Browse Source

separated sites, added local auth for UI

Conductor-2.x r5.0.0
dcore94 1 year ago
parent
commit
c69b192c41
  1. 2
      roles/common/defaults/main.yaml
  2. 5
      roles/conductor/tasks/main.yaml
  3. 23
      roles/conductor/templates/auth.cfg.j2
  4. 6
      roles/conductor/templates/conductor-swarm.yaml.j2
  5. 8
      roles/databases/defaults/main.yaml
  6. 8
      roles/postgres/defaults/main.yml
  7. 50
      site-dev.yaml
  8. 44
      site-pre.yaml

2
roles/common/defaults/main.yaml

@ -1,5 +1,5 @@
---
target_path: /tmp/conductor_stack
target_path: "/tmp/conductor_stack"
conductor_network: conductor-network
conductor_db: postgres
init_db: True

5
roles/conductor/tasks/main.yaml

@ -4,6 +4,11 @@
src: templates/conductor-swarm.yaml.j2
dest: "{{ target_path }}/conductor-swarm.yaml"
- name: Generate auth config
template:
src: templates/auth.cfg.j2
dest: "{{ target_path }}/auth.cfg"
- name: Generate conductor config from dynomite seeds
when: conductor_db is defined and conductor_db == 'dynomite'
vars:

23
roles/conductor/templates/auth.cfg.j2

@ -0,0 +1,23 @@
{
"strategy": "local",
"strategySettings":{
"users": {
"admin": {
"hash": "098039dd5e84e486f83eadefc31ce038ccc90d6d62323528181049371c9460b4",
"salt": "salt",
"displayName": "Admin",
"email": "marco.lettere@nubisware.com",
"roles": [ "admin", "viewer" ]
}
}
},
"audit": true,
"acl": [
"POST /(.*) admin",
"PUT /(.*) admin",
"DELETE /(.*) admin",
"GET /api/(.*) viewer",
"GET /(.*) *"
]
}

6
roles/conductor/templates/conductor-swarm.yaml.j2

@ -39,6 +39,7 @@ services:
conductor-ui:
environment:
- WF_SERVER=http://conductor-server:8080/api/
- AUTH_CONFIG_PATH=/app/config/auth.config
image: nubisware/conductor-ui
networks:
- {{ conductor_network }}
@ -49,6 +50,9 @@ services:
ports:
- "5000:5000"
{% endif %}
configs:
- source: auth-config
target: /app/config/auth.config
deploy:
mode: replicated
replicas: {{ conductor_replicas }}
@ -73,3 +77,5 @@ networks:
configs:
swarm-config:
file: ./{{ conductor_config }}
auth-config:
file: ./auth.cfg

8
roles/databases/defaults/main.yaml

@ -9,14 +9,6 @@ postgres_jdbc_pass: password
postgres_jdbc_db: conductor
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ mysql_jdbc_db }}
postgres_host_name: 'postgresql-srv.d4science.org'
postgres_replicas: 1
postgres_conductor_db: postgres
postgres_jdbc_user: conductor_u
postgres_jdbc_pass: c36dda661add7c2b5093087ddb655992
postgres_jdbc_db: conductor
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ mysql_jdbc_db }}
mysql_image_name: 'mariadb'
mysql_service_name: 'mysqldb'
mysql_replicas: 1

8
roles/postgres/defaults/main.yml

@ -3,7 +3,7 @@ use_jdbc: True
postgres_service_name: 'postgresdb'
postgres_replicas: 1
conductor_db: postgres
jdbc_user: conductor
jdbc_pass: password
jdbc_db: conductor
jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ postgres_jdbc_db }}
postgres_jdbc_user: conductor
postgres_jdbc_pass: password
postgres_jdbc_db: conductor
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ postgres_jdbc_db }}

50
site-dev.yaml

@ -0,0 +1,50 @@
---
- hosts: dev_infra
vars:
cluster_check: true
infrastructure: dev
conductor_workers_server: http://conductor-server:8080/api
roles:
- common
- databases
- conductor
- workers
- cluster-replacement
tasks:
- name: Start {{ db|default('postgres', true) }} and es
docker_stack:
name: 'conductor-{{ infrastructure }}'
state: present
compose:
- "{{ target_path }}/{{ db|default('postgres', true) }}-swarm.yaml"
- "{{ target_path }}/elasticsearch-swarm.yaml"
when: dry is not defined or not dry|bool
- name: Waiting for databases
pause:
seconds: 20
when: dry is not defined or not dry|bool
- name: Start conductor
docker_stack:
name: "conductor-{{ infrastructure }}"
state: present
compose:
- "{{ target_path }}/conductor-swarm.yaml"
when: dry is not defined or not dry|bool
- name: Start haproxy
docker_stack:
name: 'conductor-{{ infrastructure }}'
state: present
compose:
- "{{ target_path }}/haproxy-swarm.yaml"
when: dry is not defined or not dry|bool
- name: Start workers
docker_stack:
name: "conductor-{{ infrastructure }}"
state: present
compose:
- "{{ target_path }}/conductor-workers-swarm.yaml"
when: dry is not defined or not dry|bool

44
site-pre.yaml

@ -0,0 +1,44 @@
---
- hosts: pre_infra
vars_files:
- roles/external-postgres/defaults/vault_main.yaml
vars:
cluster_check: true
infrastructure: pre
conductor_workers_server: http://conductor-server:8080/api
roles:
- common
- databases
- cluster-replacement
- conductor
- workers
tasks:
- name: Start {{ db|default('postgres', true) }} and es
docker_stack:
name: 'conductor-{{ infrastructure }}'
state: present
compose:
- "{{ target_path }}/{{ db|default('postgres', true) }}-swarm.yaml"
- "{{ target_path }}/elasticsearch-swarm.yaml"
when: dry is not defined or not dry|bool
- name: Waiting for databases
pause:
seconds: 20
when: dry is not defined or not dry|bool
- name: Start conductor
docker_stack:
name: "conductor-{{ infrastructure }}"
state: present
compose:
- "{{ target_path }}/conductor-swarm.yaml"
when: dry is not defined or not dry|bool
- name: Start workers
docker_stack:
name: "conductor-{{ infrastructure }}"
state: present
compose:
- "{{ target_path }}/conductor-workers-swarm.yaml"
when: dry is not defined or not dry|bool
Loading…
Cancel
Save