openid_provider: Use MariaDB instead of the default SQLite database

author: Sam Thursfield <sam.thursfield@codethink.co.uk> 2014-12-05 15:47:27 +0000
committer: Sam Thursfield <sam.thursfield@codethink.co.uk> 2014-12-05 15:49:32 +0000
commit: 39bfb29f6c8c7c7562422fcf5edf8a109675572b (patch)
tree: 27b0cf91f40dbf55213cb8a4952c0f0920e3a6bc
parent: 80e3d16a49716aca7ad5008d22b2ebbd85f59afb (diff)
download: infrastructure-39bfb29f6c8c7c7562422fcf5edf8a109675572b.tar.gz
5 files changed, 77 insertions, 5 deletions
diff --git a/README.mdwn b/README.mdwn
index a7e277e2..1a55504d 100644
--- a/README.mdwn
+++ b/README.mdwn
@@ -47,6 +47,11 @@ Also, you must create or have access to an Ansible playbook which will set up
 the user accounts. For development deployments you can use the 'develop.sh'
 script which sets up all the necessary accounts using dummy passwords.
 
+To deploy a development instance:
+
+    packer build -only=development database/packer_template.json
+    database/develop.sh
+
 To deploy this system to production:
 
     packer build -only=production database/packer_template.json
@@ -74,6 +79,32 @@ To deploy this system to production:
     # edit 'hosts' line of database/user_accounts.yml to point to the server's IP
     ansible-playbook database/user_accounts.yml
 
+    nova floating-ip-disassociate database-mariadb <some floating IP>
+
+OpenID provider
+---------------
+
+To deploy a development instance:
+
+    packer build -only=development baserock_openid_provider/packer_template.json
+    baserock_openid_provider/develop.sh
+    # Now you have a root shell inside your container
+    cd /srv/baserock_openid_provider
+    python ./manage.py runserver 0.0.0.0:80
+    # Now you can browse to http://localhost:80/ and see the server.
+
+To deploy this system to production:
+
+    vim baserock_openid_provider/baserock_openid_provider/settings.py
+    # Edit the DATABASES['default']['HOST'] to point to the fixed IP of
+    # the 'database' machine.
+    packer build -only=production database/packer_template.json
+    nova boot openid_provider
+
+    # Now you need to SSH into the system (via the frontend system perhaps)
+    # and run the database migrations, before the app will work:
+    python /srv/baserock_openid_provider/manage.py migrate
+
 
 Deployment to DataCentred
 -------------------------
diff --git a/baserock_openid_provider/baserock_openid_provider/settings.py b/baserock_openid_provider/baserock_openid_provider/settings.py
index 8a5193e0..7f169bb3 100644
--- a/baserock_openid_provider/baserock_openid_provider/settings.py
+++ b/baserock_openid_provider/baserock_openid_provider/settings.py
@@ -8,8 +8,10 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/1.7/ref/settings/
 """
 
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+import yaml
+
 import os
+
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
 
@@ -59,11 +61,33 @@ WSGI_APPLICATION = 'baserock_openid_provider.wsgi.application'
 
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+        'ENGINE': 'django.db.backends.mysql',
+        'NAME': 'baserock_openid_provider',
+        'USER': 'openid',
+
+
+        'PORT': '3306',
+
+        # You must change this to the correct IP address when
+        # deploying to production! For development deployments this
+        # gets the IP of the 'baserock-database' container from the
+        # environment, which Docker will have set if you passed it
+        # `--link=baseock-database:db`.
+        'HOST': os.environ['DB_PORT_3306_TCP_ADDR']
     }
 }
 
+
+# This file lives under /var/lib currently so that the user who runs
+# this code can read it. That user is 'uwsgi'. Putting it in /srv would
+# be fine except that it interferes with the way development deployments
+# are done.
+pw_file = '/var/lib/baserock_openid_provider.database_password.yml'
+with open(pw_file) as f:
+    data = yaml.load(f)
+    password = data['baserock_openid_provider_password']
+    DATABASES['default']['PASSWORD'] = password
+
 # Internationalization
 # https://docs.djangoproject.com/en/1.7/topics/i18n/
 
diff --git a/baserock_openid_provider/develop.sh b/baserock_openid_provider/develop.sh
index d3d1fb3e..534a1333 100755
--- a/baserock_openid_provider/develop.sh
+++ b/baserock_openid_provider/develop.sh
@@ -3,6 +3,8 @@
 # Set up a development environment in a container.
 
 exec docker run -i -t --rm \
+    --name=baserock-openid-provider \
+    --link=baserock-database:db \
     --publish=127.0.0.1:80:80 \
     --volume=`pwd`:/srv/test-baserock-infrastructure \
     baserock/openid-provider
diff --git a/baserock_openid_provider/local.yml b/baserock_openid_provider/local.yml
index e1e69809..49d5c4aa 100644
--- a/baserock_openid_provider/local.yml
+++ b/baserock_openid_provider/local.yml
@@ -28,5 +28,13 @@
   - name: install python-openid
     pip: name=python-openid
 
+  # Install the MySQL-python package from Yum, because if it's installed from
+  # PyPI you need to have the mariadb-devel package installed to build the C
+  # code and that's an extra 21MB of dependencies or so. Note that this driver
+  # doesn't support Python 3, but there is a fork available which does, see:
+  # https://docs.djangoproject.com/en/dev/ref/databases/#mysql-db-api-drivers
+  - name: install MySQL-python
+    yum: name=MySQL-python state=latest
+
   - name: install Cherokee configuration
     shell: ln -sf /srv/baserock_openid_provider/cherokee.conf /etc/cherokee/cherokee.conf
diff --git a/baserock_openid_provider/packer_template.json b/baserock_openid_provider/packer_template.json
index b99d006f..3c6c8f6c 100644
--- a/baserock_openid_provider/packer_template.json
+++ b/baserock_openid_provider/packer_template.json
@@ -22,11 +22,18 @@
     "provisioners": [
         {
             "type": "shell",
-            "inline": [ "sudo chown fedora:fedora /srv" ],
+            "inline": [
+               "sudo chown fedora:fedora /srv"
+            ],
             "only": ["production"]
         },
         {
             "type": "file",
+            "source": "database/baserock_openid_provider.database_password.yml",
+            "destination": "/var/lib/baserock_openid_provider.database_password.yml"
+        },
+        {
+            "type": "file",
             "source": "baserock_openid_provider",
             "destination": "/srv",
             "only": ["production"]
@@ -43,7 +50,7 @@
         {
             "type": "shell",
             "inline": [
-                "ln -s /srv/test_baserock_infrastructure/baserock_openid_provider /srv"
+                "ln -s /srv/test-baserock-infrastructure/baserock_openid_provider /srv"
             ],
             "only": ["development"]
         },
author	Sam Thursfield <sam.thursfield@codethink.co.uk>	2014-12-05 15:47:27 +0000
committer	Sam Thursfield <sam.thursfield@codethink.co.uk>	2014-12-05 15:49:32 +0000
commit	39bfb29f6c8c7c7562422fcf5edf8a109675572b (patch)
tree	27b0cf91f40dbf55213cb8a4952c0f0920e3a6bc
parent	80e3d16a49716aca7ad5008d22b2ebbd85f59afb (diff)
download	infrastructure-39bfb29f6c8c7c7562422fcf5edf8a109675572b.tar.gz