Move database creation into role
There is no record for why we implement the database creation outside of the role in the playbook, when we could do it inside the role. Implementing it inside the role allows us to reduce the quantity of group_vars duplicated from the role, and allows us to better document the required variables in the role. The delegation can still be done as it is done in the playbook too. In this patch we implement a new variable called 'barbican_db_setup_host' which is used in the role to allow delegation of the database setup task to any host, but defaults to the first member of the galera_all host group. We also document the variable barbican_galera_address which has been used for a long time, but never documented. Change-Id: I6257a172cf52e61cb8219f3698c17821270c3ffb
This commit is contained in:
parent
d2b93e12f5
commit
33d5e31717
|
@ -91,6 +91,8 @@ barbican_venv_download: "{{ not barbican_developer_mode | bool }}"
|
|||
barbican_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/barbican.tgz
|
||||
|
||||
# Database vars
|
||||
barbican_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
|
||||
barbican_galera_address: "{{ galera_address | default('127.0.0.1') }}"
|
||||
barbican_galera_database: barbican
|
||||
barbican_galera_user: barbican
|
||||
barbican_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
|
||||
|
|
|
@ -4,12 +4,16 @@
|
|||
roles:
|
||||
- role: "os_barbican"
|
||||
vars:
|
||||
external_lb_vip_address: 172.16.24.1
|
||||
internal_lb_vip_address: 192.168.0.1
|
||||
barbican_galera_address: "{{ internal_lb_vip_address }}"
|
||||
barbican_service_password: SuperSecretePassword1
|
||||
barbican_galera_password: SuperSecretePassword2
|
||||
barbican_rabbitmq_password: SuperSecretePassword3
|
||||
keystone_admin_user_name: admin
|
||||
keystone_auth_admin_password: SuperSecretePassword4
|
||||
keystone_admin_tenant_name: admin
|
||||
external_lb_vip_address: 172.16.24.1
|
||||
internal_lb_vip_address: 192.168.0.1
|
||||
barbican_galera_address: "{{ internal_lb_vip_address }}"
|
||||
barbican_service_password: SuperSecretePassword1
|
||||
barbican_galera_password: SuperSecretePassword2
|
||||
barbican_rabbitmq_password: SuperSecretePassword3
|
||||
keystone_admin_user_name: admin
|
||||
keystone_auth_admin_password: SuperSecretePassword4
|
||||
keystone_admin_tenant_name: admin
|
||||
galera_root_user: root
|
||||
vars_prompt:
|
||||
- name: "galera_root_password"
|
||||
prompt: "What is galera_root_password?"
|
||||
|
|
|
@ -13,6 +13,32 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Create DB for service
|
||||
mysql_db:
|
||||
login_user: "{{ galera_root_user }}"
|
||||
login_password: "{{ galera_root_password }}"
|
||||
login_host: "{{ barbican_galera_address }}"
|
||||
name: "{{ barbican_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "{{ barbican_db_setup_host }}"
|
||||
no_log: True
|
||||
|
||||
- name: Grant access to the DB for the service
|
||||
mysql_user:
|
||||
login_user: "{{ galera_root_user }}"
|
||||
login_password: "{{ galera_root_password }}"
|
||||
login_host: "{{ barbican_galera_address }}"
|
||||
name: "{{ barbican_galera_user }}"
|
||||
password: "{{ barbican_galera_password }}"
|
||||
host: "{{ item }}"
|
||||
state: "present"
|
||||
priv: "{{ barbican_galera_database }}.*:ALL"
|
||||
delegate_to: "{{ barbican_db_setup_host }}"
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
no_log: True
|
||||
|
||||
- name: Perform a synchronization of the Barbican database
|
||||
command: "{{ barbican_bin }}/barbican-manage db upgrade"
|
||||
become: yes
|
||||
|
|
|
@ -24,6 +24,7 @@
|
|||
state: "present"
|
||||
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
|
||||
- name: Ensure rabbitmq user
|
||||
rabbitmq_user:
|
||||
user: "{{ barbican_rabbitmq_userid }}"
|
||||
|
@ -36,32 +37,7 @@
|
|||
delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
no_log: true
|
||||
- name: Create DB for service
|
||||
mysql_db:
|
||||
login_user: "root"
|
||||
login_password: "secrete"
|
||||
login_host: "localhost"
|
||||
name: "{{ barbican_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
no_log: true
|
||||
- name: Grant access to the DB for the service
|
||||
mysql_user:
|
||||
login_user: "root"
|
||||
login_password: "secrete"
|
||||
login_host: "localhost"
|
||||
name: "{{ barbican_galera_database }}"
|
||||
password: "{{ barbican_galera_password }}"
|
||||
host: "{{ item }}"
|
||||
state: "present"
|
||||
priv: "{{ barbican_galera_database }}.*:ALL"
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
delegate_to: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
|
||||
when: inventory_hostname == groups['barbican_all'][0]
|
||||
no_log: true
|
||||
|
||||
roles:
|
||||
- role: "os_barbican"
|
||||
vars_files:
|
||||
|
|
Loading…
Reference in New Issue