Skip to content

GitLab

Commit 97a0c0a9 authored by Vincent Mazenod's avatar Vincent Mazenod
Browse files

devops

parent 4ac9a7af
Hide whitespace changes
Inline Side-by-side
content/slides/cri/devops.html 0 → 100644
View file @ 97a0c0a9
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>DevOps</title>
<link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
<link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
<!-- Theme used for syntax highlighting of code -->
<link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
<link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="../main.css">
<!-- Printing and PDF exports -->
<script>
var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
document.getElementsByTagName( 'head' )[0].appendChild( link );
</script>
</head>
<body>
<div class="reveal">
<div class="slides">
<section data-markdown="md/devops.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/vagrant.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/ansible.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/vault.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/pve.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/stack.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/terraform.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/gitlab.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/my.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
<div class="slides">
<section data-markdown="md/openstack.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
</div>
<script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
<script src="../../node_modules/reveal.js/js/reveal.js"></script>
<script>
// More info about config & dependencies:
// - https://github.com/hakimel/reveal.js#configuration
// - https://github.com/hakimel/reveal.js#dependencies
Reveal.initialize({
controls: true,
progress: true,
history: true,
center: false,
dependencies: [
{ src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
{ src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
{ src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
{ src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
]
});
</script>
</body>
</html>
content/slides/cri/gitlab.html 0 → 100644
View file @ 97a0c0a9
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>gitlab</title>
<link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
<link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
<!-- Theme used for syntax highlighting of code -->
<link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
<link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="../main.css">
<!-- Printing and PDF exports -->
<script>
var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
document.getElementsByTagName( 'head' )[0].appendChild( link );
</script>
</head>
<body>
<div class="reveal">
<div class="slides">
<section data-markdown="md/gitlab.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
</div>
<script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
<script src="../../node_modules/reveal.js/js/reveal.js"></script>
<script>
// More info about config & dependencies:
// - https://github.com/hakimel/reveal.js#configuration
// - https://github.com/hakimel/reveal.js#dependencies
Reveal.initialize({
controls: true,
progress: true,
history: true,
center: false,
dependencies: [
{ src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
{ src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
{ src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
{ src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
]
});
</script>
</body>
</html>
content/slides/cri/md/devops.md 0 → 100644
View file @ 97a0c0a9
# DevOps
https://en.wikipedia.org/wiki/DevOps
https://12factor.net/
https://twitter.com/waxzce
content/slides/cri/md/galactica.md content/slides/cri/md/openstack.md
View file @ 97a0c0a9
# OpenStask
* mise à jour
* maquettes documentées / réutilisables
* étude de l'architecture
......
content/slides/cri/md/pve.md 0 → 100644
View file @ 97a0c0a9
# Proxmox
## aka pve
content/slides/cri/md/aws.md content/slides/cri/md/stack.md
View file @ 97a0c0a9
# bws
# stack
![bws](images/aws.png "aws")<!-- .element width="30%" -->
![stack](images/aws.png "aws")<!-- .element width="30%" -->
aka **B** rew **W** ired **S** tack
......
content/slides/cri/md/vagrant.md
View file @ 97a0c0a9
......@@ -106,6 +106,38 @@ $ vagrant destroy #--force
```
## réseau
mapping de port
```ruby
Vagrant.configure("2") do |config|
config.vm.network "forwarded_port", guest: 80, host: 8004
end
```
* [private network](https://www.vagrantup.com/docs/networking/private_network.html)
* [public network](https://www.vagrantup.com/docs/networking/public_network.html)
* on devrait pouvoir accéder à nos ressources locales
* tester un configuration avec ldap/ rodc?
* [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
## vm
```ruby
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/bionic64"
config.vm.provider "virtualbox" do |vb|
vb.gui = false
vb.memory = "4096"
end
end
```
## points de montage
montage automatique de `.` dans `/vagrant`
......@@ -152,6 +184,37 @@ end
```
```ruby
if ENV['VAGRANT_OS']
os = ENV['VAGRANT_OS']
else
os = "ubuntu"
end
```
```ruby
Vagrant.configure("2") do |config|
if os == "centos"
config.vm.box = "centos/7"
else
config.vm.box = "ubuntu/bionic64"
end
```
```ruby
if os == "debian"
config.vm.provision "shell", inline: <<-SHELL
sudo yum install httpd
SHELL
else
config.vm.provision "shell", inline: <<-SHELL
sudo apt install -y apache2
SHELL
end
end
```
## provisioning
via [ansible](ansible.html)
......@@ -171,28 +234,14 @@ Vagrant.configure("2") do |config|
end
end
```
https://www.vagrantup.com/docs/provisioning/ansible_common.html
### idéal pour tester les playbooks
[Shared Ansible Options](https://www.vagrantup.com/docs/provisioning/ansible_common.html)
## vagrant pour tester apache
```ruby
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/bionic64"
