From 2ef1ea0fdded6d4fb806393171e0aa64d05b6c17 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Thu, 24 Dec 2015 01:13:42 -0800 Subject: [PATCH 01/32] fixing stage configs init --- ansible/roles/vault/templates/vault.hcl | 2 +- ansible/stage-hosts/docks.js | 2 +- ansible/stage-hosts/variables | 4 +++- ansible/vault.yml | 2 ++ 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ansible/roles/vault/templates/vault.hcl b/ansible/roles/vault/templates/vault.hcl index 52032a41..25e1da24 100644 --- a/ansible/roles/vault/templates/vault.hcl +++ b/ansible/roles/vault/templates/vault.hcl @@ -1,5 +1,5 @@ backend "consul" { - address = "{{ ansible_default_ipv4.address }}:8500" + address = "{{ consul_host_address }}:{{ consul_api_port }}" path = "vault" advertise_addr = "http://{{ ansible_default_ipv4.address }}:8200" } diff --git a/ansible/stage-hosts/docks.js b/ansible/stage-hosts/docks.js index 01bb5018..e4b2c7a5 100755 --- a/ansible/stage-hosts/docks.js +++ b/ansible/stage-hosts/docks.js @@ -6,7 +6,7 @@ var aws = require('aws-sdk'); var ec2 = new aws.EC2({ accessKeyId: 'AKIAJ3RCYU6FCULAJP2Q', secretAccessKey: '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', - region: 'us-west-1' + region: 'us-west-2' }); var params = { diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index c47765df..d8eb6912 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -1,9 +1,11 @@ [stage:vars] ansible_ssh_private_key_file=~/.ssh/Test-runnable.pem +aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q +aws_secret_access_key=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 domain=runnable3.net node_env=stage -rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP rabbit_password=h7n972sPLs5tWGCWe6QPSCnaxDWjvnpEFEA9c9mBqauH3f22 +rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP registry_host=10.0.1.254 [vault:vars] diff --git a/ansible/vault.yml b/ansible/vault.yml index 4cfcb4fc..b119197c 100644 --- a/ansible/vault.yml +++ b/ansible/vault.yml @@ -1,4 +1,6 @@ --- +- hosts: consul + - hosts: vault vars_files: - group_vars/alpha-vault.yml From a2ad5ea9868d769301b5af9db17042ac0895d5cf Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Thu, 24 Dec 2015 01:24:00 -0800 Subject: [PATCH 02/32] set consul host for stage, log vault to docker logs --- ansible/group_vars/alpha-vault.yml | 3 ++- ansible/stage-hosts/variables | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ansible/group_vars/alpha-vault.yml b/ansible/group_vars/alpha-vault.yml index aa34cdb3..f6d16897 100644 --- a/ansible/group_vars/alpha-vault.yml +++ b/ansible/group_vars/alpha-vault.yml @@ -6,6 +6,8 @@ db_path: /opt/runnable/vault container_image: runnable/vault container_tag: v0.3.1 +log_driver: json-file + container_run_opts: > -d -h {{ inventory_hostname }} @@ -19,7 +21,6 @@ container_run_args: > vault server -log-level=warn -config=/vault.hcl - > /var/log/vault.log 2>&1 # vault seed data # pulled 2015/16/12 - Bryan diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index d8eb6912..6920e8ca 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -7,6 +7,7 @@ node_env=stage rabbit_password=h7n972sPLs5tWGCWe6QPSCnaxDWjvnpEFEA9c9mBqauH3f22 rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP registry_host=10.0.1.254 +consul_host_address=consul-server-staging-codenow.runnableapp.com [vault:vars] vault_auth_token=db6bcf6c-eace-35b2-915a-46aeed706ad6 From 3ad9515eaf2cf3544d4adf990451fd247b3ce42c Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Thu, 24 Dec 2015 01:45:17 -0800 Subject: [PATCH 03/32] new vault secrets --- ansible/stage-hosts/variables | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index 6920e8ca..a3ae947d 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -10,10 +10,10 @@ registry_host=10.0.1.254 consul_host_address=consul-server-staging-codenow.runnableapp.com [vault:vars] -vault_auth_token=db6bcf6c-eace-35b2-915a-46aeed706ad6 -vault_token_01=739b5afb7d5aa075153f750a4d0d7697f2b90ef610cc440627ab43ab60ad7bc601 -vault_token_02=7593c543320e82850d15827fb43ae7c553e6e480856a8bfaff658ae3dd75043602 -vault_token_03=e8f75fab3bc960784c7c802318207204e8f31b3bb9f1a615efd90371d05dc97803 +vault_auth_token=ff3b5003-5949-5d7d-7c0d-4fa21efe6666 +vault_token_01=c9dd02cd0f28aaeb8b819d50d2b7b274dab5ddc7fc64871a979bcb4472c9355501 +vault_token_02=15cc2b24a82fd3876476dd28b48756f56b4a78d2a23d18f0faca390aaf17092e02 +vault_token_03=c83631a80ec7a32d83d660c46b55dd1dd14805133c0bb23962a3d1529c957bd503 vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af vault_aws_access_key_id=AKIAJ7R4UIM45KH2WGWQ vault_aws_secret_key=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 From c1de42620870552c34ef9c62ab629efe105ec221 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 18:02:01 -0800 Subject: [PATCH 04/32] add docker-init role, add git_repo, move vault vars --- ansible/delta-hosts/hosts | 3 ++ ansible/delta-hosts/variables | 8 ++--- ansible/dock-init.yml | 4 +++ ansible/dock.yml | 30 +++++++++++++++++++ ansible/gamma-hosts/variables | 8 ++--- ansible/group_vars/alpha-dock-init.yml | 1 + ansible/roles/dock-init/tasks/main.yml | 16 ++++++++++ ansible/roles/dock-init/vars/main.yml | 9 ++++++ ansible/roles/git_node_service/tasks/main.yml | 19 ++---------- ansible/roles/git_repo/tasks/main.yml | 15 ++++++++++ ansible/stage-hosts/variables | 6 ++-- 11 files changed, 91 insertions(+), 28 deletions(-) create mode 100644 ansible/dock.yml create mode 100644 ansible/roles/dock-init/tasks/main.yml create mode 100644 ansible/roles/dock-init/vars/main.yml create mode 100644 ansible/roles/git_repo/tasks/main.yml diff --git a/ansible/delta-hosts/hosts b/ansible/delta-hosts/hosts index 84e61da2..12d0f8f8 100644 --- a/ansible/delta-hosts/hosts +++ b/ansible/delta-hosts/hosts @@ -33,6 +33,8 @@ delta-api [docks] +[dock] + [eru] delta-services @@ -112,6 +114,7 @@ sauron shiva metis swarm-manager +dock [local] 127.0.0.1 diff --git a/ansible/delta-hosts/variables b/ansible/delta-hosts/variables index 08b8626f..1359a24c 100644 --- a/ansible/delta-hosts/variables +++ b/ansible/delta-hosts/variables @@ -45,10 +45,6 @@ aws_secret_access_key=GrOO85hfoc7+bwT2GjoWbLyzyNbOKb2/XOJbCJsv shiva_rollbar_key=0526a90faec845d796e1ef5361a00526 [vault:vars] -vault_auth_token=578c9767-5af8-8490-0954-5d330f27b088 -vault_token_01=0d324dc7d4cbd94790fd08809d06fb1e28e21e185910081c7646e3e49924f6ed01 -vault_token_02=42dc8a69df174e77eb47a63b6ef4709bec57101cb1bff11a71c91b73b8bc046102 -vault_token_03=47f3cb74f5374fa3c51c90fd25e3d4cc851034de97584995fce5fc5382342f1f03 vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af vault_aws_access_key_id=AKIAJ7R4UIM45KH2WGWQ vault_aws_secret_key=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 @@ -69,6 +65,10 @@ rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM registry_host=10.8.4.126 user_content_domain=runnableapp.com +vault_auth_token=578c9767-5af8-8490-0954-5d330f27b088 +vault_token_01=0d324dc7d4cbd94790fd08809d06fb1e28e21e185910081c7646e3e49924f6ed01 +vault_token_02=42dc8a69df174e77eb47a63b6ef4709bec57101cb1bff11a71c91b73b8bc046102 +vault_token_03=47f3cb74f5374fa3c51c90fd25e3d4cc851034de97584995fce5fc5382342f1f03 [ec2:vars] aws_custid=437258487404 diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 3b707b13..eedbe70a 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -1,7 +1,11 @@ --- - hosts: consul + +- hosts: "{{ dock }}" vars_files: - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } + - { role: git_repo, tags: [deploy] } + - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/dock.yml b/ansible/dock.yml new file mode 100644 index 00000000..7e8910a4 --- /dev/null +++ b/ansible/dock.yml @@ -0,0 +1,30 @@ +--- +- hosts: localhost + tasks: + - fail: msg="`dock` (target dock) needs to be defined to run this role" + when: dock is not defined + - add_host: + name={{ dock }} + groups=dock + +# - hosts: consul +# - hosts: mongodb +# - hosts: neo4j +# - hosts: rabbit +# - hosts: redis +# - hosts: redis-slave + +# - hosts: {{ dock }} +# vars_files: +# - "group_vars/alpha-docks.yml" +# roles: +# - { role: docker, tags: "docker" } +# - { role: iptables, tags: "iptables, security" } +# - { role: datadog } + +- include: dock-init.yml git_branch=v5.1.3 +# - include: krain.yml +# - include: filibuster.yml +# - include: sauron.yml +# - include: image-builder.yml +# - include: charon.yml diff --git a/ansible/gamma-hosts/variables b/ansible/gamma-hosts/variables index b7f1c88d..3e66596a 100644 --- a/ansible/gamma-hosts/variables +++ b/ansible/gamma-hosts/variables @@ -45,10 +45,6 @@ aws_secret_access_key=GrOO85hfoc7+bwT2GjoWbLyzyNbOKb2/XOJbCJsv shiva_rollbar_key=0526a90faec845d796e1ef5361a00526 [vault:vars] -vault_auth_token=e22c3ebc-11cf-653b-7df0-79d78a499458 -vault_token_01=71d7b4754686013c8b9cfb22bafae79c661849dcd67c483c89efba12c0466aa201 -vault_token_02=794d6f7a3459c332a1fd2bbcc9230a7f84f1639806039ee8be547828cd7ab03a02 -vault_token_03=2e67faeffe4343c038d0f3210bdb83f3d3a5bc468975cf13e977ce9b5922aefe03 vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af vault_aws_access_key_id=AKIAJ7R4UIM45KH2WGWQ vault_aws_secret_key=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 @@ -70,6 +66,10 @@ registry_host=10.4.4.82 swarm_token=d363b783f03a845a2c82b081bfe8443e user_content_domain=runnable.ninja api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af +vault_auth_token=e22c3ebc-11cf-653b-7df0-79d78a499458 +vault_token_01=71d7b4754686013c8b9cfb22bafae79c661849dcd67c483c89efba12c0466aa201 +vault_token_02=794d6f7a3459c332a1fd2bbcc9230a7f84f1639806039ee8be547828cd7ab03a02 +vault_token_03=2e67faeffe4343c038d0f3210bdb83f3d3a5bc468975cf13e977ce9b5922aefe03 [ec2:vars] env=gamma diff --git a/ansible/group_vars/alpha-dock-init.yml b/ansible/group_vars/alpha-dock-init.yml index 1dabff3f..2a7effcd 100644 --- a/ansible/group_vars/alpha-dock-init.yml +++ b/ansible/group_vars/alpha-dock-init.yml @@ -1,5 +1,6 @@ name: dock-init app_name: "{{ name }}" +app_repo: git@github.com:CodeNow/{{ name }}.git # consul values consul_values: diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml new file mode 100644 index 00000000..dbe849f2 --- /dev/null +++ b/ansible/roles/dock-init/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- fail: msg="value tokens need to be defined for this role" + when: vault_auth_token is not defined or vault_token_01 is not defined or vault_token_02 is not defined or vault_token_03 is not defined + +- name: copy vault auth files + tags: vault_files + sudo: yes + lineinfile: + dest="/opt/runnable/dock-init/consul-resources/vault/{{ node_env }}/{{ item.file_name }}" + line="{{ item.value }}" + create=yes + with_items: + - { file_name: 'auth-token', value: "{{ vault_auth_token }}" } + - { file_name: 'token-01', value: "{{ vault_token_01 }}" } + - { file_name: 'token-02', value: "{{ vault_token_02 }}" } + - { file_name: 'token-03', value: "{{ vault_token_03 }}" } diff --git a/ansible/roles/dock-init/vars/main.yml b/ansible/roles/dock-init/vars/main.yml new file mode 100644 index 00000000..262990be --- /dev/null +++ b/ansible/roles/dock-init/vars/main.yml @@ -0,0 +1,9 @@ +vault_auth_values: + - file_name: auth-token + value: "{{ vault_auth_token }}" + - file_name: token-01 + value: "{{ vault_token_01 }}" + - file_name: token-02 + value: "{{ vault_token_02 }}" + - file_name: token-03 + value: "{{ vault_token_03 }}" diff --git a/ansible/roles/git_node_service/tasks/main.yml b/ansible/roles/git_node_service/tasks/main.yml index 96a04d49..d13516c8 100644 --- a/ansible/roles/git_node_service/tasks/main.yml +++ b/ansible/roles/git_node_service/tasks/main.yml @@ -1,21 +1,6 @@ --- -- name: create {{ app_name }} repository dir - sudo: yes - file: - path=/opt/runnable/{{ app_name }} - state=directory - owner={{ ansible_env.USER }} - -- name: pull the git repository - sudo: yes - git: - repo={{ app_repo }} - dest=/opt/runnable/{{ app_name }} - version={{ git_branch }} - update=yes - accept_hostkey=True - force=yes - key_file=/opt/runnable/dock-init/key/id_rsa_runnabledock +- name: pull repo + include: git/tasks/main.yml - name: remove node_modules sudo: yes diff --git a/ansible/roles/git_repo/tasks/main.yml b/ansible/roles/git_repo/tasks/main.yml new file mode 100644 index 00000000..a3356f22 --- /dev/null +++ b/ansible/roles/git_repo/tasks/main.yml @@ -0,0 +1,15 @@ +- name: create {{ app_name }} repository dir + sudo: yes + file: + path=/opt/runnable/{{ app_name }} + state=directory + owner={{ ansible_env.USER }} + +- name: pull the git repository + git: + repo={{ app_repo }} + dest=/opt/runnable/{{ app_name }} + version={{ git_branch }} + update=yes + accept_hostkey=True + force=yes diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index a3ae947d..e0b2d82a 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -2,18 +2,18 @@ ansible_ssh_private_key_file=~/.ssh/Test-runnable.pem aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q aws_secret_access_key=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 +consul_host_address=consul-server-staging-codenow.runnableapp.com domain=runnable3.net node_env=stage rabbit_password=h7n972sPLs5tWGCWe6QPSCnaxDWjvnpEFEA9c9mBqauH3f22 rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP registry_host=10.0.1.254 -consul_host_address=consul-server-staging-codenow.runnableapp.com - -[vault:vars] vault_auth_token=ff3b5003-5949-5d7d-7c0d-4fa21efe6666 vault_token_01=c9dd02cd0f28aaeb8b819d50d2b7b274dab5ddc7fc64871a979bcb4472c9355501 vault_token_02=15cc2b24a82fd3876476dd28b48756f56b4a78d2a23d18f0faca390aaf17092e02 vault_token_03=c83631a80ec7a32d83d660c46b55dd1dd14805133c0bb23962a3d1529c957bd503 + +[vault:vars] vault_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af vault_aws_access_key_id=AKIAJ7R4UIM45KH2WGWQ vault_aws_secret_key=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 From f303efb7c8d0227a7c4ea80029e7913295591494 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 18:15:03 -0800 Subject: [PATCH 05/32] fix repo pull include --- ansible/roles/git_node_service/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/git_node_service/tasks/main.yml b/ansible/roles/git_node_service/tasks/main.yml index d13516c8..04157104 100644 --- a/ansible/roles/git_node_service/tasks/main.yml +++ b/ansible/roles/git_node_service/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: pull repo - include: git/tasks/main.yml + include: ../../git/tasks/main.yml - name: remove node_modules sudo: yes From 0768379fc87ee9e3af814d083b4eba85fad16ff3 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 21:10:42 -0800 Subject: [PATCH 06/32] split out git repo from git service, remove dock file --- ansible/charon.yml | 5 +-- ansible/dock.yml | 8 ++--- ansible/docker-listener.yml | 5 +-- ansible/docks.yml | 19 ---------- ansible/filibuster.yml | 5 +-- ansible/gamma-hosts/hosts | 25 +++++++------ ansible/image-builder.yml | 2 +- ansible/krain.yml | 5 +-- ansible/roles/dock-init/vars/main.yml | 9 ----- ansible/roles/git_node_service/meta/main.yml | 5 --- ansible/roles/git_node_service/tasks/main.yml | 36 ------------------- ansible/stage-hosts/hosts | 17 ++++----- ansible/swarm-deamon.yml | 2 +- 13 files changed, 39 insertions(+), 104 deletions(-) delete mode 100644 ansible/docks.yml delete mode 100644 ansible/roles/dock-init/vars/main.yml delete mode 100644 ansible/roles/git_node_service/meta/main.yml delete mode 100644 ansible/roles/git_node_service/tasks/main.yml diff --git a/ansible/charon.yml b/ansible/charon.yml index 36acaee4..fcbba989 100644 --- a/ansible/charon.yml +++ b/ansible/charon.yml @@ -2,10 +2,11 @@ - hosts: redis - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - group_vars/alpha-charon.yml roles: - { role: notify, tags: [notify] } - - { role: git_node_service, tags: [deploy] } + - { role: git_repo, tags: [deploy] } + - { role: node_service, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/dock.yml b/ansible/dock.yml index 7e8910a4..07088682 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -23,8 +23,8 @@ # - { role: datadog } - include: dock-init.yml git_branch=v5.1.3 -# - include: krain.yml -# - include: filibuster.yml -# - include: sauron.yml +- include: krain.yml git_branch=v0.1.1 +- include: filibuster.yml git_branch=v0.1.7 +- include: sauron.yml git_branch=v3.1.0 +- include: charon.yml git_branch=v3.0.0 # - include: image-builder.yml -# - include: charon.yml diff --git a/ansible/docker-listener.yml b/ansible/docker-listener.yml index cba27b86..913edb63 100644 --- a/ansible/docker-listener.yml +++ b/ansible/docker-listener.yml @@ -3,13 +3,14 @@ - hosts: redis - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - group_vars/alpha-docker-listener.yml roles: - { role: notify, tags: [notify] } - { role: build_essential } - { role: docker_client } - - { role: git_node_service, tags: [deploy] } + - { role: git_repo, tags: [deploy] } + - { role: node_service, tags: [deploy] } - { role: loggly-rotate } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/docks.yml b/ansible/docks.yml deleted file mode 100644 index 30115b65..00000000 --- a/ansible/docks.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- hosts: redis -- hosts: redis-slave -- hosts: neo4j -- hosts: mongodb - -- hosts: docks - vars_files: - - "group_vars/alpha-docks.yml" - roles: - - { role: docker, tags: "docker" } - - { role: iptables, tags: "iptables, security" } - - { role: datadog } - -- include: krain.yml -- include: filibuster.yml -- include: sauron.yml -- include: image-builder.yml -- include: charon.yml diff --git a/ansible/filibuster.yml b/ansible/filibuster.yml index adbf9320..60a9aaad 100644 --- a/ansible/filibuster.yml +++ b/ansible/filibuster.yml @@ -1,11 +1,12 @@ --- - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - group_vars/alpha-filibuster.yml roles: - { role: notify, tags: [notify] } - - { role: git_node_service, tags: [deploy] } + - { role: git_repo, tags: [deploy] } + - { role: node_service, tags: [deploy] } - { role: loggly-rotate } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/gamma-hosts/hosts b/ansible/gamma-hosts/hosts index b832b366..8a2c72e8 100644 --- a/ansible/gamma-hosts/hosts +++ b/ansible/gamma-hosts/hosts @@ -87,27 +87,30 @@ gamma-services [docks] +[dock] + [gamma:children] -bastion -hipache -mongodb api -web -redis -redis-slave -docks -registry -neo4j -navi +bastion charon +dock +docks +eru +hipache khronos mavis +mongodb +navi +neo4j optimus rabbitmq -eru +redis +redis-slave +registry sauron shiva swarm-manager +web [ec2] 127.0.0.1 diff --git a/ansible/image-builder.yml b/ansible/image-builder.yml index d91addf0..5763257d 100644 --- a/ansible/image-builder.yml +++ b/ansible/image-builder.yml @@ -1,7 +1,7 @@ --- - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - group_vars/alpha-image-builder.yml roles: diff --git a/ansible/krain.yml b/ansible/krain.yml index d111740e..41975a44 100644 --- a/ansible/krain.yml +++ b/ansible/krain.yml @@ -1,12 +1,13 @@ --- - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - group_vars/alpha-krain.yml roles: - { role: notify, tags: [notify] } - { role: build_essential } - - { role: git_node_service, tags: [deploy] } + - { role: git_repo, tags: [deploy] } + - { role: node_service, tags: [deploy] } - { role: loggly-rotate } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/roles/dock-init/vars/main.yml b/ansible/roles/dock-init/vars/main.yml deleted file mode 100644 index 262990be..00000000 --- a/ansible/roles/dock-init/vars/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -vault_auth_values: - - file_name: auth-token - value: "{{ vault_auth_token }}" - - file_name: token-01 - value: "{{ vault_token_01 }}" - - file_name: token-02 - value: "{{ vault_token_02 }}" - - file_name: token-03 - value: "{{ vault_token_03 }}" diff --git a/ansible/roles/git_node_service/meta/main.yml b/ansible/roles/git_node_service/meta/main.yml deleted file mode 100644 index 304e4371..00000000 --- a/ansible/roles/git_node_service/meta/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -dependencies: - - { role: base_ubuntu, when: "ansible_distribution == 'Ubuntu'"} - - { role: node } - - { role: git } \ No newline at end of file diff --git a/ansible/roles/git_node_service/tasks/main.yml b/ansible/roles/git_node_service/tasks/main.yml deleted file mode 100644 index 04157104..00000000 --- a/ansible/roles/git_node_service/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: pull repo - include: ../../git/tasks/main.yml - -- name: remove node_modules - sudo: yes - when: remove_node_modules is defined - file: - path=/opt/runnable/{{ app_name }}/node_modules - state=absent - -- name: npm install {{ app_name }} - sudo: yes - npm: - path=/opt/runnable/{{ app_name }} - state=latest - production=yes - -- name: add env to configs - tags: 'update_configs' - sudo: yes - when: enviroment_vars is defined - with_dict: "{{ enviroment_vars }}" - lineinfile: - dest=/etc/init/{{ app_name }}.conf - regexp="env {{ item.key }}" - insertafter="env NPM_BIN" - line="env {{ item.key }}={{ item.value }}" - state=present - -- name: restart service {{ app_name }} - sudo: yes - service: - name={{ app_name }} - state=restarted - enabled=yes diff --git a/ansible/stage-hosts/hosts b/ansible/stage-hosts/hosts index becb9048..ee065fd7 100644 --- a/ansible/stage-hosts/hosts +++ b/ansible/stage-hosts/hosts @@ -1,29 +1,26 @@ +[dock] + +[docks] + [hipache] alpha-stage-userland-hipache domain=runnable2.net httpsCheckForBackend80=true prependIncomingPort=true subDomainDepth=3 [targets] localhost ansible_connection=local bastion_name=alpha-bastion -[redis] -delta-staging-data - [rabbitmq] delta-staging-data -[consul] +[redis] delta-staging-data [vault] delta-staging-data -[swarm-manager] -delta-staging-data - -[docks] - [stage:children] -consul +dock docks hipache rabbitmq redis +vault diff --git a/ansible/swarm-deamon.yml b/ansible/swarm-deamon.yml index 3203dc49..a8a50d00 100644 --- a/ansible/swarm-deamon.yml +++ b/ansible/swarm-deamon.yml @@ -1,7 +1,7 @@ --- - hosts: consul -- hosts: docks +- hosts: "{{ dock | default('docks') }}" vars_files: - "group_vars/alpha-swarm-deamon.yml" roles: From e85414ffc06318dca14578a8a5cc3e25dd75ab57 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 21:11:09 -0800 Subject: [PATCH 07/32] add node_service --- ansible/roles/node_service/meta/main.yml | 5 ++++ ansible/roles/node_service/tasks/main.yml | 31 +++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 ansible/roles/node_service/meta/main.yml create mode 100644 ansible/roles/node_service/tasks/main.yml diff --git a/ansible/roles/node_service/meta/main.yml b/ansible/roles/node_service/meta/main.yml new file mode 100644 index 00000000..304e4371 --- /dev/null +++ b/ansible/roles/node_service/meta/main.yml @@ -0,0 +1,5 @@ +--- +dependencies: + - { role: base_ubuntu, when: "ansible_distribution == 'Ubuntu'"} + - { role: node } + - { role: git } \ No newline at end of file diff --git a/ansible/roles/node_service/tasks/main.yml b/ansible/roles/node_service/tasks/main.yml new file mode 100644 index 00000000..4eeb4b42 --- /dev/null +++ b/ansible/roles/node_service/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: remove node_modules + when: remove_node_modules is defined + file: + path=/opt/runnable/{{ app_name }}/node_modules + state=absent + +- name: npm install {{ app_name }} + npm: + path=/opt/runnable/{{ app_name }} + state=latest + production=yes + +- name: add env to configs + tags: 'update_configs' + sudo: yes + when: enviroment_vars is defined + with_dict: "{{ enviroment_vars }}" + lineinfile: + dest=/etc/init/{{ app_name }}.conf + regexp="env {{ item.key }}" + insertafter="env NPM_BIN" + line="env {{ item.key }}={{ item.value }}" + state=present + +- name: restart service {{ app_name }} + sudo: yes + service: + name={{ app_name }} + state=restarted + enabled=yes From 7f8a07348ca63ed2f280dc6f8f75f181295c74da Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 21:12:19 -0800 Subject: [PATCH 08/32] remove unused env's --- ansible/beta-hosts/docks.js | 75 -------------------- ansible/beta-hosts/hosts | 122 -------------------------------- ansible/beta-hosts/variables | 81 ---------------------- ansible/prod-hosts/docks.js | 82 ---------------------- ansible/prod-hosts/hosts | 130 ----------------------------------- ansible/prod-hosts/variables | 63 ----------------- 6 files changed, 553 deletions(-) delete mode 100755 ansible/beta-hosts/docks.js delete mode 100644 ansible/beta-hosts/hosts delete mode 100644 ansible/beta-hosts/variables delete mode 100755 ansible/prod-hosts/docks.js delete mode 100644 ansible/prod-hosts/hosts delete mode 100644 ansible/prod-hosts/variables diff --git a/ansible/beta-hosts/docks.js b/ansible/beta-hosts/docks.js deleted file mode 100755 index f3055ea0..00000000 --- a/ansible/beta-hosts/docks.js +++ /dev/null @@ -1,75 +0,0 @@ -#!/usr/bin/env node - -'use strict'; - -var aws = require('aws-sdk'); -var ec2 = new aws.EC2({ - accessKeyId: 'AKIAJ3RCYU6FCULAJP2Q', - secretAccessKey: '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', - region: 'us-west-2' -}); - -var params = { - Filters: [ - // Only search for docks in the cluster security group - { - Name: 'instance.group-id', - Values: ['sg-d6e684b2'] - }, - // Only fetch instances that are tagged as docks - { - Name: 'tag:role', - Values: ['dock'] - }, - // Only fetch running instances - { - Name: 'instance-state-name', - Values: ['running'] - } - ] -}; - -ec2.describeInstances(params, function (err, data) { - if (err) { - console.error("An error occurred: ", err); - process.exit(1); - } - - // Get a set of instances from the describe response - var instances = []; - data.Reservations.forEach(function (res) { - res.Instances.forEach(function (instance) { - instances.push(instance); - }); - }); - - // Map the instances to their private ip addresses - // NOTE This will work locally because of the wilcard ssh proxy in the config - var hosts = instances.map(function (instance) { - return instance.PrivateIpAddress; - }); - - var hostVars = {}; - instances.forEach(function (instance) { - for (var i = 0; i < instance.Tags.length; i++) { - if (instance.Tags[i].Key === 'org') { - hostVars[instance.PrivateIpAddress] = { - host_tags: instance.Tags[i].Value + ',build,run' - }; - } - } - }); - - // Output the resulting JSON - // NOTE http://docs.ansible.com/ansible/developing_inventory.html - console.log(JSON.stringify( - { - docks: { - hosts: hosts - }, - _meta : { - hostvars : hostVars - } - } - )); -}); diff --git a/ansible/beta-hosts/hosts b/ansible/beta-hosts/hosts deleted file mode 100644 index b9fba452..00000000 --- a/ansible/beta-hosts/hosts +++ /dev/null @@ -1,122 +0,0 @@ -[bastion] -beta-bastion - -[hipache] -beta-hipache httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 -beta-userland-hipache domain=runnablecloud.com httpsCheckForBackend80=true prependIncomingPort=true subDomainDepth=3 - -[mongodb] -beta-mongodb01 -beta-mongodb02 -beta-mongodb03 - -[neo4j] -beta-neo4j - -[api_group:children] -worker -api - -[api] -beta-api - -[consul] -beta-services -beta-api -beta-web - -[vault] -beta-services - -[worker] -beta-api - -[eru] -beta-services - -[fluffy] -beta-services - -[navi] -beta-navi - -[link] -beta-navi - -[mongo-navi] -beta-navi - -[charon] -beta-services - -[khronos] -beta-services - -[mavis] -beta-services - -[optimus] -beta-services - -[detention] -beta-services - -[palantiri] -beta-services - -[rabbitmq] -beta-rabbit - -[web] -beta-web - -[redis] -beta-redis - -[redis-slave] -beta-redis-slave - -[sauron] -beta-services - -[shiva] -beta-services - -[metis] -beta-services - -[registry] -beta-registry - -[swarm-manager] -beta-services - -[docks] - -[beta:children] -api -bastion -charon -docks -eru -fluffy -hipache -khronos -link -mavis -mongodb -mongo-navi -navi -neo4j -optimus -rabbitmq -redis -redis-slave -registry -sauron -shiva -swarm-manager -web - -[targets] -localhost ansible_connection=local bastion_name=beta-bastion diff --git a/ansible/beta-hosts/variables b/ansible/beta-hosts/variables deleted file mode 100644 index a893a816..00000000 --- a/ansible/beta-hosts/variables +++ /dev/null @@ -1,81 +0,0 @@ -[api_group:vars] -api_aws_access_key_id=AKIAIDC4WVMTCGV7KRVQ -api_aws_secret_access_key=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 -api_github_client_id=baa5c868b6d17d7ae002 -api_github_client_secret=ad4f8527ae98d7eea15a32ee5abbead5c9a25abc -api_github_deploy_keys_bucket=runnable.deploykeys.production-beta -api_mixpanel_app_id=c41affa4b08818443365c526cbb51606 -api_mongo_auth=api:oW4c7x9Wiv28oiNBy2Bc -api_mongo_database=beta -api_mongo_replset_name=beta -api_neo4j_auth=neo4j:oqGlRV1KTpaqbHDkdlJz -api_new_relic_app_name=beta-api-production -api_rollbar_key=a90d9c262c7c48cfabbd32fd0a1bc61c -api_s3_context_bucket=runnable.context.resources.production-beta - -[docks:vars] -docker_config=docks - -[eru:vars] -eru_github_id=8abb08f83f6d1c52bd1a -eru_github_secret=74a23ee56486d57b14f292283cb04625f600917c - -[khronos:vars] -khronos_mongo_auth=api:oW4c7x9Wiv28oiNBy2Bc -khronos_mongo_database=beta -khronos_mongo_replset_name=beta - -[optimus:vars] -optimus_aws_access_id=AKIAJPA2ZYSVVA5V7XXQ -optimus_aws_secret_id=5V70AUxfIyHeLvlYZe0xaYevDAdgTOWOn5G7nHlt -optimus_github_deploy_keys_bucket=runnable.deploykeys.production-beta - -[palantiri:vars] -palantiri_rollbar_key=f675e9090d6f483ca4e742af2c7f2f83 - -[registry:vars] -registry_s3_access_key=AKIAJK5EN7W6E62A3C3Q -registry_s3_bucket=runnableimages.beta -registry_s3_secret_key=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 -registry_s3_region=us-east-1 - -[shiva:vars] -aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q -aws_secret_access_key=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 -shiva_rollbar_key=0526a90faec845d796e1ef5361a00526 - -[beta:vars] -ansible_ssh_private_key_file=~/.ssh/oregon.pem -datadog_host_address=10.20.1.59 -datadog_tags=env:beta -domain=runnable-beta.com -mongo_port=27000 -new_relic_license_key=338516e0826451c297d44dc60aeaf0a0ca4bfead -node_env=production-beta -pg_host=beta-infrastructure-db.cnksgdqarobf.us-west-2.rds.amazonaws.com -pg_pass=QBjSpAXVYwmGHu4Y -rabbit_password=wKK7g7NWKpQXEeSzyWB7mIpxZIL8H2mDSf3Q6czR3Vk -rabbit_username=o2mdLh9N9Ke2GzhoK8xsruYPhIQFN7iEL44dQJoq7OM -registry_host=10.20.1.55 -swarm_token=d363b783f03a845a2c82b081bfe8443e -user_content_domain=runnablecloud.com -api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af - -[ec2:vars] -env=beta -aws_custid=437258487404 -vpc_id=vpc-9e84e1fb -sg_api=sg-a6e684c2 -sg_bastion=sg-6bc8060f -sg_dock=sg-d6e684b2 -sg_hipache=sg-1935727d -sg_mongo=sg-13c30d77 -sg_nat=sg-4f07742b -sg_navi=sg-8de684e9 -sg_neo4j=sg-78dd131c -sg_rabbit=sg-42a76e26 -sg_rds=sg-a27f36c6 -sg_redis=sg-81d01ee5 -sg_services=sg-950172f1 -sg_userland=sg-5a28663e -sg_web=sg-58da143c diff --git a/ansible/prod-hosts/docks.js b/ansible/prod-hosts/docks.js deleted file mode 100755 index 77ac1431..00000000 --- a/ansible/prod-hosts/docks.js +++ /dev/null @@ -1,82 +0,0 @@ -#!