Move database creation into role

There is no record for why we implement the database creation outside
of the role in the playbook, when we could do it inside the role.

Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.

In this patch we implement a new variable called 'horizon_db_setup_host'
which is used in the role to allow delegation of the database setup
task to any host, but defaults to the first member of the galera_all
host group. We also document the variable horizon_galera_address which
has been used for a long time, but never documented.

Change-Id: I7946c325d87c74e2bd9b1dcc1f92ea09a5386729
This commit is contained in:
Jesse Pretorius 2018-06-01 15:53:58 +01:00
parent 316b859368
commit 36ec620afd
3 changed files with 32 additions and 1 deletions

View File

@ -78,6 +78,8 @@ horizon_service_region: RegionOne
horizon_service_name: horizon horizon_service_name: horizon
## Database info ## Database info
horizon_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
horizon_galera_address: "{{ galera_address | default('127.0.0.1') }}"
horizon_galera_database: dash horizon_galera_database: dash
horizon_galera_user: dash horizon_galera_user: dash
horizon_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" horizon_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"

View File

@ -11,7 +11,6 @@
horizon_container_mysql_password: "SuperSecrete" horizon_container_mysql_password: "SuperSecrete"
horizon_secret_key: "SuperSecreteHorizonKey" horizon_secret_key: "SuperSecreteHorizonKey"
horizon_external_ssl: true horizon_external_ssl: true
galera_root_password: "secrete"
rabbitmq_servers: 10.100.100.101 rabbitmq_servers: 10.100.100.101
rabbitmq_use_ssl: false rabbitmq_use_ssl: false
rabbitmq_port: 5671 rabbitmq_port: 5671
@ -28,3 +27,7 @@
openrc_os_domain_name: "Default" openrc_os_domain_name: "Default"
memcached_servers: 10.100.100.101 memcached_servers: 10.100.100.101
memcached_encryption_key: "secrete" memcached_encryption_key: "secrete"
galera_root_user: root
vars_prompt:
- name: "galera_root_password"
prompt: "What is galera_root_password?"

View File

@ -13,6 +13,32 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
- name: Create DB for service
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ horizon_galera_address }}"
name: "{{ horizon_galera_database }}"
state: "present"
delegate_to: "{{ horizon_db_setup_host }}"
no_log: True
- name: Grant access to the DB for the service
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ horizon_galera_address }}"
name: "{{ horizon_galera_user }}"
password: "{{ horizon_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ horizon_galera_database }}.*:ALL"
delegate_to: "{{ horizon_db_setup_host }}"
with_items:
- "localhost"
- "%"
no_log: True
- name: Perform a horizon DB sync - name: Perform a horizon DB sync
command: "{{ horizon_bin }}/horizon-manage.py migrate --noinput" command: "{{ horizon_bin }}/horizon-manage.py migrate --noinput"
become: yes become: yes