Loading Vagrantfile +20 −16 Original line number Diff line number Diff line Loading @@ -31,13 +31,18 @@ Vagrant.configure(2) do |config| # Provision the VM with our Ansible playbook config.vm.provision :ansible do |ansible| ansible.playbook = "deploy/ansible/playbook.yml" ansible.config_file = "deploy/ansible/ansible.cfg" ansible.groups = { data: ["default"] } # Configure the datasets from mini-esgf-data # Use group_vars to simulate ansible.extra_vars = { data: { mounts: [{ hostPath: "/test_data", mountPath: "/test_data" }], datasets: [ hostname: "192.168.100.100.nip.io", data_mounts: [ { host_path: "/test_data", mount_path: "/test_data" } ], data_datasets: [ { name: "CMIP5", path: "esg_cmip5", Loading @@ -50,6 +55,5 @@ Vagrant.configure(2) do |config| } ] } } end end ansible.cfgdeleted 120000 → 0 +0 −1 Original line number Diff line number Diff line deploy/ansible/ansible.cfg No newline at end of file deploy/ansible/ansible.cfgdeleted 100644 → 0 +0 −5 Original line number Diff line number Diff line [defaults] # Use the merge behaviour when combining values files # This allows overriding parts of dictionaries, like in Helm, allowing # for less clutter in the global namespace hash_behaviour = merge deploy/ansible/group_vars/all.yml +89 −57 Original line number Diff line number Diff line --- ### # The hostname to use - by default, use the FQDN of the host ### hostname: "{{ ansible_fqdn }}" # Configuration for custom registries that require authentication registries: [] ### # Configuration for private registries that require authentication ### docker_registries: [] # - registry: my.registry.org # username: registryuser # password: registrypassword image_defaults: prefix: esgfdeploy tag: latest pull: true data: ### # Default values used for all images # Each of these values can be overidden on a per-image basis if required ### # The image prefix to use # If using a private registry, change this, e.g. registry.ceda.ac.uk/esgfdeploy image_prefix: esgfdeploy # The image tag to use image_tag: latest # Indicates whether images should be pulled every time the playbook runs # When using mutable tags, like latest or branch names, this should be true # When using immutable tags, like commit shas or release tags, this can be false image_pull: true ### # Data node configuration ### # The mounts that are required to serve data, as defined by the given datasets # # Each specified mount should include the following keys: # # hostPath: The path on the host that should be mounted into the container # mountPath (optional): The mount path to use inside the container - if not given, hostPath is used mounts: [] # - hostPath: /datacentre/archiveroots/archive/badc # mountPath: /badc # host_path: The path on the host that should be mounted into the container # mount_path: The mount path to use inside the container data_mounts: [] # - host_path: /datacentre/archiveroots/archive/badc # mount_path: /badc # The datasets to expose - for each dataset, a THREDDS datasetScan element and an Nginx location are generated # Loading @@ -33,34 +53,46 @@ data: # path: The URL path for the dataset # location: The location of the dataset *inside the container* (see mounts above) # filters (optional): A list of filter specifications for the datasetScan element datasets: [] data_datasets: [] # - name: CMIP5 # path: esg_dataroot # location: /badc/cmip5/data # Security parameters required to run Nginx and serve data # By default, use the ESGF user and group security_context: user: "1000" # In order to run THREDDS/Nginx inside the container, the user must have group 1000 groups: ["1000"] # # If a special user or groups are required to access data, they can be set here, which # will result in the data node containers launching with the specified UID and GIDs # By default, use the ESGF user data_security_context_user: "1000" # Due to permissions set inside the container, the user *must* belong to group 1000 # in addition to the groups required to access data data_security_context_groups: ["1000"] # Configuration for the THREDDS container thredds: # Indicates if THREDDS should be deployed or not enabled: true # Image overrides for the THREDDS image image: repository: thredds thredds_enabled: true # Settings for the THREDDS image thredds_image_prefix: "{{ image_prefix }}" thredds_image_tag: "{{ image_tag }}" thredds_image_pull: "{{ image_pull }}" thredds_image_repository: thredds # Configuration for the Nginx file server container fileserver: # Configuration for the file server container # Indicates if the Nginx file server should be deployed or not enabled: true # Image overrides for the Nginx image image: repository: nginx proxy: image: repository: nginx fileserver_enabled: true # Settings for the fileserver image fileserver_image_prefix: "{{ image_prefix }}" fileserver_image_tag: "{{ image_tag }}" fileserver_image_pull: "{{ image_pull }}" fileserver_image_repository: nginx ### # Proxy configuration ### # Settings for the proxy image proxy_image_prefix: "{{ image_prefix }}" proxy_image_tag: "{{ image_tag }}" proxy_image_pull: "{{ image_pull }}" proxy_image_repository: nginx deploy/ansible/roles/data/tasks/main.yml +25 −29 Original line number Diff line number Diff line Loading @@ -14,15 +14,6 @@ docker_network: name: esgf - name: Configure data volumes set_fact: data_docker_mounts: >- [ {% for mount in data.mounts %} "{{ mount.hostPath }}:{{ mount.mountPath }}:ro", {% endfor %} ] - name: Configure THREDDS block: - name: Write THREDDS configuration Loading @@ -30,15 +21,11 @@ src: catalog.xml.j2 dest: /esg/config/thredds/catalog.xml - name: Set THREDDS image fact set_fact: thredds_image: "{{ image_defaults | combine(data.thredds.image) }}" - name: Start THREDDS container docker_container: name: thredds image: "{{ thredds_image.prefix }}/{{ thredds_image.repository }}:{{ thredds_image.tag }}" pull: "{{ thredds_image.pull }}" image: "{{ thredds_image_prefix }}/{{ thredds_image_repository }}:{{ thredds_image_tag }}" pull: "{{ thredds_image_pull }}" detach: yes restart_policy: on-failure exposed_ports: Loading @@ -46,13 +33,19 @@ networks: - name: esgf networks_cli_compatible: yes user: "{{ data.security_context.user }}" groups: "{{ data.security_context.groups }}" user: "{{ data_security_context_user }}" groups: "{{ data_security_context_groups }}" # Append the catalog volume to the data mounts volumes: "{{ ['/esg/config/thredds:/opt/tomcat/content/thredds/esgcet:ro'] + data_docker_mounts }}" volumes: >- [ "/esg/config/thredds:/opt/tomcat/content/thredds/esgcet:ro", {% for mount in data_mounts %} "{{ mount.host_path }}:{{ mount.mount_path }}:ro", {% endfor %} ] state: started restart: yes when: "data.thredds.enabled | bool" when: "thredds_enabled | bool" - name: Configure Nginx fileserver block: Loading @@ -61,15 +54,11 @@ src: fileserver.conf.j2 dest: /esg/config/fileserver/fileserver.conf - name: Set fileserver image fact set_fact: fileserver_image: "{{ image_defaults | combine(data.fileserver.image) }}" - name: Start fileserver container docker_container: name: fileserver image: "{{ fileserver_image.prefix }}/{{ fileserver_image.repository }}:{{ fileserver_image.tag }}" pull: "{{ fileserver_image.pull }}" image: "{{ fileserver_image_prefix }}/{{ fileserver_image_repository }}:{{ fileserver_image_tag }}" pull: "{{ fileserver_image_pull }}" detach: yes restart_policy: on-failure exposed_ports: Loading @@ -77,10 +66,17 @@ networks: - name: esgf networks_cli_compatible: yes user: "{{ data.security_context.user }}" groups: "{{ data.security_context.groups }}" user: "{{ data_security_context_user }}" groups: "{{ data_security_context_groups }}" # Append the Nginx config volume to the data mounts volumes: "{{ ['/esg/config/fileserver:/etc/nginx/conf.d:ro'] + data_docker_mounts }}" # Append the catalog volume to the data mounts volumes: >- [ "/esg/config/fileserver:/etc/nginx/conf.d:ro", {% for mount in data_mounts %} "{{ mount.host_path }}:{{ mount.mount_path }}:ro", {% endfor %} ] state: started restart: yes when: "data.fileserver.enabled | bool" when: "fileserver_enabled | bool" Loading
Vagrantfile +20 −16 Original line number Diff line number Diff line Loading @@ -31,13 +31,18 @@ Vagrant.configure(2) do |config| # Provision the VM with our Ansible playbook config.vm.provision :ansible do |ansible| ansible.playbook = "deploy/ansible/playbook.yml" ansible.config_file = "deploy/ansible/ansible.cfg" ansible.groups = { data: ["default"] } # Configure the datasets from mini-esgf-data # Use group_vars to simulate ansible.extra_vars = { data: { mounts: [{ hostPath: "/test_data", mountPath: "/test_data" }], datasets: [ hostname: "192.168.100.100.nip.io", data_mounts: [ { host_path: "/test_data", mount_path: "/test_data" } ], data_datasets: [ { name: "CMIP5", path: "esg_cmip5", Loading @@ -50,6 +55,5 @@ Vagrant.configure(2) do |config| } ] } } end end
ansible.cfgdeleted 120000 → 0 +0 −1 Original line number Diff line number Diff line deploy/ansible/ansible.cfg No newline at end of file
deploy/ansible/ansible.cfgdeleted 100644 → 0 +0 −5 Original line number Diff line number Diff line [defaults] # Use the merge behaviour when combining values files # This allows overriding parts of dictionaries, like in Helm, allowing # for less clutter in the global namespace hash_behaviour = merge
deploy/ansible/group_vars/all.yml +89 −57 Original line number Diff line number Diff line --- ### # The hostname to use - by default, use the FQDN of the host ### hostname: "{{ ansible_fqdn }}" # Configuration for custom registries that require authentication registries: [] ### # Configuration for private registries that require authentication ### docker_registries: [] # - registry: my.registry.org # username: registryuser # password: registrypassword image_defaults: prefix: esgfdeploy tag: latest pull: true data: ### # Default values used for all images # Each of these values can be overidden on a per-image basis if required ### # The image prefix to use # If using a private registry, change this, e.g. registry.ceda.ac.uk/esgfdeploy image_prefix: esgfdeploy # The image tag to use image_tag: latest # Indicates whether images should be pulled every time the playbook runs # When using mutable tags, like latest or branch names, this should be true # When using immutable tags, like commit shas or release tags, this can be false image_pull: true ### # Data node configuration ### # The mounts that are required to serve data, as defined by the given datasets # # Each specified mount should include the following keys: # # hostPath: The path on the host that should be mounted into the container # mountPath (optional): The mount path to use inside the container - if not given, hostPath is used mounts: [] # - hostPath: /datacentre/archiveroots/archive/badc # mountPath: /badc # host_path: The path on the host that should be mounted into the container # mount_path: The mount path to use inside the container data_mounts: [] # - host_path: /datacentre/archiveroots/archive/badc # mount_path: /badc # The datasets to expose - for each dataset, a THREDDS datasetScan element and an Nginx location are generated # Loading @@ -33,34 +53,46 @@ data: # path: The URL path for the dataset # location: The location of the dataset *inside the container* (see mounts above) # filters (optional): A list of filter specifications for the datasetScan element datasets: [] data_datasets: [] # - name: CMIP5 # path: esg_dataroot # location: /badc/cmip5/data # Security parameters required to run Nginx and serve data # By default, use the ESGF user and group security_context: user: "1000" # In order to run THREDDS/Nginx inside the container, the user must have group 1000 groups: ["1000"] # # If a special user or groups are required to access data, they can be set here, which # will result in the data node containers launching with the specified UID and GIDs # By default, use the ESGF user data_security_context_user: "1000" # Due to permissions set inside the container, the user *must* belong to group 1000 # in addition to the groups required to access data data_security_context_groups: ["1000"] # Configuration for the THREDDS container thredds: # Indicates if THREDDS should be deployed or not enabled: true # Image overrides for the THREDDS image image: repository: thredds thredds_enabled: true # Settings for the THREDDS image thredds_image_prefix: "{{ image_prefix }}" thredds_image_tag: "{{ image_tag }}" thredds_image_pull: "{{ image_pull }}" thredds_image_repository: thredds # Configuration for the Nginx file server container fileserver: # Configuration for the file server container # Indicates if the Nginx file server should be deployed or not enabled: true # Image overrides for the Nginx image image: repository: nginx proxy: image: repository: nginx fileserver_enabled: true # Settings for the fileserver image fileserver_image_prefix: "{{ image_prefix }}" fileserver_image_tag: "{{ image_tag }}" fileserver_image_pull: "{{ image_pull }}" fileserver_image_repository: nginx ### # Proxy configuration ### # Settings for the proxy image proxy_image_prefix: "{{ image_prefix }}" proxy_image_tag: "{{ image_tag }}" proxy_image_pull: "{{ image_pull }}" proxy_image_repository: nginx
deploy/ansible/roles/data/tasks/main.yml +25 −29 Original line number Diff line number Diff line Loading @@ -14,15 +14,6 @@ docker_network: name: esgf - name: Configure data volumes set_fact: data_docker_mounts: >- [ {% for mount in data.mounts %} "{{ mount.hostPath }}:{{ mount.mountPath }}:ro", {% endfor %} ] - name: Configure THREDDS block: - name: Write THREDDS configuration Loading @@ -30,15 +21,11 @@ src: catalog.xml.j2 dest: /esg/config/thredds/catalog.xml - name: Set THREDDS image fact set_fact: thredds_image: "{{ image_defaults | combine(data.thredds.image) }}" - name: Start THREDDS container docker_container: name: thredds image: "{{ thredds_image.prefix }}/{{ thredds_image.repository }}:{{ thredds_image.tag }}" pull: "{{ thredds_image.pull }}" image: "{{ thredds_image_prefix }}/{{ thredds_image_repository }}:{{ thredds_image_tag }}" pull: "{{ thredds_image_pull }}" detach: yes restart_policy: on-failure exposed_ports: Loading @@ -46,13 +33,19 @@ networks: - name: esgf networks_cli_compatible: yes user: "{{ data.security_context.user }}" groups: "{{ data.security_context.groups }}" user: "{{ data_security_context_user }}" groups: "{{ data_security_context_groups }}" # Append the catalog volume to the data mounts volumes: "{{ ['/esg/config/thredds:/opt/tomcat/content/thredds/esgcet:ro'] + data_docker_mounts }}" volumes: >- [ "/esg/config/thredds:/opt/tomcat/content/thredds/esgcet:ro", {% for mount in data_mounts %} "{{ mount.host_path }}:{{ mount.mount_path }}:ro", {% endfor %} ] state: started restart: yes when: "data.thredds.enabled | bool" when: "thredds_enabled | bool" - name: Configure Nginx fileserver block: Loading @@ -61,15 +54,11 @@ src: fileserver.conf.j2 dest: /esg/config/fileserver/fileserver.conf - name: Set fileserver image fact set_fact: fileserver_image: "{{ image_defaults | combine(data.fileserver.image) }}" - name: Start fileserver container docker_container: name: fileserver image: "{{ fileserver_image.prefix }}/{{ fileserver_image.repository }}:{{ fileserver_image.tag }}" pull: "{{ fileserver_image.pull }}" image: "{{ fileserver_image_prefix }}/{{ fileserver_image_repository }}:{{ fileserver_image_tag }}" pull: "{{ fileserver_image_pull }}" detach: yes restart_policy: on-failure exposed_ports: Loading @@ -77,10 +66,17 @@ networks: - name: esgf networks_cli_compatible: yes user: "{{ data.security_context.user }}" groups: "{{ data.security_context.groups }}" user: "{{ data_security_context_user }}" groups: "{{ data_security_context_groups }}" # Append the Nginx config volume to the data mounts volumes: "{{ ['/esg/config/fileserver:/etc/nginx/conf.d:ro'] + data_docker_mounts }}" # Append the catalog volume to the data mounts volumes: >- [ "/esg/config/fileserver:/etc/nginx/conf.d:ro", {% for mount in data_mounts %} "{{ mount.host_path }}:{{ mount.mount_path }}:ro", {% endfor %} ] state: started restart: yes when: "data.fileserver.enabled | bool" when: "fileserver_enabled | bool"
