creylopez
/
django-ex
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 2 Wiki Activity
Browse Source

Documentation and Template Updates

pull/160/head
Mike Olund 8 years ago
parent
bc31cb9267
commit
7b88363135
5 changed files with 394 additions and 33 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +69
    -32
      openshift/README.md
  2. +0
    -0
      openshift/jenkins/jenkins-persistent-template.json
  3. +295
    -0
      openshift/jenkins/jenkins-pipeline-persistent-template.json
  4. +29
    -0
      openshift/scripts/destroy-env.sh
  5. +1
    -1
      openshift/templates/nginx-build-template.yaml

+ 69
- 32
openshift/README.md View File

@ -1,3 +1,33 @@
# eDivorce Environments
There are several environments set up for different purposes within OpenShift. They are available at the URLs below.
|Environment| URL |Justice URL|
|-----------|-----|-----|
|DEV|edivorce-dev.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce-dev|
|TEST|edivorce-test.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce-test|
|PROD|edivorce-prod.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce|
# How to access Jenkins for eDivorce
- Login to https://edivorce-jenkins.pathfinder.gov.bc.ca with the username/password that was provided to you.
# How to access OpenShift for eDivorce
## Web UI
- Login to https://console.pathfinder.gov.bc.ca:8443; you'll be prompted for GitHub authorization. You must be part of the BCDevOps Github organization, and you must have access to the eDivorce projects.
## Command-line (```oc```) tools
- Download OpenShift [command line tools](https://github.com/openshift/origin/releases/download/v1.2.1/openshift-origin-client-tools-v1.2.1-5e723f6-mac.zip), unzip, and add ```oc``` to your PATH.
- Copy command line login string from https://console.pathfinder.gov.bc.ca:8443/console/command-line. It will look like ```oc login https://console.pathfinder.gov.bc.ca:8443 --token=xtyz123xtyz123xtyz123xtyz123```
- Paste the login string into a terminal session. You are no authenticated against OpenShift and will be able to execute ```oc``` commands. ```oc -h``` provides a summary of available commands.
# Project contents
- The "edivorce-tools" project contains the Jenkins instance and the other jsg-csb-edivorce-* projects contain different "environments". The names are self-explanatory.
# Uploading Templates into OpenShift
1. Clone the project from Github, and then ```cd``` into the openshift/templates directory.
@ -7,6 +37,7 @@
3. Upload the templates into OpenShift with the following commands (this can also be done via the web interface)
```
oc create -f ../jenkins/jenkins-pipeline-persistent-template.json -n jag-csb-edivorce-tools
oc create -f edivorce-build-template.yaml -n jag-csb-edivorce-tools
oc create -f nginx-build-template.yaml -n jag-csb-edivorce-tools
oc create -f ../jenkins/pipeline.yaml -n jag-csb-edivorce-tools
@ -22,7 +53,42 @@ oc create -f nginx-environment-template.yaml -n jag-csb-edivorce-prod
```
# Setting up Dev/Test/Prod Environments
# Setting up the Tools Project
Install Docker Toolbox on your computer
Open Docker QuickStart Terminal (need Docker engine started and env variables set) and build the S2I image:
```docker build -t s2i-nginx git://github.com/BCDevOps/s2i-nginx```
Tag and push this image to the OpenShift Docker Registry for your OpenShift Project:
```docker tag s2i-nginx docker-registry.pathfinder.gov.bc.ca/jag-csb-edivorce-tools/s2i-nginx```
```docker login docker-registry.pathfinder.gov.bc.ca -u <username> -p <token>```
```docker push docker-registry.pathfinder.gov.bc.ca/jag-csb-edivorce-tools/s2i-nginx```
(your docker token is the same as your OpenShift login token)
```
oc project jag-csb-edivorce-tools
oc process jenkins-pipeline-persistent | oc create -f -
oc process edivorce-build | oc create -f -
oc process nginx-build | oc create -f -
```
Select "Add to Project"
On the Browse Catalog tab, type "edivorce-build-pipeline" into the filter field. Select the template. Create.
(For some reason this can't be done from the command line like the other templates)
# Setting up Dev/Test/Prod Projects
1. Give the dev/test/prod projects access to ImageStreams stored in the tools project
@ -70,37 +136,6 @@ oc create -f nginx-environment-template.yaml -n jag-csb-edivorce-prod
7. Weasyprint doesn't deploy itself by default. (outstanding issue). Go to Applications => Deployments => weasyprint and press the 'Deploy' button.
# eDivorce Environments
There are several environments set up for different purposes within OpenShift. They are available at the URLs below.
|Environment| URL |Justice URL|
|-----------|-----|-----|
|DEV|edivorce-dev.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce-dev|
|TEST|edivorce-test.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce-test|
|PROD|edivorce-prod.pathfinder.gov.bc.ca|justice.gov.bc.ca/divorce|
# How to access Jenkins for eDivorce
- Login to https://edivorce-jenkins.pathfinder.gov.bc.ca with the username/password that was provided to you.
# How to access OpenShift for eDivorce
## Web UI
- Login to https://console.pathfinder.gov.bc.ca:8443; you'll be prompted for GitHub authorization. You must be part of the BCDevOps Github organization, and you must have access to the eDivorce projects.
## Command-line (```oc```) tools
- Download OpenShift [command line tools](https://github.com/openshift/origin/releases/download/v1.2.1/openshift-origin-client-tools-v1.2.1-5e723f6-mac.zip), unzip, and add ```oc``` to your PATH.
- Copy command line login string from https://console.pathfinder.gov.bc.ca:8443/console/command-line. It will look like ```oc login https://console.pathfinder.gov.bc.ca:8443 --token=xtyz123xtyz123xtyz123xtyz123```
- Paste the login string into a terminal session. You are no authenticated against OpenShift and will be able to execute ```oc``` commands. ```oc -h``` provides a summary of available commands.
# Project contents
- The "edivorce-tools" project contains the Jenkins instance and the other jsg-csb-edivorce-* projects contain different "environments". The names are self-explanatory.
# Data management operations
You can either use the terminal window in the OpenShift console or the ```oc rsh``` command to get to the command line on the postgresql pod.
@ -111,5 +146,7 @@ oc rsh postgresql-2-qp0oh
psql -d default
\dt
\q
```
** the pod identifiers change regularly, you need to find the current one

+ 0
- 0
openshift/jenkins/jenkins-persistent-template.json View File


+ 295
- 0
openshift/jenkins/jenkins-pipeline-persistent-template.json View File

@ -0,0 +1,295 @@
{
"kind": "Template",
"apiVersion": "v1",
"metadata": {
"name": "jenkins-pipeline-persistent",
"creationTimestamp": null,
"annotations": {
"description": "Jenkins service, with persistent storage.\nYou must have persistent volumes available in your cluster to use this template.",
"iconClass": "icon-jenkins",
"tags": "instant-app,jenkins"
}
},
"message": "A Jenkins service has been created in your project. The username/password are admin/${JENKINS_PASSWORD}. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.",
"objects": [
{
"kind": "Route",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
"creationTimestamp": null
},
"spec": {
"host" : "edivorce-jenkins.pathfinder.gov.bc.ca",
"to": {
"kind": "Service",
"name": "${JENKINS_SERVICE_NAME}"
},
"tls": {
"termination": "edge",
"insecureEdgeTerminationPolicy": "Redirect"
}
}
},
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}"
},
"spec": {
"accessModes": [
"ReadWriteOnce"
],
"resources": {
"requests": {
"storage": "${VOLUME_CAPACITY}"
}
}
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
"creationTimestamp": null
},
"spec": {
"strategy": {
"type": "Recreate"
},
"triggers": [
{
"type": "ImageChange",
"imageChangeParams": {
"automatic": true,
"containerNames": [
"jenkins"
],
"from": {
"kind": "ImageStreamTag",
"name": "${JENKINS_IMAGE_STREAM_TAG}",
"namespace": "${NAMESPACE}"
},
"lastTriggeredImage": ""
}
},
{
"type": "ConfigChange"
}
],
"replicas": 1,
"selector": {
"name": "${JENKINS_SERVICE_NAME}"
},
"template": {
"metadata": {
"creationTimestamp": null,
"labels": {
"name": "${JENKINS_SERVICE_NAME}"
}
},
"spec": {
"serviceAccountName": "${JENKINS_SERVICE_NAME}",
"containers": [
{
"name": "jenkins",
"image": " ",
"readinessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"httpGet": {
"path": "/login",
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 120,
"httpGet": {
"path": "/login",
"port": 8080
}
},
"env": [
{
"name": "JENKINS_PASSWORD",
"value": "${JENKINS_PASSWORD}"
},
{
"name": "KUBERNETES_MASTER",
"value": "https://kubernetes.default:443"
},
{
"name": "KUBERNETES_TRUST_CERTIFICATES",
"value": "true"
},
{
"name": "JNLP_SERVICE_NAME",
"value": "${JNLP_SERVICE_NAME}"
}
],
"resources": {
"limits": {
"memory": "${MEMORY_LIMIT}"
}
},
"volumeMounts": [
{
"name": "${JENKINS_SERVICE_NAME}-data",
"mountPath": "/var/lib/jenkins"
}
],
"terminationMessagePath": "/dev/termination-log",
"imagePullPolicy": "IfNotPresent",
"capabilities": {},
"securityContext": {
"capabilities": {},
"privileged": false
}
}
],
"volumes": [
{
"name": "${JENKINS_SERVICE_NAME}-data",
"persistentVolumeClaim": {
"claimName": "${JENKINS_SERVICE_NAME}"
}
}
],
"restartPolicy": "Always",
"dnsPolicy": "ClusterFirst"
}
}
}
},
{
"kind": "ServiceAccount",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}"
}
},
{
"kind": "RoleBinding",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}_edit"
},
"groupNames": null,
"subjects": [
{
"kind": "ServiceAccount",
"name": "${JENKINS_SERVICE_NAME}"
}
],
"roleRef": {
"name": "edit"
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${JNLP_SERVICE_NAME}"
},
"spec": {
"ports": [
{
"name": "agent",
"protocol": "TCP",
"port": 50000,
"targetPort": 50000,
"nodePort": 0
}
],
"selector": {
"name": "${JENKINS_SERVICE_NAME}"
},
"portalIP": "",
"type": "ClusterIP",
"sessionAffinity": "None"
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
"annotations": {
"service.alpha.openshift.io/dependencies": "[{\"name\": \"${JNLP_SERVICE_NAME}\", \"namespace\": \"\", \"kind\": \"Service\"}]",
"service.openshift.io/infrastructure": "true"
},
"creationTimestamp": null
},
"spec": {
"ports": [
{
"name": "web",
"protocol": "TCP",
"port": 80,
"targetPort": 8080,
"nodePort": 0
}
],
"selector": {
"name": "${JENKINS_SERVICE_NAME}"
},
"portalIP": "",
"type": "ClusterIP",
"sessionAffinity": "None"
}
}
],
"parameters": [
{
"name": "JENKINS_SERVICE_NAME",
"displayName": "Jenkins Service Name",
"description": "The name of the OpenShift Service exposed for the Jenkins container.",
"value": "jenkins"
},
{
"name": "JNLP_SERVICE_NAME",
"displayName": "Jenkins JNLP Service Name",
"description": "The name of the service used for master/slave communication.",
"value": "jenkins-jnlp"
},
{
"name": "JENKINS_PASSWORD",
"displayName": "Jenkins Password",
"description": "Password for the Jenkins 'admin' user.",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}",
"required": true
},
{
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the container can use.",
"value": "512Mi"
},
{
"name": "VOLUME_CAPACITY",
"displayName": "Volume Capacity",
"description": "Volume space available for data, e.g. 512Mi, 2Gi.",
"value": "1Gi",
"required": true
},
{
"name": "NAMESPACE",
"displayName": "Jenkins ImageStream Namespace",
"description": "The OpenShift Namespace where the Jenkins ImageStream resides.",
"value": "openshift"
},
{
"name": "JENKINS_IMAGE_STREAM_TAG",
"displayName": "Jenkins ImageStreamTag",
"description": "Name of the ImageStreamTag to be used for the Jenkins image.",
"value": "jenkins:latest"
}
],
"labels": {
"template": "jenkins-persistent-template"
}
}

+ 29
- 0
openshift/scripts/destroy-env.sh View File

@ -0,0 +1,29 @@
#!/usr/bin/env bash
# this is hard-coded to only destroy the dev environment
# you can chage it to 'test' or 'prod' if you are sure you want to destroy EVERYTHING, include the database
oc project jag-csb-edivorce-test
# delete all imagestreams
oc delete is --all
# delete services by name (we don't want to accidentally delete the gluster service!)
oc delete svc weasyprint
oc delete svc postgresql
oc delete svc edivorce-django
# delete routes
oc delete route --all
# delete persistent volume claims
oc delete pvc --all
# delete replication controllers
oc delete rc --all
# delete deployment configurations
oc delete dc --all
# delete pods
oc delete po --all
No newline at end of file

+ 1
- 1
openshift/templates/nginx-build-template.yaml View File

@ -2,7 +2,7 @@
kind: Template
apiVersion: v1
metadata:
name: nginx
name: nginx-build
creationTimestamp:
objects:
- kind: ImageStream


Write Preview
Loading…
Cancel
Save