ac1fc1d617
I like alerts. Do you like alerts? I like getting them so I can fix things. So, adding myself here to all these apps so I can tell when pods are crashing or builds are failing or whatever. :) Signed-off-by: Kevin Fenzi <kevin@scrye.com>
184 lines
4.9 KiB
YAML
184 lines
4.9 KiB
YAML
# Create the RabbitMQ users
|
|
|
|
- name: setup RabbitMQ
|
|
hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
tasks:
|
|
|
|
- name: Create the RabbitMQ user
|
|
rabbitmq_user:
|
|
user: "messaging-bridge{{ env_suffix }}.fedoraproject.org"
|
|
vhost: /pubsub
|
|
read_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
|
|
write_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
|
|
configure_priv: "^$"
|
|
tags:
|
|
- config
|
|
- rabbitmq_cluster
|
|
|
|
- name: setup Queues in RabbitMQ
|
|
hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
roles:
|
|
|
|
- role: rabbit/queue
|
|
username: "amqp_to_zmq"
|
|
queue_name: "amqp_to_zmq"
|
|
routing_keys: "#"
|
|
thresholds:
|
|
warning: 10
|
|
critical: 100
|
|
tags:
|
|
- config
|
|
- rabbitmq_cluster
|
|
|
|
- role: rabbit/queue
|
|
username: "amqp_bridge_verify_missing"
|
|
queue_name: "amqp_bridge_verify_missing"
|
|
routing_keys: "#"
|
|
message_ttl: 60000
|
|
thresholds:
|
|
warning: 10
|
|
critical: 100
|
|
tags:
|
|
- config
|
|
- rabbitmq_cluster
|
|
|
|
- name: setup bindings in RabbitMQ
|
|
hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
tasks:
|
|
|
|
- name: Create the amqp-to-zmq bindings
|
|
rabbitmq_binding:
|
|
name: amq.topic
|
|
destination: amqp_to_zmq
|
|
destination_type: queue
|
|
vhost: /pubsub
|
|
login_user: admin
|
|
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
|
|
tags:
|
|
- config
|
|
- rabbitmq_cluster
|
|
|
|
- name: Create the verify-missing bindings
|
|
rabbitmq_binding:
|
|
name: "{{item}}"
|
|
destination: amqp_bridge_verify_missing
|
|
destination_type: queue
|
|
vhost: /pubsub
|
|
login_user: admin
|
|
login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
|
|
with_items:
|
|
- amq.topic
|
|
- zmq.topic
|
|
tags:
|
|
- config
|
|
- rabbitmq_cluster
|
|
|
|
|
|
# Now create the app
|
|
|
|
- name: make the app be real
|
|
hosts: os_control[0]:os_control_stg[0]
|
|
user: root
|
|
gather_facts: False
|
|
|
|
vars_files:
|
|
- /srv/web/infra/ansible/vars/global.yml
|
|
- "/srv/private/ansible/vars.yml"
|
|
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
|
|
|
|
roles:
|
|
- role: openshift/project
|
|
app: messaging-bridges
|
|
description: "ZeroMQ <-> AMQP bridges"
|
|
appowners:
|
|
- abompard
|
|
- kevin
|
|
tags:
|
|
- appowners
|
|
|
|
- role: openshift/secret-file
|
|
app: messaging-bridges
|
|
secret_name: fedmsg-key
|
|
key: fedmsg-fedmsg-migration-tools.key
|
|
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key"
|
|
- role: openshift/secret-file
|
|
app: messaging-bridges
|
|
secret_name: fedmsg-cert
|
|
key: fedmsg-fedmsg-migration-tools.crt
|
|
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
|
|
|
|
- role: openshift/secret-file
|
|
app: messaging-bridges
|
|
secret_name: rabbitmq-ca
|
|
key: rabbitmq-ca.crt
|
|
privatefile: "rabbitmq/{{env}}/pki/ca.crt"
|
|
- role: openshift/secret-file
|
|
app: messaging-bridges
|
|
secret_name: rabbitmq-key
|
|
key: rabbitmq-fedmsg-migration-tools.key
|
|
privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key"
|
|
- role: openshift/secret-file
|
|
app: messaging-bridges
|
|
secret_name: rabbitmq-cert
|
|
key: rabbitmq-fedmsg-migration-tools.crt
|
|
privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
|
|
|
|
- role: openshift/object
|
|
app: messaging-bridges
|
|
file: imagestream.yml
|
|
objectname: imagestream.yml
|
|
- role: openshift/object
|
|
app: messaging-bridges
|
|
template: buildconfig.yml
|
|
objectname: buildconfig.yml
|
|
|
|
- role: openshift/start-build
|
|
app: messaging-bridges
|
|
buildname: messaging-bridges-build
|
|
|
|
- role: openshift/object
|
|
app: messaging-bridges
|
|
template: configmap.yml
|
|
objectname: configmap.yml
|
|
- role: openshift/object
|
|
app: messaging-bridges
|
|
file: service.yml
|
|
objectname: service.yml
|
|
- role: openshift/object
|
|
app: messaging-bridges
|
|
file: deploymentconfig.yml
|
|
objectname: deploymentconfig.yml
|
|
|
|
- role: openshift/rollout
|
|
app: messaging-bridges
|
|
dcname: amqp-to-zmq
|
|
- role: openshift/rollout
|
|
app: messaging-bridges
|
|
dcname: zmq-to-amqp
|
|
- role: openshift/rollout
|
|
app: messaging-bridges
|
|
dcname: verify-missing
|