Ansible-Kurs/2024-09
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Kapitel 11: Web-Cluster

Browse source
This commit is contained in:
Sven Velt 2024-09-19 12:48:45 +02:00
parent 1735787ac9
commit 4e2ea9c8a7
12 changed files with 98 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.gitmodules vendored
View file

@ -20,3 +20,9 @@
[submodule "09/ssh-wrapper-for-monitoring"]
path = 09/ssh-wrapper-for-monitoring
url = https://git.velt.biz/Monitoring/ssh-wrapper-for-monitoring.git
[submodule "roles.webcluster"]
path = roles.webcluster
url = https://git.velt.biz/Ansible/roles.webcluster.git
[submodule "roles.extern/selfsignedcert"]
path = roles.extern/selfsignedcert
url = https://git.velt.biz/Ansible/selfsignedcert.git

31
11/ansible.cfg Normal file
View file

@ -0,0 +1,31 @@
[defaults]
# Inventory
inventory = ./hosts.ini
# Roles paths
roles_path = ./roles:./roles.extern:./roles.webcluster:/etc/ansible/roles
# Interpreter Discovery - Ohne Warnings
interpreter_python = auto_silent
# SSH
remote_user = root
#host_key_checking = False
# Retry files
retry_files_enabled = yes
retry_files_save_path = ./.cache/Retry/
# Log files
#log_path = ./log/ansible.log
# Farben ausschalten
#nocolor = 1
[colors]
# Für dunklen Hintergrund in der Console
verbose = bright blue
debug = bright gray
error = bright red

10
11/webcluster-cert.yml Normal file
View file

@ -0,0 +1,10 @@
---
- hosts: localhost
roles:
- role: selfsignedcert
selfsignedcert_basename: ./cert
selfsignedcert_san:
- "IP:192.168.1.99"

1
11/webcluster-db.yml Symbolic link
View file

@ -0,0 +1 @@
../roles.webcluster/webcluster-db.yml

1
11/webcluster-lb.yml Symbolic link
View file

@ -0,0 +1 @@
../roles.webcluster/webcluster-lb.yml

1
11/webcluster-site.yml Symbolic link
View file

@ -0,0 +1 @@
../roles.webcluster/webcluster-site.yml

1
11/webcluster-worker.yml Symbolic link
View file

@ -0,0 +1 @@
../roles.webcluster/webcluster-worker.yml

2
ansible.cfg
View file

@ -1 +1 @@
06/ansible.cfg
11/ansible.cfg

18
group_vars/webcluster.yml Normal file
View file

@ -0,0 +1,18 @@
apache2_backend_mod_remoteip_proxy: 10.128.16.0/22
haproxy_sslcert_src: cert.pem
haproxy_sslcert_path: /etc/haproxy/ssl.pem
keepalived_virtual_ipaddress:
- 10.128.17.9/22
keepalived_chk_proc_name: haproxy
selfsignedcert_basename: ./cert
selfsignedcert_san:
- "IP:{{ keepalived_virtual_ipaddress|ipaddr('address') }}"

26
hosts.ini
View file

@ -85,3 +85,29 @@ voidlinux
[zypper:children]
opensuse
############################################################
[lb]
tn00-alpine3j
tn00-alpine3k
[lb:vars]
ansible_ssh_transfer_method=piped
[worker]
tn00-ubu2004a
tn00-ubu2004b
tn00-ubu2004c
tn00-ubu2004d
# tn00-debian11
[db]
tn00-ubu2004a
tn00-ubu2004b
[webcluster:children]
lb
worker
db

1
roles.extern/selfsignedcert Submodule

@ -0,0 +1 @@
Subproject commit ac102f44afef4a6a5d384d4ed86d397009f66939

1
roles.webcluster Submodule

@ -0,0 +1 @@
Subproject commit ad984d664803b2319e669fa35ac7838a025eb310