consul

pre-commit.ci status main semantic-release: angular

Ansible role Consul

An Ansible role to deploy Hashicorp Consul on supported platforms, following the Datacenter deploy guide. This role is intended to provision a base image configured to provision the Consul security assets (gossip key and CA) from a secure storage in a Vault instance.

Using this role you can provision an image for a server and agent respectively, and then use those images to launch instances to bootstrap the cluster and auto join nodes.

Features

This role provisions:

  1. Consul itself, agent and server mode
  2. Other necessary tools (consul-template, vault)
  3. Consul TLS and gossip secrets read from Vault

The role is designed to use vault agent to template the consul configuration files.

There is experimental support for joining wifi networks.

Requirements

This role requires a working Vault instance with TLS secrets and gossip keys in a given path. Machines are configured to authenticate to Vault with an Approle Role ID.

This role can be applied to virtual machines, physical machines and docker containers. Support for OCI containers will come as soon as I can figure out a reliable way of detecting whether we are in an arbitrary kind of container.

Role Variables

See defaults/main.yml for default variables.

Dependencies

No dependencies on other roles.

Example Playbook

For an example playbook see .github/build/playbook.yml. An example Packer template which builds the images is in .github/build/consul.pkr.hcl.

License

MIT

Author Information

@brucellino brucellino@proton.me

About

Ansible role template

Install
ansible-galaxy install brucellino/ansible-role-consul
GitHub repository
License
Unknown
Downloads
1054
Owner
ex physicist. Infrastructure guy. Skeptic. African. Islander. dad.