diff options
author | Quentin <quentin@deuxfleurs.fr> | 2020-09-13 12:03:07 +0200 |
---|---|---|
committer | Quentin <quentin@deuxfleurs.fr> | 2020-09-13 12:03:07 +0200 |
commit | 484c3fe667cd8c5a647256cb78f05c8a39b835b1 (patch) | |
tree | 7be3c868ce1d0e0c96125a4c94cadce429be9e1d /os/config/roles/consul | |
parent | 0550647b9348d1e36431400e0832b4340564c658 (diff) | |
parent | d5bfc38fe826aa12f46de64790195cc8e76756de (diff) | |
download | infrastructure-484c3fe667cd8c5a647256cb78f05c8a39b835b1.tar.gz infrastructure-484c3fe667cd8c5a647256cb78f05c8a39b835b1.zip |
Merge branch 'feature/rebase'
Diffstat (limited to 'os/config/roles/consul')
-rw-r--r-- | os/config/roles/consul/files/consul.service | 10 | ||||
-rw-r--r-- | os/config/roles/consul/tasks/main.yml | 26 | ||||
-rw-r--r-- | os/config/roles/consul/templates/consul.json.j2 | 30 | ||||
-rw-r--r-- | os/config/roles/consul/templates/resolv.conf.j2 | 2 | ||||
-rw-r--r-- | os/config/roles/consul/vars/.gitignore | 1 | ||||
-rw-r--r-- | os/config/roles/consul/vars/main.yml.sample | 2 |
6 files changed, 71 insertions, 0 deletions
diff --git a/os/config/roles/consul/files/consul.service b/os/config/roles/consul/files/consul.service new file mode 100644 index 0000000..ffaa2a3 --- /dev/null +++ b/os/config/roles/consul/files/consul.service @@ -0,0 +1,10 @@ +[Unit] +Description=Consul +After=network-online.target +Wants=network-online.target + +[Service] +ExecStart=/usr/local/bin/consul agent -config-dir=/etc/consul + +[Install] +WantedBy=multi-user.target diff --git a/os/config/roles/consul/tasks/main.yml b/os/config/roles/consul/tasks/main.yml new file mode 100644 index 0000000..2b77080 --- /dev/null +++ b/os/config/roles/consul/tasks/main.yml @@ -0,0 +1,26 @@ +- name: "Set consul version" + set_fact: + consul_version: 1.8.0 + +- name: "Download and install Consul for x86_64" + unarchive: + src: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_amd64.zip" + dest: /usr/local/bin + remote_src: yes + when: + - "ansible_architecture == 'x86_64'" + +- name: "Create consul configuration directory" + file: path=/etc/consul/ state=directory + +- name: "Deploy consul configuration" + template: src=consul.json.j2 dest=/etc/consul/consul.json + +- name: "Deploy consul systemd service" + copy: src=consul.service dest=/etc/systemd/system/consul.service + +- name: "Enable consul systemd service at boot" + service: name=consul state=started enabled=yes daemon_reload=yes + +- name: "Deploy resolv.conf to use Consul" + template: src=resolv.conf.j2 dest=/etc/resolv.conf diff --git a/os/config/roles/consul/templates/consul.json.j2 b/os/config/roles/consul/templates/consul.json.j2 new file mode 100644 index 0000000..b6c86aa --- /dev/null +++ b/os/config/roles/consul/templates/consul.json.j2 @@ -0,0 +1,30 @@ +{ + "data_dir": "/var/lib/consul", + "bind_addr": "0.0.0.0", + "advertise_addr": "{{ public_ip }}", + "addresses": { + "dns": "0.0.0.0", + "http": "0.0.0.0" + }, + "retry_join": [ + {% for selected_host in groups['cluster_nodes']|reject("sameas", ansible_fqdn) %}{# @FIXME: Reject doesn't work #} + "{{ hostvars[selected_host]['private_ip'] }}" {{ "," if not loop.last else "" }} + {% endfor %} + ], + "bootstrap_expect": 3, + "server": true, + "ui": true, + "ports": { + "dns": 53 + }, + "recursors": [ + "{{ dns_server }}" + ], + "encrypt": "{{ consul_gossip_encrypt }}", + "domain": "2.cluster.deuxfleurs.fr", + "performance": { + "raft_multiplier": 10, + "rpc_hold_timeout": "30s", + "leave_drain_time": "30s" + } +} diff --git a/os/config/roles/consul/templates/resolv.conf.j2 b/os/config/roles/consul/templates/resolv.conf.j2 new file mode 100644 index 0000000..2404034 --- /dev/null +++ b/os/config/roles/consul/templates/resolv.conf.j2 @@ -0,0 +1,2 @@ +nameserver {{ private_ip }} +nameserver {{ dns_server }} diff --git a/os/config/roles/consul/vars/.gitignore b/os/config/roles/consul/vars/.gitignore new file mode 100644 index 0000000..ff5c0bd --- /dev/null +++ b/os/config/roles/consul/vars/.gitignore @@ -0,0 +1 @@ +main.yml diff --git a/os/config/roles/consul/vars/main.yml.sample b/os/config/roles/consul/vars/main.yml.sample new file mode 100644 index 0000000..9c44126 --- /dev/null +++ b/os/config/roles/consul/vars/main.yml.sample @@ -0,0 +1,2 @@ +--- +consul_gossip_encrypt: "<secret>" |