diff --git a/roles/demolamp/defaults/main.yml b/roles/demolamp/defaults/main.yml new file mode 100644 index 0000000..8f28817 --- /dev/null +++ b/roles/demolamp/defaults/main.yml @@ -0,0 +1,159 @@ +--- +# defaults vars for redisha +# All vars could be overrided by declaration in each envoirnment file +# for example : vars/env_{{ ansENV }}.yml + +# ******* DO NOT CHANGE THIS FILE AS IT IS DEFAULT SETTINGS ******* + +############################# General ############################## + +# Temporary directory for file deployment to the target nodes. +pathTemp: "/tmp/ansible-deployment" + +# Gather facts fliter (for faster) +# Only use needed facts +gfacts_filter: + - "!all" + - distribution + - distribution_major_version + - distribution_release + - distribution_version + - os_family + - pkg_mgr + - python + - python_version + +######################### Build Settings ########################### + +# The type of repository for push the docker image +# true: It will create a private registry service to the swarm and +# push docker images onto it. +# false: Use a docker repository +localRegistry: false + +# The information of push the docker image. +imagePushDomain: "pvgharbor.duckdns.org" +registryUser: "ansible" +registryPass: "P@ssw0rd" + +####################### Deployment Settings ######################## + +# The repository for pull the docker image +imagePullDomain: "pvgharbor.duckdns.org" + +# The configuration +redis: + imageName: "{{ imagePullDomain }}/demolamp/demolamp" + pushRepoName: "{{ imagePushDomain }}/demolamp/demolamp" + dockerFile: "Dockerfile_demolamp.yml" + +# Update the docker-compose file (var=fileCompose) every execution. +# true: Ansible will use template module to transfer the file. +# false: If docker-compose file exists in the node and chosen "false", +# Ansible will not update and template it. +updateComposeTpl: true + +# The directory which store the docker-compose file (only in the first node). +pathCompose: "/opt/demolamp" + +# The file which use by Ansible template module, replace all placeholders by +# all ansible variables. +# for example: files/{{ansTagVer}}/redis_stack.tpl +templateCompose: "demolamp.tpl" + +# After Ansible template module replaced all placeholders in above, it will +# rename the docker-compose file name by below variables in the target node. +fileCompose: "demolamp.yml" + +# The stack name use for startup the stack +stackName: demolamp + +######################## Redis-HA Settings ######################### + +# ACL feature of the Redis-HA +# true: enable the feature, require to connect with username-password pair. +# REMARKS: you must also update acl files under vars/{{ansENV}}/ per envoirnment. +# false: disable by default, retain the authentication method as same as Redis v5.x +enableACL: false + +# Store Redis data to docker local volume. +# true: Presist the data to docker local volume +# false: Data will be lost every start or stop +storeRedisData: false + +# The publish port for Redis, Replica and Sentinel. +publish_redisPort: 6379 +publish_sentinelPort: 26379 + +# The admin credential for Redis and Replica. +# Default is "redis4{{ ansENV }}" means "redis4hkdev" for example of HKDEV +redisAdminUser: "admin" +redisAdminPass: "redis4{{ ansENV }}" + +# The admin credential for Sentinel +# Default is "sentinel4{{ ansENV }}" means sentinel4hkdev" for example of HKDEV +sentinelAdminUser: "admin" +sentinelAdminPass: "sentinel4{{ ansENV }}" + +# This setting equal to Sentinel configuration: +# sentinel down-after-milliseconds +sentinelDownAfter: 5000 +# sentinel failover-timeout +sentinelFailover: 15000 +# sentinel parallel-syncs +sentinelParallelSync: 1 +# SENTINEL resolve-hostnames no +# SENTINEL announce-hostnames no +sentinelResolveHostame: "no" +sentinelAnnounceHostame: "no" + +# This setting equal to Sentinel configuration: +# sentinel monitor +sentinelMasterName: "mymaster" +sentinelQuorum: 2 + +# To limit the memory usage of Redis and Replica. +redisha_memLimit: "1GB" + +# Redis and Sentinel ACL file name +# Note: Must match and place correctly under vars/{{ansENV}}/ +filename_redisACL: "redis_users.acl" +filename_sentinelACL: "sentinel_users.acl" + +# Redis-HA nodes setup +# Note 1) Must declare in envoirnment variables file. +# For example: vars/hkdev/env_hkdev.yml +# Note 2) The hostname must match to "docker node ls". +# Note 3) Must one master and at least two replicas. +# isMaster: true +# isReplica: false +# +# ~~~Template~~~ +# redisha_nodes: +# - hostname: "swarm-worker-01" +# ipaddr: "192.168.1.10" +# isMaster: true +# isReplica: false +# - hostname: "swarm-worker-02" +# ipaddr: "192.168.1.11" +# isMaster: false +# isReplica: true +# - hostname: "swarm-worker-N" +# ipaddr: "192.168.1.N" +# isMaster: false +# isReplica: true +# +# ~~~Example~~~ +# redisha_nodes: +# - hostname: "swarm-worker-01" +# ipaddr: "192.168.1.10" +# isMaster: true +# isReplica: false +# - hostname: "swarm-worker-02" +# ipaddr: "192.168.1.11" +# isMaster: false +# isReplica: true +# - hostname: "swarm-worker-03" +# ipaddr: "192.168.1.13" +# isMaster: false +# isReplica: true \ No newline at end of file diff --git a/roles/demolamp/tasks/build.yml b/roles/demolamp/tasks/build.yml new file mode 100644 index 0000000..a06d87a --- /dev/null +++ b/roles/demolamp/tasks/build.yml @@ -0,0 +1,53 @@ +--- +# Maintainer: Jacky + +# Build docker image ------------------------------------------------------------- +# -- Target: The first node only. +# -- Objective: Build a docker image for Redis-HA. + +- block: + - name: create build dir if not exists + file: + path: "{{ build_root_abspath }}" + state: directory + owner: root + group: root + mode: '0755' + + - name: git clone + git: + repo: "https://pvggitea.duckdns.org/GiteaTeam/demolamp.git" + dest: "{{ build_root_abspath }}" + remote: "origin" + version: "main" + + - name: Remove the docker image for demolamp if exists + community.docker.docker_image: + name: "demolamp" + tag: "{{ demobackend_version }}" + state: absent + + - name: Docker login to ECV private repository if not pull from local registry + community.docker.docker_login: + registry: "{{ imagePushDomain }}" + username: "{{ registryUser }}" + password: "{{ registryPass }}" + state: present + when: not localRegistry | bool + + - name: Build demolamp image + community.docker.docker_image: + name: demolamp + source: build + tag: "{{ demobackend_version }}" + build: + path: "{{ build_root_abspath }}" + pull: false + push: yes + repository: "{{ demolamp.pushRepoName }}:{{ ansTagVer }}" + force_tag: yes + timeout: 300 + state: present + + delegate_to: "{{ deploy_nodes.split(',') | first }}" + run_once: true diff --git a/roles/demolamp/tasks/deploy.yml b/roles/demolamp/tasks/deploy.yml new file mode 100644 index 0000000..efbdbec --- /dev/null +++ b/roles/demolamp/tasks/deploy.yml @@ -0,0 +1,17 @@ +--- +# Maintainer: Jacky + +# Deploy stage ------------------------------------------------------------- +# -- Target: The first node only. +# -- Objective: Stack startup. + +- block: + - name: run docker + community.docker.docker_container: + name: demolamp + state: started + recreate: yes + image: "demolamp:{{ demobackend_version }}" + ports: + - "80:80" + diff --git a/roles/demolamp/tasks/main.yml b/roles/demolamp/tasks/main.yml index a747538..058948e 100644 --- a/roles/demolamp/tasks/main.yml +++ b/roles/demolamp/tasks/main.yml @@ -1,49 +1,25 @@ --- -- name: show remote host - debug: - msg: "the remote server is {{ ansible_host }}" -- name: create build dir if not exists - file: - path: "{{ build_root_abspath }}" - state: directory -- name: git clone - git: - repo: "https://pvggitea.duckdns.org/GiteaTeam/demolamp.git" - dest: "{{ build_root_abspath }}" - remote: "origin" - version: "main" +# Main tasks file for Redis-HA -- name: Stop a container - community.docker.docker_container: - name: demolamp - state: stopped +- name: Gather facts + ansible.builtin.setup: + gather_subset: "{{ gfacts_filter }}" -- name: Remove container - community.docker.docker_container: - name: demolamp - state: absent - -- name: Remove the docker image for demolamp if exists - community.docker.docker_image: - name: "demolamp" - tag: "{{ demobackend_version }}" - state: absent - -- name: Build demolamp image - community.docker.docker_image: - name: demolamp - source: build - build: - path: "{{ build_root_abspath }}" - pull: false - tag: "{{ demobackend_version }}" - - -- name: run docker - community.docker.docker_container: - name: demolamp - state: started - recreate: yes - image: "demolamp:{{ demobackend_version }}" - ports: - - "80:80" +- name: Include precheck task + ansible.builtin.include_tasks: precheck.yml + +- name: Include environment variables + ansible.builtin.include_vars: "{{ ansENV }}/env_{{ ansENV }}.yml" + +- name: Include build task if option is "build" + ansible.builtin.include_tasks: build.yml + when: ansAction == "build" + +- name: Include undeploy task if option is "undeploy" + ansible.builtin.include_tasks: undeploy.yml + when: ansAction == "undeploy" + +- name: Include deploy task if option is "deploy" + ansible.builtin.include_tasks: deploy.yml + when: ansAction == "deploy" + diff --git a/roles/demolamp/tasks/main2.yml b/roles/demolamp/tasks/main2.yml new file mode 100644 index 0000000..a747538 --- /dev/null +++ b/roles/demolamp/tasks/main2.yml @@ -0,0 +1,49 @@ +--- +- name: show remote host + debug: + msg: "the remote server is {{ ansible_host }}" +- name: create build dir if not exists + file: + path: "{{ build_root_abspath }}" + state: directory +- name: git clone + git: + repo: "https://pvggitea.duckdns.org/GiteaTeam/demolamp.git" + dest: "{{ build_root_abspath }}" + remote: "origin" + version: "main" + +- name: Stop a container + community.docker.docker_container: + name: demolamp + state: stopped + +- name: Remove container + community.docker.docker_container: + name: demolamp + state: absent + +- name: Remove the docker image for demolamp if exists + community.docker.docker_image: + name: "demolamp" + tag: "{{ demobackend_version }}" + state: absent + +- name: Build demolamp image + community.docker.docker_image: + name: demolamp + source: build + build: + path: "{{ build_root_abspath }}" + pull: false + tag: "{{ demobackend_version }}" + + +- name: run docker + community.docker.docker_container: + name: demolamp + state: started + recreate: yes + image: "demolamp:{{ demobackend_version }}" + ports: + - "80:80" diff --git a/roles/demolamp/tasks/precheck.yml b/roles/demolamp/tasks/precheck.yml new file mode 100644 index 0000000..2bee3e5 --- /dev/null +++ b/roles/demolamp/tasks/precheck.yml @@ -0,0 +1,36 @@ +--- +# tasks file for Redis-HA (Prechecking inputs and packages for all nodes) + +- name: Check inputs + ansible.builtin.fail: msg="Missing ansTagVer, ansAction or ansENV." + when: ansTagVer is undefined or ansAction is undefined or ansENV is undefined + +- name: Check and intall Python 3 + ansible.builtin.yum: + name: python3 + state: present + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Rocky' + register: py3_result + +- name: Set python_interpreter to 3 if Python 3 installed + ansible.builtin.set_fact: + ansible_python_interpreter: /usr/bin/python3 + when: py3_result.rc == 0 + +- name: Check and install Python's SDK + ansible.builtin.pip: + name: + - docker==5.0.3 + - jsondiff==1.3.0 + - pyyaml==6.0 + - docker-compose==1.29.2 + executable: pip3 + when: py3_result.rc == 0 + +- name: Set Kernel parameter - vm.overcommit_memory to 1 + ansible.posix.sysctl: + name: vm.overcommit_memory + value: '1' + sysctl_set: yes + state: present + reload: yes \ No newline at end of file diff --git a/roles/demolamp/tasks/undeploy.yml b/roles/demolamp/tasks/undeploy.yml new file mode 100644 index 0000000..914b44c --- /dev/null +++ b/roles/demolamp/tasks/undeploy.yml @@ -0,0 +1,12 @@ +--- + +- block: + - name: Stop a container + community.docker.docker_container: + name: demolamp + state: stopped + + - name: Remove container + community.docker.docker_container: + name: demolamp + state: absent diff --git a/roles/demolamp/vars/hkdev/env_hkdev.yml b/roles/demolamp/vars/hkdev/env_hkdev.yml new file mode 100644 index 0000000..70df794 --- /dev/null +++ b/roles/demolamp/vars/hkdev/env_hkdev.yml @@ -0,0 +1,20 @@ +--- +# vars file for ENV - HKDEV + +enableACL: true +sentinelMasterName: "mymaster_hkdev" +redisha_memLimit: "2GB" + +redisha_nodes: + - hostname: "hkof1devrds01.ecvision.com" + ipaddr: "10.75.42.25" + isMaster: true + isReplica: false + - hostname: "hkof1devrds02.ecvision.com" + ipaddr: "10.75.42.26" + isMaster: false + isReplica: true + - hostname: "hkof1devrds03.ecvision.com" + ipaddr: "10.75.42.27" + isMaster: false + isReplica: true diff --git a/roles/demolamp/vars/hkdev/redis_users.acl b/roles/demolamp/vars/hkdev/redis_users.acl new file mode 100644 index 0000000..adafa2e --- /dev/null +++ b/roles/demolamp/vars/hkdev/redis_users.acl @@ -0,0 +1,2 @@ +user default on >{{ redisAdminPass }} ~* &* +@all +user {{ redisAdminUser }} on >{{ redisAdminPass }} ~* &* +@all diff --git a/roles/demolamp/vars/hkdev/sentinel_users.acl b/roles/demolamp/vars/hkdev/sentinel_users.acl new file mode 100644 index 0000000..1bcae8b --- /dev/null +++ b/roles/demolamp/vars/hkdev/sentinel_users.acl @@ -0,0 +1,2 @@ +user default on >{{ sentinelAdminPass }} ~* &* +@all +user {{ sentinelAdminUser }} on >{{ sentinelAdminPass }} ~* &* +@all diff --git a/roles/demolamp/vars/main.yml b/roles/demolamp/vars/main.yml index e6e1d29..b02166b 100644 --- a/roles/demolamp/vars/main.yml +++ b/roles/demolamp/vars/main.yml @@ -1 +1,2 @@ -greeting: "hello ansible-playbook" +--- +# vars file for trunk \ No newline at end of file