From 33c17a1c81e7f3a3bda8ed54743ee25a24a3d0c2 Mon Sep 17 00:00:00 2001 From: cicharka Date: Wed, 9 Feb 2022 13:09:07 +0100 Subject: [PATCH] Fix rsync and schema validation for backup/recovery Bug #2942 rsync command fails trying to copy artifacts * With new version of ansible we can use private_key option for synchronize module, therefore there's no need to use rsh Bug #2930 Backup/recovery commands fail when default configuration for backup attached to cluster-config.yml * extend run_for_individual_documents method so it can choose relevant schema for validated document --- .../tasks/common/download_via_rsync.yml | 16 ++++++++------- .../tasks/common/upload_via_rsync.yml | 19 +++++++++--------- cli/src/schema/SchemaValidator.py | 6 +++++- docs/home/howto/BACKUP.md | 20 +++++++++++-------- 4 files changed, 36 insertions(+), 25 deletions(-) diff --git a/ansible/playbooks/roles/backup/tasks/common/download_via_rsync.yml b/ansible/playbooks/roles/backup/tasks/common/download_via_rsync.yml index 768e055813..bfe75fffba 100644 --- a/ansible/playbooks/roles/backup/tasks/common/download_via_rsync.yml +++ b/ansible/playbooks/roles/backup/tasks/common/download_via_rsync.yml @@ -75,14 +75,16 @@ dest: "{{ backup_destination_dir }}" src: "{{ item }}" checksum: true - rsync_opts: - - --rsh={{ rsh }} - vars: - # this fixes / replaces incorrect path to the private key file that synchronize provides - # (setting private_key parameter has no effect whatsoever, looks like a bug tbh) - rsh: >- - /usr/bin/ssh -S none -i {{ private_key_file.path }} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + private_key: "{{ private_key_file.path }}" loop: "{{ artifacts }}" + # Legacy code used in eariler version of Ansible + # rsync_opts: + # - --rsh={{ rsh }} + # vars: + # # this fixes / replaces incorrect path to the private key file that synchronize provides + # # (setting private_key parameter has no effect whatsoever, looks like a bug tbh) + # rsh: >- + # /usr/bin/ssh -S none -i {{ private_key_file.path }} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null - name: Remove copied artifacts from source file: diff --git a/ansible/playbooks/roles/recovery/tasks/common/upload_via_rsync.yml b/ansible/playbooks/roles/recovery/tasks/common/upload_via_rsync.yml index 427e8d2d1e..1b46eae77e 100644 --- a/ansible/playbooks/roles/recovery/tasks/common/upload_via_rsync.yml +++ b/ansible/playbooks/roles/recovery/tasks/common/upload_via_rsync.yml @@ -70,12 +70,13 @@ dest: "{{ recovery_dir }}/" src: "{{ item }}" checksum: true - rsync_opts: - - --rsh={{ rsh }} - vars: - # this fixes / replaces incorrect path to the private key file that synchronize provides - # (setting private_key parameter has no effect whatsoever, looks like a bug tbh) - rsh: >- - /usr/bin/ssh -S none -i {{ private_key_file.path }} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null - loop: >- - {{ artifacts }} + private_key: "{{ private_key_file.path }}" + loop: "{{ artifacts }}" + # Legacy code used in earlier version of Ansible + # rsync_opts: + # - --rsh={{ rsh }} + # vars: + # # this fixes / replaces incorrect path to the private key file that synchronize provides + # # (setting private_key parameter has no effect whatsoever, looks like a bug tbh) + # rsh: >- + # /usr/bin/ssh -S none -i {{ private_key_file.path }} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null diff --git a/cli/src/schema/SchemaValidator.py b/cli/src/schema/SchemaValidator.py index c2a93ef808..a8f6ea6a18 100644 --- a/cli/src/schema/SchemaValidator.py +++ b/cli/src/schema/SchemaValidator.py @@ -47,7 +47,11 @@ def validate_document(self, doc, schema): def run_for_individual_documents(self): for doc in self.validation_docs: # Load document schema - schema = load_schema_obj(types.VALIDATION, self.provider, doc.kind) + if 'backup' in doc.kind or 'recovery' in doc.kind: + schema = load_schema_obj(types.VALIDATION, self.provider, doc.kind) + else: + schema = self.get_base_schema(doc.kind) + schema['properties']['specification'] = load_schema_obj(types.VALIDATION, self.provider, doc.kind) # Include "definitions" schema['definitions'] = self.definitions diff --git a/docs/home/howto/BACKUP.md b/docs/home/howto/BACKUP.md index bc601be64f..2731a9b103 100644 --- a/docs/home/howto/BACKUP.md +++ b/docs/home/howto/BACKUP.md @@ -17,17 +17,18 @@ filesystem. See [How to store backup](#2-how-to-store-backup) chapter. ## 1. How to perform backup -#### Backup configuration file and command +### Backup configuration file and command Copy default configuration for backup from ``defaults/configuration/backup.yml`` into newly created backup.yml config -file, and enable backup for chosen components by setting up ``enabled`` parameter to ``true``. +file, supply correct provider and enable backup for chosen components by setting up ``enabled`` parameter to ``true``. This config may also be attached to cluster-config.yml -``` +```yaml kind: configuration/backup title: Backup Config name: default +provider: azure specification: components: load_balancer: @@ -48,7 +49,7 @@ specification: Run ``epicli backup`` command: -``` +```shell epicli backup -f backup.yml -b build_folder ``` @@ -80,15 +81,16 @@ machine's disk drive. This is not recommended. ### Recovery configuration file and command Copy existing default configuration from ``defaults/configuration/recovery.yml`` into newly created recovery.yml config -file, and set ``enabled`` parameter for component to recovery. It's possible to choose snapshot name by passing date and -time part of snapshot name. If snapshot name is not provided, the latest one will be restored. +file, supply correct provider and set ``enabled`` parameter for component to recovery. It's possible to choose snapshot +name by passing date and time part of snapshot name. If snapshot name is not provided, the latest one will be restored. This config may also be attached to cluster-config.yml -``` +```yaml kind: configuration/recovery title: Recovery Config name: default +provider: azure specification: components: load_balancer: @@ -110,7 +112,9 @@ specification: Run ``epicli recovery`` command: -``epicli recovery -f recovery.yml -b build_folder`` +```shell +epicli recovery -f recovery.yml -b build_folder +``` If recovery config is attached to cluster-config.yml, use this file instead of ``recovery.yml``.