[CE-413]Enable composer on fabric over k8s

Currently ansible agent sets up composer on docker environment. When fabric is setup on k8s environment, the agent skipped the composer sets up, now since the main focus has been shifted to k8s platform, we need to add this improvement. This patch set will fix that so that even on k8s env, composer will be still available once the fabric is setup Change-Id: Ib559b86898411373f80ef53bbdeb09f00b2ec3d2 Signed-off-by: Tong Li <litong01@us.ibm.com>
hyperledger · Jul 6, 2018 · 0345ebe · 0345ebe
1 parent f0fdf5e
commit 0345ebe
Show file tree

Hide file tree

Showing 6 changed files with 247 additions and 0 deletions.
diff --git a/src/agent/ansible/roles/deploy_k8s/composersetup/tasks/apply.yml b/src/agent/ansible/roles/deploy_k8s/composersetup/tasks/apply.yml
@@ -0,0 +1,151 @@
+---
+- name: Reuse common code
+  include_tasks: "{{ playbook_dir }}/../common/config_apply.yml"
+
+- meta: end_play
+  when: (allorderers | length == 0) or (allpeers | length == 0)
+
+- name: Setup few variables
+  set_fact:
+    alladmin: ""
+    networkname: "{{ lookup('env', 'NETWORKNAME') | default('') }}"
+
+- name: Process networkname
+  set_fact:
+    networkname: "{{ ((networkname|length)==0)|ternary('carauction-network', networkname) }}"
+    adminStr: 'Admin@'
+
+- name: Generate all admin options
+  set_fact:
+    alladmin: "{{ alladmin + '-A ' + item + 'Admin -C /home/composer/.composer/' + item + 'Admin/admin-pub.pem ' }}"
+  with_items: "{{ peerorgs }}"
+  tags: "generatealladmin"
+
+- name: Create deployment file for composer cli
+  template:
+    src: "{{ playbook_dir }}/composersetup/templates/{{ item }}.j2"
+    dest: "{{ playbook_dir }}/../../run/{{ item }}.yaml"
+  with_items:
+    - composercli
+    - composerplayground
+
+- name: Create composer cli initialization pod
+  command: >-
+    ./kubectl --kubeconfig kubeconfig apply -f ../run/composercli.yaml
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  tags: "createcomposerclipod"
+
+- name: Wait for composer cli pod to be ready
+  command: >-
+    ./kubectl --kubeconfig kubeconfig -o=custom-columns=STATUS:.status.phase
+    get pods -l type=composercli --no-headers --field-selector=status.phase=Running
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  register: podstatus
+  until: podstatus.stdout_lines | length == 1
+  retries: 10
+  delay: 5
+
+- name: Clean composer root
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli
+    -- /bin/rm -rf /home/composer/.composer/{{ item }}
+  with_items:
+    - "cards"
+    - "client-data"
+    - "*Admin*"
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  tags: "cleanroot"
+
+- name: Create cards for admins
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer card create
+    -p /fabriccerts/keyfiles/{{ item }}/connection.json
+    -c /fabriccerts/keyfiles/{{ item }}/users/Admin@{{ item }}/msp/admincerts/Admin@{{ item }}-cert.pem
+    -k /fabriccerts/keyfiles/{{ item }}/users/Admin@{{ item }}/msp/keystore/admin_private.key
+    -r PeerAdmin -r ChannelAdmin
+    -u PeerAdmin@{{ item }}
+    -f /home/composer/.composer/{{ item }}-PeerAdmin.card
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "createcards"
+
+- name: Import the cards
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer card import
+    -f /home/composer/.composer/{{ item }}-PeerAdmin.card
+    -n PeerAdmin@{{ item }}
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "importcards"
+
+- name: Runtime install
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer runtime install
+    -c PeerAdmin@{{ item }} -n {{ networkname }}
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "runtimeinstall"
+
+- name: Request identity
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer identity request
+    -c PeerAdmin@{{ item }}
+    -u {{ fabric.ca.admin }} -s {{ fabric.ca.adminpw }}
+    -d /home/composer/.composer/{{ item }}Admin
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "requestidentity"
+
+- name: Start network
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer network start
+    -c PeerAdmin@{{ peerorgs[0] }}
+    -a /fabriccerts/keyfiles/{{ networkname }}.bna {{ alladmin }}
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  tags: "startnetwork"
+
+- name: Create admin business cards
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer card create
+    -p /fabriccerts/keyfiles/{{ item }}/connection.json
+    -u {{ item }}Admin -n {{ networkname }}
