infrastructure/ansible/roles/consul/templates/consul.json.j2
Alex Auvolat 351e6f13d5 Network configuration:
- Remove nomad interface (unused)
- Deactivate systemd-resolved
- Add dns_server to production nodes variables
- Add recursors option to Consul so that it can resolve outside DNS
  queries
- Use consul as a global DNS server for machines and containers, with
  the outside DNS as a fallback (see roles/consul/templates/resolv.conf.j2)
2020-06-30 17:31:35 +02:00

30 lines
740 B
Django/Jinja

{
"data_dir": "/var/lib/consul",
"bind_addr": "0.0.0.0",
"advertise_addr": "{{ public_ip }}",
"addresses": {
"dns": "0.0.0.0",
"http": "0.0.0.0"
},
"retry_join": [
{% for selected_host in groups['cluster_nodes']|reject("sameas", ansible_fqdn) %}{# @FIXME: Reject doesn't work #}
"{{ hostvars[selected_host]['private_ip'] }}" {{ "," if not loop.last else "" }}
{% endfor %}
],
"bootstrap_expect": 3,
"server": true,
"ui": true,
"ports": {
"dns": 53
},
"recursors": [
"{{ dns_server }}"
],
"encrypt": "{{ consul_gossip_encrypt }}",
"domain": "2.cluster.deuxfleurs.fr",
"performance": {
"raft_multiplier": 10,
"rpc_hold_timeout": "30s",
"leave_drain_time": "30s"
}
}