separated sites, added local auth for UI
This commit is contained in:
parent
492c11ce61
commit
c69b192c41
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
target_path: /tmp/conductor_stack
|
target_path: "/tmp/conductor_stack"
|
||||||
conductor_network: conductor-network
|
conductor_network: conductor-network
|
||||||
conductor_db: postgres
|
conductor_db: postgres
|
||||||
init_db: True
|
init_db: True
|
||||||
|
|
|
@ -4,6 +4,11 @@
|
||||||
src: templates/conductor-swarm.yaml.j2
|
src: templates/conductor-swarm.yaml.j2
|
||||||
dest: "{{ target_path }}/conductor-swarm.yaml"
|
dest: "{{ target_path }}/conductor-swarm.yaml"
|
||||||
|
|
||||||
|
- name: Generate auth config
|
||||||
|
template:
|
||||||
|
src: templates/auth.cfg.j2
|
||||||
|
dest: "{{ target_path }}/auth.cfg"
|
||||||
|
|
||||||
- name: Generate conductor config from dynomite seeds
|
- name: Generate conductor config from dynomite seeds
|
||||||
when: conductor_db is defined and conductor_db == 'dynomite'
|
when: conductor_db is defined and conductor_db == 'dynomite'
|
||||||
vars:
|
vars:
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
{
|
||||||
|
"strategy": "local",
|
||||||
|
"strategySettings":{
|
||||||
|
"users": {
|
||||||
|
"admin": {
|
||||||
|
"hash": "098039dd5e84e486f83eadefc31ce038ccc90d6d62323528181049371c9460b4",
|
||||||
|
"salt": "salt",
|
||||||
|
"displayName": "Admin",
|
||||||
|
"email": "marco.lettere@nubisware.com",
|
||||||
|
"roles": [ "admin", "viewer" ]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"audit": true,
|
||||||
|
"acl": [
|
||||||
|
"POST /(.*) admin",
|
||||||
|
"PUT /(.*) admin",
|
||||||
|
"DELETE /(.*) admin",
|
||||||
|
"GET /api/(.*) viewer",
|
||||||
|
"GET /(.*) *"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
|
@ -39,6 +39,7 @@ services:
|
||||||
conductor-ui:
|
conductor-ui:
|
||||||
environment:
|
environment:
|
||||||
- WF_SERVER=http://conductor-server:8080/api/
|
- WF_SERVER=http://conductor-server:8080/api/
|
||||||
|
- AUTH_CONFIG_PATH=/app/config/auth.config
|
||||||
image: nubisware/conductor-ui
|
image: nubisware/conductor-ui
|
||||||
networks:
|
networks:
|
||||||
- {{ conductor_network }}
|
- {{ conductor_network }}
|
||||||
|
@ -49,6 +50,9 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- "5000:5000"
|
- "5000:5000"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
configs:
|
||||||
|
- source: auth-config
|
||||||
|
target: /app/config/auth.config
|
||||||
deploy:
|
deploy:
|
||||||
mode: replicated
|
mode: replicated
|
||||||
replicas: {{ conductor_replicas }}
|
replicas: {{ conductor_replicas }}
|
||||||
|
@ -73,3 +77,5 @@ networks:
|
||||||
configs:
|
configs:
|
||||||
swarm-config:
|
swarm-config:
|
||||||
file: ./{{ conductor_config }}
|
file: ./{{ conductor_config }}
|
||||||
|
auth-config:
|
||||||
|
file: ./auth.cfg
|
||||||
|
|
|
@ -9,14 +9,6 @@ postgres_jdbc_pass: password
|
||||||
postgres_jdbc_db: conductor
|
postgres_jdbc_db: conductor
|
||||||
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ mysql_jdbc_db }}
|
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ mysql_jdbc_db }}
|
||||||
|
|
||||||
postgres_host_name: 'postgresql-srv.d4science.org'
|
|
||||||
postgres_replicas: 1
|
|
||||||
postgres_conductor_db: postgres
|
|
||||||
postgres_jdbc_user: conductor_u
|
|
||||||
postgres_jdbc_pass: c36dda661add7c2b5093087ddb655992
|
|
||||||
postgres_jdbc_db: conductor
|
|
||||||
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ mysql_jdbc_db }}
|
|
||||||
|
|
||||||
mysql_image_name: 'mariadb'
|
mysql_image_name: 'mariadb'
|
||||||
mysql_service_name: 'mysqldb'
