Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/sitectl/cuttle

Blue Box SRE Operations Platform
https://github.com/sitectl/cuttle

ansible bastion bluebox elk operations sensu sre

Last synced: 2 months ago
JSON representation

Blue Box SRE Operations Platform

Awesome Lists containing this project

README 

        
# Cuttle

_Originally called Site Controller (sitectl) and is Pronounced "Cuddle"._



[![Build Status](https://travis-ci.org/IBM/cuttle.svg?branch=master)](https://travis-ci.org/IBM/cuttle)



![Cuttlefish are really gross ok](./logo.png)



A Monolithic Repository of Composable Ansible Roles for building an [Bluebox]

Opinionated SRE Operations Platform.



Originally built by the BlueBox Cloud team to install the infrastructure required to build and

support Openstack Clouds using [Ursula](http://github.com/blueboxgroup/ursula) it quickly grew into

a larger project for enabling SRE Operations both in the Data Center and in the Cloud for any kind

of infrastructure.



Like [Ursula](http://github.com/blueboxgroup/ursula), Cuttle uses the

[ursula-cli](https://github.com/blueboxgroup/ursula-cli) ( installed via requirements.txt )

for running Ansible on specific environments and has some strong opinions on [how

ansible inventory](docs/inventory.md) should be written and handled.



For a rough idea of how Blue Box uses Cuttle by building Central and Remote sites

tethered together with IPSEC VPNs check out [docs/architecture.md](docs/architecture.md).



You will see a number of example Ansible Inventories in `envs/example/` that

show Cuttle being used to build infrastructure to solve a number of problems.

`envs/example/sitecontroller` shows close to a full deployment, whereas

`envs/example/mirror` or `envs/example/elk` to build just specific components.

All of these environments can easily be deployed in Vagrant by using the `ursula-cli`

 (see [Example Usage](#example-usage) ).



### Examples



* See [docs/deploy_2fa_secured_bastion.md](docs/deploy_2fa_secured_bastion.md) for

a fairly comprehensive document on deploying a secure ( 2fa, console logging, RBAC)

Bastion.

* See [docs/deploy-oauth-secured-monitoring-server.md](docs/deploy-oauth-secured-monitoring-server.md) for a OAuth2 secured Sensu / Graphite server.



How to Contribute

-----------------



See [CONTRIBUTORS.md](CONTRIBUTORS.md) for the original team.



The official git repository of Site Controller is https://github.com/IBM/cuttle.

If you have cloned this from somewhere else, may god have mercy on your soul.



### Workflow



We follow the standard github workflow of Fork -> Branch -> PR -> Test -> Review -> Merge.



The Site Controller Core team is working to put together guidance on contributing and

governance now that it is an opensource proect.



Development and Testing

-----------------------



### Build Development Environment



```

# clone this repo

$ git clone [email protected]:ibm/cuttle.git



# install pip, hopefully your system has it already

# install virtualenv

$ pip install virtualenv



# create a new virtualenv so python is happy

$ virtualenv --no-site-packages --no-wheel ~//venv



# activate your new venv like normal

$ source ~//venv/bin/activate



# install ursula-cli, the correct version of ansible, and all other deps

$ cd cuttle

$ pip install -r requirements.txt



# run ansible using ursula-cli; or ansible-playbook, if that's how you roll

$ ursula envs/example/ site.yml



# decactivate your virtualenv when you are done

$ deactivate

```



[Vagrant](https://www.vagrantup.com/) is our preferred Development/Testing framework.



### Example Usage



ursula-cli understands how to interact with vagrant using the `--provisioner` flag:



```

$ ursula --provisioner=vagrant envs/example/sitecontroller bastion.yml

$ ursula --provisioner=vagrant envs/example/sitecontroller site.yml

```



### Openstack and Heat



_your inventory must have a `heat_stack.yml` and a optional `vars_heat.yml` in order for this to work_



You can also test in Openstack with Heat Orchestration. First, grab your stackrc file from Openstack Horizon:



`Project > Compute > Access & Security > Download OpenStack RC File`



Ensure your `ssh-agent` is running, then source your stackrc and run the play:

```

$ source -openrc.sh

$ ursula --ursula-forward --provisioner=heat envs/example/sitecontroller site.yml

```



Add argument `--ursula-debug` for verbose output.



## Run behind a docker proxy for local dev



```

$ docker run  \

  --name proxy -p 3128:3128 \

  -v $(pwd)/tmp/cache:/var/cache/squid3 \

  -d jpetazzo/squid-in-a-can

```



then set the following in your inventory (`vagrant.yml` in `envs/example/*/`)



```

env_vars:

  http_proxy: "http://10.0.2.2:3128"

  https_proxy: "http://10.0.2.2:3128"

  no_proxy: localhost,127.0.0.0/8,10.0.0.0/8,172.0.0.0/8



```



Deploying

---------



To actually deploy an environment you would use ursula-cli like so:



```

$ ursula ../sitecontroller-envs/sjc01 bastion.yml

$ ursula ../sitecontroller-envs/sjc01 site.yml



# targetted runs using any ansible-playbook option

$ ursula ../ursula-infra-envs/sjc01 site.yml --tags openid_proxy

```