-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinfra.yml
executable file
·95 lines (89 loc) · 4.41 KB
/
infra.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/usr/bin/env ansible-playbook
---
#==============================================================#
# File : infra.yml
# Desc : init pigsty infrastructure on infra nodes
# Ctime : 2021-01-19
# Mtime : 2024-12-17
# Path : infra.yml
# License : AGPLv3 @ https://pigsty.io/docs/about/license
# Copyright : 2018-2024 Ruohang Feng / Vonng ([email protected])
#==============================================================#
#--------------------------------------------------------------#
# create CA on files/pki/ca @ localhost [ca]
#--------------------------------------------------------------#
- name: CA
become: yes
hosts: localhost
gather_facts: no
tags: ca
roles: [{ role: ca }]
#--------------------------------------------------------------#
# install module `INFRA` and `NODE` on infra nodes
#--------------------------------------------------------------#
- name: INFRA
become: yes
hosts: infra
gather_facts: no
roles:
# id
- { role: node_id ,tags: id } # generate node & pgsql identity
# repo
- { role: repo ,tags: repo } # create local yum repo
# node-init
- { role: node ,tags: node } # prepare node for pigsty
- { role: haproxy ,tags: haproxy } # init haproxy if enabled
# infra
- { role: infra ,tags: infra } # setup infra components
# node-monitor
- { role: node_monitor ,tags: monitor } # init node exporter & promtail
#--------------------------------------------------------------#
# Tasks
#--------------------------------------------------------------#
# ca : create self-signed CA on localhost files/pki
# - ca_dir : create CA directory
# - ca_private : generate ca private key: files/pki/ca/ca.key
# - ca_cert : signing ca cert: files/pki/ca/ca.crt
#
# id : generate node identity
#
# repo : bootstrap a local yum repo from internet or offline packages
# - repo_dir : create repo directory
# - repo_check : check repo exists
# - repo_prepare : use existing repo if exists
# - repo_build : build repo from upstream if not exists
# - repo_upstream : handle upstream repo files in /etc/yum.repos.d
# - repo_remove : remove existing repo file if repo_remove == true
# - repo_add : add upstream repo files to /etc/yum.repos.d
# - repo_url_pkg : download packages from internet defined by repo_url_packages
# - repo_cache : make upstream yum cache with yum makecache
# - repo_boot_pkg : install bootstrap pkg such as createrepo_c,yum-utils,...
# - repo_pkg : download packages & dependencies from upstream repo
# - repo_create : create a local yum repo with createrepo_c & modifyrepo_c
# - repo_use : add newly built repo into /etc/yum.repos.d
# - repo_nginx : launch a nginx for repo if no nginx is serving
#
# node/haproxy/docker/monitor : setup infra node as a common node (check node.yml)
# - node_name, node_hosts, node_resolv, node_firewall, node_ca, node_repo, node_pkg
# - node_feature, node_kernel, node_tune, node_sysctl, node_profile, node_ulimit
# - node_data, node_admin, node_timezone, node_ntp, node_crontab, node_vip
# - haproxy_install, haproxy_config, haproxy_launch, haproxy_reload
# - docker_install, docker_admin, docker_config, docker_launch, docker_image
# - haproxy_register, node_exporter, node_register, promtail
#
# infra : setup infra components
# - infra_env : env_dir, env_pg, env_var
# - infra_pkg : infra_pkg_yum, infra_pkg_pip
# - infra_user : setup infra os user group
# - infra_cert : issue cert for infra components
# - dns : dns_config, dns_record, dns_launch
# - nginx : nginx_config, nginx_cert, nginx_static, nginx_launch, nginx_exporter
# - prometheus : prometheus_clean, prometheus_dir, prometheus_config, prometheus_launch, prometheus_reload
# - alertmanager : alertmanager_config, alertmanager_launch
# - pushgateway : pushgateway_config, pushgateway_launch
# - blackbox : blackbox_config, blackbox_launch
# - grafana : grafana_clean, grafana_config, grafana_launch, grafana_provision
# - loki : loki clean, loki_dir, loki_config, loki_launch
# - infra_register : register infra components to prometheus
#--------------------------------------------------------------#
...