config.vm.network "forwarded_port", guest: 80, host: 8000
config.vm.provider "virtualbox" do |vb|
vb.gui = false
vb.memory = "4096"
end
config.vm.provision "shell", inline: <<-SHELL
sudo apt install -y apache2
SHELL
end
```
## conclusion
**laissez un petit Vagrantfile dans vos playbooks [ansible](ansible.html) est toujours une bonne idée!**
## conclusion
* [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
### laissez un petit Vagrantfile dans vos playbooks est toujours une bonne idée!
* [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault/Vagrantfile](https://gitlab.isima.fr/cri/ansible-playbook-vault/blob/master/Vagrantfile)
content/slides/cri/md/vault.md
View file @ 97a0c0a9
# vault
**By HashiCorp**
![vault](images/vault.png "vault")<!-- .element width="30%" -->
[https://vault.isima.fr](https://vault.isima.fr)
**By HashiCorp**
## Installation
Téléchargement d'un binaire
* téléchargement d'un binaire
* https://releases.hashicorp.com/vault/
* décompresser dans /usr/local/bin
......@@ -37,7 +35,6 @@ listener "tcp" {
## Secret engine
## KV2
```
......@@ -119,7 +116,7 @@ $ vault write auth/ldap/groups/cri policies=cri
* le même binaire à télécharger
* cross plateforme
* deux variables d'environnement
* $VAULT_ADDR
* $VAULT_ADDR=https://vault.isima.fr
* $VAULT_TOKEN
ou
* l'[api](https://www.vaultproject.io/api/overview)
......@@ -128,17 +125,17 @@ ou
## Workflow
```
vault login -method=ldap username=vimazeno
vault secrets list
vault list cri/
vault read cri/tokens
vault read cri/tokens # à chaque put on écrase les entrées qu'on ne réécrit pas
vault read cri/tokens -format=json
vault read cri/tokens -format=json | jq .data
vault read cri/tokens -format=json | jq .data.password
vault kv put cri/tokens root=pipo2
vault kv patch cri/tokens root1=pipo1
vault delete cri/tokens
$ vault login -method=ldap username=vimazeno
$ vault secrets list
$ vault list cri/
$ vault kv get cri/tokens
$ vault kv get cri/tokens # à chaque put on écrase les entrées qu'on ne réécrit pas
$ vault kv get cri/tokens -format=json
$ vault kv get cri/tokens -format=json | jq .data
$ vault kv get cri/tokens -format=json | jq .data.password
$ vault kv put cri/tokens root=pipo2
$ vault kv patch cri/tokens root1=pipo1
$ vault delete cri/tokens
```
......@@ -156,7 +153,6 @@ $ vault token create -policy=my
* on génère un token en variable de CI/CD pour autoriser l'appli à lire des secrets
## Générer un secret
Un secret robuste en ligne de commande se génère avec la commande `openssl` comme suit
......@@ -171,7 +167,6 @@ Stocker le secret directement dans hashicorp vault
$ vault kv put cri/tokens root=$(openssl rand -base64 25)
```
## SEE ALSO
* [cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
......
content/slides/cri/my.html 0 → 100644
View file @ 97a0c0a9
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>my</title>
<link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
<link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
<!-- Theme used for syntax highlighting of code -->
<link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
<link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="../main.css">
<!-- Printing and PDF exports -->
<script>
var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
document.getElementsByTagName( 'head' )[0].appendChild( link );
</script>
</head>
<body>
<div class="reveal">
<div class="slides">
<section data-markdown="md/my.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
</div>
<script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
<script src="../../node_modules/reveal.js/js/reveal.js"></script>
<script>
// More info about config & dependencies:
// - https://github.com/hakimel/reveal.js#configuration
// - https://github.com/hakimel/reveal.js#dependencies
Reveal.initialize({
controls: true,
progress: true,
history: true,
center: false,
dependencies: [
{ src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
{ src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
{ src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
{ src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
]
});
</script>
</body>
</html>
content/slides/cri/openstack.html 0 → 100644
View file @ 97a0c0a9
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>openstack</title>
<link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
<link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
<!-- Theme used for syntax highlighting of code -->
<link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
<link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="../main.css">
<!-- Printing and PDF exports -->
<script>
var link = document.createElement( 'link' );
link.rel = 'stylesheet';
link.type = 'text/css';
link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
document.getElementsByTagName( 'head' )[0].appendChild( link );
</script>
</head>
<body>
<div class="reveal">
<div class="slides">
<section data-markdown="md/openstack.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
data-charset="utf-8">
</section>
</div>
</div>
<script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
<script src="../../node_modules/reveal.js/js/reveal.js"></script>
<script>
// More info about config & dependencies:
// - https://github.com/hakimel/reveal.js#configuration
// - https://github.com/hakimel/reveal.js#dependencies
Reveal.initialize({
controls: true,
progress: true,
history: true,
center: false,
dependencies: [
{ src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
{ src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
{ src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
{ src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
]
});
</script>
</body>
</html>
content/slides/cri/aws.html content/slides/cri/stack.html
View file @ 97a0c0a9
......@@ -26,7 +26,7 @@
<body>
<div class="reveal">
<div class="slides">
<section data-markdown="md/aws.md"
<section data-markdown="md/stack.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment