Ansible is only needed on the control machines. No extra software is needed on the managed nodes.
New Server
Create a new CoreOS host following the VirtualBox instructions.
Run the following commands from the control machine:
ansible-playbook -i ansible/inventory ansible/general/setup.yml -l development
ansible-playbook -i ansible/inventory ansible/general/iptables.yml -l development
ansible-playbook -i ansible/inventory ansible/general/certificates_keys_dev.yml
ansible-playbook -i ansible/inventory ansible/services/setup.yml -l development
Specific services (names are self explanatory):
ansible-playbook -i ansible/inventory ansible/services/redis.yml -l development
ansible-playbook -i ansible/inventory ansible/services/captain_restart_orchestrator.yml -l development
ansible-playbook -i ansible/inventory ansible/services/haproxy.yml -l development
New Server
Create a new CoreOS host with the correct cloud config file from the cloud_config directory. Don't forget to change the values between <> before you apply the file. Add the host to Logentries and add the token to the host_vars.
Run the following commands from the control machine:
ansible-playbook -i ansible/inventory ansible/general/setup.yml -l [server-address] -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass
ansible-playbook -i ansible/inventory ansible/general/iptables.yml -l production
ansible-playbook -i ansible/inventory ansible/general/restart.yml -l [server-address] (bug, because else MTU is not set)
ansible-playbook -i ansible/inventory ansible/general/certificates_keys_production.yml -l [server-address] --vault-password-file ./ansible/.vault_pass
ansible-playbook -i ansible/inventory ansible/services/custom_routes.yml -l production
ansible-playbook -i ansible/inventory ansible/services/setup.yml -l [server-address] -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass
You launch new services by the following command.
ansible-playbook -i ansible/inventory ansible/services/[service].yml -l production -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass
Google delivers a .p12 file for Google Cloud communications. For ansible we need to make it a .pem and encrypt it with ansible-vault, upload it and make it a .p12 again. The command to create a .pem from a .p12:
openssl pkcs12 -in google_price_comparator.p12 -out google_price_comparator.pem -nodes
docker run --name mysql_data -e DATA_DIRECTORY="/home/mysql/data/" -e USER_ID="3306" -e GROUP_ID="3306" -v /home/mysql/data/ thedutchselection/data:latest
docker run -d -p 3309:3306 --name mysql -e DATA_DIRECTORY="/home/mysql/data/" --volumes-from mysql_data websend/mysql:5.6
docker run --name mariadb_data -e DATA_DIRECTORY="/home/mysql/data/" -e USER_ID="3306" -e GROUP_ID="3306" -v /home/mysql/data/ thedutchselection/data:latest
docker run -d -p 3309:3306 --name mariadb -e DATA_DIRECTORY="/home/mysql/data/" --volumes-from mariadb_data websend/mariadb:10.1
Vmware fusion port forwarding
Edit [incomingtcp] section in:
/Library/Preferences/VMware Fusion/vmnet8/nat.conf
Check privileges
SELECT host FROM mysql.user WHERE User = 'root';
docker pull websend/jenkins