Skip to content

Commit

Permalink
avniproject/avni-product#1427 | Deploy Metabase as docker container o…
Browse files Browse the repository at this point in the history 
…nto onpremise server using ansible
  • Loading branch information
@himeshr
himeshr committed Nov 8, 2023
1 parent 279a8fa commit 8576020
Show file tree
Hide file tree
Showing 12 changed files with 247 additions and 66 deletions.
3 changes: 3 additions & 0 deletions configure/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,9 @@ etl-prerelease: check-app-zip-path check-vault-pwd-file
etl-prod: check-app-zip-path check-vault-pwd-file
APPLICATION_ZIP_PATH=$(app_zip_path) APPLICATION_ZIP_FILE_NAME=etl-1.0.0-SNAPSHOT.jar ansible-playbook prod_etl_servers.yml -i inventory/prod --vault-password-file ${VAULT_PASSWORD_FILE}

metabase-onpremise:
ansible-playbook onpremise_metabase_servers.yml -i inventory/onpremise --vault-password-file ${VAULT_PASSWORD_FILE}

deploy-etl-staging: check-app-zip-path check-vault-pwd-file
APPLICATION_ZIP_PATH=$(app_zip_path) APPLICATION_ZIP_FILE_NAME=etl-1.0.0-SNAPSHOT.jar ansible-playbook deploy_app_to_servers.yml -i inventory/staging --vault-password-file ${VAULT_PASSWORD_FILE} \
--extra-vars '{"deploy_app_name":"etl","deploy_app_hosts":"etlservers","deploy_app_remote_user":"avni-etl-user","deploy_app_env":"staging","deploy_app_role":"etl_appserver","deploy_app_env_vars_file":"group_vars/staging_vars.yml","deploy_app_env_secret_vars_file":"group_vars/staging-secret-vars.yml.enc"}'
Expand Down
9 changes: 9 additions & 0 deletions configure/group_vars/basic_docker_vars.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---

# basic vars
project_name: avni
letsencrypt_email: [email protected]
avni_cache_dir: /var/cache/avni
update_apt_cache: yes

# container vars
18 changes: 18 additions & 0 deletions configure/group_vars/metabase_docker_vars.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---

metabase_container_name: metabase
metabase_container_image: metabase/metabase:v0.47.6
# Below image is for t4g instance type (arm64/v8) architecture
# metabase_container_image: iwalucas/metabase:latest
metabase_hostname: metabase
metabase_container_healthcheck_cmd: "curl --fail -I http://0.0.0.0:443/api/health || exit 1"
metabase_container_ports_mapping: "443:3000"

This comment has been minimized.

Sign in to view

Copy link
@1t5j0y

1t5j0y Nov 9, 2023

Contributor

Any reason to use host port 443? Gives the false impression that the container is handling https whereas this is http over port 443.
We can just use 3000 itself and map that at the load balancer level.

This comment has been minimized.

Sign in to view

Copy link
@himeshr

himeshr Nov 9, 2023

Author Contributor

none actually, i used that for testing the access from outside, using default security groups.
Will change it to 3000.
metabase_container_env_file: "/root/metabase_docker.env"
metabase_container_env_template_file: metabase.docker.env.template.j2

update_apt_cache: yes
# Application settings.
application_name: metabase
app_description: Avni metabase server
application_user: metabase
application_group: metabase
138 changes: 73 additions & 65 deletions configure/group_vars/onpremise-secret-vars.yml.enc
View file
Original file line number Diff line number Diff line change
@@ -1,66 +1,74 @@
$ANSIBLE_VAULT;1.1;AES256
39316638353764366235663835653062656530326134366236313938376266306365396237396462
3733313630363330666538333632373939343235666532340a633562346432616534386264323338
30396433656235613436646536633261336538353033366463656165643730623230646262386538
3066323061663761320a396239353834343131643538613430333531663338336265313631396564
62323734343637623261396431653733353462666632333561653836313962333036393862666130
35336330353961323165363231633563396166633333386430383731353039613563323732646637
61633237643264303335623332336135383032303833396435393061643635613339663335643864
38333235663563313031376237613162663035346239613334393635306432383565366536376134
66653064303439343031653664323133643165313031666231653039306366646333653365336165
39353965383731336564333933313636626432346237613562656463373036653363353131663133
31343462353735616638316166656363303966386137363033386261653861633231646635313239
35323238653561336339356138373531303336396139376230346464646630336664383732373865
37343433326236313036343634376565333363323433626238336365626561303561643431633139
61636434396334383431326231346562366138386162653162346438383964633965646235303463
32373261356363366665393036396231326363633761363730323736636238363332303761386637
65353630636663633836373432646263393635663364646235303432316239303435646436663436
66336539316139326631663130636366333535623433393336353763666339323734343366626430
36393138363763663439656533636461343030623536346539316139346537643130356163633333
39326637393530643466633732656530343536666533353461353639626130393561363865613635
35643231373134323135636232613263303230373334366234393234633331616437313533636465
33346465613865626466393137356136656665623534623563616430393431633836393233323031
66323061636665623034363333376463616331623833653838386662643662663233316136643832
39313638326462626362323766393232313031303564303961316633656638323862666566323364
33323466613066663966313239623839393239373566333761376139643638346438306665393962
61336163666333643964393239646638336532323434393865613236656664373839666166616661
31383538643461636334313337353061323330633165633430366635386166653763626337663063
66643265643162326335666333323366356239313263333366616362653233393765643932613935
33306664343037313566633836336466383763343337363336303064363831646366323731316665
31653563613737626233386431316266373436653333396435366361376463366365636137383937
31623631343662333864306235386666646138393964626461346266343063343966346432333464
37353832616633396538333862336433363237366536313531333765363738626438316564653239
31356639333765333639663861363733376531306134653366643162313534633133633361323932
32393130626431376533333239313735386335356561616530633364363863666231653938396230
35616333663861666266323965653166616263646135343065396662643038646131656362633266
31623633643136323132633030373538376634633531383234323033663663613939623765333861
62643765336163663933333937633337366462643263393964383231373563353564663239323332
30386463626562323362343234623937346161366265316263616332393732363736343666303433
36613733636239656536346663323039663639356238646532613333653637666464616463373564
37366430326331616366353237303962643061393863646137333562623563313137663831633438
63613432346531303062383437623138306231326633396464643337656333616461613165643065
65373462313232636163613935656165323838396462613161626433313263623763336265656437
64353738383761373232316330313662613233356165376564346564666465343965373631613637
39656634323837396330643731653531326530626436616131653436316163333837373361363638
38356630663636653335396132376137333761643362613238626435383436663437316238343366
39626332353465343964613430316232393835633131616436366564373432633662326535613963
39366565666635646632363762316463383038373331326630646166643735333563393330663930
63623363373234343533666235373562323333393266393434343634343230393731336265623664
61616337613732303963316661373562333035303361346464666239653663393538333862383161
62313235633463633537306464306363663433323839343134363838333962626231353133643366
34653061343536396138376661316536336534393862346261383637306464636530313265383962
62373063373135666134383862643832653036633838333838363063323530383232666663666231
66666532356339393761353930356237613139373036333862663837333238663438626637633062
39666636326231303535303133616437323735316632386232633738323264363062313438373639
36363934346136653636393133653736363936353862396638323336616432653632333233316135
39626465663866663263336264633463313563616630393332626537373438353330373133313964
37323462633237396233633962663262313465363566333739656261663934636532303163646665
65356461393966336239323030323838316366623064356632326231666138353131666662346334
36356365366566633130376237646534653962626163613136626462376139666565333938643133
30343762376436656536656135663961376537313462643032656565653039386434663631346639
30646132386436396262343039623763356638653834663663353232326166386264343033313436
66343430613166316466323633346434303066303137343335666130653561656537616637393438
38383131393432333033333061633963383064626363666630393733653831303836633932303764
32623634343533373264346264633233303764336139393364356131643066633663653130353730
63646434316462373263643635346165656236633934306361663233343332356563633831386334
61316161393637623338353761363963653635343361343361326539643039393833
39663935386666376561336636336131336138653935393764643637303861643831636266383133
6665376162613134303439396538643763363737313938640a646438636536623038303039636636
64383361313736616366616131353233396463366233663230613863636131366332623761353531
3935623831326538610a663339663366313131323736343036316663363435333062383932386330
