Add CentOS7 support to Galera Server

Updates the multi-distro framework to add CentOS7 support.

Depends-On: Ieadcdd70e9b8271aee3880896255a5037f56567e
Change-Id: I7e889ea4653a6972ea7f8208416fc1fc3db45e5c
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>

defaults/main.yml

@@ -13,9 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-## APT Cache Options
-cache_timeout: 600
-
 galera_cluster_members: "{{ groups['galera_all'] }}"
 galera_server_bootstrap_node: "{{ galera_cluster_members[0] }}"
 galera_ignore_cluster_state: false
@@ -31,6 +28,14 @@ galera_cluster_name: openstack_galera_cluster
 #   as a slave." is no longer present.
 # galera_server_id: 0
 
+# These are here to stub out the internal ROLE API.
+#  if these are used they should be set within the
+#  distro specific variable files found in vars/
+galera_pinned_packages: []
+galera_debconf_items: []
+percona_upstream_packages: []
+
+
 galera_existing_cluster: true
 galera_running_and_bootstrapped: false
 
@@ -68,32 +73,6 @@ galera_wsrep_sst_auth_password: "{{ galera_root_password  }}"
 # xtrabackup parallel/compression/sync threads
 galera_xtrabackup_threads: 4
 
-# Repositories
-galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu"
-galera_apt_repo:
-  repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main"
-  state: "present"
-
-galera_apt_percona_xtrabackup_url: "https://repo.percona.com/apt"
-galera_apt_percona_xtrabackup_repo:
-  repo: "deb {{ galera_apt_percona_xtrabackup_url }} {{ ansible_distribution_release }} main"
-  state: "present"
-
-percona_package_path: "/opt/{{ percona_package_url | basename }}"
-
-galera_apt_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }]
-
-# Validate SSL certificates when downloading the percona deb above
-# May be set to "no" when proxy server is intercepting the certificates.
-percona_package_download_validate_certs: "yes"
-
-#There is no package currently provided for Xenial, but vivid uses the
-#same libraries and installs without issue.
-qpress_deb_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.vivid_amd64.deb
-qpress_package_download_validate_certs: yes
-qpress_package_sha256: "54c02ae825b5c08bfae0792b23390b1577d7a26cadfb321384377bde31465959"
-qpress_package_path: "/opt/{{ qpress_deb_url | basename }}"
-
 galera_pip_packages:
   - MySQL-python
   - pycrypto
@@ -112,3 +91,5 @@ galera_debian_cnf_overrides: {}
 # the cluster will be used which is something to note if deploying galera on different
 # hardware.
 # galera_max_connections: 500
+
+using_mysql_init: no

manual-test.rc

@@ -0,0 +1,22 @@
+export VIRTUAL_ENV=$(pwd)
+export ANSIBLE_HOST_KEY_CHECKING=False
+export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r
+
+# TODO (odyssey4me) These are only here as they are non-standard folder
+# names for Ansible 1.9.x. We are using the standard folder names for
+# Ansible v2.x. We can remove this when we move to Ansible 2.x.
+export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action
+export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback
+export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter
+export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup
+
+# This is required as the default is the current path or a path specified
+# in ansible.cfg
+export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library
+
+# This is required as the default is '/etc/ansible/roles' or a path
+# specified in ansible.cfg
+export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/..
+
+echo "Run manual functional tests by executing the following:"
+echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml -e \"rolename=$(pwd)\""

meta/main.yml

@@ -23,6 +23,10 @@ galaxy_info:
     - name: Ubuntu
       versions:
         - trusty
+        - xenial
+    - name: EL
+      versions:
+        - 7
   categories:
     - cloud
     - galera
@@ -31,7 +35,7 @@ galaxy_info:
     - openstack
 dependencies:
   - role: apt_package_pinning
-    apt_pinned_packages: "{{ galera_apt_pinned_packages }}"
+    apt_pinned_packages: "{{ galera_pinned_packages }}"
     apt_package_pinning_file_name: "galera_pin.pref"
     when:
       - ansible_pkg_mgr == 'apt'

other-requirements.txt

@@ -14,8 +14,13 @@
 # TODO(odyssey4me) remove this once https://review.openstack.org/288634 has merged
 # and the disk images are rebuilt and redeployed.
 curl
-
+wget
 
 # Requirements for Paramiko 2.0
-libssl-dev
-libffi-dev
+libssl-dev        [platform:dpkg]
+libffi-dev        [platform:dpkg]
+libffi-devel      [platform:rpm]
+openssl-devel     [platform:rpm]
+
+# For selinux
+libselinux-python [platform:rpm]

releasenotes/notes/implement-centos7-support-cf6b6ee0d606223f.yaml

@@ -0,0 +1,3 @@
+---
+features:
+  - CentOS 7 support has been added to the ``galera_server`` role.

run_tests.sh

@@ -22,6 +22,10 @@ if [ "$(which apt-get)" ]; then
   apt-get install -y build-essential python2.7 python-dev git-core libssl-dev libffi-dev
 fi
 
+if [ "$(which yum)" ]; then
+  yum install -y '@Development Tools' python-devel git libffi-devel openssl-devel
+fi
+
 # get pip, if necessary
 if [ ! "$(which pip)" ]; then
   curl --silent --show-error --retry 5 \

tasks/galera_install.yml

@@ -19,15 +19,8 @@
   tags:
     - install-apt
 
-- name: Install pip packages
-  pip:
-    name: "{{ item }}"
-    state: latest
-    extra_args: "{{ pip_install_options|default('') }}"
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  with_items: "{{ galera_pip_packages }}"
+- include: galera_install_yum.yml
+  when:
+    - ansible_pkg_mgr == 'yum'
   tags:
-    - galera-pip-packages
+    - install-yum

tasks/galera_install_apt.yml

@@ -13,6 +13,93 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
+#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
+#in 1.9.x or we move to 2.0 (if tested working)
+- name: Check apt last update file
+  stat:
+    path: /var/cache/apt
+  register: apt_cache_stat
+  tags:
+    - galera-apt-packages
+
+- name: Update apt if needed
+  apt:
+    update_cache: yes
+  when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
+  tags:
+    - galera-apt-packages
+
+- name: Install galera apt pre packages
+  apt:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_pre_packages }}"
+  tags:
+    - galera-pre-apt-packages
+
+- name: Add galera apt-keys
+  apt_key:
+    id: "{{ item.hash_id }}"
+    keyserver: "{{ item.keyserver | default(omit) }}"
+    data: "{{ item.data | default(omit) }}"
+    url: "{{ item.url | default(omit) }}"
+    state: "present"
+  register: add_keys
+  until: add_keys|success
+  ignore_errors: True
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_gpg_keys }}"
+  tags:
+    - galera-apt-keys
+
+- name: Add galera apt-keys using fallback keyserver
+  apt_key:
+    id: "{{ item.hash_id }}"
+    keyserver: "{{ item.fallback_keyserver | default(omit) }}"
+    url: "{{ item.fallback_url | default(omit) }}"
+    state: "present"
+  register: add_keys_fallback
+  until: add_keys_fallback|success
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_gpg_keys }}"
+  when: add_keys|failed and (item.fallback_keyserver is defined or item.fallback_url is defined)
+  tags:
+    - galera-apt-keys
+
+- name: Add galera repo
+  apt_repository:
+    repo: "{{ item.repo }}"
+    state: "{{ item.state }}"
+  register: add_repos
+  until: add_repos|success
+  retries: 5
+  delay: 2
+  with_items:
+    - "{{ galera_repo }}"
+  tags:
+    - galera-repos
+
+- name: Add percona repo
+  apt_repository:
+    repo: "{{ item.repo }}"
+    state: "{{ item.state }}"
+  register: add_repos
+  until: add_repos|success
+  retries: 5
+  delay: 2
+  with_items:
+    - "{{ galera_percona_xtrabackup_repo }}"
+  when: use_percona_upstream | bool
+  tags:
+    - percona-repos
+
 - name: Preseed galera password(s)
   debconf:
     name: "{{ item.name }}"
@@ -23,6 +110,15 @@
   tags:
     - galera-debconf
 
+- name: Prevent galera from starting on install
+  copy:
+    src: "policy-rc.d"
+    dest: "/usr/sbin/policy-rc.d"
+    mode: "0755"
+    backup: yes
+  tags:
+    - galera-config
+
 #TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
 #when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
 #in 1.9.x or we move to 2.0 (if tested working)
@@ -50,31 +146,39 @@
   until: install_packages|success
   retries: 5
   delay: 2
-  with_items: "{{ galera_apt_packages }}"
+  with_items: "{{ galera_packages }}"
   notify: Restart mysql
   tags:
     - galera-apt-packages
 
-# TODO(cloudnull) -- Remove this after the Mitaka release
-#  This task simply removes the system version of
-#  percona-xtrabackup and xtrabackup if found the
-#  purpose is to ensure that "if" the system version
-#  of the binary is installed its first removed in
-#  favor of the actual upstream package being used in
-#  the next task.
-- name: UnInstall system xtrabackup packages
-  apt:
-    pkg: "{{ item }}"
-    state: absent
-  with_items:
-    - percona-xtrabackup
-    - xtrabackup
-  tags:
-    - percona-apt-packages
-
-- name: Install percona packages upstream
+- name: Install percona-xtrabackup package from .deb
   apt:
     deb: "{{ percona_package_path }}"
     force: yes
+  when: not use_percona_upstream | bool
   tags:
-    - galera-apt-packages
+    - percona-apt-packages
+
+- name: Install qpress package from .deb
+  apt:
+    deb: "{{ qpress_package_path }}"
+    force: yes
+  when: not use_percona_upstream | bool
+  tags:
+    - percona-apt-packages
+
+- name: Install percona packages
+  apt:
+    pkg: "{{ item }}"
+    state: installed
+  with_items: "{{ percona_upstream_packages }}"
+  when: use_percona_upstream | bool
+  tags:
+    - percona-apt-packages
+
+- name: Remove policy-rc
+  file:
+    path: "/usr/sbin/policy-rc.d"
+    state: absent
+  tags:
+    - galera-config

tasks/galera_install_yum.yml

@@ -0,0 +1,162 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Update the local file system CRUD
+  file:
+    src: "{{ item.src|default(omit) }}"
+    path: "{{ item.path }}"
+    state: "{{ item.state }}"
+    force: "{{ item.force|default(omit) }}"
+  with_items:
+    - { path: "/etc/mysql", state: "directory" }
+    - { path: "/etc/mysql/conf.d", state: "directory" }
+    - { src: "/usr/lib64/galera", path: "/usr/lib/galera", state: "link", force: true }
+    - { src: "/etc/mysql/conf.d", path: "/etc/my.cnf.d", state: "link", force: true }
+    - { src: "/etc/mysql/my.cnf", path: "/etc/my.cnf", state: "link", force: true }
+  tags:
+    - galera-config
+
+- name: Add galera gpg-keys
+  rpm_key:
+    state: present
+    key: "{{ item.keyserver }}/{{ item.key_name }}"
+  register: add_keys
+  until: add_keys|success
+  ignore_errors: True
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_client_gpg_keys }}"
+  tags:
+    - galera-gpg-keys
+
+- name: Add galera gpg-keys using fallback keyserver
+  rpm_key:
+    state: present
+    key: "{{ item.fallback_keyserver }}/{{ item.key_name }}"
+  register: add_keys
+  until: add_keys|success
+  ignore_errors: True
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_client_gpg_keys }}"
+  when: add_keys|failed and (item.fallback_keyserver is defined)
+  tags:
+    - galera-gpg-keys
+
+#TODO(cloudnull) Remove this task once we move to Ansible 2.1
+# where we can leverage the `yum_repository` module:
+# https://docs.ansible.com/ansible/yum_repository_module.html
+- name: Add galera repo
+  copy:
+    content: |
+      [{{ item.name }}]
+      name={{ item.name }}
+      description={{ item.description }}
+      baseurl={{ item.baseurl }}
+      gpgkey={{ item.gpgkey }}
+      gpgcheck=1
+      enabled=1
+    dest: "/etc/yum.repos.d/{{ item.file }}.repo"
+  register: add_repos
+  until: add_repos|success
+  retries: 5
+  delay: 2
+  with_items:
+    - "{{ galera_repo }}"
+  tags:
+    - galera-repos
+
+- name: Install galera yum pre packages
+  yum:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_pre_packages }}"
+  tags:
+    - galera-pre-yum-packages
+
+- name: Install percona repo
+  yum:
+    pkg: "{{ galera_percona_xtrabackup_repo.repo }}"
+    state: "{{ galera_percona_xtrabackup_repo.state }}"
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  when: use_percona_upstream | bool
+  tags:
+    - galera-pre-yum-packages
+
+- name: Install percona yum packages
+  yum:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ percona_upstream_packages }}"
+  when: use_percona_upstream | bool
+  tags:
+    - galera-pre-yum-packages
+
+- name: Install galera yum packages
+  yum:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: "{{ galera_packages }}"
+  tags:
+    - galera-pre-yum-packages
+
+- name: Enable mysql to start at boot
+  service:
+    name: "mysql"
+    enabled: "yes"
+  tags:
+    - galera-enable
+
+# NOTE(cloudnull): This is an idempotent shell task is it will only run once
+#  provided the "/etc/mysql/rhel_configured" exists. This tasks automates the
+#  MySQL secure setup which is done automatically in Ubuntu deployments.
+- name: "Update root user, connections, and grant options"
+  shell: |
+    service mysql start || true
+    # Reset the root password, at this time there is no password set
+    mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}"
+    # Setup the root user for MySQL
+    mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';"
+    mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';"
+    mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');"
+    mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
+    mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
+    mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
+    mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
+    mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
+    mysql -u root -h localhost -e "FLUSH PRIVILEGES;"
+    # Create a marker file to ensure this script is not run again
+    touch /etc/mysql/rhel_configured
+    service mysql stop
+  args:
+    creates: /etc/mysql/rhel_configured
+  tags:
+    - galera-rhel-config
+    - skip_ansible_lint

tasks/galera_post_install.yml

@@ -24,7 +24,7 @@
   with_items:
     - { path: "/var/lib/mysql", owner: "mysql", mode: "2755" }
     - { path: "/var/log/mysql", owner: "mysql", mode: "2755" }
-    - { path: "/var/log/mysql_logs/", owner: "mysql", group: "syslog", mode: "2755" }
+    - { path: "/var/log/mysql_logs", owner: "mysql", mode: "2755" }
     - { path: "/etc/mysql/conf.d" }
   tags:
     - galera-config
@@ -53,6 +53,7 @@
       config_type: "ini"
   notify: Restart mysql
   tags:
+    - galera-config
     - galera-client-user-config
 
 # NOTE: (mancdaz) this should not be needed with mariadb-10.1 since its
@@ -64,6 +65,8 @@
     insertafter: '^export HOME=/etc/mysql/'
     line: '[ -r /etc/default/mysql ] && . /etc/default/mysql'
     backup: yes
+  tags:
+    - galera-config
 
 # NOTE: (mancdaz) The target will need to change to /etc/default/mariadb
 #       for mariadb-10.1
@@ -83,13 +86,6 @@
   tags:
     - galera-config
 
-- name: Remove policy-rc
-  file:
-    path: "/usr/sbin/policy-rc.d"
-    state: absent
-  tags:
-    - galera-config
-
 - include: galera_upgrade_post.yml
   when:
     - galera_upgrade | bool

tasks/galera_pre_install.yml

@@ -13,93 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
-#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
-#in 1.9.x or we move to 2.0 (if tested working)
-- name: Check apt last update file
-  stat:
-    path: /var/cache/apt
-  register: apt_cache_stat
-  tags:
-    - galera-apt-packages
-
-- name: Update apt if needed
-  apt:
-    update_cache: yes
-  when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
-  tags:
-    - galera-apt-packages
-
-- name: Install galera pre packages
-  apt:
-    pkg: "{{ item }}"
-    state: latest
-  register: install_packages
-  until: install_packages|success
-  retries: 5
-  delay: 2
-  with_items: "{{ galera_pre_apt_packages }}"
-  tags:
-    - galera-pre-apt-packages
-
-- name: Add galera apt-keys
-  apt_key:
-    id: "{{ item.hash_id }}"
-    keyserver: "{{ item.keyserver | default(omit) }}"
-    data: "{{ item.data | default(omit) }}"
-    url: "{{ item.url | default(omit) }}"
-    state: "present"
-  register: add_keys
-  until: add_keys|success
-  ignore_errors: True
-  retries: 5
-  delay: 2
-  with_items: "{{ galera_gpg_keys }}"
-  tags:
-    - galera-apt-keys
-
-- name: Add galera apt-keys using fallback keyserver
-  apt_key:
-    id: "{{ item.hash_id }}"
-    keyserver: "{{ item.fallback_keyserver | default(omit) }}"
-    url: "{{ item.fallback_url | default(omit) }}"
-    state: "present"
-  register: add_keys_fallback
-  until: add_keys_fallback|success
-  retries: 5
-  delay: 2
-  with_items: "{{ galera_gpg_keys }}"
-  when: add_keys|failed and (item.fallback_keyserver is defined or item.fallback_url is defined)
-  tags:
-    - galera-apt-keys
-
-- name: Add galera repo
-  apt_repository:
-    repo: "{{ item.repo }}"
-    state: "{{ item.state }}"
-  register: add_repos
-  until: add_repos|success
-  retries: 5
-  delay: 2
-  with_items:
-    - "{{ galera_apt_repo }}"
-  tags:
-    - galera-repos
-
-- name: Add percona repo
-  apt_repository:
-    repo: "{{ item.repo }}"
-    state: "{{ item.state }}"
-  register: add_repos
-  until: add_repos|success
-  retries: 5
-  delay: 2
-  with_items:
-    - "{{ galera_apt_percona_xtrabackup_repo }}"
-  tags:
-    - percona-repos
-
-- name: Download the percona package
+- name: Download the percona-xtrabackup package
   get_url:
     url: "{{ percona_package_url }}"
     dest: "{{ percona_package_path }}"
@@ -110,17 +24,23 @@
   retries: 3
   delay: 10
   until: package_download|success
+  when: not use_percona_upstream | bool
   tags:
     - percona-apt-packages
 
-- name: Prevent galera from starting on install
-  copy:
-    src: "policy-rc.d"
-    dest: "/usr/sbin/policy-rc.d"
-    mode: "0755"
-    backup: yes
+- name: Download the qpress package
+  get_url:
+    url: "{{ qpress_package_url }}"
+    dest: "{{ qpress_package_path }}"
+    sha256sum: "{{ qpress_package_sha256 }}"
+    validate_certs: "{{ qpress_package_download_validate_certs }}"
+  register: package_download
+  retries: 3
+  delay: 10
+  until: package_download|success
+  when: not use_percona_upstream | bool
   tags:
-    - galera-config
+    - percona-apt-packages
 
 - name: Drop limits config
   template:

tasks/galera_setup.yml

@@ -15,6 +15,9 @@
 
 - name: Create galera users
   mysql_user:
+    login_user: "{{ galera_root_user }}"
+    login_password: "{{ galera_root_password }}"
+    login_host: "127.0.0.1"
     name: "{{ item.name }}"
     host: "{{ item.host }}"
     password: "{{ item.password }}"

tasks/galera_upgrade_check.yml

@@ -13,40 +13,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- name: Check major galera install version
-  command: "dpkg -s {{ galera_mariadb_server_package }}"
-  ignore_errors: true
-  register: installed_galera_specific
+- include: galera_upgrade_check_apt.yml
   when:
-    - not galera_upgrade | bool
+    - ansible_pkg_mgr == 'apt'
   tags:
-    - galera-package-deb
-    - galera-apt-packages
-    - galera-upgrade
+    - install-apt
 
-- name: Check for any galera install version
-  shell: |
-    dpkg --get-selections | grep mariadb-galera-server
-  ignore_errors: true
-  register: installed_galera_any
+- include: galera_upgrade_check_yum.yml
   when:
-    - not galera_upgrade | bool
-    - installed_galera_specific.rc != 0
+    - ansible_pkg_mgr == 'yum'
   tags:
-    - galera-package-deb
-    - galera-apt-packages
-    - galera-upgrade
-
-- name: Check if major version of Galera is installed
-  fail:
-    msg: "To install a new major version of mariadb-galera-server set '-e galera_upgrade=true'."
-  when:
-    - not galera_upgrade | bool
-    - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0
-  tags:
-    - galera-package-deb
-    - galera-apt-packages
-    - galera-upgrade
+    - install-apt
 
 - include: galera_upgrade_pre.yml
   when:

tasks/galera_upgrade_check_apt.yml

@@ -0,0 +1,51 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Check major galera install version
+  command: "dpkg -s {{ galera_mariadb_apt_server_package }}"
+  ignore_errors: true
+  register: installed_galera_specific
+  when:
+    - not galera_upgrade | bool
+  tags:
+    - galera-package-deb
+    - galera-apt-packages
+    - galera-upgrade
+    - skip_ansible_lint
+
+- name: Check for any galera install version
+  shell: |
+    dpkg --get-selections | grep mariadb-galera-server
+  ignore_errors: true
+  register: installed_galera_any
+  when:
+    - not galera_upgrade | bool
+    - installed_galera_specific.rc != 0
+  tags:
+    - galera-package-deb
+    - galera-apt-packages
+    - galera-upgrade
+    - skip_ansible_lint
+
+- name: Check if major version of Galera is installed
+  fail:
+    msg: "To install a new major version of mariadb-galera-server set '-e galera_upgrade=true'."
+  when:
+    - not galera_upgrade | bool
+    - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0
+  tags:
+    - galera-package-deb
+    - galera-apt-packages
+    - galera-upgrade

tasks/galera_upgrade_check_yum.yml

@@ -0,0 +1,51 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Check major galera install version
+  command: "rpm -qi '{{ galera_mariadb_yum_server_package }}'"
+  ignore_errors: true
+  register: installed_galera_specific
+  when:
+    - not galera_upgrade | bool
+  tags:
+    - galera-package-rpm
+    - galera-yum-packages
+    - galera-upgrade
+    - skip_ansible_lint
+
+- name: Check for any galera install version
+  shell: |
+    rpm -qa | grep -i "{{ galera_mariadb_yum_server_package }}"
+  ignore_errors: true
+  register: installed_galera_any
+  when:
+    - not galera_upgrade | bool
+    - installed_galera_specific.rc != 0
+  tags:
+    - galera-package-rpm
+    - galera-yum-packages
+    - galera-upgrade
+    - skip_ansible_lint
+
+- name: Check if major version of Galera is installed
+  fail:
+    msg: "To install a new major version of MariaDB-Galera-server set '-e galera_upgrade=true'."
+  when:
+    - not galera_upgrade | bool
+    - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0
+  tags:
+    - galera-package-rpm
+    - galera-yum-packages
+    - galera-upgrade

tasks/galera_upgrade_pre.yml

@@ -65,6 +65,7 @@
   delay: 2
   when:
     - galera_upgrade | bool
+    - ansible_pkg_mgr == 'apt'
   tags:
     - galera-upgrade
     - galera-apt-packages
@@ -75,6 +76,7 @@
     state: absent
   when:
     - galera_upgrade | bool
+    - ansible_pkg_mgr == 'apt'
   tags:
     - galera-upgrade
     - galera-apt-packages

tasks/main.yml

@@ -29,6 +29,7 @@
   with_first_found:
     - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
     - "{{ ansible_distribution | lower }}.yml"
+    - "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
     - "{{ ansible_os_family | lower }}.yml"
   tags:
     - always

tests/test-prepare-containers.yml

@@ -15,7 +15,6 @@
 
 - name: Create test containers
   hosts: all_containers
-  connection: local
   gather_facts: false
   pre_tasks:
     - name: Destroy test containers

tests/test-prepare-host.yml

@@ -19,6 +19,8 @@
     - name: Ensure apt cache is always refreshed
       apt:
         update_cache: yes
+      when:
+        - ansible_pkg_mgr == 'apt'
     - name: Ensure root's new public ssh key is in authorized_keys
       authorized_key:
         user: root
@@ -30,20 +32,31 @@
       stat:
         path: /etc/nodepool/provider
       register: nodepool
-    - name: Set the files to copy into the container cache for OpenStack-CI instances
+    - name: Set the files to copy into the container cache for OpenStack-CI instances (rhel)
+      set_fact:
+        lxc_container_cache_files:
+          - { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
+      when:
+        - nodepool.stat.exists | bool
+        - ansible_pkg_mgr == 'yum'
+    - name: Set the files to copy into the container cache for OpenStack-CI instances (deb)
       set_fact:
         lxc_container_cache_files:
           - { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
           - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' }
-      when: nodepool.stat.exists | bool
+      when:
+        - nodepool.stat.exists | bool
+        - ansible_pkg_mgr == 'apt'
     - name: Determine the existing Ubuntu repo configuration
       shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list'
       register: ubuntu_repo
       changed_when: false
+      when: ansible_pkg_mgr == 'apt'
     - name: Set apt repo facts based on discovered information
       set_fact:
         lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}"
         lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}"
+      when: ansible_pkg_mgr == 'apt'
   roles:
     - role: "lxc_hosts"
       lxc_net_address: 10.100.100.1

vars/redhat-7.yml

@@ -0,0 +1,74 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Galera GPG Keys
+galera_gpg_keys:
+  - key_name: 'RPM-GPG-KEY-MariaDB'
+    keyserver: 'https://yum.mariadb.org'
+    fallback_keyserver: 'https://yum.mariadb.org'
+
+galera_pre_packages:
+  - gnupg2
+  - libaio
+  - libstdc++
+  - libgcc
+  - libgcrypt
+  - MariaDB-client
+  - MariaDB-devel
+
+# Validate SSL certificates when downloading the galera deb above
+# May be set to "no" when proxy server is intercepting the certificates.
+percona_package_download_validate_certs: "yes"
+
+galera_mariadb_yum_server_package: "MariaDB-Galera-server"
+
+galera_packages:
+  - which
+  - "{{ galera_mariadb_yum_server_package }}"
+  - MariaDB-shared
+  - percona-xtrabackup
+  - percona-toolkit
+  - rsync
+  - socat
+
+galera_yum_repo_url: "http://yum.mariadb.org/10.0/centos/7/x86_64"
+galera_repo:
+  state: "present"
+  name: MariaDB
+  description: "MariaDB Repo"
+  file: MariaDB
+  baseurl: "{{ galera_yum_repo_url }}"
+  gpgkey: "https://yum.mariadb.org/RPM-GPG-KEY-MariaDB"
+
+galera_percona_xtrabackup_repo:
+  repo: "http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm"
+  state: "present"
+
+percona_upstream_packages:
+  - qpress
+  - percona-xtrabackup
+
+percona_package_download_validate_certs: "yes"
+percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/redhat/7/x86_64/percona-xtrabackup-22-2.2.13-1.el7.x86_64.rpm"
+percona_package_sha256: "030585abb52b24a781641374fe7c4530518b176a10ed4eb75547803b6b1f60e4"
+percona_package_path: "/opt/{{ percona_package_url | basename }}"
+
+qpress_package_download_validate_certs: yes
+qpress_package_url: https://repo.percona.com/centos/7/RPMS/x86_64/qpress-11-1.el7.x86_64.rpm
+qpress_package_sha256: "d6b6b7ca3a5ad4baea34975743106ac54ac746b3e6497d59bce55765d604b697"
+qpress_package_path: "/opt/{{ qpress_package_url | basename }}"
+
+use_percona_upstream: yes
+using_mysql_init: yes

vars/ubuntu-14.04.yml

@@ -13,6 +13,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+## APT Cache Options
+cache_timeout: 600
+
+galera_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }]
+
 # Galera GPG Keys
 galera_gpg_keys:
   - key_name: 'mariadb'
@@ -24,7 +29,7 @@ galera_gpg_keys:
     fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80'
     hash_id: '0x1c4cbdcdcd2efd2a'
 
-galera_pre_apt_packages:
+galera_pre_packages:
   - apt-transport-https
   - debconf-utils
   - libaio1
@@ -39,30 +44,54 @@ galera_pre_apt_packages:
 # The package name for mariaDB is set as a variable
 # so that it can be used in debconf later in the
 # "galera_common" role.
-galera_mariadb_server_package: "mariadb-galera-server-10.0"
+galera_mariadb_apt_server_package: "mariadb-galera-server-10.0"
 
 # NB This is specifically galera_packages as these packages only get installed
 # during the galera play - this is because of the preseed task and the service
 # startup control used when installing mariadb-galera-server and galera.
-galera_apt_packages:
+galera_packages:
   - mariadb-client
-  - "{{ galera_mariadb_server_package }}"
+  - "{{ galera_mariadb_apt_server_package }}"
   - galera-3
-  - qpress
   - rsync
   - socat
 
 galera_debconf_items:
   - question: "mysql-server/root_password"
-    name: "{{ galera_mariadb_server_package }}"
+    name: "{{ galera_mariadb_apt_server_package }}"
     value: "{{ galera_root_password }}"
     vtype: "string"
   - question: "mysql-server/root_password_again"
-    name: "{{ galera_mariadb_server_package }}"
+    name: "{{ galera_mariadb_apt_server_package }}"
     value: "{{ galera_root_password }}"
     vtype: "string"
 
-using_mysql_init: no
+percona_upstream_packages:
+  - qpress
+  - percona-xtrabackup
 
+# Validate SSL certificates when downloading the galera deb above
+# May be set to "no" when proxy server is intercepting the certificates.
+percona_package_download_validate_certs: "yes"
 percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/debian/trusty/x86_64/percona-xtrabackup-22_2.2.13-1.trusty_amd64.deb"
 percona_package_sha256: "2f58eedefa905583f0650f77bb2b149139c4066c7fb690202124fe5c7ac83e9e"
+percona_package_path: "/opt/{{ percona_package_url | basename }}"
+
+qpress_package_download_validate_certs: yes
+qpress_package_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.trusty_amd64.deb
+qpress_package_sha256: "21e2f4466a1dffd6281d01d0b29388e2a2f0f9c6ba9538b128c34af61b2a4e12"
+qpress_package_path: "/opt/{{ qpress_package_url | basename }}"
+
+# Repositories
+galera_percona_xtrabackup_repo_url: "https://repo.percona.com/apt"
+galera_percona_xtrabackup_repo:
+  repo: "deb {{ galera_percona_xtrabackup_repo_url }} {{ ansible_distribution_release }} main"
+  state: "present"
+
+galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu"
+galera_repo:
+  repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main"
+  state: "present"
+
+use_percona_upstream: no
+using_mysql_init: no

vars/ubuntu-16.04.yml

@@ -13,6 +13,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+## APT Cache Options
+cache_timeout: 600
+
+galera_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }]
+
 # Galera GPG Keys
 galera_gpg_keys:
   - key_name: 'mariadb'
@@ -24,7 +29,7 @@ galera_gpg_keys:
     fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80'
     hash_id: '0x1c4cbdcdcd2efd2a'
 
-galera_pre_apt_packages:
+galera_pre_packages:
   - apt-transport-https
   - debconf-utils
   - libaio1
@@ -39,35 +44,57 @@ galera_pre_apt_packages:
 # The package name for mariaDB is set as a variable
 # so that it can be used in debconf later in the
 # "galera_common" role.
-galera_mariadb_server_package: "mariadb-galera-server-10.0"
+galera_mariadb_apt_server_package: "mariadb-galera-server-10.0"
 
 # NB This is specifically galera_packages as these packages only get installed
 # during the galera play - this is because of the preseed task and the service
 # startup control used when installing mariadb-galera-server and galera.
-galera_apt_packages:
+galera_packages:
   - mariadb-client
-  - "{{ galera_mariadb_server_package }}"
+  - "{{ galera_mariadb_apt_server_package }}"
   - galera-3
   - rsync
   - socat
-  - qpress
 
 galera_debconf_items:
   - question: "mysql-server/root_password"
-    name: "{{ galera_mariadb_server_package }}"
+    name: "{{ galera_mariadb_apt_server_package }}"
     value: "{{ galera_root_password }}"
     vtype: "string"
   - question: "mysql-server/root_password_again"
-    name: "{{ galera_mariadb_server_package }}"
+    name: "{{ galera_mariadb_apt_server_package }}"
     value: "{{ galera_root_password }}"
     vtype: "string"
 
-using_mysql_init: yes
+percona_upstream_packages:
+  - qpress
+  - percona-xtrabackup
 
+# Validate SSL certificates when downloading the galera deb above
+# May be set to "no" when proxy server is intercepting the certificates.
+percona_package_download_validate_certs: "yes"
 percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/debian/vivid/x86_64/percona-xtrabackup-22_2.2.13-1.vivid_amd64.deb"
 percona_package_sha256: "3e3b15b2b261da004f7c4419ae427af9ec5707b40be1effe22a0142311c51856"
+percona_package_path: "/opt/{{ percona_package_url | basename }}"
 
+#There is no package currently provided for Xenial, but vivid uses the
+# same libraries and installs without issue.
+qpress_package_download_validate_certs: yes
+qpress_package_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.vivid_amd64.deb
+qpress_package_sha256: "54c02ae825b5c08bfae0792b23390b1577d7a26cadfb321384377bde31465959"
+qpress_package_path: "/opt/{{ qpress_package_url | basename }}"
+
+# Repositories
 # TODO: update this to xenial if the repo ever gets created.
-galera_apt_percona_xtrabackup_repo:
-  repo: "deb {{ galera_apt_percona_xtrabackup_url }} vivid main"
+galera_percona_xtrabackup_repo_url: "https://repo.percona.com/apt"
+galera_percona_xtrabackup_repo:
+  repo: "deb {{ galera_percona_xtrabackup_repo_url }} {{ ansible_distribution_release }} main"
   state: "present"
+
+galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu"
+galera_repo:
+  repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main"
+  state: "present"
+
+use_percona_upstream: no
+using_mysql_init: yes