From 5b23837dd0cbddb3aab13702bf7b824ae8c775ba Mon Sep 17 00:00:00 2001 From: Kevin Carter Date: Tue, 10 May 2016 11:00:15 -0500 Subject: [PATCH] Add CentOS7 support to Galera Server Updates the multi-distro framework to add CentOS7 support. Depends-On: Ieadcdd70e9b8271aee3880896255a5037f56567e Change-Id: I7e889ea4653a6972ea7f8208416fc1fc3db45e5c Signed-off-by: Kevin Carter --- defaults/main.yml | 39 ++--- manual-test.rc | 22 +++ meta/main.yml | 6 +- other-requirements.txt | 11 +- ...ment-centos7-support-cf6b6ee0d606223f.yaml | 3 + run_tests.sh | 4 + tasks/galera_install.yml | 15 +- tasks/galera_install_apt.yml | 144 +++++++++++++--- tasks/galera_install_yum.yml | 162 ++++++++++++++++++ tasks/galera_post_install.yml | 12 +- tasks/galera_pre_install.yml | 108 ++---------- tasks/galera_setup.yml | 3 + tasks/galera_upgrade_check.yml | 35 +--- tasks/galera_upgrade_check_apt.yml | 51 ++++++ tasks/galera_upgrade_check_yum.yml | 51 ++++++ tasks/galera_upgrade_pre.yml | 2 + tasks/main.yml | 1 + tests/test-prepare-containers.yml | 1 - tests/test-prepare-host.yml | 17 +- vars/redhat-7.yml | 74 ++++++++ vars/ubuntu-14.04.yml | 45 ++++- vars/ubuntu-16.04.yml | 47 +++-- 22 files changed, 637 insertions(+), 216 deletions(-) create mode 100644 manual-test.rc create mode 100644 releasenotes/notes/implement-centos7-support-cf6b6ee0d606223f.yaml create mode 100644 tasks/galera_install_yum.yml create mode 100644 tasks/galera_upgrade_check_apt.yml create mode 100644 tasks/galera_upgrade_check_yum.yml create mode 100644 vars/redhat-7.yml diff --git a/defaults/main.yml b/defaults/main.yml index 0da9c2ae..43f5b311 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -13,9 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -## APT Cache Options -cache_timeout: 600 - galera_cluster_members: "{{ groups['galera_all'] }}" galera_server_bootstrap_node: "{{ galera_cluster_members[0] }}" galera_ignore_cluster_state: false @@ -31,6 +28,14 @@ galera_cluster_name: openstack_galera_cluster # as a slave." is no longer present. # galera_server_id: 0 +# These are here to stub out the internal ROLE API. +# if these are used they should be set within the +# distro specific variable files found in vars/ +galera_pinned_packages: [] +galera_debconf_items: [] +percona_upstream_packages: [] + + galera_existing_cluster: true galera_running_and_bootstrapped: false @@ -68,32 +73,6 @@ galera_wsrep_sst_auth_password: "{{ galera_root_password }}" # xtrabackup parallel/compression/sync threads galera_xtrabackup_threads: 4 -# Repositories -galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu" -galera_apt_repo: - repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main" - state: "present" - -galera_apt_percona_xtrabackup_url: "https://repo.percona.com/apt" -galera_apt_percona_xtrabackup_repo: - repo: "deb {{ galera_apt_percona_xtrabackup_url }} {{ ansible_distribution_release }} main" - state: "present" - -percona_package_path: "/opt/{{ percona_package_url | basename }}" - -galera_apt_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }] - -# Validate SSL certificates when downloading the percona deb above -# May be set to "no" when proxy server is intercepting the certificates. -percona_package_download_validate_certs: "yes" - -#There is no package currently provided for Xenial, but vivid uses the -#same libraries and installs without issue. -qpress_deb_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.vivid_amd64.deb -qpress_package_download_validate_certs: yes -qpress_package_sha256: "54c02ae825b5c08bfae0792b23390b1577d7a26cadfb321384377bde31465959" -qpress_package_path: "/opt/{{ qpress_deb_url | basename }}" - galera_pip_packages: - MySQL-python - pycrypto @@ -112,3 +91,5 @@ galera_debian_cnf_overrides: {} # the cluster will be used which is something to note if deploying galera on different # hardware. # galera_max_connections: 500 + +using_mysql_init: no diff --git a/manual-test.rc b/manual-test.rc new file mode 100644 index 00000000..fa1cdf95 --- /dev/null +++ b/manual-test.rc @@ -0,0 +1,22 @@ +export VIRTUAL_ENV=$(pwd) +export ANSIBLE_HOST_KEY_CHECKING=False +export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r + +# TODO (odyssey4me) These are only here as they are non-standard folder +# names for Ansible 1.9.x. We are using the standard folder names for +# Ansible v2.x. We can remove this when we move to Ansible 2.x. +export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action +export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback +export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter +export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup + +# This is required as the default is the current path or a path specified +# in ansible.cfg +export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library + +# This is required as the default is '/etc/ansible/roles' or a path +# specified in ansible.cfg +export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/.. + +echo "Run manual functional tests by executing the following:" +echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml -e \"rolename=$(pwd)\"" diff --git a/meta/main.yml b/meta/main.yml index 75d2b72a..2754d59e 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -23,6 +23,10 @@ galaxy_info: - name: Ubuntu versions: - trusty + - xenial + - name: EL + versions: + - 7 categories: - cloud - galera @@ -31,7 +35,7 @@ galaxy_info: - openstack dependencies: - role: apt_package_pinning - apt_pinned_packages: "{{ galera_apt_pinned_packages }}" + apt_pinned_packages: "{{ galera_pinned_packages }}" apt_package_pinning_file_name: "galera_pin.pref" when: - ansible_pkg_mgr == 'apt' diff --git a/other-requirements.txt b/other-requirements.txt index 33073887..a145f8b4 100644 --- a/other-requirements.txt +++ b/other-requirements.txt @@ -14,8 +14,13 @@ # TODO(odyssey4me) remove this once https://review.openstack.org/288634 has merged # and the disk images are rebuilt and redeployed. curl - +wget # Requirements for Paramiko 2.0 -libssl-dev -libffi-dev +libssl-dev [platform:dpkg] +libffi-dev [platform:dpkg] +libffi-devel [platform:rpm] +openssl-devel [platform:rpm] + +# For selinux +libselinux-python [platform:rpm] diff --git a/releasenotes/notes/implement-centos7-support-cf6b6ee0d606223f.yaml b/releasenotes/notes/implement-centos7-support-cf6b6ee0d606223f.yaml new file mode 100644 index 00000000..b6e8f6e8 --- /dev/null +++ b/releasenotes/notes/implement-centos7-support-cf6b6ee0d606223f.yaml @@ -0,0 +1,3 @@ +--- +features: + - CentOS 7 support has been added to the ``galera_server`` role. diff --git a/run_tests.sh b/run_tests.sh index f7a19cc7..40cb7ffe 100755 --- a/run_tests.sh +++ b/run_tests.sh @@ -22,6 +22,10 @@ if [ "$(which apt-get)" ]; then apt-get install -y build-essential python2.7 python-dev git-core libssl-dev libffi-dev fi +if [ "$(which yum)" ]; then + yum install -y '@Development Tools' python-devel git libffi-devel openssl-devel +fi + # get pip, if necessary if [ ! "$(which pip)" ]; then curl --silent --show-error --retry 5 \ diff --git a/tasks/galera_install.yml b/tasks/galera_install.yml index 1012a3fa..919cbdd3 100644 --- a/tasks/galera_install.yml +++ b/tasks/galera_install.yml @@ -19,15 +19,8 @@ tags: - install-apt -- name: Install pip packages - pip: - name: "{{ item }}" - state: latest - extra_args: "{{ pip_install_options|default('') }}" - register: install_packages - until: install_packages|success - retries: 5 - delay: 2 - with_items: "{{ galera_pip_packages }}" +- include: galera_install_yum.yml + when: + - ansible_pkg_mgr == 'yum' tags: - - galera-pip-packages + - install-yum diff --git a/tasks/galera_install_apt.yml b/tasks/galera_install_apt.yml index b8e050b5..b8b87e78 100644 --- a/tasks/galera_install_apt.yml +++ b/tasks/galera_install_apt.yml @@ -13,6 +13,93 @@ # See the License for the specific language governing permissions and # limitations under the License. +#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache +#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged +#in 1.9.x or we move to 2.0 (if tested working) +- name: Check apt last update file + stat: + path: /var/cache/apt + register: apt_cache_stat + tags: + - galera-apt-packages + +- name: Update apt if needed + apt: + update_cache: yes + when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}" + tags: + - galera-apt-packages + +- name: Install galera apt pre packages + apt: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: "{{ galera_pre_packages }}" + tags: + - galera-pre-apt-packages + +- name: Add galera apt-keys + apt_key: + id: "{{ item.hash_id }}" + keyserver: "{{ item.keyserver | default(omit) }}" + data: "{{ item.data | default(omit) }}" + url: "{{ item.url | default(omit) }}" + state: "present" + register: add_keys + until: add_keys|success + ignore_errors: True + retries: 5 + delay: 2 + with_items: "{{ galera_gpg_keys }}" + tags: + - galera-apt-keys + +- name: Add galera apt-keys using fallback keyserver + apt_key: + id: "{{ item.hash_id }}" + keyserver: "{{ item.fallback_keyserver | default(omit) }}" + url: "{{ item.fallback_url | default(omit) }}" + state: "present" + register: add_keys_fallback + until: add_keys_fallback|success + retries: 5 + delay: 2 + with_items: "{{ galera_gpg_keys }}" + when: add_keys|failed and (item.fallback_keyserver is defined or item.fallback_url is defined) + tags: + - galera-apt-keys + +- name: Add galera repo + apt_repository: + repo: "{{ item.repo }}" + state: "{{ item.state }}" + register: add_repos + until: add_repos|success + retries: 5 + delay: 2 + with_items: + - "{{ galera_repo }}" + tags: + - galera-repos + +- name: Add percona repo + apt_repository: + repo: "{{ item.repo }}" + state: "{{ item.state }}" + register: add_repos + until: add_repos|success + retries: 5 + delay: 2 + with_items: + - "{{ galera_percona_xtrabackup_repo }}" + when: use_percona_upstream | bool + tags: + - percona-repos + - name: Preseed galera password(s) debconf: name: "{{ item.name }}" @@ -23,6 +110,15 @@ tags: - galera-debconf +- name: Prevent galera from starting on install + copy: + src: "policy-rc.d" + dest: "/usr/sbin/policy-rc.d" + mode: "0755" + backup: yes + tags: + - galera-config + #TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache #when https://github.com/ansible/ansible-modules-core/pull/1517 is merged #in 1.9.x or we move to 2.0 (if tested working) @@ -50,31 +146,39 @@ until: install_packages|success retries: 5 delay: 2 - with_items: "{{ galera_apt_packages }}" + with_items: "{{ galera_packages }}" notify: Restart mysql tags: - galera-apt-packages -# TODO(cloudnull) -- Remove this after the Mitaka release -# This task simply removes the system version of -# percona-xtrabackup and xtrabackup if found the -# purpose is to ensure that "if" the system version -# of the binary is installed its first removed in -# favor of the actual upstream package being used in -# the next task. -- name: UnInstall system xtrabackup packages - apt: - pkg: "{{ item }}" - state: absent - with_items: - - percona-xtrabackup - - xtrabackup - tags: - - percona-apt-packages - -- name: Install percona packages upstream +- name: Install percona-xtrabackup package from .deb apt: deb: "{{ percona_package_path }}" force: yes + when: not use_percona_upstream | bool tags: - - galera-apt-packages + - percona-apt-packages + +- name: Install qpress package from .deb + apt: + deb: "{{ qpress_package_path }}" + force: yes + when: not use_percona_upstream | bool + tags: + - percona-apt-packages + +- name: Install percona packages + apt: + pkg: "{{ item }}" + state: installed + with_items: "{{ percona_upstream_packages }}" + when: use_percona_upstream | bool + tags: + - percona-apt-packages + +- name: Remove policy-rc + file: + path: "/usr/sbin/policy-rc.d" + state: absent + tags: + - galera-config diff --git a/tasks/galera_install_yum.yml b/tasks/galera_install_yum.yml new file mode 100644 index 00000000..de07b6e1 --- /dev/null +++ b/tasks/galera_install_yum.yml @@ -0,0 +1,162 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Update the local file system CRUD + file: + src: "{{ item.src|default(omit) }}" + path: "{{ item.path }}" + state: "{{ item.state }}" + force: "{{ item.force|default(omit) }}" + with_items: + - { path: "/etc/mysql", state: "directory" } + - { path: "/etc/mysql/conf.d", state: "directory" } + - { src: "/usr/lib64/galera", path: "/usr/lib/galera", state: "link", force: true } + - { src: "/etc/mysql/conf.d", path: "/etc/my.cnf.d", state: "link", force: true } + - { src: "/etc/mysql/my.cnf", path: "/etc/my.cnf", state: "link", force: true } + tags: + - galera-config + +- name: Add galera gpg-keys + rpm_key: + state: present + key: "{{ item.keyserver }}/{{ item.key_name }}" + register: add_keys + until: add_keys|success + ignore_errors: True + retries: 5 + delay: 2 + with_items: "{{ galera_client_gpg_keys }}" + tags: + - galera-gpg-keys + +- name: Add galera gpg-keys using fallback keyserver + rpm_key: + state: present + key: "{{ item.fallback_keyserver }}/{{ item.key_name }}" + register: add_keys + until: add_keys|success + ignore_errors: True + retries: 5 + delay: 2 + with_items: "{{ galera_client_gpg_keys }}" + when: add_keys|failed and (item.fallback_keyserver is defined) + tags: + - galera-gpg-keys + +#TODO(cloudnull) Remove this task once we move to Ansible 2.1 +# where we can leverage the `yum_repository` module: +# https://docs.ansible.com/ansible/yum_repository_module.html +- name: Add galera repo + copy: + content: | + [{{ item.name }}] + name={{ item.name }} + description={{ item.description }} + baseurl={{ item.baseurl }} + gpgkey={{ item.gpgkey }} + gpgcheck=1 + enabled=1 + dest: "/etc/yum.repos.d/{{ item.file }}.repo" + register: add_repos + until: add_repos|success + retries: 5 + delay: 2 + with_items: + - "{{ galera_repo }}" + tags: + - galera-repos + +- name: Install galera yum pre packages + yum: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: "{{ galera_pre_packages }}" + tags: + - galera-pre-yum-packages + +- name: Install percona repo + yum: + pkg: "{{ galera_percona_xtrabackup_repo.repo }}" + state: "{{ galera_percona_xtrabackup_repo.state }}" + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + when: use_percona_upstream | bool + tags: + - galera-pre-yum-packages + +- name: Install percona yum packages + yum: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: "{{ percona_upstream_packages }}" + when: use_percona_upstream | bool + tags: + - galera-pre-yum-packages + +- name: Install galera yum packages + yum: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: "{{ galera_packages }}" + tags: + - galera-pre-yum-packages + +- name: Enable mysql to start at boot + service: + name: "mysql" + enabled: "yes" + tags: + - galera-enable + +# NOTE(cloudnull): This is an idempotent shell task is it will only run once +# provided the "/etc/mysql/rhel_configured" exists. This tasks automates the +# MySQL secure setup which is done automatically in Ubuntu deployments. +- name: "Update root user, connections, and grant options" + shell: | + service mysql start || true + # Reset the root password, at this time there is no password set + mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}" + # Setup the root user for MySQL + mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';" + mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';" + mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');" + mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "FLUSH PRIVILEGES;" + # Create a marker file to ensure this script is not run again + touch /etc/mysql/rhel_configured + service mysql stop + args: + creates: /etc/mysql/rhel_configured + tags: + - galera-rhel-config + - skip_ansible_lint \ No newline at end of file diff --git a/tasks/galera_post_install.yml b/tasks/galera_post_install.yml index 30c21b64..099cff82 100644 --- a/tasks/galera_post_install.yml +++ b/tasks/galera_post_install.yml @@ -24,7 +24,7 @@ with_items: - { path: "/var/lib/mysql", owner: "mysql", mode: "2755" } - { path: "/var/log/mysql", owner: "mysql", mode: "2755" } - - { path: "/var/log/mysql_logs/", owner: "mysql", group: "syslog", mode: "2755" } + - { path: "/var/log/mysql_logs", owner: "mysql", mode: "2755" } - { path: "/etc/mysql/conf.d" } tags: - galera-config @@ -53,6 +53,7 @@ config_type: "ini" notify: Restart mysql tags: + - galera-config - galera-client-user-config # NOTE: (mancdaz) this should not be needed with mariadb-10.1 since its @@ -64,6 +65,8 @@ insertafter: '^export HOME=/etc/mysql/' line: '[ -r /etc/default/mysql ] && . /etc/default/mysql' backup: yes + tags: + - galera-config # NOTE: (mancdaz) The target will need to change to /etc/default/mariadb # for mariadb-10.1 @@ -83,13 +86,6 @@ tags: - galera-config -- name: Remove policy-rc - file: - path: "/usr/sbin/policy-rc.d" - state: absent - tags: - - galera-config - - include: galera_upgrade_post.yml when: - galera_upgrade | bool diff --git a/tasks/galera_pre_install.yml b/tasks/galera_pre_install.yml index 7002663f..94367b68 100644 --- a/tasks/galera_pre_install.yml +++ b/tasks/galera_pre_install.yml @@ -13,93 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache -#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged -#in 1.9.x or we move to 2.0 (if tested working) -- name: Check apt last update file - stat: - path: /var/cache/apt - register: apt_cache_stat - tags: - - galera-apt-packages - -- name: Update apt if needed - apt: - update_cache: yes - when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}" - tags: - - galera-apt-packages - -- name: Install galera pre packages - apt: - pkg: "{{ item }}" - state: latest - register: install_packages - until: install_packages|success - retries: 5 - delay: 2 - with_items: "{{ galera_pre_apt_packages }}" - tags: - - galera-pre-apt-packages - -- name: Add galera apt-keys - apt_key: - id: "{{ item.hash_id }}" - keyserver: "{{ item.keyserver | default(omit) }}" - data: "{{ item.data | default(omit) }}" - url: "{{ item.url | default(omit) }}" - state: "present" - register: add_keys - until: add_keys|success - ignore_errors: True - retries: 5 - delay: 2 - with_items: "{{ galera_gpg_keys }}" - tags: - - galera-apt-keys - -- name: Add galera apt-keys using fallback keyserver - apt_key: - id: "{{ item.hash_id }}" - keyserver: "{{ item.fallback_keyserver | default(omit) }}" - url: "{{ item.fallback_url | default(omit) }}" - state: "present" - register: add_keys_fallback - until: add_keys_fallback|success - retries: 5 - delay: 2 - with_items: "{{ galera_gpg_keys }}" - when: add_keys|failed and (item.fallback_keyserver is defined or item.fallback_url is defined) - tags: - - galera-apt-keys - -- name: Add galera repo - apt_repository: - repo: "{{ item.repo }}" - state: "{{ item.state }}" - register: add_repos - until: add_repos|success - retries: 5 - delay: 2 - with_items: - - "{{ galera_apt_repo }}" - tags: - - galera-repos - -- name: Add percona repo - apt_repository: - repo: "{{ item.repo }}" - state: "{{ item.state }}" - register: add_repos - until: add_repos|success - retries: 5 - delay: 2 - with_items: - - "{{ galera_apt_percona_xtrabackup_repo }}" - tags: - - percona-repos - -- name: Download the percona package +- name: Download the percona-xtrabackup package get_url: url: "{{ percona_package_url }}" dest: "{{ percona_package_path }}" @@ -110,17 +24,23 @@ retries: 3 delay: 10 until: package_download|success + when: not use_percona_upstream | bool tags: - percona-apt-packages -- name: Prevent galera from starting on install - copy: - src: "policy-rc.d" - dest: "/usr/sbin/policy-rc.d" - mode: "0755" - backup: yes +- name: Download the qpress package + get_url: + url: "{{ qpress_package_url }}" + dest: "{{ qpress_package_path }}" + sha256sum: "{{ qpress_package_sha256 }}" + validate_certs: "{{ qpress_package_download_validate_certs }}" + register: package_download + retries: 3 + delay: 10 + until: package_download|success + when: not use_percona_upstream | bool tags: - - galera-config + - percona-apt-packages - name: Drop limits config template: diff --git a/tasks/galera_setup.yml b/tasks/galera_setup.yml index 390d8b8c..c3af1bfa 100644 --- a/tasks/galera_setup.yml +++ b/tasks/galera_setup.yml @@ -15,6 +15,9 @@ - name: Create galera users mysql_user: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "127.0.0.1" name: "{{ item.name }}" host: "{{ item.host }}" password: "{{ item.password }}" diff --git a/tasks/galera_upgrade_check.yml b/tasks/galera_upgrade_check.yml index 7d77c2ef..7ab0b5e0 100644 --- a/tasks/galera_upgrade_check.yml +++ b/tasks/galera_upgrade_check.yml @@ -13,40 +13,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Check major galera install version - command: "dpkg -s {{ galera_mariadb_server_package }}" - ignore_errors: true - register: installed_galera_specific +- include: galera_upgrade_check_apt.yml when: - - not galera_upgrade | bool + - ansible_pkg_mgr == 'apt' tags: - - galera-package-deb - - galera-apt-packages - - galera-upgrade + - install-apt -- name: Check for any galera install version - shell: | - dpkg --get-selections | grep mariadb-galera-server - ignore_errors: true - register: installed_galera_any +- include: galera_upgrade_check_yum.yml when: - - not galera_upgrade | bool - - installed_galera_specific.rc != 0 + - ansible_pkg_mgr == 'yum' tags: - - galera-package-deb - - galera-apt-packages - - galera-upgrade - -- name: Check if major version of Galera is installed - fail: - msg: "To install a new major version of mariadb-galera-server set '-e galera_upgrade=true'." - when: - - not galera_upgrade | bool - - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0 - tags: - - galera-package-deb - - galera-apt-packages - - galera-upgrade + - install-apt - include: galera_upgrade_pre.yml when: diff --git a/tasks/galera_upgrade_check_apt.yml b/tasks/galera_upgrade_check_apt.yml new file mode 100644 index 00000000..1e19e6ee --- /dev/null +++ b/tasks/galera_upgrade_check_apt.yml @@ -0,0 +1,51 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Check major galera install version + command: "dpkg -s {{ galera_mariadb_apt_server_package }}" + ignore_errors: true + register: installed_galera_specific + when: + - not galera_upgrade | bool + tags: + - galera-package-deb + - galera-apt-packages + - galera-upgrade + - skip_ansible_lint + +- name: Check for any galera install version + shell: | + dpkg --get-selections | grep mariadb-galera-server + ignore_errors: true + register: installed_galera_any + when: + - not galera_upgrade | bool + - installed_galera_specific.rc != 0 + tags: + - galera-package-deb + - galera-apt-packages + - galera-upgrade + - skip_ansible_lint + +- name: Check if major version of Galera is installed + fail: + msg: "To install a new major version of mariadb-galera-server set '-e galera_upgrade=true'." + when: + - not galera_upgrade | bool + - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0 + tags: + - galera-package-deb + - galera-apt-packages + - galera-upgrade diff --git a/tasks/galera_upgrade_check_yum.yml b/tasks/galera_upgrade_check_yum.yml new file mode 100644 index 00000000..10dc1ed8 --- /dev/null +++ b/tasks/galera_upgrade_check_yum.yml @@ -0,0 +1,51 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Check major galera install version + command: "rpm -qi '{{ galera_mariadb_yum_server_package }}'" + ignore_errors: true + register: installed_galera_specific + when: + - not galera_upgrade | bool + tags: + - galera-package-rpm + - galera-yum-packages + - galera-upgrade + - skip_ansible_lint + +- name: Check for any galera install version + shell: | + rpm -qa | grep -i "{{ galera_mariadb_yum_server_package }}" + ignore_errors: true + register: installed_galera_any + when: + - not galera_upgrade | bool + - installed_galera_specific.rc != 0 + tags: + - galera-package-rpm + - galera-yum-packages + - galera-upgrade + - skip_ansible_lint + +- name: Check if major version of Galera is installed + fail: + msg: "To install a new major version of MariaDB-Galera-server set '-e galera_upgrade=true'." + when: + - not galera_upgrade | bool + - installed_galera_specific.rc != 0 and installed_galera_any.rc == 0 + tags: + - galera-package-rpm + - galera-yum-packages + - galera-upgrade diff --git a/tasks/galera_upgrade_pre.yml b/tasks/galera_upgrade_pre.yml index 045b9252..7b3ca64f 100644 --- a/tasks/galera_upgrade_pre.yml +++ b/tasks/galera_upgrade_pre.yml @@ -65,6 +65,7 @@ delay: 2 when: - galera_upgrade | bool + - ansible_pkg_mgr == 'apt' tags: - galera-upgrade - galera-apt-packages @@ -75,6 +76,7 @@ state: absent when: - galera_upgrade | bool + - ansible_pkg_mgr == 'apt' tags: - galera-upgrade - galera-apt-packages diff --git a/tasks/main.yml b/tasks/main.yml index 9b4bf5cc..12de9c76 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -29,6 +29,7 @@ with_first_found: - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" - "{{ ansible_distribution | lower }}.yml" + - "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml" - "{{ ansible_os_family | lower }}.yml" tags: - always diff --git a/tests/test-prepare-containers.yml b/tests/test-prepare-containers.yml index d2bcdf58..d316c1f8 100644 --- a/tests/test-prepare-containers.yml +++ b/tests/test-prepare-containers.yml @@ -15,7 +15,6 @@ - name: Create test containers hosts: all_containers - connection: local gather_facts: false pre_tasks: - name: Destroy test containers diff --git a/tests/test-prepare-host.yml b/tests/test-prepare-host.yml index 65f08a31..54cd76ce 100644 --- a/tests/test-prepare-host.yml +++ b/tests/test-prepare-host.yml @@ -19,6 +19,8 @@ - name: Ensure apt cache is always refreshed apt: update_cache: yes + when: + - ansible_pkg_mgr == 'apt' - name: Ensure root's new public ssh key is in authorized_keys authorized_key: user: root @@ -30,20 +32,31 @@ stat: path: /etc/nodepool/provider register: nodepool - - name: Set the files to copy into the container cache for OpenStack-CI instances + - name: Set the files to copy into the container cache for OpenStack-CI instances (rhel) + set_fact: + lxc_container_cache_files: + - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } + when: + - nodepool.stat.exists | bool + - ansible_pkg_mgr == 'yum' + - name: Set the files to copy into the container cache for OpenStack-CI instances (deb) set_fact: lxc_container_cache_files: - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' } - when: nodepool.stat.exists | bool + when: + - nodepool.stat.exists | bool + - ansible_pkg_mgr == 'apt' - name: Determine the existing Ubuntu repo