Add ansible playbook to automate service provider setup #10

Merged
nabarun merged 31 commits from deep-stack/testnet-ops:ag-sp-setup into main 2024-10-01 12:17:11 +00:00
6 changed files with 47 additions and 105 deletions
Showing only changes of commit 16c9dac3fe - Show all commits

View File

@ -1,4 +1 @@
vars/dns-vars.yml vars/*.yml
vars/k8s-vars.yml
vars/container-vars.yml
vars/webapp-vars.yml

View File

@ -45,9 +45,7 @@ To get started, follow the [installation](../README.md#installation) guide to se
ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }' ansible-playbook setup-user.yml -i hosts.ini --extra-vars='{ "target_host": "deployment_host" }'
``` ```
For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.ini) file to the user that you created ## Become a Service Provider
## Configure DNS
### Prerequisites ### Prerequisites
@ -55,43 +53,6 @@ For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.
- Generate a DigitalOcean access token - Generate a DigitalOcean access token
### Create DNS entries in DigitalOcean
- Copy the [`dns-vars.example.yml`](./vars/dns-vars.example.yml) file
```bash
cd vars
cp dns-vars.example.yml dns-vars.yml
```
- Set the following values in the `dns-vars.yml` file
```bash
# primary domain for which DNS records will be managed
# eg: laconic.com
domain: ""
# specific prefix for subdomains
# eg: lcn-cad
subdomain_prefix: ""
# The IP address to be used for the A record of the cluster control machine
# eg: 23.111.78.179
cluster_control_ip: ""
# DigitalOcean access token
# eg: dop_v1...
do_api_token: ""
```
- Run the [`setup-dns.yml`](./setup-dns.yml) ansible playbook to create the necessary DNS entries in DigitalOcean
```bash
ansible-playbook setup-dns.yml
```
## Setup k8s clusters
- Create a PGP key on your target host - Create a PGP key on your target host
``` ```
@ -114,70 +75,47 @@ For the following playbooks, Update `ansible_user` in the [`hosts.ini`](./hosts.
uid [ultimate] user <hello@laconic.com> uid [ultimate] user <hello@laconic.com>
``` ```
Note the `0AFB10B643944C22` sequence of characters. Note the `0AFB10B643944C22` sequence of characters. This will be required later.
- Copy the [`k8s-vars.example.yml`](./vars/k8s-vars.example.yml) file - Copy the vars files:
```bash ```bash
cd vars cd vars
cp k8s-vars.example.yml k8s-vars.yml cp dns-vars.example.yml dns1-vars.yml
cp k8s-vars.example.yml k8s1-vars.yml
cp container-vars.example.yml container1-vars.yml
cp webapp-vars.example.yml webapp-vars.yml
``` ```
- Update `gpg_key_id` in [`k8s-vars.yml`](./vars/k8s-vars.yml) with the the following: - Update the following values in the respective variable files:
```bash ```bash
# vars/dns-vars.yml
domain: "" # eg: laconic.com
subdomain_prefix: "" # eg: lcn-cad
cluster_control_ip: "" # eg: 23.111.78.179
do_api_token: "" # eg: dop_v1...
# vars/k8s-vars.yml
target_host: "deployment_host" target_host: "deployment_host"
gpg_key_id: "" # The sequence obtained in the previous step, eg: 0AFB10B643944C22
vault_passphrase: "" # passphrase for GPG key
org_id: "" # eg: lcn
location_id: "" # eg: cad
dns_domain: "" # eg: laconic.com
# The sequence you obtained in the previous step # vars/container-vars.yml
# eg: 0AFB10B643944C22 container_registry_username: "" # username to login to the container registry
gpg_key_id: "" container_registry_password: "" # password to login to the container registry
# The passphrase used while creating the GPG key # vars/webapp-vars.yml
vault_passphrase: "" authority_name: "" # eg: my-org-name
# Three letter identifier for your organization
# eg: lcn
org_id: ""
# Three letter identifier for your location
# eg: cad
location_id: ""
# your domain
dns_domain: ""
``` ```
- Run the `setup-k8s.yml` ansible playbook: - Update `ansible_user` in the [`hosts.ini`](./hosts.ini) file to the user on target host
- Run the `service-provider-setup.yml` ansible-playbook to DNS records, deploy k8s, setup container registry, deploy the webapp-deployer API and webapp-deployer UI
```bash ```bash
ansible-playbook setup-k8s.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER ansible-playbook service-provider-setup.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
``` ```
## Setup Container Registry
- Copy the [`container-vars.example.yml`](./vars/container-vars.example.yml) file
```bash
cd vars
cp container-vars.example.yml container-vars.yml
```
- Update the following in the [`container-vars.yml`](./vars/container-vars.yml) file:
```bash
# username for the container registry
container_registry_username: ""
# password for the container registry
container_registry_password: ""
```
- Run the `setup-container-registry.yml` ansible playbook
```bash
ansible-playbook setup-container-registry.yml -i hosts.ini --extra-vars='{ target_host: "deployment_host" }' --user $USER
```
## Setup laconicd and laconic console
-

View File

@ -35,6 +35,11 @@
- name: Build containers for webapp-deployer-backend - name: Build containers for webapp-deployer-backend
command: laconic-so --stack webapp-deployer-backend build-containers command: laconic-so --stack webapp-deployer-backend build-containers
- name: Ensure the config directory exists
file:
path: "{{ ansible_env.HOME }}/config"
state: directory
- name: Create laconic config file - name: Create laconic config file
template: template:
src: "./templates/laconic.yml.j2" src: "./templates/laconic.yml.j2"

View File

@ -0,0 +1,7 @@
- import_playbook: setup-dns.yml
- import_playbook: setup-k8s.yml
- import_playbook: setup-container-registry.yml
- import_playbook: run-laconicd.yml
- import_playbook: run-laconic-console.yml
- import_playbook: deploy-backend.yml
- import_playbook: deploy-frontend.yml

View File

@ -58,16 +58,11 @@
command: gpg-agent --daemon command: gpg-agent --daemon
ignore_errors: yes ignore_errors: yes
- name: Set VAULT_KEY environment variable - name: Sign a dummy string using gpg-key
shell: export VAULT_KEY='{{ vault_passphrase }}' shell: echo "This is a dummy string." | gpg --batch --yes --passphrase "{{ vault_passphrase }}" --pinentry-mode loopback --sign -
- name: Run vault-rekey.sh - name: Run vault-rekey.sh
expect: shell: bash .vault/vault-rekey.sh
command: bash .vault/vault-rekey.sh
responses:
"Enter passphrase:": "{{ vault_passphrase }}"
environment:
VAULT_KEY='{{ vault_passphrase }}'
args: args:
chdir: "service-provider-template" chdir: "service-provider-template"

View File

@ -1,3 +1,3 @@
authority_name: "" authority_name: ""
ALICE_PK: "" ALICE_PK: "{{ ALICE_PK }}"
BOND_ID: "" BOND_ID: "{{ BOND_ID }}"