-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Basic non-clusterized setup of AP-ALB using single YAML file (hosts.y…
…ml) as inventory source (refs fititnt/ap-application-load-balancer#17)
- Loading branch information
Showing
4 changed files
with
130 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
# FILE: alb-ha-cluster-apps.yml | ||
# LICENSE: Public Domain | ||
|
||
# NOTE: NOT IMPLEMENTED YET (fititnt, 2019-11-23 10:44 BRT) | ||
|
||
# ansible-playbook -i hosts.yml alb-ha-cluster-apps.yml | ||
|
||
- name: "alb-ha-cluster-infra: Playbook to manange the apps of already configured cluster" | ||
hosts: all | ||
remote_user: root | ||
vars: | ||
# On this ap-alb-cluster-demo, we will use as example a single YAML file | ||
# containing all variables at /hosts.yml | ||
# | ||
# Note that ansible allows other types of inventories | ||
|
||
roles: | ||
- ap-application-load-balancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
--- | ||
# FILE: alb-ha-cluster-infra.yml | ||
# LICENSE: Public Domain | ||
|
||
|
||
# ansible-playbook -i hosts.yml alb-ha-cluster-infra.yml | ||
|
||
- name: "alb-ha-cluster-infra: Playbook to manange the cluster underline infrastructure (not the apps)" | ||
hosts: cluster_all_nodes | ||
remote_user: root | ||
vars: | ||
# On this ap-alb-cluster-demo, we will use as example a single YAML file | ||
# containing all variables at /hosts.yml | ||
# | ||
# Note that ansible allows other types of inventories | ||
|
||
roles: | ||
- ap-application-load-balancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
|
||
--- | ||
# @see https://github.com/ansible/ansible/blob/devel/examples/hosts.yaml | ||
# @see https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#splitting-out-host-and-group-specific-data | ||
|
||
all: | ||
|
||
# As variaveis aqui são padrão para todos os grupos e hosts. Podem ser | ||
# sobrescritas individualmente mais tarde | ||
vars: | ||
alb_manange_all: yes | ||
alb_manange_sanitycheck: yes | ||
alb_manange_common: yes | ||
|
||
alb_manange_haproxy: yes | ||
alb_manange_openresty: yes | ||
alb_manange_ufw: yes | ||
|
||
alb_auth_users: | ||
- username: adminuser | ||
password: "plain-password-for-adminuser" | ||
- username: "otheradminuser" | ||
password: "another-password-here" | ||
|
||
alb_dmz: | ||
- ip: 173.249.10.99 | ||
name: aguia-pescadora-delta.etica.ai | ||
- ip: 167.86.127.220 | ||
name: aguia-pescadora-echo.etica.ai | ||
- ip: 167.86.127.225 | ||
name: aguia-pescadora-foxtrot.etica.ai | ||
|
||
#alb_bastion_hosts: | ||
# - ip: 192.0.2.255 | ||
# name: "You Can Put Here Your Own IP" | ||
|
||
alb_ufw_rules_always: | ||
- rule: limit | ||
port: 22 | ||
proto: tcp | ||
comment: "Allows access from any IP on :22 on this ap-alb-cluster-demo instead of using alb_bastion_hosts" | ||
|
||
alb_haproxy_stats_enabled: yes | ||
alb_haproxy_stats_ip: 0.0.0.0 # 0.0.0.0 means exposed for everyone. Use firewall! | ||
alb_haproxy_stats_port: 8404 | ||
alb_haproxy_stats_uri: "/haproxy?stats" | ||
alb_haproxy_stats_realm: "{{ alb_name }}: {{ inventory_hostname }}" | ||
|
||
# Note, just to avoid reach limits on Let'Encript, we will disable | ||
# for some time the letsencrypt default clause | ||
alb_letsencrypt_default: "return false" | ||
|
||
children: | ||
cluster_all_nodes: | ||
children: | ||
delta: | ||
echo: | ||
foxtrot: | ||
cluster_leader: | ||
children: | ||
delta: | ||
|
||
delta: | ||
hosts: | ||
aguia-pescadora-delta.etica.ai | ||
|
||
echo: | ||
hosts: | ||
aguia-pescadora-echo.etica.ai | ||
|
||
foxtrot: | ||
hosts: | ||
aguia-pescadora-foxtrot.etica.ai | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# This project requires the role "ap-application-load-balancer" from | ||
# https://github.com/fititnt/ap-application-load-balancer. | ||
# | ||
# Since this is not on Ansible Galaxy, you can manually download that project | ||
# on a folder here named "ap-application-load-balancer" | ||
# | ||
# Another alternative is downlaod that project for a different folder and | ||
# create a simbolic linc. This example was that Rocha used: | ||
# | ||
# ln -s /alligo/code/fititnt/ap-application-load-balancer /alligo/code/fititnt/eticaai-data-warehouse/roles | ||
|
||
# The next lines ignore role "roles/ap-application-load-balancer" | ||
ap-application-load-balancer | ||
ap-application-load-balancer-submodule | ||
ap-application-load-balancer-symlink | ||
ap-application-load-balancer-extras | ||
|
||
# The alternative to symlink is adding as submodule | ||
# git submodule add git@github.com:fititnt/ap-application-load-balancer.git ap-application-load-balancer |