DEV-371: added stuff to do remote backup
Ketelsen, Sven
4 years ago
parent
a15ef1982e
commit
e17c62f81e
@ -0,0 +1,113 @@
|
||||
---
|
||||
|
||||
# creates remote database backup
|
||||
# - postgres
|
||||
# - executed on stage specific server: {{ stage }}-postgres-02 (currently: slave)
|
||||
# - creates database backup for ALL databases in postgres-server
|
||||
# - mariadb
|
||||
# - executed on stage specific server: {{ stage }}-maria-01
|
||||
# - creates database backup for ALL databases in mariadb-server
|
||||
|
||||
# Parameters:
|
||||
# playbook inventory
|
||||
# stage := the name of the stage (e.g. dev, int, qa, prod)
|
||||
# smardigo message callback
|
||||
# scope_id := (scope id of the management process)
|
||||
# process_instance_id := (process instance id of the management process)
|
||||
# smardigo_management_action := (smardigo management action anme of the management process)
|
||||
|
||||
#############################################################
|
||||
# Creating inventory dynamically for given parameters
|
||||
#############################################################
|
||||
|
||||
- hosts: localhost
|
||||
connection: local
|
||||
gather_facts: false
|
||||
|
||||
pre_tasks:
|
||||
- name: "Check if ansible version is at least 2.10.x"
|
||||
assert:
|
||||
that:
|
||||
- ansible_version.major >= 2
|
||||
- ansible_version.minor >= 10
|
||||
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
|
||||
|
||||
# add virtual server to load stage specific variables as context
|
||||
- name: "Add <{{ stage }}-virtual-host-to-read-groups-vars> to hosts"
|
||||
add_host:
|
||||
name: "{{ stage }}-virtual-host-to-read-groups-vars"
|
||||
groups:
|
||||
- "stage_{{ stage }}"
|
||||
changed_when: False
|
||||
|
||||
tasks:
|
||||
- name: "Add {{ database_engine }} servers to hosts if necessary"
|
||||
add_host:
|
||||
name: "{{ stage }}-{{ database_engine }}-01"
|
||||
groups:
|
||||
- "stage_{{ stage }}"
|
||||
- '{{ database_engine }}'
|
||||
changed_when: False
|
||||
- name: "Add 'storage' servers to hosts if necessary"
|
||||
add_host:
|
||||
name: "{{ stage }}-fgrz-01"
|
||||
groups:
|
||||
- "stage_{{ stage }}"
|
||||
- storage
|
||||
changed_when: False
|
||||
|
||||
##############################################################
|
||||
## Creating remote database backups for created inventory
|
||||
##############################################################
|
||||
|
||||
- hosts: "postgres:maria"
|
||||
serial: "{{ serial_number | default(1) }}"
|
||||
tasks:
|
||||
- name: "Trigger backup mechanism"
|
||||
include_role:
|
||||
name: '{{ database_engine }}'
|
||||
tasks_from: _create_backup
|
||||
|
||||
#############################################################
|
||||
# Syncing remote database backups to storage server
|
||||
#############################################################
|
||||
|
||||
- hosts: "postgres:maria:storage"
|
||||
serial: "{{ serial_number | default(5) }}"
|
||||
vars:
|
||||
storageserver_system_user: 'backuphamster'
|
||||
tasks:
|
||||
# I could not get it up and running with <synchronize> module
|
||||
# to sync data from remote server A to remote server B
|
||||
- name: "Syncing remote backups"
|
||||
become: yes
|
||||
become_user: '{{ storageserver_system_user }}'
|
||||
vars:
|
||||
database_server_ip: "{{ stage }}-{{ database_engine }}-01.{{ domain }}"
|
||||
shell: '/home/{{ storageserver_system_user }}/pull_remote_backups.sh {{ database_server_ip }} {{ stage }} {{ database_engine }}'
|
||||
when:
|
||||
- inventory_hostname in groups['storage']
|
||||
|
||||
- name: "Cleanup remote backup dirs: {{ database_engine }}"
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ backup_directory }}/{{ database_engine }}/{{ ansible_date_time.date }}'
|
||||
state: absent
|
||||
when:
|
||||
- not inventory_hostname in groups['storage']
|
||||
|
||||
#############################################################
|
||||
# Sending smardigo management message to process
|
||||
#############################################################
|
||||
|
||||
- hosts: "{{ stage }}-virtual-host-to-read-groups-vars"
|
||||
serial: "{{ serial_number | default(1) }}"
|
||||
gather_facts: false
|
||||
connection: local
|
||||
run_once: true
|
||||
vars:
|
||||
connect_jwt_username: "{{ management_admin_username }}"
|
||||
|
||||
tasks:
|
||||
- name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
|
||||
include_tasks: tasks/smardigo_management_message.yml
|
||||
@ -0,0 +1,9 @@
|
||||
---
|
||||
#TODO needs to be removed after story DEV-361 is finished
|
||||
hetzner_server_type: "{{ hetzner_server_type_bastelserver | default('cx21') }}"
|
||||
hetzner_server_labels: "stage={{ stage }} service=bastelserver"
|
||||
|
||||
docker_enabled: false
|
||||
traefik_enabled: false
|
||||
filebeat_enabled: false
|
||||
node_exporter_enabled: false
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1 +1,5 @@
|
||||
---
|
||||
my_cnf_file: '/root/.my.cnf'
|
||||
database_engine: maria
|
||||
backup_dest_dir: "{{ backup_directory }}/{{ database_engine }}/{{ ansible_date_time.date }}"
|
||||
backup_status_file: '{{ backup_dest_dir }}/backup_finished'
|
||||
|
||||
@ -0,0 +1,57 @@
|
||||
---
|
||||
- name: "Create destination backup directory"
|
||||
become: yes
|
||||
ansible.builtin.file:
|
||||
path: '{{ backup_dest_dir }}'
|
||||
state: directory
|
||||
mode: '0755'
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "Create {{ my_cnf_file }} file"
|
||||
become: yes
|
||||
copy:
|
||||
dest: '{{ my_cnf_file }}'
|
||||
mode: '0600'
|
||||
content: |
|
||||
[client]
|
||||
user={{ mysql_root_username }}
|
||||
password={{ mysql_root_password }}
|
||||
|
||||
# there is no ansible module already in place
|
||||
# so using shell module
|
||||
- name: "Creating mariabackup ... + doing async check if successful or not"
|
||||
become: yes
|
||||
shell: |
|
||||
set -o pipefail
|
||||
/usr/bin/mariabackup --defaults-file={{ my_cnf_file }} --backup --stream=xbstream | gzip > {{ backup_dest_dir }}/mariabackupstream_{{ current_date_time }}.gz
|
||||
args:
|
||||
executable: /bin/bash
|
||||
async: 3600 # allows duration for task up to 3600sec
|
||||
poll: 30 # rechecks every 30sec if task has finished yet
|
||||
changed_when: false
|
||||
|
||||
# just to make it easier to detect potential failures.
|
||||
# maybe: can be removed later
|
||||
- name: "Create STATUS file for successful backup"
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ backup_status_file }}_{{ current_date_time }}'
|
||||
state: touch
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "Prepare backup dir..."
|
||||
become: yes
|
||||
ansible.builtin.file:
|
||||
path: '{{ backup_dest_dir }}'
|
||||
owner: '{{ backupuser_username }}'
|
||||
group: '{{ backupuser_username }}'
|
||||
recurse: yes
|
||||
|
||||
- name: "Remove {{ my_cnf_file }} file"
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ my_cnf_file }}'
|
||||
state: absent
|
||||
@ -0,0 +1,47 @@
|
||||
---
|
||||
- name: "Ensure needed packages"
|
||||
become: yes
|
||||
package:
|
||||
name: pigz
|
||||
|
||||
- name: "Create destination backup directory"
|
||||
become: yes
|
||||
ansible.builtin.file:
|
||||
path: '{{ backup_dest_dir }}'
|
||||
state: directory
|
||||
mode: '0755'
|
||||
owner: postgres
|
||||
group: postgres
|
||||
|
||||
# there is no ansible module already in place
|
||||
# so using shell module
|
||||
- name: "Creating pg_basebackup ... + doing async check if successful or not"
|
||||
become: yes
|
||||
become_user: postgres
|
||||
shell: |
|
||||
set -o pipefail
|
||||
/usr/bin/pg_basebackup -Ft -X fetch -D - | pigz -p 4 > {{ backup_dest_dir }}/basebackup_{{ current_date_time }}.tar.gz
|
||||
args:
|
||||
executable: /bin/bash
|
||||
async: 3600 # allows duration for task up to 3600sec
|
||||
poll: 30 # rechecks every 30sec if task has finished yet
|
||||
changed_when: false
|
||||
|
||||
# just to make it easier to detect potential failures.
|
||||
# maybe: can be removed later
|
||||
- name: "Create STATUS file for successful backup"
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ backup_status_file }}_{{ current_date_time }}'
|
||||
state: touch
|
||||
mode: '0644'
|
||||
owner: postgres
|
||||
group: postgres
|
||||
|
||||
- name: "Prepare backup dir..."
|
||||
become: yes
|
||||
ansible.builtin.file:
|
||||
path: '{{ backup_dest_dir }}'
|
||||
owner: '{{ backupuser_username }}'
|
||||
group: '{{ backupuser_username }}'
|
||||
recurse: yes
|
||||
@ -0,0 +1,2 @@
|
||||
---
|
||||
system_user: backuphamster
|
||||
@ -0,0 +1,14 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
#
|
||||
#
|
||||
|
||||
REMOTE_SYSTEM_USER=backupuser
|
||||
DATABASE_SERVER_IP=$1
|
||||
STAGE=$2
|
||||
DATABASE_ENGINE=$3
|
||||
DEST_DIR=${HOME}/backups/${STAGE}/${DATABASE_ENGINE}/
|
||||
|
||||
mkdir -p ${DEST_DIR}
|
||||
rsync -av --remove-source-files -e "ssh -o StrictHostKeyChecking=no" ${REMOTE_SYSTEM_USER}@${DATABASE_SERVER_IP}:/backups/${DATABASE_ENGINE