Make things work on cluster devx.adnab.me

This commit is contained in:
Alex 2020-07-01 15:36:22 +02:00
parent 65af077d5a
commit 24118ab426
5 changed files with 71 additions and 20 deletions

View file

@ -1,6 +1,6 @@
[cluster_nodes]
#ubuntu1 ansible_host=192.168.42.10
debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair
debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair
debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair
ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne
debian1 ansible_host=192.168.42.20 ansible_user=root public_ip=192.168.42.20 dns_server=208.67.222.222 vpn_ip=10.68.70.11 public_vpn_port=51820 datacenter=belair interface=enp1s0
debian2 ansible_host=192.168.42.21 ansible_user=root public_ip=192.168.42.21 dns_server=208.67.222.222 vpn_ip=10.68.70.12 public_vpn_port=51820 datacenter=belair interface=enp1s0
debian3 ansible_host=192.168.42.22 ansible_user=root public_ip=192.168.42.22 dns_server=208.67.222.222 vpn_ip=10.68.70.13 public_vpn_port=51820 datacenter=belair interface=enp1s0
ovh1 ansible_host=51.75.4.20 ansible_user=debian ansible_become=yes public_ip=51.75.4.20 dns_server=208.67.222.222 vpn_ip=10.68.70.20 public_vpn_port=51820 datacenter=saturne interface=eth0

View file

@ -1,7 +1,11 @@
- name: "Set nomad version"
- name: "Set Nomad version"
set_fact:
nomad_version: 0.12.0-beta2
- name: "Set CNI version"
set_fact:
cni_plugins_version: 0.8.6
- name: "Download and install Nomad for x86_64"
unarchive:
src: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip"
@ -10,6 +14,19 @@
when:
- "ansible_architecture == 'x86_64'"
- name: "Create /opt/cni/bin"
file: path=/opt/cni/bin state=directory
- name: "Download and install CNI plugins for x86_64"
unarchive:
src: "https://github.com/containernetworking/plugins/releases/download/v{{ cni_plugins_version }}/cni-plugins-linux-amd64-v{{ cni_plugins_version }}.tgz"
dest: /opt/cni/bin
remote_src: yes
when:
- "ansible_architecture == 'x86_64'"
notify:
- restart nomad
- name: "Create Nomad configuration directory"
file: path=/etc/nomad/ state=directory

View file

@ -31,6 +31,16 @@ client {
docker.privileged.enabled = "true"
docker.volumes.enabled = "true"
}
#network_interface = "wgdeuxfleurs"
network_interface = "wgdeuxfleurs"
host_network "default" {
#cidr = "{{ vpn_ip }}/24"
interface = "wgdeuxfleurs"
}
host_network "public" {
#cidr = "{{ public_ip }}/32"
interface = "{{ interface }}"
}
}

View file

@ -59,7 +59,7 @@ job "garage" {
"garage_api",
"traefik.enable=true",
"traefik.frontend.entryPoints=https,http",
"traefik.frontend.rule=Host:garage.deuxfleurs.fr"
"traefik.frontend.rule=Host:garage.deuxfleurs.fr,garage.devx.adnab.me"
]
port = "api_port"
address_mode = "host"

View file

@ -9,6 +9,7 @@ job "frontend" {
config {
image = "amd64/traefik:1.7.20"
readonly_rootfs = true
network_mode = "host"
port_map {
https_port = 443
http_port = 80
@ -24,30 +25,35 @@ job "frontend" {
network {
port "https_port" {
static = "443"
host_network = "public"
}
port "http_port" {
static = "80"
host_network = "public"
}
port "adm_port" {
static = "8082"
}
}
}
template {
data = "{{ key \"configuration/traefik/traefik.toml\" }}"
destination = "secrets/traefik.toml"
}
service {
tags = [
"https",
"http",
"frontend",
"(diplonat (tcp_port 80 443))"
"(diplonat (tcp_port 80))"
]
port = "https_port"
address_mode = "host"
name = "traefik"
port = "http_port"
name = "traefik-http"
check {
type = "http"
protocol = "http"
port = "adm_port"
path = "/ping"
type = "tcp"
port = "http_port"
interval = "60s"
timeout = "5s"
check_restart {
@ -57,10 +63,28 @@ job "frontend" {
}
}
}
template {
data = "{{ key \"configuration/traefik/traefik.toml\" }}"
destination = "secrets/traefik.toml"
service {
tags = [
"https",
"frontend",
"(diplonat (tcp_port 443))"
]
port = "https_port"
address_mode = "host"
name = "traefik-https"
check {
type = "tcp"
port = "https_port"
interval = "60s"
timeout = "5s"
check_restart {
limit = 3
grace = "90s"
ignore_warnings = false
}
}
}
}
}