Code Review / csit.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
feat(infra): Update ssh keys
[csit.git] / fdio.infra.ansible / inventories / lf_inventory / host_vars / 10.30.51.25.yaml
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
index d6d6c2d..da94f3a 100644 (file)
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.25.yaml
@@ -1,8 +1,8 @@
 ---
 # file: host_vars/10.30.51.25.yaml
 
-hostname: "s44-nomad"
-inventory_cimc_hostname: "10.30.50.25"
+hostname: "s25-nomad"
+inventory_ipmi_hostname: "10.30.50.25"
 
 # User management.
 users:
@@ -10,7 +10,7 @@ users:
     groups: [adm, sudo]
     password: "$6$FIsbVDQR$5D0wgufOd2FtnmOiRNsGlgg6Loh.0x3dWSj72DSQnqisSyE9DROfgSgA6s0yxDwz4Jd5SRTXiTKuRYuSQ5POI1"
     ssh_key:
-      - "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgObJFDIMmPwQhhkjAynvlbwpM5yeSewyaE7vTLaFf4uFz4vmsE2hFf6B2xXHUGLVwoVfk91UeK7LOGrdDpoDDHzvPZXj5NmZI+WiWax5y2pQZNkcSZws0ENCeEc4hPwc4veJ1JmhokF4Bsmu14HyFMaFUhM8897jtJwsh+9fLA/no0iPGaQqEtRUQhkV+P4jCEPoY0qdRZAzVw/rY4EGAMhsJe3EJmyj63OfrrkG3+hvSLFo5pDxHQr3pZd/c6ukI7xMef48PosAvGCm3oxzb/Gu9PZIGuHLczY+tCnzCkY7MO7E+IWgjXrUAfYwSWz8XmFmA9LLe26DT5jkcK8hGQ== pmikus@cisco.com"
+      - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ5KJyLPM5yJAVLwhEwiTEZD5LkY7FEPOoyJplVMQu5/oIp+KtFr4/RrFEpJwlzuE3um+Hn9+4KZJiQvVJBEp/ZYeGMXJDw0oHlubtI/0AEdolM5TvYNzCASHulRfg2JdCGAeCG5W7vkPQmJjwtQFNw3ISGKKHgJBGipqUjDyuZPi24RI0YBfqtr/GDA0e9dZwkqI+F5yxVi9vXG68bpMkxpeC4Zlxe2DmXAEp787LYSlF+HoELPW3AAWnuQ3j1R2tImM/S9jlxfb9Uy7KlX9epkGV2/caS2EiLszT7604LrSZy4soko1CgtX1LJ3Qobz9OppkJQ+tiBU8C0oz8Z5CXnQ/GYmFt9SBDHneB1ZOtIcoV8HTQVLKCse/VXogQogdG8xOis6F+R3OAJQUF7w3ujIBCXv8ghVcynvzaGB1kxZtwceEqtIXSFdve6T2onyM0722aQ93MiXPv+IA5qpkpSN3JS0KFGxKalTdFz9+lx/agV4JVOrVxEASfok3hbNzEm/4DwUyvgf2vbHlfYQdjHg2mBmYnN3iY/ccU906Tt/TlIp25+FIIbTiLn/nt3NLLPPEZJbJDkEJ5tgJ7XLfJ9ByCfZoOIMdSPF/swDXafTcA5mJ4AKFS0HJf9wBvbgkmD2OttOAvL8k2mqsb7MiMurbXm7Ko/D+nEX+oxkKZQ== peter.mikus@protonmail.ch"
       - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCG7Shfr7ASXXwpazYDGFzChGl7i4HgY9n81GTwc17B/O19IiJdrxFcBQH19HMuTFtWU4d9bQ6xgzz2pojBN13L3pEsStCHovDlEYbvfRxI2l2hcAAop1j1E4izHAS9IvCoy1AgWqBg6tsfP5mzOwGbSbcdI9ADRKIHgDTVbHg9SqKed27bNOLU0u3/5ra2Oar/tVIW37geEqFV/nHIBZ03Y/mszvXP/t/hP5bgJIGJKkzTjLd1aqEcuGmubW+wTQnVnrhFB87dw91gPj6BVyV0+7Vt1wrvPKqP2sGJhojAMSrBQBySnlrYgEg00bwDgNGFevatfG9+nTId+nhoKBkXya3MjSp4HwrGqGcij3/h7ovlau3/iRhkqlSeqenaNm4zKTAXRTnb60j2WKa6im0zdqJX98anp4mhjE8xHhmmfZV3vRT8mtY4hF/lg79miXFHpWH97bZV6r/D9qj1HWI/laJfOC5MOJdRcLETwtsUNMHeHtVnY3yu0XFYNcl2Xwajtnz3waF7vn1QHvAM9p878+JrO/IEUqEc0yZWVvlhZ7Krx1pS+APoMy8097MYDGFzFTkYSstKLGbgm/S7dEiWuSVxmMUxW7JYO3gHrQ3f1EvAYh2UFdWy76Dzr5II9UpVwOwF+HL/Oy8Sk77bPaK+tn7Kh4Tx7WWE0+EOAgElQ== ayourtch@ayourtch-lnx"
       - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXUbbhesOpvPF+KI8nq4TXvEO/Un1aU/ehZ9clCyw9C40xjDkX2BlcX8WeHxFHe7fjFaCd07Vg73rn/3M9uNDnDxvjH1GQ0twvi3iBTO4PkHBBfGF9qnE8MYzno6FvlsVKLuUuPbfm8kbOQ+ZDfdXq6gdtXh0hSYYkqC1heNPCNsqaakkB99Edyle+Ot0V7cpW+Yo2wo98KuX/cgUEhVoA8QnNVE7zaWcjSXBZEteoA4gLpAbV6p67/d6H/2ykHTidBViYTEsHco56tJoA4nTPuAupDOLBcWXgF5TAN6z1aCn2JA1DDfniLakgrZ5oVj2qHhUmbxQAtnKQfHADjqzV jlinkes@jlinkes"
       - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0GXoSGDZ95TE/TT3kf4ZS3Tiso0UO3MVhqAqZ/F6LOvLyqnMPfhxPz1XpHsDikxvKgwhZvdBm1dWbKkPsD7jtw0PGphQO8QuEwBd2ZMvxZ4Qg6lNDUl5x3zRO2nkbKpcqnOugGLTtXP+yfw/wfQ2HNFLDP9gE90xegsPT83PmRUntQlhbS3ByHcCSUScC+Y1heZXuoKNyrmUY46lxkKsNfhx8sQKo0YhB21atV/mcAQbAaO2LggmaQYGtWizqPNGWIRsi9W8ZYnKva67c3Pbv/TTfaqmrNCwOXJ8G9oL+/3MlKbl3b5mYlTs2a/e9yVgMNwUZVX7aiHpgPgaVjL6j swdev@BradyBunch-MacMini.local"
@@ -21,46 +21,57 @@ sshd_disable_password_login: true
 nomad_certificates:
   - src: "{{ file_nomad_ca_pem }}"
     dest: "{{ nomad_ca_file }}"
-  - src: "{{ file_nomad_client_pem }}"
+  - src: "{{ file_nomad_server_pem }}"
     dest: "{{ nomad_cert_file }}"
-  - src: "{{ file_nomad_client_key_pem }}"
+  - src: "{{ file_nomad_server_key_pem }}"
     dest: "{{ nomad_key_file }}"
 nomad_datacenter: "yul1"
-nomad_name: "{{ hostname }}-{{ ansible_architecture }}"
-nomad_node_role: "client"
+nomad_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
+nomad_node_name: "{{ hostname }}-{{ ansible_architecture }}"
+nomad_node_role: "both"
 nomad_node_class: "builder"
 nomad_options:
   driver.raw_exec.enable: 1
-  docker.cleanup.image: false
+  docker.cleanup.image: true
   docker.privileged.enabled: true
   docker.volumes.enabled: true
   driver.whitelist: "docker,raw_exec,exec"
+  fingerprint.network.disallow_link_local: true
+nomad_service_mgr: "systemd"
 nomad_retry_servers:
-  - "10.32.8.15"
-  - "10.32.8.16"
-  - "10.32.8.17"
+  - "10.30.51.23"
+  - "10.30.51.24"
+  - "10.30.51.26"
 nomad_servers:
-  - "10.32.8.15:4647"
-  - "10.32.8.16:4647"
-  - "10.32.8.17:4647"
+  - "10.30.51.23:4647"
+  - "10.30.51.24:4647"
+  - "10.30.51.26:4647"
+nomad_volumes:
+  - name: "prod-volume-data1-1"
+    path: "/data"
+    read_only: false
 
 # Consul settigs.
 consul_nomad_integration: true
 consul_certificates:
   - src: "{{ file_consul_ca_pem }}"
     dest: "{{ consul_ca_file }}"
+  - src: "{{ file_consul_server_2_pem }}"
+    dest: "{{ consul_cert_file }}"
+  - src: "{{ file_consul_server_2_key_pem }}"
+    dest: "{{ consul_key_file }}"
 consul_datacenter: "yul1"
 consul_encrypt: "Y4T+5JGx1C3l2NFBBvkTWQ=="
 consul_node_name: "{{ hostname }}"
-consul_node_role: "client"
+consul_node_role: "both"
 consul_retry_servers:
-  - "10.32.8.15"
-  - "10.32.8.16"
-  - "10.32.8.17"
-
+  - "10.30.51.23"
+  - "10.30.51.24"
+  - "10.30.51.26"
+consul_service_mgr: "systemd"
 
 # Docker daemon settings.
 docker_daemon:
-  dns: [ "172.17.0.1" ]
+  dns: ["172.17.0.1"]
   dns-opts: []
-  dns-search: [ "{{ansible_hostname}}" ]
+  dns-search: ["{{ansible_hostname}}"]
Integration tests