116 lines
5.5 KiB
YAML
Executable File
116 lines
5.5 KiB
YAML
Executable File
#!/usr/bin/env ansible-playbook
|
|
---
|
|
#==============================================================#
|
|
# File : infra.yml
|
|
# Desc : init pigsty infrastructure on infra nodes
|
|
# Ctime : 2021-01-19
|
|
# Mtime : 2025-12-25
|
|
# Path : infra.yml
|
|
# Docs : https://pigsty.io/docs/infra/playbook
|
|
# License1 : Apache-2.0 @ https://pigsty.io/docs/about/license/
|
|
# License2 : Apache-2.0 for Grafana related stuff
|
|
# Copyright : 2018-2026 Ruohang Feng / Vonng (rh@vonng.com)
|
|
#==============================================================#
|
|
|
|
|
|
#--------------------------------------------------------------#
|
|
# create CA on files/pki/ca @ localhost [ca]
|
|
#--------------------------------------------------------------#
|
|
- name: CA
|
|
become: true
|
|
hosts: localhost
|
|
gather_facts: no
|
|
tags: ca
|
|
roles: [{ role: ca }]
|
|
|
|
|
|
#--------------------------------------------------------------#
|
|
# install module `INFRA` and `NODE` on infra nodes
|
|
#--------------------------------------------------------------#
|
|
- name: INFRA
|
|
become: true
|
|
hosts: infra
|
|
gather_facts: no
|
|
roles:
|
|
# id
|
|
- { role: node_id ,tags: id } # generate node & pgsql identity
|
|
# repo
|
|
- { role: repo ,tags: repo } # create local yum repo
|
|
# node-init
|
|
- { role: node ,tags: node } # prepare node for pigsty
|
|
- { role: haproxy ,tags: haproxy } # init haproxy if enabled
|
|
# infra
|
|
- { role: infra ,tags: infra } # setup infra components
|
|
# node-monitor
|
|
- { role: node_monitor ,tags: monitor } # init node exporter & vector
|
|
# insight
|
|
- { role: insight ,tags: insight } # setup insight workbench
|
|
|
|
|
|
#--------------------------------------------------------------#
|
|
# Tasks
|
|
#--------------------------------------------------------------#
|
|
# ca : create self-signed CA on localhost files/pki
|
|
# - ca_dir : create CA directory
|
|
# - ca_private : generate ca private key: files/pki/ca/ca.key
|
|
# - ca_cert : signing ca cert: files/pki/ca/ca.crt
|
|
#
|
|
# id : generate node identity
|
|
#
|
|
# repo : bootstrap a local yum repo from internet or offline packages
|
|
# - repo_dir : create repo directory
|
|
# - repo_check : check repo exists
|
|
# - repo_prepare : use existing repo if exists
|
|
# - repo_build : build repo from upstream if not exists
|
|
# - repo_upstream : handle upstream repo files in /etc/yum.repos.d
|
|
# - repo_remove : remove existing repo file if repo_remove == true
|
|
# - repo_add : add upstream repo files to /etc/yum.repos.d
|
|
# - repo_url_pkg : download packages from internet defined by repo_url_packages
|
|
# - repo_cache : make upstream yum cache with yum makecache
|
|
# - repo_boot_pkg : install bootstrap pkg such as createrepo_c,yum-utils,...
|
|
# - repo_pkg : download packages & dependencies from upstream repo
|
|
# - repo_create : create a local yum repo with createrepo_c & modifyrepo_c
|
|
# - repo_use : add newly built repo into /etc/yum.repos.d
|
|
# - repo_nginx : launch a nginx for repo if no nginx is serving
|
|
#
|
|
# node/haproxy/docker/monitor : setup infra node as a common node (check node.yml)
|
|
# - node_name, node_hosts, node_resolv, node_firewall, node_ca, node_repo, node_pkg
|
|
# - node_feature, node_kernel, node_tune, node_sysctl, node_profile, node_ulimit
|
|
# - node_data, node_admin, node_timezone, node_ntp, node_crontab, node_vip
|
|
# - haproxy_install, haproxy_config, haproxy_launch, haproxy_reload
|
|
# - docker_install, docker_admin, docker_config, docker_launch, docker_image
|
|
# - haproxy_register, node_exporter, node_register, vector
|
|
#
|
|
# infra : setup infra components
|
|
# - infra_user : create infra user & group
|
|
# - infra_dir : infra_dir_data, infra_dir_link, infra_dir_create
|
|
# - infra_env : env_patroni, env_pg, env_pgadmin, env_var
|
|
# - infra_pkg : install infra packages
|
|
# - infra_user : setup infra os user group
|
|
# - infra_cert : issue cert for infra components
|
|
# - dns : dns_config, dns_record, dns_launch
|
|
# - nginx : nginx_config, nginx_cert, nginx_static, nginx_launch, nginx_certbot, nginx_reload, nginx_exporter
|
|
# - victoria : setup victoria stack
|
|
# - vmetrics : vmetrics_clean, vmetrics_dir, vmetrics_config, vmetrics_launch, vmetrics_reload
|
|
# - vlogs : vlogs_clean, vlogs_dir, vlogs_config, vlogs_launch
|
|
# - vtraces : vtraces_clean, vtraces_dir, vtraces_config, vtraces_launch
|
|
# - vmalert : vmalert_config, vmalert_launch, vmalert_reload
|
|
# - alertmanager : alertmanager_config, alertmanager_launch
|
|
# - blackbox : blackbox_config, blackbox_launch
|
|
# - grafana : grafana_clean, grafana_config, grafana_launch, grafana_provision
|
|
# - infra_register : register infra components to victoria stack
|
|
# - add_metrics : register infra as victoria monitor targets
|
|
# - add_logs : register infra as vector logging source
|
|
# - add_ds : register infra victoria stack as grafana datasource
|
|
#--------------------------------------------------------------#
|
|
# Mixed Existing-Host Deployment
|
|
#--------------------------------------------------------------#
|
|
# Center service example:
|
|
# ./infra.yml -l us-xhttp.svc.plus \
|
|
# -e infra_domain=observability.svc.plus \
|
|
# -e 'infra_portal={\"home\":{\"domain\":\"observability.svc.plus\"}}' \
|
|
# -e caddy_enabled=true \
|
|
# -e nginx_enabled=false
|
|
#--------------------------------------------------------------#
|
|
...
|