Commit Graph

334 Commits

Author SHA1 Message Date
Kazuhiro MUSASHI a661d3cf0d Install `OpenJDK 8` for Ubuntu 22.04. 2022-07-18 22:21:35 +09:00
Kazuhiro MUSASHI f7b2c6bad1 Add `-y` option flag to `add-apt-repository`
Due to the behaviour change, need to add `-y` option for
`add-apt-repository` command to operate without human interactions.
2022-07-18 10:57:33 +09:00
Kazuhiro MUSASHI 91a0c444b5 Modify `consul-template` directories:
```
--- a/cookbooks/consul-template/setup.rb
+++ b/cookbooks/consul-template/setup.rb
@@ -1,6 +1,6 @@
 # Create `/var/log/vector`:
-%w( /etc/consul-template.d/conf /etc/consul-template.d/templates ).each do |d|
-  directory d do
+%w( conf templates tokens ).each do |d|
+  directory "/etc/consul-template.d/#{d}" do
     owner  'root'
     group  'root'
     mode   '0755'
```
2022-07-10 16:35:21 +09:00
Kazuhiro MUSASHI 956cf439ee Modify indent. 2022-07-10 16:28:49 +09:00
Kazuhiro MUSASHI 73f7ec44b7 Enable `Consul Connect` for client side. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 37d51b5ed5 Create `/etc/vault.d/agent` & `/etc/vault.d/tokens` directory.
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'

 include_recipe './install.rb'

+%w( agent tokens ).each do |d|
+  directory "/etc/vault.d/#{d}" do
+    owner 'vault'
+    group 'vault'
+    mode '0755'
+  end
+end
+
 if node['vault']['manager']
   include_recipe './setup.rb'
 end
```
2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 48702191fe Allow `Consul` gcp port to communicate.
```
--- a/cookbooks/consul/setup.rb
+++ b/cookbooks/consul/setup.rb
@@ -44,7 +44,7 @@ service 'consul' do
 end

 # iptables settings here:
-%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp ).each do |port|
+%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp 8502/tcp ).each do |port|
   execute "ufw allow #{port}" do
     user 'root'
```
2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI c15c2f3de8 Start `Consul` after `Vault` generates the jwt token.
```
--- a/cookbooks/consul/files/etc/systemd/system/consul.service
+++ b/cookbooks/consul/files/etc/systemd/system/consul.service
@@ -2,7 +2,7 @@
 Description="HashiCorp Consul - A service mesh solution"
 Documentation=https://www.consul.io/
 Requires=network-online.target
-After=network-online.target
+After=network-online.target vault-agent-consul-jwt.target
 ConditionFileNotEmpty=/etc/consul.d/consul.hcl

 [Service]
```
2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 94489f71d5 Modify `consul.hcl` template to support `Consul Connect`. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 43fbbe1f18 Support `Ubuntu 22.04`. 2022-07-10 14:32:35 +09:00
Kazuhiro MUSASHI ba7d01f16d Modify the logic to decide the download URL. 2022-07-03 21:36:19 +09:00
Kazuhiro MUSASHI 8f09026fed Modify Github repository URI from `git` to `https`. 2022-07-03 21:29:46 +09:00
Kazuhiro MUSASHI 4455fe6b62 Deploy `/etc/logrotate.d/vault`. 2022-07-02 11:40:31 +00:00
Kazuhiro MUSASHI 4a57c21614 Deploy example `Consul Connect` job. 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI ef40d3dc01 Create /etc/nomad.d/jobs 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI 9a5a78d657 Deploy `/etc/nomad.d/policies/anonymous.hcl`. 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI ce7a80db7a Create `/etc/nomad.d/policies/` directory. 2022-03-14 23:17:44 +09:00
Kazuhiro MUSASHI a882f52b3f Delete `shared_dir.rb`. 2022-03-14 23:17:32 +09:00
Kazuhiro MUSASHI 64066ab78f Add `consul` stanza. 2022-03-14 23:17:12 +09:00
Kazuhiro MUSASHI 3bd4973c90 Deploy `Vault` policies. 2022-03-13 21:48:27 +09:00
Kazuhiro MUSASHI cf79f30c4d Create `/etc/vault.d/policies/`. 2022-03-13 21:46:00 +09:00
Kazuhiro MUSASHI da78e76d19 Deploy `/etc/vault.d/vault.hcl`. 2022-03-13 21:45:36 +09:00
Kazuhiro MUSASHI 7681522b6b Specify the default `Vault` managers.
```
--- a/cookbooks/vault/attributes.rb
+++ b/cookbooks/vault/attributes.rb
@@ -21,5 +21,6 @@ node.reverse_merge!({
     'manager' => false,
     'ipaddr' => ipaddr,
     'hostname' => hostname,
+    'ips' => ['192.168.10.141', '192.168.10.142', '192.168.10.143'],
   }
 })
```
2022-03-13 21:45:17 +09:00
Kazuhiro MUSASHI 67fab4951a Retrieve hostname. 2022-03-13 21:45:01 +09:00
Kazuhiro MUSASHI 6fa35a923b Retrieve IP address. 2022-03-13 21:44:18 +09:00
Kazuhiro MUSASHI a917563b06 Conduct setup procedures, when explicitly requested. 2022-03-13 21:43:52 +09:00
Kazuhiro MUSASHI 28e3f21141 Install `Vault`. 2022-03-12 11:59:44 +00:00
Kazuhiro MUSASHI 2bec4d88f3 Do not deploy `docker-registry.hcl`. 2022-01-14 23:52:59 +09:00
Kazuhiro MUSASHI 8c712e6ffa Delete `/etc/nomad.d/datadir.hcl`. 2022-01-14 23:52:59 +09:00
Kazuhiro MUSASHI 5e176ff230 Modify `/etc/nomad.d/client.hcl`:
```
--- a/cookbooks/nomad/files/etc/nomad.d/client.hcl
+++ b/cookbooks/nomad/files/etc/nomad.d/client.hcl
@@ -1,13 +1,3 @@
-# /etc/nomad.d/server.hcl
-
 client {
-  enabled          = true
-}
-
-plugin "docker" {
-  config {
-    volumes {
-      enabled = true
-    }
-  }
+  enabled        = true
 }
```
2022-01-14 23:52:58 +09:00
Kazuhiro MUSASHI 935f773bca Deploy `csi` settings. 2022-01-14 23:52:58 +09:00
Kazuhiro MUSASHI de06f5575c Add `logrotated` config for `nomad` log files.
```
--- /dev/null
+++ b/cookbooks/nomad/files/etc/logrotate.d/nomad
@@ -0,0 +1,13 @@
+/var/log/nomad.log
+{
+        rotate 4
+        weekly
+        missingok
+        notifempty
+        compress
+        delaycompress
+        sharedscripts
+        postrotate
+                /usr/lib/rsyslog/rsyslog-rotate
+        endscript
+}
```
2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI dffb57e2fc Add `rsyslog` config for `nomad`. 2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI 9e6b05fbab Specify `Loki` endpoint.
```
--- a/cookbooks/nomad/attributes.rb
+++ b/cookbooks/nomad/attributes.rb
@@ -4,6 +4,7 @@
 node.reverse_merge!({
   'nomad' => {
     'manager' => false,
-    'client' => false
+    'client' => false,
+    'lokiendpoint' => 'loki.service.consul:3100'
   }
 })
```
2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI d824d6afc8 Add `systemd` config for `Promtail` monitoring `nomad`. 2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI a7363ef7b1 Add `Promtail` setting for `nomad`. 2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI 0d8b8f50a0 Add `embulk` plugins:
- `output-postgresql`
- `input-mysql`
- `filter-gsub`
2022-01-10 15:03:37 +09:00
Kazuhiro MUSASHI 96ba6e7757 Modify # of `nomad` servers:
```
--- a/cookbooks/nomad/files/etc/nomad.d/server.hcl
+++ b/cookbooks/nomad/files/etc/nomad.d/server.hcl
@@ -1,4 +1,4 @@
 server {
   enabled          = true
-  bootstrap_expect = 1
+  bootstrap_expect = 3
 }
```
2021-11-03 12:39:44 +09:00
Kazuhiro MUSASHI 9eddfaf514 Execute `modprobe` for the necessary kernel parameer. 2021-11-03 12:36:33 +09:00
Kazuhiro MUSASHI 3d981799b6 Stop `vector` service. 2021-11-03 12:33:02 +09:00
Kazuhiro MUSASHI a81dc16e90 Add template for the apt source. 2021-11-03 12:32:32 +09:00
Kazuhiro MUSASHI 93064a94d4 Use `.deb` package to install `vector`. 2021-11-03 12:31:31 +09:00
Kazuhiro MUSASHI e113a42ade Modify `syslog.toml` to directly sending logs to `Loki`. 2021-10-22 15:19:44 +09:00
Kazuhiro MUSASHI a87e94d4ee Change `vector` download URL.
```
diff --git a/cookbooks/vector/attributes.rb b/cookbooks/vector/attributes.rb
index c41aaf0..e48f7ef 100644
--- a/cookbooks/vector/attributes.rb
+++ b/cookbooks/vector/attributes.rb
@@ -16,7 +16,7 @@ ipaddr = run_command(cmd).stdout.chomp

 node.reverse_merge!({
   'vector' => {
-    'url' => 'https://github.com/timberio/vector/releases/download/',
+    'url' => 'https://github.com/vectordotdev/vector/releases/download/',
     'ipaddr' => ipaddr,
     'debPrefix' => 'vector-',
     'debPostfix' => '-amd64.deb'
```

```
diff --git a/cookbooks/vector/install.rb b/cookbooks/vector/install.rb
index 3def346..389ee76 100644
--- a/cookbooks/vector/install.rb
+++ b/cookbooks/vector/install.rb
@@ -8,7 +8,8 @@ vtag       = ''
 begin
   require 'net/http'

-  uri = URI.parse('https://github.com/timberio/vector/releases/latest')
+
+  uri = URI.parse('https://github.com/vectordotdev/vector/releases/latest')

   Timeout.timeout(3) do
     response = Net::HTTP.get_response(uri)
```
2021-09-23 19:19:38 +09:00
Kazuhiro MUSASHI a0fef35f2f Toggle `nginx` setup behavior. 2021-09-23 19:17:57 +09:00
Kazuhiro MUSASHI 5af9b0b416 Bump `nginx` version. 2021-09-23 19:12:45 +09:00
Kazuhiro MUSASHI 0d607fb1e9 Modify the path to the `Moments` directory. 2021-08-13 11:19:39 +09:00
Kazuhiro MUSASHI 5b4bcc8b81 Deploy the `mc` config file. 2021-06-19 20:29:44 +09:00
Kazuhiro MUSASHI d69cb345af Install `mc` for `root` user. 2021-06-19 20:27:20 +09:00
Kazuhiro MUSASHI 386d169530 Change `mount` behavior. 2021-06-19 20:20:15 +09:00
Kazuhiro MUSASHI 21f9bb8237 Install plugins for root 2021-06-19 20:19:42 +09:00
Kazuhiro MUSASHI 8d335a7bae temp 2021-06-19 20:19:42 +09:00
Kazuhiro MUSASHI 00813e9f17 Overwrite `/usr/local/bin/embulk`. 2021-06-19 20:19:42 +09:00
Kazuhiro MUSASHI 8dadc5e2fd Change the download URL. 2021-06-19 20:19:42 +09:00
Kazuhiro MUSASHI 2ac28d295f Modify `/home/kazu634/.ssh/config` to connect to `gitea.kazu634.com`. 2021-06-19 20:06:35 +09:00
Kazuhiro MUSASHI cb368a1445 Deploy `/etc/nomad.d/acl.hcl`. 2021-06-19 19:56:45 +09:00
Kazuhiro MUSASHI 531dde8bff Deploy `/etc/nomad.d/server.hcl`. 2021-06-19 19:56:45 +09:00
Kazuhiro MUSASHI bd4f65dcf5 Change the default config to install `nomad` only. 2021-06-19 19:56:45 +09:00
Kazuhiro MUSASHI d5060f84f4 Install `nomad` even if the node is not `nomad` server/client. 2021-06-19 19:55:17 +09:00
Kazuhiro MUSASHI 3d7c8e2044 Unmonitor k8s. 2021-05-05 11:47:03 +09:00
Kazuhiro MUSASHI 2bc0b23eef Bump `nginx` version. 2021-05-04 11:49:03 +09:00
Kazuhiro MUSASHI bd359d8ec6 Modify the nginx deployment. 2021-05-04 11:36:52 +09:00
Kazuhiro MUSASHI ff39013b2c Install `alertmanager-webhook`. 2021-05-02 19:20:39 +09:00
Kazuhiro MUSASHI 2bcbc2f396 Modify the extention to `.zip`. 2021-05-02 19:19:38 +09:00
Kazuhiro MUSASHI b87bdc899a Delete the unnecessary attributes. 2021-05-02 19:19:00 +09:00
Kazuhiro MUSASHI 2cf998e0d7 Bump `embulk` version. 2021-05-02 19:14:31 +09:00
Kazuhiro MUSASHI 1701922c91 Execute deploy scripts for `nginx`. 2021-05-02 19:08:30 +09:00
Kazuhiro MUSASHI f55682e5c3 Modify `nginx` deploy settings. 2021-05-02 19:08:30 +09:00
Kazuhiro MUSASHI 2eed57822c Deploy `consul-template`. 2021-05-02 19:08:17 +09:00
Kazuhiro MUSASHI 010a53a58b Deploy `nomad`. 2021-05-02 19:08:17 +09:00
