Public | Automated Build

Last pushed: 6 months ago
Short Description
Short description is empty for this repo.
Full Description

DevOps

Prerequisites

Ansible

Ansible is only needed on the control machines. No extra software is needed on the managed nodes.

Server Operations

Development

New Server

Create a new CoreOS host following the VirtualBox instructions.

Run the following commands from the control machine:

ansible-playbook -i ansible/inventory ansible/general/setup.yml -l development
ansible-playbook -i ansible/inventory ansible/general/iptables.yml -l development
ansible-playbook -i ansible/inventory ansible/general/certificates_keys_dev.yml
ansible-playbook -i ansible/inventory ansible/services/setup.yml -l development

Specific services (names are self explanatory):

ansible-playbook -i ansible/inventory ansible/services/redis.yml -l development
ansible-playbook -i ansible/inventory ansible/services/captain_restart_orchestrator.yml -l development
ansible-playbook -i ansible/inventory ansible/services/haproxy.yml -l development

Production

New Server

Create a new CoreOS host with the correct cloud config file from the cloud_config directory. Don't forget to change the
values between <> before you apply the file. Add the host to Logentries and add the token to the host_vars.

Run the following commands from the control machine:

ansible-playbook -i ansible/inventory ansible/general/setup.yml -l [server-address] -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass
ansible-playbook -i ansible/inventory ansible/general/iptables.yml -l production
ansible-playbook -i ansible/inventory ansible/general/restart.yml -l [server-address] (bug, because else MTU is not set)
ansible-playbook -i ansible/inventory ansible/general/certificates_keys_production.yml -l [server-address] --vault-password-file ./ansible/.vault_pass
ansible-playbook -i ansible/inventory ansible/services/custom_routes.yml -l production
ansible-playbook -i ansible/inventory ansible/services/setup.yml -l [server-address] -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass

Launching services

You launch new services by the following command.

ansible-playbook -i ansible/inventory ansible/services/[service].yml -l production -e @ansible/inventory/group_vars/production_secrets --vault-password-file ./ansible/.vault_pass

.p12 to .pem

Google delivers a .p12 file for Google Cloud communications. For ansible we need to make it a .pem and encrypt it with
ansible-vault, upload it and make it a .p12 again. The command to create a .pem from a .p12:

openssl pkcs12 -in google_price_comparator.p12 -out google_price_comparator.pem -nodes

Docker enzo

Start mysql

docker run --name mysql_data -e DATA_DIRECTORY="/home/mysql/data/" -e USER_ID="3306" -e GROUP_ID="3306" -v /home/mysql/data/ thedutchselection/data:latest
docker run -d -p 3309:3306 --name mysql -e DATA_DIRECTORY="/home/mysql/data/" --volumes-from mysql_data websend/mysql:5.6

Start mariadb

docker run --name mariadb_data -e DATA_DIRECTORY="/home/mysql/data/" -e USER_ID="3306" -e GROUP_ID="3306" -v /home/mysql/data/ thedutchselection/data:latest
docker run -d -p 3309:3306 --name mariadb -e DATA_DIRECTORY="/home/mysql/data/" --volumes-from mariadb_data websend/mariadb:10.1

Misc

Vmware fusion port forwarding

Edit [incomingtcp] section in:

/Library/Preferences/VMware Fusion/vmnet8/nat.conf

Check privileges

SELECT host FROM mysql.user WHERE User = 'root';
Docker Pull Command
Owner
websend
Source Repository