diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml index 9ed9e6c..2d68d3b 100644 --- a/.github/workflows/molecule.yml +++ b/.github/workflows/molecule.yml @@ -36,6 +36,7 @@ jobs: scenario: - binary - repo + - update image: - name: ubuntu2204 command: /lib/systemd/systemd diff --git a/README.md b/README.md index 5c2720a..7dfb9ec 100644 --- a/README.md +++ b/README.md @@ -5,22 +5,12 @@ An [ansible collection](https://galaxy.ansible.com/ui/repo/published/pokerops/consul/) to install and manage [Consul](https://www.consul.io/) clusters -## ToDo - -* Add CI harness -* Add role dependencies -* Add install playbook -* Add install CI tests -* Add update playbook -* Add update CI tests -* Publish collection - ## Collection hostgroups -| Hostgroup | Default | Description | -|:-------------|--------:|:---------------| -| consul_group | consul' | Consul cluster | -| | | | +| Hostgroup | Default | Description | +|:-------------------------|---------------------:|:---------------------------------| +| consul_group | 'consul' | Consul cluster members | +| consul_update_skip_group | 'consul_update_skip' | Consul cluster update skip hosts | ## Collection variables diff --git a/molecule/binary/molecule.yml b/molecule/binary/molecule.yml index 10b7393..0e7369e 100644 --- a/molecule/binary/molecule.yml +++ b/molecule/binary/molecule.yml @@ -61,7 +61,6 @@ provisioner: hosts: all: vars: - consul_config_hostnames: false consul_install_from_repo: false verifier: name: ansible diff --git a/molecule/common/update.yml b/molecule/common/update.yml new file mode 100644 index 0000000..7e89060 --- /dev/null +++ b/molecule/common/update.yml @@ -0,0 +1,3 @@ +--- +- name: Import install playbook + ansible.builtin.import_playbook: pokerops.consul.update diff --git a/molecule/repo/molecule.yml b/molecule/repo/molecule.yml index 5ac67e4..fbb1096 100644 --- a/molecule/repo/molecule.yml +++ b/molecule/repo/molecule.yml @@ -61,7 +61,6 @@ provisioner: hosts: all: vars: - consul_config_hostnames: false consul_install_from_repo: true verifier: name: ansible diff --git a/molecule/update/molecule.yml b/molecule/update/molecule.yml new file mode 100644 index 0000000..9ffe837 --- /dev/null +++ b/molecule/update/molecule.yml @@ -0,0 +1,83 @@ +--- +dependency: + name: galaxy + options: + role-file: requirements.yml + requirements-file: requirements.yml +driver: + name: docker +platforms: + - name: consul-update-01 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - name: consul-update-02 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul + - name: consul-update-03 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2204}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - consul +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp + allow_world_readable_tmpfiles: true + callbacks_enabled: ansible.posix.profile_tasks + playbooks: + prepare: ../common/prepare.yml + converge: ../common/converge.yml + side_effect: ../common/update.yml + verify: ../common/verify.yml + inventory: + hosts: + all: + vars: + consul_install_from_repo: true +verifier: + name: ansible +scenario: + prepare_sequence: + - prepare + converge_sequence: + - converge + destroy_sequence: + - destroy + cleanup_sequence: + - cleanup + test_sequence: + - dependency + - create + - prepare + - converge + - side_effect + - verify diff --git a/playbooks/prepare.yml b/playbooks/prepare.yml index f4980b4..a3f7520 100644 --- a/playbooks/prepare.yml +++ b/playbooks/prepare.yml @@ -5,18 +5,6 @@ vars_files: - main.yml tasks: - - name: Add host entries for cluster members - ansible.builtin.lineinfile: - path: /etc/hosts - regexp: ".*{{ item }}.*" - line: "{{ _member_address }} {{ _fqdn }} {{ _hostname }}" - vars: - _member_address: "{{ hostvars[item]['ansible_default_ipv4']['address'] }}" - _fqdn: "{{ hostvars[item]['ansible_fqdn'] }}" - _hostname: "{{ hostvars[item]['ansible_hostname'] }}" - loop: "{{ ansible_play_hosts }}" - when: _consul_config_hostnames - - name: Install yum prerequisites ansible.builtin.package: name: diff --git a/playbooks/update.yml b/playbooks/update.yml new file mode 100644 index 0000000..fc109c0 --- /dev/null +++ b/playbooks/update.yml @@ -0,0 +1,54 @@ +--- +- name: Update Patroni Consul nodes + hosts: "{{ _consul_hostgroup }}:!{{ _consul_update_skip_hostgroup }}" + serial: 1 + become: true + any_errors_fatal: true + vars_files: + - main.yml + vars: + update_reboot: false + update_cache_valid_time: 1 + roles: + - nephelaiio.patroni.update + tasks: + - name: Stop Consul service + ansible.builtin.service: + name: consul + state: stopped + + - name: Reboot node + ansible.builtin.reboot: + + - name: Verify Consul cluster status + block: + - name: Query Consul node cluster status + ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $3}'" + register: _consul_node_status + changed_when: false + no_log: true + + - name: Check Consul node cluster status + ansible.builtin.assert: + that: _status == _expected + fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'" + success_msg: "Consul node type is '{{ _status }}'" + vars: + _status: "{{ _consul_node_status.stdout }}" + _expected: 'alive' + + - name: Verify Consul node type status + block: + - name: Query consul node cluster status + ansible.builtin.shell: "consul members listNode | grep {{ inventory_hostname }} | awk '{print $4}'" + register: _consul_node_type + changed_when: false + + - name: Check consul node cluster status + ansible.builtin.assert: + that: _status == _expected + fail_msg: "Expected consul node type '{{ _expected }}', got '{{ _status }}'" + success_msg: "Consul node type is '{{ _status }}'" + vars: + _status: "{{ _consul_node_type.stdout }}" + _expected: 'server' diff --git a/playbooks/vars/main.yml b/playbooks/vars/main.yml index d7a5a09..654e7b9 100644 --- a/playbooks/vars/main.yml +++ b/playbooks/vars/main.yml @@ -1,10 +1,10 @@ --- _consul_hostgroup: "{{ consul_group | default('consul') }}" +_consul_update_skip_hostgroup: "{{ consul_update_skip_group | default('consul_update_skip') }}" _consul_release: "{{ consul_release | default('1.18.1-1') }}" _consul_release_package: "{{ _consul_release }}" _consul_release_binary: "{{ _consul_release | split('-') | first }}" -_consul_config_hostnames: "{{ consul_config_hostnames | default(True) | bool }}" _consul_datacenter: "{{ consul_datacenter_name | default('consul') }}" _consul_backup_retention: "{{ consul_backup_retention | default('1440') }}" _consul_backup_minutes: "{{ consul_backup_period | default('*/5') }}" diff --git a/roles.yml b/roles.yml index 0845f5c..1f898bf 100644 --- a/roles.yml +++ b/roles.yml @@ -3,3 +3,6 @@ roles: - name: consul src: https://github.com/ansible-community/ansible-consul.git version: master + - name: update + src: https://github.com/robertdebock/ansible-role-update.git + version: 3.1.7