From ccfb79a507a42d5444f6a07a73a9bbeecad0ac43 Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik <37010174+vitabaks@users.noreply.github.com> Date: Wed, 8 Nov 2023 18:06:17 +0300 Subject: [PATCH 1/5] PgBouncer: Connect via Unix socket instead of TCP (#498) --- roles/pgbouncer/templates/pgbouncer.ini.j2 | 4 ++-- vars/main.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/pgbouncer/templates/pgbouncer.ini.j2 b/roles/pgbouncer/templates/pgbouncer.ini.j2 index 23c7a1e20..661214ae3 100644 --- a/roles/pgbouncer/templates/pgbouncer.ini.j2 +++ b/roles/pgbouncer/templates/pgbouncer.ini.j2 @@ -1,9 +1,9 @@ [databases] {% for pool in pgbouncer_pools %} -{{ pool.name }} = host=127.0.0.1 port={{ postgresql_port }} dbname={{ pool.dbname }} {{ pool.pool_parameters }} +{{ pool.name }} = host={{ postgresql_unix_socket_dir }} port={{ postgresql_port }} dbname={{ pool.dbname }} {{ pool.pool_parameters }} {% endfor %} -* = host=127.0.0.1 port={{ postgresql_port }} +* = host={{ postgresql_unix_socket_dir }} port={{ postgresql_port }} [pgbouncer] logfile = {{ pgbouncer_log_dir }}/pgbouncer{{ '-%d' % (idx + 1) if idx > 0 else '' }}.log diff --git a/vars/main.yml b/vars/main.yml index 27102e65d..0750a62d8 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -273,9 +273,9 @@ pending_restart: false # specify additional hosts that will be added to the pg_hba.conf postgresql_pg_hba: - { type: "local", database: "all", user: "{{ patroni_superuser_username }}", address: "", method: "trust" } + - { type: "local", database: "all", user: "{{ pgbouncer_auth_username }}", address: "", method: "trust" } # required for pgbouncer auth_user - { type: "local", database: "replication", user: "{{ patroni_superuser_username }}", address: "", method: "trust" } - { type: "local", database: "all", user: "all", address: "", method: "peer" } - - { type: "host", database: "all", user: "{{ pgbouncer_auth_username }}", address: "127.0.0.1/32", method: "trust" } # required for pgbouncer auth_user - { type: "host", database: "all", user: "all", address: "127.0.0.1/32", method: "{{ postgresql_password_encryption_algorithm }}" } - { type: "host", database: "all", user: "all", address: "::1/128", method: "{{ postgresql_password_encryption_algorithm }}" } # - { type: "host", database: "mydatabase", user: "mydb-user", address: "192.168.0.0/24", method: "{{ postgresql_password_encryption_algorithm }}" } From c6c2f35875df5538d85b8ce4121bde57e1dc24d8 Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik <37010174+vitabaks@users.noreply.github.com> Date: Sat, 18 Nov 2023 14:15:55 +0300 Subject: [PATCH 2/5] PgBouncer: Use RuntimeDirectory (#506) --- roles/pgbouncer/tasks/main.yml | 9 +++++++++ roles/pgbouncer/templates/pgbouncer.service.j2 | 6 +++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/roles/pgbouncer/tasks/main.yml b/roles/pgbouncer/tasks/main.yml index 54fb72136..a91386f3e 100644 --- a/roles/pgbouncer/tasks/main.yml +++ b/roles/pgbouncer/tasks/main.yml @@ -34,6 +34,15 @@ mode: "0750" tags: pgbouncer_conf, pgbouncer +- name: Ensure log directory "{{ pgbouncer_log_dir }}" exist + ansible.builtin.file: + path: "{{ pgbouncer_log_dir }}" + state: directory + owner: postgres + group: postgres + mode: "0750" + tags: pgbouncer_conf, pgbouncer + - name: Check if pgbouncer systemd service file exists ansible.builtin.stat: path: /etc/systemd/system/pgbouncer.service diff --git a/roles/pgbouncer/templates/pgbouncer.service.j2 b/roles/pgbouncer/templates/pgbouncer.service.j2 index 2b926a36a..c69eb1ee5 100644 --- a/roles/pgbouncer/templates/pgbouncer.service.j2 +++ b/roles/pgbouncer/templates/pgbouncer.service.j2 @@ -8,9 +8,9 @@ Type=forking User=postgres Group=postgres -PermissionsStartOnly=true -ExecStartPre=-/bin/mkdir -p /run/pgbouncer /var/run/pgbouncer{{ '-%d' % (idx + 1) if idx > 0 else '' }} {{ pgbouncer_log_dir }} -ExecStartPre=/bin/chown -R postgres:postgres /run/pgbouncer /var/run/pgbouncer{{ '-%d' % (idx + 1) if idx > 0 else '' }} {{ pgbouncer_log_dir }} +RuntimeDirectory=pgbouncer{{ '-%d' % (idx + 1) if idx > 0 else '' }} +RuntimeDirectoryMode=0755 + {% if ansible_os_family == "Debian" %} ExecStart=/usr/sbin/pgbouncer -d {{ pgbouncer_conf_dir }}/pgbouncer{{ '-%d' % (idx + 1) if idx > 0 else '' }}.ini {% endif %} From 90a9177d053cab0394a1ee5b979e783cad346cae Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik <37010174+vitabaks@users.noreply.github.com> Date: Sat, 18 Nov 2023 18:04:35 +0300 Subject: [PATCH 3/5] PgBouncer: Fix "local" pg_hba rule (#508) --- vars/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/main.yml b/vars/main.yml index 0750a62d8..0e150e6da 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -275,7 +275,7 @@ postgresql_pg_hba: - { type: "local", database: "all", user: "{{ patroni_superuser_username }}", address: "", method: "trust" } - { type: "local", database: "all", user: "{{ pgbouncer_auth_username }}", address: "", method: "trust" } # required for pgbouncer auth_user - { type: "local", database: "replication", user: "{{ patroni_superuser_username }}", address: "", method: "trust" } - - { type: "local", database: "all", user: "all", address: "", method: "peer" } + - { type: "local", database: "all", user: "all", address: "", method: "{{ postgresql_password_encryption_algorithm }}" } - { type: "host", database: "all", user: "all", address: "127.0.0.1/32", method: "{{ postgresql_password_encryption_algorithm }}" } - { type: "host", database: "all", user: "all", address: "::1/128", method: "{{ postgresql_password_encryption_algorithm }}" } # - { type: "host", database: "mydatabase", user: "mydb-user", address: "192.168.0.0/24", method: "{{ postgresql_password_encryption_algorithm }}" } From cc18794646e3292bdb992ce697aecfbc3d517431 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20H=C3=BCgel?= Date: Sun, 19 Nov 2023 19:13:49 +0100 Subject: [PATCH 4/5] update_pgcluster.yml: Reboot node if it's required, e.g. kernel or security updates (#510) --- roles/update/tasks/system.yml | 26 ++++++++++++++++++++++++++ vars/RedHat.yml | 3 +++ 2 files changed, 29 insertions(+) diff --git a/roles/update/tasks/system.yml b/roles/update/tasks/system.yml index 14643bb02..a942306f1 100644 --- a/roles/update/tasks/system.yml +++ b/roles/update/tasks/system.yml @@ -30,4 +30,30 @@ delay: 5 retries: 3 ignore_errors: true + +- name: Check if a reboot is required + ansible.builtin.stat: + path: /var/run/reboot-required + register: reboot_required_debian + changed_when: false + when: + - ansible_os_family == "Debian" + - ansible_virtualization_type not in ['container', 'docker', 'lxc', 'podman'] # exclude for containers to prevent test failures in CI. + +- name: Check if a reboot is required + ansible.builtin.command: needs-restarting -r + register: reboot_required_rhel + failed_when: false + changed_when: false + when: + - ansible_os_family == "RedHat" + - ansible_virtualization_type not in ['container', 'docker', 'lxc', 'podman'] # exclude for containers to prevent test failures in CI. + +- name: Rebooting host + ansible.builtin.reboot: + msg: "Reboot initiated by Ansible due to required system updates" + reboot_timeout: 1800 # 30 minutes + test_command: uptime + when: (reboot_required_debian.stat.exists is defined and reboot_required_debian.stat.exists) or + (reboot_required_rhel.rc is defined and reboot_required_rhel.rc != 0) ... diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 1b386b944..44da8d23e 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -38,15 +38,18 @@ os_specific_packages: - libselinux-python - libsemanage-python - policycoreutils-python + - yum-utils RedHat-8: - python2 - python3-libselinux - python3-libsemanage - python3-policycoreutils + - dnf-utils RedHat-9: - python3-libselinux - python3-libsemanage - python3-policycoreutils + - dnf-utils system_packages: - "{{ os_specific_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] }}" - python3 From b9e41c83d5a6a71389b3b35d427774bfb2920e70 Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik <37010174+vitabaks@users.noreply.github.com> Date: Mon, 20 Nov 2023 00:29:06 +0300 Subject: [PATCH 5/5] Add the Molecule tests for the Type C schema (Consul) (#511) --- add_balancer.yml | 25 +++++++---- add_pgnode.yml | 41 ++++++++++++----- balancers.yml | 13 ++++-- config_pgcluster.yml | 51 ++++++++++++++------- consul.yml | 52 +++++++++++++--------- deploy_pgcluster.yml | 42 ++++++++++++----- etcd_cluster.yml | 13 ++++-- molecule/default/cleanup.yml | 10 +++++ molecule/default/converge.yml | 12 +++++ molecule/default/verify.yml | 5 +++ molecule/pg_upgrade/converge.yml | 3 ++ pg_upgrade.yml | 39 ++++++++-------- pg_upgrade_rollback.yml | 16 +++---- remove_cluster.yml | 20 +++++---- roles/upgrade/tasks/maintenance_enable.yml | 1 + update_pgcluster.yml | 29 ++++++------ 16 files changed, 246 insertions(+), 126 deletions(-) create mode 100644 molecule/default/cleanup.yml diff --git a/add_balancer.yml b/add_balancer.yml index 5e54cee4b..07c445b94 100644 --- a/add_balancer.yml +++ b/add_balancer.yml @@ -1,15 +1,19 @@ --- -- name: add_balancer.yml | Add haproxy balancer node (to the cluster "{{ patroni_cluster_name }}") +- name: add_balancer.yml | Add HAProxy balancer node hosts: balancers become: true become_method: sudo any_errors_fatal: true gather_facts: true - vars_files: - - vars/main.yml - - vars/system.yml - pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -122,13 +126,18 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml vars: add_balancer: true pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always diff --git a/add_pgnode.yml b/add_pgnode.yml index ecbf1dac6..dd9d0e1bf 100644 --- a/add_pgnode.yml +++ b/add_pgnode.yml @@ -1,5 +1,5 @@ --- -- name: add_pgnode.yml | PostgreSQL High-Availability Cluster Scaling (add a replica node to the cluster "{{ patroni_cluster_name }}") +- name: add_pgnode.yml | PostgreSQL HA Cluster Scaling (add a replica node) hosts: postgres_cluster become: true become_method: sudo @@ -7,11 +7,16 @@ gather_facts: true handlers: - ansible.builtin.import_tasks: roles/patroni/handlers/main.yml - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -134,11 +139,16 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -165,9 +175,11 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -187,13 +199,18 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml vars: existing_pgcluster: true pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always diff --git a/balancers.yml b/balancers.yml index 7c18676ba..36525dc15 100644 --- a/balancers.yml +++ b/balancers.yml @@ -1,17 +1,22 @@ --- -- name: balancers.yml | Configure load balancers +- name: balancers.yml | Configure HAProxy load balancers hosts: balancers become: true become_method: sudo any_errors_fatal: true gather_facts: true - vars_files: - - vars/main.yml - - vars/system.yml vars: vip_manager_disable: false # or 'true' for disable vip-manager service (if installed) pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always diff --git a/config_pgcluster.yml b/config_pgcluster.yml index 4683f3f2a..b2d08c7f2 100644 --- a/config_pgcluster.yml +++ b/config_pgcluster.yml @@ -1,11 +1,14 @@ --- -- name: config_pgcluster.yml | Configuration PostgreSQL HA Cluster (based on "Patroni" and "{{ dcs_type }}") +- name: config_pgcluster.yml | Configuration PostgreSQL HA Cluster (based on "Patroni") hosts: postgres_cluster gather_facts: true - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" @@ -76,10 +79,15 @@ handlers: - ansible.builtin.import_tasks: roles/patroni/handlers/main.yml - ansible.builtin.import_tasks: roles/pgbouncer/handlers/main.yml - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -155,9 +163,11 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -172,9 +182,11 @@ become: true become_method: sudo any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -221,9 +233,11 @@ become_method: sudo any_errors_fatal: true environment: "{{ proxy_env | default({}) }}" - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -277,9 +291,14 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always roles: # finish (info) - role: deploy-finish diff --git a/consul.yml b/consul.yml index 0812ee8df..ca03dc4cd 100644 --- a/consul.yml +++ b/consul.yml @@ -1,22 +1,40 @@ --- -- name: consul.yml | Consul Playbook - hosts: localhost +- name: consul.yml | Configure Consul instances + hosts: consul_instances + become: true + become_method: sudo any_errors_fatal: true - gather_facts: false - vars_files: - - vars/main.yml - tasks: + gather_facts: true + environment: "{{ proxy_env | default({}) }}" + + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + + - name: Include OS-specific variables + ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" + tags: always + - name: Check if the consul role requirements (ansible.utils) are installed ansible.builtin.command: ansible-galaxy collection list ansible.utils changed_when: false failed_when: false register: ansible_utils_result + delegate_to: localhost + run_once: true # noqa run-once - name: Consul role requirements ansible.builtin.fail: msg: - "Please install consul role requirements (ansible.utils)" - "ansible-galaxy install -r roles/consul/requirements.yml" + delegate_to: localhost + run_once: true # noqa run-once when: - ansible_utils_result.stderr is search("unable to find") @@ -28,6 +46,8 @@ until: package_status is success delay: 5 retries: 3 + delegate_to: localhost + run_once: true # noqa run-once - name: Make sure the python3-pip package are present on the control host ansible.builtin.package: @@ -37,6 +57,8 @@ until: package_status is success delay: 5 retries: 3 + delegate_to: localhost + run_once: true # noqa run-once - name: Install netaddr dependency on the control host ansible.builtin.pip: @@ -45,22 +67,8 @@ become: false environment: PIP_BREAK_SYSTEM_PACKAGES: "1" - -- name: consul.yml | Configure Consul instances - hosts: consul_instances - become: true - become_method: sudo - any_errors_fatal: true - gather_facts: true - vars_files: - - vars/main.yml - - vars/system.yml - environment: "{{ proxy_env | default({}) }}" - - pre_tasks: - - name: Include OS-specific variables - ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - tags: always + delegate_to: localhost + run_once: true # noqa run-once - name: Update apt cache ansible.builtin.apt: diff --git a/deploy_pgcluster.yml b/deploy_pgcluster.yml index eef011a98..c93b94408 100644 --- a/deploy_pgcluster.yml +++ b/deploy_pgcluster.yml @@ -1,18 +1,23 @@ --- -- name: Deploy PostgreSQL HA Cluster (based on "Patroni" and "{{ dcs_type }}") +- name: Deploy PostgreSQL HA Cluster (based on "Patroni") hosts: all become: true become_method: sudo gather_facts: true tags: always any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml environment: "{{ proxy_env | default({}) }}" pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -122,11 +127,16 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -182,9 +192,12 @@ become_method: sudo gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always @@ -201,11 +214,16 @@ any_errors_fatal: true handlers: - ansible.builtin.import_tasks: roles/pgbouncer/handlers/main.yml - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always diff --git a/etcd_cluster.yml b/etcd_cluster.yml index a536bbc25..6ef34d5ec 100644 --- a/etcd_cluster.yml +++ b/etcd_cluster.yml @@ -1,15 +1,20 @@ --- -- name: Configure etcd Cluster and System Settings +- name: etcd_cluster.yml | Deploy etcd Cluster hosts: etcd_cluster become: true become_method: sudo any_errors_fatal: true gather_facts: true - vars_files: - - vars/main.yml - - vars/system.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always + + - name: Include system variables + ansible.builtin.include_vars: "vars/system.yml" + tags: always + - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tags: always diff --git a/molecule/default/cleanup.yml b/molecule/default/cleanup.yml new file mode 100644 index 000000000..895a1b452 --- /dev/null +++ b/molecule/default/cleanup.yml @@ -0,0 +1,10 @@ +--- +- name: Molecule.default.cleanup + hosts: localhost + gather_facts: false + + tasks: + - name: Delete dcs_type.yml file + ansible.builtin.file: + path: "../../vars/dcs_type.yml" + state: absent diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 463b88e17..b884e7955 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -13,11 +13,23 @@ nameservers: ["8.8.8.8", "9.9.9.9"] timezone: "Etc/UTC" with_haproxy_load_balancing: true + dcs_type: "{{ ['etcd', 'consul'] | random }}" # Set 