packager-dashboard: Initial OpenShift work

2020-12-14 18:00:25 +01:00 · 2020-12-14 18:00:25 +01:00 · 58fa2e99cc
commit 58fa2e99cc
parent e04145c5a6
5 changed files with 453 additions and 0 deletions
--- a/playbooks/openshift-apps/packager-dashboard.yml
+++ b/playbooks/openshift-apps/packager-dashboard.yml
@ -0,0 +1,88 @@
+- name: prepare setting up the database
+  hosts: db01.stg.iad2.fedoraproject.org
+  gather_facts: no
+  user: root
+
+  tasks:
+  - name: install psycopg2 for the postgresql ansible modules
+    package: name=python3-psycopg2 state=present
+    tags:
+    - packages
+
+- name: setup the database
+  hosts: db01.stg.iad2.fedoraproject.org
+  gather_facts: no
+  become: yes
+  become_user: postgres
+  vars_files:
+  - /srv/web/infra/ansible/vars/global.yml
+  - "/srv/private/ansible/vars.yml"
+  - "/srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml"
+
+  tasks:
+  - name: Create the database user
+    postgresql_user:
+      name: "{{ oraculum_db_user }}"
+      password: "{{ oraculum_db_pass }}"
+  - name: Create the database itself
+    postgresql_db:
+      name: "{{ oraculum_db_name  }}"
+      owner: "{{ oraculum_db_user }}"
+      encoding: UTF-8
+  - name: Test the database creation
+    postgresql_db:
+      name: "{{ oraculum_db_name  }}"
+      owner: "{{ oraculum_db_user }}"
+      encoding: UTF-8
+
+- name: make the app be real
+  hosts: os_masters_stg[0]
+  user: root
+  gather_facts: False
+
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - "/srv/private/ansible/vars.yml"
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - role: openshift/project
+    app: oraculum
+    description: Packager Dashboard
+    appowners:
+    - frantisekz
+    - pingou
+    tags:
+      - appowners
+
+  - role: openshift/object
+    app: packager-dashboard
+    template: buildconfig.yml
+    objectname: buildconfig.yml
+
+  - role: openshift/object
+    app: packager-dashboard
+    template: deploymentconfig.yml
+    objectname: deploymentconfig.yml
+
+  - role: openshift/object
+    app: packager-dashboard
+    template: imagestream.yml
+    objectname: imagestream.yml
+
+  - role: openshift/object
+    app: packager-dashboard
+    file: service.yml
+    objectname: service.yml
+
+  - role: openshift/route
+    app: packager-dashboard
+    routename: packager-dashboard
+    host: "packager-dashboard{{ env_suffix }}.fedoraproject.org"
+    serviceport: 8080-tcp
+    servicename: packager-dashboard
+
+  - role: openshift/start-build
+    app: packager-dashboard
+    buildname: packager-dashboard-build
+    objectname: packager-dashboard-build
--- a/roles/openshift-apps/packager-dashboard/files/service.yml
+++ b/roles/openshift-apps/packager-dashboard/files/service.yml
@ -0,0 +1,32 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: packager-dashboard
+  name: packager-dashboard
+spec:
+  ports:
+  - name: 5000-tcp
+    port: 5000
+    protocol: TCP
+    targetPort: 5000
+  selector:
+    app: packager-dashboard
+    deploymentconfig: packager-dashboard
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: packager-dashboard
+  name: packager-dashboard-redis
+spec:
+  ports:
+  - name: 6379-tcp
+    port: 6379
+    protocol: TCP
+    targetPort: 6379
+  selector:
+    app: packager-dashboard-redis
+    deploymentconfig: packager-dashboard-redis
--- a/roles/openshift-apps/packager-dashboard/templates/buildconfig.yml
+++ b/roles/openshift-apps/packager-dashboard/templates/buildconfig.yml
@ -0,0 +1,26 @@
+apiVersion: v1
+kind: BuildConfig
+metadata:
+  name: packager-dashboard-build
+  labels:
+    environment: "packager-dashboard"
+spec:
+  output:
+    to:
+      kind: ImageStreamTag
+      name: packager-dashboard:latest
+  source:
+    type: Git
+    git:
+      uri: https://pagure.io/fedora-qa/oraculum
+      ref: "python36"
+  strategy:
+    type: Source
+    sourceStrategy:
+      from:
+        kind: ImageStreamTag
+        namespace: openshift
+        name: python:3.6
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
--- a/roles/openshift-apps/packager-dashboard/templates/deploymentconfig.yml
+++ b/roles/openshift-apps/packager-dashboard/templates/deploymentconfig.yml
@ -0,0 +1,286 @@
+---
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: packager-dashboard
+    service: packager-dashboard
+  name: packager-dashboard-api-endpoint
+spec:
+  replicas: 1
+  selector:
+    app: packager-dashboard
+    deploymentconfig: packager-dashboard
+  strategy:
+    type: Recreate
+    recreateParams:
+      mid:
+        failurePolicy: Abort
+        execNewPod:
+          containerName: oraculum-frontend
+          # Oraculum would automatically proceed with upgrade_db if necessary
+          # init_db isn't dropping anything, so it's safe to call every time the pod starts
+          command: ["python", "/opt/app-root/src/oraculum/cli.py", "init_db"]
+          # and then just the gunicorn for the frontend part of the backend :)
+  template:
+    metadata:
+      labels:
+        app: packager-dashboard
+        deploymentconfig: packager-dashboard
+    spec:
+      containers:
+      - name: packager-dashboard
+        image: packager-dashboard:latest
+        ports:
+        - containerPort: 5000
+        resources: {}
+        env:
+        # Database
+        - name: POSTGRESQL_USER
+          value: "{{ oraculum_db_user }}"
+        - name: POSTGRESQL_PASSWORD
+          value: "{{ oraculum_db_pass }}"
+        - name: POSTGRESQL_DATABASE
+          value: "{{ oraculum_db_name }}"
+        - name: POSTGRESQL_SERVICE_HOST
+          value: "db01{{ env_suffix }}.iad2.fedoraproject.org"
+        - name: POSTGRESQL_SERVICE_PORT
+          value: "5432"
+        # Redis
+        - name: REDIS_PASSWORD
+          value: "{{ oraculum_redis_pass }}"
+        - name: REDIS_SERVICE_HOST
+          value: "redis.packager-dashboard.svc.cluster.local"
+        - name: REDIS_SERVICE_PORT_REDIS
+          value: "6379"
+        # Misc
+        - name: SECRET_KEY
+          value: "{{ oraculum_secret_key }}"
+        - name: OIDC_CLIENT_SECRETS
+          value: "{{ oraculum_oidc_secrets }}"
+        - name: OPENSHIFT_PROD
+          value: "1"
+        # WatchDog emails
+        - name: SEND_ERROR_EMAILS
+          value: False
+        - name: SMTP_CONFIG
+          value: "{{ oraculum_smtp_confline }}"
+        readinessProbe:
+          timeoutSeconds: 1
+          initialDelaySeconds: 5
+          httpGet:
+            path: /
+            port: 5000
+        livenessProbe:
+          timeoutSeconds: 1
+          initialDelaySeconds: 30
+          httpGet:
+            path: /
+            port: 5000
+
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
+    imageChangeParams:
+      automatic: true
+      containerNames:
+      - packager-dashboard
+      from:
+        kind: ImageStreamTag
+        name: packager-dashboard:latest
+---
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: packager-dashboard
+    service: packager-dashboard
+  name: packager-dashboard-worker
+spec:
+  replicas: 1 # Change me to some biiig numba after you got me working
+  selector:
+    app: packager-dashboard
+    deploymentconfig: packager-dashboard
+  strategy:
+    type: Recreate
+    recreateParams:
+      mid:
+        failurePolicy: Abort
+        execNewPod:
+          containerName: oraculum-worker
+          # Oraculum would automatically proceed with upgrade_db if necessary
+          # init_db isn't dropping anything, so it's safe to call every time the pod starts
+          command: ["/bin/sh","-c"]
+          args: ["python /opt/app-root/src/oraculum/cli.py init_db && /usr/bin/celery -A oraculum.celery_app worker -c 2 --loglevel=INFO"]
+  template:
+    metadata:
+      labels:
+        app: packager-dashboard
+        deploymentconfig: packager-dashboard
+    spec:
+      containers:
+      - name: packager-dashboard
+        image: packager-dashboard:latest
+        resources: {}
+        env:
+        # Database
+        - name: POSTGRESQL_USER
+          value: "{{ oraculum_db_user }}"
+        - name: POSTGRESQL_PASSWORD
+          value: "{{ oraculum_db_pass }}"
+        - name: POSTGRESQL_DATABASE
+          value: "{{ oraculum_db_name }}"
+        - name: POSTGRESQL_SERVICE_HOST
+          value: "db01{{ env_suffix }}.iad2.fedoraproject.org"
+        - name: POSTGRESQL_SERVICE_PORT
+          value: "5432"
+        # Redis
+        - name: REDIS_PASSWORD
+          value: "{{ oraculum_redis_pass }}"
+        - name: REDIS_SERVICE_HOST
+          value: "{{ oraculum_redis_host }}"
+        - name: REDIS_SERVICE_PORT_REDIS
+          value: "{{ oraculum_redis_port }}"
+        # Misc
+        - name: SECRET_KEY
+          value: "{{ oraculum_secret_key }}"
+        - name: OIDC_CLIENT_SECRETS
+          value: "{{ oraculum_oidc_secrets }}"
+        - name: OPENSHIFT_PROD
+          value: "1"
+        # WatchDog emails
+        - name: SEND_ERROR_EMAILS
+          value: False
+        - name: SMTP_CONFIG
+          value: "{{ oraculum_smtp_confline }}"
+
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
+    imageChangeParams:
+      automatic: true
+      containerNames:
+      - packager-dashboard
+      from:
+        kind: ImageStreamTag
+        name: packager-dashboard:latest
+---
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: packager-dashboard
+    service: packager-dashboard
+  name: packager-dashboard-beat
+spec:
+  replicas: 1 # Never change this to more or less than ONE!
