Move database creation into role
There is no record for why we implement the database creation outside of the role in the playbook, when we could do it inside the role. Implementing it inside the role allows us to reduce the quantity of group_vars duplicated from the role, and allows us to better document the required variables in the role. The delegation can still be done as it is done in the playbook too. In this patch we implement a new variable called 'trove_db_setup_host' which is used in the role to allow delegation of the database setup task to any host, but defaults to the first member of the galera_all host group. We also document the variable 'trove_galera_address' which has been used for a long time, but never documented. A bunch of unused variables have also been removed. The extras folder is removed given that trove's playbooks have been merged into the integrated repository. Change-Id: I0bf801416bd0349534588fc7272dffd4b86b7bb9
This commit is contained in:
parent
2afcbefe3d
commit
a1b510f7ba
@ -110,9 +110,10 @@ trove_ssl_self_signed_regen: false
|
||||
trove_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ internal_lb_vip_address }}/subjectAltName=IP.1={{ external_lb_vip_address }}"
|
||||
|
||||
# Database vars
|
||||
trove_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
|
||||
trove_galera_address: "{{ galera_address | default('127.0.0.1') }}"
|
||||
trove_galera_database_name: trove
|
||||
trove_galera_user: trove
|
||||
trove_galera_address: "{{ internal_lb_vip_address }}"
|
||||
trove_db_sync_options:
|
||||
trove_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
|
||||
trove_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
|
||||
|
@ -1,8 +0,0 @@
|
||||
# The infra nodes that will be running the trove services
|
||||
trove-infra_hosts:
|
||||
infra1:
|
||||
ip: 172.20.236.111
|
||||
infra2:
|
||||
ip: 172.20.236.112
|
||||
infra3:
|
||||
ip: 172.20.236.113
|
@ -1,59 +0,0 @@
|
||||
---
|
||||
# Copyright 2016 Internet Solutions (Pty) Ltd
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||
|
||||
component_skel:
|
||||
trove_api:
|
||||
belongs_to:
|
||||
- trove_all
|
||||
trove_conductor:
|
||||
belongs_to:
|
||||
- trove_all
|
||||
trove_taskmanager:
|
||||
belongs_to:
|
||||
- trove_all
|
||||
|
||||
container_skel:
|
||||
trove_api_container:
|
||||
belongs_to:
|
||||
- trove-infra_containers
|
||||
contains:
|
||||
- trove_api
|
||||
properties:
|
||||
service_name: trove
|
||||
trove_conductor_container:
|
||||
belongs_to:
|
||||
- trove-infra_containers
|
||||
contains:
|
||||
- trove_conductor
|
||||
properties:
|
||||
service_name: trove
|
||||
trove_taskmanager_container:
|
||||
belongs_to:
|
||||
- trove-infra_containers
|
||||
contains:
|
||||
- trove_taskmanager
|
||||
properties:
|
||||
service_name: trove
|
||||
|
||||
physical_skel:
|
||||
trove-infra_containers:
|
||||
belongs_to:
|
||||
- all_containers
|
||||
trove-infra_hosts:
|
||||
belongs_to:
|
||||
- hosts
|
@ -1,8 +0,0 @@
|
||||
- service:
|
||||
haproxy_service_name: trove
|
||||
haproxy_backend_nodes: "{{ groups['trove_api'] | default([]) }}"
|
||||
haproxy_ssl: "{{ haproxy_ssl }}"
|
||||
haproxy_port: 8779
|
||||
haproxy_balance_type: http
|
||||
haproxy_backend_options:
|
||||
- "httpchk HEAD /"
|
@ -1,66 +0,0 @@
|
||||
---
|
||||
# Copyright 2016 Internet Solutions (Pty) Ltd
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||
|
||||
- name: Install trove server
|
||||
hosts: trove_all
|
||||
max_fail_percentage: 20
|
||||
user: root
|
||||
pre_tasks:
|
||||
- include: common-tasks/os-lxc-container-setup.yml
|
||||
- include: common-tasks/os-log-dir-setup.yml
|
||||
vars:
|
||||
log_dirs:
|
||||
- src: "/openstack/log/{{ inventory_hostname }}-trove"
|
||||
dest: "/var/log/trove"
|
||||
- include: common-tasks/rabbitmq-servers-sort.yml
|
||||
vars:
|
||||
sort_group_name: "trove_all"
|
||||
- include: common-tasks/rabbitmq-vhost-user.yml
