aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.ansible
diff options
context:
space:
mode:
authorPeter Mikus <pmikus@cisco.com>2022-07-07 10:00:02 +0000
committerPeter Mikus <peter.mikus@protonmail.ch>2022-08-03 08:10:02 +0000
commit82b34c726b4eb93fbb8ca48b491dd7da65cb813b (patch)
tree4a77f69dd8a212f5759ba8f2c538564a90546a7e /fdio.infra.ansible
parentdc200e7f96297b3bccecb88b4e951b142617734b (diff)
feat(pxe): Migrate Ubuntu Jammy I.
Signed-off-by: Peter Mikus <pmikus@cisco.com> Change-Id: I8f79882fce6375a55d67167781fc6b4212934e06
Diffstat (limited to 'fdio.infra.ansible')
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.16.yaml (renamed from fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml)12
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.17.yaml (renamed from fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml)12
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.18.yaml (renamed from fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml)13
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml68
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml67
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml67
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml3
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.23.yaml (renamed from fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml)6
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml31
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml31
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml31
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml77
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml77
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml77
-rw-r--r--fdio.infra.ansible/inventories/lf_inventory/hosts22
-rw-r--r--fdio.infra.ansible/roles/nomad/templates/server.hcl.j23
16 files changed, 300 insertions, 297 deletions
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.16.yaml
index 750274774f..e53467cbc6 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.16.yaml
@@ -1,8 +1,8 @@
---
-# file: host_vars/10.30.51.28.yaml
+# file: host_vars/10.30.51.16.yaml
-hostname: "s41-nomad"
-inventory_cimc_hostname: "10.30.50.28"
+hostname: "s16-nomad"
+inventory_cimc_hostname: "10.30.50.16"
# User management.
users:
@@ -55,9 +55,9 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
consul_node_role: "client"
consul_retry_servers:
- - "10.30.51.28"
- - "10.30.51.29"
- - "10.30.51.30"
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
consul_service_mgr: "systemd"
# Docker daemon settings.
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.17.yaml
index 463caa393a..9ca2860b99 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.17.yaml
@@ -1,8 +1,8 @@
---
-# file: host_vars/10.30.51.30.yaml
+# file: host_vars/10.30.51.17.yaml
-hostname: "s40-nomad"
-inventory_cimc_hostname: "10.30.50.30"
+hostname: "s17-nomad"
+inventory_cimc_hostname: "10.30.50.17"
# User management.
users:
@@ -55,9 +55,9 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
consul_node_role: "client"
consul_retry_servers:
- - "10.30.51.28"
- - "10.30.51.29"
- - "10.30.51.30"
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
consul_service_mgr: "systemd"
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.18.yaml
index e43b6e3fc3..29c19c35c2 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.18.yaml
@@ -1,8 +1,8 @@
---
-# file: host_vars/10.30.51.29.yaml
+# file: host_vars/10.30.51.18.yaml
-hostname: "s39-nomad"
-inventory_cimc_hostname: "10.30.50.29"
+hostname: "s18-nomad"
+inventory_cimc_hostname: "10.30.50.18"
# User management.
users:
@@ -55,11 +55,12 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
consul_node_role: "client"
consul_retry_servers:
- - "10.30.51.28"
- - "10.30.51.29"
- - "10.30.51.30"
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
consul_service_mgr: "systemd"
+
# Docker daemon settings.
docker_daemon:
dns: ["172.17.0.1"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml
new file mode 100644
index 0000000000..b03561d735
--- /dev/null
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml
@@ -0,0 +1,68 @@
+---
+# file: host_vars/10.30.51.19.yaml
+
+hostname: "s19-nomad"
+inventory_cimc_hostname: "10.30.50.19"
+
+# User management.
+users:
+ - username: localadmin
+ groups: [adm, sudo]
+ password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
+ ssh_key:
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
+sshd_disable_password_login: true
+
+# Nomad settings.
