Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

datanommer: porting to openshift

Browse source
This commit is contained in:
Lenka Segura 2021-08-06 10:42:10 +02:00 committed by abompard
parent db936062b3
commit bc57a02675
5 changed files with 228 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

68
playbooks/openshift-apps/datanommer.yml Normal file
View file

@ -0,0 +1,68 @@
- name: make the app be real
hosts: os_masters_stg[0]
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- role: rabbit/user
username: "datanommer{{ env_suffix }}"
- role: openshift/project
app: datanommer
description: "Fedora messaging consumer"
appowners:
- abompard
- ryanlerch
- james02135
- lenkaseg
tags:
- apply-appowners
when: env == "production"
- role: openshift/project
app: datanommer
description: "Fedora messaging consumer"
appowners:
- abompard
- ryanlerch
- james02135
- lenkaseg
tags:
- apply-appowners
when: env == "staging"
- role: openshift/secret-file
app: datanommer
secret_name: fedora-messaging-ca
key: cacert.pem
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
- role: openshift/secret-file
app: datanommer
secret_name: fedora-messaging-crt
key: datanommer-cert.pem
privatefile: "rabbitmq/{{env}}/pki/issued/datanommer{{env_suffix}}.crt"
- role: openshift/secret-file
app: datanommer
secret_name: fedora-messaging-key
key: datanommer-key.pem
privatefile: "rabbitmq/{{env}}/pki/private/datanommer{{env_suffix}}.key"
- role: openshift/object
app: datanommer
template: buildconfig.yml
objectname: buildconfig.yml
- role: openshift/object
app: datanommer
template: configmap.yml
objectname: configmap.yml
- role: openshift/object
app: datanommer
template: deploymentconfig.yml
objectname: deploymentconfig.yml

38
roles/openshift-apps/datanommer/templates/buildconfig.yml Normal file
View file

@ -0,0 +1,38 @@
apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
name: datanommer
labels:
app: Datanommer
build: datanommer
spec:
runPolicy: Serial
source:
type: Git
git:
uri: https://github.com/fedora-infra/datanommer.git
{% if env == "staging" %}
ref: staging
{% else %}
ref: stable
{% endif %}
contextDir: /
strategy:
type: Source
sourceStrategy:
from:
kind: ImageStreamTag
name: python:3.8
namespace: openshift
output:
to:
kind: ImageStreamTag
name: datanommer:latest
triggers:
- type: ConfigChange
- type: ImageChange
{% if datanommer_stg_github_secret is defined and env == 'staging' %}
- type: GitHub
github:
secret: "{{ datanommer_stg_github_secret }}"
{% endif %}

11
roles/openshift-apps/datanommer/templates/configmap.yml Normal file
View file

@ -0,0 +1,11 @@
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fedora-messaging-config
labels:
app: datanommer
data:
config.toml: |-
{{ load_file('fedora-messaging-config.toml') | indent(6) }}

71
roles/openshift-apps/datanommer/templates/deploymentconfig.yml Normal file
View file

@ -0,0 +1,71 @@
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: datanommer
labels:
app: Datanommer
spec:
replicas: 1
selector:
app: Datanommer
deploymentconfig: datanommer
strategy:
type: Rolling
activeDeadlineSeconds: 21600
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
template:
metadata:
creationTimestamp: null
labels:
app: Datanommer
deploymentconfig: datanommer
spec:
containers:
- name: datanommer
imagePullPolicy: Always
ports:
- containerPort: 8080
volumeMounts:
- name: fedora-messaging-config-volume
mountPath: "/etc/fedora-messaging"
readOnly: true
- name: fedora-messaging-ca-volume
mountPath: /etc/pki/fedora-messaging/cacert.pem
subPath: cacert.pem
readOnly: true
- name: fedora-messaging-crt-volume
mountPath: /etc/pki/fedora-messaging/datanommer-cert.pem
subPath: datanommer-cert.pem
readOnly: true
- name: fedora-messaging-key-volume
mountPath: /etc/pki/fedora-messaging/datanommer-key.pem
subPath: datanommer-key.pem
readOnly: true
volumes:
- name: fedora-messaging-config-volume
configMap:
name: fedora-messaging-config
- name: fedora-messaging-ca-volume
secret:
secretName: fedora-messaging-ca
- name: fedora-messaging-crt-volume
secret:
secretName: fedora-messaging-crt
- name: fedora-messaging-key-volume
secret:
secretName: fedora-messaging-key
triggers:
- imageChangeParams:
automatic: true
containerNames:
- datanommer
from:
kind: ImageStreamTag
name: datanommer:latest
type: ImageChange
- type: ConfigChange

40
roles/openshift-apps/datanommer/templates/fedora-messaging-config.toml Normal file
View file

@ -0,0 +1,40 @@
amqp_url = "amqps://datanommer:@rabbitmq{{ env_suffix }}.fedoraproject.org/%2Fpubsub"
# Just check if the queue exist, don't try to create it (the server does not allow it).
passive_declares = true
# The topic_prefix configuration value will add a prefix to the topics of every sent message.
# This is used for migrating from fedmsg, and should not be used afterwards.
{% if env == "staging" %}
topic_prefix = "org.fedoraproject.stg"
{% else %}
topic_prefix = "org.fedoraproject.prod"
{% endif %}
[tls]
ca_cert = "/etc/pki/fedora-messaging/cacert.pem"
keyfile = "/etc/pki/fedora-messaging/datanommer-key.pem"
certfile = "/etc/pki/fedora-messaging/datanommer-cert.pem"
[client_properties]
app = "Datanommer"
[consumer_config]
datanomer_sqlalchemy_url = 'postgresql://{{ datanommerDBUser }}:{{ datanommerDBPassword }}@db-datanommer01{{ env_suffix }}.iad2.fedoraproject.org/datanommer2'
[log_config]
version = 1
disable_existing_loggers = true
[log_config.formatters.simple]
format = "[%(levelname)s %(name)s] %(message)s"
[log_config.handlers.console]
class = "logging.StreamHandler"
formatter = "simple"
stream = "ext://sys.stdout"
[log_config.loggers.fedora_messaging]
level = "INFO"
propagate = false
handlers = ["console"]
[log_config.root]
level = "WARNING"
handlers = ["console"]