Add ansible playbook to automate service provider setup #10
5
service-provider-setup/.gitignore
vendored
5
service-provider-setup/.gitignore
vendored
@ -1,4 +1 @@
|
|||||||
vars/dns-vars.yml
|
vars/*.yml
|
||||||
vars/k8s-vars.yml
|
|
||||||
vars/container-vars.yml
|
|
||||||
vars/webapp-vars.yml
|
|
||||||
|
@ -45,9 +45,7 @@ To get started, follow the [installation](../README.md#installation) guide to se
|
|||||||
ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
|
ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
|
||||||
```
|
```
|
||||||
|
|
||||||
For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.ini) file to the user that you created
|
## Become a Service Provider
|
||||||
|
|
||||||
## Configure DNS
|
|
||||||
|
|
||||||
### Prerequisites
|
### Prerequisites
|
||||||
|
|
||||||
@ -55,43 +53,6 @@ For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.
|
|||||||
|
|
||||||
- Generate a DigitalOcean access token
|
- Generate a DigitalOcean access token
|
||||||
|
|
||||||
### Create DNS entries in DigitalOcean
|
|
||||||
|
|
||||||
- Copy the [`dns-vars.example.yml`](./vars/dns-vars.example.yml) file
|
|
||||||
|
|
||||||
```bash
|
|
||||||
cd vars
|
|
||||||
cp dns-vars.example.yml dns-vars.yml
|
|
||||||
```
|
|
||||||
|
|
||||||
- Set the following values in the `dns-vars.yml` file
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# primary domain for which DNS records will be managed
|
|
||||||
# eg: laconic.com
|
|
||||||
domain: ""
|
|
||||||
|
|
||||||
# specific prefix for subdomains
|
|
||||||
# eg: lcn-cad
|
|
||||||
subdomain_prefix: ""
|
|
||||||
|
|
||||||
# The IP address to be used for the A record of the cluster control machine
|
|
||||||
# eg: 23.111.78.179
|
|
||||||
cluster_control_ip: ""
|
|
||||||
|
|
||||||
# DigitalOcean access token
|
|
||||||
# eg: dop_v1...
|
|
||||||
do_api_token: ""
|
|
||||||
```
|
|
||||||
|
|
||||||
- Run the [`setup-dns.yml`](./setup-dns.yml) ansible playbook to create the necessary DNS entries in DigitalOcean
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ansible-playbook setup-dns.yml
|
|
||||||
```
|
|
||||||
|
|
||||||
## Setup k8s clusters
|
|
||||||
|
|
||||||
- Create a PGP key on your target host
|
- Create a PGP key on your target host
|
||||||
|
|
||||||
```
|
```
|
||||||
@ -114,70 +75,47 @@ For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.
|
|||||||
uid [ultimate] user <hello@laconic.com>
|
uid [ultimate] user <hello@laconic.com>
|
||||||
```
|
```
|
||||||
|
|
||||||
Note the `0AFB10B643944C22` sequence of characters.
|
Note the `0AFB10B643944C22` sequence of characters. This will be required later.
|
||||||
|
|
||||||
- Copy the [`k8s-vars.example.yml`](./vars/k8s-vars.example.yml) file
|
- Copy the vars files:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
cd vars
|
cd vars
|
||||||
cp k8s-vars.example.yml k8s-vars.yml
|
cp dns-vars.example.yml dns1-vars.yml
|
||||||
|
cp k8s-vars.example.yml k8s1-vars.yml
|
||||||
|
cp container-vars.example.yml container1-vars.yml
|
||||||
|
cp webapp-vars.example.yml webapp-vars.yml
|
||||||
```
|
```
|
||||||
|
|
||||||
- Update `gpg_key_id` in [`k8s-vars.yml`](./vars/k8s-vars.yml) with the the following:
|
- Update the following values in the respective variable files:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
# vars/dns-vars.yml
|
||||||
|
domain: "" # eg: laconic.com
|
||||||
|
subdomain_prefix: "" # eg: lcn-cad
|
||||||
|
cluster_control_ip: "" # eg: 23.111.78.179
|
||||||
|
do_api_token: "" # eg: dop_v1...
