diff --git a/README.md b/README.md index d37c3ad..0a7841d 100644 --- a/README.md +++ b/README.md @@ -18,16 +18,17 @@ The following is the list of parameters intended for end-user manipulation: Cluster wide parameters -| Parameter | Default | Description | Required | -|:------------------------|--------------------------------:|:---------------------------------------|:---------| -| consul_release | 1.18.1-1 | Consul release target | false | -| consul_datacenter_name | 'consul' | Consul Datacenter name | false | -| consul_backup_path | '/backups/consul' | Consul snapshot backup path | false | -| consul_backup_bin | '/usr/local/bin/consul-snapshot | Consul snapshot backup script location | false | -| consul_backup_retention | 1440 | Consul snapshot retention in minutes | false | -| consul_backup_minutes | '\*/5' | Consul snapshot cronjob component | false | -| consul_backup_hours | '\*' | Consul snapshot cronjob component | false | -| consul_backup_days | '\*' | Consul snapshot cronjob component | false | +| Parameter | Default | Description | Required | +|:------------------------|--------------------------------:|:--------------------------------------------|:---------| +| consul_release | 1.18.1-1 | Consul release target | false | +| consul_datacenter_name | 'consul' | Consul Datacenter name | false | +| consul_backup_path | '/backups/consul' | Consul snapshot backup path | false | +| consul_backup_bin | '/usr/local/bin/consul-snapshot | Consul snapshot backup script location | false | +| consul_backup_retention | 1440 | Consul snapshot retention in minutes | false | +| consul_backup_minutes | '\*/5' | Consul snapshot cronjob component | false | +| consul_backup_hours | '\*' | Consul snapshot cronjob component | false | +| consul_backup_days | '\*' | Consul snapshot cronjob component | false | +| consul_role | 'server' | Consul node role, one of ['server', client] | false | ## Collection playbooks diff --git a/galaxy.yml b/galaxy.yml index e0c0d22..d54bf9d 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ --- namespace: nephelaiio name: consul -version: 0.0.4 +version: 0.0.5 readme: README.md authors: - Ted Cook <358176+teddyphreak@users.noreply.github.com> diff --git a/molecule/common/verify.yml b/molecule/common/verify.yml index d73b9e6..ae97175 100644 --- a/molecule/common/verify.yml +++ b/molecule/common/verify.yml @@ -5,6 +5,16 @@ vars_files: - ../../playbooks/vars/main.yml tasks: + - name: Verify Consul server node role + ansible.builtin.assert: + that: consul_role == 'server' + when: inventory_hostname in groups['consul_server'] + + - name: Verify Consul client node role + ansible.builtin.assert: + that: consul_role == 'client' + when: inventory_hostname in groups['consul_client'] + - name: Verify Consul cluster status block: - name: Query Consul node cluster status @@ -22,21 +32,21 @@ _status: "{{ _consul_node_status.stdout }}" _expected: 'alive' - - name: Verify Consul node type status + - name: Verify Consul node role block: - - name: Query Consul node cluster status + - name: Query Consul node role ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $4}'" register: _consul_node_type changed_when: false - - name: Check Consul node cluster status + - name: Check Consul node role ansible.builtin.assert: that: _status == _expected fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'" success_msg: "Consul node type is '{{ _status }}'" vars: _status: "{{ _consul_node_type.stdout }}" - _expected: 'server' + _expected: '{{ _consul_role }}' - name: Verify Consul package locks when: _consul_install_from_repo diff --git a/molecule/roles/molecule.yml b/molecule/roles/molecule.yml new file mode 100644 index 0000000..7cfffcc --- /dev/null +++ b/molecule/roles/molecule.yml @@ -0,0 +1,133 @@ +--- +dependency: + name: galaxy + options: + role-file: requirements.yml + requirements-file: requirements.yml +driver: + name: docker +platforms: + - name: consul-roles-server-01 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_server + - name: consul-roles-server-02 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_server + - name: consul-roles-server-03 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_server + - name: consul-roles-client-01 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_client + - name: consul-roles-client-02 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_client + - name: consul-roles-client-03 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - consul_client +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp + allow_world_readable_tmpfiles: true + callbacks_enabled: ansible.posix.profile_tasks + playbooks: + prepare: ../common/prepare.yml + converge: ../common/converge.yml + verify: ../common/verify.yml + inventory: + hosts: + all: + vars: + consul_install_from_repo: false + consul_server: + vars: + consul_role: server + consul_client: + vars: + consul_role: client +verifier: + name: ansible +scenario: + prepare_sequence: + - prepare + converge_sequence: + - converge + destroy_sequence: + - destroy + cleanup_sequence: + - cleanup + test_sequence: + - dependency + - create + - prepare + - converge + - side_effect + - verify diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml index 66012da..9e2c731 100644 --- a/playbooks/deploy.yml +++ b/playbooks/deploy.yml @@ -6,20 +6,23 @@ vars_files: - main.yml tasks: + - name: Verify role settings + ansible.builtin.assert: + that: _consul_role in ['client', 'server'] + + - name: Group cluster members + ansible.builtin.group_by: + key: "_consul_{{ _consul_role }}" + - name: Verify cluster group settings ansible.builtin.assert: - that: (groups[_consul_hostgroup] | length) in _sizes - fail_msg: "Consul group size must be one of [{{ _sizes | join(',') }}], found {{ _size }}" + that: (groups[_group] | length) in _sizes + fail_msg: "Number of Consul masters must be one of [{{ _sizes | join(',') }}], found {{ _size }}" vars: - _size: "{{ groups[_consul_hostgroup] | length }}" + _group: _consul_server + _size: "{{ groups[_group] | length }}" _sizes: [3, 5, 7] - - name: Initialize Consul roles - ansible.builtin.set_fact: - consul_node_role: "{{ _role }}" - vars: - _role: "{{ 'server' if inventory_hostname in groups[_consul_hostgroup] else 'client' }}" - - name: Release Consul package holds block: - name: Release Consul apt hold @@ -46,13 +49,14 @@ _release_binary: "{{ _consul_release_binary }}" consul_version: "{{ _install_from_repo | ternary(_release_package, _release_binary) }}" consul_bootstrap_expect: true - consul_bootstrap_expect_value: "{{ groups[_consul_hostgroup] | length }}" - consul_group_name: "{{ _consul_hostgroup }}" + consul_bootstrap_expect_value: "{{ groups[consul_group_name] | length }}" + consul_group_name: "_consul_server" consul_datacenter: "{{ _consul_datacenter | regex_replace('[.]', '_') }}" consul_encrypt_enable: false consul_os_repo_prerequisites: [] consul_bin_path: "{{ _install_from_repo | ternary('/usr/bin', '/usr/local/bin') }}" consul_install_dependencies: false + consul_node_role: "{{ _consul_role }}" consul_os_packages: - unzip - acl diff --git a/playbooks/vars/main.yml b/playbooks/vars/main.yml index 654e7b9..112a29d 100644 --- a/playbooks/vars/main.yml +++ b/playbooks/vars/main.yml @@ -14,3 +14,4 @@ _consul_backup_path: "{{ consul_backup_path | default('/backups/consul') }}" _consul_backup_bin: "{{ consul_backup_bin | default('/usr/local/bin/consul-backup') }}" _consul_restore_bin: "{{ consul_backup_bin | default('/usr/local/bin/consul-restore') }}" _consul_install_from_repo: "{{ (consul_install_from_repo | default(False)) | bool }}" +_consul_role: "{{ consul_role | default('server') }}"