From a1b510f7ba8c344db9be366612f06da29622ce26 Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Thu, 28 Jun 2018 17:02:10 +0100 Subject: [PATCH] Move database creation into role There is no record for why we implement the database creation outside of the role in the playbook, when we could do it inside the role. Implementing it inside the role allows us to reduce the quantity of group_vars duplicated from the role, and allows us to better document the required variables in the role. The delegation can still be done as it is done in the playbook too. In this patch we implement a new variable called 'trove_db_setup_host' which is used in the role to allow delegation of the database setup task to any host, but defaults to the first member of the galera_all host group. We also document the variable 'trove_galera_address' which has been used for a long time, but never documented. A bunch of unused variables have also been removed. The extras folder is removed given that trove's playbooks have been merged into the integrated repository. Change-Id: I0bf801416bd0349534588fc7272dffd4b86b7bb9 --- defaults/main.yml | 3 +- extras/conf.d/trove.yml.example | 8 --- extras/env.d/trove.yml | 59 --------------------- extras/haproxy_trove.yml | 8 --- extras/os-trove-install.yml | 66 ------------------------ extras/repo_packages/openstack_trove.yml | 20 ------- extras/user_secrets.yml | 7 --- tasks/trove_db_setup.yml | 27 ++++++++++ tests/os_trove-overrides.yml | 3 -- tests/test-install-trove.yml | 3 -- 10 files changed, 29 insertions(+), 175 deletions(-) delete mode 100644 extras/conf.d/trove.yml.example delete mode 100644 extras/env.d/trove.yml delete mode 100644 extras/haproxy_trove.yml delete mode 100644 extras/os-trove-install.yml delete mode 100644 extras/repo_packages/openstack_trove.yml delete mode 100755 extras/user_secrets.yml diff --git a/defaults/main.yml b/defaults/main.yml index 7e34e34..7dbe9c7 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -110,9 +110,10 @@ trove_ssl_self_signed_regen: false trove_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ internal_lb_vip_address }}/subjectAltName=IP.1={{ external_lb_vip_address }}" # Database vars +trove_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}" +trove_galera_address: "{{ galera_address | default('127.0.0.1') }}" trove_galera_database_name: trove trove_galera_user: trove -trove_galera_address: "{{ internal_lb_vip_address }}" trove_db_sync_options: trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" diff --git a/extras/conf.d/trove.yml.example b/extras/conf.d/trove.yml.example deleted file mode 100644 index 28d3538..0000000 --- a/extras/conf.d/trove.yml.example +++ /dev/null @@ -1,8 +0,0 @@ -# The infra nodes that will be running the trove services -trove-infra_hosts: - infra1: - ip: 172.20.236.111 - infra2: - ip: 172.20.236.112 - infra3: - ip: 172.20.236.113 diff --git a/extras/env.d/trove.yml b/extras/env.d/trove.yml deleted file mode 100644 index 32cf0a3..0000000 --- a/extras/env.d/trove.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- -# Copyright 2016 Internet Solutions (Pty) Ltd -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# (c) 2016 Donovan Francesco -# (c) 2016 Paul Stevens - -component_skel: - trove_api: - belongs_to: - - trove_all - trove_conductor: - belongs_to: - - trove_all - trove_taskmanager: - belongs_to: - - trove_all - -container_skel: - trove_api_container: - belongs_to: - - trove-infra_containers - contains: - - trove_api - properties: - service_name: trove - trove_conductor_container: - belongs_to: - - trove-infra_containers - contains: - - trove_conductor - properties: - service_name: trove - trove_taskmanager_container: - belongs_to: - - trove-infra_containers - contains: - - trove_taskmanager - properties: - service_name: trove - -physical_skel: - trove-infra_containers: - belongs_to: - - all_containers - trove-infra_hosts: - belongs_to: - - hosts diff --git a/extras/haproxy_trove.yml b/extras/haproxy_trove.yml deleted file mode 100644 index 4bfd540..0000000 --- a/extras/haproxy_trove.yml +++ /dev/null @@ -1,8 +0,0 @@ - - service: - haproxy_service_name: trove - haproxy_backend_nodes: "{{ groups['trove_api'] | default([]) }}" - haproxy_ssl: "{{ haproxy_ssl }}" - haproxy_port: 8779 - haproxy_balance_type: http - haproxy_backend_options: - - "httpchk HEAD /" diff --git a/extras/os-trove-install.yml b/extras/os-trove-install.yml deleted file mode 100644 index 8faa5e8..0000000 --- a/extras/os-trove-install.