fedora-infra / ansible

Clone
Source Code
GIT

#474 debuginfod: initial ansible/openshift work
Merged 4 years ago by pingou. Opened 4 years ago by fche.
fedora-infra/ fche/ansible main  into  main

file added
+57 
@@ -0,0 +1,57 @@ 
 

+ - name: make the app be real
 

+   hosts: os_masters_stg[0]
 

+   user: root
 

+   gather_facts: False
 

+ 

+   vars_files:
 

+   - /srv/web/infra/ansible/vars/global.yml
 

+   - "/srv/private/ansible/vars.yml"
 

+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
 

+ 

+   roles:
 

+   - role: openshift/project
 

+     app: debuginfod
 

+     description: Fedora debuginfod server
 

+     appowners:
 

+     - fche
 

+     - amerey
 

+     - pingou
 

+     tags:
 

+     - apply-appowners
 

+            

+   - role: openshift/object
 

+     app: debuginfod
 

+     file: buildconfig.yml
 

+     objectname: buildconfig.yml
 

+     

+   - role: openshift/object
 

+     app: debuginfod
 

+     file: imagestream.yml
 

+     objectname: imagestream.yml
 

+     

+   - role: openshift/object
 

+     app: debuginfod
 

+     file: service.yml
 

+     objectname: service.yml
 

+ 

+   - role: openshift/object
 

+     app: debuginfod
 

+     template: storage.yml
 

+     objectname: storage.yml
 

+ 

+   - role: openshift/route
 

+     app: debuginfod
 

+     routename: debuginfod
 

+     host: "debuginfod{{ env_suffix }}.fedoraproject.org"
 

+     serviceport: 8002-tcp
 

+     servicename: debuginfod
 

+ 

+   - role: openshift/start-build
 

+     app: debuginfod
 

+     buildname: debuginfod-build
 

+     objectname: debuginfod-build
 

+ 

+   - role: openshift/object
 

+     app: debuginfod
 

+     template: deploymentconfig.yml
 

+     objectname: deploymentconfig.yml

file added
+33 
@@ -0,0 +1,33 @@ 
 

+ apiVersion: v1
 

+ items:
 

+ - apiVersion: v1
 

+   kind: BuildConfig
 

+   metadata:
 

+     labels:
 

+       build: debuginfod-build
 

+     name: debuginfod-build
 

+   spec:
 

+     runPolicy: Serial
 

+     source:
 

+       dockerfile: |-

Just an FYI, you can also have the dockerfile outside of the yaml file if you like.
We use this macro to do it: https://pagure.io/fedora-infra/ansible/blob/499b6397b23a49ff4eb3484b7657b154a41c7f23/f/roles/openshift-apps/fedocal/templates/configmap.yml#_8

 
+         FROM fedora:33
 

+         LABEL \
 

+           maintainer="Frank Ch. Eigler <fche@redhat.com>" \
 

+           name="debuginfod" \
 

+           vendor="Fedora Infrastructure"
 

+         WORKDIR /
 

+         EXPOSE 8002
 

+         RUN dnf -y install bsdtar elfutils-debuginfod && \
 

+             dnf autoremove -y
 

+       type: Dockerfile
 

+     strategy:
 

+       type: Docker
 

+     output:
 

+       to:
 

+         kind: ImageStreamTag
 

+         name: debuginfod:latest
 

+     triggers:
 

+     - type: ConfigChange
 

+     - type: ImageChange
 

+ kind: List
 

+ metadata: {}

file added
+10 
@@ -0,0 +1,10 @@ 
 

+ apiVersion: v1
 

+ items:
 

+ - apiVersion: v1
 

+   kind: ImageStream
 

+   metadata:
 

+     name: debuginfod
 

+     labels:
 

+       build: debuginfod
 

+ kind: List
 

+ metadata: {}

file added
+14 
@@ -0,0 +1,14 @@ 
 

+ apiVersion: v1
 

+ kind: Route
 

+ metadata:
 

+   name: debuginfod
 

+   labels:
 

+     app: debuginfod
 

+ spec:
 

+   host: debuginfod.fedoraproject.org
 

+   to:
 

+     kind: Service
 

+     name: debuginfod
 

+   tls:
 

+     termination: edge
 

+     insecureEdgeTerminationPolicy: Redirect

file added
+15 
@@ -0,0 +1,15 @@ 
 

+ apiVersion: v1
 

+ kind: Service
 

+ metadata:
 

+   labels:
 

+     app: debuginfod
 

+   name: debuginfod
 

+ spec:
 

+   ports:
 

+   - name: http
 

+     port: 8002
 

+     protocol: TCP
 

+     targetPort: 8002

Do we want both ports to be 8002?

 
+   selector:
 

+     app: debuginfod
 

+     deploymentconfig: debuginfod

file added
+80 
@@ -0,0 +1,80 @@ 
 

+ ---
 

+ apiVersion: v1
 

+ kind: DeploymentConfig
 

+ metadata:
 

+   name: debuginfod
 

+   labels:
 

+     app: debuginfod
 

+ spec:
 

+   replicas: 1
 

+   selector:
 

+     app: debuginfod
 

+     deploymentconfig: debuginfod
 

+   strategy:
 

+     type: Recreate
 

+   template:
 

+     metadata:
 

+       labels:
 

+         app: debuginfod
 

+         deploymentconfig: debuginfod
 

+     spec:
 

+       selector:
 

+         app: debuginfod
 

+         deploymentconfig: debuginfod
 

+       containers:
 

