-
Notifications
You must be signed in to change notification settings - Fork 0
/
Vagrantfile
112 lines (92 loc) · 3.95 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# -*- mode: ruby -*-
# vi: set ft=ruby :
require 'rbconfig'
# Determine if arch is ARM
def arm_architecture?
RbConfig::CONFIG['host_cpu'].downcase.start_with?('arm')
end
# Class to grab the users token from hashicorp vault v2 endpoint using ldap
class Token
def to_s
print 'HashiCorp Vault username: '
hv_user = STDIN.gets.chomp
print 'HashiCorp Vault password: '
hv_pass = STDIN.noecho(&:gets).chomp
Vault.address = 'https://vault.library.upenn.edu'
vault_instance = Vault.auth.ldap(hv_user, hv_pass)
vault_instance.auth.client_token
end
end
# Arrange nodes in reverse order so the manager is the last vm to be provisioned
cluster = {
'catalog-indexing-manager' => { ip: '10.10.2.148', cpus: 8, mem: 8192, port: 2525 }
}
Vagrant.configure('2') do |config|
config.vagrant.plugins = %w[vagrant-hostsupdater vagrant-vbguest vault]
# add more disk space if needed
config.vm.disk :disk, size: '150GB', primary: true
# Select correct box for arch
config.vm.box = if arm_architecture?
'bento/ubuntu-22.04-arm64'
else
'ubuntu/focal64'
end
# Install parallels plugin if user is on mac
config.vagrant.plugins << 'vagrant-parallels' if Vagrant::Util::Platform.darwin?
# Add domains to hosts file
config.hostsupdater.aliases = {
'10.10.2.148' => %w[catalog-indexing-dev.library.upenn.edu catalog-indexing-dev.library.upenn.int]
}
cluster.each_with_index do |(hostname, info), _index|
# Use the default insecure key as this is only used for development
config.ssh.insert_key = false
config.vm.define hostname do |cfg|
cfg.vm.network :private_network, ip: info[:ip].to_s
cfg.vm.network :forwarded_port, id: 'ssh', host: info[:port], guest: 22
cfg.vm.hostname = hostname
# Virtualbox provider
cfg.vm.provider :virtualbox do |vb, _override|
vb.name = hostname
vb.customize ['modifyvm', :id, '--memory', info[:mem], '--cpus', info[:cpus], '--hwvirtex', 'on']
# push the first interface far out enough to minimize potential conflict with docker swarm
# which defaults to 10.0.0.0/8 for networks/containers
vb.customize ['modifyvm', :id, '--natnet1', '10.252/16']
vb.customize ['guestproperty', 'set', :id, '/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold', 2000]
end
# Parallels provider
cfg.vm.provider :parallels do |prl, _override|
prl.name = hostname
prl.memory = info[:mem]
prl.cpus = info[:cpus]
end
cfg.vm.provision 'shell', inline: <<-SHELL
apt-get update && apt-get install -y python3-pip
SHELL
# Run the ansible playbook after the manager vm has been provisioned
if hostname == 'catalog-indexing-manager'
# If you need to expose on your local network; usually not necessary
# cfg.vm.provider :virtualbox do |vb, override|
# override.vm.network :forwarded_port, id: "http", host: 8080, guest: 80
# end
# Add volumes for development
cfg.vm.synced_folder '../', '/catalog-indexing'
cfg.vm.provision :ansible_local do |ansible|
ansible.config_file = '/catalog-indexing/ansible/ansible.cfg'
ansible.extra_vars = {
ansible_hashi_vault_token: Token.new,
ansible_hashi_vault_url: 'https://vault.library.upenn.edu',
ansible_python_interpreter: '/usr/bin/python3'
}
ansible.install_mode = 'pip3'
ansible.inventory_path = '/catalog-indexing/ansible/inventories/vagrant'
ansible.galaxy_role_file = '/catalog-indexing/ansible/roles/requirements.yml'
ansible.galaxy_roles_path = '/catalog-indexing/ansible/roles'
ansible.galaxy_command = 'ansible-galaxy install -r %{role_file} --force'
ansible.limit = 'all'
ansible.playbook = '/catalog-indexing/ansible/site.yml'
ansible.verbose = true
end
end
end
end
end