0k
/
0k-charms
6
3
Fork 2
Code Issues 11 Pull Requests 5 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
641 Commits
27 Branches
14 Tags
41 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
0k-charms/README.org

200 lines
7.4 KiB
Raw Permalink Normal View History

chg: updated the README and changed to ``org`` format Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes about types of charms
4 months ago
new: doc: add doc on root level ``type`` key of ``metadata.yml``
5 months ago
new: doc: add notes on login and password policy of charms
4 months ago
  1. * 0k-charms
  3. This package provides charms, which are special system recipes, that are
  4. meant to be executable and mangled together to allow managing a wide set
  5. of services.
  7. Inspired by [[https://discourse.juju.is/t/introduction-to-juju-charms/1188][juju charms]], these are mostly bash scripts organized by
  8. service and meant to automate all administration tasks, from
  9. installation, to connection with other services, or any other task a
  10. service would need.
  12. Several tools are able to read the current state of this repository to
  13. effectively deploy full production grade services on different type of
  14. platform.
  16. The only real fully functional implementation is =0k-compose=. It will
  17. use these charms to drive, prepare, and build in =docker=, complete sets
  18. of services.
  20. Another old solution called =lxc-deploy= was used actively before to deploy
  21. services on LXC tool set until 2016 using these charms.
  23. Bare hosts can also replay some recipes to install services directly
  24. on them via the =0k-charm= project using the =charm apply=
  25. command. Note that actually, as most recipes are bash executable, it
  26. is still a viable option to copy-paste parts of source-code of these
  27. scripts. These last two options are still used very often to bootstrap
  28. installs of =docker-hosts= for instance.
  31. * Maturity
  33. Charms in these repository are in a wide set of maturity, from simple note
  34. taking of shell commands, not even executable, to full charm allowing to
  35. deploy services and manage the full life cycle of the service.
  37. The repository in a whole is thus NOT considered as mature at all, and will
  38. require some thorough cleaning and decisions to furthermore structure to reach
  39. a state where it'll make sense to go full public.
  41. * Usage
  43. ** TODO Through =compose= for full deployment of sets of services
  45. Requires =0k-compose= package that contains the =compose= command line tool.
  47. TBD
  49. ** TODO Through =lxc-deploy= for full install and deployment of services
  51. Requires =lxc-scripts= package that holds several tools for LXC
  52. management, amongst them is =lxc-deploy=.
  54. TBD
  56. ** TODO Through =docker-build-charm= for docker image creation
  58. Requires =0k-docker= package that holds several tools for docker
  59. management, amongst them is =docker-build-charm=.
  61. =docker-build-charm= will use the =install= recipes in a charm to
  62. basically mimic the =Dockerfile= purpose and create a docker image for
  63. a specific service.
  65. TBD
  67. ** TODO Through =0k-charm= for bare hosts installs
  69. Requires =0k-charm= package to get the =charm= command line util.
  71. TBD
  74. * Installation
  76. Most tools should check the =CHARM_STORE= bash environment variable
  77. that should be the path to reach the root of this repository. If not
  78. defined, most tools will look in =/srv/charm-store= by default.
  80. * Specs
  82. ** charm type
  84. Not all charm are designed to set up a continuously running, listening
  85. service.
  87. In a charm's ~metadata.yml~, the root-level key ~type~ can have one of
  88. these values:
  90. - ~daemon~ (default)
  92. By default, a charm is of type ~daemon~. It's probably the most
  93. expected way to run a service: it brings up a process that is
  94. *always running*. Examples include charms like ~apache~, ~mysql~,
  95. ~postgres~.
  97. These charms bring up processes that typically open ports to provide
  98. their functionality, perform background tasks like checking the time
  99. and scheduling commands (as the ~cron~ charm), and may use files to
  100. trigger or report on their activities.
  102. In the final ~docker-compose.yml~, a ~daemon~ type charm will
  103. ensure that an entry is created for the service they manage,
  104. resulting in a container that stays in memory. As such they require
  105. a docker image. They will ensure that these entries are managed with
  106. ~restart: unless-stopped~ policy.
  108. The processes managed by these charms will be setup via
  109. ~docker-compose up~ actions at the end, and they will run in the
  110. background.
  112. Once brought up, the processes from these charms will consume CPU and
  113. memory resources indefinitely, until you manually bring them down.
  115. It makes sense to bring them ~up~ or ~down~.
  117. - ~command~
  119. This charm type is used to prepare *a process that run and exits
  120. after execution*. These are more what could be expected of a
  121. "command", and are typically invoked by an other service for
  122. specific events.
  124. Example includes ~logrotate~, ~rsync-backup~, and ~letsencrypt~,
  125. which are charms of type ~run-once~.
  127. These charms are meant to setup commands that are triggered by
  128. services at specific moments or as a result of specific event. It is
  129. through their ~relation~ hooks with other services that they will
  130. ensure to be called when intended to. They are run through the
  131. ~docker-compose run~ call.
  133. Like ~daemon~'s typed charm, these charm will ensure that an entry
  134. is correctly added in the final ~docker-compose.yml~ with all the
  135. necessary options so it is ready to be triggered. They require also
  136. a docker image.
  138. But unlike ~daemon~'s typed charms, these charm will ensure that
  139. the entry they managed in the final ~docker-compose.yml~ *DO NOT*
  140. have an automatic restart policy.
  142. They consume CPU and memory resources only when running and release
  143. resources once finished.
  145. - ~stub~
  147. A ~stub~ charm is more of a placeholder that doesn't have anything
  148. to run at all ! They don't need any docker image. These entities are
  149. used to hold information in ~compose.yml~ and can often be used to
  150. represent a real service managed externally (out of =compose=, on
  151. another host or through a different management system, such as a
  152. local installation, LXC, VirtualBox, etc.).
  154. For example, ~smtp-stub~ charm can be used to build an entity that
  155. will stand for an external ~smtp~ service. Through relations, these
  156. stubs offer interfaces similar to actual services in the setting up
  157. stage. For instance, a ~smtp-stub~ acts as a ~smtp-server~ provider,
  158. and can satisfy ~services~ that would require a ~smtp-server~
  159. provider.
  161. They generally implement relation hooks and act as providers.
  163. No entry is created for them in the final ~docker-compose.yml~.
  165. They do not use any CPU or memory resources
  168. ** login and password policy
  170. A charm have to manage different set of password. The best would be
  171. that the charm:
  173. - don't require user to choose password (less configuration)
  174. - will promote reasonable security practice.
  176. There are 2 types of password:
  177. - inter-service passwords (ie: database access password), these are
  178. never used by human operator, and will be required to be known by
  179. the charms to set things up. These should be generated randomly
  180. (although they could be set also via configuration if mentionned).
  181. - they can only be changed by specific backend technical manipulation.
  183. - user service's admin password (ie: admin user of odoo, nextcloud)
  184. - they can be changed through the service interface.
  185. - this service interface is available to the public and the general users.
  186. - charm doesn't need the password to set things up around the service.
  188. *** Inter-service passwords
  190. - Login should be defaulted to name of the service when possible
  191. - Should be defaulted to random values if not provided in configuration.
  192. - Should not be advertised even in the command line interface.
  193. - Should be reset-able anytime.
  195. *** Interactive admin user service's password
  197. - Login should be defaulted to 'admin'
  198. - Should be defaulted to random values, and not be configurable in configuration.
  199. - Should be advertised at the end of ~compose up~ along with URL of services as long
  200. as the default value chosen by compose is still working.
  201. - Should not be advertised once it was changed by user.