Add no_log where needed, scale down pods before migration

2026-03-26 21:33:14 +00:00 · 2021-03-16 00:36:53 -04:00
parent 5b89c5c433
commit e83e54419a
6 changed files with 23 additions and 4 deletions
--- a/README.md
+++ b/README.md
@@ -181,7 +181,7 @@ type: Opaque

 #### Migrating data from an old AWX instance

-To migrate data from the postgresql pod of an AWX deployment in Openshift for Kubernetes, the Custom Resource needs to know about the connection details. Those connection details should be stored as a secret and either specified as `tower_old_postgres_configuration_secret` at the CR spec level, or simply be present on the namespace under the name `<resourcename>-old-postgres-configuration`.
+To migrate data from an older AWX installation, the Custom Resource needs to know about the connection details. Those connection details should be stored as a secret and specified as `tower_old_postgres_configuration_secret` at the CR spec level.


 The secret should be formatted as follows:
--- a/roles/installer/tasks/admin_password_configuration.yml
+++ b/roles/installer/tasks/admin_password_configuration.yml
@@ -13,10 +13,12 @@
    namespace: '{{ meta.namespace }}'
    name: '{{ meta.name }}-admin-password'
  register: _default_admin_password
+  no_log: true

 - name: Set admin password secret
  set_fact:
    _admin_password_secret: '{{ _custom_admin_password["resources"] | default([]) | length | ternary(_custom_admin_password, _default_admin_password) }}'
+  no_log: true

 - block:
    - name: Create admin password secret
@@ -36,7 +38,9 @@
 - name: Set admin password secret
  set_fact:
    admin_password_secret: '{{ _generated_admin_password["resources"] | default([]) | length | ternary(_generated_admin_password, _admin_password_secret) }}'
+  no_log: true

 - name: Store admin password
  set_fact:
    tower_admin_password: "{{ admin_password_secret['resources'][0]['data']['password'] | b64decode }}"
+  no_log: true
--- a/roles/installer/tasks/broadcast_websocket_configuration.yml
+++ b/roles/installer/tasks/broadcast_websocket_configuration.yml
@@ -13,11 +13,13 @@
    namespace: '{{ meta.namespace }}'
    name: '{{ meta.name }}-broadcast-websocket'
  register: _default_broadcast_websocket
+  no_log: true

 - name: Set broadcast websocket secret
  set_fact:
    # yamllint disable-line rule:line-length
    _broadcast_websocket_secret: '{{ _custom_broadcast_websocket["resources"] | default([]) | length | ternary(_custom_broadcast_websocket, _default_broadcast_websocket) }}'  # noqa 204
+  no_log: true

 - block:
    - name: Create broadcast websocket secret
@@ -38,7 +40,9 @@
  set_fact:
    # yamllint disable-line rule:line-length
    broadcast_websocket_secret: '{{ _generated_broadcast_websocket["resources"] | default([]) | length | ternary(_generated_broadcast_websocket, _broadcast_websocket_secret)  }}'  # noqa 204
+  no_log: true

 - name: Store broadcast websocket secret name
  set_fact:
    broadcast_websocket_secret_value: "{{ broadcast_websocket_secret['resources'][0]['data']['secret'] | b64decode }}"
+  no_log: true
--- a/roles/installer/tasks/database_configuration.yml
+++ b/roles/installer/tasks/database_configuration.yml
@@ -65,6 +65,7 @@
    name: '{{ tower_old_postgres_configuration_secret }}'
  register: old_pg_config
  when: tower_old_postgres_configuration_secret | length
+  ignore_errors: true
  no_log: true

 - name: Migrate data from old Openshift instance
--- a/roles/installer/tasks/migrate_data.yml
+++ b/roles/installer/tasks/migrate_data.yml
@@ -24,6 +24,14 @@
  set_fact:
    postgres_pod_name: "{{ postgres_pod['resources'][0]['metadata']['name'] }}"

+- name: Scale deployment down when current replicas match
+  community.kubernetes.k8s_scale:
+    api_version: v1
+    kind: Deployment
+    name: "{{ meta.name }}"
+    namespace: "{{ meta.namespace }}"
+    replicas: 0
+
 - name: Set pg_dump command
  set_fact:
    pgdump: >-
@@ -32,15 +40,13 @@
      -U {{ tower_old_postgres_user }}
      -d {{ tower_old_postgres_database }}
      -p {{ tower_old_postgres_port }}
-  no_log: true

 - name: Set pg_restore command
  set_fact:
    psql_restore: >-
      psql -U {{ awx_postgres_user }}
-      -d {{ awx_postgres_database }}
+      -d template1
      -p {{ awx_postgres_port }}
-  no_log: true

 - name: Stream backup from pg_dump to the new postgresql container
  community.kubernetes.k8s_exec:
--- a/roles/installer/tasks/secret_key_configuration.yml
+++ b/roles/installer/tasks/secret_key_configuration.yml
@@ -23,6 +23,7 @@
      k8s:
        apply: true
        definition: "{{ lookup('template', 'tower_secret_key.yaml.j2') }}"
+      no_log: true

    - name: Read secret key secret
      k8s_info:
@@ -30,13 +31,16 @@
        namespace: '{{ meta.namespace }}'
        name: '{{ meta.name }}-secret-key'
      register: _generated_secret_key
+      no_log: true

  when: not _secret_key_secret['resources'] | default([]) | length

 - name: Set secret key secret
  set_fact:
    secret_key_secret: '{{ _generated_secret_key["resources"] | default([]) | length | ternary(_generated_secret_key, _secret_key_secret)  }}'
+  no_log: true

 - name: Store secret key secret name
  set_fact:
    secret_key_secret_name: "{{ secret_key_secret['resources'][0]['metadata']['name'] }}"
+  no_log: true