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# Copyright 2016 Internet Solutions (Pty) Ltd -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# (c) 2016 Donovan Francesco -# (c) 2016 Paul Stevens - -- name: Install trove server - hosts: trove_all - max_fail_percentage: 20 - user: root - pre_tasks: - - include: common-tasks/os-lxc-container-setup.yml - - include: common-tasks/os-log-dir-setup.yml - vars: - log_dirs: - - src: "/openstack/log/{{ inventory_hostname }}-trove" - dest: "/var/log/trove" - - include: common-tasks/rabbitmq-servers-sort.yml - vars: - sort_group_name: "trove_all" - - include: common-tasks/rabbitmq-vhost-user.yml - vars: - user: "{{ trove_rabbitmq_userid }}" - password: "{{ trove_rabbitmq_password }}" - vhost: "{{ trove_rabbitmq_vhost }}" - when: - - inventory_hostname == groups['trove_all'][0] - - groups['rabbitmq_all'] | length > 0 - - include: common-tasks/mysql-db-user.yml - vars: - user_name: "{{ trove_galera_user }}" - password: "{{ trove_galera_password }}" - login_host: "{{ trove_galera_address }}" - db_name: "{{ trove_galera_database_name }}" - when: inventory_hostname == groups['trove_all'][0] - roles: - - role: "os_trove" - trove_venv_tag: "{{ openstack_release }}" - trove_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/trove-{{ openstack_release }}.tgz" - pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}" - tags: - - "os-trove" - - { role: "openstack_openrc", tags: [ "openstack-openrc" ] } - - role: "rsyslog_client" - rsyslog_client_log_rotate_file: trove_log_rotate - rsyslog_client_log_dir: "/var/log/trove" - rsyslog_client_config_name: "99-trove-rsyslog-client.conf" - tags: - - "trove-rsyslog-client" - - role: "system_crontab_coordination" - tags: - - "system-crontab-coordination" - vars: - is_metal: "{{ properties.is_metal|default(false) }}" diff --git a/extras/repo_packages/openstack_trove.yml b/extras/repo_packages/openstack_trove.yml deleted file mode 100644 index 35b90eb..0000000 --- a/extras/repo_packages/openstack_trove.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# Copyright 2016 Internet Solutions (Pty) Ltd -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# (c) 2016 Donovan Francesco -# (c) 2016 Paul Stevens -trove_git_repo: "https://git.openstack.org/openstack/trove" -trove_git_install_branch: 517bb8482764819892425e19707c7febe313dc80 # stable/mitaka -trove_git_dest: "/opt/trove_{{ trove_git_install_branch | replace('/', '_') }}" diff --git a/extras/user_secrets.yml b/extras/user_secrets.yml deleted file mode 100755 index 1bf5cdf..0000000 --- a/extras/user_secrets.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -trove_galera_password: -trove_rabbitmq_password: -trove_service_password: -trove_admin_user_password: -trove_taskmanager_rpc_encr_key: -trove_inst_rpc_key_encr_key: diff --git a/tasks/trove_db_setup.yml b/tasks/trove_db_setup.yml index 053b864..09efdd7 100644 --- a/tasks/trove_db_setup.yml +++ b/tasks/trove_db_setup.yml @@ -15,6 +15,33 @@ # # (c) 2016 Donovan Francesco # (c) 2016 Paul Stevens + +- name: Create DB for service + mysql_db: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ trove_galera_address }}" + name: "{{ trove_galera_database_name }}" + state: "present" + delegate_to: "{{ trove_db_setup_host }}" + no_log: True + +- name: Grant access to the DB for the service + mysql_user: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ trove_galera_address }}" + name: "{{ trove_galera_user }}" + password: "{{ trove_galera_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ trove_galera_database_name }}.*:ALL" + delegate_to: "{{ trove_db_setup_host }}" + with_items: + - "localhost" + - "%" + no_log: True + - name: Perform a trove DB sync command: > {{ trove_bin }}/trove-manage diff --git a/tests/os_trove-overrides.yml b/tests/os_trove-overrides.yml index 525c38b..6adf29c 100644 --- a/tests/os_trove-overrides.yml +++ b/tests/os_trove-overrides.yml @@ -17,9 +17,6 @@ # (c) 2016 Paul Stevens trove_developer_mode: True -trove_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}" -trove_galera_database_name: trove -trove_galera_user: trove trove_galera_password: "secrete" trove_rabbitmq_port: "{{ rabbitmq_port }}" trove_rabbitmq_servers: "{{ rabbitmq_servers }}" diff --git a/tests/test-install-trove.yml b/tests/test-install-trove.yml index 8328408..cfa9292 100644 --- a/tests/test-install-trove.yml +++ b/tests/test-install-trove.yml @@ -21,9 +21,6 @@ user: root gather_facts: true pre_tasks: - - include: common/create-grant-db.yml - db_name: "{{ trove_galera_database_name }}" - db_password: "{{ trove_galera_password }}" - include: common/ensure-rabbitmq.yml vhost_name: "{{ trove_rabbitmq_vhost }}" user_name: "{{ trove_rabbitmq_userid }}"