terraform

docker swarm initialization
2023-05-02 11:51:22 +02:00 · 2023-05-02 11:51:22 +02:00 · b8afb2ac64
commit b8afb2ac64
10 changed files with 172 additions and 0 deletions
--- a/ansible/TODO.md
+++ b/ansible/TODO.md
@ -0,0 +1 @@
 in traefik role: create docker overlay network
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -0,0 +1,8 @@
 [defaults]
 roles_path=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
 inventory=inventory
 interpreter_python=/usr/bin/python3
 remote_user = root
 [diff]
 always = True
--- a/ansible/inventory/group_vars/all.yml
+++ b/ansible/inventory/group_vars/all.yml
@ -0,0 +1 @@
 data_directory_base: /mnt/data
--- a/ansible/inventory/host_vars/manager.yml
+++ b/ansible/inventory/host_vars/manager.yml
@ -0,0 +1,7 @@
 docker_node_labels:
  - hostname: maestro
    labels: {}
  - hostname: worker1
    labels: {}
 data_directories: []
--- a/ansible/inventory/host_vars/worker1.yml
+++ b/ansible/inventory/host_vars/worker1.yml
@ -0,0 +1 @@
 data_directories: []
--- a/ansible/inventory/hosts.yml
+++ b/ansible/inventory/hosts.yml
@ -0,0 +1,9 @@
 all:
  hosts:
    manager:
      ansible_host: maestro.dmz
  children:
    workers:
      hosts:
        worker1:
          ansible_host: worker1.dmz
--- a/ansible/playbooks/setup.yml
+++ b/ansible/playbooks/setup.yml
@ -0,0 +1,65 @@
 ---
 - name: Wait for Cloud-init to finish
  hosts: all
  gather_facts: no
  roles:
    - cloudinit_wait
 - name: Initialize Docker Swarm nodes
  hosts: all
  pre_tasks:
    - name: Delete externally managed environment file
      shell:
        cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"
      register: rm
      changed_when: "rm.rc == 0"
      failed_when: "false"
    - name: Create data directories
      file:
        state: directory
        path: "{{ data_directory_base }}/{{ item }}"
        recurse: true
        mode: 0777
      loop: "{{ data_directories }}"
  roles:
    - setup_apt
    - docker
 - name: Setup Docker Swarm manager
  hosts: manager
  tasks:
    - name: Install pip packages
      pip:
        name:
          - jsondiff
          - pyyaml
    - name: Create Docker Swarm
      docker_swarm:
    - name: Get Docker Swarm manager info
      docker_swarm_info:
        nodes: yes
        nodes_filters:
          name: manager
      register: swarm_info
 - hosts: workers
  tasks:
    - name: Join Docker Swarm
      docker_swarm:
        state: join
        join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}"
        remote_addrs:
          - "{{ hostvars.manager.ansible_default_ipv4.address }}"
 - hosts: manager
  tasks:
    - name: Add labels to Docker Swarm
      docker_node:
        hostname: "{{ item.hostname }}"
        labels: "{{ item.labels }}"
        labels_state: replace
      loop: "{{ docker_node_labels }}"
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@ -0,0 +1,9 @@
 - name: setup_apt
  src: https://github.com/sunscrapers/ansible-role-apt.git
  scm: git
 - name: docker
  src: https://git.pim.kunis.nl/pim/ansible-role-docker
  scm: git
 - name: cloudinit_wait
  src: https://git.pim.kunis.nl/pim/ansible-role-cloudinit-wait
  scm: git
--- a/terraform/.gitignore
+++ b/terraform/.gitignore
@ -0,0 +1,38 @@
 # Local .terraform directories
 **/.terraform/*
 # .tfstate files
 *.tfstate
 *.tfstate.*
 # Crash log files
 crash.log
 crash.*.log
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
 # password, private keys, and other secrets. These should not be part of version
 # control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 *.tfvars
 *.tfvars.json
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 # !example_override.tf
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
 .terraform.lock.hcl
 *.tfbackend
 .vault_password
--- a/terraform/main.tf
+++ b/terraform/main.tf
@ -0,0 +1,33 @@
 terraform {
  backend "pg" {
    schema_name = "shoarma"
    conn_str    = "postgres://terraform@10.42.0.1/terraform_state"
  }
  required_providers {
    libvirt = {
      source = "dmacvicar/libvirt"
    }
  }
 }
 provider "libvirt" {
  uri = "qemu+ssh://root@atlas.hyp/system"
 }
 module "manager" {
  source      = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
  name        = "maestro"
  domain_name = "tf-maestro"
  memory      = 1024
 }
 module "workers" {
  for_each = {
    worker1 = "tf-worker1"
  }
  source      = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
  name        = each.key
  domain_name = each.value
  memory      = 1024 * 3
 }
		`@ -0,0 +1 @@`
							`in traefik role: create docker overlay network`