xai-corp.net/provisioning
1
0
Fork 0
Code Issues 9 Releases Activity

update sslproxy to use dns instead of ip

Browse Source
This commit is contained in:
richard
2017-06-18 20:56:39 -04:00
parent 8bc3760fd4
commit 3c9c13d3eb
6 changed files with 116 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
dkswarm.xai-corp.net.yml Normal file
View File

@@ -0,0 +1,25 @@
---
# playbook for home02
- hosts: dkhost
remote_user: ansible
gather_facts: yes
become: true
vars:
- swarm:
managers:
- dkhost01
- dkhost03
workers:
- dkhost04
- dkhost02
removed: []
history: 3
roles:
- docker_swarm_management
post_tasks:

5
dockerfiles/sslproxy/docker-compose.yml
View File

@@ -1,6 +1,9 @@
---
# DOCKER_HOST=192.168.2.41:2376 docker-compose up -d
# DOCKER_HOST=dkhost03:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy
# docker login dkregistry.xai-corp.net:5000
# docker-compose build && docker push dkregistry.xai-corp.net:5000/sslproxy:latest
# DOCKER_HOST=dkhost01:2376 docker stack deploy --with-registry-auth -c docker-compose.yml sslproxy
# DOCKER_HOST=dkhost01:2376 docker stack ps sslproxy
version: '3'
services:

42
dockerfiles/sslproxy/host.conf
View File

@@ -9,7 +9,7 @@ server {
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.43:8081;
proxy_pass http://dkhost.xai-corp.net:8081;
}
}
@@ -25,7 +25,7 @@ server {
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.43:10080;
proxy_pass http://dkhost.xai-corp.net:10080;
}
}
@@ -41,7 +41,7 @@ server {
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.43:8080;
proxy_pass http://dkhost.xai-corp.net:8080;
}
}
@@ -56,7 +56,7 @@ server {
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.43:8080;
proxy_pass http://dkhost.xai-corp.net:8080;
}
}
@@ -73,7 +73,7 @@ server {
location / {
proxy_set_header Connection $http_connection;
proxy_pass http://192.168.2.43:9000;
proxy_pass http://dkhost.xai-corp.net:9000;
}
}
@@ -147,37 +147,7 @@ server {
location / {
proxy_set_header Connection $http_connection;
proxy_pass http://dkhost04.xai-corp.net:10090;
}
}
# sql.xai-corp.net
server {
listen 443 ssl;
server_name sql.xai-corp.net;
ssl_certificate /etc/letsencrypt/live/sql.xai-corp.net/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/sql.xai-corp.net/privkey.pem;
#Strict-Transport-Security: max-age=15768000
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.41:9000;
}
}
# www.xai-corp.net
server {
listen 443 ssl;
server_name www.xai-corp.net xai-corp.net;
ssl_certificate /etc/letsencrypt/live/www.xai-corp.net/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/www.xai-corp.net/privkey.pem;
#Strict-Transport-Security: max-age=15768000
add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
location / {
proxy_pass http://192.168.2.41:9000;
proxy_pass http://dkhost.xai-corp.net:10090;
}
}

46
roles/bootstrap_vms/templates/Vagrantfile.j2
View File

@@ -47,21 +47,21 @@ Vagrant.configure("2") do |config|
end
config.vm.define "dkhost03" do |dkhost03|
config.vm.define "dkhost02" do |dkhost|
dkhost03.vm.hostname = "dkhost03"
dkhost.vm.hostname = "dkhost02"
dkhost03.vm.box = BASE_BOX
dkhost03.vm.box_check_update = true
dkhost.vm.box = BASE_BOX
dkhost.vm.box_check_update = true
dkhost03.vm.network "public_network", bridge: BRIDGE_NET
dkhost.vm.network "public_network", bridge: BRIDGE_NET
dkhost03.vm.synced_folder '.', '/vagrant', disabled: true
dkhost.vm.synced_folder '.', '/vagrant', disabled: true
dkhost03.vm.provision "shell", inline: $script
dkhost.vm.provision "shell", inline: $script
dkhost03.vm.provider "virtualbox" do |vb|
vb.name = "dkhost03"
dkhost.vm.provider "virtualbox" do |vb|
vb.name = "dkhost01"
vb.gui = false
vb.memory = "2048"
vb.cpus = 2
@@ -69,35 +69,9 @@ Vagrant.configure("2") do |config|
#vb.customize ["modifyvm", :id, "--autostart-enabled", "on"]
#vb.customize ["modifyvm", :id, "--autostart-delay", "30"]
vb.customize ["modifyvm", :id, "--macaddress2", "08002794035A"]
vb.customize ["modifyvm", :id, "--macaddress2", "0800273D10E4"]
end
end
config.vm.define "dkhost04" do |dkhost04|
dkhost04.vm.hostname = "dkhost04"
dkhost04.vm.box = BASE_BOX
dkhost04.vm.box_check_update = true
dkhost04.vm.network "public_network", bridge: BRIDGE_NET
dkhost04.vm.synced_folder '.', '/vagrant', disabled: true
dkhost04.vm.provision "shell", inline: $script
dkhost04.vm.provider "virtualbox" do |vb|
vb.name = "dkhost04"
vb.gui = false
vb.memory = "2048"
vb.cpus = 2
#vb.customize ["modifyvm", :id, "--autostart-enabled", "on"]
#vb.customize ["modifyvm", :id, "--autostart-delay", "30"]
vb.customize ["modifyvm", :id, "--macaddress2", "080027FD5A0E"]
end
end
end

65
roles/docker_swarm_management/tasks/main.yml Normal file
View File

@@ -0,0 +1,65 @@
---
# tasks for managing docker a swarm
# init swarm
- name: run init on a host
command: docker swarm init
args:
creates: /var/lib/docker/swarm/state.json
when: "ansible_nodename in swarm.managers"
run_once: true
# get tokens
- name: get manager_token
command: docker swarm join-token manager -q
register: manager_token
when: "ansible_nodename in swarm.managers"
run_once: true
changed_when: False
- name: get worker_token
command: docker swarm join-token worker -q
register: worker_token
when: "ansible_nodename in swarm.managers"
run_once: true
changed_when: False
#- debug: var=manager_token
# add hosts to swarm
- name: adding manager to swarm
command: docker swarm join --token={{manager_token.stdout}}
args:
creates: /var/lib/docker/swarm/state.json
when: "ansible_nodename in swarm.managers"
- name: adding worker to swarm
command: docker swarm join --token={{worker_token.stdout}} {{swarm.managers[0]}}:2376
args:
creates: /var/lib/docker/swarm/state.json
when: "ansible_nodename in swarm.workers"
# remove hosts from swarm
- name: remove hosts from swam if found in remove list
command: docker swarm remove
args:
removes: /var/lib/docker/swarm/state.json
when: "ansible_nodename in swarm.removed"
# swarm config
- name: get history limit
command: docker info --format '{% raw %}{{json .Swarm.Cluster.Spec.Orchestration.TaskHistoryRetentionLimit}}{% endraw %}'
register: history_limit
run_once: true
changed_when: False
- debug: var=history_limit.stdout
run_once: True
- name: set history limit
command: docker swarm update --task-history-limit {{swarm.history}}
when:
- "ansible_nodename in swarm.managers"
- 'swarm.history != history_limit.stdout|int'
run_once: true

12
roles/ns.xai-corp.net/templates/xai-corp.net.internal.j2
View File

@@ -30,7 +30,7 @@ gluster IN A 192.168.2.12
home02 IN A 192.168.2.22
dkhost IN A 192.168.2.41
dkhost IN A 192.168.2.43
;dkhost IN A 192.168.2.43
dkhost IN A 192.168.2.53
dkhost IN A 192.168.2.54
@@ -39,11 +39,11 @@ sql IN A 192.168.2.41
tripbuilder IN A 192.168.2.41
dkhost02 IN A 192.168.2.43
fs IN A 192.168.2.43
git IN A 192.168.2.43
dkui IN A 192.168.2.43
jenkins IN A 192.168.2.43
logs IN A 192.168.2.43
fs IN CNAME dkhost
git IN CNAME dkhost
dkui IN CNAME dkhost
jenkins IN CNAME dkhost
logs IN CNAME dkhost
dkregistry IN CNAME dkhost
dkhost03 IN A 192.168.2.53