Make things work on cluster devx.adnab.me
This commit is contained in:
parent
65af077d5a
commit
24118ab426
5 changed files with 71 additions and 20 deletions
|
@ -1,6 +1,6 @@
|
||||||
[cluster_nodes]
|
[cluster_nodes]
|
||||||
#ubuntu1 ansible_host=192.168.42.10
|
#ubuntu1 ansible_host=192.168.42.10
|
||||||
debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair
|
debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair interface=enp1s0
|
||||||
debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair
|
debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair interface=enp1s0
|
||||||
debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair
|
debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair interface=enp1s0
|
||||||
ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne
|
ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne interface=eth0
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
- name: "Set nomad version"
|
- name: "Set Nomad version"
|
||||||
set_fact:
|
set_fact:
|
||||||
nomad_version: 0.12.0-beta2
|
nomad_version: 0.12.0-beta2
|
||||||
|
|
||||||
|
- name: "Set CNI version"
|
||||||
|
set_fact:
|
||||||
|
cni_plugins_version: 0.8.6
|
||||||
|
|
||||||
- name: "Download and install Nomad for x86_64"
|
- name: "Download and install Nomad for x86_64"
|
||||||
unarchive:
|
unarchive:
|
||||||
src: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip"
|
src: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip"
|
||||||
|
@ -10,6 +14,19 @@
|
||||||
when:
|
when:
|
||||||
- "ansible_architecture == 'x86_64'"
|
- "ansible_architecture == 'x86_64'"
|
||||||
|
|
||||||
|
- name: "Create /opt/cni/bin"
|
||||||
|
file: path=/opt/cni/bin state=directory
|
||||||
|
|
||||||
|
- name: "Download and install CNI plugins for x86_64"
|
||||||
|
unarchive:
|
||||||
|
src: "https://github.com/containernetworking/plugins/releases/download/v{{ cni_plugins_version }}/cni-plugins-linux-amd64-v{{ cni_plugins_version }}.tgz"
|
||||||
|
dest: /opt/cni/bin
|
||||||
|
remote_src: yes
|
||||||
|
when:
|
||||||
|
- "ansible_architecture == 'x86_64'"
|
||||||
|
notify:
|
||||||
|
- restart nomad
|
||||||
|
|
||||||
- name: "Create Nomad configuration directory"
|
- name: "Create Nomad configuration directory"
|
||||||
file: path=/etc/nomad/ state=directory
|
file: path=/etc/nomad/ state=directory
|
||||||
|
|
||||||
|
|
|
@ -31,6 +31,16 @@ client {
|
||||||
docker.privileged.enabled = "true"
|
docker.privileged.enabled = "true"
|
||||||
docker.volumes.enabled = "true"
|
docker.volumes.enabled = "true"
|
||||||
}
|
}
|
||||||
#network_interface = "wgdeuxfleurs"
|
|
||||||
|
network_interface = "wgdeuxfleurs"
|
||||||
|
|
||||||
|
host_network "default" {
|
||||||
|
#cidr = "{{ vpn_ip }}/24"
|
||||||
|
interface = "wgdeuxfleurs"
|
||||||
|
}
|
||||||
|
host_network "public" {
|
||||||
|
#cidr = "{{ public_ip }}/32"
|
||||||
|
interface = "{{ interface }}"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -59,7 +59,7 @@ job "garage" {
|
||||||
"garage_api",
|
"garage_api",
|
||||||
"traefik.enable=true",
|
"traefik.enable=true",
|
||||||
"traefik.frontend.entryPoints=https,http",
|
"traefik.frontend.entryPoints=https,http",
|
||||||
"traefik.frontend.rule=Host:garage.deuxfleurs.fr"
|
"traefik.frontend.rule=Host:garage.deuxfleurs.fr,garage.devx.adnab.me"
|
||||||
]
|
]
|
||||||
port = "api_port"
|
port = "api_port"
|
||||||
address_mode = "host"
|
address_mode = "host"
|
||||||
|
|
|
@ -9,6 +9,7 @@ job "frontend" {
|
||||||
config {
|
config {
|
||||||
image = "amd64/traefik:1.7.20"
|
image = "amd64/traefik:1.7.20"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
|
network_mode = "host"
|
||||||
port_map {
|
port_map {
|
||||||
https_port = 443
|
https_port = 443
|
||||||
http_port = 80
|
http_port = 80
|
||||||
|
@ -24,9 +25,11 @@ job "frontend" {
|
||||||
network {
|
network {
|
||||||
port "https_port" {
|
port "https_port" {
|
||||||
static = "443"
|
static = "443"
|
||||||
|
host_network = "public"
|
||||||
}
|
}
|
||||||
port "http_port" {
|
port "http_port" {
|
||||||
static = "80"
|
static = "80"
|
||||||
|
host_network = "public"
|
||||||
}
|
}
|
||||||
port "adm_port" {
|
port "adm_port" {
|
||||||
static = "8082"
|
static = "8082"
|
||||||
|
@ -34,20 +37,23 @@ job "frontend" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = "{{ key \"configuration/traefik/traefik.toml\" }}"
|
||||||
|
destination = "secrets/traefik.toml"
|
||||||
|
}
|
||||||
|
|
||||||
service {
|
service {
|
||||||
tags = [
|
tags = [
|
||||||
"https",
|
"http",
|
||||||
"frontend",
|
"frontend",
|
||||||
"(diplonat (tcp_port 80 443))"
|
"(diplonat (tcp_port 80))"
|
||||||
]
|
]
|
||||||
port = "https_port"
|
port = "http_port"
|
||||||
address_mode = "host"
|
name = "traefik-http"
|
||||||
name = "traefik"
|
|
||||||
check {
|
check {
|
||||||
type = "http"
|
type = "tcp"
|
||||||
protocol = "http"
|
port = "http_port"
|
||||||
port = "adm_port"
|
|
||||||
path = "/ping"
|
|
||||||
interval = "60s"
|
interval = "60s"
|
||||||
timeout = "5s"
|
timeout = "5s"
|
||||||
check_restart {
|
check_restart {
|
||||||
|
@ -58,9 +64,27 @@ job "frontend" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
service {
|
||||||
data = "{{ key \"configuration/traefik/traefik.toml\" }}"
|
tags = [
|
||||||
destination = "secrets/traefik.toml"
|
"https",
|
||||||
|
"frontend",
|
||||||
|
"(diplonat (tcp_port 443))"
|
||||||
|
]
|
||||||
|
port = "https_port"
|
||||||
|
address_mode = "host"
|
||||||
|
name = "traefik-https"
|
||||||
|
|
||||||
|
check {
|
||||||
|
type = "tcp"
|
||||||
|
port = "https_port"
|
||||||
|
interval = "60s"
|
||||||
|
timeout = "5s"
|
||||||
|
check_restart {
|
||||||
|
limit = 3
|
||||||
|
grace = "90s"
|
||||||
|
ignore_warnings = false
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue