From 4e5b055d02f7ab1f618fb2426cfff9ebc1c9678a Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Sun, 25 Feb 2018 23:37:04 +0100
Subject: A complete working ADEI templte, v1-alpha

---
 setup/projects/adei/vars/globals.yml | 25 ++++++++++++++-----------
 setup/projects/adei/vars/pods.yml    | 19 ++++++++++++-------
 setup/projects/adei/vars/secrets.yml |  6 ++++++
 setup/projects/adei/vars/volumes.yml |  1 +
 4 files changed, 33 insertions(+), 18 deletions(-)
 create mode 100644 setup/projects/adei/vars/secrets.yml

(limited to 'setup/projects/adei/vars')

diff --git a/setup/projects/adei/vars/globals.yml b/setup/projects/adei/vars/globals.yml
index 72262e5..21f4db1 100644
--- a/setup/projects/adei/vars/globals.yml
+++ b/setup/projects/adei/vars/globals.yml
@@ -12,9 +12,12 @@ adei_pod_env:
     - name: "MYSQL_USER"
       value: "adei"
     - name: "MYSQL_PASSWORD"
-      value: "adei"
+      valueFrom: 
+        secretKeyRef:
+          name: "adei"
+          key: "adei-password"
     - name: "MYSQL_DATABASE"
-      value: "adei"
+      value: "adei_${setup}"
     - name: "ADEI_PORTS"
       value: "8080"
     - name: "ADEI_ENABLED_SETUPS"
@@ -165,17 +168,17 @@ adei_frontends:
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_dbg_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
       configure: true
+      enabled: true
     logs:
       name: "adei-${setup}-logs"
       node: "adei-${setup}-logs.{{ adei_domain }}"  
-      replicas: "${enabled_logs}"
+      replicas: "${enable_logs}"
       env: "{{ adei_pod_env | union(adei_log_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
+      enabled: true
     cacher:
       name: "adei-${setup}-cacher"
       replicas: "${cache_replicas}"
@@ -188,21 +191,21 @@ adei_frontends:
     archive_cacher:
       name: "adei-${setup}-archive-cacher"
       replicas: "1"
-      cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh -m archive" ]
+      cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh",  "-m",  "archive" ]
       env: "{{ adei_pod_env | union(adei_arc_cache_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
+      enabled: true
     log_cacher:
       name: "adei-${setup}-log-cacher"
-      replicas: "${enabled_logs}"
+      replicas: "${enable_logs}"
       cmd: [ "/bin/bash", "/adei/src/scripts/system/cacher.sh" ]
       env: "{{ adei_pod_env | union(adei_log_cache_env) }}"
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
+      enabled: true
     update:
       name: "adei-${setup}-update"
       cron: "${update_schedule}"
@@ -220,7 +223,7 @@ adei_frontends:
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
+      enabled: true
     clean:
       name: "adei-${setup}-clean"
       cron: "${clean_schedule}"
@@ -229,4 +232,4 @@ adei_frontends:
       vols: "{{ adei_pod_vols }}"
       mounts: "{{ adei_prod_mounts | union(adei_pod_mounts) }}"
       groups: [ "adei" ]
-      enabled: false
+      enabled: true
diff --git a/setup/projects/adei/vars/pods.yml b/setup/projects/adei/vars/pods.yml
index c0b943c..5278c44 100644
--- a/setup/projects/adei/vars/pods.yml
+++ b/setup/projects/adei/vars/pods.yml
@@ -5,16 +5,23 @@ pods:
     selector: { master: 1 }
     groups: [ "adei_db" ]
     images:
-      - image: "openshift/mysql-56-centos7"
+      - image: "centos/mysql-57-centos7"
         env:
             - { name: "MYSQL_USER", value: "adei" }
-            - { name: "MYSQL_PASSWORD", value: "adei" } 
+            - { name: "MYSQL_PASSWORD", value: "secret@adei/adei-password" } 
+            - { name: "MYSQL_ROOT_PASSWORD", value: "secret@adei/adei-password" } 
             - { name: "MYSQL_DATABASE", value: "adei" }
+            - { name: "PMA_PASSWORD", value: "secret@adei/pma-password" } 
         mappings: 
-            - { name: "adei_etc", path: "mysql", mount: "/etc/mysql" }
+            - { name: "adei_init", mount: "/var/lib/init" }
             - { name: "adei_db", path: "mysql", mount: "/var/lib/mysql/data" }
         probes:
             - { port: 3306 }
+#            - { type: "liveness", port: 3306 }
+#            - { type: "readiness", command: [/bin/sh, -i, -c, MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE, -e 'SELECT 1'] }
+        hooks:
+            - { type: "postStart", command: [ "/bin/bash", "/var/lib/init/mysql/initdb.sh" ] }
+
   phpmyadmin:
     service: { host: "phpmyadmin.{{ openshift_master_default_subdomain }}", ports: [ 80/8080 ] }
     sched: { replicas: 1 }
@@ -23,14 +30,12 @@ pods:
         env:
             - { name: "DB_SERVICE_HOST", value: "mysql.adei.svc.cluster.local" }
             - { name: "DB_SERVICE_PORT", value: "3306" } 
-            - { name: "DB_SERVICE_CONTROL_USER", value: "pma" }
-            - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "adei" }
+#            - { name: "DB_SERVICE_CONTROL_USER", value: "pma" }
+#            - { name: "DB_SERVICE_CONTROL_PASSWORD", value: "secret@adei/pma-password" }
             - { name: "DB_EXTRA_HOSTS", value: "mysql.katrin.svc.cluster.local" }
         probes:
             - { port: 8080, path: '/' }
 
-
-
 #oc:
 #  - template: "[0-3]*"
 #  - template: "[4-6]*"
diff --git a/setup/projects/adei/vars/secrets.yml b/setup/projects/adei/vars/secrets.yml
new file mode 100644
index 0000000..09d7404
--- /dev/null
+++ b/setup/projects/adei/vars/secrets.yml
@@ -0,0 +1,6 @@
+$ANSIBLE_VAULT;1.1;AES256
+34353236316663633066306139633563623564323261343039346536333934656263343539376138
+3439306637386530373339396638613965383265366633390a343837383862353965393361366432
+39356537356430393232616332336366643138653931633738353938653334613165326263346566
+3139323437346663660a633665303662666237616665383564636639323763383335373538306533
+62616134363866353565323237353334653331373665636664636366643336613137
diff --git a/setup/projects/adei/vars/volumes.yml b/setup/projects/adei/vars/volumes.yml
index 3a0fe4d..69d291c 100644
--- a/setup/projects/adei/vars/volumes.yml
+++ b/setup/projects/adei/vars/volumes.yml
@@ -1,4 +1,5 @@
 volumes:
+  adei_init: { volume: "openshift", path: "/adei/init" }                # mysql
   adei_etc: { volume: "openshift", path: "/adei/etc" }                  # mysql
   adei_src: { volume: "openshift", path: "/adei/src", write: true }     # prod & debug (init creates setup links)
   adei_cfg: { volume: "openshift", path: "/adei/cfg", write: true }     # per-setup configs (ADEI/wiki modifies setup)
-- 
cgit v1.2.3