+nomad_certificates:
+ - src: "{{ file_nomad_ca_pem }}"
+ dest: "{{ nomad_ca_file }}"
+ - src: "{{ file_nomad_client_pem }}"
+ dest: "{{ nomad_cert_file }}"
+ - src: "{{ file_nomad_client_key_pem }}"
+ dest: "{{ nomad_key_file }}"
+nomad_datacenter: "yul1"
+nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
+nomad_node_role: "client"
+nomad_node_class: "builder"
+nomad_options:
+ driver.raw_exec.enable: 1
+ docker.cleanup.image: false
+ docker.privileged.enabled: true
+ docker.volumes.enabled: true
+ driver.whitelist: "docker,raw_exec,exec"
+nomad_service_mgr: "systemd"
+nomad_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+nomad_servers:
+ - "10.32.8.15:4647"
+ - "10.32.8.16:4647"
+ - "10.32.8.17:4647"
+
+# Consul settigs.
+consul_nomad_integration: true
+consul_certificates:
+ - src: "{{ file_consul_ca_pem }}"
+ dest: "{{ consul_ca_file }}"
+consul_datacenter: "yul1"
+consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
+consul_node_name: "{{ hostname }}"
+consul_node_role: "client"
+consul_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+consul_service_mgr: "systemd"
+
+
+# Docker daemon settings.
+docker_daemon:
+ dns: ["172.17.0.1"]
+ dns-opts: []
+ dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml
new file mode 100644
index 0000000000..36ddf20298
--- /dev/null
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml
@@ -0,0 +1,67 @@
+---
+# file: host_vars/10.30.51.20.yaml
+
+hostname: "s20-nomad"
+inventory_cimc_hostname: "10.30.50.20"
+
+# User management.
+users:
+ - username: localadmin
+ groups: [adm, sudo]
+ password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
+ ssh_key:
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ5KJyLPM5yJAVLwhEwiTEZD5LkY7FEPOoyJplVMQu5/oIp+KtFr4/RrFEpJwlzuE3um+Hn9+4KZJiQvVJBEp/ZYeGMXJDw0oHlubtI/0AEdolM5TvYNzCASHulRfg2JdCGAeCG5W7vkPQmJjwtQFNw3ISGKKHgJBGipqUjDyuZPi24RI0YBfqtr/GDA0e9dZwkqI+F5yxVi9vXG68bpMkxpeC4Zlxe2DmXAEp787LYSlF+HoELPW3AAWnuQ3j1R2tImM/S9jlxfb9Uy7KlX9epkGV2/caS2EiLszT7604LrSZy4soko1CgtX1LJ3Qobz9OppkJQ+tiBU8C0oz8Z5CXnQ/GYmFt9SBDHneB1ZOtIcoV8HTQVLKCse/VXogQogdG8xOis6F+R3OAJQUF7w3ujIBCXv8ghVcynvzaGB1kxZtwceEqtIXSFdve6T2onyM0722aQ93MiXPv+IA5qpkpSN3JS0KFGxKalTdFz9+lx/agV4JVOrVxEASfok3hbNzEm/4DwUyvgf2vbHlfYQdjHg2mBmYnN3iY/ccU906Tt/TlIp25+FIIbTiLn/nt3NLLPPEZJbJDkEJ5tgJ7XLfJ9ByCfZoOIMdSPF/swDXafTcA5mJ4AKFS0HJf9wBvbgkmD2OttOAvL8k2mqsb7MiMurbXm7Ko/D+nEX+oxkKZQ== peter.mikus@protonmail.ch"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
+sshd_disable_password_login: true
+
+# Nomad settings.
+nomad_certificates:
+ - src: "{{ file_nomad_ca_pem }}"
+ dest: "{{ nomad_ca_file }}"
+ - src: "{{ file_nomad_client_pem }}"
+ dest: "{{ nomad_cert_file }}"
+ - src: "{{ file_nomad_client_key_pem }}"
+ dest: "{{ nomad_key_file }}"
+nomad_datacenter: "yul1"
+nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
+nomad_node_role: "client"
+nomad_node_class: "builder"
+nomad_options:
+ driver.raw_exec.enable: 1
+ docker.cleanup.image: false
+ docker.privileged.enabled: true
+ docker.volumes.enabled: true
+ driver.whitelist: "docker,raw_exec,exec"
+nomad_service_mgr: "systemd"
+nomad_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+nomad_servers:
+ - "10.32.8.15:4647"
+ - "10.32.8.16:4647"
+ - "10.32.8.17:4647"
+
+# Consul settigs.
