aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles/consul
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-01-18 17:34:55 +0100
committerAlex Auvolat <alex@adnab.me>2020-06-30 17:31:35 +0200
commit351e6f13d5bee3275f46fda4a1780c71d9f338d6 (patch)
tree675a202635ed79730f9b3965782e0b28130de992 /ansible/roles/consul
parent8fdebd74b37ae1766e03b39b8a3d6d84ef549a74 (diff)
downloadinfrastructure-351e6f13d5bee3275f46fda4a1780c71d9f338d6.tar.gz
infrastructure-351e6f13d5bee3275f46fda4a1780c71d9f338d6.zip
Network configuration:
- Remove nomad interface (unused) - Deactivate systemd-resolved - Add dns_server to production nodes variables - Add recursors option to Consul so that it can resolve outside DNS queries - Use consul as a global DNS server for machines and containers, with the outside DNS as a fallback (see roles/consul/templates/resolv.conf.j2)
Diffstat (limited to 'ansible/roles/consul')
-rw-r--r--ansible/roles/consul/tasks/main.yml3
-rw-r--r--ansible/roles/consul/templates/consul.json.j23
-rw-r--r--ansible/roles/consul/templates/resolv.conf.j22
3 files changed, 8 insertions, 0 deletions
diff --git a/ansible/roles/consul/tasks/main.yml b/ansible/roles/consul/tasks/main.yml
index bb1d9ef..5cb68ab 100644
--- a/ansible/roles/consul/tasks/main.yml
+++ b/ansible/roles/consul/tasks/main.yml
@@ -47,3 +47,6 @@
- name: "Enable consul systemd service at boot"
service: name=consul state=started enabled=yes daemon_reload=yes
+
+- name: "Deploy resolv.conf to use Consul"
+ template: src=resolv.conf.j2 dest=/etc/resolv.conf
diff --git a/ansible/roles/consul/templates/consul.json.j2 b/ansible/roles/consul/templates/consul.json.j2
index d1bd2d8..b6c86aa 100644
--- a/ansible/roles/consul/templates/consul.json.j2
+++ b/ansible/roles/consul/templates/consul.json.j2
@@ -17,6 +17,9 @@
"ports": {
"dns": 53
},
+ "recursors": [
+ "{{ dns_server }}"
+ ],
"encrypt": "{{ consul_gossip_encrypt }}",
"domain": "2.cluster.deuxfleurs.fr",
"performance": {
diff --git a/ansible/roles/consul/templates/resolv.conf.j2 b/ansible/roles/consul/templates/resolv.conf.j2
new file mode 100644
index 0000000..2404034
--- /dev/null
+++ b/ansible/roles/consul/templates/resolv.conf.j2
@@ -0,0 +1,2 @@
+nameserver {{ private_ip }}
+nameserver {{ dns_server }}