diff options
author | Peter Mikus <pmikus@cisco.com> | 2022-07-07 10:00:02 +0000 |
---|---|---|
committer | Peter Mikus <peter.mikus@protonmail.ch> | 2022-08-03 08:10:02 +0000 |
commit | 82b34c726b4eb93fbb8ca48b491dd7da65cb813b (patch) | |
tree | 4a77f69dd8a212f5759ba8f2c538564a90546a7e /fdio.infra.ansible | |
parent | dc200e7f96297b3bccecb88b4e951b142617734b (diff) |
feat(pxe): Migrate Ubuntu Jammy I.
Signed-off-by: Peter Mikus <pmikus@cisco.com>
Change-Id: I8f79882fce6375a55d67167781fc6b4212934e06
Diffstat (limited to 'fdio.infra.ansible')
16 files changed, 300 insertions, 297 deletions
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.16.yaml index 750274774f..e53467cbc6 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.16.yaml @@ -1,8 +1,8 @@ --- -# file: host_vars/10.30.51.28.yaml +# file: host_vars/10.30.51.16.yaml -hostname: "s41-nomad" -inventory_cimc_hostname: "10.30.50.28" +hostname: "s16-nomad" +inventory_cimc_hostname: "10.30.50.16" # User management. users: @@ -55,9 +55,9 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" consul_node_role: "client" consul_retry_servers: - - "10.30.51.28" - - "10.30.51.29" - - "10.30.51.30" + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" consul_service_mgr: "systemd" # Docker daemon settings. diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.17.yaml index 463caa393a..9ca2860b99 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.17.yaml @@ -1,8 +1,8 @@ --- -# file: host_vars/10.30.51.30.yaml +# file: host_vars/10.30.51.17.yaml -hostname: "s40-nomad" -inventory_cimc_hostname: "10.30.50.30" +hostname: "s17-nomad" +inventory_cimc_hostname: "10.30.50.17" # User management. users: @@ -55,9 +55,9 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" consul_node_role: "client" consul_retry_servers: - - "10.30.51.28" - - "10.30.51.29" - - "10.30.51.30" + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" consul_service_mgr: "systemd" diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.18.yaml index e43b6e3fc3..29c19c35c2 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.18.yaml @@ -1,8 +1,8 @@ --- -# file: host_vars/10.30.51.29.yaml +# file: host_vars/10.30.51.18.yaml -hostname: "s39-nomad" -inventory_cimc_hostname: "10.30.50.29" +hostname: "s18-nomad" +inventory_cimc_hostname: "10.30.50.18" # User management. users: @@ -55,11 +55,12 @@ consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" consul_node_role: "client" consul_retry_servers: - - "10.30.51.28" - - "10.30.51.29" - - "10.30.51.30" + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" consul_service_mgr: "systemd" + # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml new file mode 100644 index 0000000000..b03561d735 --- /dev/null +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.19.yaml @@ -0,0 +1,68 @@ +--- +# file: host_vars/10.30.51.19.yaml + +hostname: "s19-nomad" +inventory_cimc_hostname: "10.30.50.19" + +# User management. +users: + - username: localadmin + groups: [adm, sudo] + password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" +sshd_disable_password_login: true + +# Nomad settings. +nomad_certificates: + - src: "{{ file_nomad_ca_pem }}" + dest: "{{ nomad_ca_file }}" + - src: "{{ file_nomad_client_pem }}" + dest: "{{ nomad_cert_file }}" + - src: "{{ file_nomad_client_key_pem }}" + dest: "{{ nomad_key_file }}" +nomad_datacenter: "yul1" +nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" +nomad_node_role: "client" +nomad_node_class: "builder" +nomad_options: + driver.raw_exec.enable: 1 + docker.cleanup.image: false + docker.privileged.enabled: true + docker.volumes.enabled: true + driver.whitelist: "docker,raw_exec,exec" +nomad_service_mgr: "systemd" +nomad_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +nomad_servers: + - "10.32.8.15:4647" + - "10.32.8.16:4647" + - "10.32.8.17:4647" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ file_consul_ca_pem }}" + dest: "{{ consul_ca_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +consul_service_mgr: "systemd" + + +# Docker daemon settings. +docker_daemon: + dns: ["172.17.0.1"] + dns-opts: [] + dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml new file mode 100644 index 0000000000..36ddf20298 --- /dev/null +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.20.yaml @@ -0,0 +1,67 @@ +--- +# file: host_vars/10.30.51.20.yaml + +hostname: "s20-nomad" +inventory_cimc_hostname: "10.30.50.20" + +# User management. +users: + - username: localadmin + groups: [adm, sudo] + password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ5KJyLPM5yJAVLwhEwiTEZD5LkY7FEPOoyJplVMQu5/oIp+KtFr4/RrFEpJwlzuE3um+Hn9+4KZJiQvVJBEp/ZYeGMXJDw0oHlubtI/0AEdolM5TvYNzCASHulRfg2JdCGAeCG5W7vkPQmJjwtQFNw3ISGKKHgJBGipqUjDyuZPi24RI0YBfqtr/GDA0e9dZwkqI+F5yxVi9vXG68bpMkxpeC4Zlxe2DmXAEp787LYSlF+HoELPW3AAWnuQ3j1R2tImM/S9jlxfb9Uy7KlX9epkGV2/caS2EiLszT7604LrSZy4soko1CgtX1LJ3Qobz9OppkJQ+tiBU8C0oz8Z5CXnQ/GYmFt9SBDHneB1ZOtIcoV8HTQVLKCse/VXogQogdG8xOis6F+R3OAJQUF7w3ujIBCXv8ghVcynvzaGB1kxZtwceEqtIXSFdve6T2onyM0722aQ93MiXPv+IA5qpkpSN3JS0KFGxKalTdFz9+lx/agV4JVOrVxEASfok3hbNzEm/4DwUyvgf2vbHlfYQdjHg2mBmYnN3iY/ccU906Tt/TlIp25+FIIbTiLn/nt3NLLPPEZJbJDkEJ5tgJ7XLfJ9ByCfZoOIMdSPF/swDXafTcA5mJ4AKFS0HJf9wBvbgkmD2OttOAvL8k2mqsb7MiMurbXm7Ko/D+nEX+oxkKZQ== peter.mikus@protonmail.ch" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" +sshd_disable_password_login: true + +# Nomad settings. +nomad_certificates: + - src: "{{ file_nomad_ca_pem }}" + dest: "{{ nomad_ca_file }}" + - src: "{{ file_nomad_client_pem }}" + dest: "{{ nomad_cert_file }}" + - src: "{{ file_nomad_client_key_pem }}" + dest: "{{ nomad_key_file }}" +nomad_datacenter: "yul1" +nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" +nomad_node_role: "client" +nomad_node_class: "builder" +nomad_options: + driver.raw_exec.enable: 1 + docker.cleanup.image: false + docker.privileged.enabled: true + docker.volumes.enabled: true + driver.whitelist: "docker,raw_exec,exec" +nomad_service_mgr: "systemd" +nomad_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +nomad_servers: + - "10.32.8.15:4647" + - "10.32.8.16:4647" + - "10.32.8.17:4647" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ file_consul_ca_pem }}" + dest: "{{ consul_ca_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +consul_service_mgr: "systemd" + +# Docker daemon settings. +docker_daemon: + dns: ["172.17.0.1"] + dns-opts: [] + dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml new file mode 100644 index 0000000000..4ed2cc7e46 --- /dev/null +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.21.yaml @@ -0,0 +1,67 @@ +--- +# file: host_vars/10.30.51.21.yaml + +hostname: "s21-nomad" +inventory_cimc_hostname: "10.30.50.21" + +# User management. +users: + - username: localadmin + groups: [adm, sudo] + password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ5KJyLPM5yJAVLwhEwiTEZD5LkY7FEPOoyJplVMQu5/oIp+KtFr4/RrFEpJwlzuE3um+Hn9+4KZJiQvVJBEp/ZYeGMXJDw0oHlubtI/0AEdolM5TvYNzCASHulRfg2JdCGAeCG5W7vkPQmJjwtQFNw3ISGKKHgJBGipqUjDyuZPi24RI0YBfqtr/GDA0e9dZwkqI+F5yxVi9vXG68bpMkxpeC4Zlxe2DmXAEp787LYSlF+HoELPW3AAWnuQ3j1R2tImM/S9jlxfb9Uy7KlX9epkGV2/caS2EiLszT7604LrSZy4soko1CgtX1LJ3Qobz9OppkJQ+tiBU8C0oz8Z5CXnQ/GYmFt9SBDHneB1ZOtIcoV8HTQVLKCse/VXogQogdG8xOis6F+R3OAJQUF7w3ujIBCXv8ghVcynvzaGB1kxZtwceEqtIXSFdve6T2onyM0722aQ93MiXPv+IA5qpkpSN3JS0KFGxKalTdFz9+lx/agV4JVOrVxEASfok3hbNzEm/4DwUyvgf2vbHlfYQdjHg2mBmYnN3iY/ccU906Tt/TlIp25+FIIbTiLn/nt3NLLPPEZJbJDkEJ5tgJ7XLfJ9ByCfZoOIMdSPF/swDXafTcA5mJ4AKFS0HJf9wBvbgkmD2OttOAvL8k2mqsb7MiMurbXm7Ko/D+nEX+oxkKZQ== peter.mikus@protonmail.ch" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" + - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" +sshd_disable_password_login: true + +# Nomad settings. +nomad_certificates: + - src: "{{ file_nomad_ca_pem }}" + dest: "{{ nomad_ca_file }}" + - src: "{{ file_nomad_client_pem }}" + dest: "{{ nomad_cert_file }}" + - src: "{{ file_nomad_client_key_pem }}" + dest: "{{ nomad_key_file }}" +nomad_datacenter: "yul1" +nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" +nomad_node_role: "client" +nomad_node_class: "builder" +nomad_options: + driver.raw_exec.enable: 1 + docker.cleanup.image: false + docker.privileged.enabled: true + docker.volumes.enabled: true + driver.whitelist: "docker,raw_exec,exec" +nomad_service_mgr: "systemd" +nomad_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +nomad_servers: + - "10.32.8.15:4647" + - "10.32.8.16:4647" + - "10.32.8.17:4647" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ file_consul_ca_pem }}" + dest: "{{ consul_ca_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.32.8.15" + - "10.32.8.16" + - "10.32.8.17" +consul_service_mgr: "systemd" + +# Docker daemon settings. +docker_daemon: + dns: ["172.17.0.1"] + dns-opts: [] + dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml index 56ee5a3f13..ebf547c575 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.22.yaml @@ -1,7 +1,7 @@ --- # file: host_vars/10.30.51.22.yaml -hostname: "s42-nomad" +hostname: "s22-nomad" inventory_cimc_hostname: "10.30.50.22" # User management. @@ -60,6 +60,7 @@ consul_retry_servers: - "10.32.8.17" consul_service_mgr: "systemd" + # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.23.yaml index 50c4179f9d..b9aa7c3946 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.23.yaml @@ -1,8 +1,8 @@ --- -# file: host_vars/10.32.8.14.yaml +# file: host_vars/10.30.51.23.yaml -hostname: "s46-nomad" -inventory_ipmi_hostname: "10.30.55.14" +hostname: "s23-nomad" +inventory_ipmi_hostname: "10.30.50.23" # User management. users: diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml index 570bdce5d2..5069a1b783 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.24.yaml @@ -1,8 +1,8 @@ --- # file: host_vars/10.30.51.24.yaml -hostname: "s43-nomad" -inventory_cimc_hostname: "10.30.50.24" +hostname: "s24-nomad" +inventory_ipmi_hostname: "10.30.50.24" # User management. users: @@ -21,46 +21,55 @@ sshd_disable_password_login: true nomad_certificates: - src: "{{ file_nomad_ca_pem }}" dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_client_pem }}" + - src: "{{ file_nomad_server_pem }}" dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_client_key_pem }}" + - src: "{{ file_nomad_server_key_pem }}" dest: "{{ nomad_key_file }}" nomad_datacenter: "yul1" +nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "client" +nomad_node_role: "both" nomad_node_class: "builder" nomad_options: driver.raw_exec.enable: 1 - docker.cleanup.image: false + docker.cleanup.image: true docker.privileged.enabled: true docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" + fingerprint.network.disallow_link_local: true nomad_service_mgr: "systemd" nomad_retry_servers: - - "10.32.8.15" + - "10.32.8.14" - "10.32.8.16" - "10.32.8.17" nomad_servers: - - "10.32.8.15:4647" + - "10.32.8.14:4647" - "10.32.8.16:4647" - "10.32.8.17:4647" +nomad_volumes: + - name: "prod-volume-data1-1" + path: "/data" + read_only: false # Consul settigs. consul_nomad_integration: true consul_certificates: - src: "{{ file_consul_ca_pem }}" dest: "{{ consul_ca_file }}" + - src: "{{ file_consul_server_1_pem }}" + dest: "{{ consul_cert_file }}" + - src: "{{ file_consul_server_1_key_pem }}" + dest: "{{ consul_key_file }}" consul_datacenter: "yul1" consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" -consul_node_role: "client" +consul_node_role: "both" consul_retry_servers: - - "10.32.8.15" + - "10.32.8.14" - "10.32.8.16" - "10.32.8.17" consul_service_mgr: "systemd" - # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml index a1183921ae..f9da42792e 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml @@ -1,8 +1,8 @@ --- # file: host_vars/10.30.51.25.yaml -hostname: "s44-nomad" -inventory_cimc_hostname: "10.30.50.25" +hostname: "s25-nomad" +inventory_ipmi_hostname: "10.30.50.25" # User management. users: @@ -21,46 +21,55 @@ sshd_disable_password_login: true nomad_certificates: - src: "{{ file_nomad_ca_pem }}" dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_client_pem }}" + - src: "{{ file_nomad_server_pem }}" dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_client_key_pem }}" + - src: "{{ file_nomad_server_key_pem }}" dest: "{{ nomad_key_file }}" nomad_datacenter: "yul1" +nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "client" +nomad_node_role: "both" nomad_node_class: "builder" nomad_options: driver.raw_exec.enable: 1 - docker.cleanup.image: false + docker.cleanup.image: true docker.privileged.enabled: true docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" + fingerprint.network.disallow_link_local: true nomad_service_mgr: "systemd" nomad_retry_servers: + - "10.32.8.14" - "10.32.8.15" - - "10.32.8.16" - "10.32.8.17" nomad_servers: + - "10.32.8.14:4647" - "10.32.8.15:4647" - - "10.32.8.16:4647" - "10.32.8.17:4647" +nomad_volumes: + - name: "prod-volume-data1-1" + path: "/data" + read_only: false # Consul settigs. consul_nomad_integration: true consul_certificates: - src: "{{ file_consul_ca_pem }}" dest: "{{ consul_ca_file }}" + - src: "{{ file_consul_server_2_pem }}" + dest: "{{ consul_cert_file }}" + - src: "{{ file_consul_server_2_key_pem }}" + dest: "{{ consul_key_file }}" consul_datacenter: "yul1" consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" -consul_node_role: "client" +consul_node_role: "both" consul_retry_servers: + - "10.32.8.14" - "10.32.8.15" - - "10.32.8.16" - "10.32.8.17" consul_service_mgr: "systemd" - # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml index cbb756ae6d..27f9e46d6e 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml +++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.26.yaml @@ -1,8 +1,8 @@ --- # file: host_vars/10.30.51.26.yaml -hostname: "s45-nomad" -inventory_cimc_hostname: "10.30.50.26" +hostname: "s26-nomad" +inventory_ipmi_hostname: "10.30.50.26" # User management. users: @@ -21,46 +21,55 @@ sshd_disable_password_login: true nomad_certificates: - src: "{{ file_nomad_ca_pem }}" dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_client_pem }}" + - src: "{{ file_nomad_server_pem }}" dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_client_key_pem }}" + - src: "{{ file_nomad_server_key_pem }}" dest: "{{ nomad_key_file }}" nomad_datacenter: "yul1" +nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "client" +nomad_node_role: "both" nomad_node_class: "builder" nomad_options: driver.raw_exec.enable: 1 - docker.cleanup.image: false + docker.cleanup.image: true docker.privileged.enabled: true docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" + fingerprint.network.disallow_link_local: true nomad_service_mgr: "systemd" nomad_retry_servers: + - "10.32.8.14" - "10.32.8.15" - "10.32.8.16" - - "10.32.8.17" nomad_servers: + - "10.32.8.14:4647" - "10.32.8.15:4647" - "10.32.8.16:4647" - - "10.32.8.17:4647" +nomad_volumes: + - name: "prod-volume-data1-1" + path: "/data" + read_only: false # Consul settigs. consul_nomad_integration: true consul_certificates: - src: "{{ file_consul_ca_pem }}" dest: "{{ consul_ca_file }}" + - src: "{{ file_consul_server_3_pem }}" + dest: "{{ consul_cert_file }}" + - src: "{{ file_consul_server_3_key_pem }}" + dest: "{{ consul_key_file }}" consul_datacenter: "yul1" consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" consul_node_name: "{{ hostname }}" -consul_node_role: "client" +consul_node_role: "both" consul_retry_servers: + - "10.32.8.14" - "10.32.8.15" - "10.32.8.16" - - "10.32.8.17" consul_service_mgr: "systemd" - # Docker daemon settings. docker_daemon: dns: ["172.17.0.1"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml deleted file mode 100644 index 3d94ef5a2e..0000000000 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -# file: host_vars/10.32.8.15.yaml - -hostname: "s47-nomad" -inventory_ipmi_hostname: "10.30.55.15" - -# User management. -users: - - username: localadmin - groups: [adm, sudo] - password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" - ssh_key: - - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" -sshd_disable_password_login: true - -# Nomad settings. -nomad_certificates: - - src: "{{ file_nomad_ca_pem }}" - dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_server_pem }}" - dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_server_key_pem }}" - dest: "{{ nomad_key_file }}" -nomad_datacenter: "yul1" -nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "both" -nomad_node_class: "builder" -nomad_options: - driver.raw_exec.enable: 1 - docker.cleanup.image: true - docker.privileged.enabled: true - docker.volumes.enabled: true - driver.whitelist: "docker,raw_exec,exec" - fingerprint.network.disallow_link_local: true -nomad_service_mgr: "systemd" -nomad_retry_servers: - - "10.32.8.14" - - "10.32.8.16" - - "10.32.8.17" -nomad_servers: - - "10.32.8.14:4647" - - "10.32.8.16:4647" - - "10.32.8.17:4647" -nomad_volumes: - - name: "prod-volume-data1-1" - path: "/data" - read_only: false - -# Consul settigs. -consul_nomad_integration: true -consul_certificates: - - src: "{{ file_consul_ca_pem }}" - dest: "{{ consul_ca_file }}" - - src: "{{ file_consul_server_1_pem }}" - dest: "{{ consul_cert_file }}" - - src: "{{ file_consul_server_1_key_pem }}" - dest: "{{ consul_key_file }}" -consul_datacenter: "yul1" -consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -consul_node_name: "{{ hostname }}" -consul_node_role: "both" -consul_retry_servers: - - "10.32.8.14" - - "10.32.8.16" - - "10.32.8.17" -consul_service_mgr: "systemd" - -# Docker daemon settings. -docker_daemon: - dns: ["172.17.0.1"] - dns-opts: [] - dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml deleted file mode 100644 index 13a6635079..0000000000 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -# file: host_vars/10.32.8.16.yaml - -hostname: "s48-nomad" -inventory_ipmi_hostname: "10.30.55.16" - -# User management. -users: - - username: localadmin - groups: [adm, sudo] - password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" - ssh_key: - - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" -sshd_disable_password_login: true - -# Nomad settings. -nomad_certificates: - - src: "{{ file_nomad_ca_pem }}" - dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_server_pem }}" - dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_server_key_pem }}" - dest: "{{ nomad_key_file }}" -nomad_datacenter: "yul1" -nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "both" -nomad_node_class: "builder" -nomad_options: - driver.raw_exec.enable: 1 - docker.cleanup.image: true - docker.privileged.enabled: true - docker.volumes.enabled: true - driver.whitelist: "docker,raw_exec,exec" - fingerprint.network.disallow_link_local: true -nomad_service_mgr: "systemd" -nomad_retry_servers: - - "10.32.8.14" - - "10.32.8.15" - - "10.32.8.17" -nomad_servers: - - "10.32.8.14:4647" - - "10.32.8.15:4647" - - "10.32.8.17:4647" -nomad_volumes: - - name: "prod-volume-data1-1" - path: "/data" - read_only: false - -# Consul settigs. -consul_nomad_integration: true -consul_certificates: - - src: "{{ file_consul_ca_pem }}" - dest: "{{ consul_ca_file }}" - - src: "{{ file_consul_server_2_pem }}" - dest: "{{ consul_cert_file }}" - - src: "{{ file_consul_server_2_key_pem }}" - dest: "{{ consul_key_file }}" -consul_datacenter: "yul1" -consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -consul_node_name: "{{ hostname }}" -consul_node_role: "both" -consul_retry_servers: - - "10.32.8.14" - - "10.32.8.15" - - "10.32.8.17" -consul_service_mgr: "systemd" - -# Docker daemon settings. -docker_daemon: - dns: ["172.17.0.1"] - dns-opts: [] - dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml deleted file mode 100644 index bb67baa67c..0000000000 --- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.32.8.17.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -# file: host_vars/10.32.8.17.yaml - -hostname: "s57-nomad" -inventory_ipmi_hostname: "10.30.55.17" - -# User management. -users: - - username: localadmin - groups: [adm, sudo] - password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" - ssh_key: - - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local" - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmo2YP4t/f58AAYH72rOe5VjYjk3wb/GY3aJEd5s9WspLhnsY0xBL67C+4kMq6VmQQvg0cUB8RJSFX1tUXMHCorVWnXNHkYomx0MCPcPUpVHuRyEqczYJ2pzgZsPzoEfw9E5hTrAiGzYFNAS/NOSavapVMDZxa1zsX7+sWQvJfmVtJWpcTQb0TkoWXRsy0YM3PYfUbYvK7lR3lGwyhwCcJn0WwWGreFB7bIok0poqqX5BgJ/okZuvC8II+UfuGoBHNhg49oqST1JlNi9gRqDNmLWkHRaneWZiF+Y2hdN3PRCdkt1x3eU0R+cdi5kPKslb6P0lsjOEA7fDLlq1+T2z1" -sshd_disable_password_login: true - -# Nomad settings. -nomad_certificates: - - src: "{{ file_nomad_ca_pem }}" - dest: "{{ nomad_ca_file }}" - - src: "{{ file_nomad_server_pem }}" - dest: "{{ nomad_cert_file }}" - - src: "{{ file_nomad_server_key_pem }}" - dest: "{{ nomad_key_file }}" -nomad_datacenter: "yul1" -nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}" -nomad_node_role: "both" -nomad_node_class: "builder" -nomad_options: - driver.raw_exec.enable: 1 - docker.cleanup.image: true - docker.privileged.enabled: true - docker.volumes.enabled: true - driver.whitelist: "docker,raw_exec,exec" - fingerprint.network.disallow_link_local: true -nomad_service_mgr: "systemd" -nomad_retry_servers: - - "10.32.8.14" - - "10.32.8.15" - - "10.32.8.16" -nomad_servers: - - "10.32.8.14:4647" - - "10.32.8.15:4647" - - "10.32.8.16:4647" -nomad_volumes: - - name: "prod-volume-data1-1" - path: "/data" - read_only: false - -# Consul settigs. -consul_nomad_integration: true -consul_certificates: - - src: "{{ file_consul_ca_pem }}" - dest: "{{ consul_ca_file }}" - - src: "{{ file_consul_server_3_pem }}" - dest: "{{ consul_cert_file }}" - - src: "{{ file_consul_server_3_key_pem }}" - dest: "{{ consul_key_file }}" -consul_datacenter: "yul1" -consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" -consul_node_name: "{{ hostname }}" -consul_node_role: "both" -consul_retry_servers: - - "10.32.8.14" - - "10.32.8.15" - - "10.32.8.16" -consul_service_mgr: "systemd" - -# Docker daemon settings. -docker_daemon: - dns: ["172.17.0.1"] - dns-opts: [] - dns-search: ["{{ansible_hostname}}"] diff --git a/fdio.infra.ansible/inventories/lf_inventory/hosts b/fdio.infra.ansible/inventories/lf_inventory/hosts index 4a6b819e15..76261d70e3 100644 --- a/fdio.infra.ansible/inventories/lf_inventory/hosts +++ b/fdio.infra.ansible/inventories/lf_inventory/hosts @@ -61,17 +61,17 @@ all: 10.30.51.71: #s56-t14-sut1 - thunderx2 9980 nomad: hosts: - 10.30.51.22: #s42-nomad - haswell - 10.30.51.24: #s43-nomad - haswell - 10.30.51.25: #s44-nomad - haswell - 10.30.51.26: #s45-nomad - haswell - 10.30.51.28: #s41-nomad - haswell - 10.30.51.29: #s39-nomad - haswell - 10.30.51.30: #s40-nomad - haswell - 10.32.8.14: #s46-nomad - skylake - 10.32.8.15: #s47-nomad - skylake - 10.32.8.16: #s48-nomad - skylake - 10.32.8.17: #s57-nomad - skylake + 10.30.51.16: #s16-nomad - haswell + 10.30.51.17: #s17-nomad - haswell + 10.30.51.18: #s18-nomad - haswell + 10.30.51.19: #s19-nomad - haswell + 10.30.51.20: #s20-nomad - haswell + 10.30.51.21: #s21-nomad - haswell + 10.30.51.22: #s22-nomad - haswell + 10.30.51.23: #s23-nomad - skylake + 10.30.51.24: #s24-nomad - skylake + 10.30.51.25: #s25-nomad - skylake + 10.30.51.26: #s26-nomad - skylake 10.30.51.39: #s53-nomad - thunderx 88xx 10.30.51.40: #s54-nomad - thunderx 88xx 10.30.51.65: #s52-nomad - thunderx 88xx diff --git a/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2 b/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2 index 663ee3a549..f0ab223319 100644 --- a/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2 +++ b/fdio.infra.ansible/roles/nomad/templates/server.hcl.j2 @@ -4,6 +4,9 @@ server { {% if nomad_node_server | bool -%} bootstrap_expect = {{ nomad_bootstrap_expect }} {%- endif %} + {% if nomad_node_server | bool -%} + raft_protocol = 3 + {%- endif %} {% if nomad_authoritative_region is defined %} authoritative_region = "{{ nomad_authoritative_region }}" |