aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles/consul
diff options
context:
space:
mode:
authorQuentin <quentin@deuxfleurs.fr>2019-06-01 16:02:49 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2019-07-11 09:33:07 +0200
commit61d009f18d5886db8b22ae41e04bb41a4ba2fddb (patch)
treee44bb326caf3107653c7a48749527cfd77f02cf2 /ansible/roles/consul
downloadinfrastructure-61d009f18d5886db8b22ae41e04bb41a4ba2fddb.tar.gz
infrastructure-61d009f18d5886db8b22ae41e04bb41a4ba2fddb.zip
Initial commit
Diffstat (limited to 'ansible/roles/consul')
-rw-r--r--ansible/roles/consul/files/consul.service8
-rw-r--r--ansible/roles/consul/handlers/main.yml4
-rw-r--r--ansible/roles/consul/tasks/main.yml49
-rw-r--r--ansible/roles/consul/templates/consul.json.j227
-rw-r--r--ansible/roles/consul/vars/.gitignore1
-rw-r--r--ansible/roles/consul/vars/main.yml.sample2
6 files changed, 91 insertions, 0 deletions
diff --git a/ansible/roles/consul/files/consul.service b/ansible/roles/consul/files/consul.service
new file mode 100644
index 0000000..3993567
--- /dev/null
+++ b/ansible/roles/consul/files/consul.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Consul
+
+[Service]
+ExecStart=/usr/local/bin/consul agent -config-dir=/etc/consul
+
+[Install]
+WantedBy=multi-user.target
diff --git a/ansible/roles/consul/handlers/main.yml b/ansible/roles/consul/handlers/main.yml
new file mode 100644
index 0000000..e8cd4a4
--- /dev/null
+++ b/ansible/roles/consul/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+
+- name: restart consul
+ service: name=consul state=restarted
diff --git a/ansible/roles/consul/tasks/main.yml b/ansible/roles/consul/tasks/main.yml
new file mode 100644
index 0000000..a943022
--- /dev/null
+++ b/ansible/roles/consul/tasks/main.yml
@@ -0,0 +1,49 @@
+- name: "Set consul version"
+ set_fact:
+ consul_version: 1.4.0
+
+- name: "Download and install Consul for armv7l"
+ unarchive:
+ src: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm.zip"
+ dest: /usr/local/bin
+ remote_src: yes
+ when:
+ - "ansible_architecture == 'armv7l'"
+ notify:
+ - restart consul
+
+- name: "Download and install Consul for x86_64"
+ unarchive:
+ src: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_amd64.zip"
+ dest: /usr/local/bin
+ remote_src: yes
+ when:
+ - "ansible_architecture == 'x86_64'"
+ notify:
+ - restart consul
+
+- name: "Download and install Consul for arm64"
+ unarchive:
+ src: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm64.zip"
+ dest: /usr/local/bin
+ remote_src: yes
+ when:
+ - "ansible_architecture == 'aarch64'"
+ notify:
+ - restart consul
+
+- name: "Create consul configuration directory"
+ file: path=/etc/consul/ state=directory
+
+- name: "Deploy consul configuration"
+ template: src=consul.json.j2 dest=/etc/consul/consul.json
+ notify:
+ - restart consul
+
+- name: "Deploy consul systemd service"
+ copy: src=consul.service dest=/etc/systemd/system/consul.service
+ notify:
+ - restart consul
+
+- name: "Enable consul systemd service at boot"
+ service: name=consul state=started enabled=yes daemon_reload=yes
diff --git a/ansible/roles/consul/templates/consul.json.j2 b/ansible/roles/consul/templates/consul.json.j2
new file mode 100644
index 0000000..d1bd2d8
--- /dev/null
+++ b/ansible/roles/consul/templates/consul.json.j2
@@ -0,0 +1,27 @@
+{
+ "data_dir": "/var/lib/consul",
+ "bind_addr": "0.0.0.0",
+ "advertise_addr": "{{ public_ip }}",
+ "addresses": {
+ "dns": "0.0.0.0",
+ "http": "0.0.0.0"
+ },
+ "retry_join": [
+ {% for selected_host in groups['cluster_nodes']|reject("sameas", ansible_fqdn) %}{# @FIXME: Reject doesn't work #}
+ "{{ hostvars[selected_host]['private_ip'] }}" {{ "," if not loop.last else "" }}
+ {% endfor %}
+ ],
+ "bootstrap_expect": 3,
+ "server": true,
+ "ui": true,
+ "ports": {
+ "dns": 53
+ },
+ "encrypt": "{{ consul_gossip_encrypt }}",
+ "domain": "2.cluster.deuxfleurs.fr",
+ "performance": {
+ "raft_multiplier": 10,
+ "rpc_hold_timeout": "30s",
+ "leave_drain_time": "30s"
+ }
+}
diff --git a/ansible/roles/consul/vars/.gitignore b/ansible/roles/consul/vars/.gitignore
new file mode 100644
index 0000000..ff5c0bd
--- /dev/null
+++ b/ansible/roles/consul/vars/.gitignore
@@ -0,0 +1 @@
+main.yml
diff --git a/ansible/roles/consul/vars/main.yml.sample b/ansible/roles/consul/vars/main.yml.sample
new file mode 100644
index 0000000..9c44126
--- /dev/null
+++ b/ansible/roles/consul/vars/main.yml.sample
@@ -0,0 +1,2 @@
+---
+consul_gossip_encrypt: "<secret>"