From 8d537696dc0e044b1c9afc2c5284662d370bcf4f Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Tue, 14 Apr 2015 13:30:31 +0200 Subject: infra ca & etc tls config --- global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp index ee0966f..1874804 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp @@ -7,8 +7,8 @@ define sunet::etcd_node( sunet::docker_run { "etcd_${name}": image => 'quay.io/coreos/etcd', imagetag => $etcd_version, - volumes => ["/data/${name}/${::hostname}:/var/lib/etcd","/etc/ssl:/etc/ssl"], - command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --data-dir /var/lib/etcd --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", + volumes => ["/data/${name}/${::hostname}:/data","/etc/ssl:/etc/ssl"], + command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --data-dir /data --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", ports => ["${::ipaddress_eth1}:2380:2380"] } } -- cgit v1.1 From a014ad4df5932fca5a3221b9cb31f6ca304b248b Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Tue, 14 Apr 2015 13:35:49 +0200 Subject: no datadir --- global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp index 1874804..2b5438d 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp @@ -7,8 +7,7 @@ define sunet::etcd_node( sunet::docker_run { "etcd_${name}": image => 'quay.io/coreos/etcd', imagetag => $etcd_version, - volumes => ["/data/${name}/${::hostname}:/data","/etc/ssl:/etc/ssl"], - command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --data-dir /data --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", + command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", ports => ["${::ipaddress_eth1}:2380:2380"] } } -- cgit v1.1 From d22afe6a73cd9514d3ee83737d06a7c8302d591e Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Tue, 14 Apr 2015 13:36:25 +0200 Subject: no datadir --- global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp index 2b5438d..c4d3e78 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp @@ -7,6 +7,7 @@ define sunet::etcd_node( sunet::docker_run { "etcd_${name}": image => 'quay.io/coreos/etcd', imagetag => $etcd_version, + volumes => ["/etc/ssl:/etc/ssl"], command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", ports => ["${::ipaddress_eth1}:2380:2380"] } -- cgit v1.1 From 04d799dd38b7bb3cba2b67b71cf2e3532d1ba637 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Tue, 14 Apr 2015 13:44:00 +0200 Subject: try to mount th secret datadir --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 2 +- global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 8931d1d..f13360d 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -856,7 +856,7 @@ class webappserver { class webbackend { sunet::etcd_node {'etcd': - disco_url => 'https://discovery.etcd.io/5344f39debed977d90dd72e3a7267bf8' + disco_url => 'https://discovery.etcd.io/8e0e5ad03f32ae85bf0783cb3169099a' } class { 'webcommon': } } diff --git a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp index c4d3e78..058dadd 100644 --- a/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp +++ b/global/overlay/etc/puppet/modules/sunet/manifests/etcd_node.pp @@ -7,7 +7,7 @@ define sunet::etcd_node( sunet::docker_run { "etcd_${name}": image => 'quay.io/coreos/etcd', imagetag => $etcd_version, - volumes => ["/etc/ssl:/etc/ssl"], + volumes => ["/data/${name}/${::hostname}:/go/src/app/${::hostname}.etcd","/etc/ssl:/etc/ssl"], command => "--initial-advertise-peer-urls http://0.0.0.0:2380 --listen-peer-urls http://0.0.0.0:2380 --discovery ${disco_url} --name ${::hostname} --key-file /etc/ssl/private/${::fqdn}_infra.key --peer-key-file /etc/ssl/private/${::fqdn}_infra.key --ca-file /etc/ssl/certs/infra.crt --peer-ca-file /etc/ssl/certs/infra.crt --cert-file /etc/ssl/certs/${::fqdn}_infra.crt --peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt", ports => ["${::ipaddress_eth1}:2380:2380"] } -- cgit v1.1