-
Notifications
You must be signed in to change notification settings - Fork 0
/
Vagrantfile
114 lines (95 loc) · 3.83 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# -*- mode: ruby -*-
# vi: set ft=ruby :
require 'rbconfig'
# Determine if arch is ARM
def arm_architecture?
RbConfig::CONFIG['host_cpu'].downcase.start_with?('arm')
end
# Class to grab the users token from hashicorp vault v2 endpoint using ldap
class Token
def to_s
print "HashiCorp Vault username: "
hv_user = STDIN.gets.chomp
print "HashiCorp Vault password: "
hv_pass = STDIN.noecho(&:gets).chomp
Vault.address = "https://vault.library.upenn.edu"
vault_instance = Vault.auth.ldap(hv_user, hv_pass)
vault_instance.auth.client_token
end
end
# Arrange nodes in reverse order so the manager is the last vm to be provisioned
cluster = {
"catalog-find-manager" => { :ip => "10.10.2.149", :cpus => 4, :mem => 8192, :port => 2626 }
}
Vagrant.configure("2") do |config|
config.vagrant.plugins = ["vagrant-hostsupdater", "vagrant-vbguest", "vault"]
# Select correct box for arch
if arm_architecture?
config.vm.box = "bento/ubuntu-22.04-arm64"
else
config.vm.box = "ubuntu/focal64"
end
# Install parallels plugin if user is on mac
if Vagrant::Util::Platform::darwin?
config.vagrant.plugins << "vagrant-parallels"
end
# Add domains to hosts file
config.hostsupdater.aliases = {
"10.10.2.149" => [
"catalog-find-dev.library.upenn.edu",
"catalog-find-dev.library.upenn.int"
]
}
cluster.each_with_index do |(hostname, info), index|
# Use the default insecure key as this is only used for development
config.ssh.insert_key = false
config.vm.define hostname do |cfg|
cfg.vm.network :private_network, ip: "#{info[:ip]}"
cfg.vm.network :forwarded_port, id: "ssh", host: info[:port], guest: 22
cfg.vm.hostname = hostname
# Virtualbox provider
cfg.vm.provider :virtualbox do |vb, override|
vb.name = hostname
vb.customize ["modifyvm", :id, "--memory", info[:mem], "--cpus", info[:cpus], "--hwvirtex", "on"]
# push the first interface far out enough to minimize potential conflict with docker swarm
# which defaults to 10.0.0.0/8 for networks/containers
vb.customize ["modifyvm", :id, "--natnet1", "10.252/16"]
vb.customize ["guestproperty", "set", :id, "/VirtualBox/GuestAdd/VBoxService/--timesync-set-threshold", 2000]
end
# Parallels provider
cfg.vm.provider :parallels do |prl, override|
prl.name = hostname
prl.memory = info[:mem]
prl.cpus = info[:cpus]
end
cfg.vm.provision "shell", inline: <<-SHELL
apt-get update && apt-get install -y python3-pip
SHELL
# Run the ansible playbook after the manager vm has been provisioned
if hostname == "catalog-find-manager"
# If you need to expose on your local network; usually not necessary
# cfg.vm.provider :virtualbox do |vb, override|
# override.vm.network :forwarded_port, id: "http", host: 8080, guest: 80
# end
# Add volumes for development
cfg.vm.synced_folder "../", "/catalog-find"
cfg.vm.provision :ansible_local do |ansible|
ansible.config_file = "/catalog-find/ansible/ansible.cfg"
ansible.extra_vars = {
ansible_hashi_vault_token: Token.new,
ansible_hashi_vault_url: "https://vault.library.upenn.edu",
ansible_python_interpreter: "/usr/bin/python3"
}
ansible.install_mode = "pip3"
ansible.inventory_path = "/catalog-find/ansible/inventories/vagrant"
ansible.galaxy_role_file = "/catalog-find/ansible/roles/requirements.yml"
ansible.galaxy_roles_path = "/catalog-find/ansible/roles"
ansible.galaxy_command = "ansible-galaxy install -r %{role_file} --force"
ansible.limit = "all"
ansible.playbook = "/catalog-find/ansible/site.yml"
ansible.verbose = true
end
end
end
end
end