feat/major-revamp #11

Merged
lanson merged 42 commits from fix/various into main 2024-08-17 14:54:28 +00:00
6 changed files with 33 additions and 21 deletions
Showing only changes of commit 34e30b0a5f - Show all commits

View File

@ -1,4 +1,12 @@
--- ---
# Molecule specific variables
hashistack_ca_action: "root_ca,int_ca,leaf_cert,renew_root,"
hashistack_ca_directory: "{{ hashistack_sub_configuration_directories['certificates'] }}"
hashistack_ca_directory_owner: "{{ lookup('env', 'USER') }}"
hashistack_ca_domain: ednz.lab
hashistack_ca_intermediate_name_constraints_critical: false
########################## ##########################
# General options ######## # General options ########
########################## ##########################
@ -9,7 +17,7 @@
# enable_nomad: "yes" # enable_nomad: "yes"
# haproxy_version: "2.8" # haproxy_version: "2.8"
# nomad_version: "1.8.1" nomad_version: "1.8.2"
# consul_version: "1.18.1" # consul_version: "1.18.1"
# vault_version: "1.16.2" # vault_version: "1.16.2"
@ -264,16 +272,16 @@ vault_enable_tls: true
###################### ######################
nomad_enable_tls: true nomad_enable_tls: true
nomad_tls_configuration: # nomad_tls_configuration:
http: true # http: true
rpc: true # rpc: true
ca_file: "/etc/ssl/certs/ca-certificates.crt" # ca_file: "/etc/ssl/certs/ca-certificates.crt"
cert_file: "{{ nomad_certificates_directory }}/cert.pem" # cert_file: "{{ nomad_certificates_directory }}/cert.pem"
key_file: "{{ nomad_certificates_directory }}/key.pem" # key_file: "{{ nomad_certificates_directory }}/key.pem"
verify_server_hostname: true # verify_server_hostname: true
# nomad_certificates_directory: "{{ hashicorp_nomad_config_dir }}/tls" # nomad_certificates_directory: "{{ hashicorp_nomad_config_dir }}/tls"
# nomad_certificates_extra_files_dir: # nomad_certificates_extra_files_dir:
# - src: "{{ sub_configuration_directories['certificates'] }}/nomad/{{ inventory_hostname }}" # - src: "{{ hashistack_sub_configuration_directories['certificates'] }}/nomad/{{ inventory_hostname }}"
# dest: "{{ nomad_certificates_directory }}" # dest: "{{ nomad_certificates_directory }}"
############################# #############################

View File

@ -0,0 +1,8 @@
---
nomad_client_configuration:
enabled: "{{ nomad_enable_client }}"
state_dir: "{{ nomad_data_dir }}/client"
cni_path: "{{ cni_plugins_install_path | default('/opt/cni/bin') }}"
bridge_network_name: nomad
bridge_network_subnet: "172.26.64.0/20"
node_pool: ingress

View File

@ -8,7 +8,7 @@ driver:
provider: provider:
name: libvirt name: libvirt
platforms: platforms:
- name: proxy01 - name: proxy01.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 2 cpus: 2
memory: 2048 memory: 2048
@ -20,8 +20,9 @@ platforms:
groups: groups:
- common - common
- haproxy_servers - haproxy_servers
- nomad_clients
- consul_agents - consul_agents
- name: proxy02 - name: proxy02.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 2 cpus: 2
memory: 2048 memory: 2048
@ -33,8 +34,9 @@ platforms:
groups: groups:
- common - common
- haproxy_servers - haproxy_servers
- nomad_clients
- consul_agents - consul_agents
- name: hashistack01 - name: hashistack01.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 4 cpus: 4
memory: 2048 memory: 2048
@ -48,7 +50,7 @@ platforms:
- vault_servers - vault_servers
- consul_servers - consul_servers
- nomad_servers - nomad_servers
- name: hashistack02 - name: hashistack02.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 4 cpus: 4
memory: 2048 memory: 2048
@ -62,7 +64,7 @@ platforms:
- vault_servers - vault_servers
- consul_servers - consul_servers
- nomad_servers - nomad_servers
- name: hashistack03 - name: hashistack03.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 4 cpus: 4
memory: 2048 memory: 2048
@ -76,7 +78,7 @@ platforms:
- vault_servers - vault_servers
- consul_servers - consul_servers
- nomad_servers - nomad_servers
- name: hashistack04 - name: hashistack04.ednz.lab
box: generic/${MOLECULE_TEST_OS} box: generic/${MOLECULE_TEST_OS}
cpus: 4 cpus: 4
memory: 2048 memory: 2048

View File

@ -2,9 +2,6 @@
- name: Include certificate generation playbook - name: Include certificate generation playbook
ansible.builtin.import_playbook: ednz_cloud.hashistack.generate_certs.yml ansible.builtin.import_playbook: ednz_cloud.hashistack.generate_certs.yml
# - name: Include credentials generation playbook
# ansible.builtin.import_playbook: ednz_cloud.hashistack.generate_credentials.yml
- name: Include bootstrap playbook - name: Include bootstrap playbook
ansible.builtin.import_playbook: ednz_cloud.hashistack.bootstrap.yml ansible.builtin.import_playbook: ednz_cloud.hashistack.bootstrap.yml

View File

@ -5,9 +5,6 @@ roles:
- name: ednz_cloud.manage_apt_packages - name: ednz_cloud.manage_apt_packages
- name: ednz_cloud.manage_pip_packages - name: ednz_cloud.manage_pip_packages
- name: ednz_cloud.install_docker - name: ednz_cloud.install_docker
- name: ednz_cloud.docker_systemd_service
# - name: ednz_cloud.deploy_haproxy
# - name: ednz_cloud.deploy_keepalived
collections: collections:
- name: ednz_cloud.hashistack - name: ednz_cloud.hashistack