Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3769447
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
11 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/_modules/paas_docker.py b/_modules/paas_docker.py
new file mode 100644
index 0000000..004758e
--- /dev/null
+++ b/_modules/paas_docker.py
@@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+
+# -------------------------------------------------------------
+# Salt — PaaS Docker execution module
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2018-10-07
+# Description: Functions related to data format conversions
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+
+def get_image(default_image, args):
+ """
+ A function to output a pillar key in JSON.
+
+ State Example::
+
+ {% image = salt['paas_docker.get_image']("nasqueron/mysql", container) %}
+ """
+ image = default_image
+
+ if 'image' in args:
+ image = args['image']
+
+ if 'version' in args:
+ image += ":" + str(args['version'])
+
+ return image
diff --git a/_tests/modules/test_paas_docker.py b/_tests/modules/test_paas_docker.py
new file mode 100644
index 0000000..fc4ad1b
--- /dev/null
+++ b/_tests/modules/test_paas_docker.py
@@ -0,0 +1,41 @@
+from importlib.machinery import SourceFileLoader
+import unittest
+
+salt_test_case = SourceFileLoader('salt_test_case', "salt_test_case.py").load_module()
+docker = SourceFileLoader('docker', '../_modules/paas_docker.py').load_module()
+
+
+class Testinstance(unittest.TestCase, salt_test_case.SaltTestCase):
+
+ def test_get_image(self):
+ container = {
+ "image": "foo",
+ "version": "42"
+ }
+
+ self.assertEqual("foo:42", docker.get_image("not_foo", container))
+
+ def test_get_image_without_version(self):
+ container = {
+ "image": "foo",
+ }
+
+ self.assertEqual("foo", docker.get_image("not_foo", container))
+
+ def test_get_image_without_image(self):
+ container = {
+ "version": "42"
+ }
+
+ self.assertEqual("not_foo:42", docker.get_image("not_foo", container))
+
+ def test_get_image_without_anything(self):
+ self.assertEqual("not_foo", docker.get_image("not_foo", {}))
+
+ def test_get_image_with_numeric_version(self):
+ container = {
+ "image": "foo",
+ "version": 2.5
+ }
+
+ self.assertEqual("foo:2.5", docker.get_image("not_foo", container))
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
index 859fb51..dcca1e7 100644
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -1,281 +1,289 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
docker_aliases:
- &ipv4_equatower 51.255.124.10
# -------------------------------------------------------------
# Images
#
# You can append a :tag (by default, latest is used).
#
# It's not possible to specify Docker library images only by final name.
# See https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker_image.html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker_images:
'*':
- certbot/certbot
dwellers:
# Core services
+ - nasqueron/mysql:5.7
- nasqueron/rabbitmq
# Infrastructure and development services
- dereckson/cachet
- nasqueron/notifications
equatower:
# Core services
- library/registry
- nasqueron/mysql
# Nasqueron services
- nasqueron/auth-grove
# Infrastructure and development services
- nasqueron/aphlict
- nasqueron/etherpad:production
- nasqueron/phabricator
# Continuous deployment jobs
- jenkins/jenkins
- nasqueron/jenkins-slave-php
- nasqueron/jenkins-slave-rust
- nasqueron/tommy
# -------------------------------------------------------------
# Networks
#
# Containers can be grouped by network, instead to use links.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker_networks:
dwellers:
bugzilla:
subnet: 172.21.3.0/24
equatower:
cd:
subnet: 172.18.1.0/24
ci:
subnet: 172.18.2.0/24
# -------------------------------------------------------------
# Docker engine configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker_daemon:
equatower:
storage-driver: devicemapper
storage-opts:
- "dm.thinpooldev=/dev/mapper/wharf-thinpool"
- "dm.use_deferred_removal=true"
- "dm.use_deferred_deletion=true"
docker_devicemapper:
equatower:
