Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adapt deployment process to support our external geth instances #366

Open
wants to merge 23 commits into
base: master
Choose a base branch
from
Open

Adapt deployment process to support our external geth instances #366

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
4591a46
Fix problem with dependencies versions
bartoszbetka Apr 1, 2019
a8251db
Bump kubectl version up to `1.14.0-00`
bartoszbetka Apr 1, 2019
d3d4e31
Delete installation of `google_cloud_sdk` package because its pre-ins…
bartoszbetka Apr 2, 2019
4822087
Add `cloud/create-compute-instance-for-deployment-server.yml` playboo…
bartoszbetka Mar 29, 2019
24690b2
Add `cloud/configure-concent-deployment-server.yml` playbook that con…
bartoszbetka Apr 1, 2019
ae5884f
Extract building cluster configuration from the `concent-builder/buil…
bartoszbetka Apr 1, 2019
58f3d97
Add ability to use concent-deployment-server in ansible playbooks
bartoszbetka Apr 1, 2019
484867c
Delete the use of `builder` user in ansible playbooks that operates o…
bartoszbetka Apr 1, 2019
7f6b921
Add the `build-cluster-configuration.yml` playbook to Jenkinsfile
bartoszbetka Apr 1, 2019
3d7faab
Delete uploading cluster secrets for the `configure-jenkins.yml` play…
bartoszbetka Apr 1, 2019
8fd5a92
Add information about deployment server to the `README.md` file
bartoszbetka Apr 2, 2019
8b66aea
fixup! Add `cloud/configure-concent-deployment-server.yml` playbook t…
bartoszbetka Apr 25, 2019
234674c
fixup! Add `cloud/configure-concent-deployment-server.yml` playbook t…
bartoszbetka Apr 25, 2019
3820efe
fixup! Add ability to use concent-deployment-server in ansible playbooks
bartoszbetka Apr 25, 2019
918fc2b
fixup! Add `cloud/configure-concent-deployment-server.yml` playbook t…
bartoszbetka Apr 25, 2019
026728e
fixup! Extract building cluster configuration from the `concent-build…
bartoszbetka Apr 25, 2019
e66176f
fixup! Add `cloud/configure-concent-deployment-server.yml` playbook t…
bartoszbetka Apr 25, 2019
4a9bfb4
fixup! Add `cloud/create-compute-instance-for-deployment-server.yml` …
bartoszbetka Apr 25, 2019
52e3cc5
fixup! Extract building cluster configuration from the `concent-build…
bartoszbetka Apr 25, 2019
2317288
fixup! Add ability to use concent-deployment-server in ansible playbooks
bartoszbetka Apr 25, 2019
13f2bd0
fixup! Add information about deployment server to the `README.md` file
bartoszbetka Apr 25, 2019
e31ab65
Modify build kubernetes process to support our external geth instances
bartoszbetka Mar 19, 2019
2584517
Delete building geth instances on the cluster from kubernetes buildin…
bartoszbetka Mar 19, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 37 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,18 @@ Do this if you want to use the virtual machine for deployment.

This will run the `configure.yml` playbook for you.

### Creating `concent-deployment` machine

This step creates the `concent-deployment` machine meant to be used for deployment to `mainnet`, `testnet`, `staging` clusters environment and configuration machines, disks etc.

- Run the `create-compute-instance-for-deployment-server.yml` playbook.

``` bash
cd concent-deployment/cloud/
ansible-playbook create-compute-instance-for-deployment-server.yml \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user
```
### Configuring `concent-builder` machine

Do this if you want to use the remote server for building and deploying.
Expand All @@ -157,6 +169,19 @@ Do this if you want to use the remote server for building and deploying.

Where the `$user` shell variable contains the name of your shell account on the remote machine.

### Configuring `concent-deployment` machine

This step configures the `concent-deployment` machine.

