From a10ad340541f956f3ca4d9a1883b75baacb6577b Mon Sep 17 00:00:00 2001 From: "Christian M. Adams" Date: Mon, 11 Mar 2024 11:03:01 -0400 Subject: [PATCH] Set env vars from secrets so when pods cycle values are updated - without this, the db host env var is not updated on the deployment until the deployment yaml is patched in a future reconciliation loop. - remove logic to scale up the content and web pods after upgrading and rely on a second reconciliation loop for now. --- playbooks/galaxy.yaml | 2 +- roles/common/tasks/postgres_configuration.yml | 5 ++++- .../templates/galaxy-api.deployment.yaml.j2 | 20 +++++++++++++++---- .../galaxy-content.deployment.yaml.j2 | 10 ++++++++-- .../galaxy-worker.deployment.yaml.j2 | 10 ++++++++-- roles/postgres/tasks/upgrade_postgres.yml | 19 ------------------ roles/postgres/templates/postgres.yaml.j2 | 12 +++++------ 7 files changed, 43 insertions(+), 35 deletions(-) diff --git a/playbooks/galaxy.yaml b/playbooks/galaxy.yaml index 0a4ced95..404dbd18 100644 --- a/playbooks/galaxy.yaml +++ b/playbooks/galaxy.yaml @@ -107,4 +107,4 @@ - galaxy-worker - galaxy-api - galaxy-route - - galaxy-status \ No newline at end of file + - galaxy-status diff --git a/roles/common/tasks/postgres_configuration.yml b/roles/common/tasks/postgres_configuration.yml index d18b29ad..009200e5 100644 --- a/roles/common/tasks/postgres_configuration.yml +++ b/roles/common/tasks/postgres_configuration.yml @@ -82,12 +82,15 @@ - postgres_migrant_configuration_secret is defined - recorded_db_migration_secret == postgres_migrant_configuration_secret - - name: Set PostgreSQL Configuration set_fact: pg_config: '{{ _generated_pg_config_resources["resources"] | default([]) | length | ternary(_generated_pg_config_resources, _pg_config) }}' no_log: "{{ no_log }}" +- name: Set actual postgres configuration secret used + set_fact: + _postgres_configuration_secret: "{{ pg_config['resources'][0]['metadata']['name'] }}" + - name: Set user provided postgres image set_fact: _custom_postgres_image: "{{ postgres_image }}" diff --git a/roles/galaxy-api/templates/galaxy-api.deployment.yaml.j2 b/roles/galaxy-api/templates/galaxy-api.deployment.yaml.j2 index 1d066847..c7cee130 100644 --- a/roles/galaxy-api/templates/galaxy-api.deployment.yaml.j2 +++ b/roles/galaxy-api/templates/galaxy-api.deployment.yaml.j2 @@ -137,9 +137,15 @@ spec: - start-api env: - name: POSTGRES_SERVICE_HOST - value: "{{ postgres_host }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: host - name: POSTGRES_SERVICE_PORT - value: "{{ postgres_port }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: port {% if pulp_combined_settings.cache_enabled %} - name: REDIS_SERVICE_HOST value: "{{ ansible_operator_meta.name }}-redis-svc" @@ -255,9 +261,15 @@ spec: pulpcore-manager migrate env: - name: POSTGRES_SERVICE_HOST - value: "{{ postgres_host }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: host - name: POSTGRES_SERVICE_PORT - value: "{{ postgres_port }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: port - name: HOME value: "/var/lib/pulp" volumeMounts: diff --git a/roles/galaxy-content/templates/galaxy-content.deployment.yaml.j2 b/roles/galaxy-content/templates/galaxy-content.deployment.yaml.j2 index 633e0be3..275a073a 100644 --- a/roles/galaxy-content/templates/galaxy-content.deployment.yaml.j2 +++ b/roles/galaxy-content/templates/galaxy-content.deployment.yaml.j2 @@ -159,9 +159,15 @@ spec: {% endif %} env: - name: POSTGRES_SERVICE_HOST - value: "{{ postgres_host }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: host - name: POSTGRES_SERVICE_PORT - value: "{{ postgres_port }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: port {% if pulp_combined_settings.cache_enabled %} - name: REDIS_SERVICE_HOST value: "{{ ansible_operator_meta.name }}-redis-svc" diff --git a/roles/galaxy-worker/templates/galaxy-worker.deployment.yaml.j2 b/roles/galaxy-worker/templates/galaxy-worker.deployment.yaml.j2 index 4e1b7e4c..e66d151f 100644 --- a/roles/galaxy-worker/templates/galaxy-worker.deployment.yaml.j2 +++ b/roles/galaxy-worker/templates/galaxy-worker.deployment.yaml.j2 @@ -121,9 +121,15 @@ spec: - start-worker env: - name: POSTGRES_SERVICE_HOST - value: "{{ postgres_host }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: host - name: POSTGRES_SERVICE_PORT - value: "{{ postgres_port }}" + valueFrom: + secretKeyRef: + name: {{ _postgres_configuration_secret }} + key: port {% if pulp_combined_settings.cache_enabled %} - name: REDIS_SERVICE_HOST value: "{{ ansible_operator_meta.name }}-redis-svc" diff --git a/roles/postgres/tasks/upgrade_postgres.yml b/roles/postgres/tasks/upgrade_postgres.yml index ef709ac0..ef2a0fcf 100644 --- a/roles/postgres/tasks/upgrade_postgres.yml +++ b/roles/postgres/tasks/upgrade_postgres.yml @@ -324,22 +324,3 @@ status: "True" lastTransitionTime: "{{ lookup('pipe', 'date --iso-8601=seconds') }}" -# Default to 1 replica if not specified -- name: Scale up web and content Deployments using replicas from the custom resource - kubernetes.core.k8s_scale: - api_version: v1 - kind: Deployment - name: "{{ item.name }}" - namespace: "{{ ansible_operator_meta.namespace }}" - replicas: "{{ item.replicas }}" - loop: - - name: "{{ ansible_operator_meta.name }}-api" - replicas: "{{ combined_api.replicas | default(1) }}" - - name: "{{ ansible_operator_meta.name }}-web" - replicas: "{{ combined_web.replicas | default(1)}}" - - name: "{{ ansible_operator_meta.name }}-content" - replicas: "{{ combined_content.replicas | default(1) }}" - - name: "{{ ansible_operator_meta.name }}-worker" - replicas: "{{ combined_worker.replicas | default(1)}}" - - name: "{{ ansible_operator_meta.name }}-redis" - replicas: "{{ combined_redis.replicas | default(1)}}" diff --git a/roles/postgres/templates/postgres.yaml.j2 b/roles/postgres/templates/postgres.yaml.j2 index fefc638a..f52f4fd2 100644 --- a/roles/postgres/templates/postgres.yaml.j2 +++ b/roles/postgres/templates/postgres.yaml.j2 @@ -56,34 +56,34 @@ spec: - name: POSTGRESQL_DATABASE valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: database - name: POSTGRESQL_USER valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: username - name: POSTGRESQL_PASSWORD valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: password # For postgres_image based on postgres - name: POSTGRES_DB valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: database - name: POSTGRES_USER valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: username - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: '{{ postgres_configuration_secret }}' + name: '{{ _postgres_configuration_secret }}' key: password - name: PGDATA value: '{{ postgres_data_path }}'