unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: nomad cni additions #314

Merged
unkinben merged 1 commits from benvin/nomad_cni into develop 2025-06-14 18:47:24 +10:00
Conversation 0 Commits 1 Files Changed 5 +11
5 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hieradata/roles/infra/nomad/agent.yaml
View File

@ -39,6 +39,7 @@ profiles::ceph::client::keyrings:
profiles::packages::include: profiles::packages::include:
nomad: {} nomad: {}
cni-plugins: {} cni-plugins: {}
consul-cni: {}
profiles::nomad::node::client: true profiles::nomad::node::client: true

5
hieradata/roles/infra/nomad/agentv2.yaml
View File

@ -22,6 +22,7 @@ networking::interfaces:
profiles::packages::include: profiles::packages::include:
nomad: {} nomad: {}
cni-plugins: {} cni-plugins: {}
consul-cni: {}
profiles::nomad::node::client: true profiles::nomad::node::client: true
@ -34,6 +35,10 @@ profiles::pki::vault::alt_names:
- "nomad-client.service.%{facts.country}-%{facts.region}.consul" - "nomad-client.service.%{facts.country}-%{facts.region}.consul"
# configure consul service # configure consul service
profiles::consul::client::ports:
grpc: 8502
dns: 8600
http: 8500
profiles::consul::client::node_rules: profiles::consul::client::node_rules:
- resource: service - resource: service
segment: nomad-client segment: nomad-client

1
hieradata/roles/infra/storage/consul.yaml
View File

@ -8,6 +8,7 @@ profiles::consul::server::addresses:
grpc: "%{::networking.ip}" grpc: "%{::networking.ip}"
grpc_tls: "%{::networking.ip}" grpc_tls: "%{::networking.ip}"
profiles::consul::server::ports: profiles::consul::server::ports:
grpc: 8502
dns: 8600 dns: 8600
http: 8500 http: 8500
https: -1 https: -1

2
site/profiles/manifests/consul/client.pp
View File

@ -10,6 +10,7 @@ class profiles::consul::client (
Array $consul_servers = [], Array $consul_servers = [],
Stdlib::Absolutepath $data_dir = '/opt/consul', Stdlib::Absolutepath $data_dir = '/opt/consul',
Array[Hash] $node_rules = [], Array[Hash] $node_rules = [],
Hash $ports = {},
) { ) {
if $facts['enc_role'] != $members_role { if $facts['enc_role'] != $members_role {
@ -44,6 +45,7 @@ class profiles::consul::client (
'bind_addr' => $::facts['networking']['ip'], 'bind_addr' => $::facts['networking']['ip'],
'advertise_addr' => $::facts['networking']['ip'], 'advertise_addr' => $::facts['networking']['ip'],
'enable_script_checks' => true, 'enable_script_checks' => true,
'ports' => $ports,
'acl' => { 'acl' => {
tokens => { tokens => {
default => fqdn_uuid("${facts['networking']['fqdn']}-${secret_id_salt}") default => fqdn_uuid("${facts['networking']['fqdn']}-${secret_id_salt}")

2
site/profiles/manifests/consul/server.pp
View File

@ -119,6 +119,8 @@ class profiles::consul::server (
'advertise_addr' => $advertise_addr, 'advertise_addr' => $advertise_addr,
'retry_join' => $servers_array, 'retry_join' => $servers_array,
'retry_join_wan' => $remote_servers_array, 'retry_join_wan' => $remote_servers_array,
'connect' => { 'enabled' => true },
'recursors' => ['198.18.19.16'],
}, },
} }
} }