thinpool: wharf-thinpool
# -------------------------------------------------------------
# Containers
#
# The docker_containers entry allow to declare
# containers by image by servers
#
# The hierarchy is so as following.
#
# docker_containers:
# server with the Docker engine:
# service codename:
# instance name:
# container properties
#
# The service codename must match a state file in
# the roles/paas-docker/containers/ directory.
#
# The container will be run with the specified instance name.
#
# **nginx**
#
# The container properties can also describe the information
# needed to configure nginx with the host and app_port key.
#
# In such case, a matching vhost file should be declared as
# roles/paas-docker/nginx/files/vhosts/<service codename>.sls
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
docker_containers:
#
# Dwellers is the engine for Mastodon and CI intelligent bus services
#
-
dwellers:
- {}
+
+ #
+ # Core services
+ #
+
+ mysql:
+ bugzilla_db:
+ network: bugzilla
+ version: 5.7
#
# Equatower is the current production engine
#
equatower:
#
# Core services
#
mysql:
acquisitariat: {}
phpbb_db: {}
registry:
registry:
app_port: 5000
ip: 127.0.0.1
#
# CI and CD
#
jenkins:
jenkins_cd:
realm: cd
host: cd.nasqueron.org
app_port: 38080
jnlp_port: 50000
jenkins_ci:
realm: ci
host: ci.nasqueron.org
app_port: 42080
jnlp_port: 55000
jenkins_slave:
# Slaves for CD
apsile: &php_for_cd
image: php
realm: cd
elapsi: *php_for_cd
rust_brown:
image: rust
realm: cd
zateki: &php_for_ci
image: php
realm: ci
zenerre: *php_for_ci
tommy:
tommy_ci:
app_port: 24080
host: builds.nasqueron.org
aliases:
- build.nasqueron.org
jenkins_url: https://ci.nasqueron.org
tommy_cd:
# No host definition, as this dashboard is mounted on infra.nasqueron.org
app_port: 24180
jenkins_url: https://cd.nasqueron.org
# Infrastructure and development services
phabricator:
devcentral:
app_port: 31080
host: devcentral.nasqueron.org
aliases:
- phabricator.nasqueron.org
blogs:
servers:
host: servers.nasqueron.org
aliases:
- server.nasqueron.org
- serveur.nasqueron.org
- serveurs.nasqueron.org
static_host: phabricator-files-for-devcentral-nasqueron.spacetechnology.net
aphlict:
aphlict:
ports:
client: 22280
admin: 22281
cachet:
cachet:
app_port: 39080
host: status.nasqueron.org
credential: nasqueron.cachet.mysql
app_key: nasqueron.cachet.app_key
mysql_link: acquisitariat
etherpad:
pad:
app_port: 34080
host: pad.nasqueron.org
aliases:
- pad.wolfplex.org
- pad.wolfplex.be
credential: nasqueron.etherpad.api
mysql_link: acquisitariat
auth-grove:
login:
app_port: 25080
host: login.nasqueron.org
credential: nasqueron.auth-grove.mysql
mysql_link: acquisitariat
# phpBB SaaS
# The SaaS uses a MySQL instance, declared in the MySQL section.
# Openfire
openfire:
openfire:
ip: *ipv4_equatower
app_port: 9090
host: xmpp.nasqueron.org
# -------------------------------------------------------------
# Ports listened by XMPP
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
xmpp_ports:
- 3478
- 5222 # Client to server
- 5223 # Client to server (Encrypted (legacy-mode) connections)
- 5262 # Connections managers
- 5269 # Server to server
- 5275 # External components
- 5276 # External components (Encrypted (legacy-mode) connections)
- 7070 # HTTP binding
- 7443 # HTTP binding with TLS
- 7777 # File transfer proxy
- 9090 # Web administration server
- 9091 # Web administration server with TLS
# -------------------------------------------------------------
# Zemke-Rhyne clients
#
# This section should list all the Docker engines server
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
zr_clients:
- key: 2
allowedConnectionFrom:
- 172.27.26.49
- dwellers.nasqueron.drake
- dwellers.nasqueron.org
restrictCommand:
comment: Zemke-Rhyne
- key: 123
allowedConnectionFrom:
- equatower.nasqueron.org
restrictCommand:
comment: Zemke-Rhyne
diff --git a/roles/paas-docker/containers/mysql.sls b/roles/paas-docker/containers/mysql.sls
index 41384b6..33c7d77 100644
--- a/roles/paas-docker/containers/mysql.sls
+++ b/roles/paas-docker/containers/mysql.sls
@@ -1,48 +1,52 @@
# -------------------------------------------------------------
# Salt — Provision Docker engine
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-03-27
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% for instance in containers['mysql'] %}
+{% for instance, container in containers['mysql'].items() %}
+{% set image = salt['paas_docker.get_image']("nasqueron/mysql", container) %}
# -------------------------------------------------------------
# Home directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/srv/{{ instance }}/mysql:
file.directory:
- user: 999
- group: 999
- makedirs: True
{% if has_selinux %}
selinux_context_{{ instance }}_mysql_data:
selinux.fcontext_policy_present:
- name: /srv/{{ instance }}/mysql
- sel_type: container_file_t
selinux_context_{{ instance }}_mysql_data_applied:
selinux.fcontext_policy_applied:
- name: /srv/{{ instance }}/mysql
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- - image: nasqueron/mysql
+ - image: {{ image }}
- binds: /srv/{{ instance }}/mysql:/var/lib/mysql
- environment:
MYSQL_ROOT_PASSWORD: {{ salt['random.get_str'](31) }}
-
+{% if 'network' in container %}
+ - networks:
+ - {{ container['network'] }}
+{% endif %}
{% endfor %}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Nov 25, 14:38 (1 d, 3 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2260404
Default Alt Text
(11 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment