Skip to content

C
configuration
Commit 6af283b3 by e0d
Options

Merge pull request #1696 from edx/e0d/mongo-roles 

Add roles
parents 20bb7ee3 67318f42
Showing with 113 additions and 36 deletions
playbooks/roles/mongo/defaults/main.yml
mongo_logappend: true
mongo_version: 2.6.4
mongo_version: 2.6.5
mongo_port: "27017"
mongo_extra_conf: ''
mongo_key_file: '/etc/mongodb_key'
mongo_repl_set: rs0
mongo_cluster_members: []
pymongo_version: 2.7.2
mongo_data_dir: "{{ COMMON_DATA_DIR }}/mongo"
mongo_log_dir: "{{ COMMON_LOG_DIR }}/mongo"
......@@ -14,13 +15,17 @@ MONGODB_APT_KEY: "http://docs.mongodb.org/10gen-gpg-key.asc"
MONGODB_REPO: "deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen"
# Vars Meant to be overridden
MONGO_ADMIN_USER: 'admin'
MONGO_ADMIN_PASSWORD: 'password'
MONGO_USERS:
- user: cs_comments_service
password: password
database: cs_comments_service
roles: readWrite
- user: edxapp
password: password
database: edxapp
roles: readWrite
MONGO_CLUSTERED: !!null
MONGO_BIND_IP: 127.0.0.1
......@@ -30,10 +35,6 @@ MONGO_BIND_IP: 127.0.0.1
mongo_logpath: "{{ mongo_log_dir }}/mongodb.log"
mongo_dbpath: "{{ mongo_data_dir }}/mongodb"
# Have to use this conditional instead of ignore errors
# because the mongo_user module fails and doesn't ignore errors.
mongo_create_users: true
# If the system is running out of an Amazon Web Services
# cloudformation stack, this group name can used to pull out
# the name of the stack the mongo server resides in.
......
playbooks/roles/mongo/tasks/main.yml
---
- name: check to see that MongoDB 2.4 isn't installed
- name: check to see that MongoDB 2.4 is not installed
stat: path=/etc/init.d/mongodb
register: mongodb_needs_upgrade
- name: verify 2.4 not installed
fail: msg="MongoDB 2.4 is currently installed. If on a stand alone host (devstack), apt-get remove mongodb-10gen and re-run ansible. if on a cluster, read http://docs.mongodb.org/manual/release-notes/2.6-upgrade/#upgrade-considerations and upgrade to 2.6."
when: mongodb_needs_upgrade.stat.exists
fail: msg="MongoDB 2.4 is currently installed and cannot be safely upgraded in a clustered configuration. Please read http://docs.mongodb.org/manual/release-notes/2.6-upgrade/#upgrade-considerations and upgrade to 2.6."
when: mongodb_needs_upgrade.stat.exists and MONGO_CLUSTERED
- name: remove mongo 2.4 if present
apt: >
pkg=mongodb-10gen
state=absent purge=yes
force=yes
when: mongodb_needs_upgrade.stat.exists and not MONGO_CLUSTERED
- name: install python pymongo for mongo_user ansible module
pip: >
name=pymongo state=present
version=2.6.3 extra_args="-i {{ COMMON_PYPI_MIRROR_URL }}"
version={{ pymongo_version }} extra_args="-i {{ COMMON_PYPI_MIRROR_URL }}"
- name: add the mongodb signing key
apt_key: >
......@@ -46,8 +51,9 @@
service: name=mongod state=stopped
- name: move mongodb to {{ mongo_data_dir }}
command: mv /var/lib/mongodb {{ mongo_data_dir}}/. creates={{ mongo_data_dir }}/mongodb
command: >
mv /var/lib/mongodb {{ mongo_data_dir}}/.
creates={{ mongo_data_dir }}/mongodb
- name: copy mongodb key file
copy: >
......@@ -68,24 +74,56 @@
- name: wait for mongo server to start
wait_for: port=27017 delay=2
- name: drop super user script
template: src="create_root.js.j2" dest="/tmp/create_root.js"
when: not MONGO_CLUSTERED
- name: create super user with js
shell: >
/usr/bin/mongo admin /tmp/create_root.js
when: not MONGO_CLUSTERED
- name: delete super user script
file: path=/tmp/create_root.js state=absent
when: not MONGO_CLUSTERED
- name: Create the file to initialize the mongod replica set
template: src=repset_init.j2 dest=/tmp/repset_init.js
template: src=repset_init.js.j2 dest=/tmp/repset_init.js
when: MONGO_CLUSTERED
- name: Initialize the replication set
shell: /usr/bin/mongo /tmp/repset_init.js
