Merge pull request #8 from stone-payments/feat/migracao-cloud-centrifugo

Feat/migracao cloud centrifugo
stone-payments · Dec 16, 2021 · db06000 · db06000
2 parents 9444811 + 69d368d
commit db06000
Show file tree

Hide file tree

Showing 7 changed files with 246 additions and 9 deletions.
diff --git a/.azure-pipelines/pipeline.yml b/.azure-pipelines/pipeline.yml
@@ -0,0 +1,89 @@
+name: $(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
+trigger:
+  branches:
+    include:
+      - master
+      - develop
+  paths:
+    include:
+      - config.json
+
+pr:
+  branches:
+    include:
+      - master
+      - develop
+  paths:
+    include:
+      - config.json
+
+pool:
+  vmImage: 'ubuntu-latest'
+
+variables:
+  Github.Project.Path: 'github.com/stone-payments/centrifugo'
+  GCP.ProjectID: si26ef9dii9zscrxrecql6kl8eguw2 # front-common-non-prod
+  GCP.ContainerRegistry: 'front-common-non-prod-front'
+  DockerImageName: "$(GCP.ProjectID)/centrifugo-ws"
+
+jobs:
+  - job: BuildBinary
+    pool: "front-gcp-functions-non-prod-agents"
+    steps:
+    - task: shellexec@0
+      displayName: 'Get centrifugo binary'
+      inputs:
+        code: wget https://github.com/centrifugal/centrifugo/releases/download/v1.7.4/centrifugo-1.7.4-linux-amd64.zip
+    - task: ExtractFiles@1
+      displayName: 'Extract files '
+      inputs:
+        archiveFilePatterns: centrifugo-1.7.4-linux-amd64.zip
+        destinationFolder: $(System.DefaultWorkingDirectory)
+        cleanDestinationFolder: false
+    - task: shellexec@0
+      displayName: Rename and move file
+      inputs:
+        code: mv centrifugo-1.7.4-linux-amd64/centrifugo centrifugo
+
+    - task: retrieve-google-secret-manager@0
+      displayName: Get Secret Keys
+      inputs:
+        project: '$(GCP.ProjectID)'
+
+    - bash: |
+        cd $(System.DefaultWorkingDirectory)/
+        ls -la
+        mkdir artifacts
+        mv -t artifacts/ helm-values.yaml
+      workingDirectory: '$(System.DefaultWorkingDirectory)/'
+      displayName: 'mv files'
+
+    - task: PublishBuildArtifacts@1
+      displayName: 'Publish artifact'
+      inputs:
+        PathtoPublish: '$(System.DefaultWorkingDirectory)/artifacts'
+        ArtifactName: build
+
+  - job: DockerBuild
+    steps:
+    - task: Docker@2
+      displayName: Login to GCR
+      inputs:
+        containerRegistry: 'front-common-non-prod-front'
+        command: 'login'
+
+    - task: Docker@2
+      displayName: "Build image"
+      inputs:
+        containerRegistry: 'front-common-non-prod-front'
+        repository: '$(DockerImageName)'
+        command: 'build'
+        Dockerfile: '**/Dockerfile'
+
+    - task: Docker@2
+      displayName: "Push image"
+      inputs:
+        containerRegistry: 'front-common-non-prod-front'
+        tags: $(Build.BuildId)
+        repository: '$(DockerImageName)'
+        command: 'push'
diff --git a/Dockerfile b/Dockerfile
@@ -1,32 +1,41 @@
-FROM centos:7
+FROM ubuntu:latest
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt update && apt install build-essential curl unzip git -y
 
 ENV VERSION 1.7.4
 
+WORKDIR /centrifugo
+
 ENV CENTRIFUGO_SHA256 7a895e97ceee1064ebbff0bfedcab78dd424166a9000ccd6c3e710eb88c5c5ec
 
 ENV DOWNLOAD https://github.com/centrifugal/centrifugo/releases/download/v$VERSION/centrifugo-$VERSION-linux-amd64.zip
 
 RUN curl -sSL "$DOWNLOAD" -o /tmp/centrifugo.zip && \
     echo "${CENTRIFUGO_SHA256}  /tmp/centrifugo.zip" | sha256sum -c - && \
-    yum install -y unzip && \
     unzip -jo /tmp/centrifugo.zip -d /tmp/ && \
-    yum remove -y unzip && \
     mv /tmp/centrifugo /usr/bin/centrifugo && \
     rm -f /tmp/centrifugo.zip && \
     echo "centrifugo - nofile 65536" >> /etc/security/limits.d/centrifugo.nofiles.conf
 
 RUN groupadd -r centrifugo && useradd -r -g centrifugo centrifugo
 
-RUN mkdir /centrifugo && chown centrifugo:centrifugo /centrifugo && \
+RUN chown centrifugo:centrifugo /centrifugo && \
     mkdir /var/log/centrifugo && chown centrifugo:centrifugo /var/log/centrifugo
 
 VOLUME ["/centrifugo", "/var/log/centrifugo"]
 
 WORKDIR /centrifugo
 
+COPY config.sh .
+COPY Makefile .
+
+RUN ls -la
+
 USER centrifugo
 
-CMD ["centrifugo"]
+CMD ["make", "runcentrifugo"]
 
