Ansible git move

+ Better accessibility + Compliant with fdio.infra._function_ - function [pxe|terraform|ansible|vagrant] + dill==0.3.3 also applied on TBs - ci-man to follow today - Docs to be updated in separate patch Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: Iff9eaa29d63044188cc8160db2d9b44b7635782a
author: pmikus <pmikus@cisco.com> 2021-04-08 10:44:18 +0000
committer: Peter Mikus <pmikus@cisco.com> 2021-04-08 11:17:15 +0000
commit: df5672b3d9c29b51397f4770eb992c9f3f3955ce (patch)
tree: adb4cf36c9b680ebbc44c953391a0d21b986d6b7 /fdio.infra.ansible/roles/consul/templates
parent: 8018da98e0f362bc69fc9600fac222a86fd46b5e (diff)
6 files changed, 101 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/consul/templates/base.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
new file mode 100644
index 0000000000..536c48d847
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/base.hcl.j2
@@ -0,0 +1,43 @@
+node_name = "{{ consul_node_name }}"
+datacenter = "{{ consul_datacenter }}"
+
+bind_addr = "{{ consul_bind_addr }}"
+client_addr = "{{ consul_client_addr }}"
+data_dir = "{{ consul_data_dir }}"
+
+enable_syslog = {{ consul_enable_syslog | bool | lower }}
+enable_debug = {{ consul_enable_debug | bool | lower }}
+disable_update_check = {{ consul_disable_update_check | bool | lower }}
+log_level = "{{ consul_log_level }}"
+
+server = {{ consul_node_server | bool | lower }}
+encrypt = "{{ consul_encrypt }}"
+{% if consul_node_server | bool == True %}
+bootstrap_expect = {{ consul_bootstrap_expect }}
+verify_incoming = true
+verify_outgoing = true
+verify_server_hostname = true
+ca_file = "{{ consul_ca_file }}"
+cert_file = "{{ consul_cert_file }}"
+key_file = "{{ consul_key_file }}"
+auto_encrypt {
+  allow_tls = true
+}
+{% else %}
+verify_incoming = false
+verify_outgoing = false
+verify_server_hostname = false
+ca_file = "{{ consul_ca_file }}"
+auto_encrypt {
+  tls = false
+}
+{% endif %}
+{% if consul_retry_join | bool -%}
+retry_join = [ {% for ip_port in consul_retry_servers -%} "{{ ip_port }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
+{%- endif %}
+
+ui = {{ consul_ui | bool | lower }}
+
+{% if consul_recursors -%}
+recursors = [ {% for server in consul_recursors -%} "{{ server }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ]
+{%- endif %}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/consul.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/consul.hcl.j2
new file mode 100644
index 0000000000..c78e5e1ce5
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/consul.hcl.j2
@@ -0,0 +1,12 @@
+consul {
+    auto_advertise = {{ consul_auto_advertise | bool | lower }}
+    checks_use_advertise = {{ consul_checks_use_advertise | bool | lower }}
+    client_auto_join = {{ consul_client_auto_join | bool | lower }}
+    client_service_name = "{{ consul_client_service_name }}"
+    server_service_name = "{{ consul_server_service_name }}"
+    server_auto_join = {{ consul_server_auto_join | bool | lower }}
+{% if consul_ACL_token_set == True %}
+    token = "{{ consul_token }}"
+{% endif %}
+
+}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2 b/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2
new file mode 100644
index 0000000000..8e1ef1310d
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/consul_systemd.service.j2
@@ -0,0 +1,21 @@
+[Unit]
+Description=Consul Service
+Documentation=https://www.nomadproject.io/docs/
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+# TODO: Decrease privilege
+ExecReload=/bin/kill -SIGHUP $MAINPID
+ExecStart={{ consul_bin_dir }}/consul agent -config-dir {{ consul_config_dir }}
+KillSignal=SIGTERM
+LimitNOFILE=infinity
+LimitNPROC=infinity
+Restart=on-failure
+RestartSec=1
+User=root
+Group=root
+Environment="GOMAXPROCS=2"
+
+[Install]
+WantedBy=multi-user.target
diff --git a/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2
new file mode 100644
index 0000000000..a658060ce8
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/ports.hcl.j2
@@ -0,0 +1,9 @@
+ports {
+    dns = {{ consul_port_dns }}
+    http = {{ consul_port_http }}
+    https = {{ consul_port_https }}
+    grpc = {{ consul_port_grpc }}
+    serf_lan = {{ consul_port_serf_lan }}
+    serf_wan = {{ consul_port_serf_wan }}
+    server = {{ consul_port_server }}
+}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/services.json.j2 b/fdio.infra.ansible/roles/consul/templates/services.json.j2
new file mode 100644
index 0000000000..3245ba92a4
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/services.json.j2
@@ -0,0 +1,13 @@
+{
+    "services": [
+{% for item in consul_services %}
+        {
+            "name": "{{ item.name }}",
+            "port": {{ item.port }}
+        }
+{%- if not loop.last %},
+{% endif %}
+{% endfor %}
+
+    ]
+}
+\ No newline at end of file
diff --git a/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2 b/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2
new file mode 100644
index 0000000000..ec7fabc9da
--- /dev/null
+++ b/fdio.infra.ansible/roles/consul/templates/telemetry.hcl.j2
@@ -0,0 +1,3 @@
+telemetry {
+    prometheus_retention_time = "24h"
+}
+\ No newline at end of file
author	pmikus <pmikus@cisco.com>	2021-04-08 10:44:18 +0000
committer	Peter Mikus <pmikus@cisco.com>	2021-04-08 11:17:15 +0000
commit	df5672b3d9c29b51397f4770eb992c9f3f3955ce (patch)
tree	adb4cf36c9b680ebbc44c953391a0d21b986d6b7 /fdio.infra.ansible/roles/consul/templates
parent	8018da98e0f362bc69fc9600fac222a86fd46b5e (diff)