+    -c /home/composer/.composer/{{ item }}Admin/admin-pub.pem
+    -k /home/composer/.composer/{{ item }}Admin/admin-priv.pem
+    -f /home/composer/.composer/{{ item}}Admin/{{ item }}-{{ networkname }}-Admin.card
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "createadmincards"
+
+- name: Import the admin cards
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer card import
+    -f /home/composer/.composer/{{ item }}Admin/{{ item }}-{{ networkname }}-Admin.card
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "importadmincards"
+
+- name: Ping network
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec composercli -- composer network ping
+    -c {{ item }}Admin@{{ networkname }}
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items: "{{ peerorgs }}"
+  tags: "pingnetwork"
+
+- name: Start composer playground pod and service
+  command: >-
+    ./kubectl --kubeconfig kubeconfig apply -f ../run/composerplayground.yaml
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  tags: "startupplayground"
diff --git a/src/agent/ansible/roles/deploy_k8s/composersetup/tasks/destroy.yml b/src/agent/ansible/roles/deploy_k8s/composersetup/tasks/destroy.yml
@@ -0,0 +1,17 @@
+---
+- name: Reuse common code
+  include_tasks: "{{ playbook_dir }}/../common/config_apply.yml"
+
+- meta: end_play
+  when: (allorderers | default([]) | length == 0) or (allpeers | default([]) | length == 0)
+
+- name: Remove composer cli pod
+  command: >-
+    ./kubectl --kubeconfig=kubeconfig delete -f ../run/{{ item }}
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  with_items:
+    - composercli.yaml
+    - composerplayground.yaml
+  when: (allorderers | length > 0) and (allpeers | length > 0)
+  tags: "composerdown"
diff --git a/src/agent/ansible/roles/deploy_k8s/composersetup/templates/composercli.j2 b/src/agent/ansible/roles/deploy_k8s/composersetup/templates/composercli.j2
@@ -0,0 +1,24 @@
+---
+kind: Pod
+apiVersion: v1
+metadata:
+  name: composercli
+  labels:
+    type: composercli
+spec:
+  volumes:
+    - name: task-pv-storage
+      persistentVolumeClaim:
+       claimName: fabriccerts
+  containers:
+    - name: composercli
+      image: hyperledger/composer-cli:next
+      command: ["sleep"]
+      args:
+        - "3000"
+      volumeMounts:
+        - mountPath: "/fabriccerts"
+          name: task-pv-storage
+        - mountPath: "/home/composer/.composer"
+          name: task-pv-storage
+          subPath: fabriccerts/.composer
diff --git a/src/agent/ansible/roles/deploy_k8s/composersetup/templates/composerplayground.j2 b/src/agent/ansible/roles/deploy_k8s/composersetup/templates/composerplayground.j2
@@ -0,0 +1,36 @@
+---
+kind: Pod
+apiVersion: v1
+metadata:
+  name: composerplayground
+  labels:
+    k8s-app: composerplayground
+    type: composerplayground
+spec:
+  volumes:
+    - name: task-pv-storage
+      persistentVolumeClaim:
+       claimName: fabriccerts
+  containers:
+    - name: composerplayground
+      image: hyperledger/composer-playground:next
+      volumeMounts:
+        - mountPath: "/fabriccerts"
+          name: task-pv-storage
+        - mountPath: "/home/composer/.composer"
+          name: task-pv-storage
+          subPath: fabriccerts/.composer
+---
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: composerplayground
+  name: composerplayground
+spec:
+  selector:
+    k8s-app: composerplayground
+  type: NodePort
+  ports:
+    - name: port1
+      port: 8080
diff --git a/src/agent/ansible/roles/deploy_k8s/fabricsetup/tasks/apply.yml b/src/agent/ansible/roles/deploy_k8s/fabricsetup/tasks/apply.yml
@@ -125,6 +125,14 @@
     chdir: "{{ playbook_dir }}/../../vars/"
   tags: "untarcerts"
 
+- name: Change certs permissions
+  command: >-
+    ./kubectl --kubeconfig kubeconfig exec fabriccertspod -c task-pv-container
+    -- chmod -R o+rw /fabriccerts
+  args:
+    chdir: "{{ playbook_dir }}/../../vars/"
+  tags: "changecertspermission"
+
 - name: Removing the certs pod
   command: >-
     ./kubectl --kubeconfig kubeconfig delete -f ../run/certssetup.yaml

diff --git a/src/agent/ansible/roles/deploy_k8s/plays.yml b/src/agent/ansible/roles/deploy_k8s/plays.yml
@@ -31,3 +31,14 @@
   tasks:
     - include: "fabricsetup/tasks/{{ mode }}.yml"
   tags: "fabricsetup"
+
+- name: setup composer
+  hosts: cloud
+  connection: local
+  become: true
+  become_user: root
+  vars_files:
+    - "./../../vars/{{ env }}.yml"
+  tasks:
+    - include: "composersetup/tasks/{{ mode }}.yml"
+  tags: "composersetup"