Move database creation into role

There is no record for why we implement the database creation outside
of the role in the playbook, when we could do it inside the role.

Implementing it inside the role allows us to reduce the quantity of
group_vars duplicated from the role, and allows us to better document
the required variables in the role. The delegation can still be done
as it is done in the playbook too.

In this patch we implement a new variable called 'designate_db_setup_host'
which is used in the role to allow delegation of the database setup
task to any host, but defaults to the first member of the galera_all
host group. We also document the variable 'designate_galera_address' which
has been used for a long time, but never documented. A bunch of unused
variables have also been removed.

Change-Id: Ie0d09401adaa66142fe12d1b6454641dd76104b7

defaults/main.yml

@@ -61,7 +61,8 @@ designate_system_comment: designate system user
 designate_system_user_home: "/var/lib/{{ designate_system_user_name }}"
 
 ## Database info
-designate_galera_address: 127.0.0.1
+designate_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
+designate_galera_address: "{{ galera_address | default('127.0.0.1') }}"
 designate_galera_user: designate
 designate_galera_database: designate
 designate_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"

tasks/designate_db_setup.yml

@@ -13,6 +13,32 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- name: Create DB for service
+  mysql_db:
+    login_user: "{{ galera_root_user }}"
+    login_password: "{{ galera_root_password }}"
+    login_host: "{{ designate_galera_address }}"
+    name: "{{ designate_galera_database }}"
+    state: "present"
+  delegate_to: "{{ designate_db_setup_host }}"
+  no_log: True
+
+- name: Grant access to the DB for the service
+  mysql_user:
+    login_user: "{{ galera_root_user }}"
+    login_password: "{{ galera_root_password }}"
+    login_host: "{{ designate_galera_address }}"
+    name: "{{ designate_galera_user }}"
+    password: "{{ designate_galera_password }}"
+    host: "{{ item }}"
+    state: "present"
+    priv: "{{ designate_galera_database }}.*:ALL"
+  delegate_to: "{{ designate_db_setup_host }}"
+  with_items:
+    - "localhost"
+    - "%"
+  no_log: True
+
 - name: Perform a Designate DB sync
   command: "{{ designate_bin }}/designate-manage database sync"
   become: yes

tests/os_designate-overrides.yml

@@ -17,9 +17,6 @@
 designate_venv_tag: "testing"
 designate_developer_mode: true
 designate_service_password: "secrete"
-designate_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}"
-designate_galera_database: designate
-designate_galera_user: designate
 designate_galera_password: "SuperSecrete"
 designate_oslomsg_rpc_password: "secrete"
 designate_oslomsg_rpc_userid: designate-rpc

tests/test-install-designate.yml

@@ -25,17 +25,17 @@
       notify_vhost: "{{ designate_oslomsg_notify_vhost }}"
       notify_user: "{{ designate_oslomsg_notify_userid }}"
       notify_password: "{{ designate_oslomsg_notify_password }}"
-    - include: common/create-grant-db.yml
-      db_name: "{{ designate_galera_user }}"
-      db_password: "{{ designate_galera_password }}"
+
     - name: Install bind9
       package:
         name: "{{ bind_package_name }}"
         state: present
+
     - name: Drop bind configuration
       template:
         src: "named.conf.j2"
         dest: "{{ named_config_file }}"
+
     - name: fix perms for named directory (centos)
       file:
         mode: '0770'
@@ -45,6 +45,7 @@
         group: 'named'
       when:
         - ansible_pkg_mgr in ['yum', 'dnf']
+
     - name: Restart bind9
       service:
         name: "{{ bind_service_name }}"