From 4aa21e03cf6f6078ff4283e9632a5d9fe6f6ee03 Mon Sep 17 00:00:00 2001 From: santhosh-tg Date: Thu, 26 Oct 2023 23:15:32 +0530 Subject: [PATCH 1/2] Add OCI specific vars --- .../ansible/inventory/dev/Core/common.yml | 36 +++++++++++++++++-- .../ansible/inventory/dev/Core/secrets.yml | 6 ++-- .../inventory/dev/DataPipeline/common.yml | 16 ++++++--- .../dev/KnowledgePlatform/common.yml | 32 +++++++++++++---- 4 files changed, 72 insertions(+), 18 deletions(-) diff --git a/private_repo/ansible/inventory/dev/Core/common.yml b/private_repo/ansible/inventory/dev/Core/common.yml index da2d8a9694..10caca8161 100644 --- a/private_repo/ansible/inventory/dev/Core/common.yml +++ b/private_repo/ansible/inventory/dev/Core/common.yml @@ -10,21 +10,25 @@ private_ingressgateway_ip: "" # your private kubernetes load balancer ip # Cloud Service Provider Variables # If cloud_service_provider is AWS then update with access key as value # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD" +# If cloud_service_provider is OCI then update with access key as value +# Example: cloud_public_storage_accountname: "7855461d26e1d8f211a04ec59cfd3037c8d1c6dd" # If cloud_service_provider is gloud(GCP) then update with service account name # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com" # If cloud_service_provider is AZURE then update with stoage account name # Example: cloud_public_storage_accountname: "azurestotageaccount" cloud_public_storage_accountname: "" -# If cloud_service_provider is AWS then update with region +# If cloud_service_provider is AWS/OCI then update with region # Example: cloud_public_storage_region: us-east-1 cloud_public_storage_region: "" # If cloud_service_provider is gcp then update this variable with project id # Example: cloud_public_storage_project: "sunbird-gcp-test" cloud_public_storage_project: "" - +# If cloud_service_provider is OCI then update this variable with namespace value +# Example: cloud_public_storage_namespace: "apsyjjclx" +cloud_public_storage_namespace: "" # Create object storage for each below mentioned variables and update accordingly -# If cloud_service_provider is AWS update with bucket name +# If cloud_service_provider is AWS/OCI update with bucket name # If cloud_service_provider is gcloud(GCP) update with bucket name # If cloud_service_provider is AZURE update with container name # Example: cloud_storage_certqr_bucketname: "certqr-storage" @@ -96,6 +100,8 @@ cloud_storage_management_bucketname: "" # cloud_storage_url: https://storage.googleapis.com # AWS # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com" +# OCI +# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com" # Azure cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net" @@ -106,6 +112,18 @@ cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.win # for google: # nginx_private_ingress_annotations: # cloud.google.com/load-balancer-type: "Internal" +# for OCI private +#nginx_private_ingress_annotations: +# service.beta.kubernetes.io/oci-load-balancer-internal: "true" +# service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1.ap-hyderabad-1.xxxxxxxxxxxx" #subnet id +# for OCI public +# nginx public - oci specific +#nginx_public_ingress_service_annotations: +# oci.oraclecloud.com/load-balancer-type: "lb" +# service.beta.kubernetes.io/oci-load-balancer-shape: "flexible" +# service.beta.kubernetes.io/oci-load-balancer-shape-flex-min: "100Mbps" +# service.beta.kubernetes.io/oci-load-balancer-shape-flex-max: "200Mbps" +# service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1.ap-hyderabad-1.xxxxxxxxxxx" #subnet id # for azure: # nginx_private_ingress_annotations: # service.beta.kubernetes.io/azure-load-balancer-internal: "true" @@ -113,6 +131,18 @@ cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.win