adds the devops-suite-on-docker role.

diff --git a/nodes/local-aptly-on-docker.json b/nodes/local-aptly-on-docker.json
new file mode 100644 (file)
index 0000000..e552eaa
--- /dev/null
+++ b/nodes/local-aptly-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[aptly-on-docker]"
+  ]
+}

diff --git a/nodes/local-concourse-on-docker.json b/nodes/local-concourse-on-docker.json
new file mode 100644 (file)
index 0000000..569653f
--- /dev/null
+++ b/nodes/local-concourse-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[concourse-on-docker]"
+  ]
+}

diff --git a/nodes/local-concourse.json b/nodes/local-concourse.json
deleted file mode 100644 (file)
index 4ae8e61..0000000
--- a/nodes/local-concourse.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  "run_list": [
-    "role[concourse]"
-  ]
-}

diff --git a/nodes/local-devops-suite-on-docker.json b/nodes/local-devops-suite-on-docker.json
new file mode 100644 (file)
index 0000000..06e042f
--- /dev/null
+++ b/nodes/local-devops-suite-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[devops-suite-on-docker]"
+  ]
+}

diff --git a/nodes/local-devops-suite-with-ssl-on-docker.json b/nodes/local-devops-suite-with-ssl-on-docker.json
new file mode 100644 (file)
index 0000000..eb43647
--- /dev/null
+++ b/nodes/local-devops-suite-with-ssl-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[devops-suite-with-ssl-on-docker]"
+  ]
+}

diff --git a/nodes/local-nexus2-on-docker.json b/nodes/local-nexus2-on-docker.json
new file mode 100644 (file)
index 0000000..be6ef2e
--- /dev/null
+++ b/nodes/local-nexus2-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[nexus2-on-docker]"
+  ]
+}

diff --git a/nodes/local-nexus3-on-docker.json b/nodes/local-nexus3-on-docker.json
new file mode 100644 (file)
index 0000000..7e92f9b
--- /dev/null
+++ b/nodes/local-nexus3-on-docker.json
@@ -0,0 +1,5 @@
+{
+  "run_list": [
+    "role[nexus3-on-docker]"
+  ]
+}

diff --git a/roles/aptly-on-docker.rb b/roles/aptly-on-docker.rb
new file mode 100644 (file)
index 0000000..3e96321
--- /dev/null
+++ b/roles/aptly-on-docker.rb
@@ -0,0 +1,44 @@
+name 'aptly-on-docker'
+description 'aptly on Docker'
+
+#aptly_cn = 'aptly.io.example.com'
+#aptly_port = '7080'  # default: 8080
+#aptly_api_port = '7081'  # default: 8081
+
+run_list(
+  'role[docker]',
+  'recipe[apt_utils::aptly-docker-compose]',
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+  'docker-grid' => {
+    'engine' => {
+      'skip_setup' => false,
+    },
+    'compose' => {
+      'skip_setup' => false,
+    },
+  },
+  'apt_utils' => {
+    'aptly' => {
+      'docker-compose' => {
+        'config' => {
+          'services' => {
+            'reverseproxy' => {
+              'ports' => [
+                #"#{aptly_port}:8080",
+                #"#{aptly_api_port}:8081",
+              ],
+            },
+            'aptly' => {
+            },
+          },
+        },
+      },
+    },
+  },
+)

diff --git a/roles/concourse.rb b/roles/concourse-on-docker.rb
similarity index 59%
rename from roles/concourse.rb
rename to roles/concourse-on-docker.rb
index 8e7205a..a351b19 100644 (file)
--- a/roles/concourse.rb
+++ b/roles/concourse-on-docker.rb
@@ -1,9 +1,14 @@
-name 'concourse'
-description 'Concourse'
+name 'concourse-on-docker'
+description 'Concourse on Docker'
+
+image = 'concourse/concourse'
+#port = '8080'  # '8443' (for https)
+#concourse_cn = 'concourse.io.example.com'
 
 run_list(
   #'recipe[ssl_cert::server_key_pairs]',  # for https
   'role[docker]',
+  'recipe[concourse-ci::docker-compose]',
   #'recipe[concourse-ci::fly]',
 )
 
@@ -11,22 +16,16 @@ run_list(
 
 #default_attributes()
 
-image = 'concourse/concourse'  # of 'concourse/concourse:2.6.0',...
-port = '8080'  # '8443' (for https)
-concourse_cn = 'concourse.io.example.com'
-
 override_attributes(
   # for https
   'ssl_cert' => {
     'common_names' => [
-      concourse_cn,
+      #concourse_cn,
     ],
   },
   'docker-grid' => {
     'engine' => {
       'skip_setup' => false,
-      'storage-driver_on_centos' => 'overlay',
-      'storage-driver_on_ubuntu' => 'aufs',  # default: aufs
     },
     'compose' => {
       'skip_setup' => false,
@@ -35,17 +34,17 @@ override_attributes(
   'concourse-ci' => {
     'with_ssl_cert_cookbook' => false,  # or true (for https)
     'ssl_cert' => {
-      'common_name' => concourse_cn,
+      #'common_name' => concourse_cn,
     },
     'docker-compose' => {
       'config' => {
         # Version 1 docker-compose format
         'concourse-web' => {
           'image' => image,
-          #'ports' => [
-          #  #"#{port}:8080",  # If you sepecify no value, Chef will sets '8080:8080'.
-          #  #"#{port}:8443",  # for https
-          #],
+          'ports' => [
+            #"#{port}:8080",  # If you sepecify no value, Chef will sets '8080:8080'.
+            #"#{port}:8443",  # for https
+          ],
           'environment' => {
             # If you sepecify no value, Chef will sets "http://#{node['ipaddress']}:8080".
             #'CONCOURSE_EXTERNAL_URL' => "http://192.168.1.3:#{port}",  # or "https://192.168.1.3:#{port}"
@@ -54,11 +53,11 @@ override_attributes(
             #'CONCOURSE_TLS_CERT' => '/root/server.crt',
             #'CONCOURSE_TLS_KEY' => '/root/server.key',
           },
-          #'volumes' => [
-          #  # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
-          #  #"#{server_cert_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.crt:ro",
-          #  #"#{server_key_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.key:ro",
-          #],
+          'volumes' => [
+            # These volumes will be set by the concourse-ci::docker-compose recipe automatically.
+            #"#{server_cert_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.crt:ro",
+            #"#{server_key_path(node['concourse-ci']['ssl_cert']['common_name'])}:/root/server.key:ro",
+          ],
         },
         'concourse-worker' => {
           'image' => image,

diff --git a/roles/devops-suite-on-docker.rb b/roles/devops-suite-on-docker.rb
new file mode 100644 (file)
index 0000000..170e056
--- /dev/null
+++ b/roles/devops-suite-on-docker.rb
@@ -0,0 +1,130 @@
+name 'devops-suite-on-docker'
+description 'DevOps Suite on Docker'
+
+aptly_port       = '7080'  # default: 8080
+aptly_api_port   = '7081'  # default: 8081
+concourse_port   = '8080'
+gitlab_http_port =   '80'  # default: 80, and 8080 already in use.
+gitlab_ssh_port  = '2022'
+nexus_ver = '3'
+nexus_port = nexus_ver == '3' ? '8081' : '8071'
+
+run_list(
+  'role[docker]',
+  'role[aptly-on-docker]',
+  'role[concourse-on-docker]',
+  'role[gitlab-on-docker]',
+  'role[gitlab-runner]',
+  "role[nexus#{nexus_ver}-on-docker]",
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+  'docker-grid' => {
+    'engine' => {
+      'skip_setup' => false,
+      'daemon_extra_options' => [
+        '-H fd://',
+        '--bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
+      ].join(' '), 
+    },
+    'compose' => {
+      'skip_setup' => false,
+    },
+  },
+  'apt_utils' => {
+    'aptly' => {
+      'docker-compose' => {
+        'config' => {
+          'services' => {
+            'reverseproxy' => {
+              'ports' => [
+                "#{aptly_port}:8080",
+                "#{aptly_api_port}:8081",
+              ],
+              # 'network_mode' => 'bridge',
+              # 'links' => [
+              #   'aptly',
+              # ],
+            },
+            'aptly' => {
+              # 'network_mode' => 'bridge',
+            },
+          },
+        },
+      },
+    },
+  },
+  'concourse-ci' => {
+    'docker-compose' => {
+      'config' => {
+        # Version 1 docker-compose format
+        'concourse-db' => {
+        },
+        'concourse-web' => {
+          'ports' => [
+            "#{concourse_port}:8080",
+          ],
+          'environment' => {
+            # If you sepecify no value, Chef will sets "http://#{node['ipaddress']}:8080".
+            #'CONCOURSE_EXTERNAL_URL' => "http://#{node['ipaddress']}:#{concourse_port}",
+          },
+        },
+        'concourse-worker' => {
+          'environment' => {
+          },
+        },
+      },
+    },
+  },
+  'gitlab-grid' => {
+    'gitlab.rb' => {
+      #'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
+      'gitlab_rails' => {
+        #'time_zone' => 'Asia/Tokyo',
+        'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
+      },
+    },
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'gitlab' => {
+            #'hostname' => gitlab_cn,
+            'ports' => [
+              "#{gitlab_http_port}:#{gitlab_http_port}",
+              "#{gitlab_ssh_port}:22",
+            ],
+            'network_mode' => 'bridge',  # for the Container Registry feature.
+          },
+        },
+      },
+    },
+    'runner-docker-compose' => {
+      'import_ca' => false,
+    },
+  },
+  'nexus-grid' => {
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'reverseproxy' => {
+            'ports' => [
+              "#{nexus_port}:8081",
+            ],
+            # 'network_mode' => 'bridge',
+            # 'links' => [
+            #   'nexus',
+            # ],
+          },
+          'nexus' => {
+            #'image' => 'sonatype/nexus3',  # => role[nexus2/3-on-docker]
+            # 'network_mode' => 'bridge',
+          },
+        },
+      },
+    },
+  },
+)

diff --git a/roles/devops-suite-with-ssl-on-docker.rb b/roles/devops-suite-with-ssl-on-docker.rb
new file mode 100644 (file)
index 0000000..fad18ee
--- /dev/null
+++ b/roles/devops-suite-with-ssl-on-docker.rb
@@ -0,0 +1,181 @@
+name 'devops-suite-with-ssl-on-docker'
+description 'DevOps Suite with SSL on Docker'
+
+ca_name = 'grid_ca'
+import_ca = false
+host_cn = 'devops.io.example.com'
+aptly_cn = host_cn       # 'aptly.io.example.com'
+concourse_cn = host_cn   # 'concourse.io.example.com'
+concourse_port    = '8443'
+docker_reg_cn = host_cn  # 'registry.docker.example.com'
+docker_reg_port   = '5000'
+gitlab_cn = host_cn      # 'gitlab.io.example.com'  # default: node['fqdn']
+gitlab_https_port =  '443'
+nexus_cn = host_cn       # 'nexus.io.example.com'
+
+common_names = [
+  aptly_cn,
+  concourse_cn,
+  docker_reg_cn,
+  gitlab_cn,
+  nexus_cn,
+].uniq
+
+run_list(
+  'role[devops-suite-on-docker]',
+  'recipe[docker-grid::registry]',
+)
+
+#env_run_lists()
+
+#default_attributes()
+
+override_attributes(
+  'ssl_cert' => {
+    'ca_names' => [
+      ca_name,
+    ],
+    'common_names' => common_names,
+  },
+  'docker-grid' => {
+    'engine' => {
+      'skip_setup' => false,
+    },
+    'compose' => {
+      'skip_setup' => false,
+    },
+    'registry' => {
+      'with_ssl_cert_cookbook' => true,
+      'ssl_cert' => {
+        'common_name' => docker_reg_cn,
+      },
+      'docker-compose' => {
+        'config' => {
+          'registry' => {
+            'ports' => [
+              "#{docker_reg_port}:5000",
+            ],
+            'environment' => {
+              #'REGISTRY_AUTH' =>                'htpasswd',
+              #'REGISTRY_AUTH_HTPASSWD_PATH' =>  '/auth/.htpasswd',
+              #'REGISTRY_AUTH_HTPASSWD_REALM' => 'Registry Realm',
+              # proxy cache only.
+              'REGISTRY_PROXY_REMOTEURL' => 'https://registry-1.docker.io',
+            },
+            'volumes' => [
+              '/var/lib/docker-registry:/var/lib/registry',
+              #'./auth:/auth',
+            ],
+          },
+        },
+      },
+    },
+  },
+  'apt_utils' => {
+    'aptly' => {
+      'with_ssl_cert_cookbook' => true,
+      'ssl_cert' => {
+        'common_name' => aptly_cn,
+      },
+      'docker-compose' => {
+        'config' => {
+          'services' => {
+            'reverseproxy' => {
+              'ports' => [
+              ],
+              # 'network_mode' => 'bridge',
+              # 'links' => [
+              #   'aptly',
+              # ],
+            },
+            'aptly' => {
+              # 'network_mode' => 'bridge',
+            },
+          },
+        },
+      },
+    },
+  },
+  'concourse-ci' => {
+    'with_ssl_cert_cookbook' => true,
+    'ssl_cert' => {
+      'ca_names' => [
+        ca_name,
+      ],
+      'common_name' => concourse_cn,
+    },
+    'docker-compose' => {
+      'import_ca' => import_ca,
+      'config' => {
+        # Version 1 docker-compose format
+        'concourse-db' => {
+        },
+        'concourse-web' => {
+          'ports' => [
+            "#{concourse_port}:8443",
+          ],
+          'environment' => {
+            'CONCOURSE_TLS_BIND_PORT' => '8443',
+            'CONCOURSE_EXTERNAL_URL' => "https://#{concourse_cn}:#{concourse_port}",
+          },
+        },
+        'concourse-worker' => {
+          'environment' => {
+          },
+        },
+      },
+    },
+  },
+  'gitlab-grid' => {
+    'with_ssl_cert_cookbook' => true,
+    'ssl_cert' => {
+      'ca_name' => ca_name,
+      'common_name' => gitlab_cn,
+    },
+    'gitlab.rb' => {
+      'external_url' => "https://#{gitlab_cn}:#{gitlab_https_port}",
+      'gitlab_rails' => {
+        # 'time_zone' => 'Asia/Tokyo',
+      },
+    },
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'gitlab' => {
+            'hostname' => gitlab_cn,
+            'ports' => [
+              "#{gitlab_https_port}:#{gitlab_https_port}",
+            ],
+            # 'network_mode' => 'bridge',
+          },
+        },
+      },
+    },
+    'runner-docker-compose' => {
+      'import_ca' => import_ca,
+    },
+  },
+  'nexus-grid' => {
+    'with_ssl_cert_cookbook' => true,
+    'ssl_cert' => {
+      'common_name' => nexus_cn,
+    },
+    'docker-compose' => {
+      'config' => {
+        'services' => {
+          'reverseproxy' => {
+            'ports' => [
+            ],
+            # 'network_mode' => 'bridge',
+            # 'links' => [
+            #   'nexus',
+            # ],
+          },
+          'nexus' => {
+            # 'network_mode' => 'bridge',
+          },
+        },
+      },
+    },
+  },
+)

