From 2901a028645f5309e52f93518409fd686b57a1c4 Mon Sep 17 00:00:00 2001 From: Vitaliy Kukharik Date: Mon, 23 Dec 2024 16:04:52 +0500 Subject: [PATCH] Use patroni_etcd_protocol variable --- automation/molecule/tests/etcd/etcd.yml | 2 +- automation/roles/confd/templates/confd.toml.j2 | 4 ++-- automation/roles/etcd/tasks/main.yml | 2 +- automation/roles/etcd/templates/etcd.conf.j2 | 10 +++++----- .../roles/vip-manager/templates/vip-manager.yml.j2 | 4 ++-- automation/vars/main.yml | 2 +- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/automation/molecule/tests/etcd/etcd.yml b/automation/molecule/tests/etcd/etcd.yml index ea7d41ab4..f94fe69da 100644 --- a/automation/molecule/tests/etcd/etcd.yml +++ b/automation/molecule/tests/etcd/etcd.yml @@ -1,7 +1,7 @@ --- - name: Check etcd health ansible.builtin.uri: - url: "{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2379/health" + url: "{{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2379/health" method: GET return_content: true validate_certs: "{% if tls_cert_generate | bool %}true{% else %}false{% endif %}" diff --git a/automation/roles/confd/templates/confd.toml.j2 b/automation/roles/confd/templates/confd.toml.j2 index d9ee0f0da..add558254 100644 --- a/automation/roles/confd/templates/confd.toml.j2 +++ b/automation/roles/confd/templates/confd.toml.j2 @@ -4,12 +4,12 @@ watch = true nodes = [ {% if not dcs_exists|bool and dcs_type == 'etcd' %} {% for host in groups['etcd_cluster'] %} - "{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ hostvars[host]['inventory_hostname'] }}:2379", + "{{ patroni_etcd_protocol }}://{{ hostvars[host]['inventory_hostname'] }}:2379", {% endfor %} {% endif %} {% if dcs_exists|bool and dcs_type == 'etcd' %} {% for etcd_hosts in patroni_etcd_hosts %} - "{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{etcd_hosts.host}}:{{etcd_hosts.port}}", + "{{ patroni_etcd_protocol }}://{{etcd_hosts.host}}:{{etcd_hosts.port}}", {% endfor %} {% endif %} ] diff --git a/automation/roles/etcd/tasks/main.yml b/automation/roles/etcd/tasks/main.yml index c20e58a09..2933b7402 100644 --- a/automation/roles/etcd/tasks/main.yml +++ b/automation/roles/etcd/tasks/main.yml @@ -136,7 +136,7 @@ - name: Wait until the etcd cluster is healthy ansible.builtin.command: > /usr/local/bin/etcdctl endpoint health - --endpoints={% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2379 + --endpoints={{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2379 {% if tls_cert_generate | bool %} --cacert=/etc/etcd/ca.crt --cert=/etc/etcd/server.crt diff --git a/automation/roles/etcd/templates/etcd.conf.j2 b/automation/roles/etcd/templates/etcd.conf.j2 index de1aea647..ada454ef1 100644 --- a/automation/roles/etcd/templates/etcd.conf.j2 +++ b/automation/roles/etcd/templates/etcd.conf.j2 @@ -1,10 +1,10 @@ ETCD_NAME="{{ ansible_hostname }}" -ETCD_LISTEN_CLIENT_URLS="{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2379,{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://127.0.0.1:2379" -ETCD_ADVERTISE_CLIENT_URLS="{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2379" -ETCD_LISTEN_PEER_URLS="{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2380" -ETCD_INITIAL_ADVERTISE_PEER_URLS="{% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ inventory_hostname }}:2380" +ETCD_LISTEN_CLIENT_URLS="{{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2379,{{ patroni_etcd_protocol }}://127.0.0.1:2379" +ETCD_ADVERTISE_CLIENT_URLS="{{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2379" +ETCD_LISTEN_PEER_URLS="{{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="{{ patroni_etcd_protocol }}://{{ inventory_hostname }}:2380" ETCD_INITIAL_CLUSTER_TOKEN="{{ etcd_cluster_name }}" -ETCD_INITIAL_CLUSTER="{% for host in groups['etcd_cluster'] %}{{ hostvars[host]['ansible_hostname'] }}={% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ hostvars[host]['inventory_hostname'] }}:2380{% if not loop.last %},{% endif %}{% endfor %}" +ETCD_INITIAL_CLUSTER="{% for host in groups['etcd_cluster'] %}{{ hostvars[host]['ansible_hostname'] }}={{ patroni_etcd_protocol }}://{{ hostvars[host]['inventory_hostname'] }}:2380{% if not loop.last %},{% endif %}{% endfor %}" ETCD_INITIAL_CLUSTER_STATE="new" ETCD_DATA_DIR="{{ etcd_data_dir }}" ETCD_ELECTION_TIMEOUT="5000" diff --git a/automation/roles/vip-manager/templates/vip-manager.yml.j2 b/automation/roles/vip-manager/templates/vip-manager.yml.j2 index 4222d79e8..ca02f929a 100644 --- a/automation/roles/vip-manager/templates/vip-manager.yml.j2 +++ b/automation/roles/vip-manager/templates/vip-manager.yml.j2 @@ -27,12 +27,12 @@ dcs-type: {{ vip_manager_dcs_type | default(dcs_type) }} # etcd, consul or patro {% if not dcs_exists | bool %} dcs-endpoints: {% for host in groups['etcd_cluster'] %} - - {% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ hostvars[host]['inventory_hostname'] }}:2379 + - {{ patroni_etcd_protocol }}://{{ hostvars[host]['inventory_hostname'] }}:2379 {% endfor %} {% else %} dcs-endpoints: {% for etcd_hosts in patroni_etcd_hosts %} - - {% if tls_cert_generate | bool %}https{% else %}http{% endif %}://{{ etcd_hosts.host }}:{{ etcd_hosts.port }} + - {{ patroni_etcd_protocol }}://{{ etcd_hosts.host }}:{{ etcd_hosts.port }} {% endfor %} {% endif %} {% endif %} diff --git a/automation/vars/main.yml b/automation/vars/main.yml index f66b447e4..3ee237689 100644 --- a/automation/vars/main.yml +++ b/automation/vars/main.yml @@ -104,7 +104,7 @@ patroni_etcd_hosts: [] # list of servers of an existing etcd cluster patroni_etcd_namespace: "service" # (optional) etcd namespace (prefix) patroni_etcd_username: "" # (optional) username for etcd authentication patroni_etcd_password: "" # (optional) password for etcd authentication -patroni_etcd_protocol: "https" # (optional) http or https, if not specified http is used +patroni_etcd_protocol: "{{ 'https' if tls_cert_generate | bool else 'http' }}" # more options you can specify in the roles/patroni/templates/patroni.yml.j2 # https://patroni.readthedocs.io/en/latest/yaml_configuration.html#etcd