From 97a0c0a98e78abaf0bc1165020a1a4dc5f470132 Mon Sep 17 00:00:00 2001
From: Vincent Mazenod <vmazenod@gmail.com>
Date: Fri, 4 Jan 2019 14:36:26 +0100
Subject: [PATCH] devops
---
content/slides/cri/devops.html | 131 ++++++++++++++++++
content/slides/cri/gitlab.html | 59 ++++++++
content/slides/cri/md/devops.md | 7 +
content/slides/cri/md/gitlab.md | 2 +
content/slides/cri/md/my.md | 1 +
.../cri/md/{galactica.md => openstack.md} | 3 +
content/slides/cri/md/pve.md | 3 +
content/slides/cri/md/{aws.md => stack.md} | 4 +-
content/slides/cri/md/vagrant.md | 87 +++++++++---
content/slides/cri/md/vault.md | 33 ++---
content/slides/cri/my.html | 59 ++++++++
content/slides/cri/openstack.html | 59 ++++++++
content/slides/cri/{aws.html => stack.html} | 2 +-
13 files changed, 409 insertions(+), 41 deletions(-)
create mode 100644 content/slides/cri/devops.html
create mode 100644 content/slides/cri/gitlab.html
create mode 100644 content/slides/cri/md/devops.md
create mode 100644 content/slides/cri/md/my.md
rename content/slides/cri/md/{galactica.md => openstack.md} (96%)
create mode 100644 content/slides/cri/md/pve.md
rename content/slides/cri/md/{aws.md => stack.md} (87%)
create mode 100644 content/slides/cri/my.html
create mode 100644 content/slides/cri/openstack.html
rename content/slides/cri/{aws.html => stack.html} (98%)
diff --git a/content/slides/cri/devops.html b/content/slides/cri/devops.html
new file mode 100644
index 0000000..044631e
--- /dev/null
+++ b/content/slides/cri/devops.html
@@ -0,0 +1,131 @@
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
+
+ <title>DevOps</title>
+
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
+
+ <!-- Theme used for syntax highlighting of code -->
+ <link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
+ <link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
+ <link rel="stylesheet" href="../main.css">
+
+ <!-- Printing and PDF exports -->
+ <script>
+ var link = document.createElement( 'link' );
+ link.rel = 'stylesheet';
+ link.type = 'text/css';
+ link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
+ document.getElementsByTagName( 'head' )[0].appendChild( link );
+ </script>
+ </head>
+ <body>
+ <div class="reveal">
+ <div class="slides">
+ <section data-markdown="md/devops.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/vagrant.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/ansible.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/vault.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/pve.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/stack.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/terraform.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/gitlab.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/my.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ <div class="slides">
+ <section data-markdown="md/openstack.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ </div>
+
+ <script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
+ <script src="../../node_modules/reveal.js/js/reveal.js"></script>
+
+ <script>
+ // More info about config & dependencies:
+ // - https://github.com/hakimel/reveal.js#configuration
+ // - https://github.com/hakimel/reveal.js#dependencies
+ Reveal.initialize({
+ controls: true,
+ progress: true,
+ history: true,
+ center: false,
+ dependencies: [
+ { src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
+ { src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
+ { src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
+ { src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
+ ]
+ });
+ </script>
+ </body>
+</html>
diff --git a/content/slides/cri/gitlab.html b/content/slides/cri/gitlab.html
new file mode 100644
index 0000000..c0a9397
--- /dev/null
+++ b/content/slides/cri/gitlab.html
@@ -0,0 +1,59 @@
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
