From f6f5fc4fdba4cb36f600d9f13c65ca27ec003b89 Mon Sep 17 00:00:00 2001 From: Samuli Silvius Date: Wed, 13 Feb 2019 11:00:39 +0200 Subject: Re-factor nexus role to streamline playbook Move nexus functionality into nexus role from infrastructure playbook. This will make role easier to test and make it easier to implement other OS support later. Issue-ID: OOM-1653 Change-Id: I1af2bfef5aa4d6c7b819f5fc40f95c6e8303598c Signed-off-by: Samuli Silvius --- ansible/group_vars/all.yml | 10 ++++++--- ansible/infrastructure.yml | 28 +------------------------- ansible/roles/nexus/defaults/main.yml | 8 ++++++-- ansible/roles/nexus/tasks/configure.yml | 6 +++--- ansible/roles/nexus/tasks/insert-images.yml | 3 ++- ansible/roles/nexus/tasks/install.yml | 14 ++++++++++++- ansible/roles/nexus/tasks/main.yml | 9 ++++++++- ansible/roles/nexus/tasks/runtime-populate.yml | 1 - ansible/roles/nexus/vars/main.yml | 1 + ansible/roles/nginx/templates/nginx.conf.j2 | 15 +++++--------- 10 files changed, 46 insertions(+), 49 deletions(-) (limited to 'ansible') diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index cd8c7f58..318b88d9 100755 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -78,13 +78,17 @@ app_name: # prebuilt nexus blob in installation time. # Component name must match with tar filename! # e.g. -# aaa-component-0.0.1.tar is expected in aux_data_path for aaa-component image +# aaa/bbb-component-0.0.1.tar are expected in aux_data_path for component images. #runtime_images: -# aaa-component-0.0.1: +# aaa-component-0.0.1: # registry: "nexus3.onap.org:10001" # path: "/onap/components/aaa-component" # tag: "latest" -runtime_images: +# bbb-component-0.0.1: +# registry: "nexus3.onap.org:10001" +# path: "/onap/components/bbb-component" +# tag: "latest" +runtime_images: {} ############################### # Application specific params # diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml index e4715a9c..fd30c482 100644 --- a/ansible/infrastructure.yml +++ b/ansible/infrastructure.yml @@ -34,34 +34,8 @@ - docker - dns - vncserver - - role: nexus - vars: - phase: install - nginx - tasks: - - name: "wait for nexus to come up" - uri: - url: "{{ nexus_url }}/service/metrics/healthcheck" - user: admin - password: admin123 - force_basic_auth: yes - method: GET - register: nexus_wait - until: not nexus_wait.failed - retries: 30 - delay: 10 - -- name: Nexus changes in runtime - hosts: infrastructure - roles: - - role: nexus - vars: - phase: configure - when: populate_nexus | bool - - role: nexus - vars: - phase: runtime-populate - when: runtime_images is defined and runtime_images is not none + - nexus - name: Setup base for Kubernetes nodes hosts: kubernetes diff --git a/ansible/roles/nexus/defaults/main.yml b/ansible/roles/nexus/defaults/main.yml index 57a79f95..3776f44e 100644 --- a/ansible/roles/nexus/defaults/main.yml +++ b/ansible/roles/nexus/defaults/main.yml @@ -1,2 +1,6 @@ -#Defaults to install, can be set to configure. -phase: install +--- +# By default prepopulated nexus binary blob used. +populate_nexus: false +# By dafault no additional docker images pushed to nexus at runtime +# but all images are pre-populated either at buildtime or at install time (populate_nexus). +runtime_images: {} diff --git a/ansible/roles/nexus/tasks/configure.yml b/ansible/roles/nexus/tasks/configure.yml index 66712d8f..7e6c20e0 100644 --- a/ansible/roles/nexus/tasks/configure.yml +++ b/ansible/roles/nexus/tasks/configure.yml @@ -3,7 +3,7 @@ uri: url: "{{ nexus_url }}/service/rest/v1/script/configure" method: GET - force_basic_auth: yes + force_basic_auth: true user: admin password: admin123 status_code: [200, 404] @@ -13,7 +13,7 @@ uri: url: "{{ nexus_url }}/service/rest/v1/script" method: POST - force_basic_auth: yes + force_basic_auth: true user: admin password: admin123 body_format: json @@ -26,7 +26,7 @@ uri: url: "{{ nexus_url }}/service/rest/v1/script/configure/run" method: POST - force_basic_auth: yes + force_basic_auth: true user: admin password: admin123 body_format: raw diff --git a/ansible/roles/nexus/tasks/insert-images.yml b/ansible/roles/nexus/tasks/insert-images.yml index fb8d7d82..f71d6990 100644 --- a/ansible/roles/nexus/tasks/insert-images.yml +++ b/ansible/roles/nexus/tasks/insert-images.yml @@ -14,6 +14,7 @@ docker_image: name: "{{ runtime_images[component].registry }}{{ runtime_images[component].path }}" tag: "{{ runtime_images[component].tag }}" - push: yes + push: true load_path: "{{ item.path }}" timeout: 120 + changed_when: false # for idenpotence diff --git a/ansible/roles/nexus/tasks/install.yml b/ansible/roles/nexus/tasks/install.yml index 1756b708..99d73dce 100644 --- a/ansible/roles/nexus/tasks/install.yml +++ b/ansible/roles/nexus/tasks/install.yml @@ -4,7 +4,7 @@ path: "{{ app_data_path }}/nexus_data" owner: 200 group: 200 - recurse: yes + recurse: true - name: Load nexus image docker_image: @@ -28,3 +28,15 @@ - "{{ app_data_path }}/nexus_data:/nexus-data:rw" state: started restart_policy: unless-stopped + +- name: Wait for nexus to come up + uri: + url: "{{ nexus_url }}/service/metrics/healthcheck" + user: admin + password: admin123 + force_basic_auth: true + method: GET + retries: 30 + delay: 10 + register: nexus_wait + until: not nexus_wait.failed diff --git a/ansible/roles/nexus/tasks/main.yml b/ansible/roles/nexus/tasks/main.yml index c5905b13..c1d83515 100644 --- a/ansible/roles/nexus/tasks/main.yml +++ b/ansible/roles/nexus/tasks/main.yml @@ -1,2 +1,9 @@ --- -- include_tasks: "{{ phase }}.yml" +- include_tasks: install.yml +- include_tasks: configure.yml + when: populate_nexus | bool +- include_tasks: runtime-populate.yml + when: + - runtime_images is defined + - runtime_images is not none + - runtime_images.keys() | length > 0 diff --git a/ansible/roles/nexus/tasks/runtime-populate.yml b/ansible/roles/nexus/tasks/runtime-populate.yml index e22b650e..ac947ec7 100644 --- a/ansible/roles/nexus/tasks/runtime-populate.yml +++ b/ansible/roles/nexus/tasks/runtime-populate.yml @@ -9,4 +9,3 @@ # need to iterate over those tasks in include - include: "insert-images.yml" with_items: "{{ tar_images.files }}" - diff --git a/ansible/roles/nexus/vars/main.yml b/ansible/roles/nexus/vars/main.yml index 63944161..5ec51869 100644 --- a/ansible/roles/nexus/vars/main.yml +++ b/ansible/roles/nexus/vars/main.yml @@ -1 +1,2 @@ +--- nexus_url: "https://nexus.{{ hostvars[groups.infrastructure[0]].ansible_nodename }}" diff --git a/ansible/roles/nginx/templates/nginx.conf.j2 b/ansible/roles/nginx/templates/nginx.conf.j2 index fb48565f..ff9d2a9c 100644 --- a/ansible/roles/nginx/templates/nginx.conf.j2 +++ b/ansible/roles/nginx/templates/nginx.conf.j2 @@ -12,14 +12,6 @@ http { proxy_send_timeout 120; proxy_read_timeout 300; - upstream nexus { - server nexus:8081; - } - - upstream registry { - server nexus:8082; - } - # http simulations server { listen 80; @@ -38,6 +30,7 @@ http { # nexus simulations server { + resolver 127.0.0.11 valid=30s; listen 80; listen 443 ssl; server_name {% for host in simulated_hosts.nexus -%} @@ -53,11 +46,13 @@ http { client_max_body_size 3G; location / { + set $upstream_nexus nexus:8081; + set $upstream_registry nexus:8082; # redirect to docker registry if ($http_user_agent ~ docker ) { - proxy_pass http://registry; + proxy_pass http://$upstream_registry; } - proxy_pass http://nexus; + proxy_pass http://$upstream_nexus; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -- cgit 1.2.3-korg