Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Mirrormanager: add F-M, use templates for volumes and env

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2024-06-21 09:54:36 +02:00
parent 1a59576685
commit 7921ebe30c
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
13 changed files with 364 additions and 426 deletions
Download patch file Download diff file Expand all files Collapse all files

27
playbooks/openshift-apps/mirrormanager.yml
View file

@ -112,10 +112,27 @@
key: ssh_mirrorlist_proxies.key
privatefile: "mirrormanager/id_rsa"
# Fedora Messaging
- role: openshift/secret-file
app: mirrormanager
secret_name: fedora-messaging-ca
key: cacert.pem
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
- role: openshift/secret-file
app: mirrormanager
secret_name: fedora-messaging-crt
key: cert.pem
privatefile: "rabbitmq/{{env}}/pki/issued/mirrormanager{{env_suffix}}.crt"
- role: openshift/secret-file
app: mirrormanager
secret_name: fedora-messaging-key
key: key.pem
privatefile: "rabbitmq/{{env}}/pki/private/mirrormanager{{env_suffix}}.key"
# Deployment config
- role: openshift/object
app: mirrormanager
file: deploymentconfig.yml
template: deploymentconfig.yml
objectname: deploymentconfig.yml
# Cron jobs
@ -148,12 +165,12 @@
app: mirrormanager
buildname: mm
tags:
- never
- build
- never
- build
- role: openshift/rollout
app: mirrormanager
dcname: frontend
tags:
- never
- rollout
- never
- rollout

106
roles/openshift-apps/mirrormanager/files/deploymentconfig.yml
View file

@ -1,106 +0,0 @@
---
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: frontend
labels:
app: mirrormanager
spec:
replicas: 1
selector:
app: mirrormanager
deploymentconfig: frontend
strategy:
type: Rolling
activeDeadlineSeconds: 21600
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
template:
metadata:
creationTimestamp: null
labels:
app: mirrormanager
deploymentconfig: frontend
spec:
containers:
- name: mirrormanager
imagePullPolicy: Always
ports:
- containerPort: 8080
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: secrets
mountPath: "/etc/mirrormanager-secrets"
readOnly: true
- name: data
mountPath: "/var/lib/mirrormanager"
- name: logs
mountPath: "/var/log/mirrormanager"
- name: wsgi-script
mountPath: "/opt/app-root/src/deploy"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
# - name: ipa-config
# mountPath: "/etc/ipa"
# readOnly: true
env:
- name: MM2_CONFIG
value: "/etc/mirrormanager/mirrormanager2.cfg"
- name: APP_MODULE
value: "deploy.wsgi"
- name: APP_CONFIG
value: "/etc/mirrormanager/gunicorn.conf.py"
# readinessProbe:
# timeoutSeconds: 10
# initialDelaySeconds: 5
# periodSeconds: 60
# httpGet:
# path: "/healthz/ready"
# port: 8080
# livenessProbe:
# timeoutSeconds: 10
# initialDelaySeconds: 10
# periodSeconds: 60
# httpGet:
# path: "/healthz/live"
# port: 8080
volumes:
- name: config
configMap:
name: config
- name: secrets
secret:
secretName: secrets
- name: data
persistentVolumeClaim:
claimName: data
- name: logs
persistentVolumeClaim:
claimName: logs
- name: wsgi-script
configMap:
name: wsgi-script
- name: scripts
configMap:
name: scripts
# - name: ipa-config
# configMap:
# name: ipa-client-config
triggers:
- type: ConfigChange
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- mirrormanager
from:
kind: ImageStreamTag
name: mirrormanager2:latest

91
roles/openshift-apps/mirrormanager/templates/_macros.yml Normal file
View file

@ -0,0 +1,91 @@
{% macro common_volume_mounts() %}
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: var-lib
mountPath: "/var/lib/mirrormanager"
- name: logs
mountPath: "/var/log/mirrormanager"
- name: wsgi-script
mountPath: "/opt/app-root/src/deploy"
readOnly: true
- name: mirrorlist-cache
mountPath: /var/cache/mirrorlist
{%- if with_ssh %}
- name: ssh-key
mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
subPath: ssh_mirrorlist_proxies.key
readOnly: true
{%- endif %}
- name: fedora-messaging-ca-volume
mountPath: /etc/pki/fedora-messaging/ca
readOnly: true
- name: fedora-messaging-key-volume
mountPath: /etc/pki/fedora-messaging/key
readOnly: true
- name: fedora-messaging-crt-volume
mountPath: /etc/pki/fedora-messaging/crt
readOnly: true
# - name: ipa-config
# mountPath: "/etc/ipa"
# readOnly: true
{% macro common_volumes(with_ssh=False) %}
volumes:
- name: config
configMap:
name: config
- name: var-lib
persistentVolumeClaim:
claimName: data
- name: logs
persistentVolumeClaim:
claimName: logs
- name: wsgi-script
configMap:
name: wsgi-script
- name: scripts
configMap:
name: scripts
- name: mirrorlist-cache
persistentVolumeClaim:
claimName: mirrorlist-cache
{%- if with_ssh %}
- name: ssh-key
secret:
secretName: ssh-mirrorlist-proxies-key
{%- endif %}
- name: fedora-messaging-ca-volume
secret:
secretName: fedora-messaging-ca
- name: fedora-messaging-key-volume
secret:
secretName: fedora-messaging-key
- name: fedora-messaging-crt-volume
secret:
secretName: fedora-messaging-crt
# - name: ipa-config
# configMap:
# name: ipa-client-config
{% endmacro %}
{% macro common_env() %}
- name: MM2_CONFIG
value: "/etc/mirrormanager/mirrormanager2.cfg"
- name: FEDORA_MESSAGING_CONF
value: "/etc/mirrormanager/fedora-messaging.toml"
# Defaults to 80 columns, not very readable
- name: COLUMNS
value: "160"
{% endmacro %}
{% macro security_context() %}
securityContext:
supplementalGroups: [1001280000]
{% endmacro %}

44
roles/openshift-apps/mirrormanager/templates/cmd-emergency-expire-repo.yml
View file

@ -1,3 +1,4 @@
{% from "_macros.yml" import common_volume_mounts, common_volumes, common_env, security_context %}
# Manual command
---
apiVersion: batch/v1
@ -21,44 +22,9 @@ spec:
- "{{ product }}"
- "{{ version }}"
env:
# Defaults to 80 columns, not very readable
- name: COLUMNS
value: "160"
{{ common_env() }}
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: ssh-key
mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
subPath: ssh_mirrorlist_proxies.key
readOnly: true
- name: data
mountPath: /data
- name: var-lib
mountPath: "/var/lib/mirrormanager"
- name: logs
mountPath: "/var/log/mirrormanager"
{{ common_volume_mounts(with_ssh=True) }}
volumes:
- name: config
configMap:
name: config
- name: scripts
configMap:
name: scripts
- name: ssh-key
secret:
secretName: ssh-mirrorlist-proxies-key
- name: data
persistentVolumeClaim:
claimName: mirrorlist-cache
- name: var-lib
persistentVolumeClaim:
claimName: data
- name: logs
persistentVolumeClaim:
claimName: logs
securityContext:
supplementalGroups: [1001280000]
{{ common_volumes(with_ssh=True) }}
{{ security_context() }}

2
roles/openshift-apps/mirrormanager/templates/configmap.yml
View file

@ -21,6 +21,8 @@ items:
{{ load_file('scan-primary-mirror.toml') | indent(6) }}
scan-primary-mirror-centos.toml: |-
{{ load_file('scan-primary-mirror-centos.toml') | indent(6) }}
fedora-messaging.toml: |-
{{ load_file('fedora-messaging.toml') | indent(6) }}
logrotate.conf: |-
{{ load_file('logrotate.conf') | indent(6) }}
ssh_known_hosts: |-

64
roles/openshift-apps/mirrormanager/templates/cron-accesses.yml
View file

@ -1,3 +1,4 @@
{% from "_macros.yml" import common_volume_mounts, common_volumes, common_env %}
---
apiVersion: batch/v1
kind: CronJob
@ -15,30 +16,16 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/create_statistics.sh"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: ssh-key
mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
subPath: ssh_mirrorlist_proxies.key
readOnly: true
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/create_statistics.sh"]
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts(with_ssh=True) | indent(4) }}
volumes:
- name: config
configMap:
name: config
- name: scripts
configMap:
name: scripts
- name: ssh-key
secret:
secretName: ssh-mirrorlist-proxies-key
{{ common_volumes(with_ssh=True) | indent(4) }}
---
## Also include stats from the previous day
apiVersion: batch/v1
@ -57,27 +44,12 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/create_statistics.sh", "yesterday"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: ssh-key
mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
subPath: ssh_mirrorlist_proxies.key
readOnly: true
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/create_statistics.sh", "yesterday"]
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts(with_ssh=True) | indent(4) }}
volumes:
- name: config
configMap:
name: config
- name: scripts
configMap:
name: scripts
- name: ssh-key
secret:
secretName: ssh-mirrorlist-proxies-key
{{ common_volumes(with_ssh=True) | indent(4) }}