nginx_private_ingress_annotations: service.beta.kubernetes.io/azure-load-balancer-internal: "true" +# Media specific vars - OCI ( enable when cloud_service_provider is oci) +#oci_media_region: "{{ cloud_public_storage_region }}" +#oci_media_compartment: ocid1.compartment.oc1..xxxxxxxxxxxx # compartment id +#oci_media_namespace: "{{ cloud_public_storage_namespace }}" +#oci_media_source_bucket: "{{ cloud_storage_content_bucketname }}" +#oci_media_target_bucket: "{{ cloud_storage_content_bucketname }}" +#oci_media_prefix_input: "" +#oci_media_dist_channel_id: "" +#oci_media_work_flow_id: "" +#oci_media_stream_config_id: "" +#oci_media_gateway_domain: "" +#csp_migrator_router_parallelism: "" # ------------------------------------------------------------------------------------------------------------ # graylog_trusted_proxies: "1.2.3.4/21" # This should be the kubernetes nodes subnet CIDR range diff --git a/private_repo/ansible/inventory/dev/Core/secrets.yml b/private_repo/ansible/inventory/dev/Core/secrets.yml index c7f3e5b7e4..dd7eb70dfc 100644 --- a/private_repo/ansible/inventory/dev/Core/secrets.yml +++ b/private_repo/ansible/inventory/dev/Core/secrets.yml @@ -5,7 +5,7 @@ core_vault_postgres_password: "change.postgres.password" # Update same core_vault_dp_pgdb_password: "change.postgres.password" #update same password in dp secrets dp_vault_pgdb_password variable core_vault_sunbird_azure_storage_key: "change.azure.storage.account.key" core_vault_docker_registry_url: "change.docker.url" # for docker hub "https://index.docker.io/v1" -core_vault_docker_registry_user: "change.docker.username" +core_vault_docker_registry_user: "change.docker.username" # For OCI oci_namespcae/oci_username core_vault_docker_registry_password: "change.docker.password" # Cloud Service Provider Secret Variables @@ -31,7 +31,7 @@ core_vault_docker_registry_password: "change.docker.password" # Example: cloud_management_storage_secret: "BfoOQwA6UFI7URwkFjkjdjsdhjhjhjsdhjfM//lsTbXDmHOFR5GqEwAwzyrKXOUDywojCpOC/g==" cloud_management_storage_secret: "" -# If cloud_service_provider is aws then update secret access key +# If cloud_service_provider is aws/oci then update secret access key # Example: cloud_public_storage_secret: "xkxjfjsdsfjdfjdhgjfhgjdhfgjdgjdfgdjgjdgdjhgjhd" # If cloud_service_provider is gcp then update with private-key which is in service account json file @@ -237,4 +237,4 @@ lp_vault_youtube_api_key: # youtube api token if you want # Examples values added below ml_analytics_authorization_access_token : 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkOTY3NzRjYzXXXXXXXXXXXXXQ4Y2RiOWQ2Mzg0OSJ9.n4hXxKxl_698yeZPSWhXeGvMOb4esfgPadIZe8jZ0Z4' # Bearer auth token which has access to APIs as defined in the release note ml_analytics_password : Test@123 # Password of a user which has roles of "PROGRAM_MANAGER", "PROGRAM_DESIGNER", "REPORT_ADMIN", "REPORT_VIEWER" matching with supplied username to variable ml_analytics_username -ml_analytics_client_secret : fd241dce-4ZZ9-47e1-97cf-1c7de7a44216 # Keycloak client secret for creating tokens, mapped to client id supplied to variable ml_analytics_client_id \ No newline at end of file +ml_analytics_client_secret : fd241dce-4ZZ9-47e1-97cf-1c7de7a44216 # Keycloak client secret for creating tokens, mapped to client id supplied to variable ml_analytics_client_id diff --git a/private_repo/ansible/inventory/dev/DataPipeline/common.yml b/private_repo/ansible/inventory/dev/DataPipeline/common.yml index c5790ec42c..40f9469f21 100644 --- a/private_repo/ansible/inventory/dev/DataPipeline/common.yml +++ b/private_repo/ansible/inventory/dev/DataPipeline/common.yml @@ -10,21 +10,25 @@ search_lb_ip: # search service Load balancer IP # Cloud Service Provider