You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by da...@apache.org on 2019/12/10 19:21:58 UTC

[couchdb-infra-cm] 03/03: Add new roles and provision playbooks

This is an automated email from the ASF dual-hosted git repository.

davisp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb-infra-cm.git

commit 731dd9c716fc552145f80627cb1b42b85d961983
Author: Paul J. Davis <pa...@gmail.com>
AuthorDate: Wed Aug 14 14:09:34 2019 -0500

    Add new roles and provision playbooks
---
 README.md                     | 17 +++++++++++++
 ci_agents.yml                 |  5 ++++
 group_vars/all.yaml           |  1 +
 provision.yml                 | 30 +++++++++++++++++++++++
 roles/ci_agent/tasks/main.yml | 55 +++++++++++++++++++++++++++++++++++++++++++
 roles/common/tasks/main.yml   | 29 +++++++++++++++++++++++
 6 files changed, 137 insertions(+)

diff --git a/README.md b/README.md
index 82a2d52..3eac5aa 100644
--- a/README.md
+++ b/README.md
@@ -20,3 +20,20 @@ Create a `~/.couchdb-infra-cm.cfg` file that contains the following options:
     api_key = <REDACTED>
 
 Then simply run the script which will dump the current inventory to stdout. Redirect the output to whatever filename you so desire.
+
+Provisioning a Node
+---
+
+First, create a new VM of the desired type using whatever means necessary to have root SSH access along with a public IP address (or at least, some method that can be configured into Ansible though you're on your own at this point).
+
+Then run:
+
+    ansible-playbook -i W.X.Y.Z, provision.yml
+
+*Note:* Make sure to include the trailing comma (,) in the -i argument or you'll get an error about not being able to parse the inventory.
+
+Once this has run and you have updated the `production` inventory file (See the section above on generating inventory files) in this directory you can then run:
+
+    ansible-playbook -i production ci_agents.yml
+
+And the node will be configured as a new CI agent.
\ No newline at end of file
diff --git a/ci_agents.yml b/ci_agents.yml
new file mode 100644
index 0000000..8278f40
--- /dev/null
+++ b/ci_agents.yml
@@ -0,0 +1,5 @@
+---
+- hosts: ci_agents
+  roles:
+    - common
+    - ci_agent
\ No newline at end of file
diff --git a/group_vars/all.yaml b/group_vars/all.yaml
new file mode 100644
index 0000000..3e9e888
--- /dev/null
+++ b/group_vars/all.yaml
@@ -0,0 +1 @@
+ansible_ssh_user: couchdb
diff --git a/provision.yml b/provision.yml
new file mode 100644
index 0000000..24e54af
--- /dev/null
+++ b/provision.yml
@@ -0,0 +1,30 @@
+---
+- hosts: all
+  vars:
+    ansible_ssh_user: root
+  tasks:
+  - name: Add user couchdb
+    user:
+      name: couchdb
+      state: present
+      shell: /bin/bash
+
+  - name: Make sure sudo is installed
+    apt:
+      name: sudo
+      state: latest
+
+  - name: Grant sudo access to couchdb user
+    copy:
+      content: 'couchdb ALL=(ALL) NOPASSWD:ALL'
+      dest: /etc/sudoers.d/couchdb
+      mode: 0440
+
+  - name: Allow CouchDB Infra access to couchdb user
+    authorized_key:
+      user: couchdb
+      state: present
+      key: "{{ item }}"
+    with_items:
+      - https://github.com/davisp.keys
+      - https://github.com/wohali.keys
\ No newline at end of file
diff --git a/roles/ci_agent/tasks/main.yml b/roles/ci_agent/tasks/main.yml
new file mode 100644
index 0000000..edf6791
--- /dev/null
+++ b/roles/ci_agent/tasks/main.yml
@@ -0,0 +1,55 @@
+- name: Install Docker gpg key for Apt
+  become: yes
+  apt_key:
+    url: https://download.docker.com/linux/debian/gpg
+    state: present
+
+- name: Setup Docker Apt repository
+  become: yes
+  apt_repository:
+    repo: deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
+    filename: docker
+    state: present
+
+- name: Install Docker Packages
+  become: yes
+  apt:
+    name: "{{ packages }}"
+  vars:
+    packages:
+      - containerd.io
+      - docker-ce
+      - docker-ce-cli
+
+- name: Install multi-architecture support for Docker
+  become: yes
+  apt:
+    name: "{{ packages }}"
+    state: latest
+  vars:
+    packages:
+      - binfmt-support
+      - qemu
+      - qemu-user-static
+
+- name: Install Java 8
+  become: yes
+  apt:
+    name: "{{ packages }}"
+    state: latest
+  vars:
+    packages:
+      - openjdk-8-jre-headless
+
+# Copy infra script to delete old docker images
+# Add cron to run docker deleter script
+
+# Add jenkins user with specific uid
+# Write script to download a jar and run it
+# Install script as runit service
+
+# Figure out how to configure the password things required
+# for running the jar bits
+
+# Figure out if our Java agent requires all the jars
+# and tooling I saw in the docs (ant, maven, multiple jvms, etc)
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
new file mode 100644
index 0000000..edd83cc
--- /dev/null
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,29 @@
+- name: Install basic ubiquitous packages
+  become: yes
+  apt:
+    name: "{{ packages }}"
+    state: latest
+    update_cache: yes
+    cache_valid_time: 3600
+  vars:
+    packages:
+      - apt-transport-https
+      - atop
+      - ca-certificates
+      - curl
+      - git
+      - gnupg2
+      - iftop
+      - iperf3
+      - mtr-tiny
+      - nload
+      - python3
+      - runit
+      - runit-systemd
+      - screen
+      - software-properties-common
+      - strace
+      - tcpdump
+      - tmux
+      - vim
+      - wget