+  selector:
+    app: packager-dashboard
+    deploymentconfig: packager-dashboard
+  strategy:
+    type: Recreate
+    recreateParams:
+      mid:
+        failurePolicy: Abort
+        execNewPod:
+          containerName: oraculum-beat
+          # Oraculum would automatically proceed with upgrade_db if necessary
+          # init_db isn't dropping anything, so it's safe to call every time the pod starts
+          command: ["/bin/sh","-c"]
+          args: ["python /opt/app-root/src/oraculum/cli.py init_db && /usr/bin/celery -A oraculum.celery_app beat --loglevel=INFO"]
+  template:
+    metadata:
+      labels:
+        app: packager-dashboard
+        deploymentconfig: packager-dashboard
+    spec:
+      containers:
+      - name: packager-dashboard
+        image: packager-dashboard:latest
+        resources: {}
+        env:
+        # Database
+        - name: POSTGRESQL_USER
+          value: "{{ oraculum_db_user }}"
+        - name: POSTGRESQL_PASSWORD
+          value: "{{ oraculum_db_pass }}"
+        - name: POSTGRESQL_DATABASE
+          value: "{{ oraculum_db_name }}"
+        - name: POSTGRESQL_SERVICE_HOST
+          value: "db01{{ env_suffix }}.iad2.fedoraproject.org"
+        - name: POSTGRESQL_SERVICE_PORT
+          value: "5432"
+        # Redis
+        - name: REDIS_PASSWORD
+          value: "{{ oraculum_redis_pass }}"
+        - name: REDIS_SERVICE_HOST
+          value: "{{ oraculum_redis_host }}"
+        - name: REDIS_SERVICE_PORT_REDIS
+          value: "{{ oraculum_redis_port }}"
+        # Misc
+        - name: SECRET_KEY
+          value: "{{ oraculum_secret_key }}"
+        - name: OIDC_CLIENT_SECRETS
+          value: "{{ oraculum_oidc_secrets }}"
+        - name: OPENSHIFT_PROD
+          value: "1"
+        # WatchDog emails
+        - name: SEND_ERROR_EMAILS
+          value: False
+        - name: SMTP_CONFIG
+          value: "{{ oraculum_smtp_confline }}"
+
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
+    imageChangeParams:
+      automatic: true
+      containerNames:
+      - packager-dashboard
+      from:
+        kind: ImageStreamTag
+        name: packager-dashboard:latest
+---
+apiVersion: v1
+kind: DeploymentConfig
+metadata:
+  labels:
+    app: packager-dashboard
+    service: packager-dashboard
+  name: packager-dashboard-redis
+spec:
+  replicas: 1 # Never change this to more or less than ONE!
+  selector:
+    app: packager-dashboard
+    deploymentconfig: packager-dashboard
+  strategy:
+    type: Recreate
+    recreateParams:
+      mid:
+        failurePolicy: Abort
+        execNewPod:
+          containerName: packager-dashboard-redis
+  template:
+    metadata:
+      labels:
+        app: packager-dashboard
+        deploymentconfig: packager-dashboard
+    spec:
+      containers:
+      - name: packager-dashboard-redis
+        image: packager-dashboard-redis:latest
+        resources: {}
+        env:
+        - name: REDIS_PASSWORD
+          value: "{{ oraculum_redis_pass }}"
+
+  triggers:
+  - type: ConfigChange
+  - type: ImageChange
+    imageChangeParams:
+      automatic: true
+      containerNames:
+      - packager-dashboard-redis
+      from:
+        kind: ImageStreamTag
+        name: packager-dashboard-redis:latest
--- a/roles/openshift-apps/packager-dashboard/templates/imagestream.yml
+++ b/roles/openshift-apps/packager-dashboard/templates/imagestream.yml
@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: ImageStream
+metadata:
+  name: packager-dashboard
+spec:
+  lookupPolicy:
+    local: false
+status:
+  dockerImageRepository: ""
+---
+apiVersion: v1
+kind: ImageStream
+metadata:
+   name: packager-dashboard-redis
+spec:
+  tags:
+  - name: latest
+    from:
+      kind: DockerImage
+      name: quay.io/bitnami/redis:latest