ansible-collections/hashistack
ansible-collections/hashistack
4
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat: references to other pages

Bertrand Lanson 2024-08-14 20:37:56 +02:00
parent 949af77513
commit e88f4a44f7
Signed by: lanson
SSH Key Fingerprint: SHA256:/nqc6HGqld/PS208F6FUOvZlUzTS0rGpNNwR5O2bQBw
2 changed files with 47 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
01-introduction.md

@ -13,6 +13,6 @@ Hashistack-Ansible's project aims at providing a production-ready, repeatable, a
# Index
1. [Introduction](./01_introduction.md)
2. [General informations](./02_general_informations.md)
3. [Architecture Guide](./)
1. [Introduction](01-introduction)
2. [General informations](02-general-informations)
3. [Architecture Guide](03-architecture-guide)

61
03-architecture-guide.md

@ -2,21 +2,27 @@
Hashistack-Ansible allows you to deploy a number of architecture, wether you want to deploy a dev, testing, or production environment. These different architectures are described in this section.
## Dev deployment
## Dev/Testing deployment
If you only want to deploy a test environment, you can simply add a simgle host to each service that you want to deploy.
```ini
[haproxy_servers]
test-server
[vault_servers]
test01
test-server
[consul_servers]
test01
test-server
[nomad_servers]
test01
test-server
[nomad_clients]
test-server
[consul_agents]
```
In this example, you will end end with each service running on a single host, with no clustering, and no redundancy. This setup *IS NOT RECOMMENDED** for anything but testing purposes, as it provides zero resiliency, and will break if anything goes down.
@ -33,11 +39,6 @@ graph LR;
Nomad Server
};
```
## Testing/Preprod deployment
For testing, of pre-production deployments, running all services on the same nodes might be a good way to cut cost and/or save resources.
## Production deployment
For production use, it is recommended to separate concerns as much as possible. This means that consul, vault and nomad, as well as the haproxy services, should be on different nodes altogether. The **client-facing** and **cluster-facing** interfaces should also be separated.
@ -76,22 +77,48 @@ graph TD
haproxy1[HAProxy] & haproxy2[HAProxy] -->|http :8200| vault
subgraph vault
direction LR
vault1[Vault 01] <--> vault2[Vault 02]
vault2[Vault 02] <--> vault3[Vault 03]
vault3[Vault 03] <--> vault1[Vault 01]
direction LR
subgraph vaultnode1
direction TB
vault1[Vault 01] <--> consulvaultagent1([Consul agent])
end
subgraph vaultnode2
direction TB
vault2[Vault 02] <--> consulvaultagent2([Consul agent])
end
subgraph vaultnode3
direction TB
vault3[Vault 03] <--> consulvaultagent3([Consul agent])
end
vaultnode1 <--> vaultnode2
vaultnode2 <--> vaultnode3
vaultnode3 <--> vaultnode1
end
vault -->|Service registration| consul
haproxy1[HAProxy] & haproxy2[HAProxy] -->|http :4646| nomad
subgraph nomad
direction LR
nomad1[Nomad 01] <--> nomad2[Nomad 02]
nomad2[Nomad 02] <--> nomad3[Nomad 03]
nomad3[Nomad 03] <--> nomad1[Nomad 01]
subgraph nomadnode1
direction TB
nomad1[Nomad 01] <--> consulnomadagent1([Consul agent])
end
subgraph nomadnode2
direction TB
nomad2[Nomad 02] <--> consulnomadagent2([Consul agent])
end
subgraph nomadnode3
direction TB
nomad3[Nomad 03] <--> consulnomadagent3([Consul agent])
end
nomadnode1 <--> nomadnode2
nomadnode2 <--> nomadnode3
nomadnode3 <--> nomadnode1
end
nomad -->|Service registration| consul
```
> **Note**: you can substract the haproxy part if using an external load-balancing solution, like AWS ALB,or any other LB technology, for connecting to your platform.
> [!NOTE]: you can substract the haproxy part if using an external load-balancing solution, like AWS ALB,or any other LB technology, for connecting to your platform.