Ruakij/Ansible-roles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Ruakij:role_nomad
Branches Tags
Ruakij:main Ruakij:role_kubernetes-k3s Ruakij:role_nftables Ruakij:role_wireguard-ipv6-converter Ruakij:role_netbird_client Ruakij:role_nomad Ruakij:role_netmaker_server Ruakij:role_netmaker Ruakij:role_common Ruakij:role_kubernetes-rke2 Ruakij:role_kubernetes Ruakij:role_docker Ruakij:role_ansible Ruakij:role_zsh
..
compare: Ruakij:role_netbird_client
Branches Tags
Ruakij:role_kubernetes-k3s Ruakij:main Ruakij:role_nftables Ruakij:role_wireguard-ipv6-converter Ruakij:role_netbird_client Ruakij:role_nomad Ruakij:role_netmaker_server Ruakij:role_netmaker Ruakij:role_common Ruakij:role_kubernetes-rke2 Ruakij:role_kubernetes Ruakij:role_docker Ruakij:role_ansible Ruakij:role_zsh

5 Commits
role_nomad ... role_netbi

Author SHA1 Message Date
Ruakij
fd302e4ebc Move regather facts to join when changed 2023-03-19 13:47:01 +01:00
Ruakij
b5729caa0e Add wait for interface to come up 2023-03-19 13:46:44 +01:00
Ruakij
dca40ed835 Remove throttle 2023-03-19 13:46:21 +01:00
Ruakij
95ddd04a86 Fix join command 2023-03-19 10:39:06 +01:00
Ruakij
911bc47acb Initial role stuff 2023-03-17 15:58:49 +01:00
12 changed files with 54 additions and 180 deletions
Expand all files Collapse all files

3
kubernetes/tasks/install/server/install_k3s.yml
View File

@@ -1,5 +1,5 @@
- name: Install K3s-server for 1st-node - name: Install K3s-server for 1st-node
command: /root/k3s_install.sh {{ type }} command: /root/k3s_install.sh {{ type }}
when: "inventory_hostname == groups['kubernetes'][0]" when: "inventory_hostname == groups['kubernetes'][0]"
register: command register: command
changed_when: "'No change detected' in command.stdout" changed_when: "'No change detected' in command.stdout"
@@ -26,6 +26,7 @@
port: 6443 port: 6443
state: started state: started
when: "inventory_hostname != groups['kubernetes'][0]" when: "inventory_hostname != groups['kubernetes'][0]"
#- name: Add Kubernetes environment-vars to /etc/profile.d/ #- name: Add Kubernetes environment-vars to /etc/profile.d/
# blockinfile: # blockinfile:
# path: /etc/profile.d/k3s-bin.sh # path: /etc/profile.d/k3s-bin.sh

6
netbird_client/defaults/netbird_client.yml Normal file
View File

@@ -0,0 +1,6 @@
netbird_client:
# Key and url to join a network
# leave empty to ignore
join_network:
setup_key:
management_url:

26
netbird_client/tasks/install.yml Normal file
View File

@@ -0,0 +1,26 @@
- name: Install Packages
# when: docker_file.stat.exists == False
package:
name:
- ca-certificates
- curl
- gnupg
- name: Add netbird-key
apt_key:
url: https://pkgs.wiretrustee.com/debian/public.key
state: present
- name: Add netbird-repository
apt_repository:
repo: "deb https://pkgs.wiretrustee.com/debian stable main"
state: present
filename: netbird
update_cache: yes
- name: Install wireguard & netbird
package:
name:
- wireguard
- netbird
state: latest

16
netbird_client/tasks/join-network.yml Normal file
View File

@@ -0,0 +1,16 @@
- name: Join netbird-network
when: "netbird_client.join_network.setup_key is defined"
command: "netbird up --management-url {{ netbird_client.join_network.management_url }} --setup-key {{ netbird_client.join_network.setup_key }}"
failed_when: command.rc != 0
changed_when: "'Connected' in command.stdout"
register: command
- name: Wait for netbird-interface to exist
wait_for:
path: "/sys/class/net/wt0"
state: present
when: command.changed
- name: Gather facts to get changes
ansible.builtin.gather_facts:
when: command.changed

4
netbird_client/tasks/main.yml Normal file
View File

@@ -0,0 +1,4 @@
- import_tasks: ./install.yml
- import_tasks: ./join-network.yml

3
nomad/defaults/main.yml
View File

@@ -1,3 +0,0 @@
---
nomad:
version: 1.4.4

48
nomad/files/systemd-service
View File

@@ -1,48 +0,0 @@
[Unit]
Description=Nomad
Documentation=https://www.nomadproject.io/docs/
Wants=network-online.target
After=network-online.target
# When using Nomad with Consul it is not necessary to start Consul first. These
# lines start Consul before Nomad as an optimization to avoid Nomad logging
# that Consul is unavailable at startup.
#Wants=consul.service
#After=consul.service
[Service]
# Nomad server should be run as the nomad user. Nomad clients
# should be run as root
User=root
Group=root
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d
KillMode=process
KillSignal=SIGINT
LimitNOFILE=65536
LimitNPROC=infinity
Restart=on-failure
RestartSec=2
## Configure unit start rate limiting. Units which are started more than
## *burst* times within an *interval* time span are not permitted to start any
## more. Use `StartLimitIntervalSec` or `StartLimitInterval` (depending on
## systemd version) to configure the checking interval and `StartLimitBurst`
## to configure how many starts per interval are allowed. The values in the
## commented lines are defaults.
# StartLimitBurst = 5
## StartLimitIntervalSec is used for systemd versions >= 230
# StartLimitIntervalSec = 10s
## StartLimitInterval is used for systemd versions < 230
# StartLimitInterval = 10s
TasksMax=infinity
OOMScoreAdjust=-1000
[Install]
WantedBy=multi-user.target

3
nomad/meta/main.yml
View File

@@ -1,3 +0,0 @@
---
dependencies:
#- role: docker

43
nomad/tasks/install.yml
View File

@@ -1,43 +0,0 @@
- name: Download binary
ansible.builtin.unarchive:
remote_src: true
src: https://releases.hashicorp.com/nomad/{{ nomad.version }}/nomad_{{ nomad.version }}_{{ ansible_system | lower }}_{{ 'amd64' if ansible_architecture == 'x86_64' else ansible_architecture }}.zip
dest: /usr/local/bin/
mode: "755"
- name: Deploy systemd-service file
ansible.builtin.copy:
src: systemd-service
dest: /etc/systemd/system/nomad.service
mode: u=rw,g=r,o=r
- name: Create nomad user
ansible.builtin.user:
name: nomad
groups:
- docker
append: true
- name: Create directory for configs
ansible.builtin.file:
path: /etc/nomad.d
state: directory
mode: "0755"
owner: "nomad"
group: "nomad"
- name: Create nomad.hcl configuration file
ansible.builtin.template:
src: nomad.hcl.j2
dest: /etc/nomad.d/nomad.hcl
mode: "0644"
owner: "nomad"
group: "nomad"
- name: Create directory for data
ansible.builtin.file:
path: /opt/nomad
state: directory
mode: "0755"
owner: "nomad"
group: "nomad"

8
nomad/tasks/launch.yml
View File

@@ -1,8 +0,0 @@
- name: Start service
ansible.builtin.service:
name: nomad
state: restarted
- name: Waiting for service to accept connections
ansible.builtin.wait_for:
port: 4646

3
nomad/tasks/main.yml
View File

@@ -1,3 +0,0 @@
- import_tasks: ./install.yml
- import_tasks: ./launch.yml

71
nomad/templates/nomad.hcl.j2
View File

@@ -1,71 +0,0 @@
data_dir = "/opt/nomad"
datacenter = "{{ datacenter }}"
bind_addr = "0.0.0.0"
advertise {
# Defaults to the first private IP address.
#http = "1.2.3.4"
#rpc = "1.2.3.4"
#serf = "1.2.3.4:5648" # non-default ports may be specified
}
{# TODO: Get interface-ip from hosts marked with type=server #}
{% set server_hosts = ansible_play_batch | difference([inventory_hostname]) %}
{% if type is defined and type == "server" %}
server {
enabled = true
bootstrap_expect = {{ server_hosts | length }}
server_join {
retry_join = [ "{{ server_hosts | join('", "') }}" ]
retry_max = 6
retry_interval = "15s"
}
default_scheduler_config {
scheduler_algorithm = "binpack"
memory_oversubscription_enabled = true
reject_job_registration = false
pause_eval_broker = false # New in Nomad 1.3.2
preemption_config {
batch_scheduler_enabled = true
system_scheduler_enabled = true
service_scheduler_enabled = true
sysbatch_scheduler_enabled = true # New in Nomad 1.2
}
}
}
{% endif %}
client {
enabled = true
{% if type != "server" %}
servers = [ "{{ server_hosts | join('", "') }}" ]
{% endif %}
meta {
node_type = "{{ type }}"
{% if storage is defined and storage %}
seaweedfs_volume = "true"
{% endif %}
}
}
plugin "raw_exec" {
config {
enabled = true
}
}
plugin "docker" {
config {
{% if type is defined and type == "server" %}
allow_privileged = true
{% endif %}
}
}