update nginx to use consul-template-updater; add registrator

Anandkumar Patel · Anandkumar Patel · commit 16e7ae5e8005 · 2016-06-09T15:32:03.000-07:00
diff --git a/ansible/consul-template-updater.yml b/ansible/consul-template-updater.yml
@@ -0,0 +1,10 @@
+---
+- hosts: consul
+
+- hosts: userland
+  vars_files:
+    - "group_vars/{{ var_file }}.yml"
+    - "group_vars/alpha-consul-template-updater.yml"
+  roles:
+  - { role: notify, tags: "notify" }
+  - { role: container_kill_start }
diff --git a/ansible/group_vars/alpha-consul-template-updater.yml b/ansible/group_vars/alpha-consul-template-updater.yml
@@ -0,0 +1,18 @@
+name: consul-template-updater
+
+# container_kill_start settings
+container_image: avthart/consul-template
+container_tag: latest
+
+container_run_opts: >
+  -d
+  --name {{ name }}
+  -v /var/run/docker.sock:/tmp/docker.sock
+  -v {{ template_path }}:/tmp/template
+  -e CONSUL_TEMPLATE_LOG=debug
+  --volumes-from {{ target_container_name }}
+
+container_run_args: >
+  -consul={{ consul_host_address }}:{{ consul_api_port }}
+  -wait=1s
+  -template="/tmp/template:{{ dest_path }}/{{ out_file }}:{{ template_command }}"
diff --git a/ansible/group_vars/alpha-navi-proxy.yml b/ansible/group_vars/alpha-navi-proxy.yml
@@ -1,15 +1,24 @@
 ---
 name: nginx
 
+# used by consul template updater
+target_container_name: nginx
+dest_path: /etc/nginx/sites-enabled
+template_path: /etc/nginx/template/navi.tmpl
+template_command: "/bin/docker kill -s HUP {{ target_container_name }}"
+out_file: 'navi.conf'
+
+# used by container_kill_start
 container_image: "{{ name }}"
 container_tag: "1.10"
 
 container_run_opts: >
   -d
-  -h {{ name }}
+  --net=host
+  --name {{ name }}
   -p 0.0.0.0:443:443
   -p 0.0.0.0:80:80
   -v /etc/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-  -v /etc/nginx/sites-enabled/:/etc/nginx/sites-enabled/:ro
+  -v {{ dest_path }}
   -v /etc/ssl/certs/{{ user_content_domain }}:/etc/ssl/certs/{{ user_content_domain }}:ro
   -v /var/log/nginx:/var/log/nginx
diff --git a/ansible/group_vars/alpha-navi.yml b/ansible/group_vars/alpha-navi.yml
@@ -7,6 +7,8 @@ hosted_ports: [ "{{ navi_http_port }}" ]
 node_version: "4.2.4"
 npm_version: "2.8.3"
 
+restart_policy: "always"
+
 redis_ca_cert_path: /opt/ssl/{{ name }}/redis/ca.pem
 content_domain_certs: /opt/ssl/{{ user_content_domain }}
 
diff --git a/ansible/group_vars/alpha-registrator.yml b/ansible/group_vars/alpha-registrator.yml
@@ -0,0 +1,15 @@
+name: "registrator"
+
+# container_kill_start settings
+container_image: gliderlabs/registrator
+container_tag: v7
+
+container_run_opts: >
+  -d
+  --name={{ name }}
+  --net=host
+  --volume=/var/run/docker.sock:/tmp/docker.sock
+
+container_run_args: >
+  -ip {{ ansible_default_ipv4.address }}
+  consul://{{ consul_host_address }}:{{ consul_api_port }}
diff --git a/ansible/navi-proxy.yml b/ansible/navi-proxy.yml
@@ -9,3 +9,7 @@
     - role: content-domain-proxy
 
     - role: container_kill_start
+
+- include: consul-template-updater.yml
+  vars:
+    var_file: "alpha-navi-proxy"
diff --git a/ansible/navi.yml b/ansible/navi.yml
@@ -21,9 +21,3 @@
 
   - role: container_start
     number_of_containers: "{{ ansible_processor_cores }}"
-
-  - role: nginx-proxied-service
-    nginx_host: "{{ groups['userland'][0] }}"
-    target_ip_address: "{{ hostvars[groups['navi'][0]]['ansible_default_ipv4']['address'] }}"
-    templates: [ 69-navi.conf ]
-    nginx_config: proxy
diff --git a/ansible/registrator.yml b/ansible/registrator.yml
@@ -0,0 +1,9 @@
+---
+- hosts: consul
+
+- hosts: navi
+  vars_files:
+    - "group_vars/alpha-registrator.yml"
+  roles:
+  - { role: notify, tags: "notify" }
+  - { role: container_kill_start }
diff --git a/ansible/roles/content-domain-proxy/tasks/main.yml b/ansible/roles/content-domain-proxy/tasks/main.yml
@@ -44,7 +44,6 @@
     dest: /etc/nginx
     state: directory
 
-
 - name: assert nginx sites-enabled directory
   tags: [ configure_proxy ]
   become: yes
@@ -57,4 +56,18 @@
   become: yes
   template:
     src: proxy-nginx.conf
-    dest: /etc/nginx/nginx.conf
+    dest: /etc/nginx/nginx.conf
+
+- name: assert nginx template directory
+  tags: [ configure_proxy ]
+  become: yes
+  file:
+    state: directory
+    dest: /etc/nginx/template
+
+- name: put navi template in place
+  tags: [ configure_proxy ]
+  become: yes
+  template:
+    src: navi.tmpl
+    dest: /etc/nginx/template
diff --git a/ansible/roles/content-domain-proxy/templates/navi.tmpl b/ansible/roles/content-domain-proxy/templates/navi.tmpl
@@ -4,9 +4,8 @@ map $http_upgrade $connection_upgrade {
 }
 
 upstream {{ name }} {
-  {% for port in proxy_target_ports.stdout_lines -%}
-  server {{ target_ip_address }}:{{ port }} max_fails=0 fail_timeout=1s;
-  {% endfor %}
+ {{ '{{' }}range service "{{ name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;
+ {{ '{{' }}end{{ '}}' }}
 }
 
 server {

Original file line number	Diff line number	Diff line change
`@@ -4,9 +4,8 @@ map $http_upgrade $connection_upgrade {`
`4`	`4`	`}`
`5`	`5`
`6`	`6`	`upstream {{ name }} {`
`7`		`- {% for port in proxy_target_ports.stdout_lines -%}`
`8`		`- server {{ target_ip_address }}:{{ port }} max_fails=0 fail_timeout=1s;`
`9`		`- {% endfor %}`
	`7`	`+ {{ '{{' }}range service "{{ name }}"{{ '}}' }} server {{ '{{' }}.Address{{ '}}' }}:{{ '{{' }}.Port{{ '}}' }} max_fails=0 fail_timeout=1s;`
	`8`	`+ {{ '{{' }}end{{ '}}' }}`
`10`	`9`	`}`
`11`	`10`
`12`	`11`	`server {`