configuration shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' register: ubuntu_repo changed_when: false + when: ansible_pkg_mgr == 'apt' - name: Set apt repo facts based on discovered information set_fact: lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}" lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}" + when: ansible_pkg_mgr == 'apt' roles: - role: "lxc_hosts" lxc_net_address: 10.100.100.1 diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml new file mode 100644 index 00000000..9e24d238 --- /dev/null +++ b/vars/redhat-7.yml @@ -0,0 +1,74 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Galera GPG Keys +galera_gpg_keys: + - key_name: 'RPM-GPG-KEY-MariaDB' + keyserver: 'https://yum.mariadb.org' + fallback_keyserver: 'https://yum.mariadb.org' + +galera_pre_packages: + - gnupg2 + - libaio + - libstdc++ + - libgcc + - libgcrypt + - MariaDB-client + - MariaDB-devel + +# Validate SSL certificates when downloading the galera deb above +# May be set to "no" when proxy server is intercepting the certificates. +percona_package_download_validate_certs: "yes" + +galera_mariadb_yum_server_package: "MariaDB-Galera-server" + +galera_packages: + - which + - "{{ galera_mariadb_yum_server_package }}" + - MariaDB-shared + - percona-xtrabackup + - percona-toolkit + - rsync + - socat + +galera_yum_repo_url: "http://yum.mariadb.org/10.0/centos/7/x86_64" +galera_repo: + state: "present" + name: MariaDB + description: "MariaDB Repo" + file: MariaDB + baseurl: "{{ galera_yum_repo_url }}" + gpgkey: "https://yum.mariadb.org/RPM-GPG-KEY-MariaDB" + +galera_percona_xtrabackup_repo: + repo: "http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm" + state: "present" + +percona_upstream_packages: + - qpress + - percona-xtrabackup + +percona_package_download_validate_certs: "yes" +percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/redhat/7/x86_64/percona-xtrabackup-22-2.2.13-1.el7.x86_64.rpm" +percona_package_sha256: "030585abb52b24a781641374fe7c4530518b176a10ed4eb75547803b6b1f60e4" +percona_package_path: "/opt/{{ percona_package_url | basename }}" + +qpress_package_download_validate_certs: yes +qpress_package_url: https://repo.percona.com/centos/7/RPMS/x86_64/qpress-11-1.el7.x86_64.rpm +qpress_package_sha256: "d6b6b7ca3a5ad4baea34975743106ac54ac746b3e6497d59bce55765d604b697" +qpress_package_path: "/opt/{{ qpress_package_url | basename }}" + +use_percona_upstream: yes +using_mysql_init: yes diff --git a/vars/ubuntu-14.04.yml b/vars/ubuntu-14.04.yml index 2e022bc5..d8dbf9d6 100644 --- a/vars/ubuntu-14.04.yml +++ b/vars/ubuntu-14.04.yml @@ -13,6 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +## APT Cache Options +cache_timeout: 600 + +galera_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }] + # Galera GPG Keys galera_gpg_keys: - key_name: 'mariadb' @@ -24,7 +29,7 @@ galera_gpg_keys: fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80' hash_id: '0x1c4cbdcdcd2efd2a' -galera_pre_apt_packages: +galera_pre_packages: - apt-transport-https - debconf-utils - libaio1 @@ -39,30 +44,54 @@ galera_pre_apt_packages: # The package name for mariaDB is set as a variable # so that it can be used in debconf later in the # "galera_common" role. -galera_mariadb_server_package: "mariadb-galera-server-10.0" +galera_mariadb_apt_server_package: "mariadb-galera-server-10.0" # NB This is specifically galera_packages as these packages only get installed # during the galera play - this is because of the preseed task and the service # startup control used when installing mariadb-galera-server and galera. -galera_apt_packages: +galera_packages: - mariadb-client - - "{{ galera_mariadb_server_package }}" + - "{{ galera_mariadb_apt_server_package }}" - galera-3 - - qpress - rsync - socat galera_debconf_items: - question: "mysql-server/root_password" - name: "{{ galera_mariadb_server_package }}" + name: "{{ galera_mariadb_apt_server_package }}" value: "{{ galera_root_password }}" vtype: "string" - question: "mysql-server/root_password_again" - name: "{{ galera_mariadb_server_package }}" + name: "{{ galera_mariadb_apt_server_package }}" value: "{{ galera_root_password }}" vtype: "string" -using_mysql_init: no +percona_upstream_packages: + - qpress + - percona-xtrabackup +# Validate SSL certificates when downloading the galera deb above +# May be set to "no" when proxy server is intercepting the certificates. +percona_package_download_validate_certs: "yes" percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/debian/trusty/x86_64/percona-xtrabackup-22_2.2.13-1.trusty_amd64.deb" percona_package_sha256: "2f58eedefa905583f0650f77bb2b149139c4066c7fb690202124fe5c7ac83e9e" +percona_package_path: "/opt/{{ percona_package_url | basename }}" + +qpress_package_download_validate_certs: yes +qpress_package_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.trusty_amd64.deb +qpress_package_sha256: "21e2f4466a1dffd6281d01d0b29388e2a2f0f9c6ba9538b128c34af61b2a4e12" +qpress_package_path: "/opt/{{ qpress_package_url | basename }}" + +# Repositories +galera_percona_xtrabackup_repo_url: "https://repo.percona.com/apt" +galera_percona_xtrabackup_repo: + repo: "deb {{ galera_percona_xtrabackup_repo_url }} {{ ansible_distribution_release }} main" + state: "present" + +galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu" +galera_repo: + repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main" + state: "present" + +use_percona_upstream: no +using_mysql_init: no diff --git a/vars/ubuntu-16.04.yml b/vars/ubuntu-16.04.yml index 087afd0c..1f5c76f2 100644 --- a/vars/ubuntu-16.04.yml +++ b/vars/ubuntu-16.04.yml @@ -13,6 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. +## APT Cache Options +cache_timeout: 600 + +galera_pinned_packages: [{ package: "*", release: MariaDB, priority: "1001" }] + # Galera GPG Keys galera_gpg_keys: - key_name: 'mariadb' @@ -24,7 +29,7 @@ galera_gpg_keys: fallback_keyserver: 'hkp://p80.pool.sks-keyservers.net:80' hash_id: '0x1c4cbdcdcd2efd2a' -galera_pre_apt_packages: +galera_pre_packages: - apt-transport-https - debconf-utils - libaio1 @@ -39,35 +44,57 @@ galera_pre_apt_packages: # The package name for mariaDB is set as a variable # so that it can be used in debconf later in the # "galera_common" role. -galera_mariadb_server_package: "mariadb-galera-server-10.0" +galera_mariadb_apt_server_package: "mariadb-galera-server-10.0" # NB This is specifically galera_packages as these packages only get installed # during the galera play - this is because of the preseed task and the service # startup control used when installing mariadb-galera-server and galera. -galera_apt_packages: +galera_packages: - mariadb-client - - "{{ galera_mariadb_server_package }}" + - "{{ galera_mariadb_apt_server_package }}" - galera-3 - rsync - socat - - qpress galera_debconf_items: - question: "mysql-server/root_password" - name: "{{ galera_mariadb_server_package }}" + name: "{{ galera_mariadb_apt_server_package }}" value: "{{ galera_root_password }}" vtype: "string" - question: "mysql-server/root_password_again" - name: "{{ galera_mariadb_server_package }}" + name: "{{ galera_mariadb_apt_server_package }}" value: "{{ galera_root_password }}" vtype: "string" -using_mysql_init: yes +percona_upstream_packages: + - qpress + - percona-xtrabackup +# Validate SSL certificates when downloading the galera deb above +# May be set to "no" when proxy server is intercepting the certificates. +percona_package_download_validate_certs: "yes" percona_package_url: "https://www.percona.com/downloads/XtraBackup/Percona-XtraBackup-2.2.13/binary/debian/vivid/x86_64/percona-xtrabackup-22_2.2.13-1.vivid_amd64.deb" percona_package_sha256: "3e3b15b2b261da004f7c4419ae427af9ec5707b40be1effe22a0142311c51856" +percona_package_path: "/opt/{{ percona_package_url | basename }}" +#There is no package currently provided for Xenial, but vivid uses the +# same libraries and installs without issue. +qpress_package_download_validate_certs: yes +qpress_package_url: https://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.vivid_amd64.deb +qpress_package_sha256: "54c02ae825b5c08bfae0792b23390b1577d7a26cadfb321384377bde31465959" +qpress_package_path: "/opt/{{ qpress_package_url | basename }}" + +# Repositories # TODO: update this to xenial if the repo ever gets created. -galera_apt_percona_xtrabackup_repo: - repo: "deb {{ galera_apt_percona_xtrabackup_url }} vivid main" +galera_percona_xtrabackup_repo_url: "https://repo.percona.com/apt" +galera_percona_xtrabackup_repo: + repo: "deb {{ galera_percona_xtrabackup_repo_url }} {{ ansible_distribution_release }} main" state: "present" + +galera_apt_repo_url: "https://mirror.rackspace.com/mariadb/repo/10.0/ubuntu" +galera_repo: + repo: "deb {{ galera_apt_repo_url }} {{ ansible_distribution_release }} main" + state: "present" + +use_percona_upstream: no +using_mysql_init: yes