jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-04-12 00:03:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
ansible-roles/roles/nomad/tasks/install.yml
Daniel Berteaud d87c1bdc89 Update to 2023-07-08 16:00
2023-07-08 16:00:11 +02:00

121 lines
3.7 KiB
YAML
Raw Blame History

---
- name: Install task driver packages
package: name={{ nomad_task_driver_packages[item] }}
loop: "{{ nomad_enabled_task_drivers }}"
when: nomad_task_driver_packages[item] is defined and nomad_conf.client.enabled
notify: restart nomad
tags: nomad
- name: Deploy systemd service unit
template: src=nomad.service.j2 dest=/etc/systemd/system/nomad.service
register: nomad_unit
notify: restart nomad
tags: nomad
- when: nomad_conf.client.enabled and nomad_unit.changed
block:
- name: Clear plugin dir on upgrades
file: path={{ nomad_root_dir }}/plugins state={{ item }} owner={{ nomad_user }} group={{ nomad_user }}
loop:
- absent
- directory
- name: Download plugins
get_url:
url: "{{ nomad_plugins[item].archive_url }}"
dest: "{{ nomad_root_dir }}/tmp"
checksum: sha256:{{ nomad_plugins[item].sha256 }}
register: nomad_plugin_dl
loop: "{{ nomad_plugins.keys() | list }}"
- name: Extract nomad plugins
unarchive:
src: "{{ item.dest }}"
dest: "{{ nomad_root_dir }}/plugins/"
remote_src: True
loop: "{{ nomad_plugin_dl.results }}"
when: item.dest | basename | splitext | last in ['.zip','.tgz', '.txz', '.tar.gz', '.tar.xz']
notify: restart nomad
- name: Copy nomad plugins
copy:
src: "{{ item.dest }}"
dest: "{{ nomad_root_dir }}/plugins/"
remote_src: True
loop: "{{ nomad_plugin_dl.results }}"
when: item.dest | basename | splitext | last not in ['.zip','.tgz', '.txz', '.tar.gz', '.tar.xz']
notify: restart nomad
- name: List installed plugins
command: ls {{ nomad_root_dir }}/plugins/
register: nomad_installed_plugins
changed_when: False
- name: Set permissions on plugins
file: path={{ nomad_root_dir }}/plugins/{{ item }} owner=root group=root mode=755
loop: "{{ nomad_installed_plugins.stdout_lines }}"
tags: nomad
# Nomad looks for the qemu-system-x86_64 bin in $PATH
# so it needs to be available for Nomad to detect it
- name: Link qemu-kvm to qemu-system-x86_64
file:
src: /usr/libexec/qemu-kvm
dest: /usr/local/bin/qemu-system-x86_64
state: link
when: nomad_conf.client.enabled and 'qemu' in nomad_enabled_task_drivers
tags: nomad
- name: Install bash completion support
copy:
content: |
complete -C /usr/local/bin/nomad nomad
dest: /etc/bash_completion.d/nomad
mode: 0644
tags: nomad
- name: Install backup hooks
template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/nomad mode=755
loop:
- pre
- post
tags: nomad
# A tmpfs will be used to store tokens and other sensitive information
- name: Create tmpfile fragment
copy:
content: |
d /run/nomad 775 root {{ nomad_user }}
dest: /etc/tmpfiles.d/nomad.conf
register: nomad_tmpfiles
tags: nomad
- name: Create tmpfiles
command: systemd-tmpfiles --create
when: nomad_tmpfiles.changed
tags: nomad
# This script cleanups leftovers in iptables rules on boot
- name: Install iptables cleanup script
copy: src=iptables_cleanup.pl dest={{ nomad_root_dir }}/bin/iptables_cleanup.pl mode=755
tags: nomad
- name: Install iptables-nomad-cleanup unit
template: src=iptables-nomad-cleanup.service.j2 dest=/etc/systemd/system/iptables-nomad-cleanup.service
register: nomad_ipt_cleanup_unit
tags: nomad
- name: Reload systemd
systemd: daemon_reload=True
when: nomad_unit.changed or nomad_ipt_cleanup_unit.changed
tags: nomad
# This is needed for containers to be able to reach their own services through the host published port
- name: Install a script to set nomad bridge in promisc mode
copy: src=50-nomad-promisc dest=/etc/NetworkManager/dispatcher.d/50-nomad-promisc mode=755
tags: nomad
Reference in New Issue View Git Blame Copy Permalink