OSDN -- Open-Source-Software-Entwicklung und Downloads
Übersetzungsstatus von Deutsch translation status for de
  • R/O
  • HTTP
  • SSH
  • HTTPS
Fork

grid-chef-repo: Commit

Grid環境構築用のChefリポジトリです。


Commit MetaInfo

Revision5bb4ee8adce24919137e29fb1cac7564ee7a401e (tree)
Zeit2018-02-09 21:12:17
Autorwhitestar <whitestar@user...>
Commiterwhitestar

Log Message

Initial release of minio-grid

Ändern Zusammenfassung

Diff

--- /dev/null
+++ b/cookbooks/minio-grid/.foodcritic
@@ -0,0 +1,2 @@
1+~FC001
2+~FC019
--- /dev/null
+++ b/cookbooks/minio-grid/.rubocop.yml
@@ -0,0 +1,53 @@
1+AllCops:
2+ Exclude:
3+ - vendor/**/*
4+
5+AlignParameters:
6+ Enabled: false
7+LineLength:
8+ Enabled: false
9+Lint/UnusedBlockArgument:
10+ Enabled: false
11+Metrics/AbcSize:
12+ Enabled: false
13+Style/BlockComments:
14+ Enabled: false
15+Style/BlockDelimiters:
16+ Enabled: false
17+Style/ExtraSpacing:
18+ Enabled: false
19+Style/FileName:
20+ Enabled: false
21+Style/LeadingCommentSpace:
22+ Enabled: false
23+Style/RescueModifier:
24+ Enabled: false
25+Style/SpaceAroundOperators:
26+ Enabled: false
27+Style/SpaceBeforeFirstArg:
28+ Enabled: false
29+Style/SpaceInsideBlockBraces:
30+ Enabled: false
31+Style/SpaceInsidePercentLiteralDelimiters:
32+ Enabled: false
33+Style/TrailingCommaInLiteral:
34+ EnforcedStyleForMultiline: consistent_comma
35+Style/WordArray:
36+ Enabled: false
37+
38+#Lint/ShadowingOuterLocalVariable:
39+# Enabled: false
40+#Metrics/MethodLength:
41+# Max: 10
42+#Metrics/ModuleLength:
43+# Max: 100
44+#Metrics/CyclomaticComplexity:
45+# Max: 6
46+#Metrics/PerceivedComplexity:
47+# Max: 7
48+#Style/AccessorMethodName:
49+# Enabled: false
50+#Style/MultilineOperationIndentation:
51+# Enabled: false
52+#Style/PerlBackrefs:
53+# Enabled: false
--- /dev/null
+++ b/cookbooks/minio-grid/Berksfile
@@ -0,0 +1,19 @@
1+#
2+# Copyright 2018 whitestar
3+#
4+# Licensed under the Apache License, Version 2.0 (the "License");
5+# you may not use this file except in compliance with the License.
6+# You may obtain a copy of the License at
7+#
8+# http://www.apache.org/licenses/LICENSE-2.0
9+#
10+# Unless required by applicable law or agreed to in writing, software
11+# distributed under the License is distributed on an "AS IS" BASIS,
12+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+# See the License for the specific language governing permissions and
14+# limitations under the License.
15+#
16+
17+source 'https://supermarket.chef.io'
18+
19+metadata
--- /dev/null
+++ b/cookbooks/minio-grid/CHANGELOG.md
@@ -0,0 +1,5 @@
1+# minio-grid CHANGELOG
2+
3+0.1.0
4+-----
5+- Initial release of minio-grid
--- /dev/null
+++ b/cookbooks/minio-grid/Gemfile
@@ -0,0 +1,4 @@
1+source 'https://rubygems.org'
2+
3+# with Chef DK
4+gem 'stove'
--- /dev/null
+++ b/cookbooks/minio-grid/README.md
@@ -0,0 +1,273 @@
1+minio-grid Cookbook
2+===================
3+
4+This cookbook sets up a Minio service.
5+
6+## Contents
7+
8+- [Requirements](#requirements)
9+ - [platforms](#platforms)
10+ - [packages](#packages)
11+- [Attributes](#attributes)
12+- [Usage](#usage)
13+ - [Recipes](#recipes)
14+ - [minio-grid::default](#minio-griddefault)
15+ - [minio-grid::docker-compose](#minio-griddocker-compose)
16+ - [Role Examples](#role-examples)
17+ - [SSL server keys and certificates management by `ssl_cert` cookbook](#ssl-server-keys-and-certificates-management-by-ssl_cert-cookbook)
18+ - [Server access key management by Chef Vault](#server-access-key-management-by-chef-vault)
19+- [License and Authors](#license-and-authors)
20+
21+## Requirements
22+
23+### platforms
24+
25+- Debian >= 9.0
26+- Ubuntu >= 14.04
27+- CentOS,RHEL >= 7.3
28+
29+### packages
30+- none.
31+
32+## Attributes
33+
34+|Key|Type|Description, example|Default|
35+|:--|:--|:--|:--|
36+|`['minio-grid']['with_ssl_cert_cookbook']`|Boolean|If this attribute is true, `node['minio-grid']['docker-compose']['config']` are are overridden by the following `common_name` attributes.|`false`|
37+|`['minio-grid']['ssl_cert']['common_name']`|String|Minio server common name for TLS|`node['fqdn']`|
38+|`['minio-grid']['docker-compose']['app_dir']`|String||`"#{node['docker-grid']['compose']['app_dir']}/minio"`|
39+|`['minio-grid']['docker-compose']['config_dir']`|String||`"#{node['minio-grid']['docker-compose']['app_dir']}/config"`|
40+|`['minio-grid']['docker-compose']['data_dir']`|String||`"#{node['docker-grid']['compose']['app_dir']}/data"`|
41+|`['minio-grid']['docker-compose']['config']`|Hash|`docker-compose.yml` configurations.|See `attributes/default.rb`|
42+
43+## Usage
44+
45+### Recipes
46+
47+#### minio-grid::default
48+
49+This recipe does nothing.
50+
51+#### minio-grid::docker-compose
52+
53+This recipe generates a `docker-compose.yml` for the Minio service.
54+
55+### Role Examples
56+
57+- `roles/minio-on-docker.rb`
58+
59+```ruby
60+name 'minio-on-docker'
61+description 'Minio on Docker'
62+
63+minio_port = '9000'
64+
65+run_list(
66+ 'role[docker]',
67+ 'recipe[minio-grid::docker-compose]',
68+)
69+
70+#env_run_lists
71+
72+#default_attributes
73+
74+override_attributes(
75+ 'minio-grid' => {
76+ 'docker-compose' => {
77+ 'config' => {
78+ 'services' => {
79+ 'minio' => {
80+ 'restart' => 'always',
81+ 'image' => 'minio/minio',
82+ 'ports' => [
83+ "#{minio_port}:9000",
84+ ],
85+ 'environment' => {
86+ # See https://docs.minio.io/
87+ #'MINIO_REGION' => 'us-east-1',
88+ #'MINIO_BROWSER' => 'on',
89+ #'MINIO_DOMAIN' => 'minio.example.com', # for virtual-host-style requests
90+ # These variables will be set by the minio-grid::docker-compose recipe automatically.
91+ #'MINIO_ACCESS_KEY' => '${MINIO_ACCESS_KEY}',
92+ #'MINIO_SECRET_KEY' => '${MINIO_SECRET_KEY}',
93+ },
94+ #'volumes' => [
95+ # These volumes will be set by the minio-grid::docker-compose recipe automatically.
