From cf83aa45922e6bac33b318969eabc4b4e395df3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Xavi=20Lle=C3=B3=20Tom=C3=A1s?= Date: Fri, 11 Apr 2025 13:42:01 +0200 Subject: [PATCH 1/4] maxscale: refs #8822 - refactor some minnor things --- roles/maxscale/templates/keepalived.conf.j2 | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/maxscale/templates/keepalived.conf.j2 b/roles/maxscale/templates/keepalived.conf.j2 index ed9a5e9..38dd78e 100644 --- a/roles/maxscale/templates/keepalived.conf.j2 +++ b/roles/maxscale/templates/keepalived.conf.j2 @@ -16,23 +16,22 @@ vrrp_script check_maxscale { vrrp_instance {{ vip.name }} { interface {{ k.interface }} state BACKUP - priority {{ k.priorities.master if vip.host == inventory_hostname_short else k.priorities.backup }} + priority {{ k.priorities.master if vip.host == inventory_hostname else k.priorities.backup }} virtual_router_id {{ vip.vrid }} advert_int 1 accept - unicast_src_ip {{ ansible_host }} + unicast_src_ip {{ ansible_default_ipv4.address }} unicast_peer { -{% for peer in k.peers if peer.host != inventory_hostname %} +{% for peer in k.peers %} +{% if peer.host != inventory_hostname %} {{ peer.ip }} +{% endif %} {% endfor %} } - - virtual_ipaddress { {{ vip.vip }} } - track_script { check_maxscale } -- 2.40.1 From aba3c08676a28881d5e50baf406b3f9e37dd4e02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Xavi=20Lle=C3=B3=20Tom=C3=A1s?= Date: Tue, 15 Apr 2025 11:10:55 +0200 Subject: [PATCH 2/4] maxscale: refs #8822 - add 23.08.5 deb version install --- roles/maxscale/tasks/maxscale.yml | 36 ++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/roles/maxscale/tasks/maxscale.yml b/roles/maxscale/tasks/maxscale.yml index 01f044b..5e3c021 100644 --- a/roles/maxscale/tasks/maxscale.yml +++ b/roles/maxscale/tasks/maxscale.yml @@ -1,3 +1,7 @@ +- name: Set installation method for MaxScale + set_fact: + maxscale_use_deb: "{{ db.maxscale == '23.08.5' }}" + maxscale_use_repo: "{{ db.maxscale != '23.08.5' }}" - name: Ensure required packages for MaxScale are installed apt: name: keepalived @@ -16,6 +20,24 @@ cmd: "/bin/bash /tmp/mariadb_repo_setup --mariadb-server-version={{ db.version | default('10.11.10') }} --mariadb-maxscale-version={{ db.maxscale | default('23.08.9') }}" creates: "/etc/apt/sources.list.d/mariadb.list" when: mariadb_repo_script.changed +- name: Install maxscale via apt + apt: + name: maxscale + state: present + install_recommends: no + update_cache: true + when: maxscale_use_repo +- name: Download MaxScale 23.08.5 .deb package + get_url: + url: "https://dlm.mariadb.com/3773315/MaxScale/23.08.5/packages/debian/bookworm/x86_64/maxscale-23.08.5-1.debian.bookworm.x86_64.deb" + dest: "/tmp/maxscale-23.08.5.deb" + mode: '0644' + when: maxscale_use_deb + register: maxscale_manual_deb_tmp +- name: Install MaxScale .deb packages manually + apt: + deb: "/tmp/maxscale-23.08.5.deb" + when: maxscale_manual_deb_tmp - name: Ensure systemd override directory exists file: path: /etc/systemd/system/maxscale.service.d @@ -23,12 +45,6 @@ owner: root group: root mode: 'u=rwx,g=rx,o=rx' -- name: Install maxscale - apt: - name: maxscale - state: present - install_recommends: no - update_cache: true - name: Ensure /etc/ssl/private has correct permissions and ownership file: path: /etc/ssl/private @@ -37,7 +53,7 @@ group: maxscale mode: "u=rwx,g=rx,o=" - name: Deploy templated configuration files - ansible.builtin.template: + template: src: "{{ item.src }}" dest: "{{ item.dest }}" owner: "{{ item.owner | default('root') }}" @@ -59,9 +75,3 @@ loop: "{{ certificates }}" notify: - restart-maxscale - - - - - - -- 2.40.1 From 971e91b127c9eddce5cd7766dcaab6e2432f0a21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Xavi=20Lle=C3=B3=20Tom=C3=A1s?= Date: Tue, 15 Apr 2025 13:01:30 +0200 Subject: [PATCH 3/4] minnor change --- roles/maxscale/tasks/maxscale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/maxscale/tasks/maxscale.yml b/roles/maxscale/tasks/maxscale.yml index 5e3c021..1461b79 100644 --- a/roles/maxscale/tasks/maxscale.yml +++ b/roles/maxscale/tasks/maxscale.yml @@ -37,7 +37,7 @@ - name: Install MaxScale .deb packages manually apt: deb: "/tmp/maxscale-23.08.5.deb" - when: maxscale_manual_deb_tmp + when: maxscale_manual_deb_tmp.changed - name: Ensure systemd override directory exists file: path: /etc/systemd/system/maxscale.service.d -- 2.40.1 From 78aacdff8ab9f4ca9adcc0d230eabb1bbeb8b9df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Xavi=20Lle=C3=B3=20Tom=C3=A1s?