[HWORKS-719] Add chef code to configure WAN federated consul (#57)

logicalclocks · Sep 4, 2023 · e06fb65 · e06fb65
1 parent 6ad86d6
commit e06fb65
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 31 deletions.
diff --git a/attributes/default.rb b/attributes/default.rb
@@ -27,6 +27,7 @@
 default['consul']['http_api_port']              = "8501"
 default['consul']['rpc_port']                   = "8300"
 default['consul']['domain']                     = "consul"
+default['consul']['datacenter']                 = "lc"
 
 default['consul']['bind_address']               = ""
 # Default bind to localhost but accepts any go-sockaddr template
@@ -42,3 +43,7 @@
 default['consul']['health-check']['multiplier']           = 1.2
 
 default['consul']['metrics']['prometheus_retention_time'] = "1m"
+
+default['consul']['wan']['enabled']                = "false"
+default['consul']['wan']['serf_port']              = "8302"
+default['consul']['wan']['nodes']                  = nil
diff --git a/metadata.rb b/metadata.rb
@@ -59,11 +59,27 @@
 attribute "consul/rpc_port",
           :description => "RPC Server port",
           :type => 'string'
+
+attribute "consul/wan/enabled",
+          :description => "Enable Consul WAN federation across datacenters (Default: false)",
+          :type => 'string'
+
+attribute "consul/wan/enabled",
+          :description => "Enable Consul WAN federation across datacenters (Default: false)",
+          :type => 'string'
+
+attribute "consul/wan/nodes",
+          :description => "If WAN federation enabled, nodes to include in the federation",
+          :type => 'string'
 
 attribute "consul/domain",
           :description => "Domain to be handled by Consul",
           :type => 'string'
 
+attribute "consul/datacenter",
+          :description => "Datacenter configuration (Default: lc)",
+          :type => 'string'
+
 attribute "consul/bind_address",
           :description => "IP address Consul agent will bind to. You can also set a go-sockaddr template. Check https://www.consul.io/docs/agent/options.html#_bind for more information.",
           :type => 'string'

diff --git a/recipes/slave.rb b/recipes/slave.rb
@@ -1,29 +1 @@
-include_recipe "consul::default"
-include_recipe "consul::security"
-
-if node['consul']['retry_join']['provider'].empty?
-    masters = private_recipe_ips("consul", "master")
-elsif not node['consul']['retry_join']['provider'].empty? and node['consul']['retry_join']['tag_key'].nil?
-    masters = private_recipe_ips("consul", "master")
-else
-    masters = ["provider=#{node['consul']['retry_join']['provider'].strip} tag_key=#{node['consul']['retry_join']['tag_key'].strip} tag_value=#{node['consul']['retry_join']['tag_value'].strip}"]
-end
-
-crypto_dir = x509_helper.get_crypto_dir(node['consul']['user'])
-hops_ca = "#{crypto_dir}/#{x509_helper.get_hops_ca_bundle_name()}"
-certificate = "#{crypto_dir}/#{x509_helper.get_certificate_bundle_name(node['consul']['user'])}"
-key = "#{crypto_dir}/#{x509_helper.get_private_key_pkcs8_name(node['consul']['user'])}"
-template "#{node['consul']['conf_dir']}/consul.hcl" do
-    source "config/slave.hcl.erb"
-    owner node['consul']['user']
-    group node['consul']['group']
-    mode 0750
-    variables({
-        :masters => masters,
-        :hops_ca => hops_ca,
-        :certificate => certificate,
-        :key => key
-    })
-end
-
-include_recipe "consul::start"
+include_recipe "consul::worker"
diff --git a/recipes/worker.rb b/recipes/worker.rb
@@ -0,0 +1,29 @@
+include_recipe "consul::default"
+include_recipe "consul::security"
+
+if node['consul']['retry_join']['provider'].empty?
+    masters = private_recipe_ips("consul", "master")
+elsif not node['consul']['retry_join']['provider'].empty? and node['consul']['retry_join']['tag_key'].nil?
+    masters = private_recipe_ips("consul", "master")
+else
+    masters = ["provider=#{node['consul']['retry_join']['provider'].strip} tag_key=#{node['consul']['retry_join']['tag_key'].strip} tag_value=#{node['consul']['retry_join']['tag_value'].strip}"]
+end
+
+crypto_dir = x509_helper.get_crypto_dir(node['consul']['user'])
+hops_ca = "#{crypto_dir}/#{x509_helper.get_hops_ca_bundle_name()}"
+certificate = "#{crypto_dir}/#{x509_helper.get_certificate_bundle_name(node['consul']['user'])}"
+key = "#{crypto_dir}/#{x509_helper.get_private_key_pkcs8_name(node['consul']['user'])}"
+template "#{node['consul']['conf_dir']}/consul.hcl" do
+    source "config/slave.hcl.erb"
+    owner node['consul']['user']
+    group node['consul']['group']
+    mode 0750
+    variables({
+        :masters => masters,
+        :hops_ca => hops_ca,
+        :certificate => certificate,
+        :key => key
+    })
+end
+
+include_recipe "consul::start"
diff --git a/templates/default/config/master.hcl.erb b/templates/default/config/master.hcl.erb
@@ -1,10 +1,15 @@
-datacenter = "lc"
+datacenter = "<%= node['consul']['datacenter'] %>"
 domain = "<%= node['consul']['domain'] %>"
 server = true
 <% if [email protected]? -%>
 retry_join = <%= @masters %>
 <% end -%>
 bootstrap_expect = <%= @num_masters %>
+
+<% if !node['consul']['wan']['nodes'].nil? -%>
+retry_join_wan = <%= node['consul']['wan']['nodes'] %>
+<% end -%>
+
 ui = <%= node['consul']['master']['ui'] %>
 data_dir = "<%= node['consul']['data_dir'] %>"
 enable_local_script_checks = true
@@ -24,7 +29,8 @@ key_file = "<%= @key %>"
 ports = {
    http = -1,
    https = <%= node['consul']['http_api_port'] %>,
-   server = <%= node['consul']['rpc_port'] %>
+   server = <%= node['consul']['rpc_port'] %>,
+   serf_wan = <%= node['consul']['wan']['serf_port'] %>
 }
 telemetry = {
    prometheus_retention_time = "<%= node['consul']['metrics']['prometheus_retention_time'] %>",