Kazuhiro MUSASHI 70c90a18e2 Ensure to satisfy the prerequisites. 2021-05-02 19:07:36 +09:00
Kazuhiro MUSASHI 962307289b Always make `/var/log/vector` directory. 2020-12-13 14:08:36 +09:00
Kazuhiro MUSASHI a45572e521 Deploy `systemd` config for `vector-docker`. 2020-12-13 14:08:36 +09:00
Kazuhiro MUSASHI cc9ce1806e Deploy `vector` config for `Docker` logs. 2020-12-13 14:08:36 +09:00
Kazuhiro MUSASHI f78ba5f134 Ignore "libcontainer container" message. 2020-12-10 15:52:48 +09:00
Kazuhiro MUSASHI 529d9adb7c Specify the YYYY-MM-DD more explicitly. 2020-12-06 12:28:56 +09:00
Kazuhiro MUSASHI 6d19ebf31b Ignore `rclone` error messages. 2020-12-06 12:28:23 +09:00
Kazuhiro MUSASHI 660420b10b Ignore `consul` message from `syslog`. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI 7c9e1ed48c Ignore "tmp-sanity" message. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI 90bfae99c9 Ignore "libcontainer container" message. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI 935b2e1732 Consolidate the `drop` stanzas. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI 8497937786 Ignore "Last log rotation time" message. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI 6822c916e6 Ignore "Calculated write I/O size" message. 2020-12-06 12:27:06 +09:00
Kazuhiro MUSASHI bd1571e11c Because of the download URL change, modify the formula to generate URL. 2020-12-06 12:04:40 +09:00
Kazuhiro MUSASHI 1b52f65c91 Because of the download URL change, modify attiributes. 2020-12-06 12:04:10 +09:00
Kazuhiro MUSASHI bb93ae33f4 Change how to install `rclone` to guarantee idempotency. 2020-12-06 11:56:32 +09:00
Kazuhiro MUSASHI 797c0d50f4 `apt` keyの指定方法を修正 2020-12-06 11:51:56 +09:00
Kazuhiro MUSASHI de2aab1bb8 Change the `consul` server IP addresses. 2020-11-28 16:19:00 +09:00
Kazuhiro MUSASHI ccaaa81cb4 Modify owner and group for `consul` config from `root` to `consul`. 2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI 0d9e65359a Modify `promtail` config for `consul`. 2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI 9af4fa19a6 Reload `consul` when deploying service config. 2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI 7270023c92 Overwrite the `systemd` config to rotate the log files. 2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI 0e6c2ad531 Create log directory for `consul`. 2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI 41f25a9a1c Deploy `/etc/consul.d/config.hcl`. 2020-11-28 16:16:52 +09:00
Kazuhiro MUSASHI 39f8fc5bc1 Install from `deb` package. 2020-11-28 16:07:12 +09:00
Kazuhiro MUSASHI 5ee2a54599 Specify the `database.maximumPoolSize`. 2020-11-22 02:21:16 +09:00
Kazuhiro MUSASHI 2073c93d0c Modify mount point setting. 2020-11-21 18:11:25 +09:00
Kazuhiro MUSASHI 999d111470 Deploy the `rclone` config to `kazu634` and `root`. 2020-11-14 16:39:15 +09:00
Kazuhiro MUSASHI f442ed4e7a Set up `rclone`. 2020-11-14 16:39:15 +09:00
Kazuhiro MUSASHI 6330f1e9b0 Install `rclone`. 2020-11-14 16:39:15 +09:00