65613633376265316439623330356362323462366264633036366139363639626130373931653130
63643261346237316465356531353533636531393537326662616238333763373162393835313862
65616132326132386664333631613239386233653938333565363332333437336266653663326464
32336463306161303166396165613063386663313536383063663835646136343964396230376132
32323931393232306365663036363932383666396235306665616533623731313861323230653666
36663035306533396565376232313439363631666132636233386430626261656232613765313231
32393634643836316339376137656235356538326137623337336637393132343736373030376664
39656432646638316439313235373431356132306336383533376538316336613938353737666136
62656532393362623137376434613635393466366437383835663461323738373231323038386233
39313539386639336237303932316536343663643739616564386631386437613237653031303531
34313330393136643336376533636331626163616464356162376563616534386331303037363731
62663063653936633066363434323562613134376232363636653433346538373539303232623737
32373632633630333138366661356361663434326636623066623732363366656465323939376262
32353463346461663266313130373261356533373438396538633064386562653631333263646431
66313337386265326165663233393266383035376431623361616563393563333062666664346535
63653535366161623437393032353934383637356264356137633064353135646464316230646262
34306632393232663763323839653539333231316634326536323363363939636462323236653930
39653930346562666665353539346537613163303264653764616239376563376232373937323763
35663432653164313561626564643064373366303464363431646566396361656464323362373330
32373139663937623137626436306561346234333466636432353630313465616333363762376333
65376532303032353433333632323961373665323139663665656333383561366264626534633864
66303537613934396561303332316234316138623931316433626131373838386536343839616333
33343436353230396236626263306336623338636466336161613937633962636136313934396164
35373538376661386365386665633865653332303863636435343132373032376535623332666235
66363136373164393936366438366162613333393363613931363166303730386234363735373365
34353530356138333730326465373935373237653339393134353434303034323165666537383339
34346166386336383630346437613065393139373134626232663465363264306133376363386235
37623835643338646464306361306135393837366665323535386630623836663439356562343665
34653965333431373437346662313664623336646531353930653037656362616365323966333362
63333239373662373438356235373263366335646462343565646366626261663261636336376230
38383333646461666136383437623734363330313161383264303536313263373838346338643430
62363963363965653363636533343963306632393934633030646639363236633131343461626639
38616535633430373866613239306533333935346234323732633931366433633230613763366262
36373538343732643736306663663561353234353563613264353161333635613735353732663535
39613734363464353536643763613831653333356135373439336262303633326634383266353337
64633237613435326565316238303166333336656165313362653862393262643835386264313361
30343336356334383530326233333766656239386331363537333662313264383362393861636230
37393434386462663464373365393962303633376563626263356638623864366637613066303438
31626465663131623164353066353435303134363563353163373064396334653764346439323064
39643530653163623532333638353730323663346636313539623037383361313339356330326336
33653435323436616261343931303235306161396138396161626339363232393330316164323362
63393239333130373934623466316430646666623531363931366636343861653430393434303531
33396332386633626137643034626161636238646437366237303236666665346666373436356233
62313930326139623035643935306663333633616536623730636135316634613663383730303239
35633263386230663662663830633433393937363862663833383830646438653137376563666562
61613561363138653338626666333736313137336465666537386338303832663139636461616266
34643362353733316164393836623465363431666130343239393039373762333062346261313361
33336534616336376466363836383165653036326637623762363761386237643730373866623336
33343636383865363731656530396434316464666236333064623761663834343131356435303632
36633230643230376339393731373632393361613039323736336266343839626639633165383932
62613739653934333732373961363261626130353435333966363933316534346233643766633030
64386434346332373263353764306436336364636337343563303239633539643964653938343461
31373161393763636633623564346165626161653939363339393166343236313533653737613965
35643063626461326138663939646537376432646161343530663566326332643535353037376666
61353038373263343039306133386237336466386532383839633333316463613039633233393339
65393137633730636263346531666331303435363533653765366130623330346230336464346138
65656331396666343763383035656330343030646665363464363233366263376530353931386662
30343161393864656335336530633162373235643262333762343936616263383038343262626361
65326235356137643434363161643238643237623834346265363232636132653436613237613334
66623663643337343665326663643563326162303333333961323163616130616333323430633030
62653930636665623031633962656664333435313235323030343665613239326236643565393462
31343731373136646134656365623739376266373336376538393332373137326433376364316237
37396565353263666236386135373238616331626662393062646431383832356337343834643262
39393030393239346335323862626236663037376263636631656366643037333437396332646135
38366665626431623037666339643738343237333138336262313232333066333466333861316631
37393431613135383039323337336533643937396564313231373762633362313833373037633431
63366337363334636166383366626238656232353037356139626631613236656237366634653131
34366666373436333466623234306536363661373364376437613036613136363938313261666435
62383634336361346435363132396565613163613637656166313531336333623366
8 changes: 8 additions & 0 deletions configure/group_vars/onpremise_vars.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,3 +46,11 @@ openchs_csp_allowed_hosts: "\"keycloak.security.lfe.avniproject.org minio.securi
avni_enhanced_validation: "true"
avni_blacklisted_urls_file_path: "/etc/avni_blacklisted_urls.json"
avni_send_exception_in_response: "false"

