diff options
author | Alex Auvolat <alex@adnab.me> | 2020-01-18 17:34:55 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2020-06-30 17:31:35 +0200 |
commit | 351e6f13d5bee3275f46fda4a1780c71d9f338d6 (patch) | |
tree | 675a202635ed79730f9b3965782e0b28130de992 /ansible/roles/consul | |
parent | 8fdebd74b37ae1766e03b39b8a3d6d84ef549a74 (diff) | |
download | infrastructure-351e6f13d5bee3275f46fda4a1780c71d9f338d6.tar.gz infrastructure-351e6f13d5bee3275f46fda4a1780c71d9f338d6.zip |
Network configuration:
- Remove nomad interface (unused)
- Deactivate systemd-resolved
- Add dns_server to production nodes variables
- Add recursors option to Consul so that it can resolve outside DNS
queries
- Use consul as a global DNS server for machines and containers, with
the outside DNS as a fallback (see roles/consul/templates/resolv.conf.j2)
Diffstat (limited to 'ansible/roles/consul')
-rw-r--r-- | ansible/roles/consul/tasks/main.yml | 3 | ||||
-rw-r--r-- | ansible/roles/consul/templates/consul.json.j2 | 3 | ||||
-rw-r--r-- | ansible/roles/consul/templates/resolv.conf.j2 | 2 |
3 files changed, 8 insertions, 0 deletions
diff --git a/ansible/roles/consul/tasks/main.yml b/ansible/roles/consul/tasks/main.yml index bb1d9ef..5cb68ab 100644 --- a/ansible/roles/consul/tasks/main.yml +++ b/ansible/roles/consul/tasks/main.yml @@ -47,3 +47,6 @@ - name: "Enable consul systemd service at boot" service: name=consul state=started enabled=yes daemon_reload=yes + +- name: "Deploy resolv.conf to use Consul" + template: src=resolv.conf.j2 dest=/etc/resolv.conf diff --git a/ansible/roles/consul/templates/consul.json.j2 b/ansible/roles/consul/templates/consul.json.j2 index d1bd2d8..b6c86aa 100644 --- a/ansible/roles/consul/templates/consul.json.j2 +++ b/ansible/roles/consul/templates/consul.json.j2 @@ -17,6 +17,9 @@ "ports": { "dns": 53 }, + "recursors": [ + "{{ dns_server }}" + ], "encrypt": "{{ consul_gossip_encrypt }}", "domain": "2.cluster.deuxfleurs.fr", "performance": { diff --git a/ansible/roles/consul/templates/resolv.conf.j2 b/ansible/roles/consul/templates/resolv.conf.j2 new file mode 100644 index 0000000..2404034 --- /dev/null +++ b/ansible/roles/consul/templates/resolv.conf.j2 @@ -0,0 +1,2 @@ +nameserver {{ private_ip }} +nameserver {{ dns_server }} |