Expand documentation.

3e9e7797 · McConahy, Renee Margaret · ffb47cc7 · 3e9e7797
Commit 3e9e7797 authored 4 years ago by McConahy, Renee Margaret
--- a/README.md
+++ b/README.md
-# Ansible roles to configure LOCKSS v2
-
-This project provides Ansible roles and an example playbook for configuring
-[LOCKSS](<https://www.lockss.org/>) v2 on a Ubuntu or CentOS host.
+# Ansible roles to deploy LOCKSS v2
+This project provides Ansible roles, an example playbook, and a Vagrant
+development configuration for deploying [LOCKSS](<https://www.lockss.org/>) v2
+on a Ubuntu or CentOS host. This also adds an ingress controller that provides
+access to LOCKSS's HTTP microservices through a single port, simplifying network
+configuration.

 ## Role variables
 ### Required variables
@@ -38,7 +40,7 @@ This project provides Ansible roles and an example playbook for configuring
 LOCKSS runs as a collection of several microservices, each in its own Docker
 container. These are the ports (all TCP) listened on by each service:

-LOCKSS:
+LOCKSS's services:

 * metadata-extraction-service: 24640 (HTTP API), 24641 (HTTP config)
 * metadata-service: 24650 (HTTP API), 24651 (HTTP config)
@@ -50,7 +52,7 @@ LOCKSS:
 * pywb: 8080 ([Pywb](<https://pypi.org/project/pywb/>) HTTP console)
 * solr: 8983 (Solr HTTP console)

-Added by us:
+Service created by the `lockss` role:

 * lockss-config-frontend: 80 (HTTP ingress controller)

@@ -63,9 +65,19 @@ Thus, most administrators will need access only to port 80; however, the
 firewall rules provisined by this role allow the IPs listed in
 `lockss_admin_ips` to reach all of them.

+## Example and production playbooks
+Michigan State University Libraries' production playbook is included as
+`production.playbook.yml.example'. For local use, the files
+`production.playbook.yml` and `production_secrets.yml` are ignored by Git. The
+included script `bin/generate-production-secrets` will securely generate a new
+secrets file for production use.
+
 ## Developing with Vagrant
-The included Vagrantfile will configure and run the example playbook against the
-machines defined in `vagrant-machines.yml`, currently Ubuntu 18.04 and CentOS 7.
-If the `vagrant-hostsupdater` plugin is installed, Vagrant will add appropriate
-entries to `/etc/hosts`, making the LOCKSS front-end page accessible at
-`http://lockss-ubuntu.test` and `http://lockss-centos.test`.
+The included Vagrantfile will configure and run the playbook `dev.playbook.yml`
+against the machines defined in `vagrant-machines.yml`, currently Ubuntu 18.04
+and CentOS 7. If the `vagrant-hostsupdater` plugin is installed, Vagrant will
+add appropriate entries to `/etc/hosts`, making the LOCKSS front-end page
+accessible at `http://lockss-ubuntu.test` and `http://lockss-centos.test`.
+Multiple base images are included to ensure that this role remains compatible
+with each; for local testing, it's sufficient to use the one most closely
+matching the intended production environment.