feat(consul): added consul vms, changed rocky linux template

01_template/kickstart/kickstart.cfg

@@ -52,6 +52,9 @@ nfs-utils
 autofs 
 policycoreutils-python-utils 
 python3-policycoreutils.noarch
+strace
+tcpdump
+curl
 %end
 
 # Post install
@@ -68,6 +71,9 @@ restorecon -R /root/.ssh/
 
 systemctl enable sshd.service
 
+# sed -iE 's/wheel:x:10:/wheel:x:10:veldrane/g' /etc/group
+sed -E 's/(\#auth)(\s+sufficient\s+pam_wheel.so)/auth\2/g' -i /etc/pam.d/su
+
 yum upgrade -y
 %end
 

01_template/kickstart/rocky9-template.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-KICKSTART="/root/lab-new-ocp4/01_template/kickstart/kickstart.cfg"
+KICKSTART="/root/lab/01_template/kickstart/kickstart.cfg"
 
 mkdir -p /data/vms/rocky9
 

01_template/make-template.sh

@@ -1,6 +1,6 @@
 virt-clone --original rocky9 --name basevm -f /data/vms/templates/basevm.qcow2 
 w=$(virt-sysprep --list-operations | egrep -v 'fs-uuids|lvm-uuids|ssh-userdir|ssh-hostkeys|bash-history' | awk '{ printf "%s,", $1}' | sed 's/,$//')
 virt-sysprep -d basevm --hostname basevm --enable $w
-#cp /data/vms/basevm.qcow2 /data/templates/basevm.qcow2
+cp /data/vms/basevm.qcow2 /data/templates/basevm.qcow2
 #virsh dumpxml basevm > /data/vms/templates/basevm.xml
 virsh undefine basevm

09_apigw/consul/ansible/01_prepare_nodes.yaml

@@ -0,0 +1 @@
+../../../99_newhost/ansible/01_prepare_nodes.yaml

09_apigw/consul/ansible/02_install_consul.yaml

@@ -0,0 +1,45 @@
+---
+- hosts: localhost
+  become: true
+  gather_facts: no
+  tasks:
+
+  - name: Set variables
+    include: include/_setup_vars.yaml
+
+  - name: Create snapshot for the host
+    shell: virsh snapshot-create-as --domain {{ fqdn }} --name "before Consul installation"
+    ignore_errors: yes
+
+  - name: "Create ansible group for new hosts"
+    add_host: name="{{ ip }}" groups=newhost
+
+
+- hosts: newhost
+  become: true
+  gather_facts: no
+  tasks:
+
+
+  - name: Set variables
+    include: include/_setup_vars.yaml
+
+  - name: Install yum utils
+    shell: yum install -y yum-utils
+
+  - name: Add hashicorp repo
+    shell: yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
+
+  - name: Install consul and envoy
+    shell: yum install -y consul hashicorp-envoy
+
+  - name: Copy consul bootstrap file
+    copy: 
+      src: include/consul.hcl
+      dest: /etc/consul.d/consul.hcl
+
+  - name: Enable consul agent and start it
+    shell: systemctl enable consul ; systemctl start consul
+
+  - name: Add ui port
+    shell: firewall-cmd --add-port=8080/tcp --permanent ; firewall-cmd --reload

09_apigw/consul/ansible/include/_setup_vars.yaml

@@ -0,0 +1,37 @@
+- name: Set global variables
+  set_fact:
+    virbr: "8"
+    netsuffix: "254" 
+    hostname: "apigw"
+    domain: "lab.syscallx86.com"
+    mem: "2G"
+    ipaserver: "freeipa.lab.syscallx86.com"
+    nfsserver: "nfsnode.lab.syscallx86.com"
+    home_export: "/nfsvg/home"
+    ipaip: "10.1.8.10"
+    ldapbase: "dc=lab,dc=local"
+    svcadmin: "admin"
+    adminpwd: "admin123"
+    template: "basevm"
+    template_dir: "/data/templates"
+    vms_dir: "/data/vms"
+    rootvg_size: 30
+
+
+- name: Set ip
+  set_fact:
+    ip: "10.1.{{ virbr  }}.{{ netsuffix }}"
+
+
+
+- name: Set FQDN
+  set_fact:
+    fqdn: "{{ hostname }}.{{ domain }}"
+
+- name: Set REALM
+  set_fact: 
+    realm: "{{ domain|upper }}"
+
+- name: Set disksize
+  set_fact: 
+    disksize: "30"

09_apigw/consul/ansible/include/consul.hcl

@@ -0,0 +1,6 @@
+data_dir = "/opt/consul"
+client_addr = "0.0.0.0"
+retry_join = ["10.1.8.26"]  # Adresa vašeho Consul serveru
+enable_central_service_config = true
+encrypt = "5idcXNSN1IESUpVGNBVsqDfEMc0HbX5hDa3I5ld5uMg="
+datacenter = "primary"

20_application/include/_setup_vars.yaml

@@ -1,8 +1,8 @@
 - name: Set global variables
   set_fact:
     virbr: "8"
-    netsuffix: "41" 
-    hostname: "api01"
+    netsuffix: "42" 
+    hostname: "api02"
     domain: "lab.syscallx86.com"
     mem: "2G"
     ipaserver: "freeipa.lab.syscallx86.com"