aboutsummaryrefslogtreecommitdiffstats
path: root/resources/tools/testbed-setup/ansible/roles
diff options
context:
space:
mode:
authorpmikus <pmikus@cisco.com>2020-05-22 14:46:43 +0000
committerPeter Mikus <pmikus@cisco.com>2020-05-22 14:52:10 +0000
commit216073ac4b05619d9e9fc73131075597196af753 (patch)
tree3d5976c760a434c346575be598a1362a1a0f664e /resources/tools/testbed-setup/ansible/roles
parentae80dfa4c98049d96163b6ad3d67221a7851ba4b (diff)
Infra: Ansible Nomad II
Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: Iaa5c02d14223b578c316f48e31a0b3613303eecf
Diffstat (limited to 'resources/tools/testbed-setup/ansible/roles')
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml22
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/tasks/main.yaml14
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/templates/base.hcl.j213
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j22
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j23
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/templates/server.hcl.j216
-rw-r--r--resources/tools/testbed-setup/ansible/roles/nomad/templates/tls.hcl.j212
-rw-r--r--resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml1
8 files changed, 47 insertions, 36 deletions
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml b/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml
index ad8b36ee66..0efbc6af5a 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml
@@ -64,7 +64,7 @@ nomad_name: "{{ inventory_hostname }}"
nomad_region: "global"
nomad_syslog_enable: true
-# Conf - base.hcl (TLS)
+# Conf - tls.hcl
nomad_ca_file: "{{ nomad_ssl_dir }}/ca.pem"
nomad_cert_file: "{{ nomad_ssl_dir }}/nomad.pem"
nomad_http: false
@@ -84,20 +84,10 @@ nomad_no_host_uuid: true
nomad_options: {}
nomad_servers: []
+# Conf - server.hcl
+nomad_bootstrap_expect: 2
+nomad_encrypt: ""
+nomad_retry_join: true
+
# Conf - custom.hcl
# empty
-
-# Conf - server.hcl
-#nomad_retry_max: 0
-#nomad_retry_join: false
-#nomad_retry_interval: "30s"
-#nomad_rejoin_after_leave: false
-#nomad_enabled_schedulers:
-# - service
-# - batch
-# - system
-#nomad_num_schedulers: "{{ ansible_processor_vcpus }}"
-#nomad_node_gc_threshold: "24h"
-#nomad_job_gc_threshold: "4h"
-#nomad_eval_gc_threshold: "1h"
-#nomad_encrypt: ""
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/nomad/tasks/main.yaml
index 9093afd08e..fa95d645fd 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/tasks/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/tasks/main.yaml
@@ -127,6 +127,16 @@
tags:
- nomad-conf
+- name: Conf - TLS Configuration
+ template:
+ src: tls.hcl.j2
+ dest: "{{ nomad_config_dir }}/tls.hcl"
+ owner: "{{ nomad_user }}"
+ group: "{{ nomad_group }}"
+ mode: 0644
+ tags:
+ - nomad-conf
+
- name: Conf - Custom Configuration
template:
src: custom.json.j2
@@ -158,7 +168,7 @@
owner: "root"
group: "root"
mode: 0644
- notify:
- - "Restart Nomad"
+# notify:
+# - "Restart Nomad"
tags:
- nomad-conf
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/base.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/base.hcl.j2
index 0e2b60c6d4..7badecf9e0 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/base.hcl.j2
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/base.hcl.j2
@@ -9,16 +9,3 @@ enable_syslog = {{ nomad_syslog_enable | bool | lower }}
enable_debug = {{ nomad_enable_debug | bool | lower }}
disable_update_check = {{ nomad_disable_update_check | bool | lower }}
log_level = "{{ nomad_log_level }}"
-
-{% if ( nomad_ca_file ) and
- ( nomad_cert_file ) and
- ( nomad_key_file )
-%}
-tls {
- http = {{ nomad_http | bool | lower }}
- rpc = {{ nomad_rpc | bool | lower }}
- ca_file = "{{ nomad_ca_file }}"
- cert_file = "{{ nomad_cert_file }}"
- key_file = "{{ nomad_key_file }}"
-}
-{% endif %}
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2
index 91fd1c947f..c097d214a5 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2
@@ -4,7 +4,7 @@ client {
node_class = "{{ nomad_node_class }}"
{% if nomad_servers -%}
- servers = [ {{ nomad_servers }} ]
+ servers = [ {% for ip_port in nomad_servers -%} "{{ ip_port }}" {% if not loop.last %},{% endif %}{%- endfor -%} ]
{% endif %}
{% if nomad_options -%}
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2
index d0beed24b8..7652983417 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2
@@ -1,5 +1,6 @@
[Unit]
-Description=nomad agent
+Description=Nomad Service
+Documentation=https://www.nomadproject.io/docs/index.html
Wants=network.target
After=nomad.service
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/server.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/server.hcl.j2
index c28a43c5d2..b581de9ad0 100644
--- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/server.hcl.j2
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/server.hcl.j2
@@ -1,4 +1,16 @@
server {
- enabled = false
- encrypt = "Y4T+5JGx1C3l2NFBBvkTWQ=="
+ enabled = {{ nomad_node_server | bool | lower }}
+
+ {% if nomad_node_server | bool -%}
+ bootstrap_expect = {{ nomad_bootstrap_expect }}
+ {%- endif %}
+
+ encrypt = "{{ nomad_encrypt }}"
+
+ {% if nomad_retry_join | bool -%}
+ server_join {
+ retry_join = [ {% for ip_port in nomad_retry_servers -%} "{{ ip_port }}" {% if not loop.last %},{% endif %}{%- endfor -%} ]
+ }
+ {%- endif %}
+
}
diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/tls.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/tls.hcl.j2
new file mode 100644
index 0000000000..650765f1b1
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/tls.hcl.j2
@@ -0,0 +1,12 @@
+{% if ( nomad_ca_file ) and
+ ( nomad_cert_file ) and
+ ( nomad_key_file )
+%}
+tls {
+ http = {{ nomad_http | bool | lower }}
+ rpc = {{ nomad_rpc | bool | lower }}
+ ca_file = "{{ nomad_ca_file }}"
+ cert_file = "{{ nomad_cert_file }}"
+ key_file = "{{ nomad_key_file }}"
+}
+{% endif %}
diff --git a/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
index 8323284261..f980aff84d 100644
--- a/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
@@ -6,7 +6,6 @@
append: "{{ item.append | default(omit) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
- group: "{{ item.group | default(item.username) }}"
groups: "{{ item.groups | join(',') if 'groups' in item else '' }}"
name: "{{ item.username }}"
password: "{{ item.password if item.password is defined else '!' }}"