This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
Hashistack-Ansible
🛠️ General Information
📋 Inventory
🗂️ Inventory File
Hashistack-Ansible relies on an Ansible inventory file to understand which host handles which role. You can find a sample inventory file under playbooks/inventory/multinode within the collection directory.
🌐 Ingress
While Hashistack-Ansible is built for flexibility, it takes a specific stance on ingress:
- No central ingress services are deployed unless you also deploy a Nomad cluster.
- Dedicated ingress nodes can be costly on cloud platforms and might be underutilized unless they can handle other workloads.
- When needed, ingress nodes are deployed as a Nomad job, enabling resource reuse or isolation via Nomad node pools.
📁 Main Configuration Directory
Hashistack-Ansible uses a configuration directory to store all necessary files and artifacts. The directory is defined by the hashistack_configuration_directory variable. By default, it’s set to {{ lookup('env', 'PWD') }}/etc/hashistack, which equals $(pwd)/etc/hashistack.
In this directory, place your globals.yml file with your configurations. You can find a template for this file at playbooks/inventory/group_vars/all/globals.yml in the collection's directory. This file starts simple, but it’s highly extensible. Additional service configurations can be found in consul.yml, vault.yml, nomad.yml, nomad_ingress.yml, cni.yml, and all.yml within the same directory.
Pro Tip: ✨ Instead of editing these service configuration files directly, extend them by adding your own values to your
globals.ymlfile.
📂 Sub-Configuration Directories
You can fine-tune configurations by using sub-directories for group-specific or host-specific settings.
👥 Group Configuration Directories
Each group in the inventory has its own sub-directory within the main configuration directory:
- The
nomad_serversgroup will look in{{ hashistack_configuration_directory }}/nomad_servers - The
vault_serversgroup will look in{{ hashistack_configuration_directory }}/vault_servers - The
consul_serversgroup will look in{{ hashistack_configuration_directory }}/consul_servers
Inside each of these directories, you can place a globals.yml file that will override settings in the main globals.yml.
Example:
If etc/hashistack/globals.yml looks like this:
---
enable_vault: "no"
enable_consul: "no"
enable_nomad: "no"
And etc/hashistack/nomad_servers/globals.yml looks like this:
---
enable_nomad: "yes"
Then the nomad_servers group will have this configuration:
---
enable_vault: "no"
enable_consul: "no"
enable_nomad: "yes"
Host Configuration Directories 🖥️
For even more granularity, each group configuration directory can contain sub-directories for individual hosts, named after the hosts in your inventory. These host directories can include a globals.yml file to override both group and global settings.
Example:
If etc/hashistack/globals.yml looks like this:
---
enable_vault: "no"
enable_consul: "no"
enable_nomad: "no"
api_interface: "eth0"
And etc/hashistack/nomad_servers/globals.yml looks like this:
---
enable_nomad: "yes"
api_interface: "eth1"
And etc/hashistack/nomad_servers/nomad-master-01/globals.yml looks like this:
api_interface: "eth0.vlan40"
Then all servers in the nomad_servers group will have this configuration:
---
enable_vault: "no"
enable_consul: "no"
enable_nomad: "yes"
api_interface: "eth1"
Except for nomad-master-01, which will have this configuration:
---
enable_vault: "no"
enable_consul: "no"
enable_nomad: "yes"
api_interface: "eth0.vlan40"
This flexible approach lets you tailor the deployment to your exact needs, ensuring everything works just the way you want! 🎯