Update to 2022-08-01 16:00

2025-10-31 10:51:27 +01:00 · 2022-08-01 16:00:18 +02:00
parent 1650198b44
commit 576eba31fe
11 changed files with 159 additions and 73 deletions
--- a/roles/consul/defaults/main.yml
+++ b/roles/consul/defaults/main.yml
@@ -16,63 +16,43 @@ consul_root_dir: /opt/consul
 # List of consul servers name or IP
 consul_servers: []

-# List of services exposed by consul, the ports they use, and the list of IP
-# for which the service is accessible at the firewall level (if iptables_manage == True)
-consul_base_services:
-  dns:
-    port: "{{ consul_conf.ports.dns | default(8600) }}"
-    src_ip: []
-    proto: [tcp,udp]
-  http:
-    port: "{{ consul_conf.ports.http | default(8500) }}"
-    src_ip: []
-    proto: [tcp]
-  https:
-    port: "{{ consul_conf.ports.https | default(8501) }}"
-    src_ip: []
-    proto: [tcp]
-  grpc:
-    port: "{{ consul_conf.ports.groc | default(8502) }}"
-    src_ip: []
-    proto: [tcp]
-  serf_lan:
-    port: "{{ consul_conf.ports.serf_lan | default(8301) }}"
-    src_ip: []
-    proto: [tcp,udp]
-  serf_wan:
-    port: "{{ consul_conf.ports.serf_wan | default(8302) }}"
-    src_ip: []
-    proto: [tcp,udp]
-  server:
-    port: "{{ consul_conf.ports.server | default(8300) }}"
-    src_ip: []
-    proto: [tcp]
-  sidecar_proxy:
-    port: "{{ consul_conf.ports.sidecar_proxy_min | default(21000) }}:{{ consul_conf.ports.sidecar_proxy_max | default(21255) }}"
-    src_ip: []
-    proto: [tcp]
-consul_extra_services: {}
-consul_services: "{{ consul_base_services | combine(consul_extra_services, recursive=True) }}"
-
 # Consul configuration (which will be converted to JSON)
 # The configuration is splited in a base conf and an extra conf, so you can override part of the config easily
 consul_base_conf:
-  node_name: "{{ inventory_hostname }}"
-  data_dir: "{{ consul_root_dir }}/data"
  client_addr: 0.0.0.0
  log_level: INFO
  bind_addr: 0.0.0.0
+
+  # Address that is advertised to the other nodes
  advertise_addr: "{{ ansible_default_ipv4.address }}"
+  # You can also advertise the WAN addr
+  # advertise_addr_wan: x.x.x.x
+
+  # You can define the datacenter in which this agent is running. The default value is dc1
+  # datacenter: dc1
+
+  # Node name, which should be uniq in the region. Default is the hostname
+  # node_name: nomade-fr-zone-c
+
+  # Optional encryption key for the gossip protocol
+  # You can generate one with cinsul keygen. The key should be the same on all the members
+  # encrypt: WSnGbK30nI6K/xk9w+AAtk0Y3RMXKoAlsj4VEICqi0I=
+
  retry_join: "{{ consul_servers }}"
  bootstrap_expect: "{{ consul_servers | length }}"
+
  server: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"
+
  ui_config:
    enabled: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"
-  connect:
-    enabled: "{{ (inventory_hostname in consul_servers) | ternary(True, False) }}"
+
  performance:
    raft_multiplier: 1

+consul_extra_conf: {}
+consul_host_conf: {}
+consul_conf: "{{ consul_base_conf | combine(consul_extra_conf, recursive=True) | combine(consul_host_conf, recursive=True) }}"
+
 # For example
 # consul_extra_conf:
 #   datacenter: my-dc
@@ -81,9 +61,45 @@ consul_base_conf:
 #   ui_config:
 #     enabled: False

-consul_extra_conf: {}
-# Host conf is just another level of configuration override
-consul_host_conf: {}
-
-# Merge all the conf
-consul_conf: "{{ consul_base_conf | combine(consul_extra_conf, recursive=True) | combine(consul_host_conf, recursive=True) }}"
+# List of services exposed by consul, the ports they use, and the list of IP
+# for which the service is accessible at the firewall level (if iptables_manage == True)
+consul_base_services:
+  dns:
+    port: 8600
+    src_ip: []
+    proto: [tcp,udp]
+  http:
+    port: 8500
+    src_ip: []
+    proto: [tcp]
+  https:
+    port: 8501
+    src_ip: []
+    proto: [tcp]
+  grpc:
+    port: 8502
+    src_ip: []
+    proto: [tcp]
+  serf_lan:
+    port: 8301
+    src_ip: []
+    proto: [tcp,udp]
+  serf_wan:
+    port: 8302
+    src_ip: []
+    proto: [tcp,udp]
+  server:
+    port: 8300
+    src_ip: []
+    proto: [tcp]
+  sidecar:
+    port: 21000:21255
+    src_ip: []
+    proto: [tcp]
+  expose:
+    port: 21500:21755
+    src_ip: []
+    proto: [tcp]
+consul_extra_services: {}
+consul_host_services: {}
+consul_services: "{{ consul_base_services | combine(consul_extra_services, recursive=True) | combine(consul_host_services, recursive=True) }}"