terraform
docker swarm initialization
This commit is contained in:
commit
b8afb2ac64
10 changed files with 172 additions and 0 deletions
1
ansible/TODO.md
Normal file
1
ansible/TODO.md
Normal file
|
|
@ -0,0 +1 @@
|
|||
in traefik role: create docker overlay network
|
||||
8
ansible/ansible.cfg
Normal file
8
ansible/ansible.cfg
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
[defaults]
|
||||
roles_path=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
|
||||
inventory=inventory
|
||||
interpreter_python=/usr/bin/python3
|
||||
remote_user = root
|
||||
|
||||
[diff]
|
||||
always = True
|
||||
1
ansible/inventory/group_vars/all.yml
Normal file
1
ansible/inventory/group_vars/all.yml
Normal file
|
|
@ -0,0 +1 @@
|
|||
data_directory_base: /mnt/data
|
||||
7
ansible/inventory/host_vars/manager.yml
Normal file
7
ansible/inventory/host_vars/manager.yml
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
docker_node_labels:
|
||||
- hostname: maestro
|
||||
labels: {}
|
||||
- hostname: worker1
|
||||
labels: {}
|
||||
|
||||
data_directories: []
|
||||
1
ansible/inventory/host_vars/worker1.yml
Normal file
1
ansible/inventory/host_vars/worker1.yml
Normal file
|
|
@ -0,0 +1 @@
|
|||
data_directories: []
|
||||
9
ansible/inventory/hosts.yml
Normal file
9
ansible/inventory/hosts.yml
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
all:
|
||||
hosts:
|
||||
manager:
|
||||
ansible_host: maestro.dmz
|
||||
children:
|
||||
workers:
|
||||
hosts:
|
||||
worker1:
|
||||
ansible_host: worker1.dmz
|
||||
65
ansible/playbooks/setup.yml
Normal file
65
ansible/playbooks/setup.yml
Normal file
|
|
@ -0,0 +1,65 @@
|
|||
---
|
||||
- name: Wait for Cloud-init to finish
|
||||
hosts: all
|
||||
gather_facts: no
|
||||
roles:
|
||||
- cloudinit_wait
|
||||
|
||||
- name: Initialize Docker Swarm nodes
|
||||
hosts: all
|
||||
pre_tasks:
|
||||
- name: Delete externally managed environment file
|
||||
shell:
|
||||
cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"
|
||||
register: rm
|
||||
changed_when: "rm.rc == 0"
|
||||
failed_when: "false"
|
||||
|
||||
- name: Create data directories
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ data_directory_base }}/{{ item }}"
|
||||
recurse: true
|
||||
mode: 0777
|
||||
loop: "{{ data_directories }}"
|
||||
|
||||
roles:
|
||||
- setup_apt
|
||||
- docker
|
||||
|
||||
- name: Setup Docker Swarm manager
|
||||
hosts: manager
|
||||
tasks:
|
||||
- name: Install pip packages
|
||||
pip:
|
||||
name:
|
||||
- jsondiff
|
||||
- pyyaml
|
||||
|
||||
- name: Create Docker Swarm
|
||||
docker_swarm:
|
||||
|
||||
- name: Get Docker Swarm manager info
|
||||
docker_swarm_info:
|
||||
nodes: yes
|
||||
nodes_filters:
|
||||
name: manager
|
||||
register: swarm_info
|
||||
|
||||
- hosts: workers
|
||||
tasks:
|
||||
- name: Join Docker Swarm
|
||||
docker_swarm:
|
||||
state: join
|
||||
join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}"
|
||||
remote_addrs:
|
||||
- "{{ hostvars.manager.ansible_default_ipv4.address }}"
|
||||
|
||||
- hosts: manager
|
||||
tasks:
|
||||
- name: Add labels to Docker Swarm
|
||||
docker_node:
|
||||
hostname: "{{ item.hostname }}"
|
||||
labels: "{{ item.labels }}"
|
||||
labels_state: replace
|
||||
loop: "{{ docker_node_labels }}"
|
||||
9
ansible/requirements.yml
Normal file
9
ansible/requirements.yml
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
- name: setup_apt
|
||||
src: https://github.com/sunscrapers/ansible-role-apt.git
|
||||
scm: git
|
||||
- name: docker
|
||||
src: https://git.pim.kunis.nl/pim/ansible-role-docker
|
||||
scm: git
|
||||
- name: cloudinit_wait
|
||||
src: https://git.pim.kunis.nl/pim/ansible-role-cloudinit-wait
|
||||
scm: git
|
||||
38
terraform/.gitignore
vendored
Normal file
38
terraform/.gitignore
vendored
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
# Local .terraform directories
|
||||
**/.terraform/*
|
||||
|
||||
# .tfstate files
|
||||
*.tfstate
|
||||
*.tfstate.*
|
||||
|
||||
# Crash log files
|
||||
crash.log
|
||||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
||||
# Ignore override files as they are usually used to override resources locally and so
|
||||
# are not checked in
|
||||
override.tf
|
||||
override.tf.json
|
||||
*_override.tf
|
||||
*_override.tf.json
|
||||
|
||||
# Include override files you do wish to add to version control using negated pattern
|
||||
# !example_override.tf
|
||||
|
||||
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
|
||||
# example: *tfplan*
|
||||
|
||||
# Ignore CLI configuration files
|
||||
.terraformrc
|
||||
terraform.rc
|
||||
.terraform.lock.hcl
|
||||
*.tfbackend
|
||||
|
||||
.vault_password
|
||||
33
terraform/main.tf
Normal file
33
terraform/main.tf
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
terraform {
|
||||
backend "pg" {
|
||||
schema_name = "shoarma"
|
||||
conn_str = "postgres://terraform@10.42.0.1/terraform_state"
|
||||
}
|
||||
|
||||
required_providers {
|
||||
libvirt = {
|
||||
source = "dmacvicar/libvirt"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "libvirt" {
|
||||
uri = "qemu+ssh://root@atlas.hyp/system"
|
||||
}
|
||||
|
||||
module "manager" {
|
||||
source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||
name = "maestro"
|
||||
domain_name = "tf-maestro"
|
||||
memory = 1024
|
||||
}
|
||||
|
||||
module "workers" {
|
||||
for_each = {
|
||||
worker1 = "tf-worker1"
|
||||
}
|
||||
source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||
name = each.key
|
||||
domain_name = each.value
|
||||
memory = 1024 * 3
|
||||
}
|
||||
Reference in a new issue