From 99e5fa56e523a9716aae370dffe082452461f5bf Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Mon, 30 Sep 2024 14:35:15 +0200 Subject: [PATCH 1/9] drop helper_modules --- .ansible-lint | 1 - .../tasks => playbooks}/check_port.yml | 0 .../library/listen_port.py | 0 playbooks/prerun-network-checks.yml | 50 +++++++------------ 4 files changed, 18 insertions(+), 33 deletions(-) rename {roles/helper_modules/tasks => playbooks}/check_port.yml (100%) rename {roles/helper_modules => playbooks}/library/listen_port.py (100%) diff --git a/.ansible-lint b/.ansible-lint index 85a3f6f54..4d399f095 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -6,4 +6,3 @@ skip_list: - name[template] # Allow Jinja templating inside task and play names exclude_paths: - molecule/ - - roles/helper_module/ diff --git a/roles/helper_modules/tasks/check_port.yml b/playbooks/check_port.yml similarity index 100% rename from roles/helper_modules/tasks/check_port.yml rename to playbooks/check_port.yml diff --git a/roles/helper_modules/library/listen_port.py b/playbooks/library/listen_port.py similarity index 100% rename from roles/helper_modules/library/listen_port.py rename to playbooks/library/listen_port.py diff --git a/playbooks/prerun-network-checks.yml b/playbooks/prerun-network-checks.yml index 45ea85523..8d625e493 100644 --- a/playbooks/prerun-network-checks.yml +++ b/playbooks/prerun-network-checks.yml @@ -2,11 +2,9 @@ - name: Run preliminary network checks for repository hosts hosts: repository become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check db connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.database | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.database[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.postgres.sql }}" @@ -14,7 +12,7 @@ when: repo_db_url == "" - name: Check activemq connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" @@ -22,7 +20,7 @@ when: groups.activemq | default([]) | length > 0 - name: Check search connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.search | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.search[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.search.http }}" @@ -30,7 +28,7 @@ when: groups.search | default([]) | length > 0 - name: Check sync connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.syncservice | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.syncservice[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.sync.http }}" @@ -40,7 +38,7 @@ - acs.edition == "Enterprise" - name: Check sfs connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.sfs.http }}" @@ -48,7 +46,7 @@ when: acs.edition == "Enterprise" - name: Check trouter connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.transformers.trouter }}" @@ -56,7 +54,7 @@ when: acs.edition == "Enterprise" - name: Check tengine connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.transformers.tengine }}" @@ -65,11 +63,9 @@ - name: Run preliminary network checks for search hosts hosts: search become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check repo connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.repository.http }}" @@ -78,11 +74,9 @@ - name: Run preliminary network checks for transformers hosts hosts: transformers become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check activemq connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" @@ -92,11 +86,9 @@ - name: Run preliminary network checks for syncservice hosts hosts: syncservice become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check db connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.database | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.database[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.postgres.sql }}" @@ -104,14 +96,14 @@ when: repo_db_url == "" - name: Check repo connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" - name: Check activemq connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" @@ -121,11 +113,9 @@ - name: Run preliminary network checks for acc hosts hosts: acc become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check repo connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.repository.http }}" @@ -134,11 +124,9 @@ - name: Run preliminary network checks for adw hosts hosts: adw become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check repo connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.repository.http }}" @@ -147,18 +135,16 @@ - name: Run preliminary network checks for nginx hosts hosts: nginx become: true - roles: - - role: '../roles/helper_modules' tasks: - name: Check repo connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" - name: Check sync connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.syncservice | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.syncservice[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.sync.http }}" @@ -168,7 +154,7 @@ - acs.edition == "Enterprise" - name: Check acc connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.acc | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.acc[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.acc.http }}" @@ -178,7 +164,7 @@ - acs.edition == "Enterprise" - name: Check adw connection - ansible.builtin.include_tasks: "../roles/helper_modules/tasks/check_port.yml" + ansible.builtin.include_tasks: "check_port.yml" vars: checked_host: "{% if groups.adw | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.adw[0]].ansible_host | default('127.0.0.1') }}{% endif %}" checked_port: "{{ ports_cfg.adw.http }}" From a27129247d867d43d1ed27a27e557d66ec4dfac7 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Mon, 30 Sep 2024 15:37:47 +0200 Subject: [PATCH 2/9] refactor and test --- .github/workflows/enteprise.yml | 1 + molecule/prerun_network_checks/converge.yml | 3 + .../host_vars/instance.yml | 5 + molecule/prerun_network_checks/molecule.yml | 46 +++++++ playbooks/prerun-network-checks.yml | 113 +++++++++++------- playbooks/{ => tasks}/check_port.yml | 9 +- 6 files changed, 127 insertions(+), 50 deletions(-) create mode 100644 molecule/prerun_network_checks/converge.yml create mode 100644 molecule/prerun_network_checks/host_vars/instance.yml create mode 100644 molecule/prerun_network_checks/molecule.yml rename playbooks/{ => tasks}/check_port.yml (81%) diff --git a/.github/workflows/enteprise.yml b/.github/workflows/enteprise.yml index 6e65ad289..729958a13 100644 --- a/.github/workflows/enteprise.yml +++ b/.github/workflows/enteprise.yml @@ -115,6 +115,7 @@ jobs: - name: pki - name: elasticsearch - name: identity + - name: prerun_network_checks runner: - ubuntu-latest include: diff --git a/molecule/prerun_network_checks/converge.yml b/molecule/prerun_network_checks/converge.yml new file mode 100644 index 000000000..4c987f298 --- /dev/null +++ b/molecule/prerun_network_checks/converge.yml @@ -0,0 +1,3 @@ +--- +- name: Run the playbook + ansible.builtin.import_playbook: ../../playbooks/prerun-network-checks.yml diff --git a/molecule/prerun_network_checks/host_vars/instance.yml b/molecule/prerun_network_checks/host_vars/instance.yml new file mode 100644 index 000000000..382c265ee --- /dev/null +++ b/molecule/prerun_network_checks/host_vars/instance.yml @@ -0,0 +1,5 @@ +ansible_user: ansible +# BEGIN KNOWN_URLS VAR +known_urls: + - https://localhost/share/ +# END KNOWN_URLS VAR diff --git a/molecule/prerun_network_checks/molecule.yml b/molecule/prerun_network_checks/molecule.yml new file mode 100644 index 000000000..30df2ca9d --- /dev/null +++ b/molecule/prerun_network_checks/molecule.yml @@ -0,0 +1,46 @@ +--- +dependency: + name: galaxy +driver: + name: docker +platforms: + - name: instance + image: $MOLECULE_ROLE_IMAGE + dockerfile: ../../tests/molecule/Dockerfile-noprivs.j2 + command: "/lib/systemd/systemd" + privileged: true + tmpfs: + - /run + - /run/lock + - /tmp + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + groups: + - database + - activemq + - transformers + - search + - repository + - trusted_resource_consumers + - syncservice + - acc + - adw + - nginx + +provisioner: + name: ansible + config_options: + defaults: + pipelining: true + ansible_args: + - -e + - "@../../tests/test-ssl.yml" + inventory: + links: + group_vars: ../../group_vars + host_vars: host_vars + playbooks: + prepare: ../default/prepare.yml + verify: ../default/verify.yml +verifier: + name: ansible diff --git a/playbooks/prerun-network-checks.yml b/playbooks/prerun-network-checks.yml index 8d625e493..56cc16978 100644 --- a/playbooks/prerun-network-checks.yml +++ b/playbooks/prerun-network-checks.yml @@ -1,84 +1,96 @@ --- +# This playbook is used to run preliminary network checks for the hosts in the ACS deployment. +# the default('localhost') is only useful while testing on molecule - name: Run preliminary network checks for repository hosts hosts: repository become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check db connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.database | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.database[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.database[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.postgres.sql }}" delegate_target: "{{ groups.database | first }}" - when: repo_db_url == "" + when: repo_db_url == "" and groups.database | default([]) | length > 0 - name: Check activemq connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 - name: Check search connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.search | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.search[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.search[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.search.http }}" delegate_target: "{{ groups.search | first }}" when: groups.search | default([]) | length > 0 - name: Check sync connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.syncservice | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.syncservice[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.syncservice[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.sync.http }}" delegate_target: "{{ groups.syncservice | first }}" when: - groups.syncservice | default([]) | length > 0 - - acs.edition == "Enterprise" - name: Check sfs connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.sfs.http }}" delegate_target: "{{ groups.transformers | first }}" - when: acs.edition == "Enterprise" + when: acs.edition == "Enterprise" and groups.transformers | default([]) | length > 0 - name: Check trouter connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.transformers.trouter }}" delegate_target: "{{ groups.transformers | first }}" - when: acs.edition == "Enterprise" + when: acs.edition == "Enterprise" and groups.transformers | default([]) | length > 0 - name: Check tengine connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.transformers | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.transformers[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.transformers.tengine }}" delegate_target: "{{ groups.transformers | first }}" + when: groups.transformers | default([]) | length > 0 - name: Run preliminary network checks for search hosts hosts: search become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check repo connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" + when: groups.repository | default([]) | length > 0 - name: Run preliminary network checks for transformers hosts hosts: transformers become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check activemq connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 @@ -87,25 +99,29 @@ hosts: syncservice become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check db connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.database | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.database[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.database[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.postgres.sql }}" delegate_target: "{{ groups.database | first }}" - when: repo_db_url == "" + when: repo_db_url == "" and groups.database | default([]) | length > 0 - name: Check repo connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" + when: groups.repository | default([]) | length > 0 - name: Check activemq connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.activemq | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.activemq[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 @@ -114,61 +130,70 @@ hosts: acc become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check repo connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" + when: groups.repository | default([]) | length > 0 - name: Run preliminary network checks for adw hosts hosts: adw become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check repo connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" + when: groups.repository | default([]) | length > 0 - name: Run preliminary network checks for nginx hosts hosts: nginx become: true tasks: + - name: Include common defaults + ansible.builtin.include_vars: ../roles/common/defaults/main.yml + - name: Check repo connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.repository | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.repository[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" + when: groups.repository | default([]) | length > 0 - name: Check sync connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.syncservice | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.syncservice[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.syncservice[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.sync.http }}" delegate_target: "{{ groups.syncservice | first }}" when: - groups.syncservice | default([]) | length > 0 - - acs.edition == "Enterprise" - name: Check acc connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.acc | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.acc[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.acc[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.acc.http }}" delegate_target: "{{ groups.acc | first }}" when: - groups.acc | default([]) | length > 0 - - acs.edition == "Enterprise" - name: Check adw connection - ansible.builtin.include_tasks: "check_port.yml" + ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{% if groups.adw | length == 0 %}127.0.0.1{% else %}{{ hostvars[groups.adw[0]].ansible_host | default('127.0.0.1') }}{% endif %}" + checked_host: "{{ hostvars[groups.adw[0]].ansible_host | default('localhost') }}" checked_port: "{{ ports_cfg.adw.http }}" delegate_target: "{{ groups.adw | first }}" when: - groups.adw | default([]) | length > 0 - - acs.edition == "Enterprise" diff --git a/playbooks/check_port.yml b/playbooks/tasks/check_port.yml similarity index 81% rename from playbooks/check_port.yml rename to playbooks/tasks/check_port.yml index 7d3509a4d..35bfd3866 100644 --- a/playbooks/check_port.yml +++ b/playbooks/tasks/check_port.yml @@ -1,8 +1,5 @@ - - name: Include common defaults - ansible.builtin.include_vars: ../../common/defaults/main.yml - - - name: Check connectivity - block: +- name: Check connectivity + block: # This task needs to be retried in case a previous iteration still listens (default retry of 3 is fine as it aligns with async 10 of listen tasks) - name: Check if {{ checked_port }} already open on {{ delegate_target }} register: r_connect @@ -21,7 +18,7 @@ delegate_to: "{{ delegate_target }}" async: 10 poll: 0 - - name: Verify if {{ inventory_hostname }} can reach {{ delegate_target }}:{{ checked_port }} + - name: Verify if {{ delegate_target }} is reachable to {{ checked_host }}:{{ checked_port }} ansible.builtin.wait_for: host: "{{ checked_host }}" port: "{{ checked_port }}" From b26d2447d25ccd47039c9501fdcb8189b15b44e4 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Mon, 30 Sep 2024 15:54:56 +0200 Subject: [PATCH 3/9] workaround for idempotency tests --- playbooks/tasks/check_port.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/playbooks/tasks/check_port.yml b/playbooks/tasks/check_port.yml index 35bfd3866..8e11db98b 100644 --- a/playbooks/tasks/check_port.yml +++ b/playbooks/tasks/check_port.yml @@ -26,3 +26,5 @@ delay: 0 timeout: 5 msg: Port {{ checked_port }} on the {{ delegate_target }}/{{ checked_host }} machine cannot be reached, please check your firewall! + tags: + - molecule-idempotence-notest From b4cdd1294a68075ca219af0d155a03453c94b590 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 1 Oct 2024 11:02:45 +0200 Subject: [PATCH 4/9] use common hosts --- playbooks/prerun-network-checks.yml | 37 ++++++++++++++--------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/playbooks/prerun-network-checks.yml b/playbooks/prerun-network-checks.yml index 56cc16978..aa4530942 100644 --- a/playbooks/prerun-network-checks.yml +++ b/playbooks/prerun-network-checks.yml @@ -1,6 +1,5 @@ --- # This playbook is used to run preliminary network checks for the hosts in the ACS deployment. -# the default('localhost') is only useful while testing on molecule - name: Run preliminary network checks for repository hosts hosts: repository become: true @@ -11,7 +10,7 @@ - name: Check db connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.database[0]].ansible_host | default('localhost') }}" + checked_host: "{{ db_host }}" checked_port: "{{ ports_cfg.postgres.sql }}" delegate_target: "{{ groups.database | first }}" when: repo_db_url == "" and groups.database | default([]) | length > 0 @@ -19,7 +18,7 @@ - name: Check activemq connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" + checked_host: "{{ activemq_host }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 @@ -27,7 +26,7 @@ - name: Check search connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.search[0]].ansible_host | default('localhost') }}" + checked_host: "{{ solr_host }}" checked_port: "{{ ports_cfg.search.http }}" delegate_target: "{{ groups.search | first }}" when: groups.search | default([]) | length > 0 @@ -35,7 +34,7 @@ - name: Check sync connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.syncservice[0]].ansible_host | default('localhost') }}" + checked_host: "{{ sync_host }}" checked_port: "{{ ports_cfg.sync.http }}" delegate_target: "{{ groups.syncservice | first }}" when: @@ -44,7 +43,7 @@ - name: Check sfs connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" + checked_host: "{{ sfs_host }}" checked_port: "{{ ports_cfg.sfs.http }}" delegate_target: "{{ groups.transformers | first }}" when: acs.edition == "Enterprise" and groups.transformers | default([]) | length > 0 @@ -52,7 +51,7 @@ - name: Check trouter connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" + checked_host: "{{ trouter_host }}" checked_port: "{{ ports_cfg.transformers.trouter }}" delegate_target: "{{ groups.transformers | first }}" when: acs.edition == "Enterprise" and groups.transformers | default([]) | length > 0 @@ -60,7 +59,7 @@ - name: Check tengine connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.transformers[0]].ansible_host | default('localhost') }}" + checked_host: "{{ ats_tengine_aio_host }}" checked_port: "{{ ports_cfg.transformers.tengine }}" delegate_target: "{{ groups.transformers | first }}" when: groups.transformers | default([]) | length > 0 @@ -75,7 +74,7 @@ - name: Check repo connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" + checked_host: "{{ repo_host }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" when: groups.repository | default([]) | length > 0 @@ -90,7 +89,7 @@ - name: Check activemq connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" + checked_host: "{{ activemq_host }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 @@ -105,7 +104,7 @@ - name: Check db connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.database[0]].ansible_host | default('localhost') }}" + checked_host: "{{ db_host }}" checked_port: "{{ ports_cfg.postgres.sql }}" delegate_target: "{{ groups.database | first }}" when: repo_db_url == "" and groups.database | default([]) | length > 0 @@ -113,7 +112,7 @@ - name: Check repo connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" + checked_host: "{{ repo_host }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" when: groups.repository | default([]) | length > 0 @@ -121,7 +120,7 @@ - name: Check activemq connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.activemq[0]].ansible_host | default('localhost') }}" + checked_host: "{{ activemq_host }}" checked_port: "{{ ports_cfg.activemq[activemq_protocol] }}" delegate_target: "{{ groups.activemq | first }}" when: groups.activemq | default([]) | length > 0 @@ -136,7 +135,7 @@ - name: Check repo connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" + checked_host: "{{ repo_host }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" when: groups.repository | default([]) | length > 0 @@ -151,7 +150,7 @@ - name: Check repo connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" + checked_host: "{{ repo_host }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" when: groups.repository | default([]) | length > 0 @@ -166,7 +165,7 @@ - name: Check repo connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.repository[0]].ansible_host | default('localhost') }}" + checked_host: "{{ repo_host }}" checked_port: "{{ ports_cfg.repository.http }}" delegate_target: "{{ groups.repository | first }}" when: groups.repository | default([]) | length > 0 @@ -174,7 +173,7 @@ - name: Check sync connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.syncservice[0]].ansible_host | default('localhost') }}" + checked_host: "{{ sync_host }}" checked_port: "{{ ports_cfg.sync.http }}" delegate_target: "{{ groups.syncservice | first }}" when: @@ -183,7 +182,7 @@ - name: Check acc connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.acc[0]].ansible_host | default('localhost') }}" + checked_host: "{{ acc_host }}" checked_port: "{{ ports_cfg.acc.http }}" delegate_target: "{{ groups.acc | first }}" when: @@ -192,7 +191,7 @@ - name: Check adw connection ansible.builtin.include_tasks: "tasks/check_port.yml" vars: - checked_host: "{{ hostvars[groups.adw[0]].ansible_host | default('localhost') }}" + checked_host: "{{ adw_host }}" checked_port: "{{ ports_cfg.adw.http }}" delegate_target: "{{ groups.adw | first }}" when: From 6cc68b07c04388426af6b698252ee53e73d5f68f Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 1 Oct 2024 11:20:28 +0200 Subject: [PATCH 5/9] disable additional tests in the new suite --- molecule/prerun_network_checks/molecule.yml | 3 --- molecule/prerun_network_checks/prepare.yml | 10 ++++++++++ 2 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 molecule/prerun_network_checks/prepare.yml diff --git a/molecule/prerun_network_checks/molecule.yml b/molecule/prerun_network_checks/molecule.yml index 30df2ca9d..a17ebf701 100644 --- a/molecule/prerun_network_checks/molecule.yml +++ b/molecule/prerun_network_checks/molecule.yml @@ -39,8 +39,5 @@ provisioner: links: group_vars: ../../group_vars host_vars: host_vars - playbooks: - prepare: ../default/prepare.yml - verify: ../default/verify.yml verifier: name: ansible diff --git a/molecule/prerun_network_checks/prepare.yml b/molecule/prerun_network_checks/prepare.yml new file mode 100644 index 000000000..f19e1f23f --- /dev/null +++ b/molecule/prerun_network_checks/prepare.yml @@ -0,0 +1,10 @@ +--- +- name: Prepare remote hosts + hosts: all + gather_facts: false + tasks: + - name: Make sure python3 is installed + package: + name: python3 + state: present + become: true From 566e250c308e46cbb06350e1338c35a737d0faa9 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 1 Oct 2024 11:21:32 +0200 Subject: [PATCH 6/9] fix linter --- playbooks/tasks/check_port.