_scheme }}"
block:
- name: "Nomad | Create server credentials"
block:
- name: "Nomad | Create consul server policy"
community.general.consul_policy:
token: "{{ _credentials.consul.root_token.secret_id }}"
host: "{{ _consul_host }}"
port: "{{ _consul_port }}"
scheme: "{{ _consul_scheme }}"
validate_certs: false
state: present
name: nomad-server-policy
rules: "{{ nomad_consul_integration_server_policy }}"
register: _consul_nomad_server_policy
- name: "Nomad | Create consul server token" # noqa: no-handler
community.general.consul_token:
token: "{{ _credentials.consul.root_token.secret_id }}"
host: "{{ _consul_host }}"
port: "{{ _consul_port }}"
scheme: "{{ _consul_scheme }}"
validate_certs: false
accessor_id: "{{ _credentials.consul.tokens.nomad.server.accessor_id }}"
secret_id: "{{ _credentials.consul.tokens.nomad.server.secret_id }}"
policies:
- id: "{{ _consul_nomad_server_policy.policy.ID }}"
state: present
when: _consul_nomad_server_policy.changed
- name: "Nomad | Create client credentials"
block:
- name: "Nomad | Create consul client policy"
community.general.consul_policy:
token: "{{ _credentials.consul.root_token.secret_id }}"
host: "{{ _consul_host }}"
port: "{{ _consul_port }}"
scheme: "{{ _consul_scheme }}"
validate_certs: false
state: present
name: nomad-client-policy
rules: "{{ nomad_consul_integration_client_policy }}"
register: _consul_nomad_client_policy
- name: "Nomad | Create consul client token" # noqa: no-handler
community.general.consul_token:
token: "{{ _credentials.consul.root_token.secret_id }}"
host: "{{ _consul_host }}"
port: "{{ _consul_port }}"
scheme: "{{ _consul_scheme }}"
validate_certs: false
accessor_id: "{{ _credentials.consul.tokens.nomad.client.accessor_id }}"
secret_id: "{{ _credentials.consul.tokens.nomad.client.secret_id }}"
policies:
- id: "{{ _consul_nomad_client_policy.policy.ID }}"
state: present
when: _consul_nomad_client_policy.changed
- name: "Nomad | Include ednz_cloud.hashistack.cni"
ansible.builtin.include_role:
name: ednz_cloud.hashistack.cni
when: nomad_enable_client
- name: "Nomad | Include ednz_cloud.hashistack.nomad"
ansible.builtin.include_role:
name: ednz_cloud.hashistack.nomad
- name: "Nomad | Wait for nomad cluster to initialize"
ansible.builtin.uri:
url: "{{ nomad_api_addr }}/v1/status/leader"
return_content: true
validate_certs: false
status_code:
- 200
until: nomad_api_response.status == 200
retries: 24
delay: 5
register: nomad_api_response
when:
- nomad_init_server
- name: "Nomad | Initialize nomad cluster" # noqa: run-once[task]
ednz_cloud.hashistack.nomad_acl_bootstrap:
bootstrap_secret: "{{ _credentials.nomad.root_token.secret_id }}"
api_url: "{{ nomad_api_addr }}"
tls_verify: false
register: _nomad_init_secret
when:
- nomad_init_server
- nomad_configuration.acl.enabled
Reference in New Issue View Git Blame Copy Permalink