remove external network

devopswise · May 7, 2019 · 30acaf8 · 30acaf8
1 parent 42e1467
commit 30acaf8
Show file tree

Hide file tree

Showing 17 changed files with 86 additions and 132 deletions.
diff --git a/Jenkinsfile.local b/Jenkinsfile.local
@@ -41,7 +41,7 @@ pipeline {
                                     -e PEM_FILE=/opt/cdt/dwtools.pem \
                                     -e DEBUG="-vv" \
                                     -v /opt/source/cdt-test/local:/opt/cdt \
-                                    devopswise/cdt-installer:latest "ansible-lint -p /opt/cdt/${CDT_BRANCH}/site.yml && cdt --launch" '''
+                                    devopswise/cdt-installer:latest "cdt --launch" '''
                             }
             }
        }

diff --git a/docs/cdt-documentation.md b/docs/cdt-documentation.md
@@ -15,7 +15,7 @@ Alice Developer (A), Bob Developer (B). Charlie Lead Developer (C) and they work
 
 ## 3. Administration
 ### Logs
-you can find logs from all tools in /opt/cdt/docker-logs
+you can find logs from all tools in /opt/cdt/cdt-logs
 
 ### User & Project Management
 You can use swagger UI to create or delete projects, create groups.

diff --git a/roles/bitbucket/templates/docker-compose.yml.j2 b/roles/bitbucket/templates/docker-compose.yml.j2
@@ -17,8 +17,7 @@ services:
       - "7999:7999"
       - "7990"
     networks:
-      - internal
-      - external
+      - cdt
     restart: always
     labels:
       - traefik.backend=bitbucket
@@ -31,7 +30,5 @@ services:
         tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
diff --git a/roles/cdtportal/templates/docker-compose.yml.j2 b/roles/cdtportal/templates/docker-compose.yml.j2
@@ -12,23 +12,20 @@ services:
     ports:
       - 8080
     networks:
-      - internal
-      - external
+      - cdt
     restart: always
     labels:
       - traefik.backend=cdtportal
       - traefik.frontend.rule=Host:cdtportal.{{ base_domain }}
       - traefik.port=8080
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
 
 
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
@@ -194,16 +194,9 @@
   become_method: sudo
 
 # TODO: https://stackoverflow.com/a/41493058
-- name: Create an internal network
+- name: Create cdt network
   docker_network:
-    name: internal
-    state: present
-  become: yes
-  become_method: sudo
-
-- name: Create an external network
-  docker_network:
-    name: external
+    name: cdt
     state: present
   become: yes
   become_method: sudo
@@ -281,7 +274,9 @@
   become_method: sudo
 
 - name: ensure the directory exists
-  file: dest=/opt/docker-logs/docker state=directory
+  file:
+    dest: "{{ cdt_log }}/docker"
+    state: directory
   become: yes
   become_method: sudo
   notify:

diff --git a/roles/common/templates/10-docker.conf b/roles/common/templates/10-docker.conf
@@ -1,5 +1,5 @@
-$template StdoutDynFile,"/opt/docker-logs/docker/containers/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%.stdout.log"
-$template StderrDynFile,"/opt/docker-logs/docker/containers/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%.stderr.log"
+$template StdoutDynFile,"{{ cdt_log }}/docker/containers/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%.stdout.log"
+$template StderrDynFile,"{{ cdt_log }}/docker/containers/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%/%syslogtag:R,ERE,1,DFLT:.*[/]([^/[]*)--end%.stderr.log"
 
 if $syslogtag startswith 'docker' and $syslogfacility-text == 'local2' and $syslogseverity == 6 then ?StdoutDynFile
 & stop

diff --git a/roles/gitea/templates/docker-compose.yml.j2 b/roles/gitea/templates/docker-compose.yml.j2
@@ -8,20 +8,19 @@ services:
       - 3000
       - "2222:22"
     networks:
-      - internal
-      - external
+      - cdt
     depends_on:
       - mysql
     restart: always
     labels:
       - traefik.backend=gitea
       - traefik.frontend.rule=Host:gitea.{{ base_domain }}
       - traefik.port=3000
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
   mysql:
     image: mariadb:{{ mariadb_version }}
     restart: always
@@ -37,18 +36,15 @@ services:
     labels:
       - traefik.enable=false
     networks:
-      - internal
-      - external
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+      - cdt
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
 