-EXPOSE 8000
+EXPOSE 8888
 
diff --git a/Makefile b/Makefile
@@ -41,3 +41,11 @@ packagecloud-rpm:
 	# PACKAGECLOUD_TOKEN env must be set
 	package_cloud push FZambia/centrifugo/el/7 PACKAGES/*.rpm
 	package_cloud push FZambia/centrifugo/el/6 PACKAGES/*.rpm
+
+config:
+	./config.sh
+
+centrifugo:
+	centrifugo
+
+runcentrifugo: config centrifugo
diff --git a/config.json b/config.json
@@ -1,8 +1,16 @@
 {
-  "secret": "secret",
+  "secret": "$(CENTRIFUGOWS_SECRET)",
   "web": true,
-  "admin_password": "password",
-  "admin_secret": "secret",
+  "admin_password": "$(CENTRIFUGOWS_ADMIN_PASSWORD)",
+  "admin_secret": "$(CENTRIFUGOWS_ADMIN_SECRET)",
+  "engine": "$(CENTRIFUGOWS_ENGINE)",
+  "port": "$(CENTRIFUGOWS_PORT)",
+  "address": "$(CENTRIFUGOWS_ADDRESS)",
+  "redis_host": "$(CENTRIFUGOWS_REDIS_HOST)",
+  "redis_port":"$(CENTRIFUGOWS_REDIS_PORT)",
+  "redis_sentinels": "$(CENTRIFUGOWS_REDIS_SENTINELS)",
+  "redis_db": "$(CENTRIFUGOWS_REDIS_DB)",
+  "redis_master_name": "$(CENTRIFUGOWS_REDIS_MASTER_NAME)",
   "namespaces": [
     {
       "name": "public",

diff --git a/config.sh b/config.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+cat <<EOF >./config.json
+{
+  "secret": "$SECRET",
+  "web": true,
+  "engine" : "$ENGINE",
+  "admin_password": "$ADMIN_PASSWORD",
+  "admin_secret": "$ADMIN_SECRET",
+  "port": "$PORT",
+  "address": "$ADDRESS",
+  "redis_host": "$REDIS_HOST",
+  "redis_port":"$REDIS_PORT",
+  "redis_db": "$REDIS_DB",
+  "namespaces": [
+    {
+      "name": "public",
+      "anonymous": true,
+      "publish": true,
+      "watch": true,
+      "presence": true,
+      "join_leave": true,
+      "history_size": 10,
+      "history_lifetime": 30,
+      "recover": true
+    }  
+  ]
+}
+EOF
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,12 @@
+version: "3"
+
+services:
+  centrifugo:
+    build:
+      context: .
+    ports:
+      - 8888:8888
+    ulimits:
+      nofile:
+        soft: 65535
+        hard: 65535
diff --git a/helm-values.yaml b/helm-values.yaml
@@ -0,0 +1,82 @@
+replicaCount: 3
+
+image:
+  repository: #{IMAGE_REPOSITORY}#
+
+env:
+  variables:
+    ADDRESS: #{CENTRIFUGOWS_ADDRESS}#
+    ENGINE: #{CENTRIFUGOWS_ENGINE}#
+    PORT: #{CENTRIFUGOWS_PORT}#
+    REDIS_DB: #{CENTRIFUGOWS_REDIS_DB}#
+    REDIS_HOST: #{CENTRIFUGOWS_REDIS_HOST}#
+    REDIS_PORT: #{CENTRIFUGOWS_REDIS_PORT}#
+  secrets:
+    ADMIN_PASSWORD: #{CENTRIFUGOWS_ADMIN_PASSWORD}#
+    ADMIN_SECRET: #{CENTRIFUGOWS_ADMIN_SECRET}#
+    SECRET: #{CENTRIFUGOWS_SECRET}#
+
+deploymentStrategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 25%
+
+livenessProbe:
+  enabled: false
+readinessProbe:
+  enabled: false
+
+service:
+  type: ClusterIP
+  port: 8888
+
+healthCheckPath: "/"
+
+environments:
+
+serviceAccount:
+  create: false
+  annotations: {}
+  name: #{SERVICE_ACCOUNT}#
+
+ingress:
+
+  internalIngress:
+    enabled: true
+    pathType: ImplementationSpecific
+    annotations:
+      kubernetes.io/ingress.class: #{INTERNAL_INGRESS_CLASS}#
+      kubernetes.io/tls-acme: "true"
+      cert-manager.io/cluster-issuer: "letsencrypt"
+    hosts:
+      - host: #{INTERNAL_INGRESS_HOST}#
+        paths:
+          - /
+    tls:
+      - hosts:
+          - #{INTERNAL_INGRESS_HOST}#
+        secretName: centrifugo-ws-tls
+
+resources:
+  requests:
+    memory: "128Mi"
+    cpu: "250m"
+  limits:
+    memory: "256Mi"
+    cpu: "500m"
+
+autoscaling:
+  enabled: true
+  minReplicas: #{MIN_REPLICAS}#
+  maxReplicas: #{MAX_REPLICAS}#
+  targetCPUUtilizationPercentage: 80
+  targetMemoryUtilizationPercentage: 80
+
+minAvailable: 60%
+nodeSelector:
+  cloud.google.com/gke-nodepool: "inside-pool"
+tolerations:
+  - key: "node-pool"
+    operator: "Equal"
+    value: "inside"
+    effect: "NoSchedule"