+       - name: debuginfod
 

+         image: debuginfod:latest
 

+         command: ["/usr/bin/debuginfod",
 

+                   "-vvv",
 

+                   "-d", "/var/cache/debuginfod/db.sqlite",
 

+                   "-c", "8",
 

+                   "-t", "3600",
 

+                   "-g", "604800",
 

+                   # exclude signed etc. variants, just want original RPMs
 

+                   "-X", "/data/",
 

+                   "-R", "/mnt/koji/packages",
 

+                   "-I", "\\.fc(30|31|32|33|34|35)\\..*\\.rpm$"]
 

+         ports:
 

+         - containerPort: 8002
 

+         resources:
 

+           requests:
 

+             memory: 24000Mi
 

+             cpu: 8000m
 

+         volumeMounts:
 

+          - name: debuginfod-storage{{ '-stg' if env == 'staging' else '' }}
 

+            mountPath: /var/cache/debuginfod
 

+            readOnly: false
 

+          - name: fedora-koji
 

+            mountPath: /mnt
 

+            readOnly: true
 

+         readinessProbe:
 

+           timeoutSeconds: 1
 

+           initialDelaySeconds: 30
 

+           httpGet:
 

+             path: /metrics
 

+             port: 8002
 

+         livenessProbe:
 

+           timeoutSeconds: 1
 

+           initialDelaySeconds: 30
 

+           periodSeconds: 30
 

+           httpGet:
 

+             path: /metrics
 

+             port: 8002
 

+       volumes:
 

+       - name: debuginfod-volume
 

+         persistentVolumeClaim:
 

+           claimName: debuginfod-volume
 

+       - name: koji-volume
 

+         persistentVolumeClaim:
 

+           claimName: koji-volume
 

+   triggers:
 

+   - type: ConfigChange
 

+   - type: ImageChange
 

+     imageChangeParams:
 

+       automatic: true
 

+       containerNames: ["debuginfod"]
 

+       from:
 

+         kind: ImageStreamTag
 

+         name: debuginfod:latest
 

+ 

+

file added
+26 
@@ -0,0 +1,26 @@ 
 

+ ---
 

+ apiVersion: v1
 

+ kind: PersistentVolumeClaim
 

+ metadata:
 

+   name: koji-volume
 

+ spec:
 

+   storageClassName: ""
 

+   accessModes:
 

+     - ReadOnlyMany
 

+   resources:
 

+     requests:
 

+       storage: 1Mi
 

+   volumeName: koji-volume
 

+ ---
 

+ apiVersion: v1
 

+ kind: PersistentVolumeClaim
 

+ metadata:
 

+   name: debuginfod-storage{{ '-stg' if env == 'staging' else '' }}
 

+ spec:
 

+   storageClassName: ""
 

+   accessModes:
 

+     - ReadWriteOnce
 

+   resources:
 

+     requests:
 

+       storage: 300Gi
 

+   volumeName: debuginfod-storage{{ '-stg' if env == 'staging' else '' }}

This is a draft of the debuginfod.fedoraproject.org openshift gadget. It's based on a vanilla base f33 image with one or two extra packages loaded. It's limited to a toy set of RPMs for initial testing.

I've only been able to test locally the openshift aspects, without ansible nor access to the real fedora dns / koji stuff.
See also https://pagure.io/fedora-infrastructure/issue/9715

Build succeeded.

1 new commit added

  • debuginfod: tweak yml indentation based on bot build warnings
4 years ago

Build succeeded.

let's not include os_masters[0] for now, this way we're sure to only interact with staging, there is no risk of deploying to prod too early :)

Could you add me there as well? I would help me help you :)

Just an FYI, you can also have the dockerfile outside of the yaml file if you like.
We use this macro to do it: https://pagure.io/fedora-infra/ansible/blob/499b6397b23a49ff4eb3484b7657b154a41c7f23/f/roles/openshift-apps/fedocal/templates/configmap.yml#_8

Few small things but looks good overall :)

Nice work!

1 new commit added

  • debuginfod: review comments
4 years ago

Build succeeded.

ok. I created the volumes in staging:

fedora-koji 1000Gi ROX Retain Available 6m
debuginfod-storage-stg 5Gi RWX Retain Available 5s

Can you adjust to those names for your pvcs? then we can merge this and I can set you up perms to run the playbook, or I can just run it for you... :)

1 new commit added

  • debuginfod: almost ready for -stg
4 years ago

Build succeeded.

1 new commit added

  • debuginfod: typo fix on PV storage name
4 years ago

Build succeeded.

1 new commit added

  • debuginfod: follow storage PV rename into PVC objects
4 years ago

1 new commit added

  • debuginfod: follow storage PV rename into PVC objects
4 years ago

Build succeeded.

rebased onto 496735b
4 years ago

Build succeeded.

Do we want both ports to be 8002?

The service port vs. the container's port? It doesn't really matter, openshift will relay incoming http/s to them.

The service port vs. the container's port? It doesn't really matter, openshift will relay incoming http/s to them.

Okido :)

Let's get this in and I'll start working on giving you the access to run it :)

Pull-Request has been merged by pingou
4 years ago
Metadata
None
No Tags
Changes Summary 7
+57
file added
playbooks/openshift-apps/debuginfod.yml
+33
file added
roles/openshift-apps/debuginfod/files/buildconfig.yml
+10
file added
roles/openshift-apps/debuginfod/files/imagestream.yml
+14
file added
roles/openshift-apps/debuginfod/files/route.yml
+15
file added
roles/openshift-apps/debuginfod/files/service.yml
+80
file added
roles/openshift-apps/debuginfod/templates/deploymentconfig.yml
+26
file added
roles/openshift-apps/debuginfod/templates/storage.yml
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.