X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=fdio.infra.ansible%2Froles%2Fnomad%2Ftasks%2Fmain.yaml;h=8d58c8bb0eb043bef1000875611cc0f1d9554f8b;hb=HEAD;hp=54e80513b83ed06f68e854204dedec49b46b872c;hpb=df5672b3d9c29b51397f4770eb992c9f3f3955ce;p=csit.git

diff --git a/fdio.infra.ansible/roles/nomad/tasks/main.yaml b/fdio.infra.ansible/roles/nomad/tasks/main.yaml
index 54e80513b8..72b78458f8 100644
--- a/fdio.infra.ansible/roles/nomad/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/nomad/tasks/main.yaml
@@ -1,68 +1,68 @@
 ---
-# file: roles/nomad/tasks/main.yaml
+# file: tasks/main.yaml
 
-- name: Inst - Update Package Cache (APT)
-  apt:
-    update_cache: yes
-    cache_valid_time: 3600
+- name: Update Repositories Cache
+  ansible.builtin.apt:
+    update_cache: true
   when:
-    - ansible_distribution|lower == 'ubuntu'
+    - ansible_os_family == 'Debian'
   tags:
-    - nomad-inst-prerequisites
+    - nomad-inst-package
 
-- name: Inst - Prerequisites
-  package:
+- name: Dependencies
+  ansible.builtin.apt:
     name: "{{ packages | flatten(levels=1) }}"
-    state: latest
+    state: "present"
+    cache_valid_time: 3600
+    install_recommends: false
+  when:
+    - ansible_os_family == 'Debian'
   tags:
-    - nomad-inst-prerequisites
+    - nomad-inst-dependencies
 
-- name: Conf - Add Nomad Group
-  group:
+- name: Add Nomad Group
+  ansible.builtin.group:
     name: "{{ nomad_group }}"
-    state: "{{ nomad_group_state }}"
-  when:
-    - nomad_manage_group | bool
+    state: "present"
   tags:
     - nomad-conf-user
 
-- name: Conf - Add Nomad user
-  user:
+- name: Add Nomad user
+  ansible.builtin.user:
     name: "{{ nomad_user }}"
     group: "{{ nomad_group }}"
-    groups: "{{ nomad_user_groups }}"
-    state: "{{ nomad_user_state }}"
+    state: "present"
     system: true
-  when:
-    - nomad_manage_user | bool
   tags:
     - nomad-conf-user
 
-- name: Inst - Clean Nomad
-  file:
-    path: "{{ nomad_inst_dir }}/nomad"
-    state: "absent"
+- name: Download Nomad
+  ansible.builtin.get_url:
+    url: "{{ nomad_zip_url }}"
+    dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
+    mode: 0644
   tags:
     - nomad-inst-package
 
-- name: Inst - Download Nomad
-  get_url:
-    url: "{{ nomad_zip_url }}"
-    dest: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
+- name: Clean Nomad
+  ansible.builtin.file:
+    path: "{{ nomad_inst_dir }}/nomad"
+    state: "absent"
+  when:
+    - nomad_force_update | bool
   tags:
     - nomad-inst-package
 
-- name: Inst - Unarchive Nomad
-  unarchive:
+- name: Unarchive Nomad
+  ansible.builtin.unarchive:
     src: "{{ nomad_inst_dir }}/{{ nomad_pkg }}"
     dest: "{{ nomad_inst_dir }}/"
-    creates: "{{ nomad_inst_dir }}/nomad"
     remote_src: true
   tags:
     - nomad-inst-package
 
-- name: Inst - Nomad
-  copy:
+- name: Nomad
+  ansible.builtin.copy:
     src: "{{ nomad_inst_dir }}/nomad"
     dest: "{{ nomad_bin_dir }}"
     owner: "{{ nomad_user }}"
@@ -73,102 +73,40 @@
   tags:
     - nomad-inst-package
 
