1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
define sunet::etcd_node(
$disco_url = undef,
$etcd_version = 'v2.0.8',
$proxy = true
)
{
include stdlib
file { ["/data","/data/${name}","/data/${name}/${::hostname}"]: ensure => 'directory' }
$common_args = ["--discovery ${disco_url}",
"--name ${::hostname}",
"--key-file /etc/ssl/private/${::fqdn}_infra.key",
"--ca-file /etc/ssl/certs/infra.crt",
"--cert-file /etc/ssl/certs/${::fqdn}_infra.crt"]
if $proxy {
$args = $common_args + ["--proxy on","--listen-client-urls http://${::ipaddress_docker0}:2379,http://127.0.0.1:4001,http://127.0.0.1:2379"]
} else {
$args = $common_args + ["--initial-advertise-peer-urls http://${::ipaddress_eth1}:2380",
"--advertise-client-urls http://${::ipaddress_eth1}:2379",
"--listen-peer-urls http://0.0.0.0:2380",
"--listen-client-urls http://0.0.0.0:2379,http://${::ipaddress_docker0}:2379",
"--peer-key-file /etc/ssl/private/${::fqdn}_infra.key",
"--peer-ca-file /etc/ssl/certs/infra.crt",
"--peer-cert-file /etc/ssl/certs/${::fqdn}_infra.crt"]
}
sunet::docker_run { "etcd_${name}":
image => 'quay.io/coreos/etcd',
imagetag => $etcd_version,
volumes => ["/data/${name}:/var/lib/etcd","/etc/ssl:/etc/ssl"],
command => join($args," "),
ports => ["${::ipaddress_eth1}:2380:2380","${::ipaddress_eth1}:2379:2379"]
}
if !$proxy {
ufw::allow { "allow-etcd-peer":
ip => "${::ipaddress_eth1}",
port => 2380
}
ufw::allow { "allow-etcd-client":
ip => "${::ipaddress_eth1}",
port => 2379
}
}
}
|