diff --git a/roles/docker.rb b/roles/docker.rb
index 7349588..074f8da 100644 (file)
--- a/roles/docker.rb
+++ b/roles/docker.rb
@@ -19,17 +19,19 @@ override_attributes(
       'skip_setup' => true,  # default: false
     },
     'engine' => {
+      'version' => '',  # latest
       #'skip_setup' => true,  # default: false
       #'version_on_centos' => '17.03.1.ce-1',  # docker-engine
-      'version_on_centos' => '1.13.1-1',      # docker-engine
+      #'version_on_centos' => '1.13.1-1',      # docker-engine
       #'version_on_centos' => '1.12.6-1',      # docker-engine
       #'version_on_centos' => '1.12.6-11',     # docker
       #'version_on_centos' => '1.12.5-14',     # docker
       #'version_on_centos' => '1.11.2-1',      # docker-engine
       #'version_on_centos' => '1.10.3-1',      # docker-engine
-      #'version_on_centos' => '1.10.3-59',     # docker
+      #'version_on_centos' => '1.10.3-59',     # docker      
+      #'version_on_ubuntu' => '17.05.0~ce-0',  # docker-engine
       #'version_on_ubuntu' => '17.03.1~ce-0',  # docker-engine
-      'version_on_ubuntu' => '1.13.1-0',      # docker-engine
+      #'version_on_ubuntu' => '1.13.1-0',      # docker-engine
       #'version_on_ubuntu' => '1.12.6-0',      # docker-engine
       #'version_on_ubuntu' => '1.12.3-0ubuntu4~16.04.2',  # docker.io
       #'version_on_ubuntu' => '1.11.2-0',      # docker-engine
@@ -37,10 +39,13 @@ override_attributes(
       'storage-driver_on_centos' => 'overlay',
       'storage-driver_on_ubuntu' => 'overlay',  # default: aufs
       #'userns-remap' => 'default',
-      'daemon_extra_options' => '-H fd://',
-      # for docker >= 1.10, docker-engine >= 1.12 (on rhel family)
-      # '-H fd://' option automatically removed by this cookbook.
-      # See https://github.com/docker/docker/issues/22847
+      'daemon_extra_options' => [
+        '-H fd://',
+        #'-H fd:// --bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
+        # for docker >= 1.10, docker-engine >= 1.12 (on rhel family)
+        # '-H fd://' option automatically removed by this cookbook.
+        # See https://github.com/docker/docker/issues/22847
+      ].join(' '), 
     },
   },
 )

diff --git a/roles/gitlab-on-docker.rb b/roles/gitlab-on-docker.rb
index 63b51d6..39d6879 100644 (file)
--- a/roles/gitlab-on-docker.rb
+++ b/roles/gitlab-on-docker.rb
@@ -1,9 +1,9 @@
 name 'gitlab-on-docker'
 description 'GitLab on Docker'
 
-gitlab_cn = 'gitlab.io.example.com'
-gitlab_http_port = '8080'
-gitlab_ssh_port = '2022'
+#gitlab_cn = 'gitlab.io.example.com'  # default: node['fqdn']
+#gitlab_http_port = '80'  # default: 80, and 8080 already in use.
+#gitlab_ssh_port = '2022'
 
 run_list(
   'role[docker]',
@@ -25,28 +25,20 @@ override_attributes(
   },
   'gitlab-grid' => {
     'gitlab.rb' => {
-      'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
+      #'external_url' => "http://#{gitlab_cn}:#{gitlab_http_port}",
       'gitlab_rails' => {
-        'time_zone' => 'UTC',
         #'time_zone' => 'Asia/Tokyo',
-        'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
-      },
-      'nginx' => {
-        'redirect_http_to_https' => false,
+        #'gitlab_shell_ssh_port' => gitlab_ssh_port.to_i,
       },
     },
     'docker-compose' => {
       'config' => {
-        # Version 2 docker-compose format
-        'version' => '2',
         'services' => {
           'gitlab' => {
-            'restart' => 'always',
-            'image' => 'gitlab/gitlab-ce:latest',
-            'hostname' => gitlab_cn,
+            #'hostname' => gitlab_cn,
             'ports' => [
-              "#{gitlab_http_port}:#{gitlab_http_port}",
-              "#{gitlab_ssh_port}:22",
+              #"#{gitlab_http_port}:#{gitlab_http_port}",
+              #"#{gitlab_ssh_port}:22",
             ],
           },
         },

diff --git a/roles/gitlab-runner.rb b/roles/gitlab-runner.rb
index ec2f31e..296ebb0 100644 (file)
--- a/roles/gitlab-runner.rb
+++ b/roles/gitlab-runner.rb
@@ -1,6 +1,8 @@
 name 'gitlab-runner'
 description 'GitLab-runner'
 
+ca_name = 'grid_ca'  # Internal CA
+
 run_list(
   #'recipe[ssl_cert::ca_certs]',
   'role[docker]',
@@ -11,8 +13,6 @@ run_list(
 
 #default_attributes()
 
-ca_name = 'grid_ca'  # Internal CA
-
 override_attributes(
   'ssl_cert' => {
     'ca_names' => [

diff --git a/roles/nexus2-on-docker.rb b/roles/nexus2-on-docker.rb
new file mode 100644 (file)
index 0000000..d03b946
--- /dev/null
+++ b/roles/nexus2-on-docker.rb
@@ -0,0 +1,35 @@
+name 'nexus2-on-docker'
+description 'Nexus2 on Docker'
+
+run_list(
+  'role[docker]',
+  'recipe[nexus-grid::docker-compose]',
+)
+
+#env_run_lists
+
+default_attributes(
+)
+
+override_attributes(
+  'nexus-grid' => {
+    'docker-compose' => {
+      'app_dir' => '/opt/docker-compose/app/nexus2',
+      'config' => {
+        'services' => {
+          'reverseproxy' => {
+            'ports' => [
+            ],
+          },
+          'nexus' => {
+            'image' => 'sonatype/nexus',
+            'volumes' => [
+            ],
+            'environment' => {
+            },
+          },
+        },
+      },
+    },
+  },
+)

diff --git a/roles/nexus3-on-docker.rb b/roles/nexus3-on-docker.rb
new file mode 100644 (file)
index 0000000..34c424d
--- /dev/null
+++ b/roles/nexus3-on-docker.rb
@@ -0,0 +1,35 @@
+name 'nexus3-on-docker'
+description 'Nexus3 on Docker'
+
+run_list(
+  'role[docker]',
+  'recipe[nexus-grid::docker-compose]',
+)
+
+#env_run_lists
+
+default_attributes(
+)
+
+override_attributes(
+  'nexus-grid' => {
+    'docker-compose' => {
+      'app_dir' => '/opt/docker-compose/app/nexus3',
+      'config' => {
+        'services' => {
+          'reverseproxy' => {
+            'ports' => [
+            ],
+          },
+          'nexus' => {
+            'image' => 'sonatype/nexus3',
+            'volumes' => [
+            ],
+            'environment' => {
+            },
+          },
+        },
+      },
+    },
+  },
+)