134
roles/openshift-apps/mirrormanager/templates/cron-crawler.yml
View file

@ -1,6 +1,7 @@
#
### Crawler cron jobs
#
{% from "_macros.yml" import common_volume_mounts, common_volumes, common_env %}
{% for cronjob in mirrormanager_cron_crawler %}
---
# Category: {{ cronjob.category }}
@ -20,45 +21,30 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "{{ cronjob.threads }}"
- "--global-timeout"
- "{{ cronjob.timeout }}"
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "{{ cronjob.threads }}"
- "--global-timeout"
- "{{ cronjob.timeout }}"
{% if cronjob.host_timeout is defined %}
- "--host-timeout"
- "{{ cronjob.host_timeout }}"
- "--host-timeout"
- "{{ cronjob.host_timeout }}"
{% endif %}
- "--category"
- "{{ cronjob.category }}"
- "--{{ cronjob.include_disabled | ternary('include', 'exclude') }}-disabled"
- "--no-fail"
- "crawl"
env:
# Defaults to 80 columns, not very readable
- name: COLUMNS
value: "160"
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: data
mountPath: "/var/lib/mirrormanager"
- name: logs
mountPath: "/var/log/mirrormanager"
- "--category"
- "{{ cronjob.category }}"
- "--{{ cronjob.include_disabled | ternary('include', 'exclude') }}-disabled"
- "--no-fail"
- "crawl"
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts() | indent(4) }}
volumes:
- name: config
configMap:
name: config
- name: data
persistentVolumeClaim:
claimName: data
- name: logs
persistentVolumeClaim:
claimName: logs
{{ common_volumes() | indent(4) }}
{% endfor %}
---
#
@ -80,29 +66,28 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "logrotate"
- "-v"
- "--state"
- "/var/log/mirrormanager/logrotate.state"
- "/etc/mirrormanager/logrotate.conf"
volumeMounts:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "logrotate"
- "-v"
- "--state"
- "/var/log/mirrormanager/logrotate.state"
- "/etc/mirrormanager/logrotate.conf"
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: logs
mountPath: "/var/log/mirrormanager"
volumes:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
configMap:
name: config
- name: logs
mountPath: "/var/log/mirrormanager"
volumes:
- name: config
configMap:
name: config
- name: logs
persistentVolumeClaim:
claimName: logs
securityContext:
supplementalGroups: [1001280000]
persistentVolumeClaim:
claimName: logs
{{ security_context() | indent(4) }}
---
#
### Download GeoIP database
@ -123,21 +108,20 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "curl"
- "--create-dirs"
- "--output-dir"
- "/var/lib/mirrormanager/geoip"
- "-O"
- "https://infrastructure.fedoraproject.org/infra/bigfiles/geoip/GeoLite2-City.mmdb"
volumeMounts:
- name: data
mountPath: "/var/lib/mirrormanager"
volumes:
- name: data
persistentVolumeClaim:
claimName: data
securityContext:
supplementalGroups: [1001280000]
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "curl"
- "--create-dirs"
- "--output-dir"
- "/var/lib/mirrormanager/geoip"
- "-O"
- "https://infrastructure.fedoraproject.org/infra/bigfiles/geoip/GeoLite2-City.mmdb"
volumeMounts:
- name: var-lib
mountPath: "/var/lib/mirrormanager"
volumes:
- name: var-lib
persistentVolumeClaim:
claimName: data
{{ security_context() | indent(4) }}

