Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3995167
D1720.id.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
13 KB
Referenced Files
None
Subscribers
None
D1720.id.diff
View Options
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -10,13 +10,14 @@
- &ipv4_equatower 51.255.124.10
# -------------------------------------------------------------
-# Images and containers
+# Images
+#
+# You can append a :tag (by default, latest is used).
+#
+# It's not possible to specify Docker library images only by final name.
+# See https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker_image.html
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# You can append a :tag (by default, latest is used).
-# You can't directly specify a Docker library images.
-# See https://docs.saltstack.com/en/latest/ref/states/all/salt.states.docker_image.html
-
docker_images:
'*':
- certbot/certbot
@@ -39,51 +40,104 @@
# phpBB SaaS
- nasqueron/mysql
+# -------------------------------------------------------------
+# Containers
+#
+# The docker_containers entry allow to declare
+# containers by image by servers
+#
+# The hierarchy is so as following.
+#
+# docker_containers:
+# server with the Docker engine:
+# service codename:
+# instance name:
+# container properties
+#
+# The service codename must match a state file in
+# the roles/paas-docker/containers/ directory.
+#
+# The container will be run with the specified instance name.
+#
+# **nginx**
+#
+# The container properties can also describe the information
+# needed to configure nginx with the host and app_port key.
+#
+# In such case, a matching vhost file should be declared as
+# roles/paas-docker/nginx/files/vhosts/<service codename>.sls
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
docker_containers:
- equatower:
- # MySQL
- mysql:
+
+ #
+ # Equatower is the current production engine
+ #
+ equatower:
+
+ #
+ # Core services
+ #
+
+ mysql:
acquisitariat: {}
phpbb_db: {}
+ #
# CD
- jenkins:
- host: cd.nasqueron.org
- app_port: 38080
- jenkins_slave:
- apsile:
- ip: 172.17.0.100
- elapsi:
- ip: 172.17.0.101
-
- # Infrastructure and development services
- phabricator:
- devcentral: {}
- aphlict: {}
- cachet:
- app_port: 39080
- host: status.nasqueron.org
- credential: 47
- mysql_link: acquisitariat
- etherpad:
- app_port: 34080
- host: pad.nasqueron.org
- aliases:
- - pad.wolfplex.org
- - pad.wolfplex.be
- mysql_link: acquisitariat
- plugins:
- - ep_ether-o-meter
- - ep_author_neat
-
- # phpBB SaaS
- # The SaaS uses a MySQL instance, declared in the MySQL section.
-
- # Openfire
- openfire:
- ip: *ipv4_equatower
- app_port: 9090
- host: xmpp.nasqueron.org
+ #
+
+ jenkins:
+ jenkins_cd:
+ host: cd.nasqueron.org
+ app_port: 38080
+
+ jenkins_slave:
+ # Slaves for CD
+ apsile:
+ ip: 172.17.0.100
+ elapsi:
+ ip: 172.17.0.101
+
+ # Infrastructure and development services
+
+ phabricator:
+ devcentral: {}
+
+ aphlict:
+ aphlict:
+ ports:
+ client: 22280
+ admin: 22281
+
+ cachet:
+ cachet:
+ app_port: 39080
+ host: status.nasqueron.org
+ credential: 47
+ mysql_link: acquisitariat
+
+ etherpad:
+ pad:
+ app_port: 34080
+ host: pad.nasqueron.org
+ aliases:
+ - pad.wolfplex.org
+ - pad.wolfplex.be
+ mysql_link: acquisitariat
+ plugins:
+ - ep_ether-o-meter
+ - ep_author_neat
+
+ # phpBB SaaS
+ # The SaaS uses a MySQL instance, declared in the MySQL section.
