Make things work on cluster devx.adnab.me

This commit is contained in:
Alex 2020-07-01 15:36:22 +02:00
parent 65af077d5a
commit 24118ab426
5 changed files with 71 additions and 20 deletions

View file

@ -1,6 +1,6 @@
[cluster_nodes] [cluster_nodes]
#ubuntu1 ansible_host=192.168.42.10 #ubuntu1 ansible_host=192.168.42.10
debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair interface=enp1s0
debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair interface=enp1s0
debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair interface=enp1s0
ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne interface=eth0

View file

@ -1,7 +1,11 @@
- name: "Set nomad version" - name: "Set Nomad version"
set_fact: set_fact:
nomad_version: 0.12.0-beta2 nomad_version: 0.12.0-beta2
- name: "Set CNI version"
set_fact:
cni_plugins_version: 0.8.6
- name: "Download and install Nomad for x86_64" - name: "Download and install Nomad for x86_64"
unarchive: unarchive:
src: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip" src: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip"
@ -10,6 +14,19 @@
when: when:
- "ansible_architecture == 'x86_64'" - "ansible_architecture == 'x86_64'"
- name: "Create /opt/cni/bin"
file: path=/opt/cni/bin state=directory
- name: "Download and install CNI plugins for x86_64"
unarchive:
src: "https://github.com/containernetworking/plugins/releases/download/v{{ cni_plugins_version }}/cni-plugins-linux-amd64-v{{ cni_plugins_version }}.tgz"
dest: /opt/cni/bin
remote_src: yes
when:
- "ansible_architecture == 'x86_64'"
notify:
- restart nomad
- name: "Create Nomad configuration directory" - name: "Create Nomad configuration directory"
file: path=/etc/nomad/ state=directory file: path=/etc/nomad/ state=directory

View file

@ -31,6 +31,16 @@ client {
docker.privileged.enabled = "true" docker.privileged.enabled = "true"
docker.volumes.enabled = "true" docker.volumes.enabled = "true"
} }
#network_interface = "wgdeuxfleurs"
network_interface = "wgdeuxfleurs"
host_network "default" {
#cidr = "{{ vpn_ip }}/24"
interface = "wgdeuxfleurs"
}
host_network "public" {
#cidr = "{{ public_ip }}/32"
interface = "{{ interface }}"
}
} }

View file

@ -59,7 +59,7 @@ job "garage" {
"garage_api", "garage_api",
"traefik.enable=true", "traefik.enable=true",
"traefik.frontend.entryPoints=https,http", "traefik.frontend.entryPoints=https,http",
"traefik.frontend.rule=Host:garage.deuxfleurs.fr" "traefik.frontend.rule=Host:garage.deuxfleurs.fr,garage.devx.adnab.me"
] ]
port = "api_port" port = "api_port"
address_mode = "host" address_mode = "host"

View file

@ -9,6 +9,7 @@ job "frontend" {
config { config {
image = "amd64/traefik:1.7.20" image = "amd64/traefik:1.7.20"
readonly_rootfs = true readonly_rootfs = true
network_mode = "host"
port_map { port_map {
https_port = 443 https_port = 443
http_port = 80 http_port = 80
@ -24,9 +25,11 @@ job "frontend" {
network { network {
port "https_port" { port "https_port" {
static = "443" static = "443"
host_network = "public"
} }
port "http_port" { port "http_port" {
static = "80" static = "80"
host_network = "public"
} }
port "adm_port" { port "adm_port" {
static = "8082" static = "8082"
@ -34,20 +37,23 @@ job "frontend" {
} }
} }
template {
data = "{{ key \"configuration/traefik/traefik.toml\" }}"
destination = "secrets/traefik.toml"
}
service { service {
tags = [ tags = [
"https", "http",
"frontend", "frontend",
"(diplonat (tcp_port 80 443))" "(diplonat (tcp_port 80))"
] ]
port = "https_port" port = "http_port"
address_mode = "host" name = "traefik-http"
name = "traefik"
check { check {
type = "http" type = "tcp"
protocol = "http" port = "http_port"
port = "adm_port"
path = "/ping"
interval = "60s" interval = "60s"
timeout = "5s" timeout = "5s"
check_restart { check_restart {
@ -58,9 +64,27 @@ job "frontend" {
} }
} }
template { service {
data = "{{ key \"configuration/traefik/traefik.toml\" }}" tags = [
destination = "secrets/traefik.toml" "https",
"frontend",
"(diplonat (tcp_port 443))"
]
port = "https_port"
address_mode = "host"
name = "traefik-https"
check {
type = "tcp"
port = "https_port"
interval = "60s"
timeout = "5s"
check_restart {
limit = 3
grace = "90s"
ignore_warnings = false
}
}
} }
} }
} }