idiomatic postgres configuration

renaming some files to match the awx operator status
2026-05-08 06:12:54 +00:00 · 2020-07-17 14:47:29 -04:00
parent 8e683ab950
commit ebc402141a
9 changed files with 105 additions and 105 deletions
--- a/roles/awx/tasks/main.yml
+++ b/roles/awx/tasks/main.yml
@@ -2,13 +2,34 @@
 - name: Include deployment type vars
  include_vars: "{{ deployment_type }}.yml"

+- name: Create Database if External Database not selected
+  k8s:
+    apply: yes
+    definition: "{{ lookup('template', 'tower_postgres.yaml.j2') }}"
+  register: k8s_postgres_result
+  when: not external_database | default(False) | bool
+
+- name: Read Database Configuration
+  k8s_info:
+    kind: Secret
+    namespace: '{{ meta.namespace }}'
+    name: '{{ meta.name }}-postgres-configuration'
+  register: postgres_configuration
+
+- name: Store Database Configuration
+  set_fact:
+    awx_postgres_user: "{{ postgres_configuration['resources'][0]['data']['username'] | b64decode }}"
+    awx_postgres_pass: "{{ postgres_configuration['resources'][0]['data']['password'] | b64decode }}"
+    awx_postgres_database: "{{ postgres_configuration['resources'][0]['data']['database'] | b64decode }}"
+    awx_postgres_port: "{{ postgres_configuration['resources'][0]['data']['port'] | b64decode }}"
+    awx_postgres_host: "{{ postgres_configuration['resources'][0]['data']['host'] | b64decode }}"
+
 - name: Ensure configured AWX resources exist in the cluster.
  k8s:
    apply: yes
    definition: "{{ lookup('template', item) | from_yaml_all | list }}"
  register: k8s_defs_result
  with_items:
-    - tower_postgres.yaml.j2
    - tower_config.yaml.j2
    - launch_awx.yaml.j2
    - supervisor.yaml.j2
@@ -54,17 +75,3 @@
  when: (k8s_defs_result is changed) or (database_check is defined and database_check.rc != 0)

 - include_tasks: initialize.yml
-
- name: Scale the awx deployment to 0 replicas after migration.
-  k8s:
-    definition: "{{ lookup('template', 'tower.yaml.j2') | from_yaml_all | list }}"
-  vars:
-    tower_replicas: "0"
-  when: migrate_result and migrate_result.changed
-
- name: Scale the awx deployment back to 1 replica after migration.
-  k8s:
-    definition: "{{ lookup('template', 'tower.yaml.j2') | from_yaml_all | list }}"
-  vars:
-    tower_replicas: "1"
-  when: migrate_result and migrate_result.changed
--- a/roles/awx/templates/credentials.py.j2
+++ b/roles/awx/templates/credentials.py.j2
@@ -2,11 +2,11 @@ DATABASES = {
    'default': {
        'ATOMIC_REQUESTS': True,
        'ENGINE': 'awx.main.db.profiled_pg',
-        'NAME': "awx",
-        'USER': "awx",
-        'PASSWORD': "{{ tower_postgres_pass }}",
-        'HOST': '{{ meta.name }}-postgres',
-        'PORT': "{{ tower_postgres_port }}",
+        'NAME': "{{ awx_postgres_database }}",
+        'USER': "{{ awx_postgres_user }}",
+        'PASSWORD': "{{ awx_postgres_pass }}",
+        'HOST': '{{ awx_postgres_host }}',
+        'PORT': "{{ awx_postgres_port }}",
        'OPTIONS': { 'sslmode': '{{ pg_sslmode|default("prefer") }}',
                     'sslrootcert': '{{ ca_trust_bundle }}',
        },
--- a/roles/awx/templates/environment.sh.j2
+++ b/roles/awx/templates/environment.sh.j2
@@ -1,5 +1,5 @@
-DATABASE_USER=awx
-DATABASE_NAME=awx
-DATABASE_HOST={{ meta.name }}-postgres
-DATABASE_PORT={{ tower_postgres_port }}
-DATABASE_PASSWORD={{ tower_postgres_pass }}
+DATABASE_USER={{ awx_postgres_user }}
+DATABASE_NAME={{ awx_postgres_database }}
+DATABASE_HOST={{ awx_postgres_host }}
+DATABASE_PORT={{ awx_postgres_port }}
+DATABASE_PASSWORD={{ awx_postgres_pass }}
--- a/roles/awx/templates/tower_postgres.yaml.j2
+++ b/roles/awx/templates/tower_postgres.yaml.j2
@@ -3,10 +3,15 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: '{{ meta.name }}-postgres-pass'
+  name: '{{ meta.name }}-postgres-configuration'
  namespace: '{{ meta.namespace }}'
-data:
-  password: '{{ tower_postgres_pass | b64encode }}'
+stringData:
+  password: '{{ lookup('password', 'p' + meta.name + 'pg length=32 chars=ascii_letters,digits') }}'
+  username: 'awx'
+  database: 'awx'
+  port: '5432'
+  host: {{ meta.name }}-postgres
+

 # Postgres StatefulSet.
 ---
@@ -35,18 +40,24 @@ spec:
          name: postgres
          env:
            - name: POSTGRES_DB
-              value: awx
+              valueFrom:
+                secretKeyRef:
+                  name: '{{ meta.name }}-postgres-configuration'
+                  key: database
            - name: POSTGRES_USER
-              value: awx
+              valueFrom:
+                secretKeyRef:
+                  name: '{{ meta.name }}-postgres-configuration'
+                  key: username
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: '{{ meta.name }}-postgres-pass'
+                  name: '{{ meta.name }}-postgres-configuration'
                  key: password
            - name: PGDATA
              value: '{{ tower_postgres_data_path }}'
          ports:
-            - containerPort: 3306
+            - containerPort: 5432
              name: postgres
          volumeMounts:
            - name: postgres