Sergey Antropoff
0b981ca61e
- Создана система пресетов для быстрого переключения между конфигурациями - Добавлены пресеты: minimal, standard, docker, cluster - Обновлена структура проекта с папками cicd/, vault/, scripts/ - Упрощена система vault с функциональными секретами - Добавлены скрипты для работы с пресетами - Обновлен Makefile с командами для пресетов - Удалены старые файлы и структуры Автор: Сергей Антропов Сайт: https://devops.org.ru
107 lines
4.1 KiB
YAML
107 lines
4.1 KiB
YAML
---
|
|
- hosts: localhost
|
|
gather_facts: false
|
|
vars_files:
|
|
- hosts.yml
|
|
|
|
tasks:
|
|
- name: Ensure network exists
|
|
community.docker.docker_network:
|
|
name: "{{ docker_network }}"
|
|
state: present
|
|
|
|
# SYSTEMD nodes
|
|
- name: Pull systemd images
|
|
community.docker.docker_image:
|
|
name: "{{ images[item.family] }}"
|
|
source: pull
|
|
loop: "{{ hosts | selectattr('type','undefined') | list }}"
|
|
loop_control: { label: "{{ item.name }}" }
|
|
|
|
- name: Start systemd nodes
|
|
community.docker.docker_container:
|
|
name: "{{ item.name }}"
|
|
image: "{{ images[item.family] }}"
|
|
networks: [ { name: "{{ docker_network }}" } ]
|
|
privileged: "{{ systemd_defaults.privileged }}"
|
|
command: "{{ systemd_defaults.command }}"
|
|
volumes: "{{ (systemd_defaults.volumes | default([])) + (item.volumes | default([])) }}"
|
|
tmpfs: "{{ (systemd_defaults.tmpfs | default([])) + (item.tmpfs | default([])) }}"
|
|
capabilities: "{{ (systemd_defaults.capabilities | default([])) + (item.capabilities | default([])) }}"
|
|
published_ports: "{{ item.publish | default([]) }}"
|
|
env: "{{ item.env | default({}) }}"
|
|
state: started
|
|
restart_policy: unless-stopped
|
|
loop: "{{ hosts | selectattr('type','undefined') | list }}"
|
|
loop_control: { label: "{{ item.name }}" }
|
|
|
|
# DinD nodes
|
|
- name: Start DinD nodes (docker:27-dind)
|
|
community.docker.docker_container:
|
|
name: "{{ item.name }}"
|
|
image: "docker:27-dind"
|
|
privileged: true
|
|
environment: { DOCKER_TLS_CERTDIR: "" }
|
|
networks: [ { name: "{{ docker_network }}" } ]
|
|
published_ports: "{{ item.publish | default([]) }}"
|
|
volumes: [ "{{ item.name }}-docker:/var/lib/docker" ]
|
|
state: started
|
|
restart_policy: unless-stopped
|
|
loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dind') | list }}"
|
|
loop_control: { label: "{{ item.name }}" }
|
|
|
|
# DOoD nodes (mount docker.sock)
|
|
- name: Start DOoD nodes (systemd + docker.sock mount)
|
|
community.docker.docker_container:
|
|
name: "{{ item.name }}"
|
|
image: "{{ images[item.family] }}"
|
|
networks: [ { name: "{{ docker_network }}" } ]
|
|
privileged: "{{ systemd_defaults.privileged }}"
|
|
command: "{{ systemd_defaults.command }}"
|
|
volumes: "{{ (systemd_defaults.volumes | default([])) + ['/var/run/docker.sock:/var/run/docker.sock'] + (item.volumes | default([])) }}"
|
|
tmpfs: "{{ (systemd_defaults.tmpfs | default([])) + (item.tmpfs | default([])) }}"
|
|
capabilities: "{{ (systemd_defaults.capabilities | default([])) + (item.capabilities | default([])) }}"
|
|
published_ports: "{{ item.publish | default([]) }}"
|
|
env: "{{ item.env | default({}) }}"
|
|
state: started
|
|
restart_policy: unless-stopped
|
|
loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dood') | list }}"
|
|
loop_control: { label: "{{ item.name }}" }
|
|
|
|
# Build groups map
|
|
- name: Build groups map {group: [hosts]}
|
|
set_fact:
|
|
groups_map: "{{ groups_map | default({}) }}"
|
|
- name: Append hosts to groups
|
|
set_fact:
|
|
groups_map: "{{ groups_map | combine({ item_group: (groups_map[item_group] | default([])) + [item_name] }) }}"
|
|
loop: "{{ hosts | subelements('groups', skip_missing=True) }}"
|
|
loop_control:
|
|
label: "{{ item.0.name }}"
|
|
vars:
|
|
item_name: "{{ item.0.name }}"
|
|
item_group: "{{ item.1 }}"
|
|
|
|
# Render inventory
|
|
- name: Render inventory ini
|
|
set_fact:
|
|
inv_content: |
|
|
[all:vars]
|
|
ansible_connection=community.docker.docker
|
|
ansible_python_interpreter=/usr/bin/python3
|
|
|
|
{% for group, members in (groups_map | dictsort) %}
|
|
[{{ group }}]
|
|
{% for h in members %}{{ h }}
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|
|
[all]
|
|
{% for h in hosts %}{{ h.name }}
|
|
{% endfor %}
|
|
|
|
- name: Write inventory file
|
|
copy:
|
|
dest: "{{ generated_inventory }}"
|
|
content: "{{ inv_content }}"
|
|
mode: "0644" |