96+ #"#{node['minio-grid']['docker-compose']['config_dir']}:/root/.minio:rw",
97+ #"#{node['minio-grid']['docker-compose']['data_dir']}:/data:rw",
98+ #"#{server_cert_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/public.crt:ro",
99+ #"#{server_key_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/private.key:ro",
100+ #],
101+ },
102+ },
103+ },
104+ },
105+ },
106+)
107+```
108+
109+- `roles/minio-with-ssl-on-docker.rb`
110+
111+```ruby
112+name 'minio-with-ssl-on-docker'
113+description 'Minio setup with ssl_cert cookbook'
114+
115+minio_port = '9000'
116+minio_cn = 'minio.io.example.com'
117+
118+run_list(
119+ 'role[docker]',
120+ 'recipe[minio-grid::docker-compose]',
121+)
122+
123+#env_run_lists
124+
125+#default_attributes
126+
127+override_attributes(
128+ 'minio-grid' => {
129+ 'with_ssl_cert_cookbook' => true,
130+ 'ssl_cert' => {
131+ 'common_name' => minio_cn,
132+ },
133+ 'docker-compose' => {
134+ 'config' => {
135+ 'services' => {
136+ 'minio' => {
137+ 'restart' => 'always',
138+ 'image' => 'minio/minio',
139+ 'ports' => [
140+ "#{minio_port}:9000",
141+ ],
142+ 'environment' => {
143+ # See https://docs.minio.io/
144+ #'MINIO_REGION' => 'us-east-1',
145+ #'MINIO_BROWSER' => 'on',
146+ #'MINIO_DOMAIN' => 'minio.example.com', # for virtual-host-style requests
147+ # These variables will be set by the minio-grid::docker-compose recipe automatically.
148+ #'MINIO_ACCESS_KEY' => '${MINIO_ACCESS_KEY}',
149+ #'MINIO_SECRET_KEY' => '${MINIO_SECRET_KEY}',
150+ },
151+ #'volumes' => [
152+ # These volumes will be set by the minio-grid::docker-compose recipe automatically.
153+ #"#{node['minio-grid']['docker-compose']['config_dir']}:/root/.minio:rw",
154+ #"#{node['minio-grid']['docker-compose']['data_dir']}:/data:rw",
155+ #"#{server_cert_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/public.crt:ro",
156+ #"#{server_key_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/private.key:ro",
157+ #],
158+ },
159+ },
160+ },
161+ },
162+ },
163+)
164+```
165+
166+### SSL server keys and certificates management by `ssl_cert` cookbook
167+
168+- create chef-vault items.
169+
170+```text
171+$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("minio.io.example.com.prod.key")})' \
172+> > ~/sec/tmp/minio.io.example.com.prod.key.json
173+
174+$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("minio.io.example.com.prod.crt")})' \
175+> > ~/sec/tmp/minio.io.example.com.prod.crt.json
176+
177+$ cd $CHEF_REPO
178+
179+$ knife vault create ssl_server_keys minio.io.example.com.prod \
180+> --json ~/sec/tmp/minio.io.example.com.prod.key.json
181+
182+$ knife vault create ssl_server_certs minio.io.example.com.prod \
183+> --json ~/sec/tmp/minio.io.example.com.prod.crt.json
184+```
185+
186+- grant reference permission to the Minio host
187+
188+```text
189+$ knife vault update ssl_server_keys minio.io.example.com.prod -S 'name:minio-host.example.com'
190+$ knife vault update ssl_server_certs minio.io.example.com.prod -S 'name:minio-host.example.com'
191+```
192+
193+- modify run_list and attributes
194+
195+```ruby
196+run_list(
197+ 'recipe[minio-grid::docker-compose]',
198+)
199+
200+override_attributes(
201+ 'minio-grid' => {
202+ 'with_ssl_cert_cookbook' => true,
203+ 'ssl_cert' => {
204+ 'common_name' => 'minio.io.example.com',
205+ },
206+ # ...
207+ },
208+)
209+```
210+
211+### Server access key management by Chef Vault
212+
213+- create vault items.