= Date: Wed, 16 Apr 2025 11:48:59 +0200 Subject: [PATCH 4/4] maxscale: refs #8822 - add enviorament template for test and pro --- roles/maxscale/defaults/main.yaml | 2 +- roles/maxscale/tasks/maxscale.yml | 4 + roles/maxscale/templates/test-maxscale.cnf.j2 | 90 +++++++++++++++++++ 3 files changed, 95 insertions(+), 1 deletion(-) create mode 100644 roles/maxscale/templates/test-maxscale.cnf.j2 diff --git a/roles/maxscale/defaults/main.yaml b/roles/maxscale/defaults/main.yaml index dd63441..4262b4f 100644 --- a/roles/maxscale/defaults/main.yaml +++ b/roles/maxscale/defaults/main.yaml @@ -9,7 +9,7 @@ certificates: - { content: '{{ maxscale_config.db_ca_pem }}', dest: '/etc/ssl/private/db-ca.pem', owner: 'root', group: 'maxscale', mode: 'u=rw,g=r,o=' } - { content: '{{ maxscale_config.db_key }}', dest: '/etc/ssl/private/db-key.pem', owner: 'root', group: 'maxscale', mode: 'u=rw,g=r,o=' } maxscale_templates: - - { src: 'maxscale.cnf.j2', dest: '/etc/maxscale.cnf' } + - { src: "{{ maxscale_template_file }}", dest: '/etc/maxscale.cnf' } - { src: 'keepalived.conf.j2', dest: '/etc/keepalived/keepalived.conf' } - { src: 'override.conf.j2', dest: '/etc/systemd/system/maxscale.service.d/override.conf' } - { src: '.secrets', dest: '/var/lib/maxscale/.secrets', owner: 'maxscale', group: 'maxscale', mode: 'u=r,g=,o=' } \ No newline at end of file diff --git a/roles/maxscale/tasks/maxscale.yml b/roles/maxscale/tasks/maxscale.yml index 1461b79..daec952 100644 --- a/roles/maxscale/tasks/maxscale.yml +++ b/roles/maxscale/tasks/maxscale.yml @@ -52,6 +52,10 @@ owner: root group: maxscale mode: "u=rwx,g=rx,o=" +- name: Select MaxScale template according to host + set_fact: + maxscale_template_file: >- + {{ 'test-maxscale.cnf.j2' if inventory_hostname.startswith('test') else 'maxscale.cnf.j2' }} - name: Deploy templated configuration files template: src: "{{ item.src }}" diff --git a/roles/maxscale/templates/test-maxscale.cnf.j2 b/roles/maxscale/templates/test-maxscale.cnf.j2 new file mode 100644 index 0000000..7f6d115 --- /dev/null +++ b/roles/maxscale/templates/test-maxscale.cnf.j2 @@ -0,0 +1,90 @@ +# MaxScale documentation: +# https://mariadb.com/kb/en/mariadb-maxscale-2208/ +# https://mariadb.com/kb/en/mariadb-maxscale-2208-mariadb-maxscale-configuration-guide/ + +[maxscale] +threads=auto +admin_host=0.0.0.0 +admin_port=443 +admin_ssl_cert={{ maxscale_config.admin_cert_path }} +admin_ssl_key={{ maxscale_config.admin_key_path }} +syslog=false +log_warning=false +logdir=/var/log/maxscale/ +query_classifier_cache_size=250M +config_sync_cluster={{ maxscale_config.config_sync_cluster }} +config_sync_user={{ maxscale_config.config_sync_user }} +config_sync_password={{ lookup(passbolt, 'maxscale_config.config_sync_password', folder_parent_id=passbolt_folder).password }} + +{% for server in maxscale_config.db_servers %} +[{{ server.name }}] +type=server +address={{ server.address }} +port=3307 +protocol=MariaDBBackend +{% endfor %} + +[MariaDB-Test-Monitor] +type=monitor +module=mariadbmon +servers={{ maxscale_config.db_servers | map(attribute='name') | join(',') }} +user={{ maxscale_config.monitor_user }} +password={{ lookup(passbolt, 'maxscale_config.monitor_password', folder_parent_id=passbolt_folder).password }} +monitor_interval=2s +replication_user={{ maxscale_config.repl_user }} +replication_password={{ lookup(passbolt, 'maxscale_config.repl_password', folder_parent_id=passbolt_folder).password }} +switchover_timeout=1m +cooperative_monitoring_locks=majority_of_running + +[Read-Write-Service] +type=service +router=readwritesplit +servers=test-db1 +user={{ maxscale_config.rw_user }} +password={{ lookup(passbolt, 'maxscale_config.rw_password', folder_parent_id=passbolt_folder).password }} +master_accept_reads=true +strict_multi_stmt=true +strict_sp_calls=true +slave_connections=0 +max_slave_connections=0 +use_sql_variables_in=master + +[Read-Only-Service] +type=service +router=readconnroute +servers=test-db1 +user={{ maxscale_config.ro_user }} +password={{ lookup(passbolt, 'maxscale_config.ro_password', folder_parent_id=passbolt_folder).password }} +router_options=slave + +[Read-Write-Listener-SSL] +type=listener +service=Read-Write-Service +protocol=MariaDBClient +port=3306 +ssl=true +ssl_cert={{ maxscale_config.db_cert_path }} +ssl_key={{ maxscale_config.db_key_path }} +ssl_ca_cert={{ maxscale_config.db_ca_path }} + +[Read-Only-Listener-SSL] +type=listener +service=Read-Only-Service +protocol=MariaDBClient +port=3308 +ssl=true +ssl_cert={{ maxscale_config.db_cert_path }} +ssl_key={{ maxscale_config.db_key_path }} +ssl_ca_cert={{ maxscale_config.db_ca_path }} + +[Read-Write-Listener] +type=listener +service=Read-Write-Service +protocol=MariaDBClient +port=3307 + +[Read-Only-Listener] +type=listener +service=Read-Only-Service +protocol=MariaDBClient +port=3309 -- 2.40.1