+consul_nomad_integration: true
+consul_certificates:
+ - src: "{{ file_consul_ca_pem }}"
+ dest: "{{ consul_ca_file }}"
+consul_datacenter: "yul1"
+consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
+consul_node_name: "{{ hostname }}"
+consul_node_role: "client"
+consul_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+consul_service_mgr: "systemd"
+
+# Docker daemon settings.
+docker_daemon:
+ dns: ["172.17.0.1"]
+ dns-opts: []
+ dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml
new file mode 100644
index 0000000000..4ed2cc7e46
--- /dev/null
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml
@@ -0,0 +1,67 @@
+---
+# file: host_vars/10.30.51.21.yaml
+
+hostname: "s21-nomad"
+inventory_cimc_hostname: "10.30.50.21"
+
+# User management.
+users:
+ - username: localadmin
+ groups: [adm, sudo]
+ password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
+ ssh_key:
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ5KJyLPM5yJAVLwhEwiTEZD5LkY7FEPOoyJplVMQu5/oIp+KtFr4/RrFEpJwlzuE3um+Hn9+4KZJiQvVJBEp/ZYeGMXJDw0oHlubtI/0AEdolM5TvYNzCASHulRfg2JdCGAeCG5W7vkPQmJjwtQFNw3ISGKKHgJBGipqUjDyuZPi24RI0YBfqtr/GDA0e9dZwkqI+F5yxVi9vXG68bpMkxpeC4Zlxe2DmXAEp787LYSlF+HoELPW3AAWnuQ3j1R2tImM/S9jlxfb9Uy7KlX9epkGV2/caS2EiLszT7604LrSZy4soko1CgtX1LJ3Qobz9OppkJQ+tiBU8C0oz8Z5CXnQ/GYmFt9SBDHneB1ZOtIcoV8HTQVLKCse/VXogQogdG8xOis6F+R3OAJQUF7w3ujIBCXv8ghVcynvzaGB1kxZtwceEqtIXSFdve6T2onyM0722aQ93MiXPv+IA5qpkpSN3JS0KFGxKalTdFz9+lx/agV4JVOrVxEASfok3hbNzEm/4DwUyvgf2vbHlfYQdjHg2mBmYnN3iY/ccU906Tt/TlIp25+FIIbTiLn/nt3NLLPPEZJbJDkEJ5tgJ7XLfJ9ByCfZoOIMdSPF/swDXafTcA5mJ4AKFS0HJf9wBvbgkmD2OttOAvL8k2mqsb7MiMurbXm7Ko/D+nEX+oxkKZQ== peter.mikus@protonmail.ch"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
+ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
+sshd_disable_password_login: true
+
+# Nomad settings.
+nomad_certificates:
+ - src: "{{ file_nomad_ca_pem }}"
+ dest: "{{ nomad_ca_file }}"
+ - src: "{{ file_nomad_client_pem }}"
+ dest: "{{ nomad_cert_file }}"
+ - src: "{{ file_nomad_client_key_pem }}"
+ dest: "{{ nomad_key_file }}"
+nomad_datacenter: "yul1"
+nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
+nomad_node_role: "client"
+nomad_node_class: "builder"
+nomad_options:
+ driver.raw_exec.enable: 1
+ docker.cleanup.image: false
+ docker.privileged.enabled: true
+ docker.volumes.enabled: true
+ driver.whitelist: "docker,raw_exec,exec"
+nomad_service_mgr: "systemd"
+nomad_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+nomad_servers:
+ - "10.32.8.15:4647"
+ - "10.32.8.16:4647"
+ - "10.32.8.17:4647"
+
+# Consul settigs.
+consul_nomad_integration: true
+consul_certificates:
+ - src: "{{ file_consul_ca_pem }}"
+ dest: "{{ consul_ca_file }}"
+consul_datacenter: "yul1"
+consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
+consul_node_name: "{{ hostname }}"
+consul_node_role: "client"
+consul_retry_servers:
+ - "10.32.8.15"
+ - "10.32.8.16"
+ - "10.32.8.17"
+consul_service_mgr: "systemd"
+
+# Docker daemon settings.
+docker_daemon:
+ dns: ["172.17.0.1"]
+ dns-opts: []
+ dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml
index 56ee5a3f13..ebf547c575 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml
@@ -1,7 +1,7 @@
---
# file: host_vars/10.30.51.22.yaml
-hostname: "s42-nomad"
+hostname: "s22-nomad"
inventory_cimc_hostname: "10.30.50.22"
# User management.
@@ -60,6 +60,7 @@ consul_retry_servers:
- "10.32.8.17"
consul_service_mgr: "systemd"
+
# Docker daemon settings.
docker_daemon:
dns: ["172.17.0.1"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.23.yaml
index 50c4179f9d..b9aa7c3946 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.23.yaml
@@ -1,8 +1,8 @@
---
-# file: host_vars/10.32.8.14.yaml
+# file: host_vars/10.30.51.23.yaml
-hostname: "s46-nomad"
-inventory_ipmi_hostname: "10.30.55.14"
+hostname: "s23-nomad"
+inventory_ipmi_hostname: "10.30.50.23"
# User management.
users:
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml
index 570bdce5d2..5069a1b783 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml
@@ -1,8 +1,8 @@
---
# file: host_vars/10.30.51.24.yaml
-hostname: "s43-nomad"
-inventory_cimc_hostname: "10.30.50.24"
+hostname: "s24-nomad"
+inventory_ipmi_hostname: "10.30.50.24"
# User management.
users:
@@ -21,46 +21,55 @@ sshd_disable_password_login: true
nomad_certificates:
- src: "{{ file_nomad_ca_pem }}"
dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_client_pem }}"
+ - src: "{{ file_nomad_server_pem }}"
dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_client_key_pem }}"
+ - src: "{{ file_nomad_server_key_pem }}"
dest: "{{ nomad_key_file }}"
nomad_datacenter: "yul1"
+nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "client"
+nomad_node_role: "both"
nomad_node_class: "builder"
nomad_options:
driver.raw_exec.enable: 1
- docker.cleanup.image: false
+ docker.cleanup.image: true
docker.privileged.enabled: true
docker.volumes.enabled: true
driver.whitelist: "docker,raw_exec,exec"
+ fingerprint.network.disallow_link_local: true
nomad_service_mgr: "systemd"
nomad_retry_servers:
- - "10.32.8.15"
+ - "10.32.8.14"
- "10.32.8.16"
- "10.32.8.17"
nomad_servers:
- - "10.32.8.15:4647"
+ - "10.32.8.14:4647"
- "10.32.8.16:4647"
- "10.32.8.17:4647"
+nomad_volumes:
+ - name: "prod-volume-data1-1"
+ path: "/data"
+ read_only: false
# Consul settigs.
consul_nomad_integration: true
consul_certificates:
- src: "{{ file_consul_ca_pem }}"
dest: "{{ consul_ca_file }}"
+ - src: "{{ file_consul_server_1_pem }}"
+ dest: "{{ consul_cert_file }}"
+ - src: "{{ file_consul_server_1_key_pem }}"
+ dest: "{{ consul_key_file }}"
consul_datacenter: "yul1"
consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
-consul_node_role: "client"
+consul_node_role: "both"
consul_retry_servers:
- - "10.32.8.15"
+ - "10.32.8.14"
- "10.32.8.16"
- "10.32.8.17"
consul_service_mgr: "systemd"
-
# Docker daemon settings.
docker_daemon:
dns: ["172.17.0.1"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
index a1183921ae..f9da42792e 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
@@ -1,8 +1,8 @@
---
# file: host_vars/10.30.51.25.yaml
-hostname: "s44-nomad"
-inventory_cimc_hostname: "10.30.50.25"
+hostname: "s25-nomad"
+inventory_ipmi_hostname: "10.30.50.25"
# User management.
users:
@@ -21,46 +21,55 @@ sshd_disable_password_login: true
nomad_certificates:
- src: "{{ file_nomad_ca_pem }}"
dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_client_pem }}"
+ - src: "{{ file_nomad_server_pem }}"
dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_client_key_pem }}"
+ - src: "{{ file_nomad_server_key_pem }}"
dest: "{{ nomad_key_file }}"
nomad_datacenter: "yul1"
+nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "client"
+nomad_node_role: "both"
nomad_node_class: "builder"
nomad_options:
driver.raw_exec.enable: 1
- docker.cleanup.image: false
+ docker.cleanup.image: true
docker.privileged.enabled: true
docker.volumes.enabled: true
driver.whitelist: "docker,raw_exec,exec"
+ fingerprint.network.disallow_link_local: true
nomad_service_mgr: "systemd"
nomad_retry_servers:
+ - "10.32.8.14"
- "10.32.8.15"
- - "10.32.8.16"
- "10.32.8.17"
nomad_servers:
+ - "10.32.8.14:4647"
- "10.32.8.15:4647"
- - "10.32.8.16:4647"
- "10.32.8.17:4647"
+nomad_volumes:
+ - name: "prod-volume-data1-1"
+ path: "/data"