214+
215+```text
216+$ cat ~/sec/tmp/minio_access_key.json
217+{
218+ "keyid":"********************",
219+ "secret":"****************************************"
220+}
221+
222+$ cd $CHEF_REPO_PATH
223+$ knife vault create minio access_key --json ~/sec/tmp/minio_access_key.json
224+```
225+
226+- grant reference permission to the minio host
227+
228+```text
229+$ knife vault update minio access_key -S 'name:minio-host.example.com'
230+```
231+
232+- modify attributes
233+
234+```ruby
235+override_attributes(
236+ 'minio-grid' => {
237+ # ...
238+ 'access_key_vault_item' => {
239+ 'vault' => 'minio',
240+ 'name' => 'access_key',
241+ 'env_context' => false,
242+ 'key' => 'keyid',
243+ },
244+ 'secret_key_vault_item' => {
245+ 'vault' => 'minio',
246+ 'name' => 'access_key',
247+ 'env_context' => false,
248+ 'key' => 'secret',
249+ },
250+ # ...
251+ },
252+)
253+```
254+
255+## License and Authors
256+
257+- Author:: whitestar at osdn.jp
258+
259+```text
260+Copyright 2018, whitestar
261+
262+Licensed under the Apache License, Version 2.0 (the "License");
263+you may not use this file except in compliance with the License.
264+You may obtain a copy of the License at
265+
266+ http://www.apache.org/licenses/LICENSE-2.0
267+
268+Unless required by applicable law or agreed to in writing, software
269+distributed under the License is distributed on an "AS IS" BASIS,
270+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
271+See the License for the specific language governing permissions and
272+limitations under the License.
273+```
--- /dev/null
+++ b/cookbooks/minio-grid/Rakefile
@@ -0,0 +1,41 @@
1+require 'rspec/core/rake_task'
2+require 'rubocop/rake_task'
3+require 'foodcritic'
4+require 'stove/rake_task'
5+
6+namespace :style do
7+ desc 'Run Ruby style checks'
8+ RuboCop::RakeTask.new(:ruby) do |t|
9+ t.options = [
10+ '--auto-gen-config', # creates .rubocop_todo.yml
11+ ]
12+ end
13+
14+ desc 'Run Chef style checks'
15+ FoodCritic::Rake::LintTask.new(:chef) do |t|
16+ t.options = {
17+ fail_tags: ['any'],
18+ }
19+ end
20+end
21+
22+desc 'Run all style checks'
23+task style: ['style:chef', 'style:ruby']
24+
25+desc 'Run ChefSpec examples'
26+RSpec::Core::RakeTask.new(:spec)
27+
28+desc 'Publish cookbook'
29+Stove::RakeTask.new(:publish) do |t|
30+ t.stove_opts = [
31+ # `--username` and `--key` are set in ~/.stove typically.
32+ #'--username', 'somebody',
33+ #'--key', '~/chef/chef.io.example.com/somebody.pem',
34+ #'--endpoint', 'https://supermarket.io.example.com/api/v1', # default: supermarket.chef.io
35+ #'--no-ssl-verify',
36+ '--no-git',
37+ '--log-level', 'info',
38+ ]
39+end
40+
41+task default: ['style', 'spec']
--- /dev/null
+++ b/cookbooks/minio-grid/attributes/default.rb
@@ -0,0 +1,87 @@
1+#
2+# Cookbook Name:: minio-grid
3+# Attributes:: default
4+#
5+# Copyright 2018, whitestar
6+#
7+# Licensed under the Apache License, Version 2.0 (the "License");
8+# you may not use this file except in compliance with the License.
9+# You may obtain a copy of the License at
10+#
11+# http://www.apache.org/licenses/LICENSE-2.0
12+#
13+# Unless required by applicable law or agreed to in writing, software
14+# distributed under the License is distributed on an "AS IS" BASIS,
15+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+# See the License for the specific language governing permissions and
17+# limitations under the License.
18+#
19+
20+default['minio-grid']['with_ssl_cert_cookbook'] = false
21+# If ['minio-grid']['with_ssl_cert_cookbook'] is true,
22+# node['minio-grid']['docker-compose']['config']
23+# are overridden by the following 'common_name' attributes.
24+default['minio-grid']['ssl_cert']['common_name'] = node['fqdn']
25+
26+default['minio-grid']['access_key_vault_item'] = {
27+=begin
28+ 'vault' => 'minio',
29+ 'name' => 'access_key',
30+ # single key id or nested hash key id path delimited by slash
31+ 'env_context' => false,
32+ 'key' => 'kid', # real hash path: "/kid"
33+ # or nested hash key id path delimited by slash
34+ #'env_context' => true,
35+ #'key' => 'hash/path/to/kid', # real hash path: "/#{node.chef_environment}/hash/path/to/kid"
36+=end
37+}
38+default['minio-grid']['secret_key_vault_item'] = {
39+=begin
40+ 'vault' => 'minio',
41+ 'name' => 'access_key',
42+ # single key secret or nested hash key secret path delimited by slash
43+ 'env_context' => false,
44+ 'key' => 'secret', # real hash path: "/secret"
45+ # or nested hash key secret path delimited by slash
46+ #'env_context' => true,
47+ #'key' => 'hash/path/to/secret', # real hash path: "/#{node.chef_environment}/hash/path/to/secret"
48+=end
49+}
50+
51+default['minio-grid']['docker-compose']['app_dir'] = "#{node['docker-grid']['compose']['app_dir']}/minio"
52+default['minio-grid']['docker-compose']['config_dir'] = "#{node['minio-grid']['docker-compose']['app_dir']}/config"
53+default['minio-grid']['docker-compose']['data_dir'] = "#{node['minio-grid']['docker-compose']['app_dir']}/data"
54+
55+force_override['minio-grid']['docker-compose']['config_format_version'] = '2'
56+version_2_config = {
57+ # Version 2 docker-compose format
58+ 'version' => '2',
59+ 'services' => {
60+ 'minio' => {
61+ 'restart' => 'always',
62+ 'image' => 'minio/minio',
63+ 'command' => 'server /data',
64+ 'ports' => [
65+ #'9000:9000', # default
66+ ],
67+ 'volumes' => [
68+ # These volumes will be set by the minio-grid::docker-compose recipe automatically.
69+ #"#{node['minio-grid']['docker-compose']['config_dir']}:/root/.minio:rw",
70+ #"#{node['minio-grid']['docker-compose']['data_dir']}:/data:rw",
71+ #"#{server_cert_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/public.crt:ro",
72+ #"#{server_key_path(node['minio-grid']['ssl_cert']['common_name'])}:/root/.minio/certs/private.key:ro",
73+ ],
74+ 'environment' => {
75+ # See https://docs.minio.io/
76+ #'MINIO_REGION' => 'us-east-1',
77+ #'MINIO_BROWSER' => 'on',
78+ #'MINIO_DOMAIN' => 'minio.example.com', # for virtual-host-style requests
79+ # These variables will be set by the minio-grid::docker-compose recipe automatically.
80+ #'MINIO_ACCESS_KEY' => '${MINIO_ACCESS_KEY}',
81+ #'MINIO_SECRET_KEY' => '${MINIO_SECRET_KEY}',
82+ },
83+ },
84+ },
85+}
86+
87+default['minio-grid']['docker-compose']['config'] = version_2_config
--- /dev/null
+++ b/cookbooks/minio-grid/concourse.yml
@@ -0,0 +1,100 @@
1+---
2+# $ fly -t target sp -p minio-grid-cookbook -c concourse.yml -l fly-vars.yml -l ~/sec/credentials-prod.yml
3+resources:
4+- name: src-git
5+ type: git
6+ source:
7+ uri: ((git-id-osdn))@git.osdn.net:/gitroot/metasearch/grid-chef-repo.git
8+ branch: master
9+ paths:
10+ - cookbooks/((cookbook-name))
11+ private_key: ((git-private-key))
12+ git_user: ((git-user-osdn))
13+ #check_every: 1h # default: 1m
14+- name: chefdk-cache
15+ type: docker-image
16+ source:
17+ repository: chef/chefdk
18+ tag: ((chefdk-version))
19+ # ((param)) style: fly >= 3.2.0
20+ registry_mirror: https://((registry-mirror-domain)) # e.g. https://registry.docker.example.com:5000
21+ ca_certs:
22+ - domain: ((registry-mirror-domain)) # e.g. registry.docker.example.com:5000
23+ cert: ((docker-reg-ca-cert))
24+ check_every: 12h # default: 1m
25+
26+jobs:
27+- name: test-cookbook
28+ plan:
29+ - aggregate:
30+ - get: src-git
31+ params:
32+ depth: 5
33+ trigger: true
34+ - get: chefdk-cache
35+ - task: ci-build
36+ image: chefdk-cache
37+ params:
38+ http_proxy: ((http-proxy)) # e.g. http://proxy.example.com:3128
39+ #HTTP_PROXY: ((http-proxy))
40+ config:
41+ platform: linux
42+ #image_resource:
43+ # type: docker-image
44+ # source:
45+ # repository: chef/chefdk
46+ # tag: ((chefdk-version))
47+ # NG, setting disable
48+ #registry_mirror: https://((registry-mirror-domain))
49+ #ca_certs:
50+ #- domain: ((registry-mirror-domain))
51+ # cert: ((docker-reg-ca-cert))
52+ inputs:
53+ - name: src-git
54+ run:
55+ #dir: ./src-git/cookbooks/((cookbook-name))
56+ #path: rake
57+ path: /bin/bash
58+ args:
59+ - -c
60+ - |
61+ cd ./src-git/cookbooks/((cookbook-name))
62+ bundle install
63+ rake
64+- name: publish-cookbook
65+ plan:
66+ - aggregate:
67+ - get: src-git
68+ params:
69+ depth: 5
70+ trigger: false
71+ passed: [test-cookbook]
72+ - get: chefdk-cache
73+ passed: [test-cookbook]
74+ - task: publish
75+ image: chefdk-cache
76+ params:
77+ http_proxy: ((http-proxy))
78+ chef_username: ((chef-username))
79+ chef_client_key: ((chef-client-key))
80+ config:
81+ platform: linux
82+ inputs:
83+ - name: src-git
84+ run:
85+ path: /bin/bash
86+ args:
87+ - -c
88+ - |
89+ echo '{"username":"((chef-username))","key":"/root/chef-client-key.pem"}' > /root/.stove
90+ echo "$chef_client_key" > /root/chef-client-key.pem
91+ cd ./src-git/cookbooks/((cookbook-name))
92+ bundle install
93+ rake publish
94+ - put: src-git
95+ params:
96+ repository: src-git
97+ tag_prefix: ((cookbook-name))-
98+ tag: src-git/cookbooks/((cookbook-name))/version
99+ only_tag: true
100+ annotate: ../src-git/cookbooks/((cookbook-name))/version
--- /dev/null
+++ b/cookbooks/minio-grid/fly-vars.yml
@@ -0,0 +1,3 @@
1+---
2+cookbook-name: minio-grid
3+chefdk-version: 2.4.17
--- /dev/null
+++ b/cookbooks/minio-grid/metadata.rb
@@ -0,0 +1,20 @@
1+name 'minio-grid'
2+maintainer 'whitestar'
3+maintainer_email ''
4+license 'Apache 2.0'
5+description 'Installs/Configures Minio server'
6+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
7+version IO.read(File.join(File.dirname(__FILE__), 'version')).chomp
8+source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git'
9+issues_url 'https://osdn.jp/projects/metasearch/ticket'
10+
11+chef_version '>= 12'
12+%w( centos redhat ).each do |os|
13+ supports os, '>= 7.0'
14+end
15+supports 'debian', '>= 8.0'
16+supports 'ubuntu', '>= 14.04'
17+
18+depends 'docker-grid', '>= 0.4.0'
19+depends 'platform_utils', '>= 0.4.4'
20+depends 'ssl_cert', '>= 0.3.9'
--- /dev/null
+++ b/cookbooks/minio-grid/recipes/default.rb
@@ -0,0 +1,18 @@
1+#
2+# Cookbook Name:: minio-grid
3+# Recipe:: default
4+#
5+# Copyright 2018, whitestar
6+#
7+# Licensed under the Apache License, Version 2.0 (the "License");
8+# you may not use this file except in compliance with the License.
9+# You may obtain a copy of the License at
10+#
11+# http://www.apache.org/licenses/LICENSE-2.0
12+#
13+# Unless required by applicable law or agreed to in writing, software
14+# distributed under the License is distributed on an "AS IS" BASIS,
15+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+# See the License for the specific language governing permissions and
17+# limitations under the License.
18+#
--- /dev/null
+++ b/cookbooks/minio-grid/recipes/docker-compose.rb
@@ -0,0 +1,120 @@
1+#
2+# Cookbook Name:: minio-grid
3+# Recipe:: docker-compose
4+#
5+# Copyright 2018, whitestar
6+#
7+# Licensed under the Apache License, Version 2.0 (the "License");
8+# you may not use this file except in compliance with the License.
9+# You may obtain a copy of the License at
10+#
11+# http://www.apache.org/licenses/LICENSE-2.0
12+#
13+# Unless required by applicable law or agreed to in writing, software
14+# distributed under the License is distributed on an "AS IS" BASIS,
15+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+# See the License for the specific language governing permissions and
17+# limitations under the License.
18+#
19+
20+doc_url = 'https://hub.docker.com/r/minio/minio/'
21+
22+include_recipe 'platform_utils::kernel_user_namespace'
23+include_recipe 'docker-grid::compose'
24+
25+app_dir = node['minio-grid']['docker-compose']['app_dir']
26+config_dir = node['minio-grid']['docker-compose']['config_dir']
27+certs_dir = "#{config_dir}/certs"
28+data_dir = node['minio-grid']['docker-compose']['data_dir']
29+
30+[
31+ app_dir,
32+ config_dir,
33+ certs_dir,
34+ data_dir,
35+].each {|dir|
36+ resources(directory: dir) rescue directory dir do
37+ owner 'root'
38+ group 'root'
39+ mode '0755'
40+ recursive true
41+ end
42+}
43+
44+#override_minio_config = node.override['minio-grid']['config']
45+config_srvs = node['minio-grid']['docker-compose']['config']['services']
46+override_config_srvs = node.override['minio-grid']['docker-compose']['config']['services']
47+force_override_config_srvs = node.force_override['minio-grid']['docker-compose']['config']['services']
48+#minio_envs_org = config_srvs['minio']['environment']
49+minio_envs = {}
50+minio_vols = config_srvs['minio']['volumes'].to_a
51+
52+ports = config_srvs['minio']['ports']
53+override_config_srvs['minio']['ports'] = ['9000:9000'] if ports.empty?
54+
55+minio_vols.push("#{config_dir}:/root/.minio:rw")
56+minio_vols.push("#{data_dir}:/data:rw")
57+
58+access_key = nil
59+access_key_vault_item = node['minio-grid']['access_key_vault_item']
60+unless access_key_vault_item.empty?
61+ access_key = get_vault_item_value(access_key_vault_item)
62+ minio_envs['MINIO_ACCESS_KEY'] = '${MINIO_ACCESS_KEY}'
63+end
64+
65+secret_key = nil
66+secret_key_vault_item = node['minio-grid']['secret_key_vault_item']
67+unless secret_key_vault_item.empty?
68+ secret_key = get_vault_item_value(secret_key_vault_item)
69+ minio_envs['MINIO_SECRET_KEY'] = '${MINIO_SECRET_KEY}'
70+end
71+
72+if node['minio-grid']['with_ssl_cert_cookbook']
73+ ::Chef::Recipe.send(:include, SSLCert::Helper)
74+ cn = node['minio-grid']['ssl_cert']['common_name']
75+ append_server_ssl_cn(cn)
76+ include_recipe 'ssl_cert::server_key_pairs'
77+
78+ minio_vols.push("#{server_cert_path(cn)}:/root/.minio/certs/public.crt:ro")
79+ minio_vols.push("#{server_key_path(cn)}:/root/.minio/certs/private.key:ro")
80+end
81+
82+# merge environment hash
83+force_override_config_srvs['minio']['environment'] = minio_envs unless minio_envs.empty?
84+# reset vlumes array.
85+override_config_srvs['minio']['volumes'] = minio_vols unless minio_vols.empty?
86+
87+config_file = "#{app_dir}/docker-compose.yml"
88+template config_file do
89+ source 'opt/docker-compose/app/minio/docker-compose.yml'
90+ owner 'root'
91+ group 'root'
92+ mode '0644'
93+end
94+
95+env_file = "#{app_dir}/.env"
96+template env_file do
97+ source 'opt/docker-compose/app/minio/.env'
98+ owner 'root'
99+ group 'root'
100+ mode '0600'
101+ sensitive true
102+ # prevent Chef from logging password attribute value.
103+ variables(
104+ # secrets
105+ access_key: access_key,
106+ secret_key: secret_key
107+ )
108+end
109+
110+log 'minio docker-compose post install message' do
111+ message <<-"EOM"
112+Note: You must execute the following command manually.
113+ See #{doc_url}
114+ * Start:
115+ $ cd #{app_dir}
116+ $ docker-compose up -d
117+ * Stop
118+ $ docker-compose down
119+EOM
120+end
--- /dev/null
+++ b/cookbooks/minio-grid/spec/recipes/default_spec.rb
@@ -0,0 +1,9 @@
1+require_relative '../spec_helper'
2+
3+describe 'minio-grid::default' do
4+ let(:chef_run) { ChefSpec::SoloRunner.new.converge(described_recipe) }
5+
6+ #it 'does something' do
7+ # expect(chef_run).to do_something('...')
8+ #end
9+end
--- /dev/null
+++ b/cookbooks/minio-grid/spec/spec_helper.rb
@@ -0,0 +1,25 @@
1+# Added by ChefSpec
2+require 'chefspec'
3+
4+# Uncomment to use ChefSpec's Berkshelf extension
5+# require 'chefspec/berkshelf'
6+
7+RSpec.configure do |config|
8+ # Specify the path for Chef Solo to find cookbooks
9+ # config.cookbook_path = '/var/cookbooks'
10+
11+ # Specify the path for Chef Solo to find roles
12+ # config.role_path = '/var/roles'
13+
14+ # Specify the Chef log_level (default: :warn)
15+ # config.log_level = :debug
16+
17+ # Specify the path to a local JSON file with Ohai data
18+ # config.path = 'ohai.json'
19+
20+ # Specify the operating platform to mock Ohai data from
21+ # config.platform = 'ubuntu'
22+
23+ # Specify the operating version to mock Ohai data from
24+ # config.version = '12.04'
25+end
--- /dev/null
+++ b/cookbooks/minio-grid/templates/default/opt/docker-compose/app/minio/.env
@@ -0,0 +1,11 @@
1+<%
2+# Note in this file:
3+# - Do not use quotation marks (' or ").
4+# - Do not use variable reference.
5+-%>
6+<% unless @access_key.nil? %>
7+MINIO_ACCESS_KEY=<%= @access_key %>
8+<% end %>
9+<% unless @secret_key.nil? %>
10+MINIO_SECRET_KEY=<%= @secret_key %>
11+<% end %>
--- /dev/null
+++ b/cookbooks/minio-grid/templates/default/opt/docker-compose/app/minio/docker-compose.yml
@@ -0,0 +1,5 @@
1+<%
2+require 'yaml'
3+yaml_str = node['minio-grid']['docker-compose']['config'].to_hash.to_yaml
4+-%>
5+<%= yaml_str %>
--- /dev/null
+++ b/cookbooks/minio-grid/version
@@ -0,0 +1 @@
1+0.1.0
Show on old repository browser