+
+ <title>gitlab</title>
+
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
+
+ <!-- Theme used for syntax highlighting of code -->
+ <link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
+ <link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
+ <link rel="stylesheet" href="../main.css">
+
+ <!-- Printing and PDF exports -->
+ <script>
+ var link = document.createElement( 'link' );
+ link.rel = 'stylesheet';
+ link.type = 'text/css';
+ link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
+ document.getElementsByTagName( 'head' )[0].appendChild( link );
+ </script>
+ </head>
+ <body>
+ <div class="reveal">
+ <div class="slides">
+ <section data-markdown="md/gitlab.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ </div>
+
+ <script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
+ <script src="../../node_modules/reveal.js/js/reveal.js"></script>
+
+ <script>
+ // More info about config & dependencies:
+ // - https://github.com/hakimel/reveal.js#configuration
+ // - https://github.com/hakimel/reveal.js#dependencies
+ Reveal.initialize({
+ controls: true,
+ progress: true,
+ history: true,
+ center: false,
+ dependencies: [
+ { src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
+ { src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
+ { src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
+ { src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
+ ]
+ });
+ </script>
+ </body>
+</html>
diff --git a/content/slides/cri/md/devops.md b/content/slides/cri/md/devops.md
new file mode 100644
index 0000000..ba5ded7
--- /dev/null
+++ b/content/slides/cri/md/devops.md
@@ -0,0 +1,7 @@
+# DevOps
+
+https://en.wikipedia.org/wiki/DevOps
+
+https://12factor.net/
+
+https://twitter.com/waxzce
diff --git a/content/slides/cri/md/gitlab.md b/content/slides/cri/md/gitlab.md
index a9e2ff4..a898579 100644
--- a/content/slides/cri/md/gitlab.md
+++ b/content/slides/cri/md/gitlab.md
@@ -1,3 +1,5 @@
+# gitlab
+
## CI/CD variables
diff --git a/content/slides/cri/md/my.md b/content/slides/cri/md/my.md
new file mode 100644
index 0000000..7eb2107
--- /dev/null
+++ b/content/slides/cri/md/my.md
@@ -0,0 +1 @@
+# my
diff --git a/content/slides/cri/md/galactica.md b/content/slides/cri/md/openstack.md
similarity index 96%
rename from content/slides/cri/md/galactica.md
rename to content/slides/cri/md/openstack.md
index 309acd6..c98ddb9 100644
--- a/content/slides/cri/md/galactica.md
+++ b/content/slides/cri/md/openstack.md
@@ -1,3 +1,6 @@
+# OpenStask
+
+
* mise à jour
* maquettes documentées / réutilisables
* étude de l'architecture
diff --git a/content/slides/cri/md/pve.md b/content/slides/cri/md/pve.md
new file mode 100644
index 0000000..4b87375
--- /dev/null
+++ b/content/slides/cri/md/pve.md
@@ -0,0 +1,3 @@
+# Proxmox
+
+## aka pve
diff --git a/content/slides/cri/md/aws.md b/content/slides/cri/md/stack.md
similarity index 87%
rename from content/slides/cri/md/aws.md
rename to content/slides/cri/md/stack.md
index 299fbdb..a6b16e2 100644
--- a/content/slides/cri/md/aws.md
+++ b/content/slides/cri/md/stack.md
@@ -1,6 +1,6 @@
-# bws
+# stack
-<!-- .element width="30%" -->
+<!-- .element width="30%" -->
aka **B** rew **W** ired **S** tack
diff --git a/content/slides/cri/md/vagrant.md b/content/slides/cri/md/vagrant.md
index 8388966..5a5f96b 100644
--- a/content/slides/cri/md/vagrant.md
+++ b/content/slides/cri/md/vagrant.md
@@ -106,6 +106,38 @@ $ vagrant destroy #--force
```
+## réseau
+
+mapping de port
+
+```ruby
+Vagrant.configure("2") do |config|
+ config.vm.network "forwarded_port", guest: 80, host: 8004
+end
+```
+
+* [private network](https://www.vagrantup.com/docs/networking/private_network.html)
+
+* [public network](https://www.vagrantup.com/docs/networking/public_network.html)
+
+* on devrait pouvoir accéder à nos ressources locales
+ * tester un configuration avec ldap/ rodc?
+ * [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
+
+
+## vm
+
+```ruby
+Vagrant.configure("2") do |config|
+ config.vm.box = "ubuntu/bionic64"
+ config.vm.provider "virtualbox" do |vb|
+ vb.gui = false
+ vb.memory = "4096"
+ end
+end
+```
+
+
## points de montage
montage automatique de `.` dans `/vagrant`
@@ -152,6 +184,37 @@ end
```
+```ruby
+if ENV['VAGRANT_OS']
+ os = ENV['VAGRANT_OS']
+else
+ os = "ubuntu"
+end
+```
+
+```ruby
+Vagrant.configure("2") do |config|
+ if os == "centos"
+ config.vm.box = "centos/7"
+ else
+ config.vm.box = "ubuntu/bionic64"
+ end
+```
+
+```ruby
+ if os == "debian"
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo yum install httpd
+ SHELL
+ else
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo apt install -y apache2
+ SHELL
+ end
+end
+```
+
+
## provisioning
via [ansible](ansible.html)
@@ -171,28 +234,14 @@ Vagrant.configure("2") do |config|
end
end
```
-https://www.vagrantup.com/docs/provisioning/ansible_common.html
-### idéal pour tester les playbooks
+[Shared Ansible Options](https://www.vagrantup.com/docs/provisioning/ansible_common.html)
-## vagrant pour tester apache
-
-```ruby
-Vagrant.configure("2") do |config|
- config.vm.box = "ubuntu/bionic64"
- config.vm.network "forwarded_port", guest: 80, host: 8000
- config.vm.provider "virtualbox" do |vb|
- vb.gui = false
- vb.memory = "4096"
- end
- config.vm.provision "shell", inline: <<-SHELL
- sudo apt install -y apache2
- SHELL
-end
-```
+## conclusion
+**laissez un petit Vagrantfile dans vos playbooks [ansible](ansible.html) est toujours une bonne idée!**
-## conclusion
+* [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
-### laissez un petit Vagrantfile dans vos playbooks est toujours une bonne idée!
+ * [<i class="fa fa-gitlab"></i> cri/ansible-playbook-vault/Vagrantfile](https://gitlab.isima.fr/cri/ansible-playbook-vault/blob/master/Vagrantfile)
diff --git a/content/slides/cri/md/vault.md b/content/slides/cri/md/vault.md
index 94a4649..8e7f0d3 100644
--- a/content/slides/cri/md/vault.md
+++ b/content/slides/cri/md/vault.md
@@ -1,15 +1,13 @@
# vault
-**By HashiCorp**
-
<!-- .element width="30%" -->
-[https://vault.isima.fr](https://vault.isima.fr)
+**By HashiCorp**
## Installation
-Téléchargement d'un binaire
+* téléchargement d'un binaire
* https://releases.hashicorp.com/vault/
* décompresser dans /usr/local/bin
@@ -37,7 +35,6 @@ listener "tcp" {
## Secret engine
-
## KV2
```
@@ -119,7 +116,7 @@ $ vault write auth/ldap/groups/cri policies=cri
* le même binaire à télécharger
* cross plateforme
* deux variables d'environnement
- * $VAULT_ADDR
+ * $VAULT_ADDR=https://vault.isima.fr
* $VAULT_TOKEN
ou
* l'[api](https://www.vaultproject.io/api/overview)
@@ -128,17 +125,17 @@ ou
## Workflow
```
-vault login -method=ldap username=vimazeno
-vault secrets list
-vault list cri/
-vault read cri/tokens
-vault read cri/tokens # à chaque put on écrase les entrées qu'on ne réécrit pas
-vault read cri/tokens -format=json
-vault read cri/tokens -format=json | jq .data
-vault read cri/tokens -format=json | jq .data.password
-vault kv put cri/tokens root=pipo2
-vault kv patch cri/tokens root1=pipo1
-vault delete cri/tokens
+$ vault login -method=ldap username=vimazeno
+$ vault secrets list
+$ vault list cri/
+$ vault kv get cri/tokens
+$ vault kv get cri/tokens # à chaque put on écrase les entrées qu'on ne réécrit pas
+$ vault kv get cri/tokens -format=json
+$ vault kv get cri/tokens -format=json | jq .data
+$ vault kv get cri/tokens -format=json | jq .data.password
+$ vault kv put cri/tokens root=pipo2
+$ vault kv patch cri/tokens root1=pipo1
+$ vault delete cri/tokens
```
@@ -156,7 +153,6 @@ $ vault token create -policy=my
* on génère un token en variable de CI/CD pour autoriser l'appli à lire des secrets
-
## Générer un secret
Un secret robuste en ligne de commande se génère avec la commande `openssl` comme suit
@@ -171,7 +167,6 @@ Stocker le secret directement dans hashicorp vault
$ vault kv put cri/tokens root=$(openssl rand -base64 25)
```
-
## SEE ALSO
* [cri/ansible-playbook-vault](https://gitlab.isima.fr/cri/ansible-playbook-vault)
diff --git a/content/slides/cri/my.html b/content/slides/cri/my.html
new file mode 100644
index 0000000..d16cdc5