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/tasks/check_port.yml b/playbooks/tasks/check_port.yml index 8e11db98b..a5ae24430 100644 --- a/playbooks/tasks/check_port.yml +++ b/playbooks/tasks/check_port.yml @@ -1,4 +1,6 @@ - name: Check connectivity + tags: + - molecule-idempotence-notest block: # This task needs to be retried in case a previous iteration still listens (default retry of 3 is fine as it aligns with async 10 of listen tasks) - name: Check if {{ checked_port }} already open on {{ delegate_target }} @@ -26,5 +28,3 @@ delay: 0 timeout: 5 msg: Port {{ checked_port }} on the {{ delegate_target }}/{{ checked_host }} machine cannot be reached, please check your firewall! - tags: - - molecule-idempotence-notest From 6bb19dd2082a625ef244708efcbc1090bae021f1 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 1 Oct 2024 14:49:06 +0200 Subject: [PATCH 7/9] run prerun-network-checks in multimachine scenario --- molecule/multimachine/converge.yml | 4 ++++ molecule/multimachine/molecule.yml | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 molecule/multimachine/converge.yml diff --git a/molecule/multimachine/converge.yml b/molecule/multimachine/converge.yml new file mode 100644 index 000000000..9cac0d72a --- /dev/null +++ b/molecule/multimachine/converge.yml @@ -0,0 +1,4 @@ +- name: Import the prerun-network-checks playbook + ansible.builtin.import_playbook: ../../playbooks/prerun-network-checks.yml +- name: Import the acs playbook + ansible.builtin.import_playbook: ../../playbooks/acs.yml diff --git a/molecule/multimachine/molecule.yml b/molecule/multimachine/molecule.yml index 4f928b384..3d27925ef 100644 --- a/molecule/multimachine/molecule.yml +++ b/molecule/multimachine/molecule.yml @@ -146,6 +146,5 @@ provisioner: hosts: ./hosts.yml playbooks: create: ../default/create.yml - converge: ../../playbooks/acs.yml destroy: ../default/destroy.yml verify: ../default/verify.yml From f7be59dd5c895e21be99715cdf8a8040f9a55ca6 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Tue, 1 Oct 2024 15:57:35 +0200 Subject: [PATCH 8/9] fixup facts gathering? --- playbooks/prerun-network-checks.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/playbooks/prerun-network-checks.yml b/playbooks/prerun-network-checks.yml index aa4530942..068f7351c 100644 --- a/playbooks/prerun-network-checks.yml +++ b/playbooks/prerun-network-checks.yml @@ -1,8 +1,16 @@ --- # This playbook is used to run preliminary network checks for the hosts in the ACS deployment. +- name: Gather facts on all the hosts + hosts: all:!external + gather_facts: false + tasks: + - name: Gather facts + ansible.builtin.setup: + gather_subset: all_ipv4_addresses - name: Run preliminary network checks for repository hosts hosts: repository become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -67,6 +75,7 @@ - name: Run preliminary network checks for search hosts hosts: search become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -82,6 +91,7 @@ - name: Run preliminary network checks for transformers hosts hosts: transformers become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -97,6 +107,7 @@ - name: Run preliminary network checks for syncservice hosts hosts: syncservice become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -128,6 +139,7 @@ - name: Run preliminary network checks for acc hosts hosts: acc become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -143,6 +155,7 @@ - name: Run preliminary network checks for adw hosts hosts: adw become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml @@ -158,6 +171,7 @@ - name: Run preliminary network checks for nginx hosts hosts: nginx become: true + gather_facts: false tasks: - name: Include common defaults ansible.builtin.include_vars: ../roles/common/defaults/main.yml From 5273f5d5c7d06223a09253573c16202ff8cc4932 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo <71768+gionn@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:26:18 +0200 Subject: [PATCH 9/9] cleanup --- molecule/prerun_network_checks/host_vars/instance.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/molecule/prerun_network_checks/host_vars/instance.yml b/molecule/prerun_network_checks/host_vars/instance.yml index 382c265ee..146ddd8e0 100644 --- a/molecule/prerun_network_checks/host_vars/instance.yml +++ b/molecule/prerun_network_checks/host_vars/instance.yml @@ -1,5 +1 @@ ansible_user: ansible -# BEGIN KNOWN_URLS VAR -known_urls: - - https://localhost/share/ -# END KNOWN_URLS VAR