shell: >
/usr/bin/mongo /tmp/repset_init.js
when: MONGO_CLUSTERED
# Ignore errors doesn't work because the module throws an exception
# it doesn't catch.
#- name: delete repset script
# file: path=/tmp/repset_init.js state=absent
# when: MONGO_CLUSTERED
- name: create a mongodb user
mongodb_user: >
mongo_user_1.8: >
database={{ item.database }}
login_user={{ MONGO_ADMIN_USER }}
login_password={{ MONGO_ADMIN_PASSWORD }}
name={{ item.user }}
password={{ item.password }}
roles={{ item.roles }}
state=present
with_items: MONGO_USERS
when: mongo_create_users
when: not MONGO_CLUSTERED
- name: create a mongodb user
mongo_user_1.8: >
database={{ item.database }}
login_user={{ MONGO_ADMIN_USER }}
login_password={{ MONGO_ADMIN_PASSWORD }}
name={{ item.user }}
password={{ item.password }}
roles={{ item.roles }}
state=present
replica_set={{ mongo_repl_set }}
with_items: MONGO_USERS
when: MONGO_CLUSTERED
- name: install s3cmd
pip: >
......@@ -93,7 +131,7 @@
state=present
extra_args="-i {{ COMMON_PYPI_MIRROR_URL }}"
when: MONGO_S3_BACKUP
- name: configure s3cmd
template: >
dest="{{ MONGO_S3_S3CMD_CONFIG }}"
......
playbooks/roles/mongo/templates/create_root.js.j2 0 → 100644
// Add super user
conn = new Mongo();
db = conn.getDB("admin");
db.auth( '{{ MONGO_ADMIN_USER }}', '{{ MONGO_ADMIN_PASSWORD }}');
if(db.getUser('{{ MONGO_ADMIN_USER }}') == null) {
db.createUser(
{
"user": "{{ MONGO_ADMIN_USER }}",
"pwd": "{{ MONGO_ADMIN_PASSWORD }}",
"roles": ["root"]
}
);
} else {
db.updateUser(
"{{ MONGO_ADMIN_USER }}",
{
"pwd": "{{ MONGO_ADMIN_PASSWORD }}",
"roles": ["root"]
}
);
}
playbooks/roles/mongo/templates/repset_init.j2 playbooks/roles/mongo/templates/repset_init.js.j2
conn = new Mongo();
db = conn.getDB("admin");
db.auth( '{{ MONGO_ADMIN_USER }}', '{{ MONGO_ADMIN_PASSWORD }}');
{# Generate a list of hosts if no cluster members are give. Otherwise use the
hosts provided in the variable.
#}
......@@ -20,9 +24,9 @@
{%- endif -%}
config = {_id: '{{ mongo_repl_set }}', members: [
{%- for host in hosts -%}
{_id: {{ loop.index }}, host: '{{ host }}'}{% if not loop.last %},{% endif %}
{%- endfor -%}
{%- for host in hosts -%}
{_id: {{ loop.index }}, host: '{{ host }}'}{% if not loop.last %},{% endif %}
{%- endfor -%}
]};
rs.initiate(config)
......@@ -47,4 +51,26 @@ if(rs.isMaster().ismaster) {
throw 'Could not add all members to cluster'
}
}
// Now add super user to cluster
conn = new Mongo();
db = conn.getDB("admin");
db.auth( '{{ MONGO_ADMIN_USER }}', '{{ MONGO_ADMIN_PASSWORD }}');
if(db.getUser("{{ MONGO_ADMIN_USER }}") == null) {
db.createUser(
{
"user": "{{ MONGO_ADMIN_USER }}",
"pwd": "{{ MONGO_ADMIN_PASSWORD }}",
"roles": ["root"]
}
);
} else {
db.updateUser(
"{{ MONGO_ADMIN_USER }}",
{
"pwd": "{{ MONGO_ADMIN_PASSWORD }}",
"roles": ["root"]
}
);
}
}
playbooks/vagrant-cluster.yml
......@@ -10,7 +10,6 @@
- "cluster3"
MONGO_CLUSTERED: yes
MONGO_CLUSTER_KEY: 'password'
mongo_create_users: no
ELASTICSEARCH_CLUSTERED: yes
MARIADB_CLUSTERED: yes
MARIADB_CREATE_DBS: no
......@@ -41,8 +40,7 @@
roles:
- rabbitmq
# Mongo user doesn't handle slave's gracefully when
# creating users and there are race conditions
# There are race conditions creating DBs
# in MariaDB occasionally so this play will work
# but will also show as failed
- name: Configure group with tasks that will always fail
......@@ -50,19 +48,10 @@
sudo: True
gather_facts: True
vars:
mongo_cluster_members:
- "cluster1"
- "cluster2"
- "cluster3"
MONGO_CLUSTERED: yes
MONGO_CLUSTER_KEY: 'password'
mongo_create_users: yes
RABBITMQ_CLUSTERED: yes
MARIADB_CLUSTERED: yes
MARIADB_CREATE_DBS: yes
vars_files:
- "group_vars/all"
- "roles/analytics-api/defaults/main.yml"
roles:
- mongo
- mariadb
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment