From 4a78a8e10c0b978747bb7e19e6f686318212d4a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=B6rz=2C=20Friedrich?= Date: Thu, 8 Sep 2022 08:44:37 +0000 Subject: [PATCH] DEV-542: added LVM stuff to easily increase disk space via LVM --- group_vars/stage_prodnso/postgres.yml | 3 + roles/lvm_with_hetzner_volumes/tasks/main.yml | 80 +++++++++++++++++++ roles/postgres/defaults/main.yml | 4 + roles/postgres/tasks/base-requirements.yml | 8 ++ roles/postgres/tasks/main.yml | 9 +++ roles/selfsigned_ca/tasks/_create_cert.yml | 2 - 6 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 roles/lvm_with_hetzner_volumes/tasks/main.yml diff --git a/group_vars/stage_prodnso/postgres.yml b/group_vars/stage_prodnso/postgres.yml index a92131f..a3ccba5 100644 --- a/group_vars/stage_prodnso/postgres.yml +++ b/group_vars/stage_prodnso/postgres.yml @@ -2,3 +2,6 @@ postgres_backup_volume_count: 4 postgres_backup_volume_size: 20 + +postgres_pgdatadir_lvm_hcloudvol_size: 20 +postgres_pgdatadir_lvm_hcloudvol_count: 4 diff --git a/roles/lvm_with_hetzner_volumes/tasks/main.yml b/roles/lvm_with_hetzner_volumes/tasks/main.yml new file mode 100644 index 0000000..ea82e72 --- /dev/null +++ b/roles/lvm_with_hetzner_volumes/tasks/main.yml @@ -0,0 +1,80 @@ +--- +- name: "Creating some hcloud volumes for LVM purpose" + hcloud_volume: + api_token: "{{ hetzner_authentication_ansible }}" + name: "{{ lvm_with_hetzner_volumes__volprefix }}-{{ inventory_hostname }}--vol{{ item }}" + server: "{{ inventory_hostname }}" + labels: + stage: "{{ stage }}" + used_for: "{{ lvm_with_hetzner_volumes__volprefix }}" + bound_on: "{{ inventory_hostname }}" + vol_no: "{{ item | string }}" + size: "{{ lvm_with_hetzner_volumes__volsize }}" + state: present + delete_protection: yes + loop: "{{ range(1, lvm_with_hetzner_volumes__volcount+1) | list }}" + register: created_volume + delegate_to: localhost + become: false + +- name: "Getting all hcloud volumes for {{ inventory_hostname }}" + hcloud_volume_info: + api_token: "{{ hetzner_authentication_ansible }}" + label_selector: "stage={{ stage }},used_for={{ lvm_with_hetzner_volumes__volprefix }},bound_on={{ inventory_hostname }}" + register: hcloud_volumes_found + delegate_to: localhost + become: false + +- name: "Getting all hcloud volumes for {{ inventory_hostname }}" + debug: + msg: "{{ hcloud_volumes_found }}" + +- name: "Setting LVM related VARs" + set_fact: + pvs: "{{ hcloud_volumes_found.hcloud_volume_info | json_query(jmesquery) }}" + vg_name: "vg.{{ lvm_with_hetzner_volumes__volprefix }}" + lv_name: "lv.{{ lvm_with_hetzner_volumes__volprefix }}" + vars: + jmesquery: "[*].linux_device" + +- name: "Creating a volume group on top of all found hcloud volumes" + community.general.lvg: + vg: "{{ vg_name }}" + pvs: "{{ pvs }}" + pvresize: yes + register: create_vg + +- name: "Create logical volume" # noqa no-handler + community.general.lvol: + vg: "{{ vg_name }}" + lv: "{{ lv_name }}" + size: '100%PVS' + when: + - create_vg.changed + +- name: "Format volume" + filesystem: + fstype: ext4 + dev: "/dev/{{ vg_name }}/{{ lv_name }}" + +- name: "Resize volume" # noqa no-handler + filesystem: + fstype: ext4 + dev: "/dev/{{ vg_name }}/{{ lv_name }}" + resizefs: yes + when: + - create_vg.changed + +# set noqa linter 'tag' due to unknown file permissions/ownership for mount path ; +# must be set in role etc in which this role will be called!!! +- name: "Ensure mountpath exists without setting permission/ownership" # noqa risky-file-permissions + file: + path: "{{ lvm_with_hetzner_volumes__mountpath }}" + state: directory + +- name: "Mount created LVM volume" + mount: + path: "{{ lvm_with_hetzner_volumes__mountpath }}" + src: "/dev/{{ vg_name }}/{{ lv_name }}" + fstype: ext4 + state: mounted diff --git a/roles/postgres/defaults/main.yml b/roles/postgres/defaults/main.yml index 47c0a41..06e06fc 100644 --- a/roles/postgres/defaults/main.yml +++ b/roles/postgres/defaults/main.yml @@ -24,6 +24,10 @@ database_state: present postgres_homedir: '/var/lib/postgresql' +postgres_pgdatadir_lvm_hcloudvol_size: 10 +postgres_pgdatadir_lvm_hcloudvol_count: 1 +postgres_pgdatadir_lvm_hcloudvol_mountpath: '{{ postgres_homedir }}' + postgres_listen_addresses: "listen_addresses = 'localhost,{{ stage_private_server_ip }}'" postgres_base_config: diff --git a/roles/postgres/tasks/base-requirements.yml b/roles/postgres/tasks/base-requirements.yml index d3ea5bf..5d520d8 100644 --- a/roles/postgres/tasks/base-requirements.yml +++ b/roles/postgres/tasks/base-requirements.yml @@ -12,6 +12,14 @@ system: true shell: /bin/bash +- name: "Ensure postgres_homedir exists" + file: + path: "{{ postgres_homedir }}" + state: directory + owner: postgres + group: postgres + mode: "0755" + - name: "Ensuring repository meta is installed" apt: name: ["debian-keyring", "debian-archive-keyring", "apt-transport-https"] diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml index c806b74..8c8c135 100644 --- a/roles/postgres/tasks/main.yml +++ b/roles/postgres/tasks/main.yml @@ -2,6 +2,15 @@ ### tags: +- name: "Create/Resize LVM for datadir" + include_role: + name: lvm_with_hetzner_volumes + vars: + lvm_with_hetzner_volumes__volprefix: postgres_datadir + lvm_with_hetzner_volumes__volsize: "{{ postgres_pgdatadir_lvm_hcloudvol_size }}" + lvm_with_hetzner_volumes__volcount: "{{ postgres_pgdatadir_lvm_hcloudvol_count }}" + lvm_with_hetzner_volumes__mountpath: "{{ postgres_pgdatadir_lvm_hcloudvol_mountpath }}" + # Minimal requirements for postgres - name: Include Base Requirements include_tasks: base-requirements.yml diff --git a/roles/selfsigned_ca/tasks/_create_cert.yml b/roles/selfsigned_ca/tasks/_create_cert.yml index 791129d..f5e8932 100644 --- a/roles/selfsigned_ca/tasks/_create_cert.yml +++ b/roles/selfsigned_ca/tasks/_create_cert.yml @@ -4,8 +4,6 @@ path: '{{ selfsigned_ca_cert_private_key | dirname }}' state: directory mode: '0755' - owner: root - group: root - name: "Generate an OpenSSL private key" community.crypto.openssl_privatekey: