Migrating to docker stacks
Will result in:
17/04/13 11:36:23 ci01.cicd-lab-dev.local
[root@ci01:~] ls /etc/docker/compose/
aptly devops-portal docker elasticsearch gerrit jenkins mysql
openldap pushkin rundeck
Change-Id: I7a7be97f83243c23b75d5baf966afea676c949e2
diff --git a/docker/swarm/stack/aptly.yml b/docker/swarm/stack/aptly.yml
new file mode 100644
index 0000000..5570c40
--- /dev/null
+++ b/docker/swarm/stack/aptly.yml
@@ -0,0 +1,31 @@
+parameters:
+ _param:
+ docker_image_aptly:
+ api: tcpcloud/aptly-api
+ public: tcpcloud/aptly-public
+ docker:
+ client:
+ stack:
+ aptly:
+ environment:
+ EMAIL_ADDRESS: ${_param:admin_email}
+ service:
+ api:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_aptly:api}
+ ports:
+ - 18084:8080
+ volumes:
+ - /srv/volumes/aptly:/var/lib/aptly
+ public:
+ deploy:
+ replicas: 3
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_aptly:public}
+ ports:
+ - 18085:80
+ volumes:
+ - /srv/volumes/aptly/public:/var/www/html
diff --git a/docker/swarm/stack/artifactory.yml b/docker/swarm/stack/artifactory.yml
new file mode 100644
index 0000000..cda48fe
--- /dev/null
+++ b/docker/swarm/stack/artifactory.yml
@@ -0,0 +1,23 @@
+parameters:
+ docker:
+ client:
+ stack:
+ artifactory:
+ environment:
+ MYSQL_HOST: ${_param:cluster_vip_address}
+ MYSQL_USERNAME: artifactory
+ MYSQL_PASSWORD: ${_param:mysql_artifactory_password}
+ MYSQL_DATABASE: artifactory
+ service:
+ artifactory:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_repository:cicd}/artifactory
+ ports:
+ - 18082:8081
+ volumes:
+ - /srv/volumes/artifactory/data:/var/opt/jfrog/artifactory/data
+ - /srv/volumes/artifactory/backup:/var/opt/jfrog/artifactory/backup
+ - /srv/volumes/artifactory/etc:/var/opt/jfrog/artifactory/etc
+ - /srv/volumes/artifactory/logs:/var/opt/jfrog/artifactory/logs
diff --git a/docker/swarm/stack/dashboard.yml b/docker/swarm/stack/dashboard.yml
new file mode 100644
index 0000000..5621d8a
--- /dev/null
+++ b/docker/swarm/stack/dashboard.yml
@@ -0,0 +1,16 @@
+parameters:
+ docker:
+ client:
+ stack:
+ dashboard:
+ service:
+ grafana:
+ deploy:
+ replicas: 1
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_grafana}
+ ports:
+ - 15013:3000
+ environment:
+ GF_SECURITY_ADMIN_PASSWORD: ${_param:grafana_admin_password}
diff --git a/docker/swarm/stack/devops_portal.yml b/docker/swarm/stack/devops_portal.yml
new file mode 100644
index 0000000..c894d33
--- /dev/null
+++ b/docker/swarm/stack/devops_portal.yml
@@ -0,0 +1,20 @@
+parameters:
+ _param:
+ docker_devops_portal_replicas: 1
+ docker_image_devops_portal: docker-sandbox.sandbox.mirantis.net/ikharin/oss/devops-portal:latest
+ docker:
+ client:
+ stack:
+ devops-portal:
+ service:
+ frontend:
+ image: ${_param:docker_image_devops_portal}
+ deploy:
+ replicas: ${_param:docker_devops_portal_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - 18800:8000
+ volumes:
+ - /srv/volumes/devops_portal/nginx:/etc/nginx/config
+ - /srv/volumes/devops_portal/config:/opt/devops-portal/config
diff --git a/docker/swarm/stack/docker.yml b/docker/swarm/stack/docker.yml
new file mode 100644
index 0000000..a680d4c
--- /dev/null
+++ b/docker/swarm/stack/docker.yml
@@ -0,0 +1,33 @@
+parameters:
+ _param:
+ docker_image_registry: registry:2
+ docker_image_visualizer: manomarks/visualizer
+ docker:
+ client:
+ stack:
+ docker:
+ service:
+ registry:
+ environment:
+ REGISTRY_HTTP_SECRET: ${_param:docker_registry_http_secret}
+ deploy:
+ replicas: 3
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_registry}
+ ports:
+ - 15000:5000
+ volumes:
+ - /srv/volumes/registry:/var/lib/registry
+ visualizer:
+ deploy:
+ restart_policy:
+ condition: any
+ placement:
+ constraints:
+ - "node.role == manager"
+ image: ${_param:docker_image_visualizer}
+ ports:
+ - 18090:8080
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
new file mode 100644
index 0000000..26ffe7f
--- /dev/null
+++ b/docker/swarm/stack/gerrit.yml
@@ -0,0 +1,60 @@
+parameters:
+ _param:
+ docker_image_gerrit: tcpcloud/gerrit:2.13.6
+ docker_image_mysql: mysql:5.6
+ gerrit_ldap_server: ""
+ gerrit_ldap_bind_user: ""
+ gerrit_ldap_bind_password: ""
+ gerrit_ldap_account_base: ""
+ gerrit_ldap_group_base: ""
+
+ docker:
+ client:
+ stack:
+ gerrit:
+ service:
+ server:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_gerrit}
+ ports:
+ - 18083:8080
+ - 29417:29418
+ volumes:
+ - /srv/volumes/gerrit:/var/gerrit/review_site
+ depends_on:
+ - db
+ environment:
+ #GERRIT_INIT_ARGS: ""
+ DATABASE_TYPE: "mysql"
+ DB_PORT_3306_TCP_ADDR: ${_param:cluster_vip_address}
+ DB_ENV_MYSQL_USER: gerrit
+ DB_ENV_MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ DB_ENV_MYSQL_DB: gerrit
+ AUTH_TYPE: ${_param:gerrit_auth_type}
+ LDAP_SERVER: ${_param:gerrit_ldap_server}
+ LDAP_ACCOUNTPATTERN: 'uid={username}'
+ LDAP_ACCOUNTBASE: ${_param:gerrit_ldap_account_base}
+ LDAP_GROUPBASE: ${_param:gerrit_ldap_group_base}
+ LDAP_USERNAME: ${_param:gerrit_ldap_bind_user}
+ LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
+ WEBURL: ${_param:gerrit_public_host}
+ GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
+ GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
+ GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
+ CANLOADINIFRAME: "true"
+ db:
+ environment:
+ MYSQL_USER: gerrit
+ MYSQL_PASSWORD: ${_param:mysql_gerrit_password}
+ MYSQL_DATABASE: gerrit
+ MYSQL_ROOT_PASSWORD: ${_param:mysql_admin_password}
+ deploy:
+ restart_policy:
+ condition: any
+ image: "${_param:docker_image_mysql}"
+ ports:
+ - 13306:3306
+ volumes:
+ - /srv/volumes/mysql:/var/lib/mysql
diff --git a/docker/swarm/stack/jenkins.yml b/docker/swarm/stack/jenkins.yml
new file mode 100644
index 0000000..acea08b
--- /dev/null
+++ b/docker/swarm/stack/jenkins.yml
@@ -0,0 +1,22 @@
+parameters:
+ _param:
+ docker_image_jenkins: tcpcloud/jenkins:2.52
+ docker:
+ client:
+ stack:
+ jenkins:
+ environment:
+ JAVA_OPTS: "-Djenkins.install.runSetupWizard=false -Dhudson.DNSMultiCast.disabled=true -Dhudson.udp=-1 -Dhudson.footerURL=https://www.mirantis.com"
+ JENKINS_NUM_EXECUTORS: 4
+ service:
+ master:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_jenkins}
+ ports:
+ - 18081:8080
+ - 50001:50000
+ volumes:
+ - /srv/volumes/jenkins:/var/jenkins_home
+ - /etc/ssl/certs/java/cacerts:/etc/ssl/certs/java/cacerts:ro
diff --git a/docker/swarm/stack/ldap.yml b/docker/swarm/stack/ldap.yml
new file mode 100644
index 0000000..6e94695
--- /dev/null
+++ b/docker/swarm/stack/ldap.yml
@@ -0,0 +1,46 @@
+parameters:
+ _param:
+ docker_image_openldap: osixia/openldap:1.1.8
+ docker_image_phpldapadmin: tcpcloud/phpldapadmin:0.6.12
+ docker:
+ client:
+ stack:
+ ldap:
+ service:
+ server:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_openldap}
+ hostname: ldap01
+ domainname: ${_param:openldap_domain}
+ ports:
+ - 1389:389
+ - 1636:636
+ volumes:
+ - /srv/volumes/openldap/database:/var/lib/ldap
+ - /srv/volumes/openldap/config:/etc/ldap/slapd.d
+ environment:
+ HOSTNAME: ldap01.${_param:openldap_domain}
+ LDAP_ORGANISATION: "${_param:openldap_organisation}"
+ LDAP_DOMAIN: "${_param:openldap_domain}"
+ LDAP_ADMIN_PASSWORD: ${_param:openldap_admin_password}
+ LDAP_CONFIG_PASSWORD: ${_param:openldap_config_password}
+ LDAP_TLS: "false"
+ admin:
+ deploy:
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_phpldapadmin}
+ depends_on:
+ - server
+ hostname: ldap
+ domainname: ${_param:openldap_domain}
+ environment:
+ PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap.${_param:openldap_domain}': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]"
+ PHPLDAPADMIN_HTTPS: "false"
+ PHPLDAPADMIN_TRUST_PROXY_SSL: "true"
+ PHPLDAPADMIN_SERVER_ADMIN: ${_param:admin_email}
+ PHPLDAPADMIN_THEME: mirantis
+ ports:
+ - 18089:80
diff --git a/docker/swarm/stack/monitoring.yml b/docker/swarm/stack/monitoring.yml
new file mode 100644
index 0000000..fdd095a
--- /dev/null
+++ b/docker/swarm/stack/monitoring.yml
@@ -0,0 +1,60 @@
+include:
+- service.prometheus.alertmanager.container
+parameters:
+ docker:
+ client:
+ stack:
+ monitoring:
+ network:
+ monitoring:
+ driver: overlay
+ driver_opts:
+ encrypted: true
+ service:
+ alertmanager:
+ network: monitoring
+ deploy:
+ replicas: 2
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_alertmanager}
+ ports:
+ - 15011:${prometheus:alertmanager:bind:port}
+ volumes:
+ - /srv/volumes/prometheus:/opt/prometheus/config
+ environment:
+ config_dir: /opt/alertmanager/config
+ bind_port: ${prometheus:alertmanager:bind:port}
+ bind_address: ${prometheus:alertmanager:bind:address}
+ discovery_domain: 'prometheus_alertmanager'
+ pushgateway:
+ network: monitoring
+ deploy:
+ replicas: 2
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_pushgateway}
+ ports:
+ - 15012:9091
+ server:
+ network: monitoring
+ deploy:
+ replicas: 1
+ restart_policy:
+ condition: any
+ image: ${_param:docker_image_prometheus}
+ ports:
+ - 15010:${prometheus:server:bind:port}
+ volumes:
+ - /srv/volumes/prometheus:/opt/prometheus/config
+ environment:
+ config_dir: /opt/prometheus/config
+ bind_port: ${prometheus:server:bind:port}
+ bind_address: ${prometheus:server:bind:address}
+ alertmanager_port: ${prometheus:alertmanager:bind:port}
+ storage_local_engine: ${prometheus:server:storage:local:engine}
+ storage_local_retention: ${prometheus:server:storage:local:retention}
+ storage_local_memory_chunks: ${prometheus:server:storage:local:memory_chunks}
+ storage_local_max_chunks_to_persist: ${prometheus:server:storage:local:max_chunks_to_persist}
+ storage_local_num_fingerprint_mutexes: ${prometheus:server:storage:local:num_fingerprint_mutexes}
+ discovery_domain: 'prometheus_alertmanager'
diff --git a/docker/swarm/stack/pushkin.yml b/docker/swarm/stack/pushkin.yml
new file mode 100644
index 0000000..b28b1e9
--- /dev/null
+++ b/docker/swarm/stack/pushkin.yml
@@ -0,0 +1,52 @@
+parameters:
+ _param:
+ docker_pushkin_db_replicas: 1
+ docker_image_pushkin_db: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkindb:latest
+ pushkin_db_password: pushkin
+ pushkin_db_user: pushkin
+ pushkin_db: pushkin
+ docker_pushkin_replicas: 1
+ docker_image_pushkin: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/pushkin:latest
+ elasticsearch_replicas: 1
+ docker_image_oss_elasticsearch: docker-sandbox.sandbox.mirantis.net/vstoiko/oss/elasticsearch:latest
+ docker:
+ client:
+ stack:
+ pushkin:
+ environment:
+ POSTGRES_USER: ${_param:pushkin_db_user}
+ POSTGRES_PASSWORD: ${_param:pushkin_db_password}
+ POSTGRES_DB: ${_param:pushkin_db}
+ PUSHKINDBHOST: ${_param:haproxy_pushkin_db_bind_host}
+ PUSHKINELASTICHOST: ${_param:haproxy_elasticsearch_bind_host}
+ service:
+ db:
+ image: ${_param:docker_image_pushkin_db}
+ deploy:
+ replicas: ${_param:docker_pushkin_db_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_pushkin_db_exposed_port}:${_param:haproxy_pushkin_db_bind_port}
+ volumes:
+ - /srv/volumes/pushkin/data:/var/lib/postgresql/data
+ backend:
+ image: ${_param:docker_image_pushkin}
+ deploy:
+ replicas: ${_param:docker_pushkin_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_pushkin_exposed_port}:${_param:haproxy_pushkin_bind_port}
+ volumes:
+ - /srv/volumes/pushkin/logs:/var/log/pushkin
+ elasticsearch:
+ image: ${_param:docker_image_oss_elasticsearch}
+ deploy:
+ replicas: ${_param:elasticsearch_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - ${_param:haproxy_elasticsearch_exposed_port}:${_param:haproxy_elasticsearch_bind_port}
+ volumes:
+ - /srv/volumes/elasticsearch:/usr/share/elasticsearch/data
diff --git a/docker/swarm/stack/rundeck.yml b/docker/swarm/stack/rundeck.yml
new file mode 100644
index 0000000..b0951a4
--- /dev/null
+++ b/docker/swarm/stack/rundeck.yml
@@ -0,0 +1,29 @@
+parameters:
+ _param:
+ docker_rundeck_replicas: 1
+ docker_image_rundeck: docker-sandbox.sandbox.mirantis.net/ikharin/oss/rundeck:latest
+ rundeck_admin_password: password
+ docker:
+ client:
+ stack:
+ rundeck:
+ environment:
+ SERVER_URL: "http://${_param:haproxy_rundeck_bind_host}:${_param:haproxy_rundeck_bind_port}"
+ RUNDECK_ADMIN_PASSWORD: ${_param:rundeck_admin_password}
+ service:
+ rundeck:
+ image: ${_param:docker_image_rundeck}
+ deploy:
+ replicas: ${_param:docker_rundeck_replicas}
+ restart_policy:
+ condition: any
+ ports:
+ - 14440:4440
+ volumes:
+ - /srv/volumes/rundeck/etc:/etc/rundeck
+ - /srv/volumes/rundeck/rundeck:/var/rundeck
+ - /srv/volumes/rundeck/mysql:/var/lib/mysql
+ - /srv/volumes/rundeck/log:/var/log/rundeck
+ - /srv/volumes/rundeck/logs:/var/lib/rundeck/logs
+ - /srv/volumes/rundeck/plugins:/opt/rundeck-plugins
+ - /srv/volumes/rundeck/storage:/var/lib/rundeck/var/storage