infrastructure/README.md

90 lines
2.7 KiB
Markdown
Raw Normal View History

2019-06-01 14:02:49 +00:00
deuxfleurs.fr
=============
*Many things are still missing here, including a proper documentation. Please stay nice, it is a volunter project. Feel free to open pull/merge requests to improve it. Thanks.*
## Our abstraction stack
We try to build a generic abstraction stack between our different resources (CPU, RAM, disk, etc.) and our services (Chat, Storage, etc.):
* ansible (physical node conf)
* nomad (schedule containers)
* consul (distributed key value store / lock / service discovery)
2020-09-12 08:03:48 +00:00
* garage/glusterfs (file storage)
2019-06-01 14:02:49 +00:00
* stolon + postgresql (distributed relational database)
* docker (container tool)
* bottin (LDAP server, auth)
Some services we provide:
* Chat (Matrix/Riot)
* Email (Postfix/Dovecot/Sogo)
* Storage (Seafile)
As a generic abstraction is provided, deploying new services should be easy.
2020-09-12 08:03:48 +00:00
## I am lost, how this repo works?
To ease the development, we make the choice of a fully integrated environment
1. `os_build`: where you will build our OS image based on Debian that you will install on your server
2. `os_config`: our Ansible recipes to configure and update your freshly installed server
3. `app_build`: our Docker files to build immutable images of our applications
4. `app_integration`: Our Docker compose files to test locally how our built images interact together
5. `app_config`: Files containing application configurations to be deployed on Consul Key Value Store
6. `app_deployment`: Files containing application definitions to be deployed on Nomad Scheduler
7. `op_guide`: Guides to explain you operations you can do cluster wide (like configuring postgres)
2019-06-01 14:02:49 +00:00
## Start hacking
### Clone the repository
```
git clone https://gitlab.com/superboum/deuxfleurs.fr.git
git submodule init
git submodule update
```
### Deploying/Updating new services is done from your machine
*The following instructions are provided for ops that already have access to the servers.*
Deploy Nomad on your machine:
```bash
export NOMAD_VER=0.9.1
wget https://releases.hashicorp.com/nomad/${NOMAD_VER}/nomad_${NOMAD_VER}_linux_amd64.zip
unzip nomad_${NOMAD_VER}_linux_amd64.zip
sudo mv nomad /usr/local/bin
rm nomad_${NOMAD_VER}_linux_amd64.zip
```
Deploy Consul on your machine:
```bash
export CONSUL_VER=1.5.1
wget https://releases.hashicorp.com/consul/${CONSUL_VER}/consul_${CONSUL_VER}_linux_amd64.zip
unzip consul_${CONSUL_VER}_linux_amd64.zip
sudo mv consul /usr/local/bin
rm consul_${CONSUL_VER}_linux_amd64.zip
```
Create an alias (and put it in your `.bashrc`) to bind APIs on your machine:
```
alias bind_df="ssh \
-p110 \
-N \
-L 4646:127.0.0.1:4646 \
-L 8500:127.0.0.1:8500 \
-L 8082:traefik.service.2.cluster.deuxfleurs.fr:8082 \
<a server from the cluster>"
```
and run:
```
bind_df
```