initial upload
This commit is contained in:
82
tasks/consul.yml
Normal file
82
tasks/consul.yml
Normal file
@@ -0,0 +1,82 @@
|
||||
---
|
||||
|
||||
- hosts: consul
|
||||
vars:
|
||||
consul_config_dir: /etc/consul.d
|
||||
consul_data_dir: /opt/consul
|
||||
consul_install_dir: /usr/local/bin
|
||||
become: true
|
||||
tasks:
|
||||
|
||||
- name: install required UNZIP
|
||||
package:
|
||||
name: unzip
|
||||
|
||||
- name: add the CONSUL group
|
||||
group:
|
||||
name: consul
|
||||
state: present
|
||||
gid: 199
|
||||
|
||||
- name: add the CONSUL user
|
||||
user:
|
||||
name: consul
|
||||
comment: CONSUL user
|
||||
state: present
|
||||
uid: 199
|
||||
|
||||
- name: install CONSUL from HashiCorp
|
||||
unarchive:
|
||||
src: https://releases.hashicorp.com/consul/1.8.5/consul_1.8.5_linux_amd64.zip
|
||||
dest: /usr/local/bin
|
||||
remote_src: yes
|
||||
mode: 0755
|
||||
owner: consul
|
||||
group: consul
|
||||
|
||||
- name: create CONSUL required data folders
|
||||
file:
|
||||
path: /opt/consul
|
||||
state: directory
|
||||
mode: '0755'
|
||||
recurse: yes
|
||||
owner: consul
|
||||
group: consul
|
||||
|
||||
- name: create CONSUL required config folders
|
||||
file:
|
||||
path: /etc/consul.d
|
||||
state: directory
|
||||
mode: '0755'
|
||||
recurse: yes
|
||||
owner: consul
|
||||
group: consul
|
||||
|
||||
- name: copy CONSUL systemd script
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/consul.d
|
||||
owner: consul
|
||||
group: consul
|
||||
with_items:
|
||||
- consul/configs/consul.hcl
|
||||
- consul/configs/service-ssh.hcl
|
||||
|
||||
- name: send consul configuration file
|
||||
template:
|
||||
dest: "{{ consul_config_dir }}/config.json"
|
||||
src: consul.config.j2
|
||||
|
||||
- name: ensure consul service file exists
|
||||
template:
|
||||
dest: /etc/systemd/system/consul.service
|
||||
src: consul.service.j2
|
||||
force: yes
|
||||
mode: 0644
|
||||
|
||||
- name: enable CONSUL systemd script
|
||||
service:
|
||||
name: consul
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
state: restarted
|
||||
7
tasks/consul/configs/consul.hcl
Normal file
7
tasks/consul/configs/consul.hcl
Normal file
@@ -0,0 +1,7 @@
|
||||
datacenter = "MSI-DC"
|
||||
data_dir = "/opt/consul"
|
||||
encrypt = "eRhnp22+c0bkV0wPolk6Mw=="
|
||||
retry_join = ["consul-admin"]
|
||||
performance {
|
||||
raft_multiplier = 1
|
||||
}
|
||||
23
tasks/consul/configs/consul.service
Normal file
23
tasks/consul/configs/consul.service
Normal file
@@ -0,0 +1,23 @@
|
||||
[Unit]
|
||||
Description=Consul Service Discovery Agent
|
||||
Documentation=https://www.consul.io/
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=consul
|
||||
Group=consul
|
||||
ExecStart=/usr/local/bin/consul agent -server -ui \
|
||||
-data-dir=/opt/consul \
|
||||
-node=consul-%H \
|
||||
-config-dir=/etc/consul.d
|
||||
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
KillSignal=SIGINT
|
||||
TimeoutStopSec=5
|
||||
Restart=on-failure
|
||||
SyslogIdentifier=consul
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
4
tasks/consul/configs/server.hcl
Normal file
4
tasks/consul/configs/server.hcl
Normal file
@@ -0,0 +1,4 @@
|
||||
server = true
|
||||
bootstrap_expect = 2
|
||||
bind_addr = "10.11.10.101"
|
||||
ui = true
|
||||
10
tasks/consul/configs/service-apache.hcl
Normal file
10
tasks/consul/configs/service-apache.hcl
Normal file
@@ -0,0 +1,10 @@
|
||||
service {
|
||||
name = "apache"
|
||||
port = 443
|
||||
tags = [ "srv1", "pedimedic", "webmail", "git" ]
|
||||
check {
|
||||
http = "https://srv1.maruntiel.com"
|
||||
interval = "5s"
|
||||
tlsSkipVerify = true
|
||||
}
|
||||
}
|
||||
9
tasks/consul/configs/service-mysql.hcl
Normal file
9
tasks/consul/configs/service-mysql.hcl
Normal file
@@ -0,0 +1,9 @@
|
||||
service {
|
||||
name = "mariadb"
|
||||
port = 3306
|
||||
tags = [ "db" ]
|
||||
check {
|
||||
tcp = "localhost:3306"
|
||||
interval = "5s"
|
||||
}
|
||||
}
|
||||
8
tasks/consul/configs/service-ssh.hcl
Normal file
8
tasks/consul/configs/service-ssh.hcl
Normal file
@@ -0,0 +1,8 @@
|
||||
service {
|
||||
name = "SSHD"
|
||||
port = 22
|
||||
check {
|
||||
tcp = "localhost:22"
|
||||
interval = "5s"
|
||||
}
|
||||
}
|
||||
70
tasks/consul/consul-tag
Normal file
70
tasks/consul/consul-tag
Normal file
@@ -0,0 +1,70 @@
|
||||
#!/usr/bin/python3
|
||||
|
||||
import os
|
||||
import sys
|
||||
import requests
|
||||
|
||||
CONSUL_API = 'http://localhost:8500'
|
||||
|
||||
|
||||
def get_service(sess, service_id):
|
||||
r = sess.get(CONSUL_API + '/v1/agent/services', timeout=2)
|
||||
r.raise_for_status()
|
||||
services = r.json()
|
||||
|
||||
for svc in services.values():
|
||||
if svc['ID'] == service_id:
|
||||
return svc
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def change_service_tags(service, tags_to_add, tags_to_remove):
|
||||
with requests.Session() as sess:
|
||||
sess.headers = {'X-Consul-Token': os.getenv('CONSUL_HTTP_TOKEN')}
|
||||
|
||||
svc = get_service(sess, service)
|
||||
if svc:
|
||||
new_tags = (set(svc.get('Tags', [])) | tags_to_add) - tags_to_remove
|
||||
new_svc = {
|
||||
'ID': svc['ID'],
|
||||
'Name': svc['Service'],
|
||||
'Address': svc.get('Address', ''),
|
||||
'Port': svc.get('Port', 0),
|
||||
'Meta': svc.get('Meta', {}),
|
||||
'Tags': sorted(list(new_tags)),
|
||||
'EnableTagOverride': svc.get('EnableTagOverride', False),
|
||||
}
|
||||
for k, v in new_svc.items():
|
||||
print('{} = {}'.format(k, v))
|
||||
r = sess.put(CONSUL_API + '/v1/agent/service/register', json=new_svc, timeout=2)
|
||||
r.raise_for_status()
|
||||
|
||||
|
||||
def main(argv):
|
||||
if len(argv) < 3:
|
||||
print("Usage: consul-tag service +tag -tag...")
|
||||
return 1
|
||||
|
||||
service = argv[1]
|
||||
tags_to_add = set()
|
||||
tags_to_remove = set()
|
||||
for tag in argv[2:]:
|
||||
if tag.startswith('-'):
|
||||
tags_to_remove.add(tag[1:])
|
||||
elif tag.startswith('+'):
|
||||
tags_to_add.add(tag[1:])
|
||||
else:
|
||||
tags_to_add.add(tag)
|
||||
|
||||
try:
|
||||
change_service_tags(service, tags_to_add, tags_to_remove)
|
||||
except Exception as exc:
|
||||
print("Error: {}".format(exc))
|
||||
return 2
|
||||
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
sys.exit(main(sys.argv))
|
||||
BIN
tasks/consul/consul.1.7.4
Normal file
BIN
tasks/consul/consul.1.7.4
Normal file
Binary file not shown.
8
tasks/handlers/consul.yml
Normal file
8
tasks/handlers/consul.yml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
# handlers file for consul-server
|
||||
- name: restart consul
|
||||
systemd:
|
||||
name: consul.service
|
||||
daemon_reload: yes
|
||||
state: restarted
|
||||
become: yes
|
||||
13
tasks/templates/consul.config.j2
Normal file
13
tasks/templates/consul.config.j2
Normal file
@@ -0,0 +1,13 @@
|
||||
{
|
||||
"addresses": {
|
||||
"http": "{{ ansible_facts['all_ipv4_addresses'] | last}} 127.0.0.1"
|
||||
},
|
||||
"server": true,
|
||||
"advertise_addr": "{{ ansible_facts['all_ipv4_addresses'] | last}}",
|
||||
"client_addr": "127.0.0.1 {{ ansible_facts['all_ipv4_addresses'] | last }}",
|
||||
"connect": {
|
||||
"enabled": true
|
||||
},
|
||||
"data_dir": "{{ consul_data_dir }}",
|
||||
"bootstrap": true
|
||||
}
|
||||
10
tasks/templates/consul.service.j2
Normal file
10
tasks/templates/consul.service.j2
Normal file
@@ -0,0 +1,10 @@
|
||||
[Unit]
|
||||
Description==Consul Service Discovery Agent
|
||||
|
||||
[Service]
|
||||
WorkingDirectory={{ consul_config_dir }}
|
||||
User=root
|
||||
ExecStart={{ consul_install_dir }}/consul agent -config-dir={{ consul_config_dir }} -node=consul-%H
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
7
tasks/vars/consul.yml
Normal file
7
tasks/vars/consul.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
---
|
||||
# vars file for consul-server
|
||||
consul_version: 1.8.5
|
||||
consul_zip_file: consul_{{ consul_version }}_linux_amd64.zip
|
||||
consul_install_dir: /usr/local/bin
|
||||
consul_config_dir: /etc/consul.
|
||||
consul_data_dir: /opt/consul
|
||||
Reference in New Issue
Block a user