No OneTemporary
Actions

Authored By

Unknown

Size

6 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/deployments/ansible/roles/kolab-node/tasks/setup_mariadb_galera.yaml b/deployments/ansible/roles/kolab-node/tasks/setup_mariadb_galera.yaml
	index fe9b13b..3e509e7 100644
	--- a/deployments/ansible/roles/kolab-node/tasks/setup_mariadb_galera.yaml
	+++ b/deployments/ansible/roles/kolab-node/tasks/setup_mariadb_galera.yaml
	@@ -1,114 +1,114 @@
	---
	- name: Mariadb
	ansible.builtin.template:
	src: files/my.cnf.j2
	dest: /etc/my.cnf
	owner: root
	group: root
	mode: '0644'
	vars:
	bind_address: "{{ ip }}"

	- name: Prepare storage
	ansible.builtin.shell: \|
	mkdir -p /data/mysql; \
	chown mysql:mysql /data/mysql;

	- name: Garb
	ansible.builtin.template:
	src: files/garb.j2
	dest: /etc/sysconfig/garb
	owner: root
	group: root
	mode: '0644'

	- name: Bootstrap mariadb galera
	block:
	- name: Check mariadb status
	command: systemctl is-active mariadb
	ignore_errors: true
	register: mariadb_status
	check_mode: false
	changed_when: false

	- ansible.builtin.set_fact:
	mariadb_is_running: "{{ mariadb_status.stdout == 'active' }}"

	- name: Rejoin mariadb cluster
	# If mariadb is running on another node
	when: not mariadb_is_running and (hostvars[groups['infrastructure_nodes'][0]].mariadb_is_running or hostvars[groups['infrastructure_nodes'][1]].mariadb_is_running)
	block:
	- name: Start mariadb
	ansible.builtin.command: systemctl start mariadb

	- name: Start garbd
	ansible.builtin.command: systemctl start garbd

	- name: Bootstrap mariadb cluster
	# If mariadb is not running on any node, we have to bootstrap
	when: not mariadb_is_running and (not hostvars[groups['infrastructure_nodes'][0]].mariadb_is_running and not hostvars[groups['infrastructure_nodes'][1]].mariadb_is_running)
	block:
	# If mariadb tries to join a cluster but fails we can't just stop it, we have to kill it (otherwise we also can't bootstrap from scratch)
	- name: Stop existing mariadb
	ansible.builtin.command: systemctl kill mariadb
	ignore_errors: true

	- name: Stop existing garbd
	ansible.builtin.command: systemctl kill garbd
	ignore_errors: true

	- name: Initialize galera cluster
	ansible.builtin.shell: \|
	- sed -i 's/safe_to_bootstrap: 0/safe_to_bootstrap: 1/' /data/mysql/grastate.dat \|\| : ; \
	+ [ -f "/data/mysql/grastate.dat" ] && sed -i 's/safe_to_bootstrap: 0/safe_to_bootstrap: 1/' /data/mysql/grastate.dat \|\| : ; \
	galera_new_cluster
	when: mariadb.bootstrap

	- name: Start mariadb
	ansible.builtin.command: systemctl start mariadb
	when: not mariadb.bootstrap

	- name: Start garbd
	ansible.builtin.command: systemctl start garbd

	- name: Start garbd
	ansible.builtin.command: systemctl enable --now garbd

	- name: Check mariadb status
	command: systemctl is-active mariadb
	ignore_errors: true
	register: mariadb_status
	check_mode: false
	changed_when: false

	- name: Assert mariadb is running
	ansible.builtin.assert:
	that: "mariadb_status.stdout == 'active'"
	when: not ansible_check_mode

	# TODO we depend on a root account to setup databases atm, but shouldn't have to in principle.
	- name: Initialize databases
	when: is_primary
	ansible.builtin.command: \|
	mariadb -e " \
	CREATE USER IF NOT EXISTS 'root'@'%' identified by '{{ db_root_password }}'; \
	GRANT ALL PRIVILEGES ON . to 'root'@'%' WITH GRANT OPTION;
	CREATE USER IF NOT EXISTS 'k3s'@'%' identified by '{{ k3s_db_password }}'; \
	CREATE USER IF NOT EXISTS 'haproxy'@'%'; \
	CREATE DATABASE IF NOT EXISTS k3s; \
	GRANT ALL PRIVILEGES ON k3s.* TO 'k3s'@'%'; \
	CREATE DATABASE IF NOT EXISTS {{ db_rc_database }} CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; \
	CREATE USER IF NOT EXISTS {{ db_rc_username }}@'%' IDENTIFIED BY '{{ db_rc_password }}'; \
	CREATE USER IF NOT EXISTS {{ db_rc_username }}@'127.0.0.1' IDENTIFIED BY '{{ db_rc_password }}'; \
	ALTER USER {{ db_rc_username }}@'%' IDENTIFIED BY '{{ db_rc_password }}'; \
	ALTER USER {{ db_rc_username }}@'127.0.0.1' IDENTIFIED BY '{{ db_rc_password }}'; \
	GRANT ALL PRIVILEGES ON {{ db_rc_database }}.* TO {{ db_rc_username }}@'%'; \
	CREATE DATABASE IF NOT EXISTS {{ db_kolab_database }} CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; \
	CREATE USER IF NOT EXISTS {{ db_kolab_username }}@'%' IDENTIFIED BY '{{ db_kolab_password }}'; \
	CREATE USER IF NOT EXISTS {{ db_kolab_username }}@'127.0.0.1' IDENTIFIED BY '{{ db_kolab_password }}'; \
	ALTER USER {{ db_kolab_username }}@'%' IDENTIFIED BY '{{ db_kolab_password }}'; \
	ALTER USER {{ db_kolab_username }}@'127.0.0.1' IDENTIFIED BY '{{ db_kolab_password }}'; \
	GRANT ALL PRIVILEGES ON {{ db_kolab_database }}.* TO {{ db_kolab_username }}@'%'; \
	CREATE USER IF NOT EXISTS 'exporter'@'%' IDENTIFIED BY '{{ db_monitoring_password }}' WITH MAX_USER_CONNECTIONS 3; \
	GRANT PROCESS, REPLICATION CLIENT, SELECT ON . TO 'exporter'@'%'; \
	FLUSH PRIVILEGES;
	"
	diff --git a/deployments/k3s-replicated/ansible/recover-mariadb.yaml b/deployments/k3s-replicated/ansible/recover-mariadb.yaml
	index 3273a7b..b3e3fad 100644
	--- a/deployments/k3s-replicated/ansible/recover-mariadb.yaml
	+++ b/deployments/k3s-replicated/ansible/recover-mariadb.yaml
	@@ -1,28 +1,28 @@

	- name: Configure kolab-node
	hosts: nodes
	gather_facts: False
	become: yes
	user: kolab
	tasks:
	- name: Initialize galera cluster
	ansible.builtin.shell: \|
	systemctl stop mariadb; \
	systemctl stop garbd; \

	# TODO in principle we should first select the correct node to bootstrap by comparing the output of:
	#sudo mysqld --wsrep-recover, which outputs something like "WSREP: Recovered position: 90823e7a-cf9e-11ef-a4e1-d69a8635a591:1873796",
	#and then use that node to bootstrap.

	- name: Initialize galera cluster
	ansible.builtin.shell: \|
	- sed -i 's/safe_to_bootstrap: 0/safe_to_bootstrap: 1/' /data/mysql/grastate.dat; \
	+ [ -f "/data/mysql/grastate.dat" ] && sed -i 's/safe_to_bootstrap: 0/safe_to_bootstrap: 1/' /data/mysql/grastate.dat; \
	galera_new_cluster
	when: mariadb.bootstrap

	- name: Start mariadb
	ansible.builtin.command: systemctl start mariadb
	when: not mariadb.bootstrap

	- name: Start garbd
	ansible.builtin.command: systemctl start garbd

File Metadata

Mime Type: text/x-diff
Expires: Sat, Apr 4, 2:37 AM (6 d, 4 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18822162
Default Alt Text: (6 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions