Merge pull request #30 from trento-project/add-rpm-installation

Add RPM installation
trento-project · Mar 18, 2024 · 769bfa0 · 769bfa0
2 parents 18722c1 + 9ab0752
commit 769bfa0
Show file tree

Hide file tree

Showing 23 changed files with 251 additions and 114 deletions.
diff --git a/README.md b/README.md
@@ -79,7 +79,7 @@ all:
     "web_postgres_password": "pass",
     "wanda_postgres_password": "wanda",
     "rabbitmq_password": "trento",
-    "prometheus_url": "http://localhost",
+    "prometheus_url": "http://localhost:9090",
     "web_admin_password": "adminpassword",
     "trento_server_name": "your-server-name"
 }
@@ -91,7 +91,7 @@ all:
     "web_postgres_password": "pass",
     "wanda_postgres_password": "wanda",
     "rabbitmq_password": "trento",
-    "prometheus_url": "http://localhost",
+    "prometheus_url": "http://localhost:9090",
     "web_admin_password": "adminpassword",
     "trento_server_name": "your-server-name",
     "enable_alerting": "true",
@@ -143,7 +143,7 @@ all:
     "web_postgres_password": "pass",
     "wanda_postgres_password": "wanda",
     "rabbitmq_password": "trento",
-    "prometheus_url": "http://localhost",
+    "prometheus_url": "http://localhost:9090",
     "web_admin_password": "adminpassword",
     "trento_server_name": "yourserver.com",
 }
@@ -176,7 +176,7 @@ all:
     "web_postgres_user": "postgres",
     "wanda_postgres_user": "postgres",
     "rabbitmq_username": "trentoansible",
-    "prometheus_url": "http://localhost",
+    "prometheus_url": "http://localhost:9090",
     "web_admin_password": "adminpassword",
     "trento_server_name": "your-servername.com",
     "nginx_ssl_cert": "-----BEGIN CERTIFICATE-----\nMIIEKTCCAxGgAwIBAgIUbIzbLpJrkKk8vs1oLzFDpPL...",
@@ -277,10 +277,10 @@ These variables are the defaults of our roles, if you want to override the prope
 | docker_network_name | Name of the docker network interface | trentonet |
 | web_container_image | Name of the Web container image to use to create the container | ghcr.io/trento-project/trento-web:rolling |
 | web_container_name | Name of the Web container | trento_web |
-| web_container_port | Port where the Web container is exposed | 4000 |
+| web_listen_port | Port where the Web service is exposed | 4000 |
 | wanda_container_image | Name of the Wanda container image to use to create the container | ghcr.io/trento-project/trento-wanda:rolling |
 | wanda_container_name | Name of the Wanda container | trento_wanda |
-| wanda_container_port | Port where the Wanda container is exposed | 4001 |
+| wanda_listen_port | Port where the Wanda service is exposed | 4001 |
 | force_pull_images | Force pull the container images for trento components | false |
 | force_recreate_web_container | Recreate the web container | false |
 | force_recreate_wanda_container | Recreate the wanda container | false |
@@ -321,8 +321,9 @@ These variables are the defaults of our roles, if you want to override the prope
 | web_upstream_name | Web nginx upstream name | web |
 | wanda_upstream_name | Wanda nginx upstream name | wanda |
 | amqp_protocol | Change the amqp protocol type | amqp |
-| prometheus_url | Prometheus server url | http://host.docker.internal:9090 |
+| prometheus_url | Prometheus server url | http://localhost:9090 |
 | web_host | Host where the web instance is listening | http://localhost |
+| install_method | Installation method for trento components, can be either `rpm` or `docker` | rpm |
 
 **trento agents**
 

diff --git a/Vagrantfile b/Vagrantfile
@@ -17,7 +17,7 @@ Vagrant.configure(2) do |config|
       wanda_postgres_password: "wanda",
       rabbitmq_password: "trento",
       nginx_vhost_filename: "trento.conf",
-      prometheus_url: "http://localhost",
+      prometheus_url: "http://localhost:9090",
       web_admin_password: "adminpassword",
       trento_server_name: "trento.local",
       nginx_ssl_cert_as_base64: "false",

diff --git a/playbook.cleanup.yml b/playbook.cleanup.yml
@@ -14,13 +14,13 @@
         name: firewalld.service
       register: firewalld_status
 
-- name: Clean up trento projects
+- name: Clean up trento components
   hosts: trento-server
   become: true
   tasks:
-    - name: Containers
+    - name: Trento services
       ansible.builtin.include_role:
-        name: containers
+        name: app
         tasks_from: cleanup
     - name: Proxy
       ansible.builtin.include_role:

diff --git a/playbook.yml b/playbook.yml
@@ -17,7 +17,6 @@
       community.general.zypper:
         name:
           - gcc
-          - python3-devel
           - sudo
 
     - name: Install python prerequisites
@@ -26,21 +25,11 @@
           - python3-setuptools
           - python3-pip
           - python3-pexpect
+          - python3-devel
+          - python3-rpm
         state: present
         update_cache: true
 
-    - name: Install docker
-      community.general.zypper:
-        name: docker
-        state: present
-        update_cache: true
-
-    - name: Start docker service
-      ansible.builtin.service:
-        name: docker
-        state: started
-        enabled: true
-
 - name: Check firewalld package on prometheus and trento-server hosts
   hosts: prometheus-hosts:trento-server
   tasks:
@@ -88,13 +77,13 @@
     - role: rabbitmq
       when: provision_rabbitmq == 'true'
 
-- name: Configure trento projects
+- name: Configure trento components
   vars:
     provision_proxy: "true"
   hosts: trento-server
   become: true
   roles:
-    - role: containers
+    - role: app
       become: true
     - role: proxy
       when: provision_proxy == 'true'

diff --git a/roles/app/defaults/docker.yml b/roles/app/defaults/docker.yml
@@ -0,0 +1,15 @@
+---
+docker_network_name: trentonet
+force_pull_images: "false"
+web_container_image: ghcr.io/trento-project/trento-web:rolling
+web_container_name: trento_web
+force_recreate_web_container: "false"
+remove_web_container_image: "true"
+web_postgres_host: "host.docker.internal"
+wanda_container_image: ghcr.io/trento-project/trento-wanda:rolling
+wanda_container_name: trento_wanda
+force_recreate_wanda_container: "false"
+remove_wanda_container_image: "true"
+wanda_postgres_host: "host.docker.internal"
+rabbitmq_host: host.docker.internal
+prometheus_url: "http://host.docker.internal:9090"
diff --git a/roles/app/defaults/main.yml b/roles/app/defaults/main.yml
@@ -0,0 +1,25 @@
+---
+web_listen_port: "{{ 32767 | random(start=1024, seed=trento_server_name) }}"
+web_postgres_db: webdb
+web_postgres_event_store: event_store
+web_postgres_user: web
+wanda_listen_port: "{{ 32767 | random(start=1024, seed=trento_server_name) + 1 }}"
+wanda_postgres_user: wanda
+wanda_postgres_db: wandadb
+rabbitmq_username: trento
+rabbitmq_vhost: "trento"
+secret_key_base: ""
+access_token_secret: ""
+refresh_token_secret: ""
+web_admin_username: admin
+enable_api_key: "true"
+enable_charts: "true"
+enable_alerting: "false"
+smtp_server: ""
+smtp_port: ""
+smtp_user: ""
+smtp_password: ""
+alert_sender: ""
+alert_recipient: ""
+amqp_protocol: amqp
+install_method: rpm
diff --git a/roles/app/defaults/rpm.yml b/roles/app/defaults/rpm.yml
@@ -0,0 +1,5 @@
+---
+web_postgres_host: "localhost"
+wanda_postgres_host: "localhost"
+rabbitmq_host: "localhost"
+prometheus_url: "http://localhost:9090"
diff --git a/roles/app/handlers/main.yml b/roles/app/handlers/main.yml
@@ -0,0 +1,11 @@
+# code: language=ansible
+---
+- name: Restart trento-web
+  ansible.builtin.service:
+    name: trento-web
+    state: restarted
+
+- name: Restart trento-wanda
+  ansible.builtin.service:
+    name: trento-wanda
+    state: restarted
diff --git a/roles/app/tasks/cleanup.yml b/roles/app/tasks/cleanup.yml
@@ -0,0 +1,15 @@
+---
+- name: Check installation method
+  ansible.builtin.assert:
+    that:
+      - install_method is defined
+      - install_method in ['docker', 'rpm']
+    fail_msg: "install_method value must be one of: docker|rpm"
+
+- name: Include Docker cleanup tasks
+  ansible.builtin.include_tasks: docker_cleanup.yml
+  when: install_method == 'docker'
+
+- name: Include RPM cleanup tasks
+  ansible.builtin.include_tasks: rpm_cleanup.yml
+  when: install_method == 'rpm'
diff --git a/roles/containers/tasks/main.yml → roles/app/tasks/docker.yml b/roles/containers/tasks/main.yml → roles/app/tasks/docker.yml
@@ -1,14 +1,19 @@
 # code: language=ansible
 ---
-- name: Create secrets
-  no_log: true
-  ansible.builtin.set_fact: # noqa: var-naming[no-jinja]
-    "{{ item }}": "{{ lookup('community.general.random_string', base64=True, length=64) }}"
-  when: lookup('vars', item) == ""
-  loop:
-    - secret_key_base
-    - access_token_secret
-    - refresh_token_secret
+- name: Include Docker installation variables
+  ansible.builtin.include_vars: "../defaults/docker.yml"
+
+- name: Install docker
+  community.general.zypper:
+    name: docker
+    state: present
+    update_cache: true
+
+- name: Start docker service
+  ansible.builtin.service:
+    name: docker
+    state: started
+    enabled: true
 
 - name: Install docker python management deps
   ansible.builtin.pip:
@@ -49,35 +54,14 @@
     etc_hosts:
       host.docker.internal: "host-gateway"
     ports:
-      - "{{ wanda_container_port }}:4000"
+      - "{{ wanda_listen_port }}:4000"
     env:
       CORS_ORIGIN: "http://localhost" # TODO: Remove placeholder
       SECRET_KEY_BASE: "{{ secret_key_base }}"
       ACCESS_TOKEN_ENC_SECRET: "{{ access_token_secret }}"
       AMQP_URL: "{{ amqp_protocol }}://{{ rabbitmq_username }}:{{ rabbitmq_password }}@{{ rabbitmq_host }}/{{ rabbitmq_vhost | urlencode | replace('/', '%2F') }}"
       DATABASE_URL: "ecto://{{ wanda_postgres_user }}:{{ wanda_postgres_password }}@{{ wanda_postgres_host }}/{{ wanda_postgres_db }}"
 
-- name: Verify that alerting configuration variables are defined if alerting is enabled
-  ansible.builtin.assert:
-    that:
-      - alerting_env is defined
-      - "{{ lookup('vars', alerting_env) | length > 0 }}"
-      - "{{ lookup('vars', alerting_env) != None }}"
-      - "{{ lookup('vars', alerting_env) != '' }}"
-
-    fail_msg: "{{ alerting_env }} needs to be set in playbook variables to enable alerting"
-    success_msg: "{{ alerting_env }} is set in playbook variables"
-  loop_control:
-    loop_var: alerting_env
-  with_items:
-    - smtp_server
-    - smtp_port
-    - smtp_user
-    - smtp_password
-    - alert_sender
-    - alert_recipient
-  when: enable_alerting == 'true'
-
 - name: Web container
   community.docker.docker_container:
     name: "{{ web_container_name }}"
@@ -97,7 +81,7 @@
     etc_hosts:
       host.docker.internal: "host-gateway"
     ports:
-      - "{{ web_container_port }}:4000"
+      - "{{ web_listen_port }}:4000"
     env:
       AMQP_URL: "{{ amqp_protocol }}://{{ rabbitmq_username }}:{{ rabbitmq_password }}@{{ rabbitmq_host }}/{{ rabbitmq_vhost | urlencode | replace('/', '%2F') }}"
       DATABASE_URL: "ecto://{{ web_postgres_user }}:{{ web_postgres_password }}@{{ web_postgres_host }}/{{ web_postgres_db }}"

diff --git a/roles/containers/tasks/cleanup.yml → roles/app/tasks/docker_cleanup.yml b/roles/containers/tasks/cleanup.yml → roles/app/tasks/docker_cleanup.yml
@@ -1,5 +1,8 @@
 # code: language=ansible
 ---
+- name: Include Docker installation variables
+  ansible.builtin.include_vars: "../defaults/docker.yml"
+
 - name: Stop wanda container
   community.docker.docker_container:
     name: "{{ wanda_container_name }}"

diff --git a/roles/app/tasks/main.yml b/roles/app/tasks/main.yml
@@ -0,0 +1,45 @@
+---
+- name: Check installation method
+  ansible.builtin.assert:
+    that:
+      - install_method is defined
+      - install_method in ['docker', 'rpm']
+    fail_msg: "install_method value must be one of: docker|rpm"
+
+- name: Create secrets
+  no_log: true
+  ansible.builtin.set_fact: # noqa: var-naming[no-jinja]
+    "{{ item }}": "{{ lookup('community.general.random_string', base64=True, length=64) }}"
+  when: lookup('vars', item) == ""
+  loop:
+    - secret_key_base
+    - access_token_secret
+    - refresh_token_secret
+
+- name: Verify that alerting configuration variables are defined if alerting is enabled
+  ansible.builtin.assert:
+    that:
+      - alerting_env is defined
+      - "{{ lookup('vars', alerting_env) | length > 0 }}"
+      - "{{ lookup('vars', alerting_env) != None }}"
+      - "{{ lookup('vars', alerting_env) != '' }}"
+    fail_msg: "{{ alerting_env }} needs to be set in playbook variables to enable alerting"
+    success_msg: "{{ alerting_env }} is set in playbook variables"
+  loop_control:
+    loop_var: alerting_env
+  with_items:
+    - smtp_server
+    - smtp_port
+    - smtp_user
+    - smtp_password
+    - alert_sender
+    - alert_recipient
+  when: enable_alerting == 'true'
+
+- name: Include Docker installation tasks
+  ansible.builtin.include_tasks: docker.yml
+  when: install_method == 'docker'
+
+- name: Include RPM installation tasks
+  ansible.builtin.include_tasks: rpm.yml
+  when: install_method == 'rpm'
diff --git a/roles/app/tasks/rpm.yml b/roles/app/tasks/rpm.yml
@@ -0,0 +1,47 @@
+# code: language=ansible
+---
+- name: Include RPM installation vars
+  ansible.builtin.include_vars: "../defaults/rpm.yml"
+
+- name: Install Trento RPM packages
+  community.general.zypper:
+    name:
+      - trento-web
+      - trento-wanda
+    state: latest
+    update_cache: true
+  notify:
+    - Restart trento-web
+    - Restart trento-wanda
+
+- name: Configure trento-web config
+  ansible.builtin.template:
+    src: trento-web.j2
+    dest: /etc/trento/trento-web
+    owner: root
+    group: root
+    mode: '0644'
+  notify:
+    - Restart trento-web
+
+- name: Configure trento-wanda config
+  ansible.builtin.template:
+    src: trento-wanda.j2
+    dest: /etc/trento/trento-wanda
+    owner: root
+    group: root
+    mode: '0644'
+  notify:
+    - Restart trento-wanda
+
+- name: Start trento-web service
+  ansible.builtin.service:
+    name: trento-web
+    state: started
+    enabled: true
+
+- name: Start trento-wanda service
+  ansible.builtin.service:
+    name: trento-wanda
+    state: started
+    enabled: true