Remove the mysql support from our gerrit role and image

We are now using the mariadb jdbc connector in production and no longer
need to include the mysql legacy connector in our images. We also don't
need support for h2 or mysql as testing and prod are all using the
mariadb connector and local database.

Note this is a separate change to ensure everything is happy with the
mariadb connector before we remove the fallback mysql connector from our
images.

Change-Id: I982d3c3c026a5351bff567ce7fbb32798718ec1b
This commit is contained in:
Clark Boylan 2021-08-03 09:09:41 -07:00
parent 72bd0b6e2a
commit 75e0cf106a
9 changed files with 25 additions and 82 deletions

View File

@ -58,9 +58,10 @@ RUN mkdir /var/gerrit/bin \
&& mkdir /var/gerrit/hooks \
&& mkdir /var/gerrit/static
# Download mysql-connector so that gerrit doens't download it during init.
# Download mariadb java client.
# Modern gerrit stopped downloading missing libs during init which means we
# need to do the downland and install ourselves.
RUN mkdir /var/gerrit/lib && \
wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.43/mysql-connector-java-5.1.43.jar -O /var/gerrit/lib/mysql-connector-java.jar && \
wget https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/2.7.2/mariadb-java-client-2.7.2.jar -O /var/gerrit/lib/mariadb-java-client.jar
# Allow incoming traffic

View File

@ -60,7 +60,6 @@ gerrit_vhost_name: review.opendev.org
gerrit_serverid: 4a232e18-c5a9-48ee-94c0-e04e7cca6543
gerrit_redirect_vhost: review.openstack.org
gerrit_heap_limit: 96g
gerrit_reviewdb_database_type: mariadb_container
letsencrypt_certs:
review02-opendev-org-main:
- review.opendev.org

View File

@ -1,32 +1,21 @@
Run Gerrit.
This role assumes it will have a local MariaDB running adjacent to the
Gerrit service. Variables below configure MariaDB connection details.
**Role Variables**
.. zuul:rolevar:: gerrit_reviewdb_database_type
:default: h2
Database to use for the reviewdb
One of
* h2 : use local h2 database, not for production
* mysql : connect to existing mysql instance
* mariadb_container : run a sibling mariadb container
.. zuul:rolevar:: gerrit_reviewdb_mariadb_dbname
:default: gerrit
When ``gerrit_reviewdb_database_type`` is ``mariadb_container``; the default
database to make and connect to.
The database to make and connect to.
.. zuul:rolevar:: gerrit_reviewdb_mariadb_username
:default: gerrit
When ``gerrit_reviewdb_database_type`` is ``mariadb_container``; the default
user to make and connect with.
The user to make and connect with.
.. zuul:rolevar:: gerrit_reviewdb_mariadb_password
:default: <unset>
When ``gerrit_reviewdb_database_type`` is ``mariadb_container``; the default
password to set for ``gerrit_reviewdb_mariadb_username``
The password to set for ``gerrit_reviewdb_mariadb_username``

View File

@ -24,6 +24,5 @@ gerrit_container_volumes:
gerrit_project_creator_user: openstack-project-creator
gerrit_manage_projects_args: "-v"
gerrit_track_upstream: true
gerrit_reviewdb_database_type: h2
gerrit_reviewdb_mariadb_username: gerrit
gerrit_reviewdb_mariadb_dbname: accountPatchReviewDb

View File

@ -3,27 +3,6 @@
path: /etc/borg-streams
state: directory
- name: Setup remote mysql backup jobs
when: gerrit_reviewdb_database_type == 'mysql'
block:
# NOTE(ianw) 2021-02-19 We are explicitly backing up just
# accountPatchReviewDb because "--all-databases" doesn't work with
# our trove instance
# https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1914695
- name: Create accountPatchReviewDb streaming file
copy:
content: >-
/usr/bin/mysqldump --defaults-file=/root/.gerrit_db.cnf --skip-extended-insert --ignore-table mysql.event --single-transaction --databases accountPatchReviewDb
dest: /etc/borg-streams/mysql-accountPatchReviewDb
- name: Set up cron job to back up gerrit db to disk
cron:
name: gerrit-backup
user: root
hour: 0
minute: 0
job: '/usr/bin/mysqldump --defaults-file=/root/.gerrit_db.cnf --opt --ignore-table mysql.event --single-transaction --databases accountPatchReviewDb | gzip -9 > /home/gerrit2/mysql_backups/gerrit.sql.gz'
# NOTE(ianw) 2021-06-09 : we don't also keep an on-disk backup as we
# did for the old mysql instance above because it's easy to restore
# from borg now (in the past with bup it was a real pain to extract
@ -32,12 +11,9 @@
# # borg-mount <backup-server>
# the dump file will be under
# /opt/backups/review02-mariadb-<date>T<time>/mariadb
- name: Setup container mariadb backup jobs
when: gerrit_reviewdb_database_type == 'mariadb_container'
block:
- name: Create mariadb streaming file
copy:
content: >-
/usr/local/bin/docker-compose -f /etc/gerrit-compose/docker-compose.yaml exec -T mariadb
bash -c '/usr/bin/mysqldump --all-databases --single-transaction -uroot -p"$MYSQL_ROOT_PASSWORD"'
dest: /etc/borg-streams/mariadb
- name: Create mariadb streaming file to setup mariadb backup jobs
copy:
content: >-
/usr/local/bin/docker-compose -f /etc/gerrit-compose/docker-compose.yaml exec -T mariadb
bash -c '/usr/bin/mysqldump --all-databases --single-transaction -uroot -p"$MYSQL_ROOT_PASSWORD"'
dest: /etc/borg-streams/mariadb

