diff options
author | pmikus <pmikus@cisco.com> | 2020-11-23 13:56:20 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2020-11-26 09:49:52 +0000 |
commit | 37337e09e81af58459d8029b00ca50d0f8d5897a (patch) | |
tree | 170bdebd379af1b1f3cdfc086c073dde8d81951a /resources/tools/testbed-setup/ansible | |
parent | 610e96a2afae5c8e58bee00d05c45d57d7bb6021 (diff) |
Ansible: Hashicorp Consul
Signed-off-by: pmikus <pmikus@cisco.com>
Change-Id: I56987d744d9143a95954d85f2557cda07220c681
Diffstat (limited to 'resources/tools/testbed-setup/ansible')
35 files changed, 887 insertions, 3 deletions
diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml index 34e03fec7b..be55243199 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.28.yaml @@ -36,3 +36,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" fingerprint.network.disallow_link_local: true nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml index 53eea0d12d..18e657f34e 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.29.yaml @@ -35,3 +35,24 @@ nomad_options: docker.privileged.enabled: true driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml index 5b8133ef84..d4e81be8ba 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.30.yaml @@ -38,3 +38,23 @@ nomad_options: fingerprint.network.disallow_link_local: true nomad_retry_servers: [ "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.32.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.32.yaml index fe5c37935e..4cc25c4680 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.32.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.32.yaml @@ -37,3 +37,23 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_retry_servers: [ "10.30.51.33", "10.30.51.30" ] nomad_servers: [ "10.30.51.32:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.33.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.33.yaml index ef8ced7262..af9d3e7855 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.33.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.33.yaml @@ -37,3 +37,23 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_retry_servers: [ "10.30.51.32", "10.30.51.30" ] nomad_servers: [ "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.34.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.34.yaml index d0afca9164..accaaa5de3 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.34.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.34.yaml @@ -37,3 +37,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_retry_servers: [ "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.35.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.35.yaml index 75980daf86..269c2be0c4 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.35.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.35.yaml @@ -37,3 +37,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_retry_servers: [ "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v2_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v2_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v2_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.39.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.39.yaml index 41b3ed2238..3e5a524dbf 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.39.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.39.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.40.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.40.yaml index a91ed66a33..fe8079bec8 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.40.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.40.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.50.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.50.yaml index 20dc7a5880..b8ff3db983 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.50.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.50.yaml @@ -8,6 +8,19 @@ grub: inventory_ipmi_hostname: "10.30.50.47" cpu_microarchitecture: "skylake" +# User management. +users: + - username: localadmin + groups: [adm, sudo] + password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" + - username: testuser + groups: [adm, sudo] + password: "$6$zpBUdQ4q$P2zKclumvCndWujgP/qQ8eMk3YZk7ESAom04Fqp26hJH2jWkMXEX..jqxzMdDLJKiDaDHIaSkQMVjHzd3cRLs1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" + # Nomad settings. nomad_certificates: - src: "{{ vault_nomad_v1_ca_file }}" @@ -27,3 +40,24 @@ nomad_options: docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.51.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.51.yaml index f518fa5704..15395cc487 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.51.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.51.yaml @@ -8,6 +8,19 @@ grub: inventory_ipmi_hostname: "10.30.50.48" cpu_microarchitecture: "skylake" +# User management. +users: + - username: localadmin + groups: [adm, sudo] + password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" + - username: testuser + groups: [adm, sudo] + password: "$6$zpBUdQ4q$P2zKclumvCndWujgP/qQ8eMk3YZk7ESAom04Fqp26hJH2jWkMXEX..jqxzMdDLJKiDaDHIaSkQMVjHzd3cRLs1" + ssh_key: + - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com" + # Nomad settings. nomad_certificates: - src: "{{ vault_nomad_v1_ca_file }}" @@ -27,3 +40,24 @@ nomad_options: docker.volumes.enabled: true driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.65.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.65.yaml index 30a8bc0525..bbceed229b 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.65.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.65.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.66.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.66.yaml index 3bb4c32a41..da9c918272 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.66.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.66.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.67.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.67.yaml index b65abe4638..a36c1151e0 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.67.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.67.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.68.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.68.yaml index a5410850a3..88f0026f41 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.68.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.68.yaml @@ -39,3 +39,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml index b7d2d15cf8..a9953f549b 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml @@ -44,3 +44,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml index a6cc611d73..6f2ca4aee8 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml @@ -44,3 +44,24 @@ nomad_options: driver.whitelist: "docker,raw_exec,exec" nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] nomad_cpu_total_compute: "40000" + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v1_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v1_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v1_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "client" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15" + - "10.30.51.16"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml index 3f426b79ec..4c912e685f 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.14.yaml @@ -38,3 +38,32 @@ nomad_options: fingerprint.network.disallow_link_local: true nomad_retry_servers: [ "10.30.51.30", "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] +nomad_volumes: + - name: "prod-volume-data1-1" + path: "/data" + read_only: false + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v3_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v3_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v3_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.15" + - "10.30.51.16" +consul_services: + - name: "storage1" + port: 9000 + - name: "nginx1" + port: 443
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml index e91dcda023..79650198d1 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.15.yaml @@ -38,3 +38,32 @@ nomad_options: fingerprint.network.disallow_link_local: true nomad_retry_servers: [ "10.30.51.30", "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647" ] +nomad_volumes: + - name: "prod-volume-data2-1" + path: "/data" + read_only: false + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v3_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v3_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v3_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.16" +consul_services: + - name: "storage2" + port: 9000 + - name: "nginx2" + port: 443
