diff --git a/mongodb-apb/Dockerfile b/mongodb-apb/Dockerfile new file mode 100644 index 0000000..90720cd --- /dev/null +++ b/mongodb-apb/Dockerfile @@ -0,0 +1,56 @@ +FROM ansibleplaybookbundle/apb-base + +LABEL "com.redhat.apb.version"="0.1.0" +LABEL "com.redhat.apb.spec"=\ +"LS0tCiMgUGFyYW1ldGVycyBzaGFyZWQgYW1vbmcgcGxhbnMKX3BhcmFtczogJl9wYXJhbXMKICAt\ +IG5hbWU6IG1lbW9yeV9saW1pdAogICAgZGVmYXVsdDogNTEyTWkKICAgIHRpdGxlOiBNYXhpbXVt\ +IGFtb3VudCBvZiBtZW1vcnkgdGhlIGNvbnRhaW5lciBjYW4gdXNlLgogICAgdHlwZTogc3RyaW5n\ +CiAgLSBuYW1lOiBuYW1lc3BhY2UKICAgIGRlZmF1bHQ6CiAgICB0aXRsZTogVGhlIE9wZW5TaGlm\ +dCBOYW1lc3BhY2Ugd2hlcmUgdGhlIEltYWdlU3RyZWFtIHJlc2lkZXMuCiAgICB0eXBlOiBzdHJp\ +bmcKICAtIG5hbWU6IHNlcnZpY2VfbmFtZQogICAgZGVmYXVsdDogbW9uZ29kYgogICAgdGl0bGU6\ +IFRoZSBuYW1lIG9mIHRoZSBPcGVuU2hpZnQgU2VydmljZSBleHBvc2VkIGZvciB0aGUgZGF0YWJh\ +c2UuCiAgICB0eXBlOiBzdHJpbmcKICAtIG5hbWU6IG1vbmdvZGJfdXNlcgogICAgZGVmYXVsdDoK\ +ICAgIHRpdGxlOiBVc2VybmFtZSBmb3IgTW9uZ29EQiB1c2VyIHRoYXQgd2lsbCBiZSB1c2VkIGZv\ +ciBhY2Nlc3NpbmcgdGhlIGRhdGFiYXNlLgogICAgdHlwZTogc3RyaW5nCiAgLSBuYW1lOiBtb25n\ +b2RiX3Bhc3N3b3JkCiAgICBkZWZhdWx0OgogICAgdGl0bGU6IFBhc3N3b3JkIGZvciB0aGUgTW9u\ +Z29EQiBjb25uZWN0aW9uIHVzZXIuCiAgICB0eXBlOiBzdHJpbmcKICAtIG5hbWU6IG1vbmdvZGJf\ +ZGF0YWJhc2UKICAgIGRlZmF1bHQ6IHNhbXBsZWRiCiAgICB0aXRsZTogTmFtZSBvZiB0aGUgTW9u\ +Z29EQiBkYXRhYmFzZSBhY2Nlc3NlZC4KICAgIHR5cGU6IHN0cmluZwogIC0gbmFtZTogbW9uZ29k\ +Yl9hZG1pbl9wYXNzd29yZAogICAgZGVmYXVsdDoKICAgIHRpdGxlOiBQYXNzd29yZCBmb3IgdGhl\ +IGRhdGFiYXNlIGFkbWluIHVzZXIuCiAgICB0eXBlOiBzdHJpbmcKICAtIG5hbWU6IHZvbHVtZV9j\ +YXBhY2l0eQogICAgZGVmYXVsdDogMUdpCiAgICB0aXRsZTogVm9sdW1lIHNwYWNlIGF2YWlsYWJs\ +ZSBmb3IgZGF0YSwgZS5nLiA1MTJNaSwgMkdpLgogICAgdHlwZTogc3RyaW5nCiAgLSBuYW1lOiBt\ +b25nb2RiX3ZlcnNpb24KICAgIGRlZmF1bHQ6IDMuMgogICAgdGl0bGU6IFZlcnNpb24gb2YgTW9u\ +Z29EQiBpbWFnZSB0byBiZSB1c2VkICgyLjQsIDIuNiwgMy4yIG9yIGxhdGVzdCkuCiAgICB0eXBl\ +OiBzdHJpbmcKCm5hbWU6IG1vbmdvZGItYXBiCmltYWdlOiBhbnNpYmxlcGxheWJvb2tidW5kbGUv\ +bW9uZ29kYi1hcGIKZGVzY3JpcHRpb246IFRoaXMgdGVtcGxhdGUgcHJvdmlkZXMgYSBzdGFuZGFs\ +b25lIE1vbmdvREIgc2VydmVyIHdpdGggYSBkYXRhYmFzZSBjcmVhdGVkLiAgVGhlIGRhdGFiYXNl\ +IGlzIHN0b3JlZCBvbiBwZXJzaXN0ZW50IHN0b3JhZ2UuICBUaGUgZGF0YWJhc2UgbmFtZSwgdXNl\ +cm5hbWUsIGFuZCBwYXNzd29yZCBhcmUgY2hvc2VuIHZpYSBwYXJhbWV0ZXJzIHdoZW4gcHJvdmlz\ +aW9uaW5nIHRoaXMgc2VydmljZS4KYmluZGFibGU6IFRydWUKYXN5bmM6IG9wdGlvbmFsCnRhZ3M6\ +CiAgLSBkYXRhYmFzZXMKICAtIG1vbmdvZGIKbWV0YWRhdGE6CiAgZG9jdW1lbnRhdGlvblVybDog\ +aHR0cHM6Ly9hY2Nlc3MucmVkaGF0LmNvbQogIGRpc3BsYXlOYW1lOiBNb25nb0RCIChQZXJzaXN0\ +ZW50KQogIGNvbnNvbGUub3BlbnNoaWZ0LmlvL2ljb25DbGFzczogaWNvbi1tb25nb2RiCiAgbG9u\ +Z0Rlc2NyaXB0aW9uOiBUaGlzIHRlbXBsYXRlIHByb3ZpZGVzIGEgc3RhbmRhbG9uZSBNb25nb0RC\ +IHNlcnZlciB3aXRoIGEgZGF0YWJhc2UgY3JlYXRlZC4gIFRoZSBkYXRhYmFzZSBpcyBzdG9yZWQg\ +b24gcGVyc2lzdGVudCBzdG9yYWdlLiAgVGhlIGRhdGFiYXNlIG5hbWUsIHVzZXJuYW1lLCBhbmQg\ +cGFzc3dvcmQgYXJlIGNob3NlbiB2aWEgcGFyYW1ldGVycyB3aGVuIHByb3Zpc2lvbmluZyB0aGlz\ +IHNlcnZpY2UuCnBsYW5zOgogIC0gbmFtZTogZGV2CiAgICBkZXNjcmlwdGlvbjogVGhpcyBkZWZh\ +dWx0IHBsYW4gZGVwbG95cyBtb25nb2RiCiAgICBmcmVlOiB0cnVlCiAgICBtZXRhZGF0YToKICAg\ +ICAgZGlzcGxheU5hbWU6IERlZmF1bHQKICAgICAgbG9uZ0Rlc2NyaXB0aW9uOiBUaGlzIHBsYW4g\ +ZGVwbG95cyBNb25nb2RiCiAgICAgIGNvc3Q6ICQwLjAwCiAgICBwYXJhbWV0ZXJzOiAqX3BhcmFt\ +cwogIC0gbmFtZTogcHJvZAogICAgZGVzY3JpcHRpb246IFRoaXMgcHJvZHVjdGlvbiBwbGFuIGRl\ +cGxveXMgbW9uZ29kYgogICAgZnJlZTogdHJ1ZQogICAgbWV0YWRhdGE6CiAgICAgIGRpc3BsYXlO\ +YW1lOiBEZWZhdWx0CiAgICAgIGxvbmdEZXNjcmlwdGlvbjogVGhpcyBwbGFuIGRlcGxveXMgTW9u\ +Z29kYiB3aXRoIGEgcGVyc2lzdGVudCB2b2x1bWUKICAgICAgY29zdDogJDAuMDAKICAgIHBhcmFt\ +ZXRlcnM6ICpfcGFyYW1zCg==" + + + + + + +COPY playbooks /opt/apb/actions +COPY roles /opt/ansible/roles +RUN chmod -R g=u /opt/{ansible,apb} +USER apb diff --git a/mongodb-apb/Makefile b/mongodb-apb/Makefile new file mode 100644 index 0000000..f1c9f00 --- /dev/null +++ b/mongodb-apb/Makefile @@ -0,0 +1,56 @@ +CONTEXT = ansibleplaybookbundle +VERSION = v0.1 +IMAGE_NAME = mongodb-apb +DISTRO = centos7 +REGISTRY = 172.30.1.1:5000 +OC_USER = developer +OC_PASS = developer +APB_APP = mongodb +APB_SPEC = `base64 --wrap=0 apb.yml` +IMAGE = ${CONTEXT}/${IMAGE_NAME}:${DISTRO}-${VERSION} + +ifneq ($(shell oc whoami . 2> /dev/null; echo $$?), 0) + loggedin = $(shell oc login -u ${OC_USER} -p ${OC_PASS}) +endif +ifndef project + export project = $(shell oc project -q) +endif + +all: localtest localteardown build push + +.PHONY: localbuild +localbuild: + docker build --no-cache \ + --label "com.redhat.apb.version=${VERSION}" \ + --label "com.redhat.apb.spec=${APB_SPEC}" \ + -t ${CONTEXT}/${IMAGE_NAME}:${DISTRO}-${VERSION} \ + -t ${CONTEXT}/${IMAGE_NAME} . + +.PHONY: build +build: + apb build --tag ${CONTEXT}/${IMAGE_NAME}:${DISTRO}-${VERSION} + +.PHONY: push +push: + docker login -u ${OC_USER} -p `oc whoami -t` ${REGISTRY} + docker tag ${CONTEXT}/${IMAGE_NAME}:${DISTRO}-${VERSION} \ + ${REGISTRY}/${project}/${IMAGE_NAME} + docker push ${REGISTRY}/${project}/${IMAGE_NAME} + apb push + +.PHONY: buildopenshift +buildopenshift: + oc patch bc/${APB_APP} --patch="{\"spec\": {\"output\": {\"imageLabels\":[{\"name\":\"com.redhat.apb.spec\", \"value\": \"${APB_SPEC}\"}]}}}" ${project} + oc start-build ${APB_APP} -n ${project} + +test: localtest localteardown + +.PHONY: localtest +localtest: + ANSIBLE_STRATEGY=debug + ansible-playbook playbooks/provision.yml --extra-vars namespace=${project} --extra-vars _apb_plan_id=prod + +.PHONY: localteardown +localteardown: + ANSIBLE_STRATEGY=debug + ansible-playbook playbooks/deprovision.yml --extra-vars namespace=${project} --extra-vars _apb_plan_id=prod diff --git a/mongodb-apb/README.md b/mongodb-apb/README.md new file mode 100644 index 0000000..c67bf30 --- /dev/null +++ b/mongodb-apb/README.md @@ -0,0 +1,17 @@ +# rhscl-mongodb-apb + + +An Ansible Playbook Bundle (APB) to deploy MongoDB. + +## What it does + +Deploys a MongoDB server using the [RHSCL MongoDB container image](https://github.com/sclorg/mongodb-container). + +## Parameters + +See apb.yml file + +## Plans + +- dev +- prod diff --git a/mongodb-apb/ansible.cfg b/mongodb-apb/ansible.cfg new file mode 100644 index 0000000..fd8645a --- /dev/null +++ b/mongodb-apb/ansible.cfg @@ -0,0 +1,2 @@ +[defaults] +roles_path = ./roles:/etc/ansible/roles diff --git a/mongodb-apb/apb.yml b/mongodb-apb/apb.yml new file mode 100644 