'dcs_type' to either 'etcd' or 'consul' randomly consul_node_role: server # if dcs_type: "consul" consul_bootstrap_expect: true # if dcs_type: "consul" postgresql_version: "15" # to test custom WAL dir pgbouncer_processes: 2 # Test multiple pgbouncer processes (so_reuseport) cacheable: true + delegate_to: localhost + run_once: true # noqa run-once + + - name: Write dcs_type.yml file (for Molecule verify) + ansible.builtin.copy: + content: | + --- + dcs_type: "{{ dcs_type }}" + dest: "../../vars/dcs_type.yml" + delegate_to: localhost + run_once: true # noqa run-once - name: Set variables for custom PostgreSQL data and WAL directory test ansible.builtin.set_fact: diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 222f84718..07f28c26a 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -13,6 +13,11 @@ ansible.builtin.include_vars: file: ../../vars/main.yml + # Including the dcs_type variable redefined in converge.yml + - name: Molecule.default.verify | Include dcs_type Variable + ansible.builtin.include_vars: + file: ../../vars/dcs_type.yml + # 🔄 Including OS-specific variables # These variables are specific to the operating system on which the playbook is running - name: Molecule.default.verify | Include OS-Specific Variables diff --git a/molecule/pg_upgrade/converge.yml b/molecule/pg_upgrade/converge.yml index 3d20befe4..5e97f32a8 100644 --- a/molecule/pg_upgrade/converge.yml +++ b/molecule/pg_upgrade/converge.yml @@ -13,11 +13,14 @@ nameservers: ["8.8.8.8", "9.9.9.9"] timezone: "Etc/UTC" with_haproxy_load_balancing: true + dcs_type: "{{ ['etcd', 'consul'] | random }}" # Set 'dcs_type' to either 'etcd' or 'consul' randomly consul_node_role: server # if dcs_type: "consul" consul_bootstrap_expect: true # if dcs_type: "consul" postgresql_version: "14" # redefine the version to install for the upgrade test pgbouncer_processes: 4 # Test multiple pgbouncer processes (so_reuseport) cacheable: true + delegate_to: localhost + run_once: true # noqa run-once - name: Set variables for custom PostgreSQL data and WAL directory test ansible.builtin.set_fact: diff --git a/pg_upgrade.yml b/pg_upgrade.yml index 1de434d0c..86068b1dd 100644 --- a/pg_upgrade.yml +++ b/pg_upgrade.yml @@ -1,16 +1,19 @@ --- # TODO: # - Citus support -- name: "Upgrade PostgreSQL {{ pg_old_version }} to version {{ pg_new_version }} (PostgreSQL HA Cluster: {{ patroni_cluster_name }})" +- name: "pg_upgrade.yml | Upgrade PostgreSQL {{ pg_old_version }} to the new version {{ pg_new_version }}" hosts: postgres_cluster gather_facts: true become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/upgrade.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + + - name: Include upgrade variables + ansible.builtin.include_vars: "vars/upgrade.yml" + - name: '[Prepare] Get Patroni Cluster Leader Node' ansible.builtin.uri: url: http://{{ inventory_hostname }}:{{ patroni_restapi_port }}/leader @@ -58,9 +61,9 @@ become_user: postgres any_errors_fatal: true environment: "{{ proxy_env | default({}) }}" - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -81,9 +84,9 @@ become_user: root any_errors_fatal: true environment: "{{ proxy_env | default({}) }}" - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -104,9 +107,9 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -144,9 +147,9 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -166,9 +169,9 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -229,9 +232,9 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables @@ -258,9 +261,9 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - name: Include upgrade variables diff --git a/pg_upgrade_rollback.yml b/pg_upgrade_rollback.yml index bd18c3cec..f88d48480 100644 --- a/pg_upgrade_rollback.yml +++ b/pg_upgrade_rollback.yml @@ -5,13 +5,15 @@ # The playbook first checks the health of the current cluster, verifies the version of PostgreSQL, and ensures the new PostgreSQL is not running. # If these checks pass, the playbook switches back to the old PostgreSQL paths and restarts the Patroni service. -- name: "Rollback PostgreSQL {{ pg_new_version }} to version {{ pg_old_version }} (PostgreSQL HA Cluster: {{ patroni_cluster_name }})" +- name: "pg_upgrade_rollback.yml | Rollback the PostgreSQL upgrade" hosts: postgres_cluster gather_facts: true any_errors_fatal: true - vars_files: - - vars/main.yml - - vars/upgrade.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + - name: Include upgrade variables + ansible.builtin.include_vars: "vars/upgrade.yml" tasks: - name: '[Prepare] Add host to group "primary" (in-memory inventory)' ansible.builtin.add_host: @@ -37,15 +39,13 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - tags: always - name: Include upgrade variables ansible.builtin.include_vars: "vars/upgrade.yml" - tags: always tasks: - name: Running rollback.yml ansible.builtin.include_role: diff --git a/remove_cluster.yml b/remove_cluster.yml index 707239926..cea78b465 100644 --- a/remove_cluster.yml +++ b/remove_cluster.yml @@ -1,10 +1,12 @@ --- -- name: remove_cluster.yml | PostgreSQL Cluster Play +- name: remove_cluster.yml | Remove PostgreSQL HA Cluster hosts: postgres_cluster become: true - vars_files: - - vars/main.yml - - vars/{{ ansible_os_family }}.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + - name: Include OS-specific variables + ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" tasks: - block: - name: Stop Patroni service @@ -34,8 +36,9 @@ - name: remove_cluster.yml | Consul Cluster Play hosts: consul_instances become: true - vars_files: - - vars/main.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" tasks: - block: - name: Stop Consul service @@ -57,8 +60,9 @@ - name: remove_cluster.yml | Etcd Cluster Play hosts: etcd_cluster become: true - vars_files: - - vars/main.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" tasks: - block: - name: Stop Etcd service diff --git a/roles/upgrade/tasks/maintenance_enable.yml b/roles/upgrade/tasks/maintenance_enable.yml index 7f7cf15fb..d248d8342 100644 --- a/roles/upgrade/tasks/maintenance_enable.yml +++ b/roles/upgrade/tasks/maintenance_enable.yml @@ -22,6 +22,7 @@ ansible.builtin.service: name: confd state: stopped + when: dcs_type == "etcd" - name: Update haproxy conf file (disable http-checks) ansible.builtin.template: diff --git a/update_pgcluster.yml b/update_pgcluster.yml index c3f49619e..58bee2d75 100644 --- a/update_pgcluster.yml +++ b/update_pgcluster.yml @@ -1,12 +1,14 @@ --- -- name: Update PostgreSQL HA Cluster (based on "Patroni" and "{{ dcs_type }}") +- name: update_pgcluster.yml | Update PostgreSQL HA Cluster (based on "Patroni") hosts: postgres_cluster gather_facts: true become: true become_method: sudo any_errors_fatal: true - vars_files: - - vars/main.yml + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" + tags: always tasks: - name: "[Prepare] Get Patroni Cluster Leader Node" ansible.builtin.uri: @@ -49,11 +51,12 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml vars: max_replication_lag_bytes: 10485760 # 10 MiB max_transaction_sec: 15 # seconds + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" tasks: - name: Running Pre-Checks ansible.builtin.include_role: @@ -71,14 +74,13 @@ become_method: sudo any_errors_fatal: true environment: "{{ proxy_env | default({}) }}" - vars_files: - - vars/main.yml vars: target: postgres # or 'patroni', 'system' pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - tags: always tasks: - name: Stop read-only traffic @@ -130,15 +132,13 @@ become_method: sudo any_errors_fatal: true environment: "{{ proxy_env | default({}) }}" - vars_files: - - vars/main.yml vars: target: postgres # or 'patroni', 'system' pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" - name: Include OS-specific variables ansible.builtin.include_vars: "vars/{{ ansible_os_family }}.yml" - tags: always - tasks: - name: "Switchover Patroni leader role" ansible.builtin.include_role: @@ -193,10 +193,11 @@ become: true become_user: postgres any_errors_fatal: true - vars_files: - - vars/main.yml vars: update_extensions: true # or 'false', to avoid updating extensions + pre_tasks: + - name: Include main variables + ansible.builtin.include_vars: "vars/main.yml" tasks: - name: Update extensions ansible.builtin.include_role: