-
Notifications
You must be signed in to change notification settings - Fork 2
/
hosts_template.yml
75 lines (64 loc) · 3.46 KB
/
hosts_template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
---
# The bare-metal hosts that will be running both the Sui validator and hosting the EDGE VM.
bare_metal_hosts:
hosts:
baremetal-suival:
# The inventory hostname used to refer to the edge.
edge_vms:
hosts:
edge:
all:
vars:
# SSH authorized keys that are added to the EDGE VM. Requires at least 1.
ssh_authorized_keys:
- "{{ undef(hint='You must specify at least one SSH public key') }}"
regionA:
hosts:
baremetal-suival:
# -- SSH options
# if you are running this playbook locally, this would be localhost. Otherwise it needs to be an IP or DNS resolvable hostname.
ansible_host: "{{ undef(hint='You must specify the ansible host, e.g. localhost') }}"
# this username needs to have SSH login privileges (SSH key setup) on the ansible_host setup above.
ansible_user: "{{ undef(hint='You must specify the ansible username, e.g., ubuntu') }}"
# -- Configuration
# Public network interface that will be shared with the EDGE VM. This could be a physical interface or a bond of multiple physical interfaces
public_interface: "{{ undef(hint='You must specify an interface, e.g., eno1') }}"
# Public IPv4 address of the Sui Full Node/Valdator
public_ipv4: "{{ undef(hint='You must specify the public IPv4 of your Sui node, e.g. xxx.xxx.xxx.xxx') }}"
# The inventory hostname of the hosted EDGE
hosted_edge: edge
edge:
# -- SSH options
# Uses the bare-metal as a jump host to SSH into the hosted EDGE VM, does not need to be changed.
ansible_user: anapaya
ansible_host: 192.168.18.2
ansible_ssh_common_args: "-J {{ hostvars[vm_host]['ansible_user'] ~ '@' ~ hostvars[vm_host]['ansible_host'] }}"
# -- Configuration
# Inventory hostname of the bare-metal host associated with this EDGE VM
vm_host: baremetal-suival
# IP and gateway for the EDGE appliance.
network_config:
# This is a secondary IP address/netmask to be dedicated to the Edge.
ipv4_cidr: "{{ undef(hint='Specify the public IP address and CIDR of the EDGE e.g., xxx.xxx.xxx.xxx/31') }}"
gateway: "{{ undef(hint='Specify the IP address of the network gateway e.g., xxx.xxx.xxx.1') }}"
# Public IPv4 address to be configured on the EDGE.
# Defaults to the network address above without the CIDR range.
public_ipv4: "{{ network_config.ipv4_cidr | ansible.utils.ipaddr('address') }}"
vars:
dns:
- address: 9.9.9.9
- address: 149.112.112.112
metrics_labels:
product: "edge"
appliance_hostname: "anapaya-edge"
# ebgp_multihop: 2 # if the bare metal host and edge appliance have IP's on different subnets, you will want to uncomment this.
# Directory in which secret values are stored on the controller
secrets_dir: "{{ undef(hint='You must specify a path to the generated secrets, e.g., /home/ubuntu/secrets') }}"
# Directory of the deployment package provided by Mysten Labs
deployment_package_path: "{{ undef(hint='You must specify a path to the provided deployment package, e.g., /home/ubuntu/deployment_package.qcow') }}"
# Paths derived from the above
deployment_package_config: "{{ deployment_package_path }}/config.yml"
scion_trcs_path: "{{ deployment_package_path }}/trcs"
scion_certificate_path: "{{ deployment_package_path }}/scion-cert.pem"
scion_forwarding_key_path: "{{ secrets_dir }}/forwarding-key.key"
scion_private_key_path: "{{ secrets_dir }}/scion-private-key.key"