diff --git a/.gitignore b/.gitignore index 06f46373a333332a8d757346274b35d8eb3e00df..7b9c30c8c0a08148cdeb52f501a2a408fd516841 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ downloaded_files -ansible-docker/inventories/opengauss/credentials -ansible-docker/inventories/opengauss/assembled_vars \ No newline at end of file +inventories/opengauss/credentials +inventories/opengauss/assembled_vars +vagrant/.vagrant +vagrant/packer_cache +vagrant/output* \ No newline at end of file diff --git a/01-deploy.yml b/01-deploy.yml index 73bdc435a70aa69e26577f1649340dd66b37a4ea..2f0de54ea5641b054584e461615b9e5429e0d280 100644 --- a/01-deploy.yml +++ b/01-deploy.yml @@ -1,5 +1,8 @@ +# code: language=ansible + - name: Deploy openGauss hosts: openGauss become: true + become_flags: "-i" roles: - openGauss \ No newline at end of file diff --git a/README.md b/README.md index c2f1882b4c0278f99ff8a246b6afd05dc1a1923d..403ba1fc323a0b7d4fd05988f745235c92504740 100644 --- a/README.md +++ b/README.md @@ -2,12 +2,11 @@ 自动部署 openGauss,根据分组定义,自适应部署单点、一主一从、一主多从以及级联节点等架构模式。 -目前仅支持初次部署,不支持对集群架构做变更。 - # 已适配的系统 * x86_64 * CentOS 7.6 + * openEuler 20.03 LTS SP3 # 已适配的 openGauss 版本 @@ -26,7 +25,7 @@ 默认变量 ``` - openGauss_env: + opengauss_env: user_name: omm user_group: dbgrp ``` @@ -34,7 +33,7 @@ 自定义变量文件 `{{ inventory_dir }}/group_vars/openGauss.yml` ``` - openGauss_env: + opengauss_env: user_name: ommo ``` @@ -42,7 +41,7 @@ ``` combined_vars: - openGauss_env: + opengauss_env: user_name: ommo user_group: dbgrp ``` @@ -53,6 +52,11 @@ * [创建 Ansible 容器](docs/01-ansible-in-docker.md),使用 docker 快速搭建一个可以运行本项目的 ansible 环境,降低对操作系统的依赖。 * [详细配置](docs/02-pre-set.md) * [开始部署](docs/03-deploy.md) +* [节点扩容](docs/04-expansion.md) + +# 更新日志 + +* 2023-10-13: 支持集群扩容。 # 开发指南 diff --git a/ansible-docker/Dockerfile b/ansible-docker/Dockerfile index d4dccce37c6620bf3a79dba26bbbd813f685adb3..8c55e8a6b6f714760c476337c9f1b999ef534377 100644 --- a/ansible-docker/Dockerfile +++ b/ansible-docker/Dockerfile @@ -2,6 +2,8 @@ FROM alpine LABEL Creator="haibin.l@linkingcloud.cn" ARG TIMEZONE="Asia/Shanghai" +ADD ssh_config /root/.ssh/config + RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.cloud.tencent.com/g' /etc/apk/repositories \ && apk --no-cache add bzip2 nano ansible fish byobu \ sshpass tzdata rsync wget curl net-tools tar unzip \ diff --git a/ansible-docker/docker-compose.yml b/ansible-docker/docker-compose.yml index 74bf0517dea6f053dc1fb2536af43c69e13bb0f4..2eb58df96cfae92863af1408f33bcb93aedfef63 100644 --- a/ansible-docker/docker-compose.yml +++ b/ansible-docker/docker-compose.yml @@ -3,17 +3,15 @@ version: "3.3" services: ansible: image: haibin.lee/ansible - container_name: ansible - hostname: ansible-in-docker + container_name: ansible-for-opengauss + hostname: ansible-for-opengauss restart: always build: context: . working_dir: /workdir volumes: - - "./inventories:/etc/ansible/inventories" + - "../inventories:/etc/ansible/inventories" - "../:/workdir" - - "./ansible.cfg:/etc/ansible/ansible.cfg" - - "~/.vagrant.d/insecure_private_key:/root/.vagrant.d/insecure_private_key" entrypoint: - "crond" - "-f" diff --git a/ansible-docker/ssh_config b/ansible-docker/ssh_config new file mode 100644 index 0000000000000000000000000000000000000000..859e07a9fe3bd7c7c163e73b29c212169d0f2e71 --- /dev/null +++ b/ansible-docker/ssh_config @@ -0,0 +1,10 @@ +Host * + TCPKeepAlive yes + ServerAliveInterval 5 + AddKeysToAgent yes + Compression yes + ConnectionAttempts 3 + ConnectTimeout 5 + StrictHostKeyChecking no + UserKnownHostsFile /dev/null + ControlPersist 4h diff --git a/ansible-docker/ansible.cfg b/ansible.cfg similarity index 87% rename from ansible-docker/ansible.cfg rename to ansible.cfg index 8a0805d52fb32abfebba861ec940f8d3ffc5e7d9..6b038f562135cac635b63e2e7c8fab450e3682bd 100644 --- a/ansible-docker/ansible.cfg +++ b/ansible.cfg @@ -1,6 +1,6 @@ [defaults] nocows = True -inventory = ./inventories/opengauss/hosts.ini +inventory = ./inventories/opengauss/hosts.ini roles_path = ~/.ansible/roles,/workdir/roles,./roles remote_tmp = $HOME/.ansible/tmp diff --git a/docs/00-how-to.md b/docs/00-how-to.md index 706c9892648b82a4b705f8f924845946e1c15533..65a76b14064568d23fd6b21efb5a03556fcaa3ff 100644 --- a/docs/00-how-to.md +++ b/docs/00-how-to.md @@ -6,27 +6,28 @@ master 组仅可以配置 1 台机器。follower 可以多台。cascade 可选可为空。 ``` -[openGauss_master] +[opengauss_master] 192.168.56.11 -[openGauss_follower] +[opengauss_follower] 192.168.56.12 -[openGauss_cascade] +[opengauss_cascade] 192.168.56.13 [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ``` # playbook.yml 示例 ``` -- name: Deploy openGauss database +- name: Deploy openGauss hosts: openGauss become: true + become_flags: "-i" roles: - openGauss ``` diff --git a/docs/01-ansible-in-docker.md b/docs/01-ansible-in-docker.md index 9987fd667edcc893f39fb763cce5ce77134c7bc6..271e34d6939472cb26383a64ccc4286ffa27d66e 100644 --- a/docs/01-ansible-in-docker.md +++ b/docs/01-ansible-in-docker.md @@ -1,16 +1,12 @@ 进入 `ansible-docker` 目录,按以下步骤创建容器。 -# 制作 ansible 容器镜像 +# 制作并启动 ansible 容器 -`docker-compose build` - -# 启动 ansible 容器 - -`docker-compose up -d` +`docker-compose up -d --build` # 进入容器环境 -`docker exec -it ansible byobu` +`docker exec -it ansible-for-opengauss byobu` # 声明 diff --git a/docs/02-pre-set.md b/docs/02-pre-set.md index c04f03da094de5da97e2b74ac366473558371ef4..b2bb130327bb0ca53e9750e19d1ec1526a7e157e 100644 --- a/docs/02-pre-set.md +++ b/docs/02-pre-set.md @@ -6,22 +6,22 @@ ``` ; 主服务器组,仅设置 1 个目标机。 -[openGauss_master] +[opengauss_master] 192.168.56.11 ; 从服务器组,可设置若干个或留空。 -[openGauss_follower] +[opengauss_follower] 192.168.56.12 ; 级联服务器组,可设置若干个或留空。 -[openGauss_cascade] +[opengauss_cascade] 192.168.56.13 ; 以上 3 个分组的合并组,勿动。 [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ; 机器的 SSH 信息,请根据你的实际情况修改。 [openGauss:vars] @@ -43,7 +43,7 @@ ansible_ssh_port=22 ``` # Sysctl 的配置,可自行扩展。 -openGauss_sysctl: +opengauss_sysctl: net.ipv4.tcp_retries1: 5 net.ipv4.tcp_syn_retries: 5 ``` @@ -52,7 +52,7 @@ openGauss_sysctl: ``` # Sysctl 的配置,可自行扩展。 -openGauss_sysctl: +opengauss_sysctl: net.ipv4.tcp_retries1: 5 net.ipv4.tcp_syn_retries: 3 net.ipv4.tcp_synack_retries: 5 @@ -62,7 +62,7 @@ openGauss_sysctl: ``` combined_vars: - openGauss_sysctl: + opengauss_sysctl: net.ipv4.tcp_retries1: 5 net.ipv4.tcp_syn_retries: 3 net.ipv4.tcp_synack_retries: 5 diff --git a/docs/03-deploy.md b/docs/03-deploy.md index 14a042ee8deddfecf6e91b14b45bd00bed412b2d..17f8b6cc7617596686a9976ea7d2c2a44f7cc4b6 100644 --- a/docs/03-deploy.md +++ b/docs/03-deploy.md @@ -5,10 +5,19 @@ 1. 进入 ansible 环境 ``` - docker exec -it ansible byobu + docker exec -it ansible-for-opengauss byobu ``` - 关于 byobu 的使用,大家可自行搜索一些教程。 + 关于 byobu 的使用,大家可自行搜索一些教程。在 byobu 里运行的程序或命令,不会因为 SSH 断开而终止。 + + 基本键盘操作有: + + ``` + F2:新建虚拟终端窗口 + F3:向左切换窗口 + F4:向右切换窗口 + F6:将 byobu 置于后台。后续可以再次执行 `docker exec -it ansible-for-opengauss byobu` 进入。 + ``` 1. 执行部署 @@ -21,14 +30,14 @@ 1. 部署过程中自动生成的公私钥,以及账号密码,存放在 `ansible-docker/inventories/opengauss/credentials` ``` - ls -l ansible-docker/inventories/opengauss/credentials/ + ls -l ansible-docker/inventories/opengauss/credentials/ total 24 - -rw------- 1 root root 387 9月24日 14:24 openGauss_id_om - -rw-r--r-- 1 root root 82 9月24日 14:24 openGauss_id_om.pub - -rw------- 1 root root 3357 9月24日 14:24 openGauss_id_rsa - -rw-r--r-- 1 root root 726 9月24日 14:24 openGauss_id_rsa.pub - -rw------- 1 root root 21 9月24日 13:36 openGauss_omm_pass - -rw------- 1 root root 17 9月24日 13:36 openGauss_root_pass + -rw------- 1 root root 387 9月24日 14:24 opengauss_id_om + -rw-r--r-- 1 root root 82 9月24日 14:24 opengauss_id_om.pub + -rw------- 1 root root 3357 9月24日 14:24 opengauss_id_rsa + -rw-r--r-- 1 root root 726 9月24日 14:24 opengauss_id_rsa.pub + -rw------- 1 root root 21 9月24日 13:36 opengauss_omm_pass + -rw------- 1 root root 17 9月24日 13:36 opengauss_root_pass ``` # 顺利部署后,你可看到一下输出内容 @@ -40,77 +49,84 @@ 对应的 hosts.ini 分组编排内容 ``` -[openGauss_master] +[opengauss_master] 192.168.56.11 -[openGauss_follower] +[opengauss_follower] -[openGauss_cascade] +[opengauss_cascade] [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ``` ## 1 主 1 从 ![1主1从](imgs/1695614019287.png) + 对应的 hosts.ini 分组编排内容 ``` -[openGauss_master] +[opengauss_master] 192.168.56.12 -[openGauss_follower] +[opengauss_follower] 192.168.56.13 -[openGauss_cascade] +[opengauss_cascade] [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ``` ## 1 主 1 从 1 级联 ![1主1从1级联](imgs/1695614019263.png) + 对应的 hosts.ini 分组编排内容 ``` -[openGauss_master] +[opengauss_master] 192.168.56.14 -[openGauss_follower] +[opengauss_follower] 192.168.56.15 -[openGauss_cascade] +[opengauss_cascade] 192.168.56.16 [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ``` ## 1 主 2 从 ![1主2从](imgs/1695614019240.png) + 对应的 hosts.ini 分组编排内容 ``` -[openGauss_master] +[opengauss_master] 192.168.56.17 -[openGauss_follower] +[opengauss_follower] 192.168.56.18 192.168.56.19 -[openGauss_cascade] +[opengauss_cascade] [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade -``` \ No newline at end of file +opengauss_master +opengauss_follower +opengauss_cascade +``` + +## 集群扩容 + +[扩容](04-expansion.md) \ No newline at end of file diff --git a/docs/04-expansion.md b/docs/04-expansion.md new file mode 100644 index 0000000000000000000000000000000000000000..36605b23989ea500943d876d7440cf3139513f0d --- /dev/null +++ b/docs/04-expansion.md @@ -0,0 +1,54 @@ +# 集群扩容 + +*** !!!注意!!! *** + +*** 扩容有风险,操作前请仔细阅读 https://docs.opengauss.org/zh/docs/5.0.0/docs/ToolandCommandReference/gs_expansion.html *** + +*** 仅建议在部署初期,数据量小的情况下,使用本项目进行扩容。 *** + +## 修改 `ansible-docker\inventories\opengauss\hosts.ini` 文件 + +备机数量不可超过 8 台。 + +假设原编排为 1 主 1 备 1 级联。 + +``` +; 主服务器组,仅设置 1 个目标机。 +[opengauss_master] +192.168.56.11 + +; 从服务器组,可设置若干个或留空。 +[opengauss_follower] +192.168.56.12 + +; 级联服务器组,可设置若干个或留空。 +[opengauss_cascade] +192.168.56.13 + +``` + +增加 2 台备机,1 台级联机,则在对应的组里增加目标服务器。 + +``` +; 主服务器组,仅设置 1 个目标机。 +[opengauss_master] +192.168.56.11 + +; 从服务器组,可设置若干个或留空。 +[opengauss_follower] +192.168.56.12 +192.168.56.14 +192.168.56.16 + +; 级联服务器组,可设置若干个或留空。 +[opengauss_cascade] +192.168.56.13 +192.168.56.15 + +``` + +## 扩容 + +再次执行 `pansible 01-deploy.yml`。 + +![扩容结果](imgs/23-10-13_1155_909.png) \ No newline at end of file diff --git a/docs/imgs/23-10-13_1155_909.png b/docs/imgs/23-10-13_1155_909.png new file mode 100644 index 0000000000000000000000000000000000000000..56a0164387b481e23eb09d94e44412e9116ce004 Binary files /dev/null and b/docs/imgs/23-10-13_1155_909.png differ diff --git a/ansible-docker/inventories/opengauss/group_vars/all/defaults.yml b/inventories/opengauss/group_vars/all/defaults.yml similarity index 100% rename from ansible-docker/inventories/opengauss/group_vars/all/defaults.yml rename to inventories/opengauss/group_vars/all/defaults.yml diff --git a/ansible-docker/inventories/opengauss/hosts.ini b/inventories/opengauss/hosts.ini similarity index 57% rename from ansible-docker/inventories/opengauss/hosts.ini rename to inventories/opengauss/hosts.ini index 51ae057ee351ec7df7c95480ab4af1242c138172..df3cb66121e45a432a2ff9b7c994e9b01ba8ffbc 100644 --- a/ansible-docker/inventories/opengauss/hosts.ini +++ b/inventories/opengauss/hosts.ini @@ -1,20 +1,20 @@ -; 主服务器组,仅设置 1 个目标机。 -[openGauss_master] +; 主机,仅设置 1 个目标机。 +[opengauss_master] 192.168.56.11 -; 从服务器组,可设置若干个或留空。 -[openGauss_follower] +; 备机,可设置若干个或留空。不可大于 8。 +[opengauss_follower] 192.168.56.12 -; 级联服务器组,可设置若干个或留空。 -[openGauss_cascade] +; 级联机,可设置若干个或留空。 +[opengauss_cascade] 192.168.56.13 ; 以上 3 个分组的合并组,勿动。 [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ; 机器的 SSH 信息,请根据你的实际情况修改。 [openGauss:vars] diff --git a/roles/openGauss/README.md b/roles/openGauss/README.md index 722c7285352a3b5a607e00dc004f91456f2de635..a3b44f93b3ec8efc1f1a23fc9291c8fc2e325eac 100644 --- a/roles/openGauss/README.md +++ b/roles/openGauss/README.md @@ -17,7 +17,7 @@ 默认变量 ``` - openGauss_env: + opengauss_env: user_name: omm user_group: dbgrp ``` @@ -25,7 +25,7 @@ 自定义变量文件 `{{ inventory_dir }}/group_vars/openGauss.yml` ``` - openGauss_env: + opengauss_env: user_name: ommo ``` @@ -33,7 +33,7 @@ ``` combined_vars: - openGauss_env: + opengauss_env: user_name: ommo user_group: dbgrp ``` @@ -48,19 +48,19 @@ master 组仅可以配置 1 台机器。follower 可以多台。cascade 可选可为空。 ``` -[openGauss_master] +[opengauss_master] 192.168.56.11 -[openGauss_follower] +[opengauss_follower] 192.168.56.12 -[openGauss_cascade] +[opengauss_cascade] 192.168.56.13 [openGauss:children] -openGauss_master -openGauss_follower -openGauss_cascade +opengauss_master +opengauss_follower +opengauss_cascade ``` # playbook.yml 示例 diff --git a/roles/openGauss/defaults/main.yml b/roles/openGauss/defaults/main.yml index 02883224eae97df2c19b0a520f22ba7e72c9d7c2..127f79ef47675e5da210b5d2339d2c86eda06081 100644 --- a/roles/openGauss/defaults/main.yml +++ b/roles/openGauss/defaults/main.yml @@ -2,25 +2,25 @@ # defaults file for openGauss # 安装版本 -openGauss_version: 5.0.0 +opengauss_version: 5.0.0 # 安装目录 -openGauss_home: /opt/openGauss +opengauss_home: /opt/openGauss -# 其它目录,对应 cluster_config.xml 的内容。具体请看 https://docs.opengauss.org/zh/docs/5.0.0/docs/InstallationGuide/%E5%88%9B%E5%BB%BAXML%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6.html -openGauss_paths: - gaussdbAppPath: "{{ openGauss_home }}/install/app" +# 其它目录,对应 cluster_config.xml 的内容。具体请看 https://docs.opengauss.org/zh/docs/{{ opengauss_version }}/docs/InstallationGuide/%E5%88%9B%E5%BB%BAXML%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6.html +opengauss_paths: + gaussdbAppPath: "{{ opengauss_home }}/install/app" gaussdbLogPath: "/var/log/openGauss" - tmpMppdbPath: "{{ openGauss_home }}/tmp" - corePath: "{{ openGauss_home }}/corefile" - gaussdbToolPath: "{{ openGauss_home }}/install/om" - dataPath: "{{ openGauss_home }}/data" + tmpMppdbPath: "{{ opengauss_home }}/tmp" + corePath: "{{ opengauss_home }}/corefile" + gaussdbToolPath: "{{ opengauss_home }}/install/om" + dataPath: "{{ opengauss_home }}/data" # 环境设置。 -openGauss_env: +opengauss_env: user_name: omm user_group: dbgrp - user_pass: "{{ lookup('password', inventory_dir + '/credentials/openGauss_omm_pass', chars=['ascii_letters', 'digits']) | password_hash }}" + user_pass: "{{ lookup('password', inventory_dir + '/credentials/opengauss_omm_pass', chars=['ascii_letters', 'digits']) | password_hash }}" iface_mtu: 8192 clusterName: openGauss dataPortBase: 15400 @@ -29,24 +29,36 @@ openGauss_env: azName: AZ1 # 数据库安装配置 -openGauss_db_set: +opengauss_db_set: locale: en_US.utf8 - root_pass: "{{ lookup('password', inventory_dir + '/credentials/openGauss_root_pass', chars=['ascii_letters', 'digits'], length=16) }}" + root_pass: "{{ lookup('password', inventory_dir + '/credentials/opengauss_root_pass', chars=['ascii_letters', 'digits'], length=16) }}" # Sysctl 的配置,可自行扩展。 # 参考官方文档->初始化安装环境->配置操作系统参数 -openGauss_sysctl: +opengauss_sysctl: net.ipv4.tcp_retries1: 5 net.ipv4.tcp_syn_retries: 5 net.ipv4.tcp_synack_retries: 5 - net.ipv4.tcp_fin_timeout: 60 + # net.ipv4.tcp_fin_timeout: 60 + # net.ipv4.tcp_max_tw_buckets: 10000 + # net.ipv4.tcp_tw_reuse: 1 + # net.ipv4.tcp_tw_recycle: 1 + # net.ipv4.tcp_keepalive_time: 30 + # net.ipv4.tcp_keepalive_intvl: 30 + # net.ipv4.tcp_retries2: 12 + # net.core.wmem_max: 21299200 + # net.core.rmem_max: 21299200 # 安装包的下载链接。按 CPU 架构、操作系统及版本做区分。例如 openEuler_22 表示是针对 openEuler 22.03 版本的下载链接。 -openGauss_download: - aarch64: - openEuler_22: "https://opengauss.obs.cn-south-1.myhuaweicloud.com/{{ openGauss_version }}/arm_2203/openGauss-{{ openGauss_version }}-openEuler-64bit-all.tar.gz" - openEuler_20: "https://opengauss.obs.cn-south-1.myhuaweicloud.com/{{ openGauss_version }}/arm/openGauss-{{ openGauss_version }}-openEuler-64bit-all.tar.gz" - x86_64: - openEuler_22: "https://opengauss.obs.cn-south-1.myhuaweicloud.com/{{ openGauss_version }}/x86_openEuler_2203/openGauss-{{ openGauss_version }}-openEuler-64bit-all.tar.gz" - openEuler_20: "https://opengauss.obs.cn-south-1.myhuaweicloud.com/{{ openGauss_version }}/x86_openEuler/openGauss-{{ openGauss_version }}-openEuler-64bit-all.tar.gz" - CentOS_7: "https://opengauss.obs.cn-south-1.myhuaweicloud.com/{{ openGauss_version }}/x86/openGauss-{{ openGauss_version }}-CentOS-64bit-all.tar.gz" \ No newline at end of file +ogengauss_dl_server: https://opengauss.obs.cn-south-1.myhuaweicloud.com +opengauss_download: + aarch64: + openeuler_22: "{{ ogengauss_dl_server }}/{{ opengauss_version }}/arm_2203/openGauss-{{ opengauss_version }}-openEuler-64bit-all.tar.gz" + openeuler_20: "{{ ogengauss_dl_server }}/{{ opengauss_version }}/arm/openGauss-{{ opengauss_version }}-openEuler-64bit-all.tar.gz" + x86_64: + openeuler_22: "{{ ogengauss_dl_server }}/{{ opengauss_version }}/x86_openEuler_2203/openGauss-{{ opengauss_version }}-openEuler-64bit-all.tar.gz" + openeuler_20: "{{ ogengauss_dl_server }}/{{ opengauss_version }}/x86_openEuler/openGauss-{{ opengauss_version }}-openEuler-64bit-all.tar.gz" + centos_7: "{{ ogengauss_dl_server }}/{{ opengauss_version }}/x86/openGauss-{{ opengauss_version }}-CentOS-64bit-all.tar.gz" + +# 初始化 og_expansion 值 +og_expansion: false diff --git a/roles/openGauss/handlers/main.yml b/roles/openGauss/handlers/main.yml index b24a3cd7b499c1e177621bc0218fa1da25f73bae..798c84c1f2b8267e21a3e6a7a47bc289ec091699 100644 --- a/roles/openGauss/handlers/main.yml +++ b/roles/openGauss/handlers/main.yml @@ -1,2 +1,7 @@ --- # handlers file for openGauss +- name: Restart systemd-logind.service + ansible.builtin.service: + name: systemd-logind + state: restarted + enabled: true \ No newline at end of file diff --git a/roles/openGauss/tasks/deploy/add_auth.yml b/roles/openGauss/tasks/deploy/add_auth.yml new file mode 100644 index 0000000000000000000000000000000000000000..fd6c2b52f29cff2209f6e5b8bed88a44df0bfa5a --- /dev/null +++ b/roles/openGauss/tasks/deploy/add_auth.yml @@ -0,0 +1,23 @@ +- name: Add authorized key for root + ansible.posix.authorized_key: + user: "root" + state: present + key: "{{ lookup('file', pub_key) }}" + with_fileglob: + - "{{ inventory_dir }}/credentials/opengauss_id*.pub" + loop_control: + loop_var: pub_key + label: "/root/.ssh/{{ pub_key | basename | replace('opengauss_', '') }}" + delegate_to: "{{ node }}" + +- name: "Add authorized key for {{ og_user }}" + ansible.posix.authorized_key: + user: "{{ og_user }}" + state: present + key: "{{ lookup('file', pub_key) }}" + with_fileglob: + - "{{ inventory_dir }}/credentials/opengauss_id*.pub" + loop_control: + loop_var: pub_key + label: "/home/{{ og_user }}/.ssh/{{ pub_key | basename | replace('opengauss_', '') }}" + delegate_to: "{{ node }}" diff --git a/roles/openGauss/tasks/deploy/install.yml b/roles/openGauss/tasks/deploy/install.yml new file mode 100644 index 0000000000000000000000000000000000000000..6f76ace3f3a4efbf5a5e0ee58268eae3e60f0ce6 --- /dev/null +++ b/roles/openGauss/tasks/deploy/install.yml @@ -0,0 +1,59 @@ +- name: "Create cluster_config.xml under {{ og_upload_path }}" + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ og_upload_path }}/cluster_config.xml" + owner: "{{ og_user }}" + group: "{{ og_group }}" + mode: "0600" + backup: true + lstrip_blocks: true + with_first_found: + - "{{ inventory_dir }}/templates/cluster_config.xml.j2" + - "cluster_config.xml.j2" + +- debug: + msg: "{{ og_expansion }}" + +- name: First time deploy + when: "not og_expansion" + block: + - name: Starting pre install + ansible.builtin.command: "python3 gs_preinstall -U {{ og_user }} -G {{ og_group }} -X {{ og_upload_path }}/cluster_config.xml --non-interactive" + changed_when: false + args: + chdir: "{{ og_upload_path }}/script" + + - name: Deploy openGauss + ansible.builtin.shell: | + . /home/{{ og_user }}/.bashrc && \ + python3 gs_install \ + -X {{ og_upload_path }}/cluster_config.xml \ + --gsinit-parameter="--pwpasswd={{ combined_vars.opengauss_db_set.root_pass }}" + changed_when: false + args: + chdir: "{{ og_home }}/install/om/script" + become_user: "{{ og_user }}" + +- name: Expand cluster + when: "og_expansion" + block: + - name: Get cluster status detail + ansible.builtin.command: "gs_om -t status --detail" + changed_when: false + become_user: "{{ og_user }}" + register: cluster_status + + - name: Starting expand + ansible.builtin.shell: >- + . /home/{{ og_user }}/.bashrc && + python3 gs_expansion -U {{ og_user }} -G {{ og_group }} -X {{ og_upload_path }}/cluster_config.xml -h {{ expansion_list }} + args: + chdir: "{{ og_upload_path }}/script" + vars: + expansion_list: >- + {%- for node in og_all_nodes + if node not in cluster_status.stdout + -%} + {{ node }}{{ (loop.nextitem is defined) | ternary(',', '') }} + {%- endfor -%} + changed_when: false diff --git a/roles/openGauss/tasks/deploy/known_hosts.yml b/roles/openGauss/tasks/deploy/known_hosts.yml new file mode 100644 index 0000000000000000000000000000000000000000..5d4d0167a3e1d7a2acbc18fffe293608e04108f5 --- /dev/null +++ b/roles/openGauss/tasks/deploy/known_hosts.yml @@ -0,0 +1,17 @@ +- name: "Update known_hosts" + ansible.builtin.blockinfile: + path: "{{ og_ssh.home }}/.ssh/known_hosts" + owner: "{{ og_ssh.user }}" + group: "{{ og_ssh.group }}" + create: true + mode: "0644" + block: | + {% for key in (host_keys | sort) %} + {{ key }} + {% endfor %} + vars: + host_keys: "{{ known_host_keys.results | map(attribute='stdout_lines') | flatten }}" + loop: "{{ og_all_nodes }}" + loop_control: + loop_var: node + delegate_to: "{{ node }}" diff --git a/roles/openGauss/tasks/deploy/main.yml b/roles/openGauss/tasks/deploy/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..620b7210984d94aeca5b095cf7991705c91e0700 --- /dev/null +++ b/roles/openGauss/tasks/deploy/main.yml @@ -0,0 +1,39 @@ +- name: Scan hosts key + ansible.builtin.command: "ssh-keyscan -p {{ host_port }} {{ node }},og{{ node | ipaddr('int') }}" + changed_when: false + loop: "{{ og_all_nodes }}" + loop_control: + loop_var: node + vars: + host_port: "{{ ansible_ssh_port | default('22') }}" + register: known_host_keys + +- name: Config known hosts + ansible.builtin.include_tasks: deploy/known_hosts.yml + with_items: + - user: root + group: root + home: /root + - user: "{{ og_user }}" + group: "{{ og_group }}" + home: "/home/{{ og_user }}" + loop_control: + loop_var: og_ssh + +- name: Config authorized keys + ansible.builtin.include_tasks: deploy/add_auth.yml + loop: "{{ og_all_nodes }}" + loop_control: + loop_var: node + +- name: Check gs_om command + ansible.builtin.shell: "which gs_om || echo 'not installed'" + changed_when: false + register: gs_com_st + +- name: Upload packages + ansible.builtin.import_tasks: deploy/upload.yml + when: "'not installed' in gs_com_st.stdout_lines" + +- name: Start install + ansible.builtin.import_tasks: deploy/install.yml diff --git a/roles/openGauss/tasks/install/upload.yml b/roles/openGauss/tasks/deploy/upload.yml similarity index 44% rename from roles/openGauss/tasks/install/upload.yml rename to roles/openGauss/tasks/deploy/upload.yml index 1df27c90b52477f96c235ad66ab87da1a8405332..59c97d420c7e5b5ddc786c6a7d58a437deaea8d3 100644 --- a/roles/openGauss/tasks/install/upload.yml +++ b/roles/openGauss/tasks/deploy/upload.yml @@ -1,43 +1,39 @@ - name: Upload and extract files block: - - name: Create /opt/software/openGauss - file: - path: /opt/software/openGauss + - name: "Create {{ og_upload_path }}" + ansible.builtin.file: + path: "{{ og_upload_path }}" state: directory - # owner: "{{ og_user }}" - # group: "{{ og_group }}" - recurse: true + mode: "0755" - name: "Extracting {{ og_pkg_url | basename }}" - unarchive: + ansible.builtin.unarchive: src: "{{ playbook_dir }}/downloaded_files/{{ og_pkg_url | basename }}" - dest: /opt/software/openGauss/ - # owner: "{{ og_user }}" - # group: "{{ og_group }}" + dest: "{{ og_upload_path }}/" - name: "Extracting {{ og_pkg_url | basename | replace('all', 'om') }}" - unarchive: + ansible.builtin.unarchive: remote_src: true - src: "/opt/software/openGauss/{{ og_pkg_url | basename | replace('all', 'om') }}" - dest: "/opt/software/openGauss/" - # owner: "{{ og_user }}" - # group: "{{ og_group }}" + src: "{{ og_upload_path }}/{{ og_pkg_url | basename | replace('all', 'om') }}" + dest: "{{ og_upload_path }}/" rescue: - name: "Get {{ og_pkg_url }}" + run_once: true + delegate_to: localhost + become: false block: - - name: "Create {{ playbook_dir }}/downloaded_files" - file: + - name: "Create path 'downloaded_files' in {{ playbook_dir }}" + ansible.builtin.file: path: "{{ playbook_dir }}/downloaded_files" state: directory + mode: "0755" - name: Downloading - get_url: + ansible.builtin.get_url: url: "{{ og_pkg_url }}" - dest: "{{ playbook_dir }}/downloaded_files/" - run_once: true - delegate_to: localhost - become: false - - - include_tasks: install/upload.yml + dest: "{{ playbook_dir }}/downloaded_files/{{ og_pkg_url | basename }}" + mode: "0644" + - name: Repeat tasks + ansible.builtin.include_tasks: deploy/upload.yml diff --git a/roles/openGauss/tasks/install/cleanup.yml b/roles/openGauss/tasks/install/cleanup.yml deleted file mode 100644 index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..0000000000000000000000000000000000000000 diff --git a/roles/openGauss/tasks/install/install.yml b/roles/openGauss/tasks/install/install.yml deleted file mode 100644 index 5ed42258ce5d2a89b528dfc8d6d7b52b3a096ebe..0000000000000000000000000000000000000000 --- a/roles/openGauss/tasks/install/install.yml +++ /dev/null @@ -1,27 +0,0 @@ -- name: Create /opt/software/openGauss/cluster_config.xml - template: - src: "{{ item }}" - dest: "/opt/software/openGauss/cluster_config.xml" - owner: "{{ og_user }}" - group: "{{ og_group }}" - backup: true - lstrip_blocks: true - with_first_found: - - "{{ inventory_dir }}/templates/cluster_config.xml.j2" - - "cluster_config.xml.j2" - -- name: Starting pre install - command: "python3 gs_preinstall -U {{ og_user }} -G {{ og_group }} -X /opt/software/openGauss/cluster_config.xml --non-interactive" - args: - chdir: "/opt/software/openGauss/script" - changed_when: false - -- name: Deploy openGauss - shell: | - . ~/.bashrc && \ - python3 gs_install \ - -X /opt/software/openGauss/cluster_config.xml \ - --gsinit-parameter="--pwpasswd={{ combined_vars.openGauss_db_set.root_pass }}" - args: - chdir: "{{ og_home }}/install/om/script" - become_user: "{{ og_user }}" diff --git a/roles/openGauss/tasks/install/ssh.yml b/roles/openGauss/tasks/install/ssh.yml deleted file mode 100644 index 757a82ca8c65e3ec90e4d6187e9241867ae81156..0000000000000000000000000000000000000000 --- a/roles/openGauss/tasks/install/ssh.yml +++ /dev/null @@ -1,88 +0,0 @@ -- name: "Create {{ og_ssh.home }}/.ssh" - file: - path: "{{ og_ssh.home }}/.ssh" - state: directory - mode: 0700 - owner: "{{ og_ssh.user }}" - group: "{{ og_ssh.group }}" - -- name: Generate ssh keys - block: - - name: "Create {{ inventory_dir }}/credentials" - file: - path: "{{ inventory_dir }}/credentials" - state: directory - - - name: Generate openGauss_id_om - openssh_keypair: - path: "{{ inventory_dir }}/credentials/openGauss_id_om" - type: ed25519 - regenerate: never - - - name: Generate openGauss_id_rsa - openssh_keypair: - path: "{{ inventory_dir }}/credentials/openGauss_id_rsa" - regenerate: never - delegate_to: localhost - become: false - run_once: true - -- name: Upload ssh keys - copy: - src: "{{ og_key }}" - dest: "{{ og_ssh.home }}/.ssh/{{ og_key | basename | replace('openGauss_', '') }}" - mode: 0400 - owner: "{{ og_ssh.user }}" - group: "{{ og_ssh.group }}" - backup: true - with_fileglob: - - "{{ inventory_dir }}/credentials/openGauss_id*" - loop_control: - loop_var: og_key - label: "{{ og_ssh.home }}/.ssh/{{ og_key | basename | replace('openGauss_', '') }}" - -- name: Add authorized key - authorized_key: - user: "{{ og_ssh.user }}" - state: present - key: "{{ lookup('file', pub_key) }}" - with_fileglob: - - "{{ inventory_dir }}/credentials/openGauss_id*.pub" - loop_control: - loop_var: pub_key - label: "{{ og_ssh.home }}/.ssh/{{ pub_key | basename | replace('openGauss_', '') }}" - -# - name: "Setup {{ og_ssh.home }}/.ssh/config" -# blockinfile: -# create: true -# path: "{{ og_ssh.home }}/.ssh/config" -# owner: "{{ og_ssh.user }}" -# group: "{{ og_ssh.group }}" -# block: | -# Host * -# StrictHostKeyChecking no -# UserKnownHostsFile /dev/null - -- name: Scan hosts key - command: "ssh-keyscan -p {{ port }} {{ node }},opengauss{{ ansible_loop.index }}" - changed_when: false - loop: "{{ groups['openGauss'] | sort }}" - loop_control: - loop_var: node - extended: true - vars: - port: "{{ ansible_ssh_port | default('22') }}" - register: known_host_keys - -- name: "Update {{ og_ssh.home }}/.ssh/known_hosts" - blockinfile: - path: "{{ og_ssh.home }}/.ssh/known_hosts" - owner: "{{ og_ssh.user }}" - group: "{{ og_ssh.group }}" - create: true - block: | - {% for key in (host_keys | sort) %} - {{ key }} - {% endfor %} - vars: - host_keys: "{{ known_host_keys.results | map(attribute='stdout_lines') | flatten }}" \ No newline at end of file diff --git a/roles/openGauss/tasks/main.yml b/roles/openGauss/tasks/main.yml index 81e64f31ae73c728b7e4866038aad27bdc7a90d1..df9b701debea28726a58a6e192a5b35c9faf6cd3 100644 --- a/roles/openGauss/tasks/main.yml +++ b/roles/openGauss/tasks/main.yml @@ -1,92 +1,66 @@ --- # tasks file for openGauss - + - name: Tasks always run + tags: always block: - name: Combine vars - import_role: + ansible.builtin.import_role: name: "pre-tasks" tasks_from: "vars_combine.yml" - name: Set runtime facts - import_tasks: runtime_facts.yml - - - name: Config /etc/sysctl.d/50-opengauss.conf - sysctl: - sysctl_file: /etc/sysctl.d/50-opengauss.conf - name: "{{ sysctl.key }}" - value: "{{ sysctl.value }}" - with_dict: "{{ combined_vars.openGauss_sysctl }}" - loop_control: - label: "{{ sysctl.key }} = {{ sysctl.value }}" - loop_var: sysctl - tags: always + ansible.builtin.import_tasks: runtime_facts.yml -- name: Deploy openGauss +- name: Deploy cluster block: - name: Check cluster status - shell: ". ~/.bashrc && gs_om -t status --detail" + ansible.builtin.command: "gs_om -t status" changed_when: false - args: - chdir: "{{ og_home }}/install/om/script" become_user: "{{ og_user }}" + delegate_to: "{{ og_master }}" run_once: true - register: cluster_detail rescue: - - name: Common sets for all distribution - import_tasks: os/common_set.yml + - name: Start pre tasks + ansible.builtin.import_tasks: pre_tasks.yml - - name: Custom sets by distribution - include_tasks: "{{ item }}" - with_first_found: - - "os/{{ ansible_distribution }}.yml" - - "os/not_supported.yml" + - name: Start deploy + run_once: true + delegate_to: "{{ og_master }}" + ansible.builtin.import_tasks: deploy/main.yml - - name: Custom sets by os family - include_tasks: "{{ item }}" - with_first_found: - - "os/{{ ansible_os_family }}.yml" - - "os/not_supported.yml" +- name: Expand cluster + block: + - name: Check node status + ansible.builtin.command: "gs_om -t status --detail -h {{ og_hostname }}" + changed_when: false + become_user: "{{ og_user }}" + delegate_to: "{{ og_master }}" + register: check_node + when: "inventory_hostname != og_master" - - import_tasks: install/user.yml + rescue: + - name: Hosts below will be added into cluster + ansible.builtin.set_fact: + og_expansion: true + when: + - "check_node is defined" + - "check_node is failed" - - include_tasks: install/ssh.yml - with_items: - - user: root - group: root - home: /root - - user: "{{ og_user }}" - group: "{{ og_group }}" - home: "/home/{{ og_user }}" - loop_control: - loop_var: og_ssh + - name: Start pre tasks + ansible.builtin.import_tasks: pre_tasks.yml - - block: - - import_tasks: install/upload.yml - - import_tasks: install/install.yml + - name: Start deploy run_once: true - - - name: Check cluster status - shell: ". ~/.bashrc && gs_om -t status --detail" - changed_when: false - args: - chdir: "{{ og_home }}/install/om/script" - become_user: "{{ og_user }}" - run_once: true - register: cluster_detail + delegate_to: "{{ og_master }}" + ansible.builtin.import_tasks: deploy/main.yml + +- name: Run post tasks + ansible.builtin.import_tasks: post_tasks.yml - always: - - name: Remove authorized key - authorized_key: - user: root - state: absent - key: "{{ lookup('file', item) }}" - with_fileglob: - - "{{ inventory_dir }}/credentials/openGauss_id_*.pub" - - - name: Print cluster detail - debug: - msg: | - {{ cluster_detail.stdout_lines }} - run_once: true \ No newline at end of file +- name: Generate reports + ansible.builtin.import_tasks: report.yml + tags: + - never + - report diff --git a/roles/openGauss/tasks/os/CentOS.yml b/roles/openGauss/tasks/os/CentOS.yml index eb44c2ff3c3657fcf68717bee0c4964c24d0bbc0..b13380540dfa7ab261446794ea40b03501c17eea 100644 --- a/roles/openGauss/tasks/os/CentOS.yml +++ b/roles/openGauss/tasks/os/CentOS.yml @@ -1,19 +1,11 @@ - name: Install epel-release - package: + ansible.builtin.package: name: epel-release - + use: "{{ custom_pkg_mgr | default(ansible_pkg_mgr) }}" + - name: Install dependencies - package: + ansible.builtin.package: name: - python36 - - libaio-devel - - flex - - bison - - ncurses-devel - - glibc-devel - - patch - redhat-lsb-core - - readline-devel - - nano - - htop - + use: "{{ custom_pkg_mgr | default(ansible_pkg_mgr) }}" diff --git a/roles/openGauss/tasks/os/RedHat.yml b/roles/openGauss/tasks/os/RedHat.yml index 7fa8834e1362ed6738c3dbdeaf8942e55d466670..84b7ad6d9271025e24f80223c67c7d835f8f02b4 100644 --- a/roles/openGauss/tasks/os/RedHat.yml +++ b/roles/openGauss/tasks/os/RedHat.yml @@ -1,5 +1,5 @@ - name: Disable firewalld - service: + ansible.builtin.service: name: firewalld state: stopped enabled: false @@ -9,6 +9,7 @@ path: "/etc/sysconfig/network-scripts/ifcfg-{{ og_back_iface }}" section: null option: MTU - value: "{{ combined_vars.openGauss_env.iface_mtu }}" + value: "{{ combined_vars.opengauss_env.iface_mtu }}" backup: true - no_extra_spaces: true \ No newline at end of file + no_extra_spaces: true + mode: "0600" diff --git a/roles/openGauss/tasks/os/common_set.yml b/roles/openGauss/tasks/os/common_set.yml index 5f1e5f10bda9ea657edae86033d2dc71f084b44d..058df6c740996fc8715afbdbb5bb02226dafc66e 100644 --- a/roles/openGauss/tasks/os/common_set.yml +++ b/roles/openGauss/tasks/os/common_set.yml @@ -1,15 +1,9 @@ - name: Set hostname - hostname: - name: "opengauss{{ ansible_loop.index }}" - loop: "{{ groups['openGauss'] | sort }}" - loop_control: - extended: true - loop_var: node - label: "opengauss{{ ansible_loop.index }}" - when: "node == inventory_hostname" + ansible.builtin.hostname: + name: "{{ og_hostname }}" - name: Disable selinux - selinux: + ansible.posix.selinux: state: disabled when: "ansible_selinux.status != 'disabled'" @@ -22,57 +16,81 @@ path: /etc/systemd/logind.conf section: Login option: RemoveIPC - value: 'no' + value: "no" + mode: "0644" - name: Config /usr/lib/systemd/system/systemd-logind.service ini_file: path: /usr/lib/systemd/system/systemd-logind.service section: Service option: RemoveIPC - value: 'no' - register: systemd_logind + value: "no" + mode: "0644" + notify: Restart systemd-logind.service -- name: Restart systemd-logind.service - service: - name: systemd-logind - state: restarted - enabled: true - when: "systemd_logind is changed" +- name: Flush handlers + ansible.builtin.meta: flush_handlers - name: Disable history command logs - lineinfile: + ansible.builtin.lineinfile: path: /etc/profile line: "HISTSIZE=0" regex: "^HISTSIZE=" backup: true - name: Install dependencies - package: + ansible.builtin.package: name: - bzip2 - expect - net-tools - state: latest + - ntp + - tar + - gzip + - readline-devel + - patch + - ncurses-devel + - libaio-devel + - glibc-devel + - flex + - bison + - nano + - htop update_cache: true + use: "{{ custom_pkg_mgr | default(ansible_pkg_mgr) }}" + +- name: Enable ntpd service + ansible.builtin.service: + name: ntpd + state: started + enabled: true - name: Config /etc/hosts - blockinfile: + ansible.builtin.blockinfile: path: /etc/hosts marker: "# {mark} OPENGAUSS NODES" block: | - {% for node in (groups['openGauss'] | sort) %} - {{ node }} opengauss{{ loop.index }} #Gauss OM IP Hosts Mapping + {% for node in og_all_nodes %} + {{ node }} og{{ node | ipaddr('int') }} og-{{ node | replace('.', '-') }} {% endfor %} + delegate_to: "{{ node }}" + loop: "{{ og_all_nodes }}" + loop_control: + loop_var: node + run_once: true -- name: Get iface name - shell: "ip a | grep {{ backIp1 | default(inventory_hostname) }} | awk '{print $NF}'" +- name: Get backIp1's iface name + ansible.builtin.shell: + cmd: | + set -o pipefail + ip a | grep {{ backIp1 | default(inventory_hostname) }} | awk '{print $NF}' changed_when: false - register: backIface + register: backiface -- name: Set og_back_iface - set_fact: - og_back_iface: "{{ backIface.stdout | trim }}" +- name: "The backIp1's is {{ backiface.stdout | trim }}" + ansible.builtin.set_fact: + og_back_iface: "{{ backiface.stdout | trim }}" -- name: Config MTU on the fly - command: "ifconfig {{ og_back_iface }} mtu {{ combined_vars.openGauss_env.iface_mtu }}" - changed_when: false \ No newline at end of file +- name: "Set MTU on the fly: {{ combined_vars.opengauss_env.iface_mtu }}" + ansible.builtin.command: "ifconfig {{ og_back_iface }} mtu {{ combined_vars.opengauss_env.iface_mtu }}" + changed_when: false diff --git a/roles/openGauss/tasks/os/not_supported.yml b/roles/openGauss/tasks/os/not_supported.yml index 253883e703099590ffebd3ff7a6a4162818569c0..c12617523821d0aa37a20fdf8abf2941e10af3e2 100644 --- a/roles/openGauss/tasks/os/not_supported.yml +++ b/roles/openGauss/tasks/os/not_supported.yml @@ -1,5 +1,6 @@ -- debug: +- name: Unsupported distribution + ansible.builtin.debug: msg: "'{{ ansible_distribution }}' is not supported" -- name: Play aborted - meta: end_play \ No newline at end of file +- name: End the play + ansible.builtin.meta: end_play diff --git a/roles/openGauss/tasks/os/openEuler.yml b/roles/openGauss/tasks/os/openEuler.yml new file mode 100644 index 0000000000000000000000000000000000000000..f0ecedb751b11f39d08b848580652ee29a4b5660 --- /dev/null +++ b/roles/openGauss/tasks/os/openEuler.yml @@ -0,0 +1,12 @@ +- name: Install dependencies + ansible.builtin.package: + name: + - libnsl + - readline-devel + use: "{{ custom_pkg_mgr | default(ansible_pkg_mgr) }}" + +- name: Create soft link + ansible.builtin.file: + src: /lib64/libreadline.so.8 + dest: "/lib64/libreadline.so.7" + state: link diff --git a/roles/openGauss/tasks/os/ssh.yml b/roles/openGauss/tasks/os/ssh.yml new file mode 100644 index 0000000000000000000000000000000000000000..c95055121cb220366091229262b30fbf4d78934d --- /dev/null +++ b/roles/openGauss/tasks/os/ssh.yml @@ -0,0 +1,64 @@ +- name: Config ssh on host + block: + - name: "Create {{ og_ssh.home }}/.ssh" + file: + path: "{{ og_ssh.home }}/.ssh" + state: directory + mode: 0700 + owner: "{{ og_ssh.user }}" + group: "{{ og_ssh.group }}" + + - name: Upload ssh keys + copy: + src: "{{ og_key }}" + dest: "{{ og_ssh.home }}/.ssh/{{ og_key | basename | replace('opengauss_', '') }}" + mode: 0400 + owner: "{{ og_ssh.user }}" + group: "{{ og_ssh.group }}" + backup: true + with_fileglob: + - "{{ inventory_dir }}/credentials/opengauss_id*" + loop_control: + loop_var: og_key + label: "{{ og_ssh.home }}/.ssh/{{ og_key | basename | replace('opengauss_', '') }}" + register: keys_list + + - name: Failed when no keys founded + fail: + msg: "SSH keys not existed" + when: "keys_list.skipped" + + # - name: Add authorized key + # authorized_key: + # user: "{{ og_ssh.user }}" + # state: present + # key: "{{ lookup('file', pub_key) }}" + # with_fileglob: + # - "{{ inventory_dir }}/credentials/opengauss_id*.pub" + # loop_control: + # loop_var: pub_key + # label: "{{ og_ssh.home }}/.ssh/{{ pub_key | basename | replace('opengauss_', '') }}" + + rescue: + - name: Generate ssh keys + block: + - name: "Create {{ inventory_dir }}/credentials" + file: + path: "{{ inventory_dir }}/credentials" + state: directory + + - name: Generate opengauss_id_om + openssh_keypair: + path: "{{ inventory_dir }}/credentials/opengauss_id_om" + type: ed25519 + regenerate: never + + - name: Generate opengauss_id_rsa + openssh_keypair: + path: "{{ inventory_dir }}/credentials/opengauss_id_rsa" + regenerate: never + delegate_to: localhost + become: false + run_once: true + + - include_tasks: os/ssh.yml \ No newline at end of file diff --git a/roles/openGauss/tasks/install/user.yml b/roles/openGauss/tasks/os/user.yml similarity index 35% rename from roles/openGauss/tasks/install/user.yml rename to roles/openGauss/tasks/os/user.yml index cc69a0a45c2e0b5f0a23605fa1108c725262a7bc..cdcd6f44c4b97a11ae6ed49762736a1c380a173a 100644 --- a/roles/openGauss/tasks/install/user.yml +++ b/roles/openGauss/tasks/os/user.yml @@ -6,23 +6,21 @@ user: name: "{{ og_user }}" group: "{{ og_group }}" - shell: "{{ ansible_user_shell }}" + shell: "/bin/bash" password: "{{ og_user_pass }}" update_password: on_create -# - name: Touch user profile -# file: -# path: "/home/{{ og_user }}/.bashrc" -# state: touch -# owner: "{{ og_user }}" -# group: "{{ og_group }}" +- name: "Fix home permission in some cases" + file: + path: "/home/{{ og_user }}" + state: directory + owner: "{{ og_user }}" + group: "{{ og_group }}" + recurse: true -# - name: Create paths -# file: -# path: "{{ openGauss_home }}/install" -# state: directory -# owner: "{{ og_user }}" -# group: "{{ og_group }}" -# # with_dict: "{{ og_paths }}" -# # loop_control: -# # label: "{{ item.value }}" \ No newline at end of file +- name: "Touch /home/{{ og_user }}/.bashrc" + file: + path: "/home/{{ og_user }}/.bashrc" + state: touch + owner: "{{ og_user }}" + group: "{{ og_group }}" \ No newline at end of file diff --git a/roles/openGauss/tasks/post_tasks.yml b/roles/openGauss/tasks/post_tasks.yml new file mode 100644 index 0000000000000000000000000000000000000000..1d165c9b24f6dae82b59e6825aedcbcf0b3f956c --- /dev/null +++ b/roles/openGauss/tasks/post_tasks.yml @@ -0,0 +1,31 @@ +- name: Config /etc/sysctl.d/50-opengauss.conf + ansible.posix.sysctl: + sysctl_file: /etc/sysctl.d/50-opengauss.conf + name: "{{ sysctl.key }}" + value: "{{ sysctl.value }}" + with_dict: "{{ combined_vars.opengauss_sysctl }}" + loop_control: + label: "{{ sysctl.key }} = {{ sysctl.value }}" + loop_var: sysctl + +- name: Remove authorized key + ansible.posix.authorized_key: + user: root + state: absent + key: "{{ lookup('file', item) }}" + with_fileglob: + - "{{ inventory_dir }}/credentials/opengauss_id_*.pub" + +- name: Check and print + run_once: true + block: + - name: Check cluster status + ansible.builtin.command: "gs_om -t status --detail" + changed_when: false + become_user: "{{ og_user }}" + register: cluster_status + + - name: Print cluster detail + ansible.builtin.debug: + msg: | + {{ cluster_status.stdout_lines }} diff --git a/roles/openGauss/tasks/pre_tasks.yml b/roles/openGauss/tasks/pre_tasks.yml new file mode 100644 index 0000000000000000000000000000000000000000..fa2c03487cd650bbda17ca261466b208ca2e36ec --- /dev/null +++ b/roles/openGauss/tasks/pre_tasks.yml @@ -0,0 +1,29 @@ +- name: "Custom sets for {{ ansible_distribution }}" + ansible.builtin.include_tasks: "{{ item }}" + with_first_found: + - "os/{{ ansible_distribution | replace(' ', '_') }}.yml" + - "os/not_supported.yml" + +- name: Common sets for all distribution + ansible.builtin.import_tasks: os/common_set.yml + +- name: "Custom sets for {{ ansible_os_family }}" + ansible.builtin.include_tasks: "{{ item }}" + with_first_found: + - "os/{{ ansible_os_family }}.yml" + - "os/not_supported.yml" + +- name: Config user on hosts + ansible.builtin.import_tasks: os/user.yml + +- name: Config ssh on hosts + ansible.builtin.include_tasks: os/ssh.yml + with_items: + - user: root + group: root + home: /root + - user: "{{ og_user }}" + group: "{{ og_group }}" + home: "/home/{{ og_user }}" + loop_control: + loop_var: og_ssh diff --git a/roles/openGauss/tasks/report.yml b/roles/openGauss/tasks/report.yml new file mode 100644 index 0000000000000000000000000000000000000000..eb5b13f039537ef25c7af1e9dbc2e6dd82e11807 --- /dev/null +++ b/roles/openGauss/tasks/report.yml @@ -0,0 +1,9 @@ +- name: Generating performance report + command: "{{ python_name }} gs_checkperf --detail -o {{ opengauss_home }}/perf.txt" + changed_when: false + +- name: "Fetch {{ opengauss_home }}/perf.txt to {{ inventory_dir }}/report/" + fetch: + src: "{{ opengauss_home }}/perf.txt" + dest: "{{ inventory_dir }}/report/" + flat: true \ No newline at end of file diff --git a/roles/openGauss/tasks/runtime_facts.yml b/roles/openGauss/tasks/runtime_facts.yml index 9006508f5e2f60538fc49d25a846fb0322bd7be1..e08cf82f2abe1e9facf29a36551ef3cd49f30f45 100644 --- a/roles/openGauss/tasks/runtime_facts.yml +++ b/roles/openGauss/tasks/runtime_facts.yml @@ -1,19 +1,27 @@ -- name: Set runtime facts - set_fact: - og_user: "{{ combined_vars.openGauss_env.user_name }}" - og_group: "{{ combined_vars.openGauss_env.user_group }}" - og_user_pass: "{{ combined_vars.openGauss_env.user_pass }}" - og_home: "{{ combined_vars.openGauss_home }}" - og_paths: "{{ combined_vars.openGauss_paths }}" - og_pkg_url: "{{ combined_vars.openGauss_download[ansible_architecture][ansible_distribution + '_' + ansible_distribution_major_version] }}" - og_ver: "{{ combined_vars.openGauss_version }}" - og_ip_list: "{{ groups['openGauss'] | sort | join(',') }}" +- name: Set runtime facts - 1 + ansible.builtin.set_fact: + og_user: "{{ combined_vars.opengauss_env.user_name }}" + og_group: "{{ combined_vars.opengauss_env.user_group }}" + og_user_pass: "{{ combined_vars.opengauss_env.user_pass }}" + og_home: "{{ combined_vars.opengauss_home }}" + og_paths: "{{ combined_vars.opengauss_paths }}" + og_pkg_url: >- + {{ combined_vars.opengauss_download + [ansible_architecture] + [(ansible_distribution | replace(' ', '_') | lower) + + '_' + + ansible_distribution_major_version] }} + og_ver: "{{ combined_vars.opengauss_version }}" + og_hostname: "og{{ inventory_hostname | ipaddr('int') }}" + og_data_path: "{{ combined_vars.opengauss_paths.dataPath }}" + og_all_nodes: "{{ groups['openGauss'] | sort }}" + og_master: "{{ groups['opengauss_master'] | first }}" + +- name: Set runtime facts - 2 + ansible.builtin.set_fact: + og_upload_path: "/opt/software/{{ og_pkg_url | dirname | basename }}_{{ og_pkg_url | basename | replace('.tar.gz', '') }}" og_host_list: >- - {%- for cm_node in (groups['openGauss'] | sort) -%} - opengauss{{ loop.index }}{{ (loop.nextitem is defined) | ternary(',', '') }} + {%- for node in og_all_nodes -%} + og{{ node | ipaddr('int') }}{{ (loop.nextitem is defined) | ternary(',', '') }} {%- endfor -%} - og_hostname: >- - {%- for cm_node in (groups['openGauss'] | sort) if cm_node == inventory_hostname -%} - opengauss{{ loop.index }} - {%- endfor -%} - og_data_path: "{{ combined_vars.openGauss_paths.dataPath }}" + og_ip_list: "{{ og_all_nodes | join(',') }}" diff --git a/roles/openGauss/templates/cluster_config.xml.j2 b/roles/openGauss/templates/cluster_config.xml.j2 index 8485733e91c9018bd42258473b0538c7aed80fa5..ed6f4d75bcfbef2bebf38b5c5b0fe2a19b6d00e4 100644 --- a/roles/openGauss/templates/cluster_config.xml.j2 +++ b/roles/openGauss/templates/cluster_config.xml.j2 @@ -1,56 +1,58 @@ - + - - - - - + + + + + - - -{% for node in (groups['openGauss'] | sort) %} - - - + +{% for node in og_all_nodes %} + + + -{% if node in groups['openGauss_master'] %} +{% if node in groups['opengauss_master'] %} {% if (groups['openGauss'] | count) > 2 %} - - - - - - - - - + + + + + + + + + {% endif %} {% endif %} -{% if node not in groups['openGauss_master'] - and (groups['openGauss'] | count) > 2 %} - - +{% + if node not in groups['opengauss_master'] + and (groups['openGauss'] | count) > 2 +%} + + + - {% if node in groups['openGauss_cascade'] %} + {% if node in groups['opengauss_cascade'] %} {% endif %} {% endif %} diff --git a/roles/pre-tasks/tasks/main.yml b/roles/pre-tasks/tasks/main.yml index d52820f31a71853b9a4a76bd833697ccfe2ee7a4..12ade9c3fe0815c6e372ebff84f07911cd2f588c 100644 --- a/roles/pre-tasks/tasks/main.yml +++ b/roles/pre-tasks/tasks/main.yml @@ -34,6 +34,6 @@ - include_tasks: "{{ item }}" with_first_found: - files: - - "{{ ansible_distribution }}.yml" - - "{{ ansible_os_family }}.yml" + - "os/{{ ansible_distribution }}.yml" + - "os/{{ ansible_os_family }}.yml" skip: true diff --git a/roles/pre-tasks/tasks/Kylin Linux Advanced Server.yml b/roles/pre-tasks/tasks/os/Kylin Linux Advanced Server_V10.yml similarity index 100% rename from roles/pre-tasks/tasks/Kylin Linux Advanced Server.yml rename to roles/pre-tasks/tasks/os/Kylin Linux Advanced Server_V10.yml diff --git a/ansible-docker/Vagrantfile b/vagrant/Vagrantfile similarity index 35% rename from ansible-docker/Vagrantfile rename to vagrant/Vagrantfile index 548020a7cb3a631e4df96ef31901ed64daa58292..6977b6fb62f05abb03571150c5fe4865497abd9d 100644 --- a/ansible-docker/Vagrantfile +++ b/vagrant/Vagrantfile @@ -3,24 +3,40 @@ Vagrant.configure("2") do |config| + if Vagrant.has_plugin?("vagrant-vbguest") then + config.vbguest.auto_update = false + end + config.ssh.insert_key = false - config.vm.provider :virtualbox do |vb| + + # 这个设置针对无法被 vagrant 识别的国产系统,例如 openEuler。强制指定按哪个通用系统来配置。 + config.vm.guest = "centos" + + config.vm.provider "virtualbox" do |vb| vb.memory = 4096 - vb.cpus = 2 + vb.cpus = 4 vb.customize [ "modifyvm", :id, "--uartmode1", "disconnected" ] vb.linked_clone = true + vb.check_guest_additions = false + end + + config.vm.provision "shell" do |s| + s.inline = <<-SHELL + sed -i "s|PasswordAuthentication no|PasswordAuthentication yes|g" /etc/ssh/sshd_config + /bin/systemctl restart sshd.service + SHELL end #Disabling the default /vagrant share config.vm.synced_folder ".", "/vagrant", disabled: true # How many vm do you want? - N = 3 + N = 9 (1..N).each do |i| - config.vm.define "opengauss#{i}" do |node| - node.vm.box = "centos/7" - node.vm.network :private_network, ip: "192.168.56.#{10+i}" - end + config.vm.define "opengauss#{i}" do |node| + node.vm.box = "openeuler2003_x64" + node.vm.network "private_network", ip: "192.168.56.#{10+i}" + end end end diff --git a/vagrant/openEuler2003_x86_64.pkr.hcl b/vagrant/openEuler2003_x86_64.pkr.hcl new file mode 100644 index 0000000000000000000000000000000000000000..e18a43ee91c8f95cbd94503f1c366cbbfba4a781 --- /dev/null +++ b/vagrant/openEuler2003_x86_64.pkr.hcl @@ -0,0 +1,25 @@ +packer { + required_plugins { + virtualbox = { + version = "~> 1" + source = "github.com/hashicorp/virtualbox" + } + } +} + +source "virtualbox-iso" "openeuler" { + guest_os_type = "CentOS_64" + iso_url = "https://mirror.sjtu.edu.cn/openeuler/openEuler-22.03-LTS-SP2/ISO/x86_64/openEuler-22.03-LTS-SP2-netinst-x86_64-dvd.iso" + iso_checksum = "sha256:e7186579da6d16430bb8577e2989761e726af8166a08f7e02cde55a614b42d66" + ssh_username = "vagrant" + ssh_password = "vagrant" + shutdown_command = "echo 'vagrant' | sudo -S shutdown -P now" + boot_command = [ + "", + ] +} + +build { + sources = ["sources.virtualbox-iso.openeuler"] +} + diff --git a/vagrant/vagrant.pub b/vagrant/vagrant.pub new file mode 100644 index 0000000000000000000000000000000000000000..78a8ccf51889ad942450ce70c7414893a5eb72ad --- /dev/null +++ b/vagrant/vagrant.pub @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1YdxBpNlzxDqfJyw/QKow1F+wvG9hXGoqiysfJOn5Y vagrant insecure public key