Skip to content

Commit

Permalink
add pulp services
Browse files Browse the repository at this point in the history
  • Loading branch information
archanaserver committed Nov 4, 2024
1 parent ff176ec commit c027b50
Show file tree
Hide file tree
Showing 5 changed files with 157 additions and 20 deletions.
7 changes: 6 additions & 1 deletion playbooks/deploy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,16 +27,21 @@
httpd_client_ca_certificate: "{{ certificates_ca_directory }}/certs/ca.crt"
httpd_server_certificate: "{{ certificates_ca_directory }}/certs/{{ certificates_server }}.crt"
httpd_server_key: "{{ certificates_ca_directory }}/private/{{ certificates_server }}.key"
pulp_db_password: "CHANGEME"
postgresql_databases:
- name: candlepin
owner: candlepin
- name: foreman
owner: foreman
- name: pulp
owner: pulp
postgresql_users:
- name: candlepin
password: "{{ candlepin_db_password }}"
- name: foreman
password: "{{ foreman_db_password }}"
- name: pulp
password: "{{ pulp_db_password }}"
postgresql_hba_entries:
- { type: local, database: all, user: postgres, auth_method: ident }
- { type: local, database: all, user: all, auth_method: ident }
Expand All @@ -47,9 +52,9 @@
roles:
- certificates
- geerlingguy.postgresql
- redis
- candlepin
- httpd
- pulp
- foreman_proxy
- redis
- foreman
18 changes: 14 additions & 4 deletions roles/pulp/defaults/main.yaml
Original file line number Diff line number Diff line change
@@ -1,10 +1,20 @@
---
pulp_image: quay.io/pulp/pulp:stable
pulp_ports:
- "8080:80"
pulp_api_image: quay.io/pulp/pulp-minimal:stable
pulp_content_image: quay.io/pulp/pulp-minimal:stable
pulp_worker_image: quay.io/pulp/pulp-minimal:stable

pulp_api_ports:
- "24817:80"
pulp_content_ports:
- "24816:80"
pulp_worker_count: 2

pulp_volumes:
- /var/lib/pulp/settings:/etc/pulp:Z
- /var/lib/pulp/pulp_storage:/var/lib/pulp:Z
- /var/lib/pulp/pgsql:/var/lib/pgsql:Z
- /var/lib/pulp/containers:/var/lib/containers:Z
pulp_container_name: pulp

pulp_api_container_name: pulp-api
pulp_content_container_name: pulp-content
pulp_worker_container_name: pulp-worker
108 changes: 96 additions & 12 deletions roles/pulp/tasks/main.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,16 @@
- name: Pull the Pulp container image
- name: Pull the Pulp API container image
containers.podman.podman_image:
name: "{{ pulp_image }}"
name: "{{ pulp_api_image }}"
state: present

- name: Pull the Pulp Content container image
containers.podman.podman_image:
name: "{{ pulp_content_image }}"
state: present

- name: Pull the Pulp Worker container image
containers.podman.podman_image:
name: "{{ pulp_worker_image }}"
state: present

- name: Create Pulp storage
Expand All @@ -16,35 +26,109 @@
name: pulp-settings-py
data: "{{ lookup('ansible.builtin.template', 'settings.py.j2') }}"

- name: Deploy Pulp Container
- name: Generate database symmetric key
ansible.builtin.command: "bash -c 'openssl rand -base64 32 | tr \"+/\" \"-_\" > /tmp/symmetric_key.txt'"
args:
creates: /tmp/symmetric_key.txt

- name: Create database symmetric key secret
containers.podman.podman_secret:
state: present
name: pulp-symmetric-key
data: "{{ lookup('file', '/tmp/symmetric_key.txt') }}"

- name: Wait for PostgreSQL to be ready
ansible.builtin.wait_for:
host: "localhost"
port: 5432
timeout: 300

- name: Deploy Pulp API Container
containers.podman.podman_container:
name: "{{ pulp_container_name }}"
image: "{{ pulp_image }}"
name: "{{ pulp_api_container_name }}"
image: "{{ pulp_api_image }}"
state: quadlet
command: pulp-api
ports: "{{ pulp_api_ports }}"
volumes: "{{ pulp_volumes }}"
secrets:
- 'pulp-settings-py,type=mount,target=/etc/pulp/settings.py'
- 'pulp-symmetric-key,type=mount,target=/etc/pulp/symmetric_key'
quadlet_options:
- |
[Install]
WantedBy=default.target
- name: Deploy Pulp Content Container
containers.podman.podman_container:
name: "{{ pulp_content_container_name }}"
image: "{{ pulp_content_image }}"
state: quadlet
ports: "{{ pulp_ports }}"
command: pulp-content
ports: "{{ pulp_content_ports }}"
volumes: "{{ pulp_volumes }}"
secrets:
- 'pulp-settings-py,type=mount,target=/etc/pulp/settings.py'
- 'pulp-symmetric-key,type=mount,target=/etc/pulp/symmetric_key'
quadlet_options:
- |
[Unit]
After=network.target pulp-api.service
Requires=pulp-api.service
[Install]
WantedBy=default.target
- name: Wait for Pulp API service to be accessible
ansible.builtin.wait_for:
host: "{{ ansible_hostname }}"
port: 8080
timeout: 300

- name: Deploy Pulp Worker Container
containers.podman.podman_container:
name: "{{ pulp_worker_container_name }}"
image: "{{ pulp_worker_image }}"
state: quadlet
command: pulp-worker
volumes: "{{ pulp_volumes }}"
secrets:
- 'pulp-settings-py,type=mount,target=/etc/pulp/settings.py'
- 'pulp-symmetric-key,type=mount,target=/etc/pulp/symmetric_key'
quadlet_options:
- |
[Unit]
After=network.target pulp-api.service pulp-content.service
Requires=pulp-api.service pulp-content.service
[Install]
WantedBy=default.target
- name: Run daemon reload to make Quadlet create the service files
ansible.builtin.systemd:
daemon_reload: true

- name: Start the Pulp Service
- name: Start the Pulp API services
ansible.builtin.systemd:
name: pulp-api
enabled: true
state: started

- name: Start the Pulp Content services
ansible.builtin.systemd:
name: pulp
name: pulp-content
enabled: true
state: restarted
state: started

- name: Wait for Pulp service to be accessible
- name: Wait for Pulp Content service to be accessible
ansible.builtin.wait_for:
host: "{{ ansible_hostname }}"
port: 8080
timeout: 300
port: 24816
timeout: 600

- name: Start the Pulp Worker service
ansible.builtin.systemd:
name: pulp-worker
enabled: true
state: started

# Only needed until we have cert auth configured
- name: Set Pulp admin password
Expand Down
17 changes: 17 additions & 0 deletions roles/pulp/templates/settings.py.j2
Original file line number Diff line number Diff line change
@@ -1,7 +1,24 @@
CONTENT_ORIGIN="http://{{ ansible_hostname }}:8080"
API_CONTENT_ORIGIN="http://{{ ansible_hostname }}:24817"
CONTENT_SERVICE_ORIGIN="http://{{ ansible_hostname }}:24816"
CACHE_ENABLED=True
REDIS_HOST="localhost"
REDIS_PORT=6379

DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
'NAME': 'pulp',
'USER': 'pulp',
'PASSWORD': '{{ pulp_db_password }}',
'HOST': 'localhost',
'PORT': '5432',
}
}

AUTHENTICATION_BACKENDS=['pulpcore.app.authentication.PulpNoCreateRemoteUserBackend']
REMOTE_USER_ENVIRON_NAME="HTTP_REMOTE_USER"
REST_FRAMEWORK__DEFAULT_AUTHENTICATION_CLASSES=('rest_framework.authentication.SessionAuthentication', 'pulpcore.app.authentication.PulpRemoteUserAuthentication')

with open('/etc/pulp/symmetric_key', 'r') as key_file:
SYMMETRIC_KEY = key_file.read().strip()
27 changes: 24 additions & 3 deletions tests/pulp_test.py
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
import json

import pytest


PULP_HOST = 'localhost'
PULP_PORT = 8080

PULP_API_PORT = 24817
PULP_CONTENT_PORT = 24816

@pytest.fixture(scope="module")
def pulp_status_curl(host):
Expand All @@ -22,17 +22,38 @@ def test_pulp_service(host):
assert pulp.is_running
assert pulp.is_enabled

def test_pulp_api_service(host):
pulp_api = host.service("pulp-api")
assert pulp_api.is_running
assert pulp_api.is_enabled

def test_pulp_content_service(host):
pulp_content = host.service("pulp-content")
assert pulp_content.is_running
assert pulp_content.is_enabled

def test_pulp_worker_services(host):
for i in range(1, 3):
pulp_worker = host.service(f"pulp-worker@{i}")
assert pulp_worker.is_running
assert pulp_worker.is_enabled

def test_pulp_port(host):
pulp = host.addr(PULP_HOST)
assert pulp.port(PULP_PORT).is_reachable

def test_pulp_api_port(host):
pulp_api = host.addr(PULP_HOST)
assert pulp_api.port(PULP_API_PORT).is_reachable

def test_pulp_content_port(host):
pulp_content = host.addr(PULP_HOST)
assert pulp_content.port(PULP_CONTENT_PORT).is_reachable

def test_pulp_status(pulp_status_curl):
assert pulp_status_curl.succeeded
assert pulp_status_curl.stderr == '200'


def test_pulp_status_database_connection(pulp_status):
assert pulp_status['database_connection']['connected']

Expand Down

0 comments on commit c027b50

Please sign in to comment.