-- name: Conf - Create Directories "{{ nomad_data_dir }}"
-  file:
-    dest: "{{ nomad_data_dir }}"
-    state: directory
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-  tags:
-    - nomad-conf
-
-- name: Conf - Create Directories "{{ nomad_ssl_dir }}"
-  file:
-    dest: "{{ nomad_ssl_dir }}"
-    state: directory
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-  tags:
-    - nomad-conf
-
-- name: Conf - Create Config Directory
-  file:
-    dest: "{{ nomad_config_dir }}"
-    state: directory
+- name: Create Directories
+  ansible.builtin.file:
+    dest: "{{ item }}"
+    state: "directory"
     owner: "{{ nomad_user }}"
     group: "{{ nomad_group }}"
     mode: 0755
+  with_items:
+    - "{{ nomad_data_dir }}"
+    - "{{ nomad_config_dir }}"
+    - "{{ nomad_ssl_dir }}"
   tags:
     - nomad-conf
 
-- name: Conf - Base Configuration
-  template:
-    src: base.hcl.j2
-    dest: "{{ nomad_config_dir }}/base.hcl"
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-    mode: 0644
-  tags:
-    - nomad-conf
-
-- name: Conf - Server Configuration
-  template:
-    src: server.hcl.j2
-    dest: "{{ nomad_config_dir }}/server.hcl"
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-    mode: 0644
-  when:
-    - nomad_node_server | bool
-  tags:
-    - nomad-conf
-
-- name: Conf - Client Configuration
-  template:
-    src: client.hcl.j2
-    dest: "{{ nomad_config_dir }}/client.hcl"
+- name: Base Configuration
+  ansible.builtin.template:
+    src: "{{ item }}.hcl.j2"
+    dest: "{{ nomad_config_dir }}/{{ item }}.hcl"
     owner: "{{ nomad_user }}"
     group: "{{ nomad_group }}"
     mode: 0644
-  when:
-    - nomad_node_client | bool
-  tags:
-    - nomad-conf
-
-- name: Conf - TLS Configuration
-  template:
-    src: tls.hcl.j2
-    dest: "{{ nomad_config_dir }}/tls.hcl"
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-    mode: 0644
-  tags:
-    - nomad-conf
-
-- name: Conf - Telemetry Configuration
-  template:
-    src: telemetry.hcl.j2
-    dest: "{{ nomad_config_dir }}/telemetry.hcl"
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-    mode: 0644
-  tags:
-    - nomad-conf
-
-- name: Conf - Custom Configuration
-  template:
-    src: custom.json.j2
-    dest: "{{ nomad_config_dir }}/custom.json"
-    owner: "{{ nomad_user }}"
-    group: "{{ nomad_group }}"
-    mode: 0644
-  when:
-    - nomad_config_custom is defined
+  with_items:
+    - "base"
+    - "consul"
+    - "client"
+    - "server"
+    - "telemetry"
+    - "tls"
+    - "vault"
   tags:
     - nomad-conf
 
 - name: Conf - Copy Certificates And Keys
-  copy:
+  ansible.builtin.copy:
     content: "{{ item.src }}"
     dest: "{{ item.dest }}"
     owner: "{{ nomad_user }}"
@@ -176,17 +114,38 @@
     mode: 0600
   no_log: true
   loop: "{{ nomad_certificates | flatten(levels=1) }}"
+  when:
+    - nomad_certificates is defined
+  tags:
+    - nomad-conf
+
+- name: Nomad CLI Environment Variables
+  ansible.builtin.lineinfile:
+    path: "/etc/profile.d/nomad.sh"
+    line: "{{ item }}"
+    mode: 0644
+    create: true
+  loop:
+    - "export NOMAD_ADDR=https://nomad-server.service.consul:4646"
+    - "export NOMAD_CACERT={{ nomad_tls_ca_file }}"
+    - "export NOMAD_CLIENT_CERT={{ nomad_tls_cli_cert_file }}"
+    - "export NOMAD_CLIENT_KEY={{ nomad_tls_cli_key_file }}"
   tags:
     - nomad-conf
 
-- name: Conf - System.d Script
-  template:
+- name: System.d Script
+  ansible.builtin.template:
     src: "nomad_systemd.service.j2"
     dest: "/lib/systemd/system/nomad.service"
     owner: "root"
     group: "root"
     mode: 0644
-#  notify:
-#    - "Restart Nomad"
+  notify:
+    - "Restart Nomad"
+  when:
+    - nomad_service_mgr == "systemd"
   tags:
     - nomad-conf
+
+- name: Meta - Flush handlers
+  ansible.builtin.meta: flush_handlers