mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-27 05:43:11 +00:00
108 lines
3.8 KiB
YAML
108 lines
3.8 KiB
YAML
---
|
|
|
|
- name: Get PostgreSQL configuration
|
|
k8s_info:
|
|
kind: Secret
|
|
namespace: '{{ ansible_operator_meta.namespace }}'
|
|
name: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}"
|
|
register: pg_config
|
|
no_log: true
|
|
|
|
- name: Fail if postgres configuration secret status does not exist
|
|
fail:
|
|
msg: "The postgresConfigurationSecret status is not set on the AWX object yet or the secret has been deleted."
|
|
when: not pg_config | default([]) | length
|
|
|
|
- name: Store Database Configuration
|
|
set_fact:
|
|
awx_postgres_user: "{{ pg_config['resources'][0]['data']['username'] | b64decode }}"
|
|
awx_postgres_pass: "{{ pg_config['resources'][0]['data']['password'] | b64decode }}"
|
|
awx_postgres_database: "{{ pg_config['resources'][0]['data']['database'] | b64decode }}"
|
|
awx_postgres_port: "{{ pg_config['resources'][0]['data']['port'] | b64decode }}"
|
|
awx_postgres_host: "{{ pg_config['resources'][0]['data']['host'] | b64decode }}"
|
|
awx_postgres_type: "{{ pg_config['resources'][0]['data']['type'] | default('unmanaged'|b64encode) | b64decode }}"
|
|
no_log: true
|
|
|
|
- block:
|
|
- name: Delete pod to reload a resource configuration
|
|
set_fact:
|
|
postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ deployment_name }}"
|
|
when: postgres_label_selector is not defined
|
|
|
|
- name: Get the postgres pod information
|
|
k8s_info:
|
|
kind: Pod
|
|
namespace: '{{ ansible_operator_meta.namespace }}'
|
|
label_selectors:
|
|
- "{{ postgres_label_selector }}"
|
|
register: postgres_pod
|
|
until:
|
|
- "postgres_pod['resources'] | length"
|
|
- "postgres_pod['resources'][0]['status']['phase'] == 'Running'"
|
|
delay: 5
|
|
retries: 60
|
|
|
|
- name: Set the resource pod name as a variable.
|
|
set_fact:
|
|
postgres_pod_name: "{{ postgres_pod['resources'][0]['metadata']['name'] }}"
|
|
when: awx_postgres_type == 'managed'
|
|
|
|
- name: Determine the timestamp for the backup once for all nodes
|
|
set_fact:
|
|
now: '{{ lookup("pipe", "date +%F-%T") }}'
|
|
|
|
- name: Set backup directory name
|
|
set_fact:
|
|
backup_dir: "/backups/tower-openshift-backup-{{ now }}"
|
|
|
|
- name: Create directory for backup
|
|
k8s_exec:
|
|
namespace: "{{ backup_pvc_namespace }}"
|
|
pod: "{{ ansible_operator_meta.name }}-db-management"
|
|
command: >-
|
|
mkdir -p {{ backup_dir }}
|
|
|
|
- name: Precreate file for database dump
|
|
k8s_exec:
|
|
namespace: "{{ backup_pvc_namespace }}"
|
|
pod: "{{ ansible_operator_meta.name }}-db-management"
|
|
command: >-
|
|
touch {{ backup_dir }}/tower.db
|
|
|
|
- name: Set permissions on file for database dump
|
|
k8s_exec:
|
|
namespace: "{{ backup_pvc_namespace }}"
|
|
pod: "{{ ansible_operator_meta.name }}-db-management"
|
|
command: >-
|
|
bash -c "chmod 0600 {{ backup_dir }}/tower.db && chown postgres:root {{ backup_dir }}/tower.db"
|
|
|
|
- name: Set full resolvable host name for postgres pod
|
|
set_fact:
|
|
resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # yamllint disable-line rule:line-length
|
|
no_log: true
|
|
|
|
- name: Set pg_dump command
|
|
set_fact:
|
|
pgdump: >-
|
|
pg_dump --clean --create
|
|
-h {{ resolvable_db_host }}
|
|
-U {{ awx_postgres_user }}
|
|
-d {{ awx_postgres_database }}
|
|
-p {{ awx_postgres_port }}
|
|
-F custom
|
|
no_log: true
|
|
|
|
- name: Write pg_dump to backup on PVC
|
|
k8s_exec:
|
|
namespace: "{{ backup_pvc_namespace }}"
|
|
pod: "{{ ansible_operator_meta.name }}-db-management"
|
|
command: |
|
|
bash -c """
|
|
set -e -o pipefail
|
|
PGPASSWORD='{{ awx_postgres_pass }}' {{ pgdump }} > {{ backup_dir }}/tower.db
|
|
echo 'Successful'
|
|
"""
|
|
register: data_migration
|
|
no_log: true
|
|
failed_when: "'Successful' not in data_migration.stdout"
|