+
+ # Openfire
+ openfire:
+ openfire:
+ ip: *ipv4_equatower
+ app_port: 9090
+ host: xmpp.nasqueron.org
# -------------------------------------------------------------
# Ports listened by XMPP
diff --git a/roles/paas-docker/containers/aphlict.sls b/roles/paas-docker/containers/aphlict.sls
--- a/roles/paas-docker/containers/aphlict.sls
+++ b/roles/paas-docker/containers/aphlict.sls
@@ -6,6 +6,10 @@
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
+{% set containers = pillar['docker_containers'][grains['id']] %}
+
+{% for instance, container in containers['aphlict'].items() %}
+
# -------------------------------------------------------------
# Container
#
@@ -14,7 +18,7 @@
# through websockets for Phabricator instances.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-aphlict:
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
@@ -23,5 +27,7 @@
- 22280
- 22281
- port_bindings:
- - 22280:22280
- - 22281:22281
+ - {{ container['ports']['client'] }}:22280
+ - {{ container['ports']['admin'] }}:22281
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/cachet.sls b/roles/paas-docker/containers/cachet.sls
--- a/roles/paas-docker/containers/cachet.sls
+++ b/roles/paas-docker/containers/cachet.sls
@@ -7,7 +7,8 @@
# -------------------------------------------------------------
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% set container = containers['cachet'] %}
+
+{% for instance, container in containers['cachet'].items() %}
# -------------------------------------------------------------
# Container
@@ -17,7 +18,7 @@
# information
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-cachet:
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
@@ -32,3 +33,5 @@
- 80
- port_bindings:
- {{ container['app_port'] }}:80
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/etherpad.sls b/roles/paas-docker/containers/etherpad.sls
--- a/roles/paas-docker/containers/etherpad.sls
+++ b/roles/paas-docker/containers/etherpad.sls
@@ -8,26 +8,26 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% set container = containers['etherpad'] %}
-{% set instance = 'pad' %}
+
+{% for instance, container in containers['etherpad'].items() %}
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-/srv/etherpad:
+/srv/{{ instance }}:
file.directory:
- makedirs: True
{% if has_selinux %}
-selinux_context_etherpad_data:
+selinux_context_{{ instance }}_data:
selinux.fcontext_policy_present:
- - name: /srv/etherpad
+ - name: /srv/{{ instance }}
- sel_type: svirt_sandbox_file_t
-selinux_context_etherpad_data_applied:
+selinux_context_{{ instance }}_data_applied:
selinux.fcontext_policy_applied:
- - name: /srv/etherpad
+ - name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
@@ -40,7 +40,7 @@
- interactive: True
- image: nasqueron/etherpad
- links: {{ container['mysql_link'] }}:mysql
- - binds: /srv/etherpad/var:/opt/etherpad-lite/var
+ - binds: /srv/{{ instance }}/var:/opt/etherpad-lite/var
- ports:
- 9001
- port_bindings:
@@ -48,26 +48,28 @@
pad_deploy_api:
cmd.run:
- - creates: /srv/etherpad/.ok-apikey
+ - creates: /srv/{{ instance }}/.ok-apikey
- name: |
- docker cp /srv/etherpad/var/APIKEY.txt {{ instance }}:opt/etherpad-lite/APIKEY.txt
+ docker cp /srv/{{ instance }}/var/APIKEY.txt {{ instance }}:opt/etherpad-lite/APIKEY.txt
docker restart {{ instance }}
- touch /srv/etherpad/.ok-apikey
+ touch /srv/{{ instance }}/.ok-apikey
pad_deploy_plugins:
cmd.run:
- - creates: /srv/etherpad/.ok-plugins
+ - creates: /srv/{{ instance }}/.ok-plugins
- name: |
{% for plugin in container['plugins'] %}
docker exec {{ instance }} npm install {{ plugin }}
{% endfor %}
docker restart {{ instance }}
- touch /srv/etherpad/.ok-plugins
+ touch /srv/{{ instance }}/.ok-plugins
pad_deploy_abiword:
cmd.run:
- - creates: /srv/etherpad/.ok-abiword
+ - creates: /srv/{{ instance }}/.ok-abiword
- name: |
docker exec {{ instance }} sh -c 'apt update && apt install -y abiword' && \
docker restart {{ instance }} && \
- touch /srv/etherpad/.ok-abiword
+ touch /srv/{{ instance }}/.ok-abiword
+
+{% endfor %}
diff --git a/roles/paas-docker/containers/init.sls b/roles/paas-docker/containers/init.sls
--- a/roles/paas-docker/containers/init.sls
+++ b/roles/paas-docker/containers/init.sls
@@ -6,9 +6,9 @@
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
-{% set containers = salt['node.filter_by_name']('docker_containers') %}
+{% set services = salt['node.filter_by_name']('docker_containers') %}
include:
-{% for container in containers %}
- - .{{ container }}
+{% for service in services %}
+ - .{{ service }}
{% endfor %}
diff --git a/roles/paas-docker/containers/jenkins_slave.sls b/roles/paas-docker/containers/jenkins_slave.sls
--- a/roles/paas-docker/containers/jenkins_slave.sls
+++ b/roles/paas-docker/containers/jenkins_slave.sls
@@ -45,8 +45,8 @@
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-{% for name, container in containers['jenkins_slave'].items() %}
-{{ name }}:
+{% for instance, container in containers['jenkins_slave'].items() %}
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
diff --git a/roles/paas-docker/containers/openfire.sls b/roles/paas-docker/containers/openfire.sls
--- a/roles/paas-docker/containers/openfire.sls
+++ b/roles/paas-docker/containers/openfire.sls
@@ -9,11 +9,13 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
+{% for instance, container in containers['openfire'].items() %}
+
# -------------------------------------------------------------
# Storage directory
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-/srv/openfire:
+/srv/{{ instance }}:
file.directory:
- user: 999
- group: 999
@@ -22,27 +24,29 @@
{% if has_selinux %}
selinux_context_openfire_data:
selinux.fcontext_policy_present:
- - name: /srv/openfire
+ - name: /srv/{{ instance }}
- sel_type: svirt_sandbox_file_t
selinux_context_openfire_data_applied:
selinux.fcontext_policy_applied:
- - name: /srv/openfire
+ - name: /srv/{{ instance }}
{% endif %}
# -------------------------------------------------------------
# Container
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-openfire:
+{{ instance }}:
docker_container.running:
- detach: True
- interactive: True
- image: gizmotronic/openfire
- - binds: /srv/openfire:/var/lib/openfire
- - hostname: {{ containers['openfire']['host'] }}
+ - binds: /srv/{{ instance }}:/var/lib/openfire
+ - hostname: {{ container['host'] }}
- ports: {{ pillar['xmpp_ports'] }}
- port_bindings:
{% for port in pillar['xmpp_ports'] %}
- - {{ containers['openfire']['ip'] }}:{{ port }}:{{ port }}
+ - {{ container['ip'] }}:{{ port }}:{{ port }}
+{% endfor %}
+
{% endfor %}
diff --git a/roles/paas-docker/containers/phabricator.sls b/roles/paas-docker/containers/phabricator.sls
--- a/roles/paas-docker/containers/phabricator.sls
+++ b/roles/paas-docker/containers/phabricator.sls
@@ -9,7 +9,7 @@
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
{% set containers = pillar['docker_containers'][grains['id']] %}
-{% for instance in containers['phabricator'] %}
+{% for instance, container in containers['phabricator'].items() %}
# -------------------------------------------------------------
# Storage directory
diff --git a/roles/paas-docker/nginx/config.sls b/roles/paas-docker/nginx/config.sls
--- a/roles/paas-docker/nginx/config.sls
+++ b/roles/paas-docker/nginx/config.sls
@@ -26,20 +26,23 @@
# vhosts folder
# -------------------------------------------------------------
-{% for container, args in containers.items() %}
-{% if 'host' in args %}
+{% for service, instances in containers.items() %}
+{% for instance, container in instances.items() %}
+{% if 'host' in container %}
-{{ dirs.etc }}/nginx/vhosts/{{ container }}.conf:
+{{ dirs.etc }}/nginx/vhosts/{{ service }}/{{ instance }}.conf:
file.managed:
- - source: salt://roles/paas-docker/nginx/files/vhosts/{{ container }}.conf
+ - source: salt://roles/paas-docker/nginx/files/vhosts/{{ service }}.conf
+ - makedirs: True
- mode: 644
- template: jinja
- context:
- fqdn: {{ args['host'] }}
- app_port: {{ args['app_port'] }}
- {% if 'aliases' in args %}
- aliases: {{ args['aliases']|join(" ") }}
+ fqdn: {{ container['host'] }}
+ app_port: {{ container['app_port'] }}
+ {% if 'aliases' in container %}
+ aliases: {{ container['aliases']|join(" ") }}
{% endif %}
{% endif %}
{% endfor %}
+{% endfor %}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Jan 12, 02:05 (13 h, 25 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2345955
Default Alt Text
D1720.id.diff (13 KB)
Attached To
Mode
D1720: Standardize containers pillar
Attached
Detach File
Event Timeline
Log In to Comment