 
diff --git a/roles/grafana/templates/docker-compose.yml.j2 b/roles/grafana/templates/docker-compose.yml.j2
@@ -14,11 +14,11 @@ services:
       - "{{ cdt_data }}/{{ prometheus_service_name }}/config:/etc/prometheus"
       - /etc/localtime:/etc/localtime:ro
     networks:
-      - internal
+      - cdt
     labels:
       - traefik.backend=prometheus
       - traefik.frontend.rule=Host:prometheus.{{ base_domain }}
-      - traefik.docker.network=internal
+      - traefik.docker.network=cdt
       - traefik.port=9090
       #- traefik.frontend.auth.basic=admin:$$apr1$$oskZWdaD$$KPrsJBG7I4QA64YagYoIv0
       # Use 2 dollar sign to escape original admin:$apr1$oskZWdaD$KPrsJBG7I4QA64YagYoIv0
@@ -32,12 +32,11 @@ services:
     ports:
       - 9091
     networks:
-      - internal
-      - external
+      - cdt
     labels:
       - traefik.backend=pushgateway
       - traefik.frontend.rule=Host:pushgateway.{{ base_domain }}
-      - traefik.docker.network=internal
+      - traefik.docker.network=cdt
       - traefik.port=9091
       #- traefik.frontend.auth.basic=admin:$$apr1$$yk1vP8L3$$XHz138PzmxfidBroXGTPV1
       # Use 2 dollar sign to escape original admin:$apr1$oskZWdaD$KPrsJBG7I4QA64YagYoIv0
@@ -63,16 +62,14 @@ services:
     ports:
       - 3000
     networks:
-      - internal
+      - cdt
     labels:
       - traefik.backend=grafana
       - traefik.frontend.rule=Host:grafana.{{ base_domain }}
-      - traefik.docker.network=internal
+      - traefik.docker.network=cdt
       - traefik.port=3000
       #- traefik.frontend.auth.basic=admin:$$apr1$$oskZWdaD$$KPrsJBG7I4QA64YagYoIv0
       # Use 2 dollar sign to escape original admin:$apr1$oskZWdaD$KPrsJBG7I4QA64YagYoIv0
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
diff --git a/roles/jenkins/templates/docker-compose.yml.j2 b/roles/jenkins/templates/docker-compose.yml.j2
@@ -27,28 +27,25 @@ services:
       LDAP_DISPLAY_NAME_ATTRIBUTE_NAME: "displayName"
       LDAP_MAIL_ADDRESS_ATTRIBUTE_NAME: "mail"
       DOCKER_SLAVE_LABEL: "jenkins-ssh-slave-docker-cli"
-      DOCKER_SLAVE_NETWORK: "internal"
+      DOCKER_SLAVE_NETWORK: "cdt"
       DOCKER_SLAVE_VOLUMES: "/var/run/docker.sock:/var/run/docker.sock"
       DOCKER_SLAVE_ENVIRONMENT: "JENKINS_SLAVE_SSH_PUBKEY=ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCq2fTf6psRS53paW1hSWGANcmSG9miwci08L9AChjIDZG5OV8RBWjXKimfFzbP18fnmuzJ6cmghvx1e4IkpBdAdgz9qyqPC10J/c3gYtdqdZkTHI712DyME7FoIYqEP3dy7H407mJOnj4nJB3E6KhMsPXHGWu1IYp2fIOqJPY3p/4n3KGqYZnWamGuFoefqE3zd/blB7MMNRrT7vcnrHnCl1XNC6P9T29orTrHJL7Vg1wNklyM24w0vXxVm7whBfiZc/C4rotjTHwbuQeL5jqP4OEp1N8mHbrAcnuEzVRQzK9chvwDR81c4PQkGAWx6jC54XOV6UnQYyrlPnToofKx root@ip-172-31-36-108"
       DOCKER_SLAVE_IMAGE: "devopswise/jenkins-ssh-slave-docker-cli:1.0.0"
       DOCKER_SLAVE_DOCKER_HOST_URI: "tcp://172.17.0.1:2375"
     privileged: true
     networks:
-      - internal
-      - external
+      - cdt
     labels:
       - traefik.backend=jenkins
       - traefik.frontend.rule=Host:jenkins.{{ base_domain }}
-      - traefik.docker.network=internal
+      - traefik.docker.network=cdt
       - traefik.port=8080
     logging:
       driver: "syslog"
       options:
         syslog-facility: "local2"
         tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
 
diff --git a/roles/jira/templates/docker-compose.yml.j2 b/roles/jira/templates/docker-compose.yml.j2
@@ -12,17 +12,16 @@ services:
       X_PROXY_PORT: 443
       X_PROXY_SCHEME: https
     networks:
-      - internal
-      - external
+      - cdt
     labels:
       - traefik.backend=jira
       - traefik.frontend.rule=Host:jira.{{ base_domain }}
       - traefik.port=8080
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
   jira_db:
     image: mariadb:{{ mariadb_version }}
@@ -33,24 +32,21 @@ services:
       MYSQL_USER: jira
       MYSQL_PASSWORD: {{ jira_mysql_pass }}
     networks:
-      - internal
-      - external
+      - cdt
     volumes:
       - '{{ cdt_data }}/{{ jira_service_name }}/mysql:/var/lib/mysql'
     ports:
       - 3306
     labels:
       - traefik.enable=false
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
 
 
diff --git a/roles/openldap/templates/docker-compose.yml.j2 b/roles/openldap/templates/docker-compose.yml.j2
@@ -18,7 +18,7 @@ services:
       - "{{ cdt_data }}/{{ openldap_service_name }}/etc:/etc/ldap"
       - "{{ cdt_data }}/{{ openldap_service_name }}/structure.ldif:/tmp/structure.ldif"
     networks:
-      - internal
+      - cdt
     logging:
       driver: "syslog"
       options:
@@ -30,7 +30,7 @@ services:
     depends_on:
       - ldap
     networks:
-      - internal
+      - cdt
     expose:
       - "80"
     environment:
@@ -41,12 +41,10 @@ services:
     labels:
       - traefik.backend=password
       - traefik.frontend.rule=Host:passwd.{{ base_domain }}
-      - traefik.docker.network=internal
+      - traefik.docker.network=cdt
       - traefik.port=80
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true
 
 
diff --git a/roles/rocketchat/templates/docker-compose.yml.j2 b/roles/rocketchat/templates/docker-compose.yml.j2
@@ -5,8 +5,7 @@ services:
     image: "{{ rocketchat_registry_url }}{{ rocketchat_image_name }}:{{ rocketchat_version }}"
     command: "bash -c 'sleep 10 && node --use-openssl-ca main.js'"
     networks:
-      - internal
-      - external
+      - cdt
     ports:
       - 3000
     depends_on:
@@ -19,21 +18,20 @@ services:
     labels:
       - traefik.backend=rocketchat
       - traefik.frontend.rule=Host:rocketchat.{{ base_domain }}
-      - traefik.docker.network=external
+      - traefik.docker.network=cdt
       - traefik.port=3000
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
   mongodb:
     build: .
     volumes:
       - {{ cdt_data }}/{{ rocketchat_service_name }}/mongodb:/db/data
     networks:
-      - internal
-      - external
+      - cdt
     ports:
       - 27017
     environment:
@@ -43,15 +41,13 @@ services:
       MONGO_INITDB_APP_DB: rocketchat
       MONGO_INITDB_APP_USER: rocketchat
       MONGO_INITDB_APP_PASS: {{ rocketchat_mongodb_pass }}
-    #logging:
-    #  driver: "syslog"
-    #  options:
-    #    syslog-facility: "local2"
-    #    tag: "docker/{% raw %}{{.Name}}{% endraw %}"
+    logging:
+      driver: "syslog"
+      options:
+        syslog-facility: "local2"
+        tag: "docker/{% raw %}{{.Name}}{% endraw %}"
 
 networks:
-  internal:
-    external: true
-  external:
+  cdt:
     external: true