- Run the `configure-concent-deployment-server.yml` playbook.

``` bash
cd concent-deployment/concent-builder/
ansible-playbook configure-concent-deployment-server.yml \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user
```

### Setting up Ethereum client on a separate machine
This step installs and configures Geth on a separate machine in Google Compute Engine.
This is optional since Geth can be deployed automatically as a part of a Concent cluster but when you have multiple clusters, having one shared instance of the client allows you to use less resources.
Expand Down Expand Up @@ -189,6 +214,11 @@ ansible-playbook create-vm-instances-for-geth.yml \
This step must be performed separately for every user of the build server who needs to be able to access other parts of the project infrastructure on Google Cloud with `kubectl` or `gcloud`.
It can be performed by user himself or an admin who can impersonate him with `sudo`.

The `$cluster` variable determines which server the playbook will be executed on.
For `concent-dev` it connects to `concent-builder`.
For other values (`concent-staging`, `concent-testnet` or `concent-mainnet`) - to `concent-deployment-server`.
This behavior applies to all playbooks, except for `build-test-and-push-containers.yml`.

The `$user_name` variable below indicates the user account to be authorized.
To perform this step you need to have the .vault files with encrypted secrets in your local `concent-secrets/` directory.
Only cloud secrets are required in this case.
Expand All @@ -197,7 +227,7 @@ Ansible will prompt you for password required to decrypt them.
```bash
cd concent-deployment/cloud/
ansible-playbook configure-user-authentication-for-clusters.yml \
--extra-vars user_name=$user_name \
--extra-vars "cluster=$cluster user_name=$user_name" \
--ask-vault-pass \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user
Expand All @@ -219,7 +249,12 @@ ansible-playbook install-repositories.yml \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user

ansible-playbook build-test-and-push.yml \
ansible-playbook build-cluster-configuration.yml \
--extra-vars cluster=$cluster \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user
```
ansible-playbook build-test-and-push-containers.yml \
--extra-vars cluster=$cluster \
--inventory ../../concent-deployment-values/ansible_inventory \
--user $user
Expand Down
2 changes: 1 addition & 1 deletion cloud/cluster-deploy-secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
- hosts:
- concent-builder
- "{{ 'concent-deployment-server' if cluster in ['concent-mainnet', 'concent-testnet', 'concent-staging'] else 'concent-builder' }}"
vars_files:
- ../concent-builder/consts.yml
- ../containers/versions.yml
Expand Down
2 changes: 1 addition & 1 deletion cloud/cluster-remove-secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
- hosts:
- concent-builder
- "{{ 'concent-deployment-server' if cluster in ['concent-mainnet', 'concent-testnet', 'concent-staging'] else 'concent-builder' }}"
vars_files:
- ../concent-builder/consts.yml
- ../containers/versions.yml
Expand Down
69 changes: 69 additions & 0 deletions cloud/configure-concent-deployment-server.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
- hosts:
- concent-deployment-server
vars_files:
- ../containers/versions.yml
- ../concent-builder/consts.yml
- ../concent-builder/repositories.yml
- "{{ deployment_values }}/var.yml"
roles:
- { role: upload_cluster_secrets, cluster: "concent-dev" }
- { role: upload_cluster_secrets, cluster: "concent-staging" }
- { role: upload_cluster_secrets, cluster: "concent-testnet" }
- { role: upload_cluster_secrets, deploy_cloud_secrets: yes }
tasks:
- become: yes
become_user: root
block:
- name: include common prerequire tasks from `prerequire-configure-tasks.yml` file
include_tasks: ../concent-builder/common_tasks/prerequire-configure-tasks.yml

- name: include task from `install-basic-utilities.yml` file
include_tasks: ../concent-builder/common_tasks/install-basic-utilities.yml

- name: Install system updates for Debian
apt: update_cache=yes

- name: Install basic packages
apt:
name:
- ncdu
- tree
- htop
- tmux

- name: Install dependencies
apt:
name:
- git
- kubectl={{ kubectl_version }}
- gcc
- postgresql-{{ postgres_version }}
- python3-psycopg2
- libssl-dev

- name: include common postrequire tasks from `postrequire-configure-tasks.yml` file
include_tasks: ../concent-builder/common_tasks/postrequire-configure-tasks.yml

- block:
- name: Create directory for concent repositories
file:
path: "{{ deployment_dir }}"
state: directory

- name: Clone concent repositories
git:
repo: "{{ item.url }}"
dest: "{{ deployment_dir }}/{{ item.name }}"
clone: yes
update: yes
version: master
force: yes
with_items:
- { url: "{{ repositories['concent-deployment'].url }}", name: concent-deployment }
- { url: "{{ repositories['concent-deployment-values'].url }}", name: concent-deployment-values }

- name: Create symbolic link to concent-secrets in user home directory
file:
src: "{{ data_dir }}/concent-secrets/"
dest: "{{ deployment_dir }}/concent-secrets"
state: link
3 changes: 2 additions & 1 deletion cloud/configure-user-authentication-for-clusters.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
- hosts:
- concent-builder
- "{{ 'concent-deployment-server' if cluster in ['concent-mainnet', 'concent-testnet', 'concent-staging'] else 'concent-builder' }}"
vars_files:
- ../concent-builder/consts.yml
- "{{ deployment_values }}/var.yml"
- "{{ deployment_values }}/var-{{ cluster }}.yml"
tasks:
- become: yes
become_user: root
Expand Down
20 changes: 20 additions & 0 deletions cloud/create-compute-instance-for-deployment-server.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
- hosts:
- localhost
vars_files:
- ../concent-builder/consts.yml
- "{{ deployment_values }}/var.yml"
vars:
server_name: concent-deployment-server
name_of_ip: "{{ server_name }}-ip"
roles:
- reserve_static_ip
tasks:
- block:
- name: Create a GCP instance for {{ server_name }}
command: >
gcloud compute instances create {{ server_name }}
--description "Vm instance that contain {{ server_name }}"
--machine-type f1-micro
--address {{ name_of_ip }}
--project {{ gke.project }}
--zone {{ gke.zone }}
2 changes: 1 addition & 1 deletion cloud/create-databases.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
- hosts:
- concent-builder
- concent-deployment-server
vars_files:
- ../concent-builder/consts.yml
- "{{ deployment_values }}/var.yml"
Expand Down
2 changes: 1 addition & 1 deletion cloud/drop-databases.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
- hosts:
- concent-builder
- concent-deployment-server
vars_files:
- ../concent-builder/consts.yml
- "{{ deployment_values }}/var.yml"
Expand Down
15 changes: 15 additions & 0 deletions cloud/roles/reserve_static_ip/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
- name: Check if static IP address already exists
shell: >
gcloud compute addresses list
--project {{ gke.project }}
| grep {{ name_of_ip }}
register: ip_address_result
ignore_errors: yes

- name: Reserve static IP address for the "{{ server_name }}" instance
command: >
gcloud compute addresses create {{ name_of_ip }}
--description "Static IP attached to {{ server_name }} instance"
--project {{ gke.project }}
--region europe-west3
when: ip_address_result.stdout == ""
30 changes: 30 additions & 0 deletions cloud/roles/upload_cluster_secrets/tasks/cloud-secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
- become: yes
become_user: root
block:
- name: Create user that will be used for building stuff
user:
name: "{{ shared_user }}"
state: present

- name: Create data_dir
file:
path: "{{ item }}"
state: directory
owner: "{{ shared_user }}"
group: "{{ shared_user }}"
mode: 0777
with_items:
- "{{ data_dir }}"
- "{{ data_dir }}/concent-secrets/"
- "{{ data_dir }}/concent-secrets/cloud/"

- name: Upload secrets
copy:
src: "{{ local_secret_dir }}/{{ item }}"
dest: "{{ data_dir }}/concent-secrets/{{ item }}"
decrypt: no
owner: "{{ shared_user }}"
group: "{{ shared_user }}"
with_items:
- cloud/{{ gke.service_account_name }}-private-key.json.vault
- cloud/cloud-secrets.yml.vault
33 changes: 33 additions & 0 deletions cloud/roles/upload_cluster_secrets/tasks/cluster-secrets.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
- become: yes
become_user: root
block:
- name: Create user that will be used for building stuff
user:
name: "{{ shared_user }}"
state: present

- name: Create a global directory for data shared by all users
file:
path: "{{ item }}"
state: directory
owner: "{{ shared_user }}"
group: "{{ shared_user }}"
mode: 0777
with_items:
- "{{ data_dir }}"
- "{{ data_dir }}/concent-secrets/"
- "{{ data_dir }}/concent-secrets/{{ cluster }}"

- name: Upload secrets
copy:
src: "{{ local_secret_dir }}/{{ cluster }}/{{ item }}"
dest: "{{ data_dir }}/concent-secrets/{{ cluster }}/{{ item }}"
decrypt: no
owner: "{{ shared_user }}"
group: "{{ shared_user }}"
with_items:
- cluster-secrets.yml.vault
- nginx-proxy-ssl.crt.vault
- nginx-proxy-ssl.key.vault
- nginx-storage-ssl.crt.vault
- nginx-storage-ssl.key.vault
5 changes: 5 additions & 0 deletions cloud/roles/upload_cluster_secrets/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
- include_tasks: cluster-secrets.yml
when: cluster is defined and cluster in ['concent-dev', 'concent-staging', 'concent-testnet']

- include_tasks: cloud-secrets.yml
when: deploy_cloud_secrets is defined and deploy_cloud_secrets
27 changes: 27 additions & 0 deletions concent-builder/build-cluster-configuration.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
- hosts:
- "{{ 'concent-deployment-server' if cluster in ['concent-mainnet', 'concent-testnet', 'concent-staging'] else 'concent-builder' }}"
vars_files:
- consts.yml
- repositories.yml
- ../containers/versions.yml
- "{{ deployment_values }}/var.yml"
- "{{ deployment_values }}/var-{{ cluster }}.yml"
roles:
- clean_up_and_set_up_environment
tasks:
- name: Install var.yml from the local machine
copy:
src: "{{ deployment_values }}/{{ item }}"
dest: "{{ build_dir }}/concent-deployment/kubernetes/"
with_items:
- var.yml
- var-{{ cluster }}.yml

- name: Build cluster configuration
make:
chdir: "{{ build_dir }}/concent-deployment/kubernetes"
params:
CONCENT_SECRET_DIR: "{{ deployment_dir }}/concent-secrets/{{ cluster }}"
IMAGE_PREFIX: "{{ image_prefix }}"
CLUSTER: "{{ cluster }}"

29 changes: 0 additions & 29 deletions concent-builder/build-test-and-push.yml → ...uilder/build-test-and-push-containers.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,42 +7,13 @@
- "{{ deployment_values }}/var.yml"
- "{{ deployment_values }}/var-{{ cluster }}.yml"
tasks:
- name: Remove the build directory to get rid of files from previous builds
file:
path: "{{ build_dir }}"
state: absent

- name: Check out working copy of concent-deployment repositories
git:
repo: "{{ data_dir }}/concent-deployment"
dest: "{{ build_dir }}/concent-deployment"
version: "{{ concent_versions[concent_version].versions['concent-deployment'] }}"
clone: yes
update: yes

- name: Install var.yml from the local machine
copy:
src: "{{ deployment_values }}/{{ item }}"
dest: "{{ build_dir }}/concent-deployment/kubernetes/"
with_items:
- var.yml
- var-{{ cluster }}.yml

- block:
- name: Build containers
make:
chdir: "{{ build_dir }}/concent-deployment/containers"
params:
IMAGE_PREFIX: "{{ image_prefix }}"

- name: Build cluster configuration
make:
chdir: "{{ build_dir }}/concent-deployment/kubernetes"
params:
CONCENT_SECRET_DIR: "{{ deployment_dir }}/concent-secrets/{{ cluster }}"
IMAGE_PREFIX: "{{ image_prefix }}"
CLUSTER: "{{ cluster }}"

- name: Create custom network that allows communication between django and postgres containers
command: docker network create {{ concent_versions[concent_version].gke.cluster }}-{{ image_prefix }}unittest-network

Expand Down
1 change: 1 addition & 0 deletions concent-builder/common_tasks/postrequire-configure-tasks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@

- name: Install dependencies for pyenv
apt:
default_release: testing
name:
- zlib1g-dev
- libbz2-dev
Expand Down
Loading