-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Self host part 2 #702
base: master
Are you sure you want to change the base?
Self host part 2 #702
Conversation
* add status page for nginx * fix delta
* fix cron by using bash and adding datadog vars * split out prod crons, add dd to reporter * fix prod crons * update PR page to include message
Remove the bad lines so the deploy works.
RE-implemented starlord + vault
* build api once, update stack, make gamma files * add delta changes * fix swarm manager
@@ -27,6 +27,8 @@ big_poppa_base_container_envs: | |||
value: "{{ big_poppa_intercom_id | default('undefined') }}" | |||
- name: NODE_ENV | |||
value: "{{ node_env }}" | |||
- name: ON_PREM | |||
value: "{{ is_on_prem | lower }}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
| default('ansible_undefined')
container_run_args: npm run start-worker | ||
advance_arg: true | ||
|
||
container_run_args: npm run start-worker || sleep 999 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove sleep
@@ -12,5 +12,7 @@ dockerfile_pre_install_commands: [ | |||
"echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' > .npmrc" | |||
] | |||
|
|||
container_run_args: npm run start-worker | |||
advance_arg: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove
@@ -6,3 +6,6 @@ container_image: consul | |||
container_tag: v0.6.4 | |||
|
|||
container_run_args: consul agent -server -client=0.0.0.0 -bootstrap-expect=1 -data-dir=/tmp/db -ui | |||
|
|||
service_type: "LoadBalancer" | |||
# service_load_balancer_ranges: ["{{ docks_ip_range }}"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove
@@ -6,6 +6,7 @@ container_image: runnable/swarm | |||
container_tag: "v1.2.3-0" | |||
|
|||
memory_hard_limit: 10G | |||
memory_request: 2G |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
really? it needs 2g
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It wouldn't run any other way. We can probably lower it more.
|
||
# Add Certs (Used for genereting Docker client keys + certs) | ||
mkdir -p /etc/ssl/docker/ | ||
echo LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVuakNDQTRhZ0F3SUJBZ0lKQU5JRlp5OHd3U21ZTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdRTVFzd0NRWUQKVlFRR0V3SlZVekVUTUJFR0ExVUVDQk1LUTJGc2FXWnZjbTVwWVRFV01CUUdBMVVFQnhNTlUyRnVJRVp5WVc1agphWE5qYnpFUk1BOEdBMVVFQ2hNSVVuVnVibUZpYkdVeEREQUtCZ05WQkFzVEEwOXdjekVTTUJBR0ExVUVBeE1KCmJHOWpZV3hvYjNOME1SOHdIUVlKS29aSWh2Y05BUWtCRmhCdmNITkFjblZ1Ym1GaWJHVXVZMjl0TUI0WERURTIKTURVeU1qQXdNVFF4TkZvWERUSTJNRFV5TURBd01UUXhORm93Z1pBeEN6QUpCZ05WQkFZVEFsVlRNUk13RVFZRApWUVFJRXdwRFlXeHBabTl5Ym1saE1SWXdGQVlEVlFRSEV3MVRZVzRnUm5KaGJtTnBjMk52TVJFd0R3WURWUVFLCkV3aFNkVzV1WVdKc1pURU1NQW9HQTFVRUN4TURUM0J6TVJJd0VBWURWUVFERXdsc2IyTmhiR2h2YzNReEh6QWQKQmdrcWhraUc5dzBCQ1FFV0VHOXdjMEJ5ZFc1dVlXSnNaUzVqYjIwd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQpBNElCRHdBd2dnRUtBb0lCQVFDa1g0Y3dRRGNpbUd2bkpnMEhCbCtBOWRhMHpwVWpKSlZQYmJhM0Eyd0ovUzdsCmdLbFlJRDVUWE5ZcFNBZXBkbW1XTytORVhjTlZQVVlWaG9CZTREV2tKRmMrbHh0TFB5MFVPc2VaK1R2TWFjN2kKWnAway9HU0xsM0FTbG9EUGZLc0JscE9wTStPaFd2bDVqekF6U0oxbDZkR2NDRUFYRTZkaHRFVWdQTVV6ZkFmbApiVXVRN3JpOGlNQjY3S3RpeDhGSkNFcHdjemxLZmViem14dzNWeHdHaU5RU0diYnlJa251Q2s1ZUdiTVZQdGRZCkRCbCs1UjdoMFMwZW5YeFl0UHRMN0NSS3MwdUh4bThLbXZ2bzJodFNmOWJkT1Nzam5GelF2WmRCTHJyUWlwTisKaThtL1pPTDhJT3pWL1dmd3FkN1pvM3czaFVFOHJ6ckJQMENlMGYwQkFnTUJBQUdqZ2Znd2dmVXdIUVlEVlIwTwpCQllFRktvWTFLMDhoa2tXNGR0L2JvMDE1M2NjcTlzTU1JSEZCZ05WSFNNRWdiMHdnYnFBRktvWTFLMDhoa2tXCjRkdC9ibzAxNTNjY3E5c01vWUdXcElHVE1JR1FNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUdBMVVFQ0JNS1EyRnMKYVdadmNtNXBZVEVXTUJRR0ExVUVCeE1OVTJGdUlFWnlZVzVqYVhOamJ6RVJNQThHQTFVRUNoTUlVblZ1Ym1GaQpiR1V4RERBS0JnTlZCQXNUQTA5d2N6RVNNQkFHQTFVRUF4TUpiRzlqWVd4b2IzTjBNUjh3SFFZSktvWklodmNOCkFRa0JGaEJ2Y0hOQWNuVnVibUZpYkdVdVkyOXRnZ2tBMGdWbkx6REJLWmd3REFZRFZSMFRCQVV3QXdFQi96QU4KQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBZzlneWo0OHdUaFB3NjFseFovS3BRc2I1VmhtZS9FUUQwRkU4VVI3NAp1TFhGQncwS092bXdkNU1YVURKQm1TMlF6Y3k3amE4NllFVFVuWVg2QVdweUthUzVhaHNWSHh6c05sRzhJd0hPCmxoOWdNUjFaQ2l3WVJpVlVFcTRkN1B2d3NnWi94YnppOWk0T2VYUVNzUEdEY0QyZ1NPN2ZxRSt1UUk1SlNUTTMKUlA5NjFEcnBhYk9VWVZkOC9CK1RBMGNvWWtlK1ZnSE5QTVd6Q0FmS1F2OVNVQ3F6eWtKOEd4NWNLc29mUUFjVgpVczJPcVFnSWJKdGNhNGVkczJiejZwRHhmUnV4KzdBNW4vaGZqODZZcXpRdnJIVVZSdHpzTDB1a0lPTTVHMzFaCkQ4MGxCUUxRVjdRYlRWdThwbG1aK2lzOHY3NkJTNWVDTG1LQzBVbmpFdmU3Smc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== | base64 --decode > /etc/ssl/docker/ca.pem |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
umm where did you get these certs from??
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This comes from secrets/certs
. I like the idea of leaving it here so that it wouldn't have to be generated, but that would mean our cert would be in base64 in our repo, which is not good. Will remove + ignore it.
add JMESPath requirement
* use multiport navi * update ports
* master: SAN-6473 Code review SAN-6473 use multiport navi (#704) fix prom vol Add DOCKER_IMAGE_BUILDER_HOST_CONFIG_PATH env var. Updated to use API_port http -> tcp http -> tcp Added readiness probe add .. and main.yml to commands fix numbering add JMESPath requirement
Add mongo-seed-db k8 job.
8d5ab8f
to
2527010
Compare
We should treat our k8 files as compiled files, since we don't actually (http://blog.andrewray.me/dealing-with-compiled-files-in-git/). We should probably wait some time until we actually have more confidence in our compilation.
Dependencies
Tests
Deployment (post-merge)