/usr/bin/env node - -'use strict'; - -var aws = require('aws-sdk'); -var ec2 = new aws.EC2({ - accessKeyId: 'AKIAJ3RCYU6FCULAJP2Q', - secretAccessKey: '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', - region: 'us-west-1' -}); - -var params = { - Filters: [ - // Only search for docks in the cluster security group - { - Name: 'instance.group-id', - Values: ['sg-cb8e7dae'] - }, - // Only fetch instances that are tagged as docks - { - Name: 'tag:role', - Values: ['dock'] - }, - // Only fetch running instances - { - Name: 'instance-state-name', - Values: ['running'] - } - ] -}; - -ec2.describeInstances(params, function (err, data) { - if (err) { - console.error("An error occurred: ", err); - process.exit(1); - } - - // Get a set of instances from the describe response - var instances = []; - data.Reservations.forEach(function (res) { - res.Instances.forEach(function (instance) { - instances.push(instance); - }); - }); - - // Filter out staging docks - instances = instances.filter(function (instance) { - return !instance.Tags.some(function (tag) { - return tag.Key === 'env' && tag.Value === 'staging'; - }); - }) - - // Map the instances to their private ip addresses - // NOTE This will work locally because of the wilcard ssh proxy in the config - var hosts = instances.map(function (instance) { - return instance.PrivateIpAddress; - }); - - var hostVars = {}; - instances.forEach(function (instance) { - for (var i = 0; i < instance.Tags.length; i++) { - if (instance.Tags[i].Key === 'org') { - hostVars[instance.PrivateIpAddress] = { - host_tags: instance.Tags[i].Value + ',build,run' - }; - } - } - }); - - // Output the resulting JSON - // NOTE http://docs.ansible.com/ansible/developing_inventory.html - console.log(JSON.stringify( - { - docks: { - hosts: hosts - }, - _meta : { - hostvars : hostVars - } - } - )); -}); diff --git a/ansible/prod-hosts/hosts b/ansible/prod-hosts/hosts deleted file mode 100644 index 9f59dccf..00000000 --- a/ansible/prod-hosts/hosts +++ /dev/null @@ -1,130 +0,0 @@ -[bastion] -alpha-bastion - -[hubot] -hubot - -[migration-router] -migration-router - -[hipache] -alpha-hipache httpsCheckForBackend80=false prependIncomingPort=true subDomainDepth=4 -alpha-userland-hipache domain=runnableapp.com httpsCheckForBackend80=true prependIncomingPort=true subDomainDepth=3 - -[mongodb] -alpha-mongodb01 -alpha-mongodb02 -alpha-mongodb03 - -[neo4j] -alpha-neo4j - -[api_group:children] -worker -api - -[api] -alpha-api - -[consul] -alpha-api-old -alpha-api -alpha-web - -[vault] -alpha-api-old - -[worker] -alpha-api - -[eru] -alpha-api-old - -[fluffy] -alpha-api-old - -[navi] -alpha-navi - -[link] -alpha-navi - -[mongo-navi] -alpha-navi - -[charon] -alpha-api-old - -[khronos] -alpha-khronos - -[mavis] -alpha-api-old - -[optimus] -alpha-api-old - -[detention] -alpha-api-old - -[palantiri] -alpha-api-old - -[rabbitmq] -alpha-rabbit - -[web] -alpha-web - -[redis] -alpha-redis - -[redis-slave] -alpha-redis-slave - -[registry] -alpha-registry - -[sauron] -alpha-api-old - -[shiva] -alpha-api-old - -[metis] -alpha-api-old - -[swarm-manager] -alpha-api-old - -[docks] - -[alpha:children] -api -bastion -charon -detention -docks -eru -fluffy -hipache -hubot -khronos -link -mavis -mongodb -mongo-navi -navi -neo4j -optimus -rabbitmq -redis -redis-slave -registry -sauron -shiva -swarm-manager -web - -[targets] -localhost ansible_connection=local bastion_name=alpha-bastion diff --git a/ansible/prod-hosts/variables b/ansible/prod-hosts/variables deleted file mode 100644 index 650843be..00000000 --- a/ansible/prod-hosts/variables +++ /dev/null @@ -1,63 +0,0 @@ -[api_group:vars] -api_aws_access_key_id=AKIAJWSSSJYUXKNW2ZDA -api_aws_secret_access_key=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 -api_github_client_id=d42d6634d4070c9d9bf9 -api_github_client_secret=d6cfde38fef5723e25e52629e3d25825c8a704c9 -api_github_deploy_keys_bucket=runnable.deploykeys.production -api_hello_runnable_github_token=7ae2c176371fccfa17a26f2e44ea8cc77a9e07e5 -api_mixpanel_app_id=57260a5b6fc972e9c69184882efd009e -api_mongo_auth=api:uK8W84j7oU1BYi3ocsEvvJ2Fax9FxeYISla3PoQdvRg= -api_mongo_database=alpha -api_mongo_replset_name=alpha-0 -api_neo4j_auth=neo4j:oqGlRV1KTpaqbHDkdlJz -api_new_relic_app_name=alpha-api-production -api_rollbar_key=a90d9c262c7c48cfabbd32fd0a1bc61c -api_s3_context_bucket=runnable.context.resources.production - -[docks:vars] -docker_config=docks - -[eru:vars] -eru_github_id=46a23f5f99f0aa9460f8 -eru_github_secret=a0336d72e3d540fb9fbbed2c123a81e1cb329dab - -[khronos:vars] -khronos_mongo_auth=api:uK8W84j7oU1BYi3ocsEvvJ2Fax9FxeYISla3PoQdvRg= -khronos_mongo_database=alpha -khronos_mongo_replset_name=alpha - -[optimus:vars] -optimus_aws_access_id=AKIAJWSSSJYUXKNW2ZDA -optimus_aws_secret_id=tyvGiCbj5jWCiQnMLvfrfD64dFo8i6prkdcga86y -optimus_github_deploy_keys_bucket=runnable.deploykeys.production - -[palantiri:vars] -palantiri_rollbar_key=f675e9090d6f483ca4e742af2c7f2f83 - -[registry:vars] -registry_s3_access_key=AKIAJKCSFJCHFDITLBUQ -registry_s3_bucket=runnableimages.alpha -registry_s3_secret_key=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 -registry_s3_region=us-west-2 - -[shiva:vars] -aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q -aws_secret_access_key=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 -shiva_rollbar_key=0526a90faec845d796e1ef5361a00526 - -[alpha:vars] -ansible_ssh_private_key_file=~/.ssh/Test-runnable.pem -datadog_host_address=10.0.1.239 -datadog_tags=env:alpha -domain=runnable.io -mongo_port=27000 -new_relic_license_key=338516e0826451c297d44dc60aeaf0a0ca4bfead -node_env=production -pg_host=alpha-production-db.czw5moz6rmpp.us-west-1.rds.amazonaws.com:30573 -pg_pass=wCJGCfCWE9CKmQwa2XUKj6d8WYcEZAb9 -rabbit_password=6df7983b76a22bbbffee11a29860cda8 -rabbit_username=a4c1ac709c3bc685a6665fc1d23d737d -registry_host=10.0.1.254 -swarm_token=40ec138a1b478aaf84aca2a1c21c70fe -user_content_domain=runnableapp.com -api_hello_runnable_github_token=88ddc423c2312d02a8bbcaad76dd4c374a30e4af From 839affab9e23696b1cae553bbac7858b43a9a989 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 21:23:12 -0800 Subject: [PATCH 09/32] fix up configs --- ansible/dock-init.yml | 8 ++++++++ ansible/dock.yml | 17 +---------------- ansible/group_vars/alpha-dock-init.yml | 3 +++ ansible/stage-hosts/variables | 7 +++---- 4 files changed, 15 insertions(+), 20 deletions(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index eedbe70a..dfd609a2 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -1,11 +1,19 @@ --- - hosts: consul +- hosts: mongodb +- hosts: neo4j +- hosts: rabbit +- hosts: redis +- hosts: redis-slave - hosts: "{{ dock }}" vars_files: - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } + - { role: docker, tags: [docker] } + - { role: iptables, tags: [iptables, security] } + - { role: datadog } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/dock.yml b/ansible/dock.yml index 07088682..d4648ad9 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -7,24 +7,9 @@ name={{ dock }} groups=dock -# - hosts: consul -# - hosts: mongodb -# - hosts: neo4j -# - hosts: rabbit -# - hosts: redis -# - hosts: redis-slave - -# - hosts: {{ dock }} -# vars_files: -# - "group_vars/alpha-docks.yml" -# roles: -# - { role: docker, tags: "docker" } -# - { role: iptables, tags: "iptables, security" } -# - { role: datadog } - - include: dock-init.yml git_branch=v5.1.3 - include: krain.yml git_branch=v0.1.1 - include: filibuster.yml git_branch=v0.1.7 - include: sauron.yml git_branch=v3.1.0 - include: charon.yml git_branch=v3.0.0 -# - include: image-builder.yml +- include: image-builder.yml git_branch=d1.6.2-v4.0.0 diff --git a/ansible/group_vars/alpha-dock-init.yml b/ansible/group_vars/alpha-dock-init.yml index 2a7effcd..f2206a6d 100644 --- a/ansible/group_vars/alpha-dock-init.yml +++ b/ansible/group_vars/alpha-dock-init.yml @@ -2,6 +2,9 @@ name: dock-init app_name: "{{ name }}" app_repo: git@github.com:CodeNow/{{ name }}.git +# for docker role +docker_config: docks + # consul values consul_values: - key: "{{ name }}/version" diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index e0b2d82a..6f30051f 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -1,13 +1,12 @@ [stage:vars] -ansible_ssh_private_key_file=~/.ssh/Test-runnable.pem aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q aws_secret_access_key=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 consul_host_address=consul-server-staging-codenow.runnableapp.com -domain=runnable3.net -node_env=stage +domain=runnable-angular-staging-codenow.runnableapp.com +node_env=stageing rabbit_password=h7n972sPLs5tWGCWe6QPSCnaxDWjvnpEFEA9c9mBqauH3f22 rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP -registry_host=10.0.1.254 +registry_host=10.8.4.126 vault_auth_token=ff3b5003-5949-5d7d-7c0d-4fa21efe6666 vault_token_01=c9dd02cd0f28aaeb8b819d50d2b7b274dab5ddc7fc64871a979bcb4472c9355501 vault_token_02=15cc2b24a82fd3876476dd28b48756f56b4a78d2a23d18f0faca390aaf17092e02 From 