From 6da3a74b2c4860bb7ab8681ab040764c12fbf9a5 Mon Sep 17 00:00:00 2001 From: Francois Andrieu Date: Wed, 30 Mar 2022 23:46:36 +0200 Subject: [PATCH] mote_v2: deploy test instance on staging --- playbooks/openshift-apps/mote.yml | 86 +++++++++++++++++++ .../mote/templates/buildconfig.yml | 29 +++++++ .../mote/templates/fedmsg-cm.yml | 71 +++++++++++++++ .../mote/templates/fedmsg-dc.yml | 54 ++++++++++++ .../openshift-apps/mote/templates/mote-cm.yml | 14 +++ .../openshift-apps/mote/templates/mote-dc.yml | 52 +++++++++++ .../mote/templates/mote-svc.yml | 16 ++++ .../mote/templates/mote-worker-dc.yml | 62 +++++++++++++ roles/openshift-apps/mote/templates/pvc.yml | 23 +++++ .../mote/templates/redis-dc.yml | 35 ++++++++ .../mote/templates/redis-svc.yml | 16 ++++ 11 files changed, 458 insertions(+) create mode 100644 playbooks/openshift-apps/mote.yml create mode 100644 roles/openshift-apps/mote/templates/buildconfig.yml create mode 100644 roles/openshift-apps/mote/templates/fedmsg-cm.yml create mode 100644 roles/openshift-apps/mote/templates/fedmsg-dc.yml create mode 100644 roles/openshift-apps/mote/templates/mote-cm.yml create mode 100644 roles/openshift-apps/mote/templates/mote-dc.yml create mode 100644 roles/openshift-apps/mote/templates/mote-svc.yml create mode 100644 roles/openshift-apps/mote/templates/mote-worker-dc.yml create mode 100644 roles/openshift-apps/mote/templates/pvc.yml create mode 100644 roles/openshift-apps/mote/templates/redis-dc.yml create mode 100644 roles/openshift-apps/mote/templates/redis-svc.yml diff --git a/playbooks/openshift-apps/mote.yml b/playbooks/openshift-apps/mote.yml new file mode 100644 index 0000000000..2034d8b62c --- /dev/null +++ b/playbooks/openshift-apps/mote.yml @@ -0,0 +1,86 @@ +- name: make the app be real + hosts: os_control_stg[0] + user: root + gather_facts: False + vars: + app: mote + vars_files: + - /srv/web/infra/ansible/vars/global.yml + - "/srv/private/ansible/vars.yml" + - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml + + roles: + - role: openshift/project + description: Mote v2 + appowners: + - darknao + - t0xic0der + tags: + - appowners + + - role: openshift/imagestream + imagename: mote + + - role: openshift/object + template: buildconfig.yml + objectname: buildconfig.yml + + - role: openshift/object + template: mote-dc.yml + objectname: mote-dc.yml + + - role: openshift/object + template: mote-worker-dc.yml + objectname: mote-worker-dc.yml + + # meetbot is not advertising on fedmsg.stg + - role: openshift/object + template: fedmsg-dc.yml + objectname: fedmsg-dc.yml + when: env == "production" + + - role: openshift/object + template: redis-dc.yml + objectname: redis-dc.yml + + - role: openshift/object + file: redis-svc.yml + objectname: redis-svc.yml + + - role: openshift/object + file: mote-svc.yml + objectname: mote-svc.yml + + - role: openshift/object + file: mote-cm.yml + objectname: mote-cm.yml + + - role: openshift/object + file: fedmsg-cm.yml + objectname: fedmsg-cm.yml + when: env == "production" + + - role: openshift/object + template: pvc.yml + objectname: pvc.yml + + - role: openshift/route + routename: mote + serviceport: mote-tcp + servicename: mote + + - role: openshift/start-build + buildname: mote + objectname: mote + +# +############################################### +# actions to delete the project from OpenShift +############################################### +# to run: sudo rbac-playbook -l os_control_stg[0] -t delete openshift-apps/mote.yml + - role: openshift/object-delete + objecttype: project + objectname: mote + tags: + - never + - delete diff --git a/roles/openshift-apps/mote/templates/buildconfig.yml b/roles/openshift-apps/mote/templates/buildconfig.yml new file mode 100644 index 0000000000..0f6f1e1046 --- /dev/null +++ b/roles/openshift-apps/mote/templates/buildconfig.yml @@ -0,0 +1,29 @@ +apiVersion: build.openshift.io/v1 +kind: BuildConfig +metadata: + labels: + app: mote + name: mote +spec: + failedBuildsHistoryLimit: 5 + output: + to: + kind: ImageStreamTag + name: mote:latest + runPolicy: Serial + source: + git: + ref: cal_theme + uri: https://github.com/darknao/mote.git + type: Git + strategy: + type: Docker + successfulBuildsHistoryLimit: 5 + triggers: +{% if mote_stg_github_secret is defined and env == 'staging' %} + - type: GitHub + github: + secret: "{{ mote_stg_github_secret }}" +{% endif %} + - type: ConfigChange + - type: ImageChange diff --git a/roles/openshift-apps/mote/templates/fedmsg-cm.yml b/roles/openshift-apps/mote/templates/fedmsg-cm.yml new file mode 100644 index 0000000000..ea6a893180 --- /dev/null +++ b/roles/openshift-apps/mote/templates/fedmsg-cm.yml @@ -0,0 +1,71 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: fedora-messaging +data: + config.toml: | + amqp_url = "amqps://fedora:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpublic_pubsub" + callback = "fedora_messaging.example:printer" + + [tls] + ca_cert = "/opt/app/mote/fedora-messaging/cacert.pem" + keyfile = "/opt/app/mote/fedora-messaging/fedora-key.pem" + certfile = "/opt/app/mote/fedora-messaging/fedora-cert.pem" + + [client_properties] + app = "Mote" + app_url = "https://github.com/fedora-infra/mote" + app_contacts_email = ["darknao@fedoraproject.org", "akashdeep.dhar@gmail.com"] + + [exchanges."amq.topic"] + type = "topic" + durable = true + auto_delete = false + arguments = {} + + [queues.4321048e-0e18-46e4-8722-6651dcdfe953] + durable = false + auto_delete = true + exclusive = true + arguments = {} + + [[bindings]] + queue = "4321048e-0e18-46e4-8722-6651dcdfe953" + exchange = "amq.topic" + routing_keys = [ "org.fedoraproject.*.meetbot.meeting.complete" ] + + [qos] + prefetch_size = 0 + prefetch_count = 25 + + [log_config] + version = 1 + disable_existing_loggers = true + + [log_config.formatters.simple] + format = "[%(levelname)s %(name)s] %(message)s" + + [log_config.handlers.console] + class = "logging.StreamHandler" + formatter = "simple" + stream = "ext://sys.stdout" + + [log_config.loggers.fedora_messaging] + level = "INFO" + propagate = false + handlers = ["console"] + + [log_config.loggers.twisted] + level = "INFO" + propagate = false + handlers = ["console"] + + [log_config.loggers.pika] + level = "WARNING" + propagate = false + handlers = ["console"] + + [log_config.root] + level = "ERROR" + handlers = ["console"] + diff --git a/roles/openshift-apps/mote/templates/fedmsg-dc.yml b/roles/openshift-apps/mote/templates/fedmsg-dc.yml new file mode 100644 index 0000000000..31226bf245 --- /dev/null +++ b/roles/openshift-apps/mote/templates/fedmsg-dc.yml @@ -0,0 +1,54 @@ +apiVersion: apps.openshift.io/v1 +kind: DeploymentConfig +metadata: + name: fedmsg + labels: + app: fedmsg +spec: + replicas: 1 + selector: + app: fedmsg + template: + metadata: + labels: + app: fedmsg + spec: + containers: + - image: image-registry.openshift-image-registry.svc:5000/mote/mote + name: fedmsg + command: + - python + - -m + - mote.consume + env: + - name: REDIS_URL + value: "redis://redis.{{ app }}.svc.cluster.local" + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /etc/fedora-messaging/config.py + name: fedmsg-config + readOnly: true + subPath: config.toml + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: '0' + memory: 50Mi + volumes: + - configMap: + defaultMode: 420 + name: fedora-messaging + name: fedmsg-config + restartPolicy: Always + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + from: + kind: ImageStreamTag + name: mote:latest + containerNames: + - "fedmsg" diff --git a/roles/openshift-apps/mote/templates/mote-cm.yml b/roles/openshift-apps/mote/templates/mote-cm.yml new file mode 100644 index 0000000000..8dcae6c66a --- /dev/null +++ b/roles/openshift-apps/mote/templates/mote-cm.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: mote +data: + config.py: | + MEETING_DIR = "/srv/web/meetbot" + MEETBOT_URL = "https://meetbot.fedoraproject.org" + MEETBOT_RAW_URL = "https://meetbot-raw.fedoraproject.org" + DATAGREPPER_BASE_URL = "https://apps.fedoraproject.org" + RECOGNIITION_PATTERN = r"(.*)[\-\.]([0-9]{4}-[0-9]{2}-[0-9]{2})-([0-9]{2}\.[0-9]{2})" + CACHE_TYPE = "RedisCache" + CACHE_REDIS_URL = "redis://redis.