Variables # If cloud_service_provider is AWS then update with access key as value # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD" +# If cloud_service_provider is OCI then update with access key as value +# Example: cloud_public_storage_accountname: "7855461d26e1d8f211a04ec59cfd3037c8d1c6dd" # If cloud_service_provider is gloud(GCP) then update with service account name # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com" # If cloud_service_provider is AZURE then update with stoage account name # Example: cloud_public_storage_accountname: "azurestotageaccount" + cloud_public_storage_accountname: "" -# If cloud_service_provider is AWS then update with region +# If cloud_service_provider is AWS/OCI then update with region # Example: cloud_public_storage_region: us-east-1 cloud_public_storage_region: "" # If cloud_service_provider is gcp then update this variable with project id # Example: cloud_public_storage_project: "sunbird-gcp-test" cloud_public_storage_project: "" - - +# If cloud_service_provider is OCI then update this variable with namespace value +# Example: cloud_public_storage_namespace: "apsyjjclx" +cloud_public_storage_namespace: "" # Create object storage for each below mentioned variables and update accordingly -# If cloud_service_provider is AWS update with bucket name +# If cloud_service_provider is AWS/OCI update with bucket name # If cloud_service_provider is gcloud(GCP) update with bucket name # If cloud_service_provider is AZURE update with container name # Example: cloud_storage_certqr_bucketname: "certqr-storage" @@ -96,6 +100,8 @@ cloud_storage_management_bucketname: "" # cloud_storage_url: https://storage.googleapis.com # AWS # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com" +# OCI +# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com" # Azure cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net" @@ -295,4 +301,4 @@ processing_kafka_overriden_topics: replication_factor: 1 # graylog -send_logs_to_graylog: true # filebeat agents will send logs to graylog instead of ES \ No newline at end of file +send_logs_to_graylog: true # filebeat agents will send logs to graylog instead of ES diff --git a/private_repo/ansible/inventory/dev/KnowledgePlatform/common.yml b/private_repo/ansible/inventory/dev/KnowledgePlatform/common.yml index d87400b63c..62eb1996e2 100644 --- a/private_repo/ansible/inventory/dev/KnowledgePlatform/common.yml +++ b/private_repo/ansible/inventory/dev/KnowledgePlatform/common.yml @@ -7,14 +7,14 @@ private_ingressgateway_ip: "" # your private kubernetes load balancer ip domain_name: "" # your domain name like example.com # Cloud Service Provider Variables -# If cloud_service_provider is AWS then update with access key as value +# If cloud_service_provider is AWS/OCI then update with access key as value # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD" # If cloud_service_provider is gloud(GCP) then update with service account name # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com" # If cloud_service_provider is AZURE then update with stoage account name # Example: cloud_public_storage_accountname: "azurestotageaccount" cloud_public_storage_accountname: "" -# If cloud_service_provider is AWS then update with region +# If cloud_service_provider is AWS/OCI then update with region # Example: cloud_public_storage_region: us-east-1 cloud_public_storage_region: "" # If cloud_service_provider is gcp then update this variable with project id @@ -26,7 +26,7 @@ cloud_public_storage_namespace: "" # Create object storage for each below mentioned variables and update accordingly -# If cloud_service_provider is AWS update with bucket name +# If cloud_service_provider is AWS/OCI update with bucket name # If cloud_service_provider is gcloud(GCP) update with bucket name # If cloud_service_provider is AZURE update with container name # Example: cloud_storage_certqr_bucketname: "certqr-storage" @@ -98,6 +98,8 @@ cloud_storage_management_bucketname: "" # cloud_storage_url: https://storage.googleapis.com # AWS # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com" +# OCI +# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com" # Azure cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net" @@ -129,8 +131,11 @@ kubeconfig_path: /var/lib/jenkins/secrets/k8s.yaml # kubeconfig file path # cloud_public_storage_endpoint: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com" # for OCI #cloud_public_storage_endpoint: "https://.compat.objectstorage.{{cloud_public_storage_region}}.oraclecloud.com" - -cloud_public_storage_endpoint: "" +#oci_flink_s3_storage_endpoint: "{{ cloud_public_storage_endpoint }}" +#cloudstorage_sdk_endpoint: "{{ cloud_public_storage_endpoint }}" +#s3_region: "{{ cloud_public_storage_region }}" +#cloud_storage_proxy_host: "{{cloud_storage_url}}" +#flink_container_name: "{{ cloud_storage_flink_bucketname }}" # Update below vars if seperate object storage is required cloud_private_storage_accountname: "{{ cloud_public_storage_accountname }}" @@ -163,13 +168,26 @@ cloud_artifact_storage_namespace: "{{ cloud_public_storage_namespace }}" # cloud_storage_neo4jbackup_bucketname: "" # cloud_storage_redisbackup_bucketname: "" +# Media specific vars - OCI ( enable when cloud_service_provider is oci) +#oci_media_region: "{{ cloud_public_storage_region }}" +#oci_media_compartment: ocid1.compartment.oc1..xxxxxxxxxxxx # compartment id +#oci_media_namespace: "{{ cloud_public_storage_namespace }}" +#oci_media_source_bucket: "{{ cloud_storage_content_bucketname }}" +#oci_media_target_bucket: "{{ cloud_storage_content_bucketname }}" +#oci_media_prefix_input: "" +#oci_media_dist_channel_id: "" +#oci_media_work_flow_id: "" +#oci_media_stream_config_id: "" +#oci_media_gateway_domain: "" +#csp_migrator_router_parallelism: "" + # Building block vars cloud_storage_base_url: "{{ cloud_storage_url }}" cloudstorage_base_path: "{{ cloud_storage_url }}" valid_cloudstorage_base_urls: '["{{ cloud_storage_url }}"]' cloudstorage_relative_path_prefix: "CONTENT_STORAGE_BASE_PATH" -cloud_storage_pathstyle_access: false - +cloud_storage_pathstyle_access: true +cloud_storage_cname_url: "{{ cloud_storage_url }}" # overide if you have seperate url for cname ### Lern BB - Adding Lern specific vars here. In future if we want to move it to seperate folder this can be used as the starting point # Mandatorty variables - DO NOT LEAVE ANYTHING BLANK # From 50453fce926e27bcfeea1d231ba949964073fa46 Mon Sep 17 00:00:00 2001 From: santhosh-tg Date: Fri, 27 Oct 2023 08:39:44 +0530 Subject: [PATCH 2/2] Add mobile deeplink url var --- private_repo/ansible/inventory/dev/Core/common.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/private_repo/ansible/inventory/dev/Core/common.yml b/private_repo/ansible/inventory/dev/Core/common.yml index 10caca8161..9092c3cc9d 100644 --- a/private_repo/ansible/inventory/dev/Core/common.yml +++ b/private_repo/ansible/inventory/dev/Core/common.yml @@ -147,6 +147,10 @@ nginx_private_ingress_annotations: graylog_trusted_proxies: "1.2.3.4/21" # This should be the kubernetes nodes subnet CIDR range +### Android Mobile deeplink url - Upload the assetlinks.json file to the public object store (bucket) +## reference: https://project-sunbird.atlassian.net/wiki/spaces/SBDES/pages/3276865567/Deep+link+support+in+Android+12+devices +mobile_deeplink_url: "{{ cloud_storage_url }}/{{ cloud_storage_public_bucketname }}/Mobile-deeplink/assetlinks.json" + ## Optional learningservice_ip: "10.0.1.5" # Load balancer IP or server ip