consul reparado

2023-10-06 12:05:33 +02:00 · 2023-10-06 12:05:33 +02:00 · cbacb2bffb
commit cbacb2bffb
parent fc16137698
7 changed files with 74 additions and 17 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@ -1,2 +1,3 @@
 [defaults]
 inventory = proxmox-inv
+host_key_checking = False
--- a/full.yml
+++ b/full.yml
@ -0,0 +1,9 @@
+- name: Instala Docker, Consul e Nomad
+  hosts: all
+  any_errors_fatal: true
+  become: true
+  become_user: root
+  roles:
+    - docker
+    - consul
+    - nomad
--- a/proxmox-inv/hosts
+++ b/proxmox-inv/hosts
@ -5,13 +5,17 @@ ansible_ssh_private_key_file=~/.ssh/alpine-cloud

 [admin]
 192.168.1.111 vm_name=hashi-1 vm_ip=192.168.1.111
+192.168.1.112 vm_name=hashi-2 vm_ip=192.168.1.112
+192.168.1.113 vm_name=hashi-3 vm_ip=192.168.1.113

 [client]
-192.168.1.112 vm_name=hashi-2 vm_ip=192.168.1.112
+192.168.1.114 vm_name=hashi-4 vm_ip=192.168.1.114

 [consul_node]
 192.168.1.111 consul_iface=eth0 consul_node_role=server vm_name=hashi-1 vm_ip=192.168.1.111
-192.168.1.112 consul_iface=eth0 consul_node_role=client vm_name=hashi-2 vm_ip=192.168.1.112
+192.168.1.112 consul_iface=eth0 consul_node_role=server vm_name=hashi-2 vm_ip=192.168.1.112
+192.168.1.113 consul_iface=eth0 consul_node_role=server vm_name=hashi-3 vm_ip=192.168.1.113
+192.168.1.114 consul_iface=eth0 consul_node_role=client vm_name=hashi-4 vm_ip=192.168.1.114

 [consul_node:vars]
 consul_dc_name=tr4ck
@ -19,3 +23,5 @@ consul_dc_name=tr4ck
 [nomad_node]
 192.168.1.111 vm_name=hashi-1 vm_ip=192.168.1.111
 192.168.1.112 vm_name=hashi-2 vm_ip=192.168.1.112
+192.168.1.113 vm_name=hashi-3 vm_ip=192.168.1.113
+192.168.1.114 vm_name=hashi-4 vm_ip=192.168.1.114
--- a/roles/consul/tasks/setup_consul_config.yml
+++ b/roles/consul/tasks/setup_consul_config.yml
@ -1,4 +1,9 @@
 ---
+- name: clean consul alpine distribution config
+  file:
+    state: absent
+    path: /etc/consul/server.json
+
 - name: get the encrypt_key
  ansible.builtin.command:
    cmd: cat /etc/consul/gossip.key
--- a/roles/consul/templates/consul.json.j2
+++ b/roles/consul/templates/consul.json.j2
@ -3,12 +3,6 @@
  "node_name": "{{ vm_name }}",
  "data_dir": "/opt/consul",
  "encrypt": "{{ gossip.stdout }}",
-  "ca_file": "/etc/consul/consul-agent-ca.pem",
-  "cert_file": "/etc/consul/{{ consul_dc_name }}-server-consul-0.pem",
-  "key_file": "/etc/consul/{{ consul_dc_name }}-server-consul-0-key.pem",
-  "verify_incoming": false,
-  "verify_outgoing": true,
-  "verify_server_hostname": false,
  "bind_addr": "{{ vm_ip }}",
  "addresses": {
    "https": "{{ vm_ip }}",
@ -17,15 +11,16 @@
    "grpc": "{{ vm_ip }}"
  },
  "ports": {
-    "grpc_tls": 8502
+    "grpc": 8502
  },
  {% if 'server' in consul_node_role %}
  "server": true,
-  {% if consul_bootstrap_node is defined %}
-  "bootstrap": true,
+  "bootstrap_expect":3,
+  {% else %}
+  "bootstrap_expect":0,
  {% endif %}
-  {% endif %}
-  "retry_join": [{% for host in groups['consul_node'] %}"{{ hostvars[host]['vm_ip'] }}"{% if not loop.last %},{% endif %}{% endfor %}],
+
+  "retry_join": [{% for host in groups['admin'] %}"{{ hostvars[host]['vm_ip'] }}"{% if not loop.last %},{% endif %}{% endfor %}],
  "ui_config": {
    "enabled": true
  },
--- a/roles/consul/templates/consul.json.j2.backup
+++ b/roles/consul/templates/consul.json.j2.backup
@ -0,0 +1,35 @@
+{
+  "datacenter": "{{ consul_dc_name }}",
+  "node_name": "{{ vm_name }}",
+  "data_dir": "/opt/consul",
+  "encrypt": "{{ gossip.stdout }}",
+  "ca_file": "/etc/consul/consul-agent-ca.pem",
+  "cert_file": "/etc/consul/{{ consul_dc_name }}-server-consul-0.pem",
+  "key_file": "/etc/consul/{{ consul_dc_name }}-server-consul-0-key.pem",
+  "verify_incoming": false,
+  "verify_outgoing": true,
+  "verify_server_hostname": false,
+  "bind_addr": "{{ vm_ip }}",
+  "addresses": {
+    "https": "{{ vm_ip }}",
+    "http": "{{ vm_ip }}",
+    "dns": "{{ vm_ip }}",
+    "grpc": "{{ vm_ip }}"
+  },
+  "ports": {
+    "grpc_tls": 8502
+  },
+  {% if 'server' in consul_node_role %}
+  "server": true,
+  {% if consul_bootstrap_node is defined %}
+  "bootstrap": true,
+  {% endif %}
+  {% endif %}
+  "retry_join": [{% for host in groups['consul_node'] %}"{{ hostvars[host]['vm_ip'] }}"{% if not loop.last %},{% endif %}{% endfor %}],
+  "ui_config": {
+    "enabled": true
+  },
+  "connect": {
+    "enabled": true
+  }
+}
--- a/roles/nomad/templates/nomad.hcl.j2
+++ b/roles/nomad/templates/nomad.hcl.j2
@ -1,15 +1,21 @@
 datacenter = "{{ nomad_datacenter }}"
-data_dir = "{{ nomad_data_dir }}"
-bind_addr = "0.0.0.0"
 name = "{{ vm_name }}"
+data_dir = "{{ nomad_data_dir }}"
+
+bind_addr = "0.0.0.0"
+advertise {
+  http = "{{ vm_ip }}"
+  rpc  = "{{ vm_ip }}"
+  serf = "{{ vm_ip }}"
+}

 {% if 'admin' in group_names %}
 server {
  enabled = true
-  bootstrap_expect = 1
+  bootstrap_expect = 3

  # uncoment retry_join if bootstrap_expect > 1
-  # retry_join = [{% for host in groups['admin'] %}"{{ hostvars[host]['vm_ip'] }}"{% if not loop.last %},{% endif %}{% endfor %}]
+  retry_join = [{% for host in groups['admin'] %}"{{ hostvars[host]['vm_ip'] }}"{% if not loop.last %},{% endif %}{% endfor %}]
 }
 {% endif %}