View File

@ -284,30 +284,20 @@
- name: Start gerrit
include_tasks: start.yaml
- name: Set up root mysql conf file
when: gerrit_reviewdb_database_type == 'mysql'
- name: Setup reviewdb directory for mariadb
file:
state: directory
path: /home/gerrit2/reviewdb
owner: root
group: root
mode: 0755
- name: Set up root mariadb conf file
template:
src: root.my.cnf.mysql.j2
src: root.my.cnf.mariadb_container.j2
dest: /root/.gerrit_db.cnf
mode: 0400
- name: Setup mariadb container
when: gerrit_reviewdb_database_type == 'mariadb_container'
block:
- name: Setup reviewdb directory
file:
state: directory
path: /home/gerrit2/reviewdb
owner: root
group: root
mode: 0755
- name: Set up root mariadb conf file
template:
src: root.my.cnf.mariadb_container.j2
dest: /root/.gerrit_db.cnf
mode: 0400
- name: Set up cron job to optmize git repos
cron:
name: optmize-git-repos

View File

@ -1,6 +1,5 @@
version: '2'
services:
{% if gerrit_reviewdb_database_type == 'mariadb_container' %}
mariadb:
image: docker.io/library/mariadb:10.4
network_mode: host
@ -18,14 +17,11 @@ services:
driver: syslog
options:
tag: "docker-mariadb"
{% endif %}
gerrit:
image: {{ gerrit_container_image }}
{% if gerrit_reviewdb_database_type == 'mariadb_container' %}
depends_on:
- mariadb
command: ["/wait-for-it.sh", "127.0.0.1:3306", "--", "/run-gerrit.sh"]
{% endif %}
network_mode: host
user: gerrit
stop_signal: SIGHUP

View File

@ -1,11 +1,5 @@
{% if gerrit_reviewdb_database_type == 'mysql' %}
[accountPatchReviewDb]
url = jdbc:mysql://{{ gerrit_mysql_host }}:3306/accountPatchReviewDb?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_bin&useUnicode=yes&user=gerrit2&password={{ gerrit_mysql_password }}
{% endif %}
{% if gerrit_reviewdb_database_type == 'mariadb_container' %}
[accountPatchReviewDb]
url = jdbc:mariadb://127.0.0.1:3306/{{ gerrit_reviewdb_mariadb_dbname }}?sessionVariables=character_set_client=utf8,character_set_results=utf8,character_set_connection=utf8,collation_connection=utf8_unicode_ci,collation_database=utf8_unicode_ci,collation_server=utf8_unicode_ci&user={{ gerrit_reviewdb_mariadb_username }}&password={{ gerrit_reviewdb_mariadb_password }}
{% endif %}
[auth]
registerEmailPrivateKey = {{ gerrit_email_private_key }}
{% if gerrit_rest_token_private_key is defined %}

View File

@ -84,7 +84,6 @@ gerrit_replication_ssh_rsa_key_contents: |
edHQJDKx5PktPWsAAAAgbW9yZHJlZEBNb250eXMtTWFjQm9vay1BaXIubG9jYWwBAgM=
-----END OPENSSH PRIVATE KEY-----
gerrit_replication_ssh_rsa_pubkey_contents: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQhZQ0z+RVPmOzY2f56N9/PrqDeHftvnagPJyOOXnCd/9N0j+stFWNmavvb8y4dRZ+y6lOJpzPYEahwUUXZHAanz5l5as+VihWq7ldcMxSPnmkC9zr65Z8eNDcM2Bzk8gx5e4DE6OgpWkc6ke9MpwI5dmfW7o53gQZkdSc94TuLr+ZCYUKo7fScsVeE+F9dT0PLyW0zU7c23PzYnkKcrB9ihpQfSfbJj9EAtsA3aA8ZdHt78i5r7+0u0JZxaWoKjkCfYqC8ofbTU61YuUO8TTgNgMC6ZzBmTRdRRRKdGun+m1fqtgIqPSi+iZpKnERgg/hPwY+gqcKh+svW6pgCDhJ gerrit-code-review-replication
gerrit_reviewdb_database_type: mariadb_container
gerrit_reviewdb_mariadb_password: password
gerrit_run_compose_up: true
gerrit_run_init: true