add two nixos-managed VMs for docker swarm

change docker swarm ansible to target these vms
This commit is contained in:
Pim Kunis 2024-02-04 17:16:41 +01:00
parent c461ab5e49
commit 17f110b183
4 changed files with 84 additions and 19 deletions

View file

@ -1,7 +1,7 @@
[defaults]
roles_path=../../../ansible_roles:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
inventory=inventory
interpreter_python=/usr/bin/python3
interpreter_python=/run/current-system/sw/bin/python3.11
remote_user = root
vault_password_file=$HOME/.config/home/ansible-vault-secret

View file

@ -1,11 +1,9 @@
all:
hosts:
manager:
ansible_host: maestro.dmz
ansible_host: 192.168.30.42
children:
workers:
hosts:
bancomart:
ansible_host: bancomart.dmz
# vpay:
# ansible_host: vpay.dmz
ansible_host: bancomart2.dmz

View file

@ -0,0 +1,23 @@
---
- name: Setup Docker Swarm manager
hosts: manager
tasks:
- name: Create Docker Swarm
docker_swarm:
- name: Get Docker Swarm manager info
docker_swarm_info:
nodes: yes
nodes_filters:
name: manager
register: swarm_info
- hosts: workers
tasks:
- name: Join Docker Swarm
docker_swarm:
state: join
join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}"
remote_addrs:
- "{{ hostvars.manager.ansible_default_ipv4.address }}"

View file

@ -58,20 +58,6 @@
};
};
my-microvm = {
type = "virtual";
hypervisorName = "lewis";
nixosModule = { pkgs, ... }: {
# TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
lab.vm.id = 0;
programs.bash.interactiveShellInit = ''
echo "Hello world from inside a virtual machine!!" | ${pkgs.lolcat}/bin/lolcat
'';
};
};
hermes = {
type = "virtual";
hypervisorName = "lewis";
@ -81,6 +67,7 @@
networking.dmz.services.enable = true;
vm = {
# TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
id = 7;
staticNetworking = true;
staticIPv4 = config.lab.networking.dmz.ipv4.services;
@ -89,4 +76,61 @@
};
};
};
maestro2 = {
type = "virtual";
hypervisorName = "lewis";
nixosModule = { pkgs, lib, ... }: {
lab.vm = {
id = 1;
staticNetworking = true;
staticIPv4 = "192.168.30.42";
staticIPv6 = "2a0d:6e00:1a77:30::42";
};
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.docker = {
enable = true;
liveRestore = false;
};
environment.systemPackages = with pkgs; [
(python311.withPackages (python-pkgs: [
python-pkgs.docker
python-pkgs.requests
]))
];
};
};
bancomart2 = {
type = "virtual";
hypervisorName = "lewis";
nixosModule = { pkgs, lib, ... }: {
lab.vm.id = 2;
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.docker = {
enable = true;
liveRestore = false;
};
environment.systemPackages = with pkgs; [
(python311.withPackages (python-pkgs: [
python-pkgs.docker
python-pkgs.requests
]))
];
};
};
}