15
roles/openshift-apps/mirrormanager/templates/cron-geoip.yml
View file

@ -1,3 +1,4 @@
{% from "_macros.yml" import security_context %}
---
# Download GeoIP database
apiVersion: batch/v1
@ -26,14 +27,13 @@ spec:
- "-O"
- "https://infrastructure.fedoraproject.org/infra/bigfiles/geoip/GeoLite2-City.mmdb"
volumeMounts:
- name: data
- name: var-lib
mountPath: "/var/lib/mirrormanager"
volumes:
- name: data
- name: var-lib
persistentVolumeClaim:
claimName: data
securityContext:
supplementalGroups: [1001280000]
{{ security_context() | indent(4) }}
---
# Generate the mirrors location text file
apiVersion: batch/v1
@ -61,14 +61,13 @@ spec:
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
- name: data
- name: var-lib
mountPath: "/var/lib/mirrormanager"
volumes:
- name: config
configMap:
name: config
- name: data
- name: var-lib
persistentVolumeClaim:
claimName: data
securityContext:
supplementalGroups: [1001280000]
{{ security_context() | indent(4) }}

87
roles/openshift-apps/mirrormanager/templates/cron-mirrorlist-cache.yml
View file

@ -1,3 +1,4 @@
{% from "_macros.yml" import common_volume_mounts, common_volumes, common_env %}
---
apiVersion: batch/v1
kind: CronJob
@ -15,37 +16,16 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/update-mirrorlist-cache.sh"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: ssh-key
mountPath: /etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
subPath: ssh_mirrorlist_proxies.key
readOnly: true
- name: data
mountPath: /data
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/update-mirrorlist-cache.sh"]
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts(with_ssh=True) | indent(4) }}
volumes:
- name: config
configMap:
name: config
- name: scripts
configMap:
name: scripts
- name: ssh-key
secret:
secretName: ssh-mirrorlist-proxies-key
- name: data
persistentVolumeClaim:
claimName: mirrorlist-cache
securityContext:
supplementalGroups: [1001280000]
{{ common_volumes(with_ssh=True) | indent(4) }}
{{ security_context() | indent(4) }}
---
# Sync netblocks list once a day
apiVersion: batch/v1
@ -64,24 +44,16 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["mm2_get-netblocks", "--debug", "global", "/data/global_netblocks.txt"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: data
mountPath: /data
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["mm2_get-netblocks", "--debug", "global", "/var/cache/mirrorlist/global_netblocks.txt"]
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts() | indent(4) }}
volumes:
- name: config
configMap:
name: config
- name: data
persistentVolumeClaim:
claimName: mirrorlist-cache
securityContext:
supplementalGroups: [1001280000]
{{ common_volumes() | indent(4) }}
{{ security_context() | indent(4) }}
---
# Run the script for Internet2 netblocks very late to
# make sure the files are all there. The script is
@ -105,22 +77,11 @@ spec:
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["mm2_get-netblocks", "--debug", "internet2", "/data/i2_netblocks.txt"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: data
mountPath: /data
volumes:
- name: config
configMap:
name: config
- name: data
persistentVolumeClaim:
claimName: mirrorlist-cache
securityContext:
supplementalGroups: [1001280000]
command: ["mm2_get-netblocks", "--debug", "internet2", "/var/cache/mirrorlist/i2_netblocks.txt"]
env:
{{ common_env() | indent(4) }}
{{ volumes() | indent(4) }}
{{ security_context() | indent(4) }}
---
# Amazon EC2 netblocks
apiVersion: batch/v1

46
roles/openshift-apps/mirrormanager/templates/cron-primary-mirror.yml
View file

@ -1,6 +1,7 @@
#
### Primary mirror scanning cron jobs
#
{% from "_macros.yml" import volumes, common_env, security_context %}
{% for cronjob in mirrormanager_cron_primary_mirror %}
---
# Category: {{ cronjob.category }}
@ -20,43 +21,24 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/primary-mirror-wrapper.sh", "{{ cronjob.category }}"]
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: scripts
mountPath: "/opt/scripts"
readOnly: true
- name: data
mountPath: "/var/lib/mirrormanager"
- name: logs
mountPath: "/var/log/mirrormanager"
- name: mirror
mountPath: "/srv/pub"
- name: mirror-archive
mountPath: "/srv/pub/archive"
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command: ["bash", "/opt/scripts/primary-mirror-wrapper.sh", "{{ cronjob.category }}"]
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts(with_ssh=True) | indent(4) }}
- name: mirror
mountPath: "/srv/pub"
- name: mirror-archive
mountPath: "/srv/pub/archive"
volumes:
- name: config
configMap:
name: config
- name: scripts
configMap:
name: scripts
- name: data
persistentVolumeClaim:
claimName: data
- name: logs
persistentVolumeClaim:
claimName: logs
{{ common_volumes(with_ssh=True) | indent(4) }}
- name: mirror
persistentVolumeClaim:
claimName: primary-mirror
- name: mirror-archive
persistentVolumeClaim:
claimName: primary-mirror-archive
securityContext:
supplementalGroups: [1001280000]
{{ security_context() | indent(4) }}
{% endfor %}

94
roles/openshift-apps/mirrormanager/templates/cron-propagation.yml
View file

@ -1,3 +1,7 @@
#
# Propagation checks
#
{% from "_macros.yml" import volumes, common_env, security_context %}
---
apiVersion: batch/v1
kind: CronJob
@ -15,25 +19,21 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "50"
- "propagation"
env:
# Defaults to 80 columns, not very readable
- name: COLUMNS
value: "160"
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "50"
- "propagation"
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts() | indent(4) }}
volumes:
- name: config
configMap:
name: config
{{ common_volumes() | indent(4) }}
---
apiVersion: batch/v1
kind: CronJob
@ -51,29 +51,23 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "50"
- "propagation"
- "--product"
- "CentOS"
- "--version"
- "9-stream"
env:
# Defaults to 80 columns, not very readable
- name: COLUMNS
value: "160"
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_crawler"
- "--threads"
- "50"
- "propagation"
- "--product"
- "CentOS"
- "--version"
- "9-stream"
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts() | indent(4) }}
volumes:
- name: config
configMap:
name: config
{{ common_volumes() | indent(4) }}
---
apiVersion: batch/v1
kind: CronJob
@ -91,15 +85,13 @@ spec:
spec:
restartPolicy: Never
containers:
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_expire-stats"
volumeMounts:
- name: config
mountPath: "/etc/mirrormanager"
readOnly: true
- name: mirrormanager
image: image-registry.openshift-image-registry.svc:5000/mirrormanager/mirrormanager2:latest
command:
- "/opt/app-root/bin/mm2_expire-stats"
env:
{{ common_env() | indent(4) }}
volumeMounts:
{{ common_volume_mounts() | indent(4) }}
volumes:
- name: config
configMap:
name: config
{{ common_volumes() | indent(4) }}

78
roles/openshift-apps/mirrormanager/templates/deploymentconfig.yml Normal file
View file

@ -0,0 +1,78 @@
{% from "_macros.yml" import common_volume_mounts, common_volumes, common_env %}
---
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: frontend
labels:
app: mirrormanager
spec:
replicas: 1
selector:
app: mirrormanager
deploymentconfig: frontend
strategy:
type: Rolling
activeDeadlineSeconds: 21600
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
template:
metadata:
creationTimestamp: null
labels:
app: mirrormanager
deploymentconfig: frontend
spec:
containers:
- name: mirrormanager
imagePullPolicy: Always
ports:
- containerPort: 8080
env:
- name: APP_MODULE
value: "deploy.wsgi"
- name: APP_CONFIG
value: "/etc/mirrormanager/gunicorn.conf.py"
{{ common_env() }}
# readinessProbe:
# timeoutSeconds: 10
# initialDelaySeconds: 5
# periodSeconds: 60
# httpGet:
# path: "/healthz/ready"
# port: 8080
# livenessProbe:
# timeoutSeconds: 10
# initialDelaySeconds: 10
# periodSeconds: 60
# httpGet:
# path: "/healthz/live"
# port: 8080
volumeMounts:
{{ common_volume_mounts() }}
- name: secrets
mountPath: "/etc/mirrormanager-secrets"
readOnly: true
volumes:
{{ common_volumes() }}
- name: secrets
secret:
secretName: secrets
triggers:
- type: ConfigChange
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- mirrormanager
from:
kind: ImageStreamTag
name: mirrormanager2:latest

2
roles/openshift-apps/mirrormanager/templates/update-mirrorlist-cache.sh
View file

@ -4,7 +4,7 @@ MIRRORLIST_PROXY="{% for host in groups['mirrorlist_proxies'] %} {{ host }} {% e
MM_USER=mirrormanager
MM_ROOT=/opt/app-root
MM_SSH_KEY=/etc/mirrormanager-ssh/ssh_mirrorlist_proxies.key
CACHEDIR=/data
CACHEDIR=/var/cache/mirrorlist
set -e
set -x