--- /dev/null
+++ b/content/slides/cri/my.html
@@ -0,0 +1,59 @@
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
+
+ <title>my</title>
+
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
+
+ <!-- Theme used for syntax highlighting of code -->
+ <link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
+ <link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
+ <link rel="stylesheet" href="../main.css">
+
+ <!-- Printing and PDF exports -->
+ <script>
+ var link = document.createElement( 'link' );
+ link.rel = 'stylesheet';
+ link.type = 'text/css';
+ link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
+ document.getElementsByTagName( 'head' )[0].appendChild( link );
+ </script>
+ </head>
+ <body>
+ <div class="reveal">
+ <div class="slides">
+ <section data-markdown="md/my.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ </div>
+
+ <script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
+ <script src="../../node_modules/reveal.js/js/reveal.js"></script>
+
+ <script>
+ // More info about config & dependencies:
+ // - https://github.com/hakimel/reveal.js#configuration
+ // - https://github.com/hakimel/reveal.js#dependencies
+ Reveal.initialize({
+ controls: true,
+ progress: true,
+ history: true,
+ center: false,
+ dependencies: [
+ { src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
+ { src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
+ { src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
+ { src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
+ ]
+ });
+ </script>
+ </body>
+</html>
diff --git a/content/slides/cri/openstack.html b/content/slides/cri/openstack.html
new file mode 100644
index 0000000..5be67ae
--- /dev/null
+++ b/content/slides/cri/openstack.html
@@ -0,0 +1,59 @@
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
+
+ <title>openstack</title>
+
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/reveal.css">
+ <link rel="stylesheet" href="../../node_modules/reveal.js/css/theme/white.css">
+
+ <!-- Theme used for syntax highlighting of code -->
+ <link rel="stylesheet" href="../../node_modules/reveal.js/lib/css/zenburn.css">
+ <link rel="stylesheet" href="../../node_modules/font-awesome/css/font-awesome.min.css">
+ <link rel="stylesheet" href="../main.css">
+
+ <!-- Printing and PDF exports -->
+ <script>
+ var link = document.createElement( 'link' );
+ link.rel = 'stylesheet';
+ link.type = 'text/css';
+ link.href = window.location.search.match( /print-pdf/gi ) ? '../../node_modules/reveal.js/css/print/pdf.css' : '../../node_modules/reveal.js/css/print/paper.css';
+ document.getElementsByTagName( 'head' )[0].appendChild( link );
+ </script>
+ </head>
+ <body>
+ <div class="reveal">
+ <div class="slides">
+ <section data-markdown="md/openstack.md"
+ data-separator="^\n\n\n"
+ data-separator-vertical="^\n\n"
+ data-separator-notes="^Note:"
+ data-charset="utf-8">
+ </section>
+ </div>
+ </div>
+
+ <script src="../../node_modules/reveal.js/lib/js/head.min.js"></script>
+ <script src="../../node_modules/reveal.js/js/reveal.js"></script>
+
+ <script>
+ // More info about config & dependencies:
+ // - https://github.com/hakimel/reveal.js#configuration
+ // - https://github.com/hakimel/reveal.js#dependencies
+ Reveal.initialize({
+ controls: true,
+ progress: true,
+ history: true,
+ center: false,
+ dependencies: [
+ { src: '../../node_modules/reveal.js/plugin/markdown/marked.js' },
+ { src: '../../node_modules/reveal.js/plugin/markdown/markdown.js' },
+ { src: '../../node_modules/reveal.js/plugin/notes/notes.js', async: true },
+ { src: '../../node_modules/reveal.js/plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
+ ]
+ });
+ </script>
+ </body>
+</html>
diff --git a/content/slides/cri/aws.html b/content/slides/cri/stack.html
similarity index 98%
rename from content/slides/cri/aws.html
rename to content/slides/cri/stack.html
index ca01275..189cc68 100644
--- a/content/slides/cri/aws.html
+++ b/content/slides/cri/stack.html
@@ -26,7 +26,7 @@
<body>
<div class="reveal">
<div class="slides">
- <section data-markdown="md/aws.md"
+ <section data-markdown="md/stack.md"
data-separator="^\n\n\n"
data-separator-vertical="^\n\n"
data-separator-notes="^Note:"
--
GitLab