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml index d7aac45a66..906fa82fbb 100644 --- a/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml +++ b/resources/tools/testbed-setup/ansible/inventories/lf_inventory/host_vars/10.32.8.16.yaml @@ -38,3 +38,23 @@ nomad_options: fingerprint.network.disallow_link_local: true nomad_retry_servers: [ "10.30.51.30", "10.30.51.32", "10.30.51.33" ] nomad_servers: [ "10.30.51.32:4647", "10.30.51.33:4647", "10.30.51.30:4647" ] + +# Consul settigs. +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_nomad_v3_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_nomad_v3_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_nomad_v3_key_file }}" + dest: "{{ consul_key_file }}" +consul_datacenter: "yul1" +consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ==" +consul_node_name: "{{ hostname }}" +consul_node_role: "both" +consul_retry_servers: + - "10.30.51.30" + - "10.30.51.32" + - "10.30.51.33" + - "10.30.51.14" + - "10.30.51.15"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/nomad.yaml b/resources/tools/testbed-setup/ansible/nomad.yaml index b09245cfdb..653215651a 100644 --- a/resources/tools/testbed-setup/ansible/nomad.yaml +++ b/resources/tools/testbed-setup/ansible/nomad.yaml @@ -8,7 +8,11 @@ roles: - role: user_add tags: user_add + - role: baremetal + tags: baremetal - role: docker tags: docker - role: nomad tags: nomad + - role: consul + tags: consul
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/defaults/main.yaml b/resources/tools/testbed-setup/ansible/roles/consul/defaults/main.yaml new file mode 100644 index 0000000000..4825afab35 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/defaults/main.yaml @@ -0,0 +1,114 @@ +--- +# file: roles/consul/defaults/main.yaml + +# Inst - Prerequisites. +packages: "{{ packages_base + packages_by_distro[ansible_distribution | lower] + packages_by_arch[ansible_machine] }}" + +packages_base: + - "cgroup-bin" + - "curl" + - "git" + - "libcgroup1" + - "unzip" + - "htop" +packages_by_distro: + ubuntu: + - [] +packages_by_arch: + aarch64: + - [] + x86_64: + - [] + +# Inst - Download Consul. +consul_architecture_map: + amd64: "amd64" + x86_64: "amd64" + armv7l: "arm" + aarch64: "arm64" + 32-bit: "386" + 64-bit: "amd64" +consul_architecture: "{{ consul_architecture_map[ansible_architecture] }}" +consul_version: "1.8.6" +consul_pkg: "consul_{{ consul_version }}_linux_{{ consul_architecture }}.zip" +consul_zip_url: "https://releases.hashicorp.com/consul/{{ consul_version }}/{{ consul_pkg }}" + +# Inst - System paths. +consul_bin_dir: "/usr/local/bin" +consul_config_dir: "/etc/consul.d" +consul_data_dir: "/var/consul" +consul_inst_dir: "/opt" +consul_lockfile: "/var/lock/subsys/consul" +consul_run_dir: "/var/run/consul" +consul_ssl_dir: "/etc/consul.d/ssl" +nomad_config_dir: "/etc/nomad.d" + +# Conf - Service. +consul_node_role: "both" +consul_restart_handler_state: "restarted" +nomad_restart_handler_state: "restarted" +systemd_resolved_state: "stopped" + +# Conf - User and group. +consul_group: "consul" +consul_group_state: "present" +consul_manage_group: true +consul_manage_user: true +consul_user: "consul" +consul_user_groups: [ docker, nomad, consul, root ] +consul_user_state: "present" + +# Conf - nomad.d/consul.hcl +consul_nomad_integration: true +consul_certificates: + - src: "{{ vault_consul_ca_file }}" + dest: "{{ consul_ca_file }}" + - src: "{{ vault_consul_cert_file }}" + dest: "{{ consul_cert_file }}" + - src: "{{ vault_consul_key_file }}" + dest: "{{ consul_key_file }}" + +consul_address: "127.0.0.1:8500" +consul_auth: "" +consul_auto_advertise: true +consul_checks_use_advertise: false +consul_server_service_name: "nomad" +consul_client_service_name: "nomad-client" +consul_server_auto_join: false +consul_client_auto_join: false +consul_ssl: true +consul_verify_ssl: true +consul_ACL_token_set: false +consul_token: "consul_token_default" + +# Conf - base.hcl +consul_bind_addr: "{{ ansible_default_ipv4.address }}" +consul_client_addr: "0.0.0.0" +consul_datacenter: "dc1" +consul_disable_update_check: true +consul_enable_debug: false +consul_enable_syslog: true +consul_log_level: "INFO" +consul_node_name: "{{ inventory_hostname }}" +consul_retry_join: true +consul_bootstrap_expect: 2 +consul_encrypt: "" +consul_ca_file: "{{ consul_ssl_dir }}/ca.pem" +consul_cert_file: "{{ consul_ssl_dir }}/consul.pem" +consul_key_file: "{{ consul_ssl_dir }}/consul-key.pem" +consul_ui: true +consul_recursors: + - 1.1.1.1 + - 8.8.8.8 + +# Conf - ports.hcl +consul_port_dns: 53 +consul_port_http: 8500 +consul_port_https: 8501 +consul_port_grpc: 8502 +consul_port_serf_lan: 8301 +consul_port_serf_wan: 8302 +consul_port_server: 8300 + +# Conf - services.json +consul_services: false
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/consul/handlers/main.yaml new file mode 100644 index 0000000000..338baea74e --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/handlers/main.yaml @@ -0,0 +1,23 @@ +--- +# file roles/consul/handlers/main.yaml + +- name: Restart Nomad + systemd: + daemon_reload: true + enabled: true + name: "nomad" + state: "{{ nomad_restart_handler_state }}" + +- name: Restart Consul + systemd: + daemon_reload: true + enabled: true + name: "consul" + state: "{{ consul_restart_handler_state }}" + +- name: Stop Systemd-resolved + systemd: + daemon_reload: true + enabled: false + name: "systemd-resolved" + state: "{{ systemd_resolved_state }}"
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/meta/main.yaml b/resources/tools/testbed-setup/ansible/roles/consul/meta/main.yaml new file mode 100644 index 0000000000..4ada8efad6 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/meta/main.yaml @@ -0,0 +1,9 @@ +--- +# file: roles/consul/meta/main.yaml + +# desc: Install consul from stable branch and configure service. +# inst: Consul +# conf: ? +# info: 1.0 - added role + +dependencies: [ ] diff --git a/resources/tools/testbed-setup/ansible/roles/consul/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/consul/tasks/main.yaml new file mode 100644 index 0000000000..c40fab79e3 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/tasks/main.yaml @@ -0,0 +1,164 @@ +--- +# file: roles/consul/tasks/main.yaml + +- name: Inst - Prerequisites + package: + name: "{{ packages | flatten(levels=1) }}" + state: latest + update_cache: true + tags: + - consul-inst-prerequisites + +- name: Conf - Add Consul Group + group: + name: "{{ consul_group }}" + state: "{{ consul_group_state }}" + when: + - consul_manage_group | bool + tags: + - consul-conf-user + +- name: Conf - Add Consul user + user: + name: "{{ consul_user }}" + group: "{{ consul_group }}" + groups: "{{ consul_user_groups }}" + state: "{{ consul_user_state }}" + system: true + when: + - consul_manage_user | bool + tags: + - consul-conf-user + +- name: Inst - Clean Consul + file: + path: "{{ consul_inst_dir }}/consul" + state: "absent" + tags: + - consul-inst-package + +- name: Inst - Download Consul + get_url: + url: "{{ consul_zip_url }}" + dest: "{{ consul_inst_dir }}/{{ consul_pkg }}" + tags: + - consul-inst-package + +- name: Inst - Unarchive Consul + unarchive: + src: "{{ consul_inst_dir }}/{{ consul_pkg }}" + dest: "{{ consul_inst_dir }}/" + creates: "{{ consul_inst_dir }}/consul" + remote_src: true + tags: + - consul-inst-package + +- name: Inst - Consul + copy: + src: "{{ consul_inst_dir }}/consul" + dest: "{{ consul_bin_dir }}" + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + force: true + mode: 0755 + remote_src: true + tags: + - consul-inst-package + +- name: Conf - Create Directories "{{ consul_data_dir }}" + file: + dest: "{{ consul_data_dir }}" + state: directory + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + tags: + - consul-conf + +- name: Conf - Create Directories "{{ consul_ssl_dir }}" + file: + dest: "{{ consul_ssl_dir }}" + state: directory + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + tags: + - consul-conf + +- name: Conf - Create Config Directory + file: + dest: "{{ consul_config_dir }}" + state: directory + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + mode: 0755 + tags: + - consul-conf + +- name: Conf - Nomad integration Consul Configuration + template: + src: consul.hcl.j2 + dest: "{{ nomad_config_dir }}/consul.hcl" + owner: "nomad" + group: "nomad" + mode: 0644 + when: + - consul_nomad_integration | bool + tags: + - consul-conf + +- name: Conf - Base Configuration + template: + src: base.hcl.j2 + dest: "{{ consul_config_dir }}/base.hcl" + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + mode: 0644 + tags: + - consul-conf + +- name: Conf - Ports Configuration + template: + src: ports.hcl.j2 + dest: "{{ consul_config_dir }}/ports.hcl" + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + mode: 0644 + tags: + - consul-conf + +- name: Conf - Services Configuration + template: + src: services.json.j2 + dest: "{{ consul_config_dir }}/services.json" + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + mode: 0644 + when: + - consul_services + tags: + - consul-conf + +- name: Conf - Copy Certificates And Keys + copy: + content: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ consul_user }}" + group: "{{ consul_group }}" + mode: 0600 + no_log: true + loop: "{{ consul_certificates | flatten(levels=1) }}" + tags: + - consul-conf + +- name: Conf - System.d Script + template: + src: "consul_systemd.service.j2" + dest: "/lib/systemd/system/consul.service" + owner: "root" + group: "root" + mode: 0644 + notify: + - "Restart Consul" + - "Stop Systemd-resolved" +# - "Restart Nomad" + tags: + - consul-conf diff --git a/resources/tools/testbed-setup/ansible/roles/consul/templates/base.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/consul/templates/base.hcl.j2 new file mode 100644 index 0000000000..11743fa420 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/templates/base.hcl.j2 @@ -0,0 +1,30 @@ +node_name = "{{ consul_node_name }}" +datacenter = "{{ consul_datacenter }}" + +bind_addr = "{{ consul_bind_addr }}" +client_addr = "{{ consul_client_addr }}" +data_dir = "{{ consul_data_dir }}" + +enable_syslog = {{ consul_enable_syslog | bool | lower }} +enable_debug = {{ consul_enable_debug | bool | lower }} +disable_update_check = {{ consul_disable_update_check | bool | lower }} +log_level = "{{ consul_log_level }}" + +server = {{ consul_node_server | bool | lower }} +encrypt = "{{ consul_encrypt }}" +{% if consul_node_server | bool == True %} +bootstrap_expect = {{ consul_bootstrap_expect }} +{% endif %} +{% if consul_retry_join | bool -%} +retry_join = [ {% for ip_port in consul_retry_servers -%} "{{ ip_port }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ] +{%- endif %} + +ui = {{ consul_ui | bool | lower }} + +ca_file = "{{ consul_ca_file }}" +cert_file = "{{ consul_cert_file }}" +key_file = "{{ consul_key_file }}" + +{% if consul_recursors -%} +recursors = [ {% for server in consul_recursors -%} "{{ server }}"{% if not loop.last %}, {% endif %}{%- endfor -%} ] +{%- endif %}
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/templates/consul.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/consul/templates/consul.hcl.j2 new file mode 100644 index 0000000000..6bd235f28d --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/templates/consul.hcl.j2 @@ -0,0 +1,20 @@ +consul { + address = "{{ consul_address }}" + auth = "{{ consul_auth }}" + auto_advertise = {{ consul_auto_advertise | bool | lower }} + ca_file = "{{ consul_ca_file }}" + cert_file = "{{ consul_cert_file }}" + checks_use_advertise = {{ consul_checks_use_advertise | bool | lower }} + client_auto_join = {{ consul_client_auto_join | bool | lower }} + client_service_name = "{{ consul_client_service_name }}" + key_file = "{{ consul_key_file }}" + server_service_name = "{{ consul_server_service_name }}" + server_auto_join = {{ consul_server_auto_join | bool | lower }} + ssl = {{ consul_ssl | bool | lower }} + verify_ssl = {{ consul_verify_ssl | bool | lower }} + +{% if consul_ACL_token_set == True %} + token = "{{ consul_token }}" +{% endif %} + +}
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/templates/consul_systemd.service.j2 b/resources/tools/testbed-setup/ansible/roles/consul/templates/consul_systemd.service.j2 new file mode 100644 index 0000000000..8e1ef1310d --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/templates/consul_systemd.service.j2 @@ -0,0 +1,21 @@ +[Unit] +Description=Consul Service +Documentation=https://www.nomadproject.io/docs/ +Wants=network-online.target +After=network-online.target + +[Service] +# TODO: Decrease privilege +ExecReload=/bin/kill -SIGHUP $MAINPID +ExecStart={{ consul_bin_dir }}/consul agent -config-dir {{ consul_config_dir }} +KillSignal=SIGTERM +LimitNOFILE=infinity +LimitNPROC=infinity +Restart=on-failure +RestartSec=1 +User=root +Group=root +Environment="GOMAXPROCS=2" + +[Install] +WantedBy=multi-user.target diff --git a/resources/tools/testbed-setup/ansible/roles/consul/templates/ports.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/consul/templates/ports.hcl.j2 new file mode 100644 index 0000000000..a658060ce8 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/templates/ports.hcl.j2 @@ -0,0 +1,9 @@ +ports { + dns = {{ consul_port_dns }} + http = {{ consul_port_http }} + https = {{ consul_port_https }} + grpc = {{ consul_port_grpc }} + serf_lan = {{ consul_port_serf_lan }} + serf_wan = {{ consul_port_serf_wan }} + server = {{ consul_port_server }} +}
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/templates/services.json.j2 b/resources/tools/testbed-setup/ansible/roles/consul/templates/services.json.j2 new file mode 100644 index 0000000000..3245ba92a4 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/templates/services.json.j2 @@ -0,0 +1,13 @@ +{ + "services": [ +{% for item in consul_services %} + { + "name": "{{ item.name }}", + "port": {{ item.port }} + } +{%- if not loop.last %}, +{% endif %} +{% endfor %} + + ] +}
\ No newline at end of file diff --git a/resources/tools/testbed-setup/ansible/roles/consul/vars/main.yaml b/resources/tools/testbed-setup/ansible/roles/consul/vars/main.yaml new file mode 100644 index 0000000000..b46333a7a7 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/consul/vars/main.yaml @@ -0,0 +1,5 @@ +--- +# file: roles/consul/vars/main.yaml + +consul_node_client: "{{ (consul_node_role == 'client') or (consul_node_role == 'both') }}" +consul_node_server: "{{ (consul_node_role == 'server') or (consul_node_role == 'both') }}" diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml b/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml index f88e882fce..864890c11e 100644 --- a/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/nomad/defaults/main.yaml @@ -84,6 +84,7 @@ nomad_node_class: "" nomad_no_host_uuid: true nomad_options: {} nomad_servers: [] +nomad_volumes: [] # Conf - server.hcl nomad_bootstrap_expect: 2 diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2 index f15616144f..f245697a22 100644 --- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2 +++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/client.hcl.j2 @@ -19,4 +19,13 @@ client { } {% endif %} + {% if nomad_volumes -%} + {% for volume in nomad_volumes -%} + host_volume "{{ volume.name }}" { + path = "{{ volume.path }}" + read_only = {{ volume.read_only | bool | lower }} + } + {% endfor -%} + {% endif %} + } diff --git a/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2 b/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2 index efe2e30bd6..2a87c65063 100644 --- a/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2 +++ b/resources/tools/testbed-setup/ansible/roles/nomad/templates/nomad_systemd.service.j2 @@ -6,7 +6,7 @@ After=network-online.target [Service] # TODO: Decrease privilege -ExecReload=/bin/kill -SIGKILL $MAINPID +ExecReload=/bin/kill -SIGHUP $MAINPID ExecStart={{ nomad_bin_dir }}/nomad agent -config={{ nomad_config_dir }} KillSignal=SIGTERM LimitNOFILE=infinity diff --git a/resources/tools/testbed-setup/ansible/vpp_device.yaml b/resources/tools/testbed-setup/ansible/vpp_device.yaml index aae5ad3039..363d1b190a 100644 --- a/resources/tools/testbed-setup/ansible/vpp_device.yaml +++ b/resources/tools/testbed-setup/ansible/vpp_device.yaml @@ -6,19 +6,23 @@ become: yes become_user: root roles: + - role: user_add + tags: user_add - role: baremetal tags: baremetal - role: common tags: common - role: docker tags: docker + - role: nomad + tags: nomad + - role: consul + tags: consul - role: vpp_device tags: vpp_device - role: kernel_vm tags: kernel_vm - role: csit_sut_image tags: csit_sut_image - - role: nomad - tags: nomad - role: cleanup tags: cleanup |