10b5ec16c4de4aedadc2962717dc4d18f6c0e00f Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 23:09:24 -0800 Subject: [PATCH 10/32] remove ip tables, add config file back --- ansible/dock-init.yml | 1 - ansible/group_vars/alpha-docker-listener.yml | 2 - ansible/roles/dock-init/tasks/main.yml | 1 - ansible/roles/node_service/tasks/main.yml | 25 +++++++---- .../roles/node_service/templates/upstart.conf | 41 +++++++++++++++++++ ansible/stage-hosts/variables | 7 ++++ 6 files changed, 64 insertions(+), 13 deletions(-) create mode 100644 ansible/roles/node_service/templates/upstart.conf diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index dfd609a2..b3a9c6ab 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -12,7 +12,6 @@ roles: - { role: notify, tags: [notify] } - { role: docker, tags: [docker] } - - { role: iptables, tags: [iptables, security] } - { role: datadog } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } diff --git a/ansible/group_vars/alpha-docker-listener.yml b/ansible/group_vars/alpha-docker-listener.yml index 5b2542cf..38c6521c 100644 --- a/ansible/group_vars/alpha-docker-listener.yml +++ b/ansible/group_vars/alpha-docker-listener.yml @@ -10,8 +10,6 @@ enviroment_vars: RABBITMQ_PASSWORD: "{{ rabbit_password }}" RABBITMQ_PORT: "{{ rabbit_port }}" RABBITMQ_USERNAME: "{{ rabbit_username }}" - REDIS_IPADDRESS: "{{ redis_host_address }}" - REDIS_PORT: "{{ redis_port }}" # consul values consul_values: diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml index dbe849f2..562fd186 100644 --- a/ansible/roles/dock-init/tasks/main.yml +++ b/ansible/roles/dock-init/tasks/main.yml @@ -4,7 +4,6 @@ - name: copy vault auth files tags: vault_files - sudo: yes lineinfile: dest="/opt/runnable/dock-init/consul-resources/vault/{{ node_env }}/{{ item.file_name }}" line="{{ item.value }}" diff --git a/ansible/roles/node_service/tasks/main.yml b/ansible/roles/node_service/tasks/main.yml index 4eeb4b42..050e9077 100644 --- a/ansible/roles/node_service/tasks/main.yml +++ b/ansible/roles/node_service/tasks/main.yml @@ -1,30 +1,37 @@ --- - name: remove node_modules + tags: deploy when: remove_node_modules is defined file: path=/opt/runnable/{{ app_name }}/node_modules state=absent - name: npm install {{ app_name }} + tags: deploy npm: path=/opt/runnable/{{ app_name }} state=latest production=yes -- name: add env to configs - tags: 'update_configs' +- name: create new config file sudo: yes - when: enviroment_vars is defined - with_dict: "{{ enviroment_vars }}" - lineinfile: + template: + src=upstart.conf dest=/etc/init/{{ app_name }}.conf - regexp="env {{ item.key }}" - insertafter="env NPM_BIN" - line="env {{ item.key }}={{ item.value }}" - state=present + backup=yes + +- name: make override file + tags: deploy + sudo: yes + lineinfile: + dest="/etc/init/{{ app_name }}.override" + line="manual" + create=yes - name: restart service {{ app_name }} + tags: deploy sudo: yes + when: dock is not defined service: name={{ app_name }} state=restarted diff --git a/ansible/roles/node_service/templates/upstart.conf b/ansible/roles/node_service/templates/upstart.conf new file mode 100644 index 00000000..78615c6b --- /dev/null +++ b/ansible/roles/node_service/templates/upstart.conf @@ -0,0 +1,41 @@ +#!upstart +description "{{ app_name }}" +author "Anandkumar Patel" + +env NPM_BIN=/usr/local/bin/npm +env APP_DIR=/opt/runnable/{{ app_name }} +env LOG_FILE=/var/log/{{ app_name }}.log +env NODE_ENV={{ node_env }} + +{% if enviroment_vars is defined %} +{% for name, value in enviroment_vars.iteritems() %} +env {{ name }}={{ value }} +{% endfor %} +{% endif %} + +start on (local-filesystems and net-device-up IFACE=eth0) +stop on shutdown + +script + touch $LOG_FILE + chdir $APP_DIR + echo $$ > /var/run/{{ app_name }}.pid + exec $NPM_BIN start >> $LOG_FILE 2>&1 +end script + +pre-start script + # Date format same as (new Date()).toISOString() for consistency + echo "[`date -u +%Y-%m-%dT%T.%3NZ`] (sys) Starting" >> $LOG_FILE +end script + +pre-stop script + rm /var/run/{{ app_name }}.pid + echo "[`date -u +%Y-%m-%dT%T.%3NZ`] (sys) Stopping" >> $LOG_FILE +end script + +post-start script + echo "===== App restarted =====" >> $LOG_FILE +end script + +respawn +respawn limit 5 1 # give up restart after 5 respawns in 1 seconds \ No newline at end of file diff --git a/ansible/stage-hosts/variables b/ansible/stage-hosts/variables index 6f30051f..be947770 100644 --- a/ansible/stage-hosts/variables +++ b/ansible/stage-hosts/variables @@ -1,12 +1,19 @@ [stage:vars] +api_hostname=api-staging-codenow.runnableapp.com aws_access_key_id=AKIAJ3RCYU6FCULAJP2Q aws_secret_access_key=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 consul_host_address=consul-server-staging-codenow.runnableapp.com +detention_hostname=detention-staging-codenow.runnableapp.com domain=runnable-angular-staging-codenow.runnableapp.com +eru_hostname=admin-staging-codenow.runnableapp.com +fluffy_hostname=fluffy-staging-codenow.runnableapp.com +mavis_hostname=mavis-staging-codenow.runnableapp.com node_env=stageing +optimus_hostname=optimus-staging-codenow.runnableapp.com rabbit_password=h7n972sPLs5tWGCWe6QPSCnaxDWjvnpEFEA9c9mBqauH3f22 rabbit_username=5WE5wsEQmfw9sLsppJ4CEq9Auea8mPC4kgVt3xYqKxbYHPfP registry_host=10.8.4.126 +user_content_domain=runnable3.net vault_auth_token=ff3b5003-5949-5d7d-7c0d-4fa21efe6666 vault_token_01=c9dd02cd0f28aaeb8b819d50d2b7b274dab5ddc7fc64871a979bcb4472c9355501 vault_token_02=15cc2b24a82fd3876476dd28b48756f56b4a78d2a23d18f0faca390aaf17092e02 From 637815e40f8342ff854e076cdbe5afce97344976 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Fri, 25 Dec 2015 23:38:57 -0800 Subject: [PATCH 11/32] add docker install for dock --- ansible/dock-init.yml | 5 ----- ansible/group_vars/alpha-dock-init.yml | 2 +- ansible/roles/base_ubuntu/tasks/main.yml | 1 + ansible/roles/docker/defaults/main.yml | 2 +- ansible/roles/docker/tasks/main.yml | 7 +++---- ansible/roles/node_service/tasks/main.yml | 14 +++++++------- 6 files changed, 13 insertions(+), 18 deletions(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index b3a9c6ab..9019dd93 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -1,10 +1,5 @@ --- - hosts: consul -- hosts: mongodb -- hosts: neo4j -- hosts: rabbit -- hosts: redis -- hosts: redis-slave - hosts: "{{ dock }}" vars_files: diff --git a/ansible/group_vars/alpha-dock-init.yml b/ansible/group_vars/alpha-dock-init.yml index f2206a6d..35153872 100644 --- a/ansible/group_vars/alpha-dock-init.yml +++ b/ansible/group_vars/alpha-dock-init.yml @@ -3,7 +3,7 @@ app_name: "{{ name }}" app_repo: git@github.com:CodeNow/{{ name }}.git # for docker role -docker_config: docks +docker_config: dock # consul values consul_values: diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml index c410b9da..278b2ed6 100644 --- a/ansible/roles/base_ubuntu/tasks/main.yml +++ b/ansible/roles/base_ubuntu/tasks/main.yml @@ -1,6 +1,7 @@ --- - name: ensure registry.runnable in /etc/hosts sudo: yes + when: dock is not defined lineinfile: dest=/etc/hosts line="{{ registry_host }} registry.runnable.com" diff --git a/ansible/roles/docker/defaults/main.yml b/ansible/roles/docker/defaults/main.yml index 72e41355..5735c856 100644 --- a/ansible/roles/docker/defaults/main.yml +++ b/ansible/roles/docker/defaults/main.yml @@ -1,2 +1,2 @@ --- -docker_package_name: lxc-docker-1.6.2 +docker_package_name: docker-engine=1.9.1-0~trusty diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index 7c063f02..86bbe832 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -36,13 +36,12 @@ - name: add docker repository sudo: yes apt_repository: - repo: "deb https://get.docker.com/ubuntu docker main" + repo: "deb https://apt.dockerproject.org/repo ubuntu-{{ ansible_distribution_release }} main" state: present update_cache: yes - name: copy docker config file sudo: yes - when: docker_config == "runnable" template: src={{ docker_config }} dest=/etc/default/docker @@ -51,7 +50,7 @@ - name: install docker sudo: yes - when: restart is defined + when: restart is defined or dock is defined apt: pkg="{{ docker_package_name }}" state=present @@ -60,5 +59,5 @@ cache_valid_time=604800 - name: restart docker - when: copied_config.changed and restart is defined + when: (copied_config.changed and restart is defined) or dock is defined command: sudo service docker restart diff --git a/ansible/roles/node_service/tasks/main.yml b/ansible/roles/node_service/tasks/main.yml index 050e9077..6a70387c 100644 --- a/ansible/roles/node_service/tasks/main.yml +++ b/ansible/roles/node_service/tasks/main.yml @@ -13,13 +13,6 @@ state=latest production=yes -- name: create new config file - sudo: yes - template: - src=upstart.conf - dest=/etc/init/{{ app_name }}.conf - backup=yes - - name: make override file tags: deploy sudo: yes @@ -28,6 +21,13 @@ line="manual" create=yes +- name: create new config file + sudo: yes + template: + src=upstart.conf + dest=/etc/init/{{ app_name }}.conf + backup=yes + - name: restart service {{ app_name }} tags: deploy sudo: yes From 2660a6b3116a4e6974ecada1228118ccfec5f211 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Mon, 28 Dec 2015 14:43:07 -0800 Subject: [PATCH 12/32] add docker config for docks --- ansible/roles/docker/templates/dock | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ansible/roles/docker/templates/dock diff --git a/ansible/roles/docker/templates/dock b/ansible/roles/docker/templates/dock new file mode 100644 index 00000000..edeaeb8a --- /dev/null +++ b/ansible/roles/docker/templates/dock @@ -0,0 +1,6 @@ +DOCKER_OPTS="-H=unix:///var/run/docker.sock -H=0.0.0.0:4242" +DOCKER_OPTS="$DOCKER_OPTS --tlsverify --tlscacert=/etc/ssl/docker/ca.pem" +DOCKER_OPTS="$DOCKER_OPTS --tlscert=/etc/ssl/docker/cert.pem --tlskey=/etc/ssl/docker/key.pem" +DOCKER_OPTS="$DOCKER_OPTS -g /docker --insecure-registry registry.runnable.com --icc=false" +DOCKER_OPTS="$DOCKER_OPTS --bip 172.17.42.1/16" +DOCKER_OPTS="$DOCKER_OPTS --dns=172.17.42.1 --dns=8.8.8.8" From 27f45636d4d80e9a8b55b8c718ea776e538c1def Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Tue, 12 Jan 2016 15:26:53 -0800 Subject: [PATCH 13/32] add connection local --- ansible/dock.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/dock.yml b/ansible/dock.yml index d4648ad9..49b9f1cf 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -1,5 +1,6 @@ --- - hosts: localhost + connection: local tasks: - fail: msg="`dock` (target dock) needs to be defined to run this role" when: dock is not defined From bb892f07c3802073c72b11ad03a10e3e85e45150 Mon Sep 17 00:00:00 2001 From: Anandkumar Patel Date: Tue, 12 Jan 2016 15:37:46 -0800 Subject: [PATCH 14/32] remove datadog and sauron --- ansible/dock-init.yml | 1 - ansible/dock.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 9019dd93..7a1bf7ca 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -7,7 +7,6 @@ roles: - { role: notify, tags: [notify] } - { role: docker, tags: [docker] } - - { role: datadog } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } diff --git a/ansible/dock.yml b/ansible/dock.yml index 49b9f1cf..5a648ec7 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -11,6 +11,5 @@ - include: dock-init.yml git_branch=v5.1.3 - include: krain.yml git_branch=v0.1.1 - include: filibuster.yml git_branch=v0.1.7 -- include: sauron.yml git_branch=v3.1.0 - include: charon.yml git_branch=v3.0.0 - include: image-builder.yml git_branch=d1.6.2-v4.0.0 From 48ad0a5aa85da1fbe0ac61b3b2dea2a95d3c1fcf Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Tue, 12 Jan 2016 17:26:37 -0800 Subject: [PATCH 15/32] Added cert for docker --- ansible/dock-init.yml | 1 + ansible/roles/docker/tasks/main.yml | 15 +++++++++++++++ 2 files changed, 16 insertions(+) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 7a1bf7ca..a2ca4fca 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -6,6 +6,7 @@ - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } + - { role: docker_client, tags: [docker] } - { role: docker, tags: [docker] } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index 86bbe832..d1028cd4 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -1,4 +1,19 @@ --- +- name: create docker cert directory + sudo: yes + file: + path=/etc/ssl/docker + state=directory + +- name: copy docker certs + sudo: yes + copy: + src=certs + dest=/etc/ssl/docker + mode=0440 + owner=root + group=root + - name: change core dump path sudo: yes when: docker_config == "runnable" From c1ddaddb515bcaccc13869b75e7b8b18fa99cd60 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 14 Jan 2016 18:52:33 -0800 Subject: [PATCH 16/32] added aws ec2-metadata and ec2-api-tool --- ansible/dock-init.yml | 3 ++- ansible/roles/aws-package/tasks/main.yml | 25 ++++++++++++++++++++++ ansible/roles/docker/tasks/main.yml | 2 +- ansible/roles/image-builder/tasks/main.yml | 1 + 4 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/aws-package/tasks/main.yml diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index a2ca4fca..6bf0684b 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -6,8 +6,9 @@ - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } - - { role: docker_client, tags: [docker] } - { role: docker, tags: [docker] } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } + - { role: aws-package, tag: [anurag]} + diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/aws-package/tasks/main.yml new file mode 100644 index 00000000..a115b78d --- /dev/null +++ b/ansible/roles/aws-package/tasks/main.yml @@ -0,0 +1,25 @@ +--- + -name: Check if /usr/local/bin exsits + become: true + file: + Path=/usr/local/bin + state=directory + + -name: Install ec2-metadata in /usr/local/bin + become: + get_url: url=http://s3.amazonaws.com/ec2metadata/ec2-metadata dest=/usr/local/bin mode=0755 + + -name: Check of /usr/local/ec2 + become: true + file: + path=/usr/local/ec2 + state=directory + + -name: Download the zip file for ec2-api-tools + become: true + get_url: url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip dest=/tmp/ec2 mode=0755 + + -name: Unzip the ec2-api-tool + become: true + unarchive: src=/tmp/ec2/ec2-api-tools.zip dest=/usr/local/ec2 copy=no + diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index d1028cd4..4c271466 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -8,7 +8,7 @@ - name: copy docker certs sudo: yes copy: - src=certs + src=certs/ dest=/etc/ssl/docker mode=0440 owner=root diff --git a/ansible/roles/image-builder/tasks/main.yml b/ansible/roles/image-builder/tasks/main.yml index d0016ab8..3829860d 100644 --- a/ansible/roles/image-builder/tasks/main.yml +++ b/ansible/roles/image-builder/tasks/main.yml @@ -25,3 +25,4 @@ - name: push image-builder run_once: true command: sudo docker push "registry.runnable.com/{{ image_builder_docker_namespace }}:{{ git_branch }}" + when: dock is not defined From 455673a236212d78369addda8513503dd30a2ab9 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 14 Jan 2016 19:55:37 -0800 Subject: [PATCH 17/32] changed aws-package to dock-init meta --- ansible/roles/aws-package/tasks/main.yml | 43 +++++++++++++----------- ansible/roles/dock-init/meta/main.yml | 3 ++ 2 files changed, 26 insertions(+), 20 deletions(-) create mode 100644 ansible/roles/dock-init/meta/main.yml diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/aws-package/tasks/main.yml index a115b78d..cfa6e98f 100644 --- a/ansible/roles/aws-package/tasks/main.yml +++ b/ansible/roles/aws-package/tasks/main.yml @@ -1,25 +1,28 @@ --- - -name: Check if /usr/local/bin exsits - become: true - file: - Path=/usr/local/bin - state=directory + - name: Install ec2-metadata in /usr/local/bin + become: true + get_url: + url=http://s3.amazonaws.com/ec2metadata/ec2-metadata + dest=/usr/local/bin + mode=0755 - -name: Install ec2-metadata in /usr/local/bin - become: - get_url: url=http://s3.amazonaws.com/ec2metadata/ec2-metadata dest=/usr/local/bin mode=0755 + - name: Check of /usr/local/ec2 + become: true + file: + path=/usr/local/ec2 + state=directory - -name: Check of /usr/local/ec2 - become: true - file: - path=/usr/local/ec2 - state=directory + - name: Download the zip file for ec2-api-tools + become: true + get_url: + url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip + dest=/tmp/ec2 + mode=0755 - -name: Download the zip file for ec2-api-tools - become: true - get_url: url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip dest=/tmp/ec2 mode=0755 - - -name: Unzip the ec2-api-tool - become: true - unarchive: src=/tmp/ec2/ec2-api-tools.zip dest=/usr/local/ec2 copy=no + - name: Unzip the ec2-api-tool + become: true + unarchive: + src=/tmp/ec2/ec2-api-tools.zip + dest=/usr/local/ec2 + copy=no diff --git a/ansible/roles/dock-init/meta/main.yml b/ansible/roles/dock-init/meta/main.yml new file mode 100644 index 00000000..71f46448 --- /dev/null +++ b/ansible/roles/dock-init/meta/main.yml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: aws-package, tag: [anurag] } From 2a0101f5557b8bcad61e0d793d9ada152051ad0e Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Fri, 15 Jan 2016 14:37:52 -0800 Subject: [PATCH 18/32] Modified AWS Package --- ansible/roles/dock-init/tasks/main.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml index 562fd186..21baaf81 100644 --- a/ansible/roles/dock-init/tasks/main.yml +++ b/ansible/roles/dock-init/tasks/main.yml @@ -13,3 +13,12 @@ - { file_name: 'token-01', value: "{{ vault_token_01 }}" } - { file_name: 'token-02', value: "{{ vault_token_02 }}" } - { file_name: 'token-03', value: "{{ vault_token_03 }}" } + +- name: Install jq + become: true + tags: "Install jq" + apt: + pkg=jq + state=latest + update_cache=yes + cache_valid_time=604800 From 630ed8e938af8d517dc91e1de07bf809a162ce0c Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Tue, 19 Jan 2016 11:03:49 -0800 Subject: [PATCH 19/32] add logic to remove certificate and other security related stuff --- ansible/remove-security-ami.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 ansible/remove-security-ami.yml diff --git a/ansible/remove-security-ami.yml b/ansible/remove-security-ami.yml new file mode 100644 index 00000000..ed97d539 --- /dev/null +++ b/ansible/remove-security-ami.yml @@ -0,0 +1 @@ +--- From f502c7ec8aa06ab34216b4b91e05d079fd7dc893 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 21 Jan 2016 13:42:48 -0800 Subject: [PATCH 20/32] change for AWS packages --- ansible/dock-init.yml | 1 - ansible/roles/aws-package/tasks/main.yml | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 6bf0684b..e852cfea 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -10,5 +10,4 @@ - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } - - { role: aws-package, tag: [anurag]} diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/aws-package/tasks/main.yml index cfa6e98f..164c9a7f 100644 --- a/ansible/roles/aws-package/tasks/main.yml +++ b/ansible/roles/aws-package/tasks/main.yml @@ -26,3 +26,18 @@ dest=/usr/local/ec2 copy=no + - name: Download jq into /usr/local/bin + become: true + get_url: + url= + dest=/usr/local/bin + mode0755 + + - name: Download vault software to /usr/local/bin + become: true + get_url: + url=https://vaultproject.io/downloads.html + dest=/usr/local/bin + mode=0755 + + From 413275cd68b13adc37dcf21ca07edf336663a7e3 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 21 Jan 2016 13:52:41 -0800 Subject: [PATCH 21/32] unzip error --- ansible/roles/aws-package/tasks/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/aws-package/tasks/main.yml index 164c9a7f..df4b57e8 100644 --- a/ansible/roles/aws-package/tasks/main.yml +++ b/ansible/roles/aws-package/tasks/main.yml @@ -19,12 +19,12 @@ dest=/tmp/ec2 mode=0755 - - name: Unzip the ec2-api-tool - become: true - unarchive: - src=/tmp/ec2/ec2-api-tools.zip - dest=/usr/local/ec2 - copy=no +# - name: Unzip the ec2-api-tool +# become: true +# unarchive: +# src=/tmp/ec2/ec2-api-tools.zip +# dest=/usr/local/ec2 +# copy=no - name: Download jq into /usr/local/bin become: true From 31aefa8ce15d644426c722e25bca1e054f691461 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 21 Jan 2016 13:58:49 -0800 Subject: [PATCH 22/32] comment all task in aws package --- ansible/roles/aws-package/tasks/main.yml | 58 ++++++++++++------------ 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/aws-package/tasks/main.yml index df4b57e8..5547d529 100644 --- a/ansible/roles/aws-package/tasks/main.yml +++ b/ansible/roles/aws-package/tasks/main.yml @@ -1,23 +1,23 @@ --- - - name: Install ec2-metadata in /usr/local/bin - become: true - get_url: - url=http://s3.amazonaws.com/ec2metadata/ec2-metadata - dest=/usr/local/bin - mode=0755 +# - name: Install ec2-metadata in /usr/local/bin +# become: true +# get_url: +# url=http://s3.amazonaws.com/ec2metadata/ec2-metadata +# dest=/usr/local/bin +# mode=0755 - - name: Check of /usr/local/ec2 - become: true - file: - path=/usr/local/ec2 - state=directory +# - name: Check of /usr/local/ec2 +# become: true +# file: +# path=/usr/local/ec2 +# state=directory - - name: Download the zip file for ec2-api-tools - become: true - get_url: - url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip - dest=/tmp/ec2 - mode=0755 +# - name: Download the zip file for ec2-api-tools +# become: true +# get_url: +# url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip +# dest=/tmp/ec2 +# mode=0755 # - name: Unzip the ec2-api-tool # become: true @@ -26,18 +26,18 @@ # dest=/usr/local/ec2 # copy=no - - name: Download jq into /usr/local/bin - become: true - get_url: - url= - dest=/usr/local/bin - mode0755 +# - name: Download jq into /usr/local/bin +# become: true +# get_url: +# url= +# dest=/usr/local/bin +# mode0755 - - name: Download vault software to /usr/local/bin - become: true - get_url: - url=https://vaultproject.io/downloads.html - dest=/usr/local/bin - mode=0755 +# - name: Download vault software to /usr/local/bin +# become: true +# get_url: +# url=https://vaultproject.io/downloads.html +# dest=/usr/local/bin +# mode=0755 From d0377bcf8b0dee8cc934a83ff19c93e4abe7262e Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Thu, 21 Jan 2016 16:28:41 -0800 Subject: [PATCH 23/32] added datadog to dock-init.yml --- ansible/dock-init.yml | 2 +- ansible/roles/dock-init/meta/main.yml | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) delete mode 100644 ansible/roles/dock-init/meta/main.yml diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index e852cfea..468e1256 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -10,4 +10,4 @@ - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } - + - { role: datadog, tags [deploy, datadog] } diff --git a/ansible/roles/dock-init/meta/main.yml b/ansible/roles/dock-init/meta/main.yml deleted file mode 100644 index 71f46448..00000000 --- a/ansible/roles/dock-init/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -dependencies: - - { role: aws-package, tag: [anurag] } From e9488f0ff40ce89e5c86cc88e02a4b5e52ab5b62 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Sun, 24 Jan 2016 18:43:43 -0800 Subject: [PATCH 24/32] added package, cert for dock ami --- ansible/dock-init.yml | 4 +- ansible/dock.yml | 1 + ansible/roles/dock-init/files/rollbar.token | 1 + ansible/roles/dock-init/tasks/main.yml | 15 ++--- .../tasks/main.yml | 22 ------- ansible/roles/package-dock/tasks/main.yml | 60 +++++++++++++++++++ 6 files changed, 73 insertions(+), 30 deletions(-) create mode 100644 ansible/roles/dock-init/files/rollbar.token rename ansible/roles/{aws-package => package-aws}/tasks/main.yml (56%) create mode 100644 ansible/roles/package-dock/tasks/main.yml diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 468e1256..cdd9a310 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -6,8 +6,10 @@ - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } + - { role: package-dock, tags: [dock, pakage] } + - { role: package-aws, tags: [dock, pakage] } - { role: docker, tags: [docker] } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } - - { role: datadog, tags [deploy, datadog] } + - { role: datadog, tags: [deploy, datadog] } diff --git a/ansible/dock.yml b/ansible/dock.yml index 5a648ec7..867f3012 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -13,3 +13,4 @@ - include: filibuster.yml git_branch=v0.1.7 - include: charon.yml git_branch=v3.0.0 - include: image-builder.yml git_branch=d1.6.2-v4.0.0 +- include: docker-listener.yml git_branch=v4.3.0 diff --git a/ansible/roles/dock-init/files/rollbar.token b/ansible/roles/dock-init/files/rollbar.token new file mode 100644 index 00000000..cc541b6d --- /dev/null +++ b/ansible/roles/dock-init/files/rollbar.token @@ -0,0 +1 @@ +d1af6567ed0f464fb1d676f38fd31751 diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml index 21baaf81..abb11d0f 100644 --- a/ansible/roles/dock-init/tasks/main.yml +++ b/ansible/roles/dock-init/tasks/main.yml @@ -14,11 +14,12 @@ - { file_name: 'token-02', value: "{{ vault_token_02 }}" } - { file_name: 'token-03', value: "{{ vault_token_03 }}" } -- name: Install jq +- name: copy rollbar token + tags: rollbar become: true - tags: "Install jq" - apt: - pkg=jq - state=latest - update_cache=yes - cache_valid_time=604800 + copy: + src=rollbar.token + dest=/opt/runnable/dock-init/key + mode=0444 + owner=root + group=root diff --git a/ansible/roles/aws-package/tasks/main.yml b/ansible/roles/package-aws/tasks/main.yml similarity index 56% rename from ansible/roles/aws-package/tasks/main.yml rename to ansible/roles/package-aws/tasks/main.yml index 5547d529..c5b7e9d8 100644 --- a/ansible/roles/aws-package/tasks/main.yml +++ b/ansible/roles/package-aws/tasks/main.yml @@ -6,12 +6,6 @@ # dest=/usr/local/bin # mode=0755 -# - name: Check of /usr/local/ec2 -# become: true -# file: -# path=/usr/local/ec2 -# state=directory - # - name: Download the zip file for ec2-api-tools # become: true # get_url: @@ -25,19 +19,3 @@ # src=/tmp/ec2/ec2-api-tools.zip # dest=/usr/local/ec2 # copy=no - -# - name: Download jq into /usr/local/bin -# become: true -# get_url: -# url= -# dest=/usr/local/bin -# mode0755 - -# - name: Download vault software to /usr/local/bin -# become: true -# get_url: -# url=https://vaultproject.io/downloads.html -# dest=/usr/local/bin -# mode=0755 - - diff --git a/ansible/roles/package-dock/tasks/main.yml b/ansible/roles/package-dock/tasks/main.yml new file mode 100644 index 00000000..91a23580 --- /dev/null +++ b/ansible/roles/package-dock/tasks/main.yml @@ -0,0 +1,60 @@ +--- +- name: Install unzip + become: yes + apt: + pkg=unzip + state=latest + update_cache=yes + cache_valid_time=604800 + +- name: Install openjdk-7-jdk + become: yes + apt: + pkg=openjdk-7-jdk + state=latest + update_cache=yes + cache_valid_time=604800 + +- name: Install jq + become: true + tags: "Install jq" + apt: + pkg=jq + state=latest + update_cache=yes + cache_valid_time=604800 + + +#- name: Download Vault 041 +# become: yes +# get-url: +# url=https://releases.hashicorp.com/vault/0.4.1/vault_0.4.1_linux_amd64.zip +# dest=/usr/local/bin +# +#- name: unzip vault_0.4.1_linux_amd64.zip +# become: yes +# unarchive: +# src=/usr/local/bin/vault_0.4.1_linux_amd64.zip +# dest=/usr/local/bin +# mode=0755 +# +#- name: Download Consul-Template +# become: yes +# get_url: +# url=https://releases.hashicorp.com/consul-template/0.11.1/consul-template_0.11.1_linux_amd64.zip +# dest=/usr/local/bin +# mode=0755 +# +#- name: unzip +# become: yes +# unarchive: +# src=consul-template_0.11.1_linux_amd64.zip +# dest=/usr/local/bin +# mode=0755 +# +#- name: Download weave 141 +# become: yes +# get_url: +# url=https://github.com/weaveworks/weave/releases/download/v1.4.1/weave +# dest=/usr/local/bin +# From 3ac49556304dcd6a7b6e4e424e6153d2d320dd95 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Mon, 25 Jan 2016 14:23:53 -0800 Subject: [PATCH 25/32] added get-url and unzip --- ansible/roles/git_repo/tasks/main.yml | 5 ++ ansible/roles/package-dock/tasks/main.yml | 68 ++++++++++++----------- 2 files changed, 40 insertions(+), 33 deletions(-) diff --git a/ansible/roles/git_repo/tasks/main.yml b/ansible/roles/git_repo/tasks/main.yml index a3356f22..0e300587 100644 --- a/ansible/roles/git_repo/tasks/main.yml +++ b/ansible/roles/git_repo/tasks/main.yml @@ -1,3 +1,8 @@ +--- +- name: Display Git Repo Name + debug: + msg: "applicate Installed: {{ app_name }}, branch : {{ git_branch }} " + - name: create {{ app_name }} repository dir sudo: yes file: diff --git a/ansible/roles/package-dock/tasks/main.yml b/ansible/roles/package-dock/tasks/main.yml index 91a23580..1c63cab2 100644 --- a/ansible/roles/package-dock/tasks/main.yml +++ b/ansible/roles/package-dock/tasks/main.yml @@ -25,36 +25,38 @@ cache_valid_time=604800 -#- name: Download Vault 041 -# become: yes -# get-url: -# url=https://releases.hashicorp.com/vault/0.4.1/vault_0.4.1_linux_amd64.zip -# dest=/usr/local/bin -# -#- name: unzip vault_0.4.1_linux_amd64.zip -# become: yes -# unarchive: -# src=/usr/local/bin/vault_0.4.1_linux_amd64.zip -# dest=/usr/local/bin -# mode=0755 -# -#- name: Download Consul-Template -# become: yes -# get_url: -# url=https://releases.hashicorp.com/consul-template/0.11.1/consul-template_0.11.1_linux_amd64.zip -# dest=/usr/local/bin -# mode=0755 -# -#- name: unzip -# become: yes -# unarchive: -# src=consul-template_0.11.1_linux_amd64.zip -# dest=/usr/local/bin -# mode=0755 -# -#- name: Download weave 141 -# become: yes -# get_url: -# url=https://github.com/weaveworks/weave/releases/download/v1.4.1/weave -# dest=/usr/local/bin -# +- name: Download Vault 041 + become: true + get_url: + url=https://releases.hashicorp.com/vault/0.4.1/vault_0.4.1_linux_amd64.zip + dest=/usr/local/bin + +- name: unzip vault_0.4.1_linux_amd64.zip + become: yes + unarchive: + src=/usr/local/bin/vault_0.4.1_linux_amd64.zip + dest=/usr/local/bin + copy=no + mode=0755 + +- name: Download Consul-Template + become: true + get_url: + url=https://releases.hashicorp.com/consul-template/0.11.1/consul-template_0.11.1_linux_amd64.zip + dest=/usr/local/bin + +- name: unzip + become: true + unarchive: + src=/usr/local/bin/consul-template_0.11.1_linux_amd64.zip + dest=/usr/local/bin + copy=no + mode=0755 + +- name: Download weave 141 + become: true + get_url: + url=https://github.com/weaveworks/weave/releases/download/v1.4.1/weave + dest=/usr/local/bin + mode=0755 + From afbb314cb94e9708e767c0051a35b71c7d8e5b23 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Mon, 25 Jan 2016 17:16:11 -0800 Subject: [PATCH 26/32] add unzip for api tool --- ansible/roles/package-aws/tasks/main.yml | 46 ++++++++++++++---------- 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/ansible/roles/package-aws/tasks/main.yml b/ansible/roles/package-aws/tasks/main.yml index c5b7e9d8..ea2833f4 100644 --- a/ansible/roles/package-aws/tasks/main.yml +++ b/ansible/roles/package-aws/tasks/main.yml @@ -1,21 +1,31 @@ --- -# - name: Install ec2-metadata in /usr/local/bin -# become: true -# get_url: -# url=http://s3.amazonaws.com/ec2metadata/ec2-metadata -# dest=/usr/local/bin -# mode=0755 +- name: Install ec2-metadata in /usr/local/bin + become: true + get_url: + url=http://s3.amazonaws.com/ec2metadata/ec2-metadata + dest=/usr/local/bin + mode=0755 -# - name: Download the zip file for ec2-api-tools -# become: true -# get_url: -# url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip -# dest=/tmp/ec2 -# mode=0755 +- name: Download the zip file for ec2-api-tools + become: true + get_url: + url=http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip + dest=/usr/local + mode=0755 -# - name: Unzip the ec2-api-tool -# become: true -# unarchive: -# src=/tmp/ec2/ec2-api-tools.zip -# dest=/usr/local/ec2 -# copy=no +- name: Create Directory for ec2 api tool + become: true + file: + path=/usr/local/ec2 + owner=root + group=root + mode=0555 + state=directory + +- name: Unzip the ec2-api-tool + become: true + unarchive: + src=/usr/local/ec2-api-tools.zip + dest=/usr/local/ec2 + copy=no + mode=0755 From e176e6e2658bb66bc1128c06a0448be113b05c07 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Mon, 25 Jan 2016 18:22:08 -0800 Subject: [PATCH 27/32] Update to latest branch and move ec2-api-toool to ec2 --- ansible/dock-init.yml | 4 ++-- ansible/dock.yml | 6 +++--- ansible/roles/package-aws/tasks/main.yml | 22 +++++++++++++--------- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index cdd9a310..1e8d0cbc 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -6,8 +6,8 @@ - group_vars/alpha-dock-init.yml roles: - { role: notify, tags: [notify] } - - { role: package-dock, tags: [dock, pakage] } - - { role: package-aws, tags: [dock, pakage] } + - { role: package-dock, tags: [dock, package] } + - { role: package-aws, tags: [dock, package] } - { role: docker, tags: [docker] } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } diff --git a/ansible/dock.yml b/ansible/dock.yml index 867f3012..0c531913 100644 --- a/ansible/dock.yml +++ b/ansible/dock.yml @@ -8,9 +8,9 @@ name={{ dock }} groups=dock -- include: dock-init.yml git_branch=v5.1.3 +- include: dock-init.yml git_branch=v6.0.0 - include: krain.yml git_branch=v0.1.1 - include: filibuster.yml git_branch=v0.1.7 -- include: charon.yml git_branch=v3.0.0 -- include: image-builder.yml git_branch=d1.6.2-v4.0.0 +- include: charon.yml git_branch=v3.2.0 +- include: image-builder.yml git_branch=v4.0.1 - include: docker-listener.yml git_branch=v4.3.0 diff --git a/ansible/roles/package-aws/tasks/main.yml b/ansible/roles/package-aws/tasks/main.yml index ea2833f4..12d1e39f 100644 --- a/ansible/roles/package-aws/tasks/main.yml +++ b/ansible/roles/package-aws/tasks/main.yml @@ -13,19 +13,23 @@ dest=/usr/local mode=0755 -- name: Create Directory for ec2 api tool - become: true - file: - path=/usr/local/ec2 - owner=root - group=root - mode=0555 - state=directory +#- name: Create Directory for ec2 api tool +# become: true +# file: +# path=/usr/local/ec2 +# owner=root +# group=root +# mode=0555 +# state=directory - name: Unzip the ec2-api-tool become: true unarchive: src=/usr/local/ec2-api-tools.zip - dest=/usr/local/ec2 + dest=/usr/local copy=no mode=0755 + +- name: Move ec2-api-tool to ec2 + become: true + command: mv /usr/local/ec2-api-tools-1.7.5.1 /usr/local/ec2 From b522846e87fb1199e66f26a7d877ae1e4c9eb685 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Mon, 25 Jan 2016 21:27:53 -0800 Subject: [PATCH 28/32] correct typo --- ansible/roles/git_repo/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/git_repo/tasks/main.yml b/ansible/roles/git_repo/tasks/main.yml index 0e300587..7282ecd2 100644 --- a/ansible/roles/git_repo/tasks/main.yml +++ b/ansible/roles/git_repo/tasks/main.yml @@ -1,9 +1,9 @@ --- - name: Display Git Repo Name debug: - msg: "applicate Installed: {{ app_name }}, branch : {{ git_branch }} " + msg: "application Installed: {{ app_name }}, branch : {{ git_branch }} " -- name: create {{ app_name }} repository dir +- name: create repository dir sudo: yes file: path=/opt/runnable/{{ app_name }} From 7046c065e187859957804617c9593a793fcd66e0 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Tue, 26 Jan 2016 11:15:42 -0800 Subject: [PATCH 29/32] changes to rollbar token from file to variable --- ansible/delta-hosts/variables | 1 + ansible/gamma-hosts/variables | 1 + ansible/roles/dock-init/files/rollbar.token | 1 - ansible/roles/dock-init/tasks/main.yml | 11 ++++------- 4 files changed, 6 insertions(+), 8 deletions(-) delete mode 100644 ansible/roles/dock-init/files/rollbar.token diff --git a/ansible/delta-hosts/variables b/ansible/delta-hosts/variables index 2302b49a..90eb6955 100644 --- a/ansible/delta-hosts/variables +++ b/ansible/delta-hosts/variables @@ -15,6 +15,7 @@ api_s3_context_bucket=runnable.context.resources.production [docks:vars] docker_config=docks +docks_rollbar_key=d1af6567ed0f464fb1d676f38fd31751 [eru:vars] eru_github_id=46a23f5f99f0aa9460f8 diff --git a/ansible/gamma-hosts/variables b/ansible/gamma-hosts/variables index 75b1fcf0..ab9540ac 100644 --- a/ansible/gamma-hosts/variables +++ b/ansible/gamma-hosts/variables @@ -15,6 +15,7 @@ api_s3_context_bucket=runnable.context.resources.production-beta [docks:vars] docker_config=docks +docks_rollbar_key=d1af6567ed0f464fb1d676f38fd31751 [eru:vars] eru_github_id=8abb08f83f6d1c52bd1a diff --git a/ansible/roles/dock-init/files/rollbar.token b/ansible/roles/dock-init/files/rollbar.token deleted file mode 100644 index cc541b6d..00000000 --- a/ansible/roles/dock-init/files/rollbar.token +++ /dev/null @@ -1 +0,0 @@ -d1af6567ed0f464fb1d676f38fd31751 diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml index abb11d0f..87261422 100644 --- a/ansible/roles/dock-init/tasks/main.yml +++ b/ansible/roles/dock-init/tasks/main.yml @@ -16,10 +16,7 @@ - name: copy rollbar token tags: rollbar - become: true - copy: - src=rollbar.token - dest=/opt/runnable/dock-init/key - mode=0444 - owner=root - group=root + lineinfile: + dest="/opt/runnable/dock-init/key/rollbar.token + line="{{ docks_rollbar_key }}" + create=yes From 6d59caa88cd6239cfb10cb8347fb23f8ce52ca94 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Tue, 26 Jan 2016 15:34:18 -0800 Subject: [PATCH 30/32] changes to fix errors --- ansible/delta-hosts/variables | 3 +++ ansible/roles/dock-init/tasks/main.yml | 5 ++++- ansible/roles/package-aws/tasks/main.yml | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ansible/delta-hosts/variables b/ansible/delta-hosts/variables index 90eb6955..e91df896 100644 --- a/ansible/delta-hosts/variables +++ b/ansible/delta-hosts/variables @@ -17,6 +17,9 @@ api_s3_context_bucket=runnable.context.resources.production docker_config=docks docks_rollbar_key=d1af6567ed0f464fb1d676f38fd31751 +[dock:vars] +docks_rollbar_key=d1af6567ed0f464fb1d676f38fd31751 + [eru:vars] eru_github_id=46a23f5f99f0aa9460f8 eru_github_secret=a0336d72e3d540fb9fbbed2c123a81e1cb329dab diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml index 87261422..18a4b755 100644 --- a/ansible/roles/dock-init/tasks/main.yml +++ b/ansible/roles/dock-init/tasks/main.yml @@ -14,9 +14,12 @@ - { file_name: 'token-02', value: "{{ vault_token_02 }}" } - { file_name: 'token-03', value: "{{ vault_token_03 }}" } +- fail: msg="value tokens need to be defined for this role" + when: docks_rollbar_key is not defined + - name: copy rollbar token tags: rollbar lineinfile: - dest="/opt/runnable/dock-init/key/rollbar.token + dest="/opt/runnable/dock-init/key/rollbar.token" line="{{ docks_rollbar_key }}" create=yes diff --git a/ansible/roles/package-aws/tasks/main.yml b/ansible/roles/package-aws/tasks/main.yml index 12d1e39f..e2340415 100644 --- a/ansible/roles/package-aws/tasks/main.yml +++ b/ansible/roles/package-aws/tasks/main.yml @@ -32,4 +32,4 @@ - name: Move ec2-api-tool to ec2 become: true - command: mv /usr/local/ec2-api-tools-1.7.5.1 /usr/local/ec2 + command: mv -f /usr/local/ec2-api-tools-1.7.5.1 /usr/local/ec2 From 60cf6135e6847ce3af943d66b2b526bf25873974 Mon Sep 17 00:00:00 2001 From: "Christopher M. Neill" Date: Tue, 26 Jan 2016 15:39:33 -0800 Subject: [PATCH 31/32] Delete. --- ansible/remove-security-ami.yml | 1 - 1 file changed, 1 deletion(-) delete mode 100644 ansible/remove-security-ami.yml diff --git a/ansible/remove-security-ami.yml b/ansible/remove-security-ami.yml deleted file mode 100644 index ed97d539..00000000 --- a/ansible/remove-security-ami.yml +++ /dev/null @@ -1 +0,0 @@ ---- From 98c681170749ac409836059c7270c39c14ac3732 Mon Sep 17 00:00:00 2001 From: AnuragKaushik Date: Tue, 26 Jan 2016 15:42:40 -0800 Subject: [PATCH 32/32] move datadog above git_repo --- ansible/dock-init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/dock-init.yml b/ansible/dock-init.yml index 1e8d0cbc..d1b29e9a 100644 --- a/ansible/dock-init.yml +++ b/ansible/dock-init.yml @@ -9,7 +9,7 @@ - { role: package-dock, tags: [dock, package] } - { role: package-aws, tags: [dock, package] } - { role: docker, tags: [docker] } + - { role: datadog, tags: [deploy, datadog] } - { role: git_repo, tags: [deploy] } - { role: dock-init, tags: [deploy] } - { role: consul_value, tags: [deploy, consul_value] } - - { role: datadog, tags: [deploy, datadog] }