index 0000000..5fd7219 --- /dev/null +++ b/mongodb-apb/apb.yml @@ -0,0 +1,70 @@ +--- +# Parameters shared among plans +_params: &_params + - name: memory_limit + default: 512Mi + title: Maximum amount of memory the container can use. + type: string + - name: namespace + default: + title: The OpenShift Namespace where the ImageStream resides. + type: string + - name: service_name + default: mongodb + title: The name of the OpenShift Service exposed for the database. + type: string + - name: mongodb_user + default: + title: Username for MongoDB user that will be used for accessing the database. + type: string + - name: mongodb_password + default: + title: Password for the MongoDB connection user. + type: string + - name: mongodb_database + default: sampledb + title: Name of the MongoDB database accessed. + type: string + - name: mongodb_admin_password + default: + title: Password for the database admin user. + type: string + - name: volume_capacity + default: 1Gi + title: Volume space available for data, e.g. 512Mi, 2Gi. + type: string + - name: mongodb_version + default: 3.2 + title: Version of MongoDB image to be used (2.4, 2.6, 3.2 or latest). + type: string + +name: mongodb-apb +image: ansibleplaybookbundle/mongodb-apb +description: This template provides a standalone MongoDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service. +bindable: True +async: optional +tags: + - databases + - mongodb +metadata: + documentationUrl: https://access.redhat.com + displayName: MongoDB (Persistent) + console.openshift.io/iconClass: icon-mongodb + longDescription: This template provides a standalone MongoDB server with a database created. The database is stored on persistent storage. The database name, username, and password are chosen via parameters when provisioning this service. +plans: + - name: dev + description: This default plan deploys mongodb + free: true + metadata: + displayName: Default + longDescription: This plan deploys Mongodb + cost: $0.00 + parameters: *_params + - name: prod + description: This production plan deploys mongodb + free: true + metadata: + displayName: Default + longDescription: This plan deploys Mongodb with a persistent volume + cost: $0.00 + parameters: *_params diff --git a/mongodb-apb/playbooks/deprovision.yml b/mongodb-apb/playbooks/deprovision.yml new file mode 100644 index 0000000..7ac53fa --- /dev/null +++ b/mongodb-apb/playbooks/deprovision.yml @@ -0,0 +1,12 @@ +- name: Remove mongodb-apb from openshift + hosts: localhost + gather_facts: false + connection: local + vars: + - state: absent + roles: + - role: ansible.kubernetes-modules + install_python_requirements: no + - role: ansible-asb-modules + - role: mongodb-apb-openshift + playbook_debug: true diff --git a/mongodb-apb/playbooks/group_vars/all b/mongodb-apb/playbooks/group_vars/all new file mode 100644 index 0000000..e78eca3 --- /dev/null +++ b/mongodb-apb/playbooks/group_vars/all @@ -0,0 +1,11 @@ +--- +state: present +_apb_plan_id: dev +mongodb_admin_password: "{{ lookup('password', '/tmp/pass chars=ascii_letters,digits') }}" +mongodb_password: "{{ lookup('password', '/tmp/pass