mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-26 21:33:14 +00:00
162 lines
5.3 KiB
YAML
162 lines
5.3 KiB
YAML
---
|
|
|
|
- name: Check for specified PostgreSQL configuration
|
|
k8s_info:
|
|
kind: Secret
|
|
namespace: '{{ meta.namespace }}'
|
|
name: '{{ tower_postgres_configuration_secret }}'
|
|
register: _custom_pg_config_resources
|
|
when: tower_postgres_configuration_secret | length
|
|
|
|
- name: Check for default PostgreSQL configuration
|
|
k8s_info:
|
|
kind: Secret
|
|
namespace: '{{ meta.namespace }}'
|
|
name: '{{ meta.name }}-postgres-configuration'
|
|
register: _default_pg_config_resources
|
|
|
|
- name: Set PostgreSQL configuration
|
|
set_fact:
|
|
pg_config: '{{ _custom_pg_config_resources["resources"] | default([]) | length | ternary(_custom_pg_config_resources, _default_pg_config_resources) }}'
|
|
|
|
- name: Store Database Configuration
|
|
set_fact:
|
|
awx_postgres_user: "{{ pg_config['resources'][0]['data']['username'] | b64decode }}"
|
|
awx_postgres_pass: "{{ pg_config['resources'][0]['data']['password'] | b64decode }}"
|
|
awx_postgres_database: "{{ pg_config['resources'][0]['data']['database'] | b64decode }}"
|
|
awx_postgres_port: "{{ pg_config['resources'][0]['data']['port'] | b64decode }}"
|
|
awx_postgres_host: "{{ pg_config['resources'][0]['data']['host'] | b64decode }}"
|
|
|
|
- name: Get the postgres pod information
|
|
k8s_info:
|
|
kind: Pod
|
|
namespace: '{{ meta.namespace }}'
|
|
label_selectors:
|
|
- "app={{ deployment_type }}-postgres"
|
|
register: postgres_pod
|
|
until: "postgres_pod['resources'][0]['status']['phase'] == 'Running'"
|
|
delay: 5
|
|
retries: 60
|
|
|
|
- name: Set the resource pod name as a variable.
|
|
set_fact:
|
|
postgres_pod_name: "{{ postgres_pod['resources'][0]['metadata']['name'] }}"
|
|
|
|
- name: Determine the timestamp for the backup once for all nodes
|
|
set_fact:
|
|
now: '{{ lookup("pipe", "date +%F-%T") }}'
|
|
|
|
|
|
# Check to make sure provided pvc exists, error loudly if not. Otherwise, the management pod will just stay in pending state forever.
|
|
- name: Check provided PVC exists
|
|
k8s_info:
|
|
name: "{{ tower_backup_pvc }}"
|
|
kind: PersistentVolumeClaim
|
|
namespace: "{{ meta.namespace }}"
|
|
register: provided_pvc
|
|
when:
|
|
- tower_backup_pvc != '' or tower_backup_pvc is defined
|
|
|
|
# or should we automatically create a PVC for them with this name if it doesn't exist?
|
|
- name: Fail early if pvc is defined but does not exist
|
|
fail:
|
|
msg: "{{ tower_backup_pvc }} does not exist, please create this pvc first."
|
|
when: provided_pvc.resources | length == 0
|
|
|
|
# If tower_backup_pvc is defined, use in management-pod.yml.j2
|
|
- name: Set default pvc name # to get around nested jinja2 vars
|
|
set_fact:
|
|
_default_backup_pvc: "{{ deployment_type }}-backup-pvc"
|
|
|
|
- name: Set PVC to use for backup
|
|
set_fact:
|
|
backup_pvc: "{{ tower_backup_pvc | default(_default_backup_pvc, true)}}"
|
|
|
|
# TODO: handle re-using existing pv and pvc, or make new onces with auto-generated name?
|
|
- block:
|
|
- name: Create PV for backup
|
|
community.kubernetes.k8s:
|
|
name: "{{ deployment_type }}-backup-pv"
|
|
kind: PersistentVolume
|
|
namespace: "{{ meta.namespace }}"
|
|
template: "backup_pv.yml.j2"
|
|
|
|
- name: Create PVC for backup
|
|
community.kubernetes.k8s:
|
|
name: "{{ deployment_type }}-backup-pvc"
|
|
kind: PersistentVolumeClaim
|
|
namespace: "{{ meta.namespace }}"
|
|
template: "backup_pvc.yml.j2"
|
|
when:
|
|
- tower_backup_pvc == '' or tower_backup_pvc is not defined
|
|
|
|
- name: Delete any existing management pod
|
|
community.kubernetes.k8s:
|
|
name: "{{ deployment_type }}-db-management"
|
|
kind: Deployment
|
|
namespace: "{{ meta.namespace }}"
|
|
state: absent
|
|
force: true
|
|
|
|
- name: Create management pod from templated deployment config
|
|
community.kubernetes.k8s:
|
|
name: "{{ deployment_type }}-db-management"
|
|
kind: Deployment
|
|
namespace: "{{ meta.namespace }}"
|
|
state: present
|
|
template: "management-pod.yml.j2"
|
|
wait: true
|
|
|
|
- name: Set backup directory name
|
|
set_fact:
|
|
_backup_dir: "/backups/tower-openshift-backup-{{ now }}"
|
|
|
|
- name: Create directory for backup
|
|
community.kubernetes.k8s_exec:
|
|
namespace: "{{ meta.namespace }}"
|
|
pod: "{{ deployment_type }}-db-management"
|
|
command: >-
|
|
mkdir -p {{ _backup_dir }}
|
|
|
|
- name: Precreate file for database dump
|
|
community.kubernetes.k8s_exec:
|
|
namespace: "{{ meta.namespace }}"
|
|
pod: "{{ deployment_type }}-db-management"
|
|
command: >-
|
|
touch {{ _backup_dir }}/tower.db
|
|
|
|
- name: Set permissions on file for database dump
|
|
community.kubernetes.k8s_exec:
|
|
namespace: "{{ meta.namespace }}"
|
|
pod: "{{ deployment_type }}-db-management"
|
|
command: >-
|
|
chmod 0600 {{ _backup_dir }}/tower.db
|
|
chown postgres:postgres {{ _backup_dir }}/tower.db
|
|
|
|
- name: Set pg_dump command
|
|
set_fact:
|
|
pgdump: >-
|
|
pg_dump --clean --create
|
|
-h {{ awx_postgres_host }}
|
|
-U {{ awx_postgres_user }}
|
|
-d {{ awx_postgres_database }}
|
|
-p {{ awx_postgres_port }}
|
|
|
|
- name: Write pg_dump to backup on PVC
|
|
community.kubernetes.k8s_exec:
|
|
namespace: "{{ meta.namespace }}"
|
|
pod: "{{ deployment_type }}-db-management"
|
|
command: >-
|
|
bash -c "PGPASSWORD={{ awx_postgres_pass }} {{ pgdump }} > {{ _backup_dir }}/tower.db"
|
|
register: data_migration
|
|
|
|
# Backup secret key and other secrets - look at trad tower backup pattern
|
|
|
|
- name: Delete any existing management pod
|
|
community.kubernetes.k8s:
|
|
name: "{{ deployment_type }}-db-management"
|
|
kind: Deployment
|
|
namespace: "{{ meta.namespace }}"
|
|
state: absent
|
|
force: true
|