|
mysql_service_name: 'mysqldb'
|
||||||
mysql_replicas: 1
|
mysql_replicas: 1
|
||||||
|
|
|
@ -3,7 +3,7 @@ use_jdbc: True
|
||||||
postgres_service_name: 'postgresdb'
|
postgres_service_name: 'postgresdb'
|
||||||
postgres_replicas: 1
|
postgres_replicas: 1
|
||||||
conductor_db: postgres
|
conductor_db: postgres
|
||||||
jdbc_user: conductor
|
postgres_jdbc_user: conductor
|
||||||
jdbc_pass: password
|
postgres_jdbc_pass: password
|
||||||
jdbc_db: conductor
|
postgres_jdbc_db: conductor
|
||||||
jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ postgres_jdbc_db }}
|
postgres_jdbc_url: jdbc:postgresql://{{ postgres_service_name }}:5432/{{ postgres_jdbc_db }}
|
||||||
|
|
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
- hosts: dev_infra
|
||||||
|
vars:
|
||||||
|
cluster_check: true
|
||||||
|
infrastructure: dev
|
||||||
|
conductor_workers_server: http://conductor-server:8080/api
|
||||||
|
roles:
|
||||||
|
- common
|
||||||
|
- databases
|
||||||
|
- conductor
|
||||||
|
- workers
|
||||||
|
- cluster-replacement
|
||||||
|
tasks:
|
||||||
|
- name: Start {{ db|default('postgres', true) }} and es
|
||||||
|
docker_stack:
|
||||||
|
name: 'conductor-{{ infrastructure }}'
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/{{ db|default('postgres', true) }}-swarm.yaml"
|
||||||
|
- "{{ target_path }}/elasticsearch-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Waiting for databases
|
||||||
|
pause:
|
||||||
|
seconds: 20
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Start conductor
|
||||||
|
docker_stack:
|
||||||
|
name: "conductor-{{ infrastructure }}"
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/conductor-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Start haproxy
|
||||||
|
docker_stack:
|
||||||
|
name: 'conductor-{{ infrastructure }}'
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/haproxy-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Start workers
|
||||||
|
docker_stack:
|
||||||
|
name: "conductor-{{ infrastructure }}"
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/conductor-workers-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
|
@ -0,0 +1,44 @@
|
||||||
|
---
|
||||||
|
- hosts: pre_infra
|
||||||
|
vars_files:
|
||||||
|
- roles/external-postgres/defaults/vault_main.yaml
|
||||||
|
vars:
|
||||||
|
cluster_check: true
|
||||||
|
infrastructure: pre
|
||||||
|
conductor_workers_server: http://conductor-server:8080/api
|
||||||
|
roles:
|
||||||
|
- common
|
||||||
|
- databases
|
||||||
|
- cluster-replacement
|
||||||
|
- conductor
|
||||||
|
- workers
|
||||||
|
tasks:
|
||||||
|
- name: Start {{ db|default('postgres', true) }} and es
|
||||||
|
docker_stack:
|
||||||
|
name: 'conductor-{{ infrastructure }}'
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/{{ db|default('postgres', true) }}-swarm.yaml"
|
||||||
|
- "{{ target_path }}/elasticsearch-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Waiting for databases
|
||||||
|
pause:
|
||||||
|
seconds: 20
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Start conductor
|
||||||
|
docker_stack:
|
||||||
|
name: "conductor-{{ infrastructure }}"
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/conductor-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
||||||
|
|
||||||
|
- name: Start workers
|
||||||
|
docker_stack:
|
||||||
|
name: "conductor-{{ infrastructure }}"
|
||||||
|
state: present
|
||||||
|
compose:
|
||||||
|
- "{{ target_path }}/conductor-workers-swarm.yaml"
|
||||||
|
when: dry is not defined or not dry|bool
|
Loading…
Reference in New Issue