# profiles::consul::server class profiles::consul::server ( Variant[ Undef, String ] $gossip_key = undef, Variant[ Undef, String ] $primary_datacenter = undef, Hash $acl = {}, Hash $ports = {}, Hash $addresses = {}, Boolean $members_lookup = false, String $members_role = undef, Array $consul_servers = [], Boolean $enable_ui = true, Boolean $enable_ui_config = true, Boolean $manage_repo = false, String $package_ensure = 'latest', String $package_name = 'consul', Integer $bootstrap_count = 1, String $domain = 'consul', Integer $raft_multiplier = 1, Enum[ 'allow', 'deny', 'extend-cache', 'async-cache' ] $acl_down_policy = 'extend-cache', Enum[ 'allow', 'deny' ] $acl_default_policy = 'deny', Enum[ 'url', 'package', 'docker', 'none' ] $install_method = 'package', Stdlib::IP::Address $client_addr = '0.0.0.0', Stdlib::Absolutepath $data_dir = '/opt/consul', Stdlib::Absolutepath $bin_dir = '/usr/bin', Boolean $disable_remote_exec = true, Boolean $disable_update_check = true, ) { # wait for all attributes to be ready if $facts['enc_role'] == $members_role { # set a datacentre/cluster name $consul_cluster = "${::facts['country']}-${::facts['region']}" # if lookup is enabled, find all the hosts in the specified role and create the servers_array if $members_lookup { # check that the role is also set unless !($members_role == undef) { fail("members_role must be provided for ${title} when members_lookup is True") } # if it is, find hosts, sort them so they dont cause changes every run $servers_array = sort(query_nodes("enc_role='${members_role}' and region='${::facts['region']}'", 'networking.fqdn')) # else use provided array from params }else{ $servers_array = $consul_servers } # if $data_dir starts with /data, ensure the data mount exists if ($data_dir.stdlib::start_with('/data') and $::facts['mountpoints']['/data']) or ! $data_dir.stdlib::start_with('/data') { # install consul class { 'consul': install_method => $install_method, manage_repo => $manage_repo, package_name => $package_name, package_ensure => $package_ensure, bin_dir => $bin_dir, config_hash => { 'primary_datacenter' => $primary_datacenter, 'acl' => $acl, 'ports' => $ports, 'addresses' => $addresses, 'disable_remote_exec' => $disable_remote_exec, 'disable_update_check' => $disable_update_check, 'domain' => $domain, 'bootstrap_expect' => $bootstrap_count, 'client_addr' => '0.0.0.0', 'data_dir' => $data_dir, 'datacenter' => $consul_cluster, 'log_level' => 'INFO', 'node_name' => $::facts['networking']['fqdn'], 'server' => true, 'ui' => $enable_ui, 'ui_config' => { 'enabled' => $enable_ui_config }, 'performance' => { 'raft_multiplier' => $raft_multiplier }, 'bind_addr' => $::facts['networking']['ip'], 'advertise_addr' => $::facts['networking']['ip'], 'retry_join' => $servers_array }, } } } # consul before extra services if defined(Class['consul']) { # setup nginx include profiles::consul::nginx # get the dns port from the $ports hash, otherwise use the default $dns_port = pick($ports['dns'], 8600) # install dnsmasq package { 'dnsmasq': ensure => installed, } # create the 10-consul.conf file file { '/etc/dnsmasq.d/10-consul.conf': ensure => file, owner => 'root', group => 'root', mode => '0644', content => "server=/${domain}/${::facts['networking']['ip']}#${dns_port}\n", require => Package['dnsmasq'], notify => Service['dnsmasq'], } # ensure dnsmasq service is running and enabled at boot service { 'dnsmasq': ensure => running, enable => true, subscribe => File['/etc/dnsmasq.d/10-consul.conf'], # Restart dnsmasq if the consul config changes } } }