## Metabase properties
mb_password_complexity: "strong"
mb_password_length: "12"
mb_jetty_port: "3000"
mb_db_type: "postgres"
mb_db_port: "5432"
java_timezone: "Asia/Kolkata"
5 changes: 4 additions & 1 deletion configure/inventory/onpremise
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,7 @@ keycloak.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansibl
minio.security.lfe.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/lfe-infra.pem

[test_server]
test.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/openchs-infra.pem
test.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/openchs-infra.pem

[metabase_server]
reporting-metabase.avniproject.org ansible_user=ubuntu ansible_port=22 ansible_ssh_private_key_file=~/.ssh/openchs-infra.pem
19 changes: 19 additions & 0 deletions configure/onpremise_metabase_servers.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---

- name: Configure Metabase server
hosts: metabase_server
become: yes
become_user: root
remote_user: "{{ application_user }}"
tags:
- metabase
vars:
vars_files:
- group_vars/basic_docker_vars.yml
- group_vars/metabase_docker_vars.yml
- group_vars/onpremise_vars.yml
- group_vars/onpremise-secret-vars.yml.enc
roles:
- base
- security
- metabase
10 changes: 10 additions & 0 deletions configure/roles/docker/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---

docker_container_name: "{{ app_container_name }}"
docker_container_image: "{{ app_container_image }}"
docker_hostname: "{{ app_hostname }}"
docker_container_healthcheck_cmd: "{{ app_container_healthcheck_cmd }}"
docker_container_ports_mapping: "{{ app_container_ports_mapping }}"
docker_container_env_file: "{{ app_container_env_file }}"
docker_container_env_template_file: "{{ app_container_env_template_file }}"

78 changes: 78 additions & 0 deletions configure/roles/docker/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
---

- name: Install aptitude
apt:
name: aptitude
state: latest
update_cache: true

- name: Install required system packages
apt:
update_cache: "{{ update_apt_cache }}"
state: latest
pkg:
- apt-transport-https
- ca-certificates
- python3-pip
- virtualenv
- python3-setuptools

- name: Create cache dir for the rest
become: true
file:
state: directory
path: "{{ avni_cache_dir }}"
mode: 777

- name: Add Docker GPG apt Key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present

- name: Add Docker Repository
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu focal stable
state: present

- name: Update apt and install docker-ce
apt:
name: docker-ce
state: latest
update_cache: "{{ update_apt_cache }}"

- name: Install Docker Module for Python
pip:
name: docker

- name: Pull default Docker image
community.docker.docker_image:
name: "{{ docker_container_image }}"
source: pull

- name: Set environment file for application
template:
src: "{{ docker_container_env_template_file }}"
dest: "{{ docker_container_env_file }}"
owner: root
group: root
mode: '755'

- name: Create default containers
community.docker.docker_container:
name: "{{ docker_container_name }}"
image: "{{ docker_container_image }}"
detach: true
state: started
restart: true
ports:
# Publish container port 3000 as host port 3000
- "{{ docker_container_ports_mapping }}"
env_file: "{{ docker_container_env_file }}"
healthcheck:
test: "{{ docker_container_healthcheck_cmd }}"
interval: 15s
timeout: 5s
retries: 5



9 changes: 9 additions & 0 deletions configure/roles/metabase/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---

app_container_name: "{{ metabase_container_name }}"
app_container_image: "{{ metabase_container_image }}"
app_hostname: "{{ metabase_hostname }}"
app_container_healthcheck_cmd: "{{ metabase_container_healthcheck_cmd }}"
app_container_ports_mapping: "{{ metabase_container_ports_mapping }}"
app_container_env_file: "{{ metabase_container_env_file }}"
app_container_env_template_file: "{{ metabase_container_env_template_file }}"
5 changes: 5 additions & 0 deletions configure/roles/metabase/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---

- name: "Deploy Metabase docker Container"
include_role:
name: docker
11 changes: 11 additions & 0 deletions configure/roles/metabase/templates/metabase.docker.env.template.j2
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
MB_PASSWORD_COMPLEXITY={{ mb_password_complexity }}
MB_PASSWORD_LENGTH={{ mb_password_length }}
MB_JETTY_PORT={{ mb_jetty_port }}
MB_DB_TYPE={{ mb_db_type }}
MB_DB_PORT={{ mb_db_port }}
JAVA_TIMEZONE={{ java_timezone }}

MB_DB_DBNAME={{ mb_db_dbname }}
MB_DB_USER={{ mb_db_user }}
MB_DB_PASS={{ mb_db_pass }}
MB_DB_HOST={{ mb_db_host }}

0 comments on commit 8576020

Please sign in to comment.