Add client configuration support

nephelaiio · May 4, 2024 · 6df4030 · 6df4030
1 parent aefcad2
commit 6df4030
Show file tree

Hide file tree

Showing 6 changed files with 175 additions and 26 deletions.
diff --git a/README.md b/README.md
@@ -18,16 +18,17 @@ The following is the list of parameters intended for end-user manipulation:
 
 Cluster wide parameters
 
-| Parameter               |                         Default | Description                            | Required |
-|:------------------------|--------------------------------:|:---------------------------------------|:---------|
-| consul_release          |                        1.18.1-1 | Consul release target                  | false    |
-| consul_datacenter_name  |                        'consul' | Consul Datacenter name                 | false    |
-| consul_backup_path      |               '/backups/consul' | Consul snapshot backup path            | false    |
-| consul_backup_bin       | '/usr/local/bin/consul-snapshot | Consul snapshot backup script location | false    |
-| consul_backup_retention |                            1440 | Consul snapshot retention in minutes   | false    |
-| consul_backup_minutes   |                          '\*/5' | Consul snapshot cronjob component      | false    |
-| consul_backup_hours     |                            '\*' | Consul snapshot cronjob component      | false    |
-| consul_backup_days      |                            '\*' | Consul snapshot cronjob component      | false    |
+| Parameter               |                         Default | Description                                 | Required |
+|:------------------------|--------------------------------:|:--------------------------------------------|:---------|
+| consul_release          |                        1.18.1-1 | Consul release target                       | false    |
+| consul_datacenter_name  |                        'consul' | Consul Datacenter name                      | false    |
+| consul_backup_path      |               '/backups/consul' | Consul snapshot backup path                 | false    |
+| consul_backup_bin       | '/usr/local/bin/consul-snapshot | Consul snapshot backup script location      | false    |
+| consul_backup_retention |                            1440 | Consul snapshot retention in minutes        | false    |
+| consul_backup_minutes   |                          '\*/5' | Consul snapshot cronjob component           | false    |
+| consul_backup_hours     |                            '\*' | Consul snapshot cronjob component           | false    |
+| consul_backup_days      |                            '\*' | Consul snapshot cronjob component           | false    |
+| consul_role             |                        'server' | Consul node role, one of ['server', client] | false    |
 
 ## Collection playbooks
 

diff --git a/galaxy.yml b/galaxy.yml
@@ -1,7 +1,7 @@
 ---
 namespace: nephelaiio
 name: consul
-version: 0.0.4
+version: 0.0.5
 readme: README.md
 authors:
   - Ted Cook <[email protected]>

diff --git a/molecule/common/verify.yml b/molecule/common/verify.yml
@@ -5,6 +5,16 @@
   vars_files:
     - ../../playbooks/vars/main.yml
   tasks:
+    - name: Verify Consul server node role
+      ansible.builtin.assert:
+        that: consul_role == 'server'
+      when: inventory_hostname in groups['consul_server']
+
+    - name: Verify Consul client node role
+      ansible.builtin.assert:
+        that: consul_role == 'client'
+      when: inventory_hostname in groups['consul_client']
+
     - name: Verify Consul cluster status
       block:
         - name: Query Consul node cluster status
@@ -22,21 +32,21 @@
             _status: "{{ _consul_node_status.stdout }}"
             _expected: 'alive'
 
-    - name: Verify Consul node type status
+    - name: Verify Consul node role
       block:
-        - name: Query Consul node cluster status
+        - name: Query Consul node role
           ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $4}'"
           register: _consul_node_type
           changed_when: false
 
-        - name: Check Consul node cluster status
+        - name: Check Consul node role
           ansible.builtin.assert:
             that: _status == _expected
             fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'"
             success_msg: "Consul node type is '{{ _status }}'"
           vars:
             _status: "{{ _consul_node_type.stdout }}"
-            _expected: 'server'
+            _expected: '{{ _consul_role }}'
 
