deploy/plays/lb.yml
- hosts: lb
tasks:
- name: Generate certificate for load balancer
include_tasks: tasks/createCert.yml
vars:
domain: "deploy/keys/load_balancer"
common_name: "lb.{{ organization }}"
- copy:
src: "{{ install_dir }}/deploy/keys/load_balancer/"
dest: "{{ install_dir }}/load_balancer/ssl/"
mode: 0755
- name: Generate ssh login keys for Gitlab
include_tasks: tasks/sshKeyGen.yml
vars:
path: "deploy/keys/gitlab/load_balancer"
comment: "load balancer key for lb@autolabjs"
- name: Register public key
shell: cat {{ install_dir }}/deploy/keys/gitlab/load_balancer/id_rsa.pub
register: ssh_key
- name: Get Private Token
uri:
url: https://{{ gitlab_hostname }}/api/v3/session
status_code: 201
method: POST
body: "login=root&password={{ gitlab_password }}"
validate_certs: no
return_content: yes
register: session_json
- set_fact:
session: "{{ session_json.content | from_json }}"
- name: Add key to gitlab
uri:
url: https://{{ gitlab_hostname }}/api/v3/user/keys
status_code: 201
method: POST
body_format: json
HEADER_PRIVATE-TOKEN: "{{ session.private_token }}"
body:
title: "loadbalancer"
key: "{{ ssh_key.stdout }}"
validate_certs: no
return_content: yes
- name: Build loadbalancer
become: yes
docker_image:
name: load_balancer
path: "{{ install_dir }}/load_balancer"
- name: Start loadbalancer container
become: yes
docker_container:
name: loadbalancer
image: load_balancer
network_mode: host
detach: yes
restart_policy: always
volumes:
- "{{ install_dir }}/load_balancer:/load_balancer"
- "{{ install_dir }}/{{ submissions_dir }}:/load_balancer/submissions"
- "/etc/localtime:/etc/localtime:ro"
- "{{ install_dir }}/deploy/configs/load_balancer:/etc/load_balancer"
- "{{ install_dir }}/deploy/keys/gitlab/load_balancer:/root/.ssh/"
- "{{ install_dir }}/util:/util"
- "{{ install_dir }}/deploy/configs/util:/etc/util"
- "{{ install_dir }}/log/load_balancer:/log"
env:
LOGGERCONFIG: "/etc/util/logger.json"
LBCONFIG: "/etc/load_balancer/nodes_data_conf.json"
GITLAB_IP: "{{ gitlab_hostname }}"
NODE_TLS_REJECT_UNAUTHORIZED: "{{ reject_unauthorised }}"