Drop delegate_to for SSH jump host compatibility #1033
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -343,7 +343,7 @@ | |
| dest: "{{ files_dir | default(playbook_dir ~ '/files') }}/patroni.yml" | ||
| validate_checksum: true | ||
| flat: true | ||
| when: "'master' in group_names" | ||
|
|
||
| - name: Copy patroni.yml conf file to replica | ||
| ansible.builtin.copy: | ||
|
|
@@ -1042,7 +1042,7 @@ | |
| dest: "{{ files_dir | default(playbook_dir ~ '/files') }}/pg_hba.conf" | ||
| validate_checksum: true | ||
| flat: true | ||
| when: "'master' in group_names" | ||
|
|
||
| - name: Prepare PostgreSQL | copy pg_hba.conf file to replica | ||
| ansible.builtin.copy: | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -36,30 +36,32 @@ | |
| # The delegate_to parameter is used to execute the task on a different host than the one specified in the play's hosts parameter. | ||
| # In this case, the task is delegated to the first host in the pgbackrest group in the invetory. | ||
| - name: Get repo1-path value | ||
| run_once: true | ||
| ansible.builtin.set_fact: | ||
| repo1_path: "{{ pgbackrest_server_conf['global'] | selectattr('option', 'equalto', 'repo1-path') | map(attribute='value') | list | first }}" | ||
| when: | ||
| - pgbackrest_repo_type | lower == 'posix' | ||
| - "'pgbackrest' in group_names" | ||
|
|
||
| - name: "Make sure the {{ repo1_path }} directory exists" | ||
| run_once: true | ||
| ansible.builtin.file: | ||
| path: "{{ repo1_path }}" | ||
| state: directory | ||
| owner: "{{ pgbackrest_repo_user }}" | ||
| group: "{{ pgbackrest_repo_user }}" | ||
| mode: "0750" | ||
| when: | ||
| - repo1_path | default('') | length > 0 | ||
| - "'pgbackrest' in group_names" | ||
|
|
||
| - name: Create stanza "{{ pgbackrest_stanza }}" | ||
| become: true | ||
| become_user: "{{ pgbackrest_repo_user }}" | ||
| run_once: true | ||
| ansible.builtin.command: "pgbackrest --stanza={{ pgbackrest_stanza }} --no-online stanza-create" | ||
| register: stanza_create_result | ||
| when: "'pgbackrest' in group_names" | ||
|
Owner
There was a problem hiding this comment. this condition will not work because only the postgres_cluster group is declared in PLAY. - name: vitabaks.autobase.deploy_pgcluster | PostgreSQL Cluster Deployment
hosts: postgres_clusterIn this case, you need a separate PLAY for the pgbackest group. |
||
| changed_when: | ||
| - stanza_create_result.rc == 0 | ||
| - stanza_create_result.stdout is not search("already exists") | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -34,7 +34,7 @@ | |
| "SELECT concat('\"', usename, '\" \"', passwd, '\"') FROM pg_shadow where usename != '{{ patroni_replication_username }}'" | ||
| register: pg_shadow_result | ||
| changed_when: false | ||
| when: "'master' in group_names" | ||
|
|
||
| - name: "Generate {{ pgbouncer_conf_dir }}/userlist.txt" | ||
| become: true | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -165,7 +165,7 @@ | |||||
| loop_control: | ||||||
| index_var: idx | ||||||
| label: "{{ 'pgbouncer' if idx == 0 else 'pgbouncer-%d' % (idx + 1) }}" | ||||||
| when: "'master' in group_names" | ||||||
|
|
||||||
| - name: Fetch userlist.txt conf file from master | ||||||
| run_once: true | ||||||
|
|
@@ -174,8 +174,9 @@ | |||||
| dest: "{{ files_dir | default(playbook_dir ~ '/files') }}/" | ||||||
| validate_checksum: true | ||||||
| flat: true | ||||||
| when: | ||||||
| - not pgbouncer_auth_user|bool | ||||||
| - when: "'master' in group_names" | ||||||
|
Owner
There was a problem hiding this comment. bug :)
Suggested change
|
||||||
|
|
||||||
| - name: Copy pgbouncer.ini file to replica | ||||||
| ansible.builtin.copy: | ||||||
|
|
||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,21 +1,14 @@ | ||
| --- | ||
| - name: "Fetch TLS certificate, key and CA from {{ inventory_hostname }}" | ||
vitabaks marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| run_once: true | ||
| ansible.builtin.slurp: | ||
| src: "{{ fetch_tls_dir | default(tls_dir | default('/etc/tls')) }}/{{ item }}" | ||
| register: tls_files | ||
| loop: | ||
| - "{{ fetch_tls_privatekey | default(tls_privatekey | default('server.key')) }}" | ||
| - "{{ fetch_tls_cert | default(tls_cert | default('server.crt')) }}" | ||
| - "{{ fetch_tls_ca_cert | default(tls_ca_cert | default('ca.crt')) }}" | ||
| when: tls_group_name | d('master') in group_names | ||
| tags: tls, tls_cert_copy | ||
|
|
||
| - name: Create directory {{ copy_tls_dir | default(tls_dir | default('/etc/tls')) }} | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,19 +4,19 @@ | |
| - block: | ||
| - name: Gather facts from pgbackrest server | ||
| ansible.builtin.setup: | ||
| run_once: true | ||
| when: "'pgbackrest' in group_names" | ||
|
|
||
| - name: Update dnf cache | ||
| run_once: true | ||
| ansible.builtin.shell: dnf clean all && dnf -y makecache | ||
| args: | ||
| executable: /bin/bash | ||
| when: | ||
| - ansible_os_family == "RedHat" | ||
| - "'pgbackrest' in group_names" | ||
|
|
||
| - name: Update apt cache | ||
| run_once: true | ||
| ansible.builtin.apt: | ||
| update_cache: true | ||
|
|
@@ -25,10 +25,11 @@ | |
| until: apt_status is success | ||
| delay: 5 | ||
| retries: 3 | ||
| when: | ||
| - ansible_os_family == "Debian" | ||
| - "'pgbackrest' in group_names" | ||
|
|
||
| - name: Install the latest version of pgbackrest package | ||
| run_once: true | ||
| ansible.builtin.package: | ||
| name: pgbackrest | ||
|
|
@@ -37,6 +38,7 @@ | |
| until: update_pgbackrest_package is success | ||
| delay: 5 | ||
| retries: 3 | ||
| when: "'pgbackrest' in group_names" | ||
|
Owner
There was a problem hiding this comment. this condition will not work because only the "primary:secondary" groups is declared in PLAY. - name: "(1/4) PRE-UPDATE: Perform pre-update tasks"
hosts: "primary:secondary"In this case, you need a separate PLAY for the pgbackest group. |
||
| become: true | ||
| become_user: root | ||
| when: | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -122,14 +122,13 @@ | |
| # pgBackRest (dedicated) | ||
| - block: | ||
| - name: pgbackrest | Check pg-path option | ||
| run_once: true | ||
| ansible.builtin.command: "grep -c '^pg[0-9]*-path=' {{ pgbackrest_conf_file | dirname }}/conf.d/{{ pgbackrest_stanza }}.conf" | ||
| register: pg_path_count | ||
| when: "'pgbackrest' in group_names" | ||
| changed_when: false | ||
|
|
||
| - name: pgbackrest | Update pg-path in pgbackrest.conf | ||
| run_once: true | ||
| ansible.builtin.replace: | ||
| path: "{{ pgbackrest_conf_file | dirname }}/conf.d/{{ pgbackrest_stanza }}.conf" | ||
|
|
@@ -139,13 +138,16 @@ | |
| loop_control: | ||
| index_var: idx | ||
| label: "pg{{ idx + 1 }}-path={{ pg_new_datadir }}" | ||
| when: | ||
| - pg_path_count.stdout | int > 0 | ||
| - "'pgbackrest' in group_names" | ||
|
|
||
| - name: pgbackrest | Upgrade stanza "{{ pgbackrest_stanza }}" | ||
| run_once: true | ||
| ansible.builtin.command: "pgbackrest --stanza={{ pgbackrest_stanza }} --no-online stanza-upgrade" | ||
| when: | ||
| - pg_path_count.stdout | int > 0 and pgbackrest_stanza_upgrade | bool | ||
| - "'pgbackrest' in group_names" | ||
|
Owner
There was a problem hiding this comment. this condition will not work because only the "primary:secondary" groups is declared in PLAY. - name: "(6/6) POST-UPGRADE: Analyze a PostgreSQL database (update optimizer statistics) and Post-Upgrade tasks"
hosts: "primary:secondary"
...
- name: Running Post-Upgrade tasks
ansible.builtin.include_role:
name: vitabaks.autobase.upgrade
tasks_from: post_upgradeFor this reason, delegate_to was used. |
||
| become: true | ||
| become_user: "{{ pgbackrest_repo_user }}" | ||
| ignore_errors: true # show the error and continue the playbook execution | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -99,7 +99,7 @@ | |
| dest: "{{ files_dir | default(playbook_dir ~ '/files') }}/{{ vip_manager_conf | basename }}" | ||
| validate_checksum: true | ||
| flat: true | ||
| when: "'master' in group_names" | ||
|
|
||
| - name: Copy "{{ vip_manager_conf | basename }}" conf file to replica | ||
| ansible.builtin.copy: | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In this case, there will be an error because there will be a new haproxy node in the group that we are adding.
It is necessary to get files from the first node of the group.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what if the first node in the group will be a new node?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it is assumed that the user has read the documentation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it will work.