diff --git a/CHANGELOG.md b/CHANGELOG.md index 81f48c6d..3108fac4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ cookbook-rb-manager CHANGELOG =============== +## 2.0.0 + + - Miguel Álvarez + - [a28b728] Configure minio nodes and load balancer (#145) + ## 1.9.3 - Miguel Negrón diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index ff2f11b4..8354d4e6 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -6,6 +6,7 @@ # s3 default['redborder']['uploaded_s3'] = false +default['redborder']['s3']['s3_hosts'] = [] # chef-client default['chef-client']['interval'] = 300 diff --git a/resources/metadata.rb b/resources/metadata.rb index 5ac81c79..ac1f7370 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -3,7 +3,7 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures redborder manager' -version '1.9.3' +version '2.0.0' depends 'rb-common' depends 'chef-server' diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index b2c1119a..a7aaa90e 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -510,28 +510,35 @@ end end -s3_leader = `serf members | grep s3=ready | awk '{print $1'} | head -n 1`.strip +begin + s3_secrets = data_bag_item('passwords', 's3') +rescue + ssh_secrets = {} +end -# Allow only one s3 onpremise node for now.. TODO: Distributed MinIO +# Allow only s3 onpremise nodes for now.. minio_config 'Configure S3 (minio)' do ipaddress node['ipaddress_sync'] - if manager_services['s3'] && external_services['s3'] == 'onpremise' && s3_leader == node.name - action [:add, :register] - else - action [:remove, :deregister] - end + access_key_id s3_secrets['s3_access_key_id'] + secret_key_id s3_secrets['s3_secret_key_id'] + action((manager_services['s3'] && (external_services['s3'] == 'onpremise')) ? [:add, :register] : [:remove, :deregister]) end -nginx_config 'Configure S3 certs' do - service_name 's3' - cdomain node['redborder']['cdomain'] - if manager_services['s3'] +# First configure the cert for the service before configuring nginx +if manager_services['s3'] + nginx_config 'Configure S3 certs' do + service_name 's3' + cdomain node['redborder']['cdomain'] action :configure_certs - else - action :nothing end end +# Configure Nginx s3 onpremise nodes for now.. +minio_config 'Configure Nginx S3 (minio)' do + s3_hosts node['redborder']['s3']['s3_hosts'] + action((manager_services['s3'] && (external_services['s3'] == 'onpremise')) ? [:add_s3_conf_nginx] : :nothing) +end + begin ssh_secrets = data_bag_item('passwords', 'ssh') rescue diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 2b65c1be..dd996fa6 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -107,6 +107,10 @@ # zk_hosts = node['redborder']['managers_per_services']['zookeeper'].map {|z| '#{z}.node:#{zk_port}'}.join(',') node.default['redborder']['zookeeper']['zk_hosts'] = "zookeeper.service.#{node['redborder']['cdomain']}:#{node['redborder']['zookeeper']['port']}" +# Set all nodes with s3 configured (nginx load balancer) +s3_hosts = node['redborder']['managers_per_services']['s3'].map { |z| "#{z}.node:9000" } +node.default['redborder']['s3']['s3_hosts'] = s3_hosts + # set kafka host index if kafka is enabled in this host if node['redborder']['managers_per_services']['kafka'].include?(node.name) node.default['redborder']['kafka']['host_index'] = node['redborder']['managers_per_services']['kafka'].index(node.name) diff --git a/resources/templates/default/minio.erb b/resources/templates/default/minio.erb new file mode 100644 index 00000000..4973ec55 --- /dev/null +++ b/resources/templates/default/minio.erb @@ -0,0 +1,4 @@ +MINIO_OPTS="--address :9000 --console-address :9001 --config-dir /etc/minio" +MINIO_VOLUMES=/var/minio/data +MINIO_ROOT_USER=<%= @s3_user %> +MINIO_ROOT_PASSWORD=<%= @s3_password %> \ No newline at end of file