markusthoemmes commented on a change in pull request #3886: Proposing Lean
OpenWhisk
URL:
https://github.com/apache/incubator-openwhisk/pull/3886#discussion_r206267777
##########
File path: ansible/roles/lean/tasks/deploy.yml
##########
@@ -0,0 +1,265 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+---
+# This role will install Lean Controller in group 'controllers' in the
environment
+# inventory
+
+- import_tasks: docker_login.yml
+
+- import_tasks: invoker_lean.yml
+
+- name: get controller name and index
+ set_fact:
+ controller_name: "controller-lean"
+ controller_index: 0
+
+- name: "pull the {{ docker.image.tag }} image of controller"
+ shell: "docker pull {{docker_registry}}{{ docker.image.prefix
}}/lean:{{docker.image.tag}}"
+ when: docker_registry != ""
+ register: result
+ until: (result.rc == 0)
+ retries: "{{ docker.pull.retries }}"
+ delay: "{{ docker.pull.delay }}"
+
+- name: ensure controller log directory is created with permissions
+ file:
+ path: "{{ whisk_logs_dir }}/{{ controller_name }}"
+ state: directory
+ mode: 0777
+ become: "{{ logs.dir.become }}"
+
+- name: ensure controller config directory is created with permissions
+ file:
+ path: "{{ controller.confdir }}/{{ controller_name }}"
+ state: directory
+ mode: 0777
+ become: "{{ controller.dir.become }}"
+
+- name: copy jmxremote password file
+ when: jmx.enabled
+ template:
+ src: "jmxremote.password.j2"
+ dest: "{{ controller.confdir }}/{{ controller_name }}/jmxremote.password"
+ mode: 0777
+
+- name: copy jmxremote access file
+ when: jmx.enabled
+ template:
+ src: "jmxremote.access.j2"
+ dest: "{{ controller.confdir }}/{{ controller_name }}/jmxremote.access"
+ mode: 0777
+
+- name: copy nginx certificate keystore
+ when: controller.protocol == 'https'
+ copy:
+ src: "{{ openwhisk_home }}/ansible/roles/controller/files/{{
controllerKeystoreName }}"
+ mode: 0666
+ dest: "{{ controller.confdir }}/{{ controller_name }}"
+ become: "{{ controller.dir.become }}"
+
+- name: copy certificates
+ when: controller.protocol == 'https'
+ copy:
+ src: "{{ openwhisk_home }}/ansible/roles/controller/files/{{ item }}"
+ mode: 0666
+ dest: "{{ controller.confdir }}/{{ controller_name }}"
+ with_items:
+ - "{{ controller.ssl.cert }}"
+ - "{{ controller.ssl.key }}"
+ become: "{{ controller.dir.become }}"
+
+- name: check, that required databases exist
+ include_tasks: "{{ openwhisk_home }}/ansible/tasks/db/checkDb.yml"
+ vars:
+ dbName: "{{ item }}"
+ dbUser: "{{ db.credentials.invoker.user }}"
+ dbPass: "{{ db.credentials.invoker.pass }}"
+ with_items:
+ - "{{ db.whisk.actions }}"
+ - "{{ db.whisk.auth }}"
+ - "{{ db.whisk.activations }}"
+
+- name: prepare controller port
+ set_fact:
+ controller_port: "{{ controller.basePort + (controller_index | int) }}"
+ ports_to_expose:
+ - "{{ controller.basePort + (controller_index | int) }}:8080"
+
+- name: expose additional ports if jmxremote is enabled
+ when: jmx.enabled
+ vars:
+ jmx_remote_port: "{{ jmx.basePortController + (controller_index|int) }}"
+ jmx_remote_rmi_port:
+ "{{ jmx.rmiBasePortController + (controller_index|int) }}"
+ set_fact:
+ ports_to_expose: >-
+ {{ ports_to_expose }} +
+ [ '{{ jmx_remote_port }}:{{ jmx_remote_port }}' ] +
+ [ '{{ jmx_remote_rmi_port }}:{{ jmx_remote_rmi_port }}' ]
+ controller_args: >-
+ {{ controller.arguments }}
+ {{ jmx.jvmCommonArgs }}
+ -Djava.rmi.server.hostname={{ inventory_hostname }}
+ -Dcom.sun.management.jmxremote.rmi.port={{ jmx_remote_rmi_port }}
+ -Dcom.sun.management.jmxremote.port={{ jmx_remote_port }}
+
+- name: populate environment variables for controller
+ set_fact:
+ controller_env:
+ "JAVA_OPTS":
+ -Xmx{{ controller.heap }}
+ -XX:+CrashOnOutOfMemoryError
+ -XX:+UseGCOverheadLimit
+ -XX:ErrorFile=/logs/java_error.log
+ -XX:+HeapDumpOnOutOfMemoryError
+ -XX:HeapDumpPath=/logs
+ "CONTROLLER_OPTS": "{{ controller_args | default(controller.arguments)
}}"
+ "CONTROLLER_INSTANCES": 1
+ "JMX_REMOTE": "{{ jmx.enabled }}"
+
+ "COMPONENT_NAME": "{{ controller_name }}"
+ "PORT": 8080
+
+ "CONFIG_whisk_info_date": "{{ whisk.version.date }}"
+ "CONFIG_whisk_info_buildNo": "{{ docker.image.tag }}"
+
+ "CONFIG_whisk_couchdb_protocol": "{{ db.protocol }}"
+ "CONFIG_whisk_couchdb_host": "{{ db.host }}"
+ "CONFIG_whisk_couchdb_port": "{{ db.port }}"
+ "CONFIG_whisk_couchdb_username": "{{ db.credentials.controller.user }}"
+ "CONFIG_whisk_couchdb_password": "{{ db.credentials.controller.pass }}"
+ "CONFIG_whisk_couchdb_provider": "{{ db.provider }}"
+ "CONFIG_whisk_couchdb_databases_WhiskAuth": "{{ db.whisk.auth }}"
+ "CONFIG_whisk_couchdb_databases_WhiskEntity": "{{ db.whisk.actions }}"
+ "CONFIG_whisk_couchdb_databases_WhiskActivation":
+ "{{ db.whisk.activations }}"
+ "CONFIG_whisk_db_actionsDdoc": "{{ db_whisk_actions_ddoc | default() }}"
+ "CONFIG_whisk_db_activationsDdoc": "{{ db_whisk_activations_ddoc |
default() }}"
+ "CONFIG_whisk_db_activationsFilterDdoc": "{{
db_whisk_activations_filter_ddoc | default() }}"
+ "CONFIG_whisk_userEvents_enabled": "{{ user_events }}"
+
+ "LIMITS_ACTIONS_INVOKES_PERMINUTE": "{{ limits.invocationsPerMinute }}"
+ "LIMITS_ACTIONS_INVOKES_CONCURRENT": "{{ limits.concurrentInvocations }}"
+ "LIMITS_ACTIONS_INVOKES_CONCURRENTINSYSTEM":
+ "{{ limits.concurrentInvocationsSystem }}"
+ "LIMITS_TRIGGERS_FIRES_PERMINUTE": "{{ limits.firesPerMinute }}"
+ "LIMITS_ACTIONS_SEQUENCE_MAXLENGTH": "{{ limits.sequenceMaxLength }}"
+
+ "CONFIG_whisk_memory_min": "{{ limit_action_memory_min | default() }}"
+ "CONFIG_whisk_memory_max": "{{ limit_action_memory_max | default() }}"
+ "CONFIG_whisk_memory_std": "{{ limit_action_memory_std | default() }}"
+
+ "CONFIG_whisk_timeLimit_min": "{{ limit_action_time_min | default() }}"
+ "CONFIG_whisk_timeLimit_max": "{{ limit_action_time_max | default() }}"
+ "CONFIG_whisk_timeLimit_std": "{{ limit_action_time_std | default() }}"
+
+ "CONFIG_whisk_activation_payload_max":
+ "{{ limit_activation_payload | default() }}"
+
+ "RUNTIMES_MANIFEST": "{{ runtimesManifest | to_json }}"
+ "CONFIG_whisk_runtimes_defaultImagePrefix":
+ "{{ runtimes_default_image_prefix | default() }}"
+ "CONFIG_whisk_runtimes_defaultImageTag":
+ "{{ runtimes_default_image_tag | default() }}"
+ "CONFIG_whisk_runtimes_bypassPullForLocalImages":
+ "{{ runtimes_bypass_pull_for_local_images | default() }}"
+ "CONFIG_whisk_runtimes_localImagePrefix":
+ "{{ runtimes_local_image_prefix | default() }}"
+
+ "METRICS_KAMON": "{{ metrics.kamon.enabled }}"
+ "METRICS_KAMON_TAGS": "{{ metrics.kamon.tags }}"
+ "METRICS_LOG": "{{ metrics.log.enabled }}"
+ "CONFIG_whisk_controller_protocol": "{{ controller.protocol }}"
+ "CONFIG_whisk_controller_https_keystorePath":
+ "{{ controller.ssl.keystore.path }}"
+ "CONFIG_whisk_controller_https_keystorePassword":
+ "{{ controller.ssl.keystore.password }}"
+ "CONFIG_whisk_controller_https_keystoreFlavor":
+ "{{ controller.ssl.storeFlavor }}"
+ "CONFIG_whisk_controller_https_truststorePath":
+ "{{ controller.ssl.truststore.path }}"
+ "CONFIG_whisk_controller_https_truststorePassword":
+ "{{ controller.ssl.truststore.password }}"
+ "CONFIG_whisk_controller_https_truststoreFlavor":
+ "{{ controller.ssl.storeFlavor }}"
+ "CONFIG_whisk_controller_https_clientAuth":
+ "{{ controller.ssl.clientAuth }}"
+ "CONFIG_whisk_loadbalancer_invokerBusyThreshold":
+ "{{ invoker.busyThreshold }}"
+ "CONFIG_whisk_loadbalancer_blackboxFraction":
+ "{{ controller.blackboxFraction }}"
Review comment:
Above two shouldn't be needed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
