---
paddles_user: paddles
+paddles_db_user: paddles
+paddles_port: 8080
+paddles_statsd_host: ""
+paddles_statsd_prefix: ""
+paddles_sentry_dsn: ""
+
+paddles_containerized: false
+paddles_container_image: quay.io/ceph-infra/paddles:latest
+paddles_container_replicas: 10
paddles_repo: https://github.com/ceph/paddles.git
paddles_branch: master
-paddles_port: 8080
log_host: localhost
cache_valid_time: 600
tags:
- packages
+
+- name: Install docker packages
+ apt:
+ name: "{{ paddles_docker_packages|list }}"
+ state: latest
+ update_cache: yes
+ cache_valid_time: 600
+ when: paddles_containerized
+ tags:
+ - packages
tags:
- always
+- name: Set db_host
+ set_fact:
+ db_host: "{% if paddles_containerized %}{{ inventory_hostname }}{% else %}localhost{% endif %}"
+ tags:
+ - always
+
- name: Set db_url
set_fact:
- db_url: "postgresql+psycopg2://{{ paddles_user }}:{{ db_pass }}@localhost/paddles"
+ db_url: "postgresql+psycopg2://{{ paddles_db_user }}:{{ db_pass }}@{{ db_host }}/paddles"
no_log: true
tags:
- always
# Set up the actual paddles project
- import_tasks: setup_paddles.yml
+ when: not paddles_containerized
# Set up the DB which paddles uses
- import_tasks: setup_db.yml
+ tags:
+ - db
+
+# Set up docker if necessary
+- import_tasks: setup_docker.yml
+ when: paddles_containerized
+ tags:
+ - service
# Configure the system to run paddles as a daemon
- import_tasks: setup_service.yml
+ when: not paddles_containerized
+ tags:
+ - service
# Configure nginx as a reverse proxy
- import_tasks: nginx.yml
- when: not ansible_distribution is search("openSUSE")
+ when:
+ - not ansible_distribution is search("openSUSE")
- name: Set up access to the database
postgresql_user:
db: paddles
- name: "{{ paddles_user }}"
+ name: "{{ paddles_db_user }}"
password: "{{ db_pass }}"
become_user: postgres
when: create_db is changed
args:
chdir: "{{ paddles_repo_path }}"
become_user: "{{ paddles_user }}"
- when: create_db is changed
+ when:
+ - create_db is changed
+ - not paddles_containerized
- name: Copy alembic config template to alembic.ini
command: cp ./alembic.ini.in alembic.ini
chdir: "{{ paddles_repo_path }}"
register: alembic_ini
become_user: "{{ paddles_user }}"
+ when: not paddles_containerized
- name: Update alembic.ini
lineinfile:
dest: "{{ paddles_repo_path }}/alembic.ini"
line: "sqlalchemy.url = {{ db_url }}"
regexp: "^sqlalchemy.url = "
+ when: not paddles_containerized
- name: Set the alembic revision
shell: ./virtualenv/bin/alembic stamp head
args:
chdir: "{{ paddles_repo_path }}"
- when: alembic_ini is changed
+ when:
+ - alembic_ini is changed
+ - not paddles_containerized
become_user: "{{ paddles_user }}"
--- /dev/null
+---
+- name: Add paddles_user to the docker group
+ user:
+ name: "{{ paddles_user }}"
+ append: yes
+ groups:
+ - docker
+
+- name: Install docker's python module
+ become_user: "{{ paddles_user }}"
+ pip:
+ name: docker
+ state: latest
+ executable: pip3
+ extra_args: --user
+
+- name: Init docker swarm
+ become_user: "{{ paddles_user }}"
+ docker_swarm:
+ state: present
+
+- name: Create secret for the database URL
+ become_user: "{{ paddles_user }}"
+ docker_secret:
+ name: paddles_sqlalchemy_url
+ data: "{{ db_url }}"
+
+- name: Pull the paddles container image
+ become_user: "{{ paddles_user }}"
+ docker_image:
+ name: "{{ paddles_container_image }}"
+ source: pull
+ register: image_pull
+
+- name: Create docker swarm service
+ become_user: "{{ paddles_user }}"
+ docker_swarm_service:
+ name: paddles
+ state: present
+ replicas: "{{ paddles_container_replicas }}"
+ update_config:
+ parallelism: 1
+ delay: 10s
+ monitor: 10s
+ failure_action: rollback
+ rollback_config:
+ order: start-first
+ image: "{{ paddles_container_image }}"
+ resolve_image: true
+ force_update: "{{ image_pull.changed }}"
+ publish:
+ - published_port: "{{ paddles_port }}"
+ target_port: 8080
+ logging:
+ driver: journald
+ options:
+ tag: paddles
+ env:
+ - "PADDLES_ADDRESS={{ paddles_address }}"
+ - "PADDLES_SERVER_HOST=0.0.0.0"
+ - "SENTRY_DSN={{ paddles_sentry_dsn }}"
+ - "PADDLES_STATSD_HOST={{ paddles_statsd_host }}"
+ - "PADDLES_STATSD_PREFIX={{ paddles_statsd_prefix }}"
+ - "GUNICORN_CMD_ARGS=--workers=2 --max-requests=10000"
+ secrets:
+ - secret_name: paddles_sqlalchemy_url
+ filename: "/run/secrets/paddles_sqlalchemy_url"
+ healthcheck:
+ test: ["CMD", "curl", "--fail", "http://localhost:8080"]
+ interval: 1m
+ timeout: 5s
+ start_period: 10s
---
+- name: Fail on zypper systems if paddles_containerized is set
+ fail:
+ msg: "'paddles_containerized' is not yet supported on zypper systems"
+ when: paddles_containerized
+
- name: Include package type specific vars.
include_vars: "zypper_systems.yml"
tags:
server {
server_name {{ inventory_hostname }};
- listen {{ ansible_all_ipv4_addresses[0] }}:{{ paddles_port }};
+ listen 80;
proxy_send_timeout 600;
proxy_connect_timeout 240;
location / {
- nginx
- liblz4-tool
+paddles_docker_packages:
+ - docker.io
+ # docker swarm needs the requests module
+ - python-requests
+ - python-docker
+
# We need this so we can disable apache2 to get out of the way of nginx
apache_service: 'apache2'
projects / ceph-cm-ansible.git / commitdiff