     - name: Verify Consul package locks
       when: _consul_install_from_repo

diff --git a/molecule/roles/molecule.yml b/molecule/roles/molecule.yml
@@ -0,0 +1,133 @@
+---
+dependency:
+  name: galaxy
+  options:
+    role-file: requirements.yml
+    requirements-file: requirements.yml
+driver:
+  name: docker
+platforms:
+  - name: consul-roles-server-01
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_server
+  - name: consul-roles-server-02
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_server
+  - name: consul-roles-server-03
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_server
+  - name: consul-roles-client-01
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_client
+  - name: consul-roles-client-02
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_client
+  - name: consul-roles-client-03
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+      - consul_client
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp
+      allow_world_readable_tmpfiles: true
+      callbacks_enabled: ansible.posix.profile_tasks
+  playbooks:
+    prepare: ../common/prepare.yml
+    converge: ../common/converge.yml
+    verify: ../common/verify.yml
+  inventory:
+    hosts:
+      all:
+        vars:
+          consul_install_from_repo: false
+      consul_server:
+        vars:
+          consul_role: server
+      consul_client:
+        vars:
+          consul_role: client
+verifier:
+  name: ansible
+scenario:
+  prepare_sequence:
+    - prepare
+  converge_sequence:
+    - converge
+  destroy_sequence:
+    - destroy
+  cleanup_sequence:
+    - cleanup
+  test_sequence:
+    - dependency
+    - create
+    - prepare
+    - converge
+    - side_effect
+    - verify
diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml
@@ -6,20 +6,23 @@
   vars_files:
     - main.yml
   tasks:
+    - name: Verify role settings
+      ansible.builtin.assert:
+        that: _consul_role in ['client', 'server']
+
+    - name: Group cluster members
+      ansible.builtin.group_by:
+        key: "_consul_{{ _consul_role }}"
+
     - name: Verify cluster group settings
       ansible.builtin.assert:
-        that: (groups[_consul_hostgroup] | length) in _sizes
-        fail_msg: "Consul group size must be one of [{{ _sizes | join(',') }}], found {{ _size }}"
+        that: (groups[_group] | length) in _sizes
+        fail_msg: "Number of Consul masters must be one of [{{ _sizes | join(',') }}], found {{ _size }}"
       vars:
-        _size: "{{ groups[_consul_hostgroup] | length }}"
+        _group: _consul_server
+        _size: "{{ groups[_group] | length }}"
         _sizes: [3, 5, 7]
 
-    - name: Initialize Consul roles
-      ansible.builtin.set_fact:
-        consul_node_role: "{{ _role }}"
-      vars:
-        _role: "{{ 'server' if inventory_hostname in groups[_consul_hostgroup] else 'client' }}"
-
     - name: Release Consul package holds
       block:
         - name: Release Consul apt hold
@@ -46,13 +49,14 @@
         _release_binary: "{{ _consul_release_binary }}"
         consul_version: "{{ _install_from_repo | ternary(_release_package, _release_binary) }}"
         consul_bootstrap_expect: true
-        consul_bootstrap_expect_value: "{{ groups[_consul_hostgroup] | length }}"
-        consul_group_name: "{{ _consul_hostgroup }}"
+        consul_bootstrap_expect_value: "{{ groups[consul_group_name] | length }}"
+        consul_group_name: "_consul_server"
         consul_datacenter: "{{ _consul_datacenter | regex_replace('[.]', '_') }}"
         consul_encrypt_enable: false
         consul_os_repo_prerequisites: []
         consul_bin_path: "{{ _install_from_repo | ternary('/usr/bin', '/usr/local/bin') }}"
         consul_install_dependencies: false
+        consul_node_role: "{{ _consul_role }}"
         consul_os_packages:
           - unzip
           - acl

diff --git a/playbooks/vars/main.yml b/playbooks/vars/main.yml
@@ -14,3 +14,4 @@ _consul_backup_path: "{{ consul_backup_path | default('/backups/consul') }}"
 _consul_backup_bin: "{{ consul_backup_bin | default('/usr/local/bin/consul-backup') }}"
 _consul_restore_bin: "{{ consul_backup_bin | default('/usr/local/bin/consul-restore') }}"
 _consul_install_from_repo: "{{ (consul_install_from_repo | default(False)) | bool }}"
+_consul_role: "{{ consul_role | default('server') }}"