ansible to install cloud provider

Bug: T349032
toolforge · Nov 1, 2023 · 2134d50 · 2134d50
1 parent 60a4339
commit 2134d50
Show file tree

Hide file tree

Showing 11 changed files with 99 additions and 5 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -3,3 +3,4 @@
 quarry/config-prod.yaml filter=git-crypt diff=git-crypt
 terraform/secrets.tf filter=git-crypt diff=git-crypt
 helm-quarry/prod-config.yaml filter=git-crypt diff=git-crypt
+ansible/files/csi-secret-cinderplugin.yaml.crypt filter=git-crypt diff=git-crypt
diff --git a/README.md b/README.md
@@ -105,3 +105,8 @@ git clone https://github.com/toolforge/quarry.git
 cd quarry
 git-crypt unlock <path to decryption key>
 ```
+
+## Deploying to production ##
+From the quarry-bastion in the git checkout that has the state file.
+`bash deploy.sh`
+`mysql -uquarry -h <trove hostname created in last step> -p < schema.sql`
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -0,0 +1,5 @@
+[defaults]
+
+# Better error output
+stdout_callback=debug
+stderr_callback=debug
diff --git a/ansible/files/csi-secret-cinderplugin.yaml.crypt b/ansible/files/csi-secret-cinderplugin.yaml.crypt
diff --git a/ansible/files/sc.yaml b/ansible/files/sc.yaml
@@ -0,0 +1,11 @@
+---
+
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: standard
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "true"
+provisioner: cinder.csi.openstack.org
+parameters:
+  availability: nova
diff --git a/ansible/quarry.yaml b/ansible/quarry.yaml
@@ -0,0 +1,57 @@
+---
+
+- name: Deploy quarry to k8s cluster
+  gather_facts: false
+  hosts: localhost
+  tasks:
+    #- name: Temporary directory for cloud provider
+    #  ansible.builtin.tempfile:
+    #    state: directory
+    #    suffix: cloud-provider
+    #  register: cloud_dir
+    #  changed_when: False
+
+    #- name: Clone cloud-provider-openstack
+    #  ansible.builtin.git:
+    #    repo: https://github.com/kubernetes/cloud-provider-openstack.git
+    #    dest: "{{ cloud_dir.path }}"
+    #    version: v1.26.3
+    #  changed_when: False
+
+    #- name: Copy file with owner and permissions
+    #  ansible.builtin.copy:
+    #    src: files/csi-secret-cinderplugin.yaml.crypt
+    #    dest: "{{ cloud_dir.path }}/manifests/cinder-csi-plugin/csi-secret-cinderplugin.yaml"
+    #  changed_when: False
+
+    #- name: install the things!
+    #  kubernetes.core.k8s:
+    #    state: present
+    #    src: "{{ cloud_dir.path }}/manifests/cinder-csi-plugin/{{ item }}"
+    #  loop:
+    #    - "csi-secret-cinderplugin.yaml"
+    #    - "cinder-csi-controllerplugin-rbac.yaml"
+    #    - "cinder-csi-controllerplugin.yaml"
+    #    - "cinder-csi-nodeplugin-rbac.yaml"
+    #    - "cinder-csi-nodeplugin.yaml"
+    #    - "csi-cinder-driver.yaml"
+
+    #- name: Delete temporary directory
+    #  ansible.builtin.file:
+    #    state: absent
+    #    path: "{{ cloud_dir.path }}"
+    #  changed_when: False
+
+    #- name: and sc.yaml
+    #  kubernetes.core.k8s:
+    #    state: present
+    #    src: "files/sc.yaml"
+
+    - name: Deploy quarry
+      kubernetes.core.helm:
+        name: quarry
+        chart_ref: ../helm-quarry
+        release_namespace: "quarry"
+        create_namespace: true
+        values_files:
+          - ../helm-quarry/prod-env.yaml
diff --git a/deploy.sh b/deploy.sh
@@ -17,11 +17,17 @@ if ! command -v terraform ; then
   exit 1
 fi
 
+python3 -m venv .venv/deploy
+source .venv/deploy/bin/activate
+pip install ansible==8.1.0 kubernetes==26.1.0
+
 cd terraform
 terraform init
 terraform apply # -auto-approve
 export KUBECONFIG=$(pwd)/kube.config
 
-cd ../
-kubectl create namespace quarry --dry-run=client -o yaml | kubectl apply -f -
-helm -n quarry upgrade --install quarry helm-quarry -f helm-quarry/prod-env.yaml
+cd ../ansible
+ansible-playbook quarry.yaml
+#kubectl create namespace quarry --dry-run=client -o yaml | kubectl apply -f -
+#helm -n quarry upgrade --install quarry helm-quarry -f helm-quarry/prod-env.yaml
+
diff --git a/helm-quarry/prod-config.yaml b/helm-quarry/prod-config.yaml
diff --git a/helm-quarry/prod-env.yaml b/helm-quarry/prod-env.yaml
@@ -2,13 +2,14 @@ localdev:
   enabled: false
 
 web:
-  replicas: 8
+  replicas: 1
   memory: "300Mi"
   cpu: "100m"
 worker:
-  replicas: 2
+  replicas: 1
   memory: "700Mi"
   cpu: "100m"
 
 nfs:
+#  server: 172.16.4.142
   server: k8s-test-nfs.quarry.eqiad1.wikimedia.cloud
diff --git a/helm-quarry/templates/web_deployment.yaml b/helm-quarry/templates/web_deployment.yaml
@@ -32,8 +32,14 @@ spec:
               cpu: {{ .Values.web.cpu }}
       volumes:
         - name: results
+{{ if .Values.localdev.enabled }}
           persistentVolumeClaim:
             claimName: results
+{{ else }}
+          nfs:
+            server: {{ .Values.nfs.server }}
+            path: /srv/quarry/project/
+{{ end }}
         - name: config
           configMap:
             name: config
diff --git a/helm-quarry/templates/web_ingress.yaml b/helm-quarry/templates/web_ingress.yaml
@@ -1,3 +1,4 @@
+{{ if .Values.localdev.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -18,3 +19,4 @@ spec:
               number: 5000
         path: /
         pathType: Prefix
+{{ end }}