CodeNow · thejsj · Apr 7, 2017 · Mar 13, 2017 · Mar 13, 2017 · Mar 13, 2017
diff --git a/ansible/dock-generate-launch-config.yml b/ansible/dock-generate-launch-config.yml
@@ -0,0 +1,10 @@
+---
+- hosts: cream
+  tasks:
+  - fail: msg="`dock` (target dock) needs to be defined to run this role"
+    when: dock is not defined
+  - add_host:
+      name={{ dock }}
+      groups=dock
+  roles:
+  - { role: dock_launch_config }
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
@@ -204,6 +204,9 @@ navi_mongo_port: 27017
 
 npm_token: c76363e9-78e0-4667-82ac-e2ac01efcfe2
 
+# remote vault
+vault_port=65240
+
 # local-vault
 vault_local_port: 31836
 vault_addr: http://127.0.0.1:{{ vault_local_port }}

diff --git a/ansible/roles/base_ubuntu/tasks/main.yml b/ansible/roles/base_ubuntu/tasks/main.yml
@@ -1,6 +1,7 @@
 ---
 - name: ensure registry.runnable in /etc/hosts
   become: true
+  tags: ensure_registry
   when: dock is not defined
   lineinfile:
     dest=/etc/hosts

diff --git a/ansible/roles/dock-images/tasks/main.yml b/ansible/roles/dock-images/tasks/main.yml
@@ -5,19 +5,15 @@
     name=docker
     state=started
 
-- name: add runnable registry to /etc/hosts
+- name: docker login
   become: true
-  blockinfile:
-    dest: /etc/hosts
-    insertafter: EOF
-    block: |
-      {{ registry_address }} registry.runnable.com
+  command: docker login -u {{ docker_hub_username }} -p {{ docker_hub_password }}
 
 - name: pulling docker images
   become: true
   command: docker pull {{ item }}
   with_items:
-    - "registry.runnable.com/runnable/image-builder:v4.3.0"
+    - "runnable/image-builder:v4.3.0" # private
     - "swarm:1.2.5"
     - "registry:2.3.1"
     - "google/cadvisor:v0.24.1"
@@ -38,6 +34,10 @@
     - "runnable/mongo:3.2"
     - "runnable/redis:3.2"
 
+- name: docker logout
+  become: true
+  command: docker logout
+
 - name: stopping docker
   become: true
   service:

diff --git a/ansible/roles/dock-init/tasks/main.yml b/ansible/roles/dock-init/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
 - fail: msg="value tokens need to be defined for this role"
+  tags: vault_files
   when: vault_auth_token is not defined or vault_token_01 is not defined or vault_token_02 is not defined or vault_token_03 is not defined
 
 - name: create vault auth directory
@@ -25,12 +26,10 @@
   - { file_name: 'token-02', value: "{{ vault_token_02 }}" }
   - { file_name: 'token-03', value: "{{ vault_token_03 }}" }
 
-- fail: msg="docks_rollbar_key needs to be defined for this role"
-  when: docks_rollbar_key is not defined
-
 - name: copy rollbar token
   tags: rollbar
   become: true
+  when: docks_rollbar_key is defined
   lineinfile:
     dest="/opt/runnable/dock-init/key/rollbar.token"
     line="{{ docks_rollbar_key }}"

diff --git a/ansible/roles/dock_launch_config/tasks/main.yml b/ansible/roles/dock_launch_config/tasks/main.yml
@@ -0,0 +1,39 @@
+---
+- name: create new config file for krain
+  template:
+    src=upstart.conf
+    dest=~/{{ app_name }}.conf
+    backup=yes
+  vars:
+    - app_name: "krain"
+
+- name: encode krain config to base64
+  shell: cat ~/{{ app_name }}.conf | base64 -w 0
+  register: krain_base64
+  vars:
+    - app_name: "krain"
+
+- name: create new config file for charon
+  template:
+    src=upstart.conf
+    dest=~/{{ app_name }}.conf
+    backup=yes
+  vars:
+    - app_name: "charon"
+
+- name: encode krain config to base64
+  shell: cat ~/{{ app_name }}.conf | base64 -w 0
+  register: charon_base64
+  vars:
+    - app_name: "charon"
+
+- name: Generate init script
+  template:
+    src=init.tmpl
+    dest=~/init.sh
+  vars:
+    tokens:
+    - { file_name: 'auth-token', value: "{{ vault_auth_token }}" }
+    - { file_name: 'token-01', value: "{{ vault_token_01 }}" }
+    - { file_name: 'token-02', value: "{{ vault_token_02 }}" }
+    - { file_name: 'token-03', value: "{{ vault_token_03 }}" }
diff --git a/ansible/roles/dock_launch_config/templates/init.tmpl b/ansible/roles/dock_launch_config/templates/init.tmpl
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+# Set ENV files
+export CONSUL_PORT={{ consul_api_port }}
+export CONSUL_HOSTNAME={{ ansible_default_ipv4.address }}
+export VAULT_PORT={{ vault_port }}
+
+# Set Vault Tokens
+{% for item in tokens %}
+echo {{ item.value }} >> /opt/runnable/dock-init/consul-resources/vault/{{ node_env }}/{{ item.file_name }}
+{% endfor %}
+
+# Create directory for env
+mkdir /opt/runnable/dock-init/consul-resources/vault/{{ node_env }}"
+chown ubuntu:ubuntu /opt/runnable/dock-init/consul-resources/vault/{{ node_env }}"
+chmod 0711 /opt/runnable/dock-init/consul-resources/vault/{{ node_env }}"
+
+# Add upstart files
+echo {{ krain_base64['stdout'] }} | base64 --decode >> /etc/init/krain.conf
+echo {{ charon_base64['stdout'] }} | base64 --decode >> /etc/init/charon.conf
+
+# Start services
+service krain start
+service charon start
+CONSUL_HOSTNAME=10.4.0.148 CONSUL_PORT=65200 VAULT_PORT=65240 bash /opt/runnable/dock-init/init.sh | tee /var/log/user-script-dock-init.log
diff --git a/ansible/roles/dock_launch_config/templates/upstart.conf b/ansible/roles/dock_launch_config/templates/upstart.conf
@@ -0,0 +1,41 @@
+#!upstart
+description "{{ app_name }}"
+author "Anandkumar Patel"
+
+env NPM_BIN=/usr/local/bin/npm
+env APP_DIR=/opt/runnable/{{ app_name }}
+env LOG_FILE={{ app_log_dir }}/{{ app_name }}.log
+env NODE_ENV={{ node_env }}
+
+{% if enviroment_vars is defined %}
+{% for name, value in enviroment_vars.iteritems() %}
+env {{ name }}={{ value }}
+{% endfor %}
+{% endif %}
+
+start on (local-filesystems and net-device-up IFACE=eth0)
+stop on shutdown
+
+script
+  touch $LOG_FILE
+  chdir $APP_DIR
+  echo $$ > /var/run/{{ app_name }}.pid
+  exec $NPM_BIN start >> $LOG_FILE 2>&1
+end script
+
+pre-start script
+  # Date format same as (new Date()).toISOString() for consistency
+  echo "[`date -u +%Y-%m-%dT%T.%3NZ`] (sys) Starting" >> $LOG_FILE
+end script
+
+pre-stop script
+  rm /var/run/{{ app_name }}.pid
+  echo "[`date -u +%Y-%m-%dT%T.%3NZ`] (sys) Stopping" >> $LOG_FILE
+end script
+
+post-start script
+  echo "===== App restarted =====" >> $LOG_FILE
+end script
+
+respawn
+respawn limit 5 1     # give up restart after 5 respawns in 1 seconds
diff --git a/ansible/roles/git_repo/tasks/main.yml b/ansible/roles/git_repo/tasks/main.yml
@@ -9,6 +9,7 @@
     msg: "application Installed: {{ app_name }}, branch : {{ git_branch }} "
 
 - name: create repository dir
+  become: true
   file:
     path=/opt/runnable/{{ app_name }}
     state=directory

diff --git a/ansible/roles/image-builder/tasks/main.yml b/ansible/roles/image-builder/tasks/main.yml
@@ -7,10 +7,10 @@
 
 - name: build the image-builder
   tags: deploy
-  command: sudo docker build --no-cache --tag="registry.runnable.com/{{ image_builder_docker_namespace }}:{{ git_branch }}" /opt/runnable/image-builder
+  command: sudo docker build --no-cache --tag="{{ image_builder_docker_namespace }}:{{ git_branch }}" /opt/runnable/image-builder
 
 - name: push image-builder
   tags: deploy
   run_once: true
-  command: sudo docker push "registry.runnable.com/{{ image_builder_docker_namespace }}:{{ git_branch }}"
+  command: sudo docker push "{{ image_builder_docker_namespace }}:{{ git_branch }}"
   when: dock is not defined
diff --git a/ansible/roles/loggly/tasks/main.yml b/ansible/roles/loggly/tasks/main.yml
@@ -122,7 +122,7 @@
     state=present
 
 - name: runnable bin directory
-  tags: [ loggly, clean ] 
+  tags: [ loggly, clean ]
   become: true
   file:
     path=/opt/runnable/bin
@@ -141,7 +141,7 @@
    mode=0700
 
 - name: purge log files
-  tags: [ loggly, clean ] 
+  tags: [ loggly, clean ]
   become: true
   cron:
     name="purge log files"

diff --git a/ansible/roles/node_service/tasks/main.yml b/ansible/roles/node_service/tasks/main.yml
@@ -22,15 +22,15 @@
     create=yes
 
 - name: create new config file
-  tags: deploy
+  tags: deploy,render_node_service_config
   become: true
   template:
     src=upstart.conf
     dest=/etc/init/{{ app_name }}.conf
     backup=yes
 
 - name: restart service {{ app_name }}
-  tags: deploy
+  tags: deploy,render_node_service_config
   become: true
   when: dock is not defined
   service: