This is an internal documentation. There is a good chance you’re looking for something else. See Disclaimer.
Glossary¶
- Ansible Repository
Git repository describing the configuration of our servers in a format that Ansible understands.
It can be found at https://git.tocco.ch/gitweb?p=ansible.git;a=summary.
- Ansible Vault
Used to store passwords and other secrets securely.
Two are currently in use, secrets.yml and secrets2.yml.
See section Ansible Vault in this document for a detailed documentation.
- BO
- Backoffice
This is what we call our own installation of Nice2 that can be reached at https://www.tocco.ch/tocco.
- application property
Application properties can be used to configure Nice. They are simple key, value pairs and look like this:
my.property=configuration value
See:
- config.yml
Ansible configuration pertaining to a particular customers and installations.
Direct link to config.yml
- deployment
In Tocco terminology, a deployment is an update, of Nice, within the same minor version (e.g within version 3.1).
- FTL
- Freemarker
- Freemarker Template Language
Templating language used throughout Nice2. In particular, report and mail content is mostly generated using this language.
- HiveApp
Extension of HiveMind.
- HiveMind
HiveMind is a service and configuration microkernel used within Nice2. The official web page <https://hivemind.apache.org/hivemind1/index.html> has some more details.
Within Nice2 HiveMind is used to configure listeners, batch jobs, default property value, reports and much more.
- JFrog’s Artifactory
- Artifactory
Tocco hosts its own JFrog’s Artifactory, a Maven software repository. During build, all artifacts are fetched from there. Either, the package is uploaded to the artifact directly or a Remote Repository can be configured.
Our Artifactory can be found at https://mvn.tocco.ch.
- BURP
Backup archiving tool using on some of our servers. See https://burp.grke.org for details.
- continuous delivery
- CD
Continuous delivery is used to deploy our Nice installations.
Our CD is powered by TeamCity and can be found at https://tc.tocco.ch.
- container
A docker image running in a pod.
Configuration is part of the deployment config.
- DB refactoring
In the context of Nice, the DB migration in generally referred to as DB refactoring.
- deployment config
- DC
The deployment config describes the containers associated with it. This includes image sources, resource limits, open ports, roll out strategy, triggers, etc.
Accessible via
oc {get|describe|edit|…} dc …
.- docker image
An image that contains an application and all run-time dependencies except the OS.
- Employee Short Name
Usually the first two letters of an employee’s first and last name combined. For instance, Jane Doe becomes jado.
These are the initials used in Slack and can also be found in BO on Person as Kurzbez.
- exposed port
Port that is made available to other pods or services.
This is configured in the deployment config.
- hibernate collection
A collection that is persisted to the database (a one-to-many or many-to-many association)
- image stream
- IS
Describes a docker repository. Pushing a docker image to it can be used to trigger an automatic deployment.
Accessible via
oc {get|describe|edit|…} is …
.- global.yml
Ansible configuration applying to all installations and customers.
Direct link to global.yml
- image stream tag
Describes a docker image tag. Defaults to
latest
.Accessible via
oc {get|describe|edit|…} imagestreamtag …
.- JasperReports
JasperReports is a report technology still used by some legacy reports. The reports use the *.jrxml file extension.
New reports should use wkhtmltopdf.
- livenessProbe
Used by Kubernetes to determine if an application is alive. Usually by using frequent HTTP GET request to check if the application responds. Applications failing this probe are terminated and restarted.
See also Configure Liveness, Readiness and Startup Probes.
- Maven Archive
An archive (*.tar.gz) of the whole application including all dependencies and other resources needed to run the applicaiton.
Such an archive can be created using this command:
mvn -pl customer/${CUSTOMER} -am install -T1C -DskipTests -P assembly
See also Apache Maven Assembly Plugin.
- migration
In Tocco terminology, a migration is an update, of Nice, across a major or minor version (e.g. from version 3.0 to 3.1).
- Nginx
Nginx is the web server used for as reverse proxy in front of Nice.
Nginx is running in the same pod as Nice.
- persistent volume claim
- PVC
A persistent volume that can be mounted into one or more containers.
Accessible via
oc {get|describe|edit|…} pvc …
.- pod
- PO
A pod is one instance of the containers described in its deployment config.
Accessible via
oc {get|describe|edit|…} pod …
.- pre-hook pod
A pre-hook pod is a pod that is executed during rollout, before executing the actual pod. In our setup, it is used for DB refactoring and some startup checks. For more details, see Pod-based Lifecycle Hook in the OpenShift documentation.
- Operations Public channel
Slack channel operations_public that can be used to contact the operations team.
- PD4ML
PD4ML is a Java-based HTML to PDF converter used by some legacy reports.
New reports should use wkhtmltopdf.
- Remote Repository
In Artifactory, Remote Repositories can be configured. For such repositories, Artifactory will forward requests to the configured upstream repository and cache the result for later use.
Remote Repositories can be configured in Admin → Remote.
- Replication Controller
- RC
The replication controller is responsible to ensure the specified number of replicas is running at all times.
There is one RC per deployment. Use
oc describe rc …
to see the configuration (DC) that was used for a deployment.Accessible via
oc {get|describe|edit|…} pod …
- secrets.yml
Used to store passwords, API keys and other secrets. Encrypted using Ansible Vault and stored in the Ansible Repository.
secrets.yml contains secrets required for setting up servers and services other than Nice. See also secrets2.yml.
View secrets:
$ cd ${ANSIBLE_REPO}/servers $ ansible-vault view secrets.yml
Edit secrets:
$ cd ${ANSIBLE_REPO}/servers $ ansible-vault edit secrets.yml
Encrypt a file:
$ cd ${ANSIBLE_REPO} $ ansible-vault encrypt --encrypt-vault-id ops ${PATH_TO_FILE}
Tip
When an encrypted file needs to be available in the server config as well as from within
/tocco/
or/services/
, use--encrypted-vault-id dev
.- secrets2.yml
Used to store passwords, API keys and other secrets. Encrypted using Ansible Vault and stored in the Ansible Repository.
secrets2.yml contains secrets required for setting up Nice and related services. As general rule, secrets required so setup an installation go here. See also secrets.yml.
View secrets:
$ cd ${ANSIBLE_REPO}/tocco $ ansible-vault view secrets2.yml
Edit secrets:
$ cd ${ANSIBLE_REPO}/tocco $ ansible-vault edit secrets2.yml
Encrypt a file:
$ cd ${ANSIBLE_REPO}/tocco $ ansible-vault encrypt --encrypt-vault-id dev ${PATH_TO_FILE}
Note
secrets2.yml is also used by services defined in
/services/
.- service
- SVC
Used to make a service available in the network. It provides a DNS name for a service in a way that hides the fact that the service may be provided by several pods (multiple replicas).
Accessible via
oc {get|describe|edit|…} svc …
.- Solr
Solr is a search engine, Nice uses it to provide full-text search.
Every Nice installation runs exactly one Solr pod.
- Solr core
Indexes in Solr are known as cores.
- route
Provides a route to a service. This is used to make a service reachable via internet.
Accessible via
oc {get|describe|edit|…} route …
.- tocco-dotfiles
Git repository containing company-wide configurations and scripts.
See also Set Up Dotfiles
- wkhtmltopdf
A command line tool for converting HTML into PDF. Within Nice it is used to generate PDF reports.
See Wkhtmltopdf (WebKit) and Reports.