|
||||||
|
|
||||||
|
# vars/k8s-vars.yml
|
||||||
target_host: "deployment_host"
|
target_host: "deployment_host"
|
||||||
|
gpg_key_id: "" # The sequence obtained in the previous step, eg: 0AFB10B643944C22
|
||||||
|
vault_passphrase: "" # passphrase for GPG key
|
||||||
|
org_id: "" # eg: lcn
|
||||||
|
location_id: "" # eg: cad
|
||||||
|
dns_domain: "" # eg: laconic.com
|
||||||
|
|
||||||
# The sequence you obtained in the previous step
|
# vars/container-vars.yml
|
||||||
# eg: 0AFB10B643944C22
|
container_registry_username: "" # username to login to the container registry
|
||||||
gpg_key_id: ""
|
container_registry_password: "" # password to login to the container registry
|
||||||
|
|
||||||
# The passphrase used while creating the GPG key
|
# vars/webapp-vars.yml
|
||||||
vault_passphrase: ""
|
authority_name: "" # eg: my-org-name
|
||||||
|
|
||||||
# Three letter identifier for your organization
|
|
||||||
# eg: lcn
|
|
||||||
org_id: ""
|
|
||||||
|
|
||||||
# Three letter identifier for your location
|
|
||||||
# eg: cad
|
|
||||||
location_id: ""
|
|
||||||
|
|
||||||
# your domain
|
|
||||||
dns_domain: ""
|
|
||||||
```
|
```
|
||||||
|
|
||||||
- Run the `setup-k8s.yml` ansible playbook:
|
- Update `ansible_user` in the [`hosts.ini`](./hosts.ini) file to the user on target host
|
||||||
|
|
||||||
|
- Run the `service-provider-setup.yml` ansible-playbook to DNS records, deploy k8s, setup container registry, deploy the webapp-deployer API and webapp-deployer UI
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
ansible-playbook setup-k8s.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
|
ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
|
||||||
```
|
```
|
||||||
|
|
||||||
## Setup Container Registry
|
|
||||||
|
|
||||||
- Copy the [`container-vars.example.yml`](./vars/container-vars.example.yml) file
|
|
||||||
|
|
||||||
```bash
|
|
||||||
cd vars
|
|
||||||
cp container-vars.example.yml container-vars.yml
|
|
||||||
```
|
|
||||||
|
|
||||||
- Update the following in the [`container-vars.yml`](./vars/container-vars.yml) file:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# username for the container registry
|
|
||||||
container_registry_username: ""
|
|
||||||
|
|
||||||
# password for the container registry
|
|
||||||
container_registry_password: ""
|
|
||||||
```
|
|
||||||
|
|
||||||
- Run the `setup-container-registry.yml` ansible playbook
|
|
||||||
|
|
||||||
```bash
|
|
||||||
ansible-playbook setup-container-registry.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
|
|
||||||
```
|
|
||||||
|
|
||||||
## Setup laconicd and laconic console
|
|
||||||
|
|
||||||
-
|
|
@ -35,6 +35,11 @@
|
|||||||
- name: Build containers for webapp-deployer-backend
|
- name: Build containers for webapp-deployer-backend
|
||||||
command: laconic-so --stack webapp-deployer-backend build-containers
|
command: laconic-so --stack webapp-deployer-backend build-containers
|
||||||
|
|
||||||
|
- name: Ensure the config directory exists
|
||||||
|
file:
|
||||||
|
path: "{{ ansible_env.HOME }}/config"
|
||||||
|
state: directory
|
||||||
|
|
||||||
- name: Create laconic config file
|
- name: Create laconic config file
|
||||||
template:
|
template:
|
||||||
src: "./templates/laconic.yml.j2"
|
src: "./templates/laconic.yml.j2"
|
||||||
|
7
service-provider-setup/service-provider-setup.yml
Normal file
7
service-provider-setup/service-provider-setup.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
- import_playbook: setup-dns.yml
|
||||||
|
- import_playbook: setup-k8s.yml
|
||||||
|
- import_playbook: setup-container-registry.yml
|
||||||
|
- import_playbook: run-laconicd.yml
|
||||||
|
- import_playbook: run-laconic-console.yml
|
||||||
|
- import_playbook: deploy-backend.yml
|
||||||
|
- import_playbook: deploy-frontend.yml
|
@ -58,16 +58,11 @@
|
|||||||
command: gpg-agent --daemon
|
command: gpg-agent --daemon
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
|
|
||||||
- name: Set VAULT_KEY environment variable
|
- name: Sign a dummy string using gpg-key
|
||||||
shell: export VAULT_KEY='{{ vault_passphrase }}'
|
shell: echo "This is a dummy string." | gpg --batch --yes --passphrase "{{ vault_passphrase }}" --pinentry-mode loopback --sign -
|
||||||
|
|
||||||
- name: Run vault-rekey.sh
|
- name: Run vault-rekey.sh
|
||||||
expect:
|
shell: bash .vault/vault-rekey.sh
|
||||||
command: bash .vault/vault-rekey.sh
|
|
||||||
responses:
|
|
||||||
"Enter passphrase:": "{{ vault_passphrase }}"
|
|
||||||
environment:
|
|
||||||
VAULT_KEY='{{ vault_passphrase }}'
|
|
||||||
args:
|
args:
|
||||||
chdir: "service-provider-template"
|
chdir: "service-provider-template"
|
||||||
|
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
authority_name: ""
|
authority_name: ""
|
||||||
ALICE_PK: ""
|
ALICE_PK: "{{ ALICE_PK }}"
|
||||||
BOND_ID: ""
|
BOND_ID: "{{ BOND_ID }}"
|
||||||
|
Loading…
Reference in New Issue
Block a user