chars=ascii_letters,digits') }}" +mongodb_user: "admin" +volume_size: "1Gi" +mongodb_version: "3.2" +image: "centos/mongodb-{{ mongodb_version | replace('.', '') }}-centos7" +service_name: mongodb +mongodb_database: sampledb diff --git a/mongodb-apb/playbooks/provision.yml b/mongodb-apb/playbooks/provision.yml new file mode 100644 index 0000000..aea8885 --- /dev/null +++ b/mongodb-apb/playbooks/provision.yml @@ -0,0 +1,10 @@ +- name: Deploy mongodb-apb to openshift + hosts: localhost + gather_facts: false + connection: local + roles: + - role: ansible.kubernetes-modules + install_python_requirements: no + - role: ansible-asb-modules + - role: mongodb-apb-openshift + playbook_debug: true diff --git a/mongodb-apb/playbooks/test.yml b/mongodb-apb/playbooks/test.yml new file mode 100644 index 0000000..bc80903 --- /dev/null +++ b/mongodb-apb/playbooks/test.yml @@ -0,0 +1,12 @@ +- name: Test mongodb-apb on openshift + hosts: localhost + gather_facts: false + connection: local + vars: + target: all + tasks: + - name: Test entrypoint + make: + chdir: . + target: "{{ target }}" + become: yes diff --git a/mongodb-apb/roles/mongodb-apb-openshift/tasks/dev.yml b/mongodb-apb/roles/mongodb-apb-openshift/tasks/dev.yml new file mode 100644 index 0000000..12c8a83 --- /dev/null +++ b/mongodb-apb/roles/mongodb-apb-openshift/tasks/dev.yml @@ -0,0 +1,60 @@ +- name: set development deployment config state to "{{ state }}" + openshift_v1_deployment_config: + name: mongodb + namespace: "{{ namespace }}" + labels: + app: mongodb-apb + service: mongodb + replicas: 1 + selector: + app: mongodb-apb + service: mongodb + strategy_type: Rolling + strategy_rolling_params: + interval_seconds: 1 + max_surge: 25% + max_unavailable: 25% + timeout_seconds: 600 + update_period_seconds: 1 + spec_template_metadata_labels: + app: mongodb-apb + service: mongodb + containers: + - env: + - name: MONGODB_ADMIN_PASSWORD + value: "{{ mongodb_admin_password }}" + - name: MONGODB_PASSWORD + value: "{{ mongodb_password }}" + - name: MONGODB_USER + value: "{{ mongodb_user }}" + - name: MONGODB_DATABASE + value: "{{ mongodb_database }}" + image: "{{ image }}" + image_pull_policy: IfNotPresent + liveness_probe: + initial_delay_seconds: 30 + tcp_socket: + port: 27017 + timeout_seconds: 1 + readiness_probe: + exec: + command: + - "/bin/sh" + - "-i" + - "-c" + - "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\"" + initial_delay_seconds: 3 + timeout_seconds: 1 + name: mongodb + ports: + - container_port: 27017 + protocol: TCP + termination_message_path: /dev/termination-log + working_dir: / + dns_policy: ClusterFirst + restart_policy: Always + termination_grace_period_seconds: 30 + test: false + triggers: + - type: ConfigChange + state: "{{ state }}" diff --git a/mongodb-apb/roles/mongodb-apb-openshift/tasks/main.yml b/mongodb-apb/roles/mongodb-apb-openshift/tasks/main.yml new file mode 100644 index 0000000..3bebf24 --- /dev/null +++ b/mongodb-apb/roles/mongodb-apb-openshift/tasks/main.yml @@ -0,0 +1,59 @@ +- name: "set service state to {{ state }}" + k8s_v1_service: + name: mongodb + namespace: "{{ namespace }}" + labels: + app: mongodb-apb + service: mongodb + selector: + app: mongodb-apb + service: mongodb + ports: + - name: port-27017 + port: 27017 + protocol: TCP + target_port: 27017 + state: "{{ state }}" + register: mongodb_service + +- name: scale deployment down + openshift_v1_deployment_config: + name: mongodb + namespace: "{{ namespace }}" + replicas: 0 + state: present + selector: + app: mongodb-apb + service: mongodb + when: state == "absent" + +- name: delete replication controller + k8s_v1_replication_controller: + name: mongodb-1 + namespace: "{{ namespace }}" + state: absent + when: state == "absent" + +- include: dev.yml + when: _apb_plan_id == "dev" + +- include: prod.yml + when: _apb_plan_id == "prod" + +- name: Wait for mongodb to come up + wait_for: + port: 27017 + host: "{{ mongodb_service.service.spec.cluster_ip }}" + timeout: 300 + when: state == "present" + +- name: encode bind credentials + asb_encode_binding: + fields: + DB_TYPE: mongodb + DB_HOST: mongodb + DB_PORT: 27017 + DB_USER: "{{ mongodb_user }}" + DB_PASSWORD: "{{ mongodb_password }}" + DB_NAME: "{{ mongodb_database }}" + when: state == "present" diff --git a/mongodb-apb/roles/mongodb-apb-openshift/tasks/prod.yml b/mongodb-apb/roles/mongodb-apb-openshift/tasks/prod.yml new file mode 100644 index 0000000..9f0542b --- /dev/null +++ b/mongodb-apb/roles/mongodb-apb-openshift/tasks/prod.yml @@ -0,0 +1,73 @@ +- name: set volume claim state to {{ state }} + k8s_v1_persistent_volume_claim: + name: "{{ service_name }}" + namespace: "{{ namespace }}" + labels: + app: mongodb-apb + service: "{{ service_name }}" + access_modes: + - ReadWriteOnce + resources_requests: + storage: "{{ volume_size }}" + state: "{{ state }}" + +- name: set development deployment config state to "{{ state }}" + openshift_v1_deployment_config: + name: mongodb + namespace: "{{ namespace }}" + labels: + app: mongodb-apb + service: mongodb + replicas: 1 + selector: + app: mongodb-apb + service: mongodb + strategy_type: Rolling + strategy_rolling_params: + interval_seconds: 1 + max_surge: 25% + max_unavailable: 25% + timeout_seconds: 600 + update_period_seconds: 1 + spec_template_metadata_labels: + app: mongodb-apb + service: mongodb + containers: + - env: + - name: MONGODB_ADMIN_PASSWORD + value: "{{ mongodb_admin_password }}" + - name: MONGODB_PASSWORD + value: "{{ mongodb_password }}" + - name: MONGODB_USER + value: "{{ mongodb_user }}" + - name: MONGODB_DATABASE + value: "{{ mongodb_database }}" + image: "{{ image }}" + image_pull_policy: IfNotPresent + liveness_probe: + initial_delay_seconds: 30 + tcp_socket: + port: 27017 + timeout_seconds: 1 + readiness_probe: + exec: + command: + - "/bin/sh" + - "-i" + - "-c" + - "mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p $MONGODB_PASSWORD --eval=\"quit()\"" + initial_delay_seconds: 3 + timeout_seconds: 1 + name: mongodb + ports: + - container_port: 27017 + protocol: TCP + termination_message_path: /dev/termination-log + working_dir: / + dns_policy: ClusterFirst + restart_policy: Always + termination_grace_period_seconds: 30 + test: false + triggers: + - type: ConfigChange + state: "{{ state }}"