+ read_only: false
# Consul settigs.
consul_nomad_integration: true
consul_certificates:
- src: "{{ file_consul_ca_pem }}"
dest: "{{ consul_ca_file }}"
+ - src: "{{ file_consul_server_2_pem }}"
+ dest: "{{ consul_cert_file }}"
+ - src: "{{ file_consul_server_2_key_pem }}"
+ dest: "{{ consul_key_file }}"
consul_datacenter: "yul1"
consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
-consul_node_role: "client"
+consul_node_role: "both"
consul_retry_servers:
+ - "10.32.8.14"
- "10.32.8.15"
- - "10.32.8.16"
- "10.32.8.17"
consul_service_mgr: "systemd"
-
# Docker daemon settings.
docker_daemon:
dns: ["172.17.0.1"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml
index cbb756ae6d..27f9e46d6e 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml
@@ -1,8 +1,8 @@
---
# file: host_vars/10.30.51.26.yaml
-hostname: "s45-nomad"
-inventory_cimc_hostname: "10.30.50.26"
+hostname: "s26-nomad"
+inventory_ipmi_hostname: "10.30.50.26"
# User management.
users:
@@ -21,46 +21,55 @@ sshd_disable_password_login: true
nomad_certificates:
- src: "{{ file_nomad_ca_pem }}"
dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_client_pem }}"
+ - src: "{{ file_nomad_server_pem }}"
dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_client_key_pem }}"
+ - src: "{{ file_nomad_server_key_pem }}"
dest: "{{ nomad_key_file }}"
nomad_datacenter: "yul1"
+nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "client"
+nomad_node_role: "both"
nomad_node_class: "builder"
nomad_options:
driver.raw_exec.enable: 1
- docker.cleanup.image: false
+ docker.cleanup.image: true
docker.privileged.enabled: true
docker.volumes.enabled: true
driver.whitelist: "docker,raw_exec,exec"
+ fingerprint.network.disallow_link_local: true
nomad_service_mgr: "systemd"
nomad_retry_servers:
+ - "10.32.8.14"
- "10.32.8.15"
- "10.32.8.16"
- - "10.32.8.17"
nomad_servers:
+ - "10.32.8.14:4647"
- "10.32.8.15:4647"
- "10.32.8.16:4647"
- - "10.32.8.17:4647"
+nomad_volumes:
+ - name: "prod-volume-data1-1"
+ path: "/data"
+ read_only: false
# Consul settigs.
consul_nomad_integration: true
consul_certificates:
- src: "{{ file_consul_ca_pem }}"
dest: "{{ consul_ca_file }}"
+ - src: "{{ file_consul_server_3_pem }}"
+ dest: "{{ consul_cert_file }}"
+ - src: "{{ file_consul_server_3_key_pem }}"
+ dest: "{{ consul_key_file }}"
consul_datacenter: "yul1"
consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
consul_node_name: "{{ hostname }}"
-consul_node_role: "client"
+consul_node_role: "both"
consul_retry_servers:
+ - "10.32.8.14"
- "10.32.8.15"
- "10.32.8.16"
- - "10.32.8.17"
consul_service_mgr: "systemd"
-
# Docker daemon settings.
docker_daemon:
dns: ["172.17.0.1"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml
deleted file mode 100644
index 3d94ef5a2e..0000000000
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
----
-# file: host_vars/10.32.8.15.yaml
-
-hostname: "s47-nomad"
-inventory_ipmi_hostname: "10.30.55.15"
-
-# User management.
-users:
- - username: localadmin
- groups: [adm, sudo]
- password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
- ssh_key:
- - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
-sshd_disable_password_login: true
-
-# Nomad settings.
-nomad_certificates:
- - src: "{{ file_nomad_ca_pem }}"
- dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_server_pem }}"
- dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_server_key_pem }}"
- dest: "{{ nomad_key_file }}"
-nomad_datacenter: "yul1"
-nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "both"
-nomad_node_class: "builder"
-nomad_options:
- driver.raw_exec.enable: 1
- docker.cleanup.image: true
- docker.privileged.enabled: true
- docker.volumes.enabled: true
- driver.whitelist: "docker,raw_exec,exec"
- fingerprint.network.disallow_link_local: true
-nomad_service_mgr: "systemd"
-nomad_retry_servers:
- - "10.32.8.14"
- - "10.32.8.16"
- - "10.32.8.17"
-nomad_servers:
- - "10.32.8.14:4647"
- - "10.32.8.16:4647"
- - "10.32.8.17:4647"
-nomad_volumes:
- - name: "prod-volume-data1-1"
- path: "/data"
- read_only: false
-
-# Consul settigs.
-consul_nomad_integration: true
-consul_certificates:
- - src: "{{ file_consul_ca_pem }}"
- dest: "{{ consul_ca_file }}"
- - src: "{{ file_consul_server_1_pem }}"
- dest: "{{ consul_cert_file }}"
- - src: "{{ file_consul_server_1_key_pem }}"
- dest: "{{ consul_key_file }}"
-consul_datacenter: "yul1"
-consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-consul_node_name: "{{ hostname }}"
-consul_node_role: "both"
-consul_retry_servers:
- - "10.32.8.14"
- - "10.32.8.16"
- - "10.32.8.17"
-consul_service_mgr: "systemd"
-
-# Docker daemon settings.
-docker_daemon:
- dns: ["172.17.0.1"]
- dns-opts: []
- dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml
deleted file mode 100644
index 13a6635079..0000000000
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
----
-# file: host_vars/10.32.8.16.yaml
-
-hostname: "s48-nomad"
-inventory_ipmi_hostname: "10.30.55.16"
-
-# User management.
-users:
- - username: localadmin
- groups: [adm, sudo]
- password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
- ssh_key:
- - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
-sshd_disable_password_login: true
-
-# Nomad settings.
-nomad_certificates:
- - src: "{{ file_nomad_ca_pem }}"
- dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_server_pem }}"
- dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_server_key_pem }}"
- dest: "{{ nomad_key_file }}"
-nomad_datacenter: "yul1"
-nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "both"
-nomad_node_class: "builder"
-nomad_options:
- driver.raw_exec.enable: 1
- docker.cleanup.image: true
- docker.privileged.enabled: true
- docker.volumes.enabled: true
- driver.whitelist: "docker,raw_exec,exec"
- fingerprint.network.disallow_link_local: true
-nomad_service_mgr: "systemd"
-nomad_retry_servers:
- - "10.32.8.14"
- - "10.32.8.15"
- - "10.32.8.17"
-nomad_servers:
- - "10.32.8.14:4647"
- - "10.32.8.15:4647"
- - "10.32.8.17:4647"
-nomad_volumes:
- - name: "prod-volume-data1-1"
- path: "/data"
- read_only: false
-
-# Consul settigs.
-consul_nomad_integration: true
-consul_certificates:
- - src: "{{ file_consul_ca_pem }}"
- dest: "{{ consul_ca_file }}"
- - src: "{{ file_consul_server_2_pem }}"
- dest: "{{ consul_cert_file }}"
- - src: "{{ file_consul_server_2_key_pem }}"
- dest: "{{ consul_key_file }}"
-consul_datacenter: "yul1"
-consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-consul_node_name: "{{ hostname }}"
-consul_node_role: "both"
-consul_retry_servers:
- - "10.32.8.14"
- - "10.32.8.15"
- - "10.32.8.17"
-consul_service_mgr: "systemd"
-
-# Docker daemon settings.
-docker_daemon:
- dns: ["172.17.0.1"]
- dns-opts: []
- dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml
deleted file mode 100644
index bb67baa67c..0000000000
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
----
-# file: host_vars/10.32.8.17.yaml
-
-hostname: "s57-nomad"
-inventory_ipmi_hostname: "10.30.55.17"
-
-# User management.
-users:
- - username: localadmin
- groups: [adm, sudo]
- password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
- ssh_key:
- - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
- - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1"
-sshd_disable_password_login: true
-
-# Nomad settings.
-nomad_certificates:
- - src: "{{ file_nomad_ca_pem }}"
- dest: "{{ nomad_ca_file }}"
- - src: "{{ file_nomad_server_pem }}"
- dest: "{{ nomad_cert_file }}"
- - src: "{{ file_nomad_server_key_pem }}"
- dest: "{{ nomad_key_file }}"
-nomad_datacenter: "yul1"
-nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "both"
-nomad_node_class: "builder"
-nomad_options:
- driver.raw_exec.enable: 1
- docker.cleanup.image: true
- docker.privileged.enabled: true
- docker.volumes.enabled: true
- driver.whitelist: "docker,raw_exec,exec"
- fingerprint.network.disallow_link_local: true
-nomad_service_mgr: "systemd"
-nomad_retry_servers:
- - "10.32.8.14"
- - "10.32.8.15"
- - "10.32.8.16"
-nomad_servers:
- - "10.32.8.14:4647"
- - "10.32.8.15:4647"
- - "10.32.8.16:4647"
-nomad_volumes:
- - name: "prod-volume-data1-1"
- path: "/data"
- read_only: false
-
-# Consul settigs.
-consul_nomad_integration: true
-consul_certificates:
- - src: "{{ file_consul_ca_pem }}"
- dest: "{{ consul_ca_file }}"
- - src: "{{ file_consul_server_3_pem }}"
- dest: "{{ consul_cert_file }}"
- - src: "{{ file_consul_server_3_key_pem }}"
- dest: "{{ consul_key_file }}"
-consul_datacenter: "yul1"
-consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
-consul_node_name: "{{ hostname }}"
-consul_node_role: "both"
-consul_retry_servers:
- - "10.32.8.14"
- - "10.32.8.15"
- - "10.32.8.16"
-consul_service_mgr: "systemd"
-
-# Docker daemon settings.
-docker_daemon:
- dns: ["172.17.0.1"]
- dns-opts: []
- dns-search: ["{{ansible_hostname}}"]
diff --git a/fdio.infra.ansible/inventories/lf_inventory/hosts b/fdio.infra.ansible/inventories/lf_inventory/hosts
index 4a6b819e15..76261d70e3 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/hosts
+++ b/fdio.infra.ansible/inventories/lf_inventory/hosts
@@ -61,17 +61,17 @@ all:
10.30.51.71: #s56-t14-sut1 - thunderx2 9980
nomad:
hosts:
- 10.30.51.22: #s42-nomad - haswell
- 10.30.51.24: #s43-nomad - haswell
- 10.30.51.25: #s44-nomad - haswell
- 10.30.51.26: #s45-nomad - haswell
- 10.30.51.28: #s41-nomad - haswell
- 10.30.51.29: #s39-nomad - haswell
- 10.30.51.30: #s40-nomad - haswell
- 10.32.8.14: #s46-nomad - skylake
- 10.32.8.15: #s47-nomad - skylake
- 10.32.8.16: #s48-nomad - skylake
- 10.32.8.17: #s57-nomad - skylake
+ 10.30.51.16: #s16-nomad - haswell
+ 10.30.51.17: #s17-nomad - haswell
+ 10.30.51.18: #s18-nomad - haswell
+ 10.30.51.19: #s19-nomad - haswell
+ 10.30.51.20: #s20-nomad - haswell
+ 10.30.51.21: #s21-nomad - haswell
+ 10.30.51.22: #s22-nomad - haswell
+ 10.30.51.23: #s23-nomad - skylake
+ 10.30.51.24: #s24-nomad - skylake
+ 10.30.51.25: #s25-nomad - skylake
+ 10.30.51.26: #s26-nomad - skylake
10.30.51.39: #s53-nomad - thunderx 88xx
10.30.51.40: #s54-nomad - thunderx 88xx
10.30.51.65: #s52-nomad - thunderx 88xx
diff --git a/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2 b/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2
index 663ee3a549..f0ab223319 100644
--- a/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2
+++ b/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2
@@ -4,6 +4,9 @@ server {
{% if nomad_node_server | bool -%}
bootstrap_expect = {{ nomad_bootstrap_expect }}
{%- endif %}
+ {% if nomad_node_server | bool -%}
+ raft_protocol = 3
+ {%- endif %}
{% if nomad_authoritative_region is defined %}
authoritative_region = "{{ nomad_authoritative_region }}"