{{ app }}.svc.cluster.local" + CACHE_DEFAULT_TIMEOUT = 0 diff --git a/roles/openshift-apps/mote/templates/mote-dc.yml b/roles/openshift-apps/mote/templates/mote-dc.yml new file mode 100644 index 0000000000..9fabdeb53f --- /dev/null +++ b/roles/openshift-apps/mote/templates/mote-dc.yml @@ -0,0 +1,52 @@ +apiVersion: apps.openshift.io/v1 +kind: DeploymentConfig +metadata: + name: mote + labels: + app: mote +spec: + replicas: 1 + selector: + app: mote + template: + metadata: + labels: + app: mote + spec: + containers: + - image: image-registry.openshift-image-registry.svc:5000/mote/mote + name: mote + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /srv/web/meetbot + name: meetbot + - mountPath: /opt/app/mote/config.py + name: mote-config + readOnly: true + subPath: config.py + resources: + limits: + cpu: 100m + memory: 500Mi + requests: + cpu: '0' + memory: 50Mi + volumes: + - name: meetbot + persistentVolumeClaim: + claimName: meetbot-storage + - configMap: + defaultMode: 420 + name: mote + name: mote-config + restartPolicy: Always + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + from: + kind: ImageStreamTag + name: mote:latest + containerNames: + - "mote" diff --git a/roles/openshift-apps/mote/templates/mote-svc.yml b/roles/openshift-apps/mote/templates/mote-svc.yml new file mode 100644 index 0000000000..9c778fb855 --- /dev/null +++ b/roles/openshift-apps/mote/templates/mote-svc.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: mote + name: mote +spec: + ports: + - name: mote-tcp + port: 9696 + protocol: TCP + targetPort: 9696 + selector: + app: mote + type: ClusterIP + diff --git a/roles/openshift-apps/mote/templates/mote-worker-dc.yml b/roles/openshift-apps/mote/templates/mote-worker-dc.yml new file mode 100644 index 0000000000..4970968eda --- /dev/null +++ b/roles/openshift-apps/mote/templates/mote-worker-dc.yml @@ -0,0 +1,62 @@ +apiVersion: apps.openshift.io/v1 +kind: DeploymentConfig +metadata: + name: mote-worker + labels: + app: mote-worker +spec: + replicas: 1 + selector: + app: mote-worker + template: + metadata: + labels: + app: mote-worker + spec: + containers: + - image: image-registry.openshift-image-registry.svc:5000/mote/mote + command: + - python + - -m + - mote.worker + env: + - name: REDIS_URL + value: "redis://redis.{{ app }}.svc.cluster.local" + - name: LOGLEVEL + value: "20" + + name: mote-worker + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /srv/web/meetbot + name: meetbot + - mountPath: /opt/app/mote/config.py + name: mote-config + readOnly: true + subPath: config.py + resources: + limits: + cpu: 100m + memory: 1Gi + requests: + cpu: '0' + memory: 500Mi + volumes: + - name: meetbot + persistentVolumeClaim: + claimName: meetbot-storage + - configMap: + defaultMode: 420 + name: mote + name: mote-config + restartPolicy: Always + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + from: + kind: ImageStreamTag + name: mote:latest + containerNames: + - "mote-worker" diff --git a/roles/openshift-apps/mote/templates/pvc.yml b/roles/openshift-apps/mote/templates/pvc.yml new file mode 100644 index 0000000000..a02f1e57e5 --- /dev/null +++ b/roles/openshift-apps/mote/templates/pvc.yml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: meetbot-storage +spec: +{% if env == 'staging' %} + # For stg, we use a simple ceph volume + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: ocs-storagecluster-ceph-rbd +{% else %} + # On prod, we use a nfs volume shared with meetbot on value02 + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + storageClassName: "" + volumeName: meetbot-storage +{% endif %} diff --git a/roles/openshift-apps/mote/templates/redis-dc.yml b/roles/openshift-apps/mote/templates/redis-dc.yml new file mode 100644 index 0000000000..e700dbff23 --- /dev/null +++ b/roles/openshift-apps/mote/templates/redis-dc.yml @@ -0,0 +1,35 @@ +apiVersion: apps.openshift.io/v1 +kind: DeploymentConfig +metadata: + name: redis + labels: + app: redis +spec: + replicas: 1 + selector: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - image: docker.io/redis:latest + args: + - redis-server + name: redis + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /data + name: redis-data + resources: + limits: + cpu: 100m + memory: 1Gi + requests: + cpu: '0' + memory: 500Mi + volumes: + - emptyDir: {} + name: redis-data + restartPolicy: Always diff --git a/roles/openshift-apps/mote/templates/redis-svc.yml b/roles/openshift-apps/mote/templates/redis-svc.yml new file mode 100644 index 0000000000..443dfef548 --- /dev/null +++ b/roles/openshift-apps/mote/templates/redis-svc.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis + name: redis +spec: + ports: + - name: redis-tcp + port: 6379 + protocol: TCP + targetPort: 6379 + selector: + app: redis + type: ClusterIP +