diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-05-04 12:17:10 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-05-04 12:17:10 -0700 |
| commit | 7040a443c5973be872cdf5f3a656e9f947650b2b (patch) | |
| tree | 833dd0a9f2a6b0c5f2523a70b995965c95bd5f21 | |
| parent | d0d07c491f157bef0174cc05ee3c308fe9f72c9b (diff) | |
| download | infra-7040a443c5973be872cdf5f3a656e9f947650b2b.tar.gz infra-7040a443c5973be872cdf5f3a656e9f947650b2b.zip | |
Refactor the swarm cluster role a bit
| -rw-r--r-- | group_vars/swarm_cluster.yml (renamed from group_vars/swarm.yml) | 0 | ||||
| -rw-r--r-- | inventory | 2 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/stacks/docker-compose.yml | 1 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/volumes/unbound/a-records.conf | 4 | ||||
| -rw-r--r-- | playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf | 7 | ||||
| -rw-r--r-- | playbooks/roles/swarm_cluster/swarm_init/tasks/main.yml (renamed from playbooks/roles/swarm_init/tasks/main.yml) | 0 | ||||
| -rw-r--r-- | playbooks/roles/swarm_cluster/swarm_join/tasks/main.yml (renamed from playbooks/roles/swarm_join/tasks/main.yml) | 4 | ||||
| -rw-r--r-- | playbooks/roles/swarm_cluster/tasks/main.yml | 20 | ||||
| -rw-r--r-- | playbooks/swarm_cluster.yml | 22 |
9 files changed, 34 insertions, 26 deletions
diff --git a/group_vars/swarm.yml b/group_vars/swarm_cluster.yml index bf0744d..bf0744d 100644 --- a/group_vars/swarm.yml +++ b/group_vars/swarm_cluster.yml @@ -19,7 +19,7 @@ swarm-one ansible_host=10.128.0.201 ansible_user=serve ansible_connection=ssh a swarm-two ansible_host=10.128.0.202 ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}' swarm-three ansible_host=10.128.0.203 ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}' -[swarm] +[swarm_cluster] swarm-one ansible_host=10.128.0.201 ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}' swarm-two ansible_host=10.128.0.202 ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}' swarm-three ansible_host=10.128.0.203 ansible_user=serve ansible_connection=ssh ansible_become_password='{{ swarm_become_password }}' diff --git a/playbooks/roles/labdns/templates/stacks/docker-compose.yml b/playbooks/roles/labdns/templates/stacks/docker-compose.yml index 3327c18..c2a2ab5 100644 --- a/playbooks/roles/labdns/templates/stacks/docker-compose.yml +++ b/playbooks/roles/labdns/templates/stacks/docker-compose.yml @@ -17,6 +17,7 @@ services: test: ["CMD-SHELL", "drill loadbalancer.{{ domain }} @127.0.0.1 | grep -q {{ loadbalancer_ip }}"] retries: 3 timeout: 5s + interval: 10s start_period: 8s {% endif %} deploy: diff --git a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf index 6248b0c..5eefeb5 100644 --- a/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf +++ b/playbooks/roles/labdns/templates/volumes/unbound/a-records.conf @@ -2,3 +2,7 @@ {% for service in internal_services %} local-data: "{{ service }}. A {{ loadbalancer_ip }}" {% endfor %} + +# lucina.cloud +local-zone: "lucina.cloud." redirect +local-data: "lucina.cloud. A 10.128.0.44" diff --git a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf index ae977e7..19af327 100644 --- a/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf +++ b/playbooks/roles/labdns/templates/volumes/unbound/forward-records.conf @@ -1,6 +1,5 @@ forward-zone: name: "." - forward-addr: 10.128.0.44@53 -# forward-addr: 1.1.1.1@853#cloudflare-dns.com -# forward-addr: 1.0.0.1@853#cloudflare-dns.com -# forward-tls-upstream: yes + forward-addr: 1.1.1.1@853#cloudflare-dns.com + forward-addr: 1.0.0.1@853#cloudflare-dns.com + forward-tls-upstream: yes diff --git a/playbooks/roles/swarm_init/tasks/main.yml b/playbooks/roles/swarm_cluster/swarm_init/tasks/main.yml index 19967e9..19967e9 100644 --- a/playbooks/roles/swarm_init/tasks/main.yml +++ b/playbooks/roles/swarm_cluster/swarm_init/tasks/main.yml diff --git a/playbooks/roles/swarm_join/tasks/main.yml b/playbooks/roles/swarm_cluster/swarm_join/tasks/main.yml index f6fe454..b73030e 100644 --- a/playbooks/roles/swarm_join/tasks/main.yml +++ b/playbooks/roles/swarm_cluster/swarm_join/tasks/main.yml @@ -7,9 +7,9 @@ - name: Join Swarm as Manager ansible.builtin.command: - cmd: docker swarm join --token {{ hostvars[groups['swarm'][0]]['manager_token'].stdout }} {{ hostvars[groups['swarm'][0]]['ansible_default_ipv4']['address'] }}:2377 + cmd: docker swarm join --token {{ hostvars[swarm_initializer_host]['manager_token'].stdout }} {{ hostvars[swarm_initializer_host]['ansible_default_ipv4']['address'] }}:2377 when: - - hostvars[groups['swarm'][0]]['manager_token'].stdout is defined + - hostvars[swarm_initializer_host]['manager_token'].stdout is defined - docker_swarm_status.stdout != "active" register: swarm_join changed_when: '"This node joined a swarm as a manager" in swarm_join.stdout' diff --git a/playbooks/roles/swarm_cluster/tasks/main.yml b/playbooks/roles/swarm_cluster/tasks/main.yml new file mode 100644 index 0000000..d2507af --- /dev/null +++ b/playbooks/roles/swarm_cluster/tasks/main.yml @@ -0,0 +1,20 @@ +--- + +- name: Enable Local Swarm Communications + community.general.ufw: + rule: allow + from: "{{ homelab_network }}" + state: enabled + +- name: Set swarm initializer variable + ansible.builtin.set_fact: + swarm_initializer_host: "{{ groups['swarm_cluster'][0] }}" + +- name: Initialize the swarm cluster on the first node + when: ansible_hostname == swarm_initializer_host + ansible.builtin.import_tasks: swarm_init/tasks/main.yml + +- name: Join the swarm cluster on all other nodes + when: ansible_hostname != swarm_initializer_host + ansible.builtin.import_tasks: swarm_join/tasks/main.yml + diff --git a/playbooks/swarm_cluster.yml b/playbooks/swarm_cluster.yml index 6a13f8c..8dadae4 100644 --- a/playbooks/swarm_cluster.yml +++ b/playbooks/swarm_cluster.yml @@ -1,24 +1,8 @@ --- -- name: Configure Docker Swarm Firewall Rules - hosts: swarm - become: true - tasks: - - name: Enable Local Swarm Communications - community.general.ufw: - rule: allow - from: "{{ homelab_network }}" - state: enabled - -- name: Setup swarm on init node - hosts: swarm[0] - become: true - roles: - - swarm_init - -- name: Join non-init nodes - hosts: swarm:!swarm[0] +- name: Deploy swarm cluster + hosts: swarm_cluster become: true roles: - - swarm_join + - swarm_cluster |