Move database creation into role

There is no record for why we implement the database creation outside
of the role in the playbook, when we could do it inside the role.

Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.

In this patch we implement a new variable called 'trove_db_setup_host'
which is used in the role to allow delegation of the database setup
task to any host, but defaults to the first member of the galera_all
host group. We also document the variable 'trove_galera_address' which
has been used for a long time, but never documented. A bunch of unused
variables have also been removed.

The extras folder is removed given that trove's playbooks have been
merged into the integrated repository.

Change-Id: I0bf801416bd0349534588fc7272dffd4b86b7bb9
This commit is contained in:
Jesse Pretorius 2018-06-28 17:02:10 +01:00 committed by Jesse Pretorius (odyssey4me)
parent 2afcbefe3d
commit a1b510f7ba
10 changed files with 29 additions and 175 deletions

View File

@ -110,9 +110,10 @@ trove_ssl_self_signed_regen: false
trove_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ internal_lb_vip_address }}/subjectAltName=IP.1={{ external_lb_vip_address }}" trove_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ internal_lb_vip_address }}/subjectAltName=IP.1={{ external_lb_vip_address }}"
# Database vars # Database vars
trove_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
trove_galera_address: "{{ galera_address | default('127.0.0.1') }}"
trove_galera_database_name: trove trove_galera_database_name: trove
trove_galera_user: trove trove_galera_user: trove
trove_galera_address: "{{ internal_lb_vip_address }}"
trove_db_sync_options: trove_db_sync_options:
trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"

View File

@ -1,8 +0,0 @@
# The infra nodes that will be running the trove services
trove-infra_hosts:
infra1:
ip: 172.20.236.111
infra2:
ip: 172.20.236.112
infra3:
ip: 172.20.236.113

View File

@ -1,59 +0,0 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
component_skel:
trove_api:
belongs_to:
- trove_all
trove_conductor:
belongs_to:
- trove_all
trove_taskmanager:
belongs_to:
- trove_all
container_skel:
trove_api_container:
belongs_to:
- trove-infra_containers
contains:
- trove_api
properties:
service_name: trove
trove_conductor_container:
belongs_to:
- trove-infra_containers
contains:
- trove_conductor
properties:
service_name: trove
trove_taskmanager_container:
belongs_to:
- trove-infra_containers
contains:
- trove_taskmanager
properties:
service_name: trove
physical_skel:
trove-infra_containers:
belongs_to:
- all_containers
trove-infra_hosts:
belongs_to:
- hosts

View File

@ -1,8 +0,0 @@
- service:
haproxy_service_name: trove
haproxy_backend_nodes: "{{ groups['trove_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 8779
haproxy_balance_type: http
haproxy_backend_options:
- "httpchk HEAD /"

View File

@ -1,66 +0,0 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
- name: Install trove server
hosts: trove_all
max_fail_percentage: 20
user: root
pre_tasks:
- include: common-tasks/os-lxc-container-setup.yml
- include: common-tasks/os-log-dir-setup.yml
vars:
log_dirs:
- src: "/openstack/log/{{ inventory_hostname }}-trove"
dest: "/var/log/trove"
- include: common-tasks/rabbitmq-servers-sort.yml
vars:
sort_group_name: "trove_all"
- include: common-tasks/rabbitmq-vhost-user.yml
vars:
user: "{{ trove_rabbitmq_userid }}"
password: "{{ trove_rabbitmq_password }}"
vhost: "{{ trove_rabbitmq_vhost }}"
when:
- inventory_hostname == groups['trove_all'][0]
- groups['rabbitmq_all'] | length > 0
- include: common-tasks/mysql-db-user.yml
vars:
user_name: "{{ trove_galera_user }}"
password: "{{ trove_galera_password }}"
login_host: "{{ trove_galera_address }}"
db_name: "{{ trove_galera_database_name }}"
when: inventory_hostname == groups['trove_all'][0]
roles:
- role: "os_trove"
trove_venv_tag: "{{ openstack_release }}"
trove_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/trove-{{ openstack_release }}.tgz"
pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
tags:
- "os-trove"
- { role: "openstack_openrc", tags: [ "openstack-openrc" ] }
- role: "rsyslog_client"
rsyslog_client_log_rotate_file: trove_log_rotate
rsyslog_client_log_dir: "/var/log/trove"
rsyslog_client_config_name: "99-trove-rsyslog-client.conf"
tags:
- "trove-rsyslog-client"
- role: "system_crontab_coordination"
tags:
- "system-crontab-coordination"
vars:
is_metal: "{{ properties.is_metal|default(false) }}"

View File

@ -1,20 +0,0 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
trove_git_repo: "https://git.openstack.org/openstack/trove"
trove_git_install_branch: 517bb8482764819892425e19707c7febe313dc80 # stable/mitaka
trove_git_dest: "/opt/trove_{{ trove_git_install_branch | replace('/', '_') }}"

View File

@ -1,7 +0,0 @@
---
trove_galera_password:
trove_rabbitmq_password:
trove_service_password:
trove_admin_user_password:
trove_taskmanager_rpc_encr_key:
trove_inst_rpc_key_encr_key:

View File

@ -15,6 +15,33 @@
# #
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za> # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za> # (c) 2016 Paul Stevens <paul.stevens@is.co.za>
- name: Create DB for service
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ trove_galera_address }}"
name: "{{ trove_galera_database_name }}"
state: "present"
delegate_to: "{{ trove_db_setup_host }}"
no_log: True
- name: Grant access to the DB for the service
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ trove_galera_address }}"
name: "{{ trove_galera_user }}"
password: "{{ trove_galera_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ trove_galera_database_name }}.*:ALL"
delegate_to: "{{ trove_db_setup_host }}"
with_items:
- "localhost"
- "%"
no_log: True
- name: Perform a trove DB sync - name: Perform a trove DB sync
command: > command: >
{{ trove_bin }}/trove-manage {{ trove_bin }}/trove-manage

View File

@ -17,9 +17,6 @@
# (c) 2016 Paul Stevens <paul.stevens@is.co.za> # (c) 2016 Paul Stevens <paul.stevens@is.co.za>
trove_developer_mode: True trove_developer_mode: True
trove_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
trove_galera_database_name: trove
trove_galera_user: trove
trove_galera_password: "secrete" trove_galera_password: "secrete"
trove_rabbitmq_port: "{{ rabbitmq_port }}" trove_rabbitmq_port: "{{ rabbitmq_port }}"
trove_rabbitmq_servers: "{{ rabbitmq_servers }}" trove_rabbitmq_servers: "{{ rabbitmq_servers }}"

View File

@ -21,9 +21,6 @@
user: root user: root
gather_facts: true gather_facts: true
pre_tasks: pre_tasks:
- include: common/create-grant-db.yml
db_name: "{{ trove_galera_database_name }}"
db_password: "{{ trove_galera_password }}"
- include: common/ensure-rabbitmq.yml - include: common/ensure-rabbitmq.yml
vhost_name: "{{ trove_rabbitmq_vhost }}" vhost_name: "{{ trove_rabbitmq_vhost }}"
user_name: "{{ trove_rabbitmq_userid }}" user_name: "{{ trove_rabbitmq_userid }}"