Add update playbook

nephelaiio · May 4, 2024 · dbc3d3e · dbc3d3e
1 parent b15d78b
commit dbc3d3e
Show file tree

Hide file tree

Showing 10 changed files with 149 additions and 29 deletions.
diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml
@@ -36,6 +36,7 @@ jobs:
         scenario:
           - binary
           - repo
+          - update
         image:
           - name: ubuntu2204
             command: /lib/systemd/systemd

diff --git a/README.md b/README.md
@@ -5,22 +5,12 @@
 
 An [ansible collection](https://galaxy.ansible.com/ui/repo/published/pokerops/consul/) to install and manage [Consul](https://www.consul.io/) clusters
 
-## ToDo
-
-* Add CI harness
-* Add role dependencies
-* Add install playbook
-* Add install CI tests
-* Add update playbook
-* Add update CI tests
-* Publish collection
-
 ## Collection hostgroups
 
-| Hostgroup    | Default | Description    |
-|:-------------|--------:|:---------------|
-| consul_group | consul' | Consul cluster |
-|              |         |                |
+| Hostgroup                |              Default | Description                      |
+|:-------------------------|---------------------:|:---------------------------------|
+| consul_group             |             'consul' | Consul cluster members           |
+| consul_update_skip_group | 'consul_update_skip' | Consul cluster update skip hosts |
 
 ## Collection variables
 

diff --git a/molecule/binary/molecule.yml b/molecule/binary/molecule.yml
@@ -61,7 +61,6 @@ provisioner:
     hosts:
       all:
         vars:
-          consul_config_hostnames: false
           consul_install_from_repo: false
 verifier:
   name: ansible

diff --git a/molecule/common/update.yml b/molecule/common/update.yml
@@ -0,0 +1,3 @@
+---
+- name: Import install playbook
+  ansible.builtin.import_playbook: pokerops.consul.update
diff --git a/molecule/repo/molecule.yml b/molecule/repo/molecule.yml
@@ -61,7 +61,6 @@ provisioner:
     hosts:
       all:
         vars:
-          consul_config_hostnames: false
           consul_install_from_repo: true
 verifier:
   name: ansible

diff --git a/molecule/update/molecule.yml b/molecule/update/molecule.yml
@@ -0,0 +1,83 @@
+---
+dependency:
+  name: galaxy
+  options:
+    role-file: requirements.yml
+    requirements-file: requirements.yml
+driver:
+  name: docker
+platforms:
+  - name: consul-update-01
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+  - name: consul-update-02
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+  - name: consul-update-03
+    image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    tmpfs:
+      - /tmp
+      - /opt
+    groups:
+      - consul
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp
+      allow_world_readable_tmpfiles: true
+      callbacks_enabled: ansible.posix.profile_tasks
+  playbooks:
+    prepare: ../common/prepare.yml
+    converge: ../common/converge.yml
+    side_effect: ../common/update.yml
+    verify: ../common/verify.yml
+  inventory:
+    hosts:
+      all:
+        vars:
+          consul_install_from_repo: true
+verifier:
+  name: ansible
+scenario:
+  prepare_sequence:
+    - prepare
+  converge_sequence:
+    - converge
+  destroy_sequence:
+    - destroy
+  cleanup_sequence:
+    - cleanup
+  test_sequence:
+    - dependency
+    - create
+    - prepare
+    - converge
+    - side_effect
+    - verify
diff --git a/playbooks/prepare.yml b/playbooks/prepare.yml
@@ -5,18 +5,6 @@
   vars_files:
     - main.yml
   tasks:
-    - name: Add host entries for cluster members
-      ansible.builtin.lineinfile:
-        path: /etc/hosts
-        regexp: ".*{{ item }}.*"
-        line: "{{ _member_address }} {{ _fqdn }} {{ _hostname }}"
-      vars:
-        _member_address: "{{ hostvars[item]['ansible_default_ipv4']['address'] }}"
-        _fqdn: "{{ hostvars[item]['ansible_fqdn'] }}"
-        _hostname: "{{ hostvars[item]['ansible_hostname'] }}"
-      loop: "{{ ansible_play_hosts }}"
-      when: _consul_config_hostnames
-
     - name: Install yum prerequisites
       ansible.builtin.package:
         name:

diff --git a/playbooks/update.yml b/playbooks/update.yml
@@ -0,0 +1,54 @@
+---
+- name: Update Patroni Consul nodes
+  hosts: "{{ _consul_hostgroup }}:!{{ _consul_update_skip_hostgroup }}"
+  serial: 1
+  become: true
+  any_errors_fatal: true
+  vars_files:
+    - main.yml
+  vars:
+    update_reboot: false
+    update_cache_valid_time: 1
+  roles:
+    - nephelaiio.patroni.update
+  tasks:
+    - name: Stop Consul service
+      ansible.builtin.service:
+        name: consul
+        state: stopped
+
+    - name: Reboot node
+      ansible.builtin.reboot:
+
+    - name: Verify Consul cluster status
+      block:
+        - name: Query Consul node cluster status
+          ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $3}'"
+          register: _consul_node_status
+          changed_when: false
+          no_log: true
+
+        - name: Check Consul node cluster status
+          ansible.builtin.assert:
+            that: _status == _expected
+            fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'"
+            success_msg: "Consul node type is '{{ _status }}'"
+          vars:
+            _status: "{{ _consul_node_status.stdout }}"
+            _expected: 'alive'
+
+    - name: Verify Consul node type status
+      block:
+        - name: Query consul node cluster status
+          ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $4}'"
+          register: _consul_node_type
+          changed_when: false
+
+        - name: Check consul node cluster status
+          ansible.builtin.assert:
+            that: _status == _expected
+            fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'"
+            success_msg: "Consul node type is '{{ _status }}'"
+          vars:
+            _status: "{{ _consul_node_type.stdout }}"
+            _expected: 'server'
diff --git a/playbooks/vars/main.yml b/playbooks/vars/main.yml
@@ -1,10 +1,10 @@
 ---
 _consul_hostgroup: "{{ consul_group | default('consul') }}"
+_consul_update_skip_hostgroup: "{{ consul_update_skip_group | default('consul_update_skip') }}"
 _consul_release: "{{ consul_release | default('1.18.1-1') }}"
 _consul_release_package: "{{ _consul_release }}"
 _consul_release_binary: "{{ _consul_release | split('-') | first }}"
 
-_consul_config_hostnames: "{{ consul_config_hostnames | default(True) | bool }}"
 _consul_datacenter: "{{ consul_datacenter_name | default('consul') }}"
 _consul_backup_retention: "{{ consul_backup_retention | default('1440') }}"
 _consul_backup_minutes: "{{ consul_backup_period | default('*/5') }}"

diff --git a/roles.yml b/roles.yml
@@ -3,3 +3,6 @@ roles:
   - name: consul
     src: https://github.com/ansible-community/ansible-consul.git
     version: master
+  - name: update
+    src: https://github.com/robertdebock/ansible-role-update.git
+    version: 3.1.7
-Original file line number
+Diff line change
@@ Expand Up / @@ -36,6 +36,7 @@ jobs: @@
             scenario:
               - binary
               - repo
+              - update
             image:
               - name: ubuntu2204
                 command: /lib/systemd/systemd
@@ Expand Down @@