|
||||
vars:
|
||||
user: "{{ trove_rabbitmq_userid }}"
|
||||
password: "{{ trove_rabbitmq_password }}"
|
||||
vhost: "{{ trove_rabbitmq_vhost }}"
|
||||
when:
|
||||
- inventory_hostname == groups['trove_all'][0]
|
||||
- groups['rabbitmq_all'] | length > 0
|
||||
- include: common-tasks/mysql-db-user.yml
|
||||
vars:
|
||||
user_name: "{{ trove_galera_user }}"
|
||||
password: "{{ trove_galera_password }}"
|
||||
login_host: "{{ trove_galera_address }}"
|
||||
db_name: "{{ trove_galera_database_name }}"
|
||||
when: inventory_hostname == groups['trove_all'][0]
|
||||
roles:
|
||||
- role: "os_trove"
|
||||
trove_venv_tag: "{{ openstack_release }}"
|
||||
trove_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/trove-{{ openstack_release }}.tgz"
|
||||
pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
|
||||
tags:
|
||||
- "os-trove"
|
||||
- { role: "openstack_openrc", tags: [ "openstack-openrc" ] }
|
||||
- role: "rsyslog_client"
|
||||
rsyslog_client_log_rotate_file: trove_log_rotate
|
||||
rsyslog_client_log_dir: "/var/log/trove"
|
||||
rsyslog_client_config_name: "99-trove-rsyslog-client.conf"
|
||||
tags:
|
||||
- "trove-rsyslog-client"
|
||||
- role: "system_crontab_coordination"
|
||||
tags:
|
||||
- "system-crontab-coordination"
|
||||
vars:
|
||||
is_metal: "{{ properties.is_metal|default(false) }}"
|
@ -1,20 +0,0 @@
|
||||
---
|
||||
# Copyright 2016 Internet Solutions (Pty) Ltd
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||
trove_git_repo: "https://git.openstack.org/openstack/trove"
|
||||
trove_git_install_branch: 517bb8482764819892425e19707c7febe313dc80 # stable/mitaka
|
||||
trove_git_dest: "/opt/trove_{{ trove_git_install_branch | replace('/', '_') }}"
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
trove_galera_password:
|
||||
trove_rabbitmq_password:
|
||||
trove_service_password:
|
||||
trove_admin_user_password:
|
||||
trove_taskmanager_rpc_encr_key:
|
||||
trove_inst_rpc_key_encr_key:
|
@ -15,6 +15,33 @@
|
||||
#
|
||||
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
|
||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||
|
||||
- name: Create DB for service
|
||||
mysql_db:
|
||||
login_user: "{{ galera_root_user }}"
|
||||
login_password: "{{ galera_root_password }}"
|
||||
login_host: "{{ trove_galera_address }}"
|
||||
name: "{{ trove_galera_database_name }}"
|
||||
state: "present"
|
||||
delegate_to: "{{ trove_db_setup_host }}"
|
||||
no_log: True
|
||||
|
||||
- name: Grant access to the DB for the service
|
||||
mysql_user:
|
||||
login_user: "{{ galera_root_user }}"
|
||||
login_password: "{{ galera_root_password }}"
|
||||
login_host: "{{ trove_galera_address }}"
|
||||
name: "{{ trove_galera_user }}"
|
||||
password: "{{ trove_galera_password }}"
|
||||
host: "{{ item }}"
|
||||
state: "present"
|
||||
priv: "{{ trove_galera_database_name }}.*:ALL"
|
||||
delegate_to: "{{ trove_db_setup_host }}"
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
no_log: True
|
||||
|
||||
- name: Perform a trove DB sync
|
||||
command: >
|
||||
{{ trove_bin }}/trove-manage
|
||||
|
@ -17,9 +17,6 @@
|
||||
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
|
||||
|
||||
trove_developer_mode: True
|
||||
trove_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
|
||||
trove_galera_database_name: trove
|
||||
trove_galera_user: trove
|
||||
trove_galera_password: "secrete"
|
||||
trove_rabbitmq_port: "{{ rabbitmq_port }}"
|
||||
trove_rabbitmq_servers: "{{ rabbitmq_servers }}"
|
||||
|
@ -21,9 +21,6 @@
|
||||
user: root
|
||||
gather_facts: true
|
||||
pre_tasks:
|
||||
- include: common/create-grant-db.yml
|
||||
db_name: "{{ trove_galera_database_name }}"
|
||||
db_password: "{{ trove_galera_password }}"
|
||||
- include: common/ensure-rabbitmq.yml
|
||||
vhost_name: "{{ trove_rabbitmq_vhost }}"
|
||||
user_name: "{{ trove_rabbitmq_userid }}"
|
||||
|
Loading…
Reference in New Issue
Block a user