diff --git a/dkswarm.xai-corp.net.yml b/dkswarm.xai-corp.net.yml new file mode 100644 index 0000000..c78ff83 --- /dev/null +++ b/dkswarm.xai-corp.net.yml @@ -0,0 +1,25 @@ +--- +# playbook for home02 + + +- hosts: dkhost + remote_user: ansible + gather_facts: yes + become: true + + vars: + - swarm: + managers: + - dkhost01 + - dkhost03 + workers: + - dkhost04 + - dkhost02 + removed: [] + + history: 3 + + roles: + - docker_swarm_management + + post_tasks: diff --git a/dockerfiles/sslproxy/docker-compose.yml b/dockerfiles/sslproxy/docker-compose.yml index 22a47a3..65f6cae 100644 --- a/dockerfiles/sslproxy/docker-compose.yml +++ b/dockerfiles/sslproxy/docker-compose.yml @@ -1,6 +1,9 @@ --- # DOCKER_HOST=192.168.2.41:2376 docker-compose up -d -# DOCKER_HOST=dkhost03:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy +# docker login dkregistry.xai-corp.net:5000 +# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:latest +# DOCKER_HOST=dkhost01:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy +# DOCKER_HOST=dkhost01:2376 docker stack ps sslproxy version: '3' services: diff --git a/dockerfiles/sslproxy/host.conf b/dockerfiles/sslproxy/host.conf index 28f438e..9fb17f5 100644 --- a/dockerfiles/sslproxy/host.conf +++ b/dockerfiles/sslproxy/host.conf @@ -9,7 +9,7 @@ server { add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; location / { - proxy_pass http://192.168.2.43:8081; + proxy_pass http://dkhost.xai-corp.net:8081; } } @@ -25,7 +25,7 @@ server { add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; location / { - proxy_pass http://192.168.2.43:10080; + proxy_pass http://dkhost.xai-corp.net:10080; } } @@ -41,7 +41,7 @@ server { add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; location / { - proxy_pass http://192.168.2.43:8080; + proxy_pass http://dkhost.xai-corp.net:8080; } } @@ -56,7 +56,7 @@ server { add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; location / { - proxy_pass http://192.168.2.43:8080; + proxy_pass http://dkhost.xai-corp.net:8080; } } @@ -73,7 +73,7 @@ server { location / { proxy_set_header Connection $http_connection; - proxy_pass http://192.168.2.43:9000; + proxy_pass http://dkhost.xai-corp.net:9000; } } @@ -147,37 +147,7 @@ server { location / { proxy_set_header Connection $http_connection; - proxy_pass http://dkhost04.xai-corp.net:10090; - } - -} - -# sql.xai-corp.net -server { - listen 443 ssl; - server_name sql.xai-corp.net; - ssl_certificate /etc/letsencrypt/live/sql.xai-corp.net/cert.pem; - ssl_certificate_key /etc/letsencrypt/live/sql.xai-corp.net/privkey.pem; - #Strict-Transport-Security: max-age=15768000 - add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; - - location / { - proxy_pass http://192.168.2.41:9000; - } - -} - -# www.xai-corp.net -server { - listen 443 ssl; - server_name www.xai-corp.net xai-corp.net; - ssl_certificate /etc/letsencrypt/live/www.xai-corp.net/cert.pem; - ssl_certificate_key /etc/letsencrypt/live/www.xai-corp.net/privkey.pem; - #Strict-Transport-Security: max-age=15768000 - add_header Strict-Transport-Security "max-age=600; includeSubDomains" always; - - location / { - proxy_pass http://192.168.2.41:9000; + proxy_pass http://dkhost.xai-corp.net:10090; } } diff --git a/roles/bootstrap_vms/templates/Vagrantfile.j2 b/roles/bootstrap_vms/templates/Vagrantfile.j2 index 4962c9f..10bb031 100644 --- a/roles/bootstrap_vms/templates/Vagrantfile.j2 +++ b/roles/bootstrap_vms/templates/Vagrantfile.j2 @@ -47,21 +47,21 @@ Vagrant.configure("2") do |config| end - config.vm.define "dkhost03" do |dkhost03| + config.vm.define "dkhost02" do |dkhost| - dkhost03.vm.hostname = "dkhost03" + dkhost.vm.hostname = "dkhost02" - dkhost03.vm.box = BASE_BOX - dkhost03.vm.box_check_update = true + dkhost.vm.box = BASE_BOX + dkhost.vm.box_check_update = true - dkhost03.vm.network "public_network", bridge: BRIDGE_NET + dkhost.vm.network "public_network", bridge: BRIDGE_NET - dkhost03.vm.synced_folder '.', '/vagrant', disabled: true + dkhost.vm.synced_folder '.', '/vagrant', disabled: true - dkhost03.vm.provision "shell", inline: $script + dkhost.vm.provision "shell", inline: $script - dkhost03.vm.provider "virtualbox" do |vb| - vb.name = "dkhost03" + dkhost.vm.provider "virtualbox" do |vb| + vb.name = "dkhost01" vb.gui = false vb.memory = "2048" vb.cpus = 2 @@ -69,35 +69,9 @@ Vagrant.configure("2") do |config| #vb.customize ["modifyvm", :id, "--autostart-enabled", "on"] #vb.customize ["modifyvm", :id, "--autostart-delay", "30"] - vb.customize ["modifyvm", :id, "--macaddress2", "08002794035A"] + vb.customize ["modifyvm", :id, "--macaddress2", "0800273D10E4"] end end - config.vm.define "dkhost04" do |dkhost04| - - dkhost04.vm.hostname = "dkhost04" - - dkhost04.vm.box = BASE_BOX - dkhost04.vm.box_check_update = true - - dkhost04.vm.network "public_network", bridge: BRIDGE_NET - - dkhost04.vm.synced_folder '.', '/vagrant', disabled: true - - dkhost04.vm.provision "shell", inline: $script - - dkhost04.vm.provider "virtualbox" do |vb| - vb.name = "dkhost04" - vb.gui = false - vb.memory = "2048" - vb.cpus = 2 - - #vb.customize ["modifyvm", :id, "--autostart-enabled", "on"] - #vb.customize ["modifyvm", :id, "--autostart-delay", "30"] - - vb.customize ["modifyvm", :id, "--macaddress2", "080027FD5A0E"] - end - - end end diff --git a/roles/docker_swarm_management/tasks/main.yml b/roles/docker_swarm_management/tasks/main.yml new file mode 100644 index 0000000..5583ea0 --- /dev/null +++ b/roles/docker_swarm_management/tasks/main.yml @@ -0,0 +1,65 @@ +--- +# tasks for managing docker a swarm + + +# init swarm +- name: run init on a host + command: docker swarm init + args: + creates: /var/lib/docker/swarm/state.json + when: "ansible_nodename in swarm.managers" + run_once: true + +# get tokens +- name: get manager_token + command: docker swarm join-token manager -q + register: manager_token + when: "ansible_nodename in swarm.managers" + run_once: true + changed_when: False + +- name: get worker_token + command: docker swarm join-token worker -q + register: worker_token + when: "ansible_nodename in swarm.managers" + run_once: true + changed_when: False + +#- debug: var=manager_token + +# add hosts to swarm +- name: adding manager to swarm + command: docker swarm join --token={{manager_token.stdout}} + args: + creates: /var/lib/docker/swarm/state.json + when: "ansible_nodename in swarm.managers" + +- name: adding worker to swarm + command: docker swarm join --token={{worker_token.stdout}} {{swarm.managers[0]}}:2376 + args: + creates: /var/lib/docker/swarm/state.json + when: "ansible_nodename in swarm.workers" + +# remove hosts from swarm +- name: remove hosts from swam if found in remove list + command: docker swarm remove + args: + removes: /var/lib/docker/swarm/state.json + when: "ansible_nodename in swarm.removed" + +# swarm config +- name: get history limit + command: docker info --format '{% raw %}{{json .Swarm.Cluster.Spec.Orchestration.TaskHistoryRetentionLimit}}{% endraw %}' + register: history_limit + run_once: true + changed_when: False + +- debug: var=history_limit.stdout + run_once: True + +- name: set history limit + command: docker swarm update --task-history-limit {{swarm.history}} + when: + - "ansible_nodename in swarm.managers" + - 'swarm.history != history_limit.stdout|int' + run_once: true diff --git a/roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2 b/roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2 index 69d8021..2213ad5 100644 --- a/roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2 +++ b/roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2 @@ -30,7 +30,7 @@ gluster IN A 192.168.2.12 home02 IN A 192.168.2.22 dkhost IN A 192.168.2.41 -dkhost IN A 192.168.2.43 +;dkhost IN A 192.168.2.43 dkhost IN A 192.168.2.53 dkhost IN A 192.168.2.54 @@ -39,11 +39,11 @@ sql IN A 192.168.2.41 tripbuilder IN A 192.168.2.41 dkhost02 IN A 192.168.2.43 -fs IN A 192.168.2.43 -git IN A 192.168.2.43 -dkui IN A 192.168.2.43 -jenkins IN A 192.168.2.43 -logs IN A 192.168.2.43 +fs IN CNAME dkhost +git IN CNAME dkhost +dkui IN CNAME dkhost +jenkins IN CNAME dkhost +logs IN CNAME dkhost dkregistry IN CNAME dkhost dkhost03 IN A 192.168.2.53