Manage database creation

2019-04-05 03:31:48 +00:00 · 2019-04-05 03:31:48 +00:00 · 8cfc9f315f
commit 8cfc9f315f
parent fa042d9c6f
6 changed files with 189 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -22,9 +22,19 @@ oc login -u system:admin
 oc project default
 ```

-## Install Zookeeper Operator
+## Install Postgress Operator

-Perhaps this should be part of the zuul operator
+Follow [install instruction](https://crunchydata.github.io/postgres-operator/stable/installation/),
+basically:
+```
+vi ./pv/crunchy-pv.json  # set volume size and pv number
+oc apply -f ./pv/crunchy-pv.json
+oc apply -f ./deploy/cluster-rbac.yaml
+oc apply -f ./deploy/rbac.yaml
+./deploy/deploy.sh
+```
+
+## Install Zookeeper Operator

 ```shell
 oc create -f https://raw.githubusercontent.com/pravega/zookeeper-operator/master/deploy/crds/zookeeper_v1beta1_zookeepercluster_crd.yaml
@ -32,7 +42,6 @@ oc create -f https://raw.githubusercontent.com/pravega/zookeeper-operator/master
 oc create -f https://raw.githubusercontent.com/pravega/zookeeper-operator/master/deploy/default_ns/operator.yaml
 ```

-
 ## Install Zuul Operator

 ```shell
@ -59,7 +68,6 @@ $ oc logs zuul-operator-c64756f66-rbdmg -c operator
 ...
 ```

-
 ## Usage

 ```
--- a/ansible/group_vars/all.yaml
+++ b/ansible/group_vars/all.yaml
@ -30,3 +30,7 @@ zuul_configmap_name: "{{ zuul_cluster_name }}-config"

 zk_cluster_name: "{{ zuul_cluster_name }}-zk"
 zk_api_version: "zookeeper.pravega.io/v1beta1"
+
+pg_cluster_name: "{{ zuul_cluster_name }}-pg"
+pg_cr_kind: "Pgcluster"
+pg_api_version: "cr.client-go.k8s.io/v1"
--- a/ansible/roles/create_config/tasks/main.yaml
+++ b/ansible/roles/create_config/tasks/main.yaml
@ -1,4 +1,30 @@
 ---
+- name: Create Postgresql Credential
+  when: not zuul_pg_user
+  block:
+    - name: Create k8s secret
+      k8s:
+        state: "{{ state }}"
+        definition:
+          apiVersion: v1
+          kind: Secret
+          metadata:
+            labels:
+              pg-database: "{{ pg_cluster_name }}"
+              app: "{{ zuul_app_name }}"
+              zuul_cluster: "{{ zuul_cluster_name }}"
+            name: "{{ pg_cluster_name }}-zuul-secret"
+            namespace: "{{ namespace }}"
+          type: Opaque
+          data:
+            password: UE5xOEVFVTBxTQ==
+            username: dGVzdHVzZXI=
+    - name: Set fact
+      set_fact:
+        zuul_pg_user:
+          - username: dGVzdHVzZXI=
+            password: UE5xOEVFVTBxTQ==
+
 - name: Create the scheduler configmap
  k8s:
    state: "{{ state }}"
@ -26,6 +52,10 @@
          [scheduler]
          tenant_config=/etc/zuul/main.yaml

+          [connection sqlreporter]
+          driver=sql
+          dburi=postgresql://{{ zuul_pg_user[0]["username"] | b64decode }}:{{ zuul_pg_user[0]["password"] | b64decode }}@{{ pg_cluster_name }}/zuul
+
          {% for connection in connections %}
          [connection {{ connection["name"] }}]
          {% for k, v in connection.items() %}{% if k != "name" %}
@ -75,6 +105,10 @@
          listen_address=0.0.0.0
          port=9000

+          [connection sqlreporter]
+          driver=sql
+          dburi=postgresql://{{ zuul_pg_user[0]["username"] | b64decode }}:{{ zuul_pg_user[0]["password"] | b64decode }}@{{ pg_cluster_name }}/zuul
+
          {% for connection in connections %}
          [connection {{ connection["name"] }}]
          {% for k, v in connection.items() %}{% if k != "name" %}
--- a/ansible/roles/deploy_pg/tasks/main.yaml
+++ b/ansible/roles/deploy_pg/tasks/main.yaml
@ -0,0 +1,127 @@
+- name: Postgresql Secret
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        labels:
+          pg-database: "{{ pg_cluster_name }}"
+          app: "{{ zuul_app_name }}"
+          zuul_cluster: "{{ zuul_cluster_name }}"
+        name: "{{ pg_cluster_name }}-postgres-secret"
+        namespace: "{{ namespace }}"
+      type: Opaque
+      data:
+        password: M3pBeXpmMThxQg==
+        username: cG9zdGdyZXM=
+
+- name: Postgresql Primary User
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        labels:
+          pg-database: "{{ pg_cluster_name }}"
+          app: "{{ zuul_app_name }}"
+          zuul_cluster: "{{ zuul_cluster_name }}"
+        name: "{{ pg_cluster_name }}-primaryuser-secret"
+        namespace: "{{ namespace }}"
+      type: Opaque
+      data:
+        password: d0ZvYWlRZFhPTQ==
+        username: cHJpbWFyeXVzZXI=
+
+- name: Postgresql Deployment
+  k8s:
+    definition:
+      apiVersion: "{{ pg_api_version }}"
+      kind: "{{ pg_cr_kind }}"
+      metadata:
+        labels:
+          archive: 'false'
+          archive-timeout: '60'
+          crunchy-pgbadger: 'false'
+          crunchy_collect: 'false'
+          current-primary: "{{ pg_cluster_name }}"
+          deployment-name: "{{ pg_cluster_name }}"
+          name: "{{ pg_cluster_name }}"
+          pg-cluster: "{{ pg_cluster_name }}"
+          pgo-backrest: 'false'
+          pgo-version: 3.5.2
+          primary: 'true'
+          app: "{{ zuul_app_name }}"
+          zuul_cluster: "{{ zuul_cluster_name }}"
+        name: "{{ pg_cluster_name }}"
+        namespace: "{{ namespace }}"
+      spec:
+        ArchiveStorage:
+          accessmode: ''
+          fsgroup: ''
+          matchLabels: ''
+          name: ''
+          size: ''
+          storageclass: ''
+          storagetype: ''
+          supplementalgroups: ''
+        BackrestStorage:
+          accessmode: ReadWriteMany
+          fsgroup: ''
+          matchLabels: ''
+          name: ''
+          size: 1G
+          storageclass: ''
+          storagetype: create
+          supplementalgroups: ''
+        ContainerResources:
+          limitscpu: ''
+          limitsmemory: ''
+          requestscpu: ''
+          requestsmemory: ''
+        PrimaryStorage:
+          accessmode: ReadWriteMany
+          fsgroup: ''
+          matchLabels: ''
+          name: "{{ pg_cluster_name }}"
+          size: 1G
+          storageclass: ''
+          storagetype: create
+          supplementalgroups: ''
+        ReplicaStorage:
+          accessmode: ReadWriteMany
+          fsgroup: ''
+          matchLabels: ''
+          name: ''
+          size: 1G
+          storageclass: ''
+          storagetype: create
+          supplementalgroups: ''
+        backuppath: ''
+        backuppvcname: ''
+        ccpimage: crunchy-postgres
+        ccpimagetag: centos7-11.2-2.3.1
+        clustername: "{{ pg_cluster_name }}"
+        customconfig: ''
+        database: zuul
+        name: "{{ pg_cluster_name }}"
+        nodename: ''
+        policies: ''
+        port: '5432'
+        primaryhost: "{{ pg_cluster_name }}"
+        primarysecretname: "{{ pg_cluster_name }}-primaryuser-secret"
+        replicas: '0'
+        rootsecretname: "{{ pg_cluster_name }}-postgres-secret"
+        secretfrom: ''
+        status: ''
+        strategy: '1'
+        user: zuul
+        userlabels:
+          archive: 'false'
+          archive-timeout: '60'
+          crunchy-pgbadger: 'false'
+          crunchy_collect: 'false'
+          pgo-backrest: 'false'
+          pgo-version: 3.5.2
+        usersecretname: "{{ pg_cluster_name }}-zuul-secret"
+
+- pause:
--- a/ansible/roles/get_status/tasks/main.yaml
+++ b/ansible/roles/get_status/tasks/main.yaml
@ -2,11 +2,20 @@
 - set_fact:
    label_selector_value: "zuul_cluster={{ zuul_cluster_name }},app={{ zuul_app_name }}"
    sched_selector_value: "zuul_cluster={{ zuul_cluster_name }},app={{ zuul_cluster_name }}-scheduler"
+    pg_user_query: "[?metadata.name=='{{ pg_cluster_name }}-zuul-secret'].data"

 - name: lookup k8s secrets
  set_fact:
    secrets_lookup: "{{ lookup('k8s', api_version='v1', kind='Secret', namespace=namespace, label_selector=label_selector_value) }}"

+- name: lookup pg user
+  set_fact:
+    zuul_pg_user: "{{ secrets_lookup | json_query(pg_user_query) }}"
+
+- name: lookup k8s postgres cr
+  set_fact:
+    pg_cr_lookup: "{{ lookup('k8s', api_version=pg_api_version, kind=pg_cr_kind, namespace=namespace, resource_name=pg_cluster_name) }}"
+
 - name: lookup k8s zookeeper cr
  set_fact:
    zk_cr_lookup: "{{ lookup('k8s', api_version=zk_api_version, kind='ZookeeperCluster', namespace=namespace, resource_name=zk_cluster_name) }}"
--- a/ansible/zuul.yaml
+++ b/ansible/zuul.yaml
@ -7,6 +7,9 @@
      command: env
    - import_role:
        name: get_status
+    - import_role:
+        name: deploy_pg
+      when: (pg_cr_lookup|length==0)
    - import_role:
        name: deploy_zk
      when: (zk_cr_lookup|length==0)