|
|
|
---
|
|
|
|
- name: Create debian containers for swarm
|
|
|
|
lxc_container:
|
|
|
|
name: "{{ item }}"
|
|
|
|
container_log: true
|
|
|
|
template: debian
|
|
|
|
state: stopped
|
|
|
|
fs_size: 2G
|
|
|
|
template_options: --release stretch -a amd64
|
|
|
|
container_command: |
|
|
|
|
if [ ! -d ~/.ssh ]; then
|
|
|
|
mkdir /root/.ssh
|
|
|
|
echo "{{ lookup('file', my_ssh_key) }}" | tee -a /root/.ssh/authorized_keys
|
|
|
|
systemctl restart sshd
|
|
|
|
fi
|
|
|
|
with_items:
|
|
|
|
- "worker1"
|
|
|
|
- "worker2"
|
|
|
|
when: inventory_hostname in groups['manager']
|
|
|
|
|
|
|
|
- name: Pause execution for 20 seconds
|
|
|
|
pause:
|
|
|
|
seconds: 20
|
|
|
|
|
|
|
|
- name: Start lxc containers
|
|
|
|
shell: lxc-start --name {{ item }}
|
|
|
|
with_items:
|
|
|
|
- "worker1"
|
|
|
|
- "worker2"
|
|
|
|
when: inventory_hostname in groups['manager']
|
|
|
|
|
|
|
|
- name: Remove old container identification keys
|
|
|
|
shell: ssh-keygen -f /root/.ssh/known_hosts -R {{ item }}
|
|
|
|
with_items:
|
|
|
|
- "10.0.3.100"
|
|
|
|
- "10.0.3.101"
|
|
|
|
when: inventory_hostname in groups['manager']
|
|
|
|
|
|
|
|
- name: Ensure container key is up-to-date locally
|
|
|
|
shell: ssh-keyscan -T 15 {{ item }} >> /root/.ssh/known_hosts
|
|
|
|
with_items:
|
|
|
|
- "10.0.3.100"
|
|
|
|
- "10.0.3.101"
|
|
|
|
when: inventory_hostname in groups['manager']
|
|
|
|
|
|
|
|
- name: Install python on LXC container
|
|
|
|
raw: which python || (apt-get -y update && apt-get install -y python)
|
|
|
|
when: inventory_hostname in groups['workers']
|
|
|
|
|
|
|
|
- name: Allow container network communication with host via linux bridge
|
|
|
|
ufw:
|
|
|
|
rule: allow
|
|
|
|
interface: lxcbr0
|
|
|
|
direction: in
|
|
|
|
from_ip: "10.0.3.0/24"
|
|
|
|
when: inventory_hostname in groups['manager']
|
|
|
|
|
|
|
|
- name: Enable LXC inter-container communication
|
|
|
|
shell: ifconfig eth0 hw ether 00:00:03:12:22:11
|
|
|
|
when: inventory_hostname in groups['workers'][1]
|