From 4e5b055d02f7ab1f618fb2426cfff9ebc1c9678a Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Sun, 25 Feb 2018 23:37:04 +0100
Subject: A complete working ADEI templte, v1-alpha
---
setup/projects/adei/vars/globals.yml | 25 ++++++++++++++-----------
setup/projects/adei/vars/pods.yml | 19 ++++++++++++-------
setup/projects/adei/vars/secrets.yml | 6 ++++++
setup/projects/adei/vars/volumes.yml | 1 +
4 files changed, 33 insertions(+), 18 deletions(-)
create mode 100644 setup/projects/adei/vars/secrets.yml
(limited to 'setup/projects/adei/vars')
diff --git a/setup/projects/adei/vars/globals.yml b/setup/projects/adei/vars/globals.yml
index 72262e5..21f4db1 100644
--- a/setup/projects/adei/vars/globals.yml
+++ b/setup/projects/adei/vars/globals.yml
@@ -12,9 +12,12 @@ adei_pod_env:
- name: "MYSQL_USER"
value: "adei"
- name: "MYSQL_PASSWORD"
- value: "adei"
+ valueFrom:
+ secretKeyRef:
+ name: "adei"
+ key: "adei-password"
- name: "MYSQL_DATABASE"
- value: "adei"
+ value: "adei_${setup}"
- name: "ADEI_PORTS"
value: "8080"
- name: "ADEI_ENABLED_SETUPS"
@@ -165,17 +168,17 @@ adei_frontends:
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_dbg_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
configure: true
+ enabled: true
logs:
name: "adei-${setup}-logs"
node: "adei-${setup}-logs.{{ adei_domain }}"
- replicas: "${enabled_logs}"
+ replicas: "${enable_logs}"
env: "{{ adei_pod_env | union(adei_log_env) }}"
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
+ enabled: true
cacher:
name: "adei-${setup}-cacher"
replicas: "${cache_replicas}"
@@ -188,21 +191,21 @@ adei_frontends:
archive_cacher:
name: "adei-${setup}-archive-cacher"
replicas: "1"
- cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh -m archive" ]
+ cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh", "-m", "archive" ]
env: "{{ adei_pod_env | union(adei_arc_cache_env) }}"
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
+ enabled: true
log_cacher:
name: "adei-${setup}-log-cacher"
- replicas: "${enabled_logs}"
+ replicas: "${enable_logs}"
cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh" ]
env: "{{ adei_pod_env | union(adei_log_cache_env) }}"
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
+ enabled: true
update:
name: "adei-${setup}-update"
cron: "${update_schedule}"
@@ -220,7 +223,7 @@ adei_frontends:
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
+ enabled: true
clean:
name: "adei-${setup}-clean"
cron: "${clean_schedule}"
@@ -229,4 +232,4 @@ adei_frontends:
vols: "{{ adei_pod_vols }}"
mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
groups: [ "adei" ]
- enabled: false
+ enabled: true
diff --git a/setup/projects/adei/vars/pods.yml b/setup/projects/adei/vars/pods.yml
index c0b943c..5278c44 100644
--- a/setup/projects/adei/vars/pods.yml
+++ b/setup/projects/adei/vars/pods.yml
@@ -5,16 +5,23 @@ pods:
selector: { master: 1 }
groups: [ "adei_db" ]
images:
- - image: "openshift/mysql-56-centos7"
+ - image: "centos/mysql-57-centos7"
env:
- { name: "MYSQL_USER", value: "adei" }
- - { name: "MYSQL_PASSWORD", value: "adei" }
+ - { name: "MYSQL_PASSWORD", value: "secret@adei/adei-password" }
+ - { name: "MYSQL_ROOT_PASSWORD", value: "secret@adei/adei-password" }
- { name: "MYSQL_DATABASE", value: "adei" }
+ - { name: "PMA_PASSWORD", value: "secret@adei/pma-password" }
mappings:
- - { name: "adei_etc", path: "mysql", mount: "/etc/mysql" }
+ - { name: "adei_init", mount: "/var/lib/init" }
- { name: "adei_db", path: "mysql", mount: "/var/lib/mysql/data" }
probes:
- { port: 3306 }
+# - { type: "liveness", port: 3306 }
+# - { type: "readiness", command: [/bin/sh, -i, -c, MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE, -e 'SELECT 1'] }
+ hooks:
+ - { type: "postStart", command: [ "/bin/bash", "/var/lib/init/mysql/initdb.sh" ] }
+
phpmyadmin:
service: { host: "phpmyadmin.{{ openshift_master_default_subdomain }}", ports: [ 80/8080 ] }
sched: { replicas: 1 }
@@ -23,14 +30,12 @@ pods:
env:
- { name: "DB_SERVICE_HOST", value: "mysql.adei.svc.cluster.local" }
- { name: "DB_SERVICE_PORT", value: "3306" }
- - { name: "DB_SERVICE_CONTROL_USER", value: "pma" }
- - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "adei" }
+# - { name: "DB_SERVICE_CONTROL_USER", value: "pma" }
+# - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "secret@adei/pma-password" }
- { name: "DB_EXTRA_HOSTS", value: "mysql.katrin.svc.cluster.local" }
probes:
- { port: 8080, path: '/' }
-
-
#oc:
# - template: "[0-3]*"
# - template: "[4-6]*"
diff --git a/setup/projects/adei/vars/secrets.yml b/setup/projects/adei/vars/secrets.yml
new file mode 100644
index 0000000..09d7404
--- /dev/null
+++ b/setup/projects/adei/vars/secrets.yml
@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+34353236316663633066306139633563623564323261343039346536333934656263343539376138
+3439306637386530373339396638613965383265366633390a343837383862353965393361366432
+39356537356430393232616332336366643138653931633738353938653334613165326263346566
+3139323437346663660a633665303662666237616665383564636639323763383335373538306533
+62616134363866353565323237353334653331373665636664636366643336613137
diff --git a/setup/projects/adei/vars/volumes.yml b/setup/projects/adei/vars/volumes.yml
index 3a0fe4d..69d291c 100644
--- a/setup/projects/adei/vars/volumes.yml
+++ b/setup/projects/adei/vars/volumes.yml
@@ -1,4 +1,5 @@
volumes:
+ adei_init: { volume: "openshift", path: "/adei/init" } # mysql
adei_etc: { volume: "openshift", path: "/adei/etc" } # mysql
adei_src: { volume: "openshift", path: "/adei/src", write: true } # prod & debug (init creates setup links)
adei_cfg: { volume: "openshift", path: "/adei/cfg", write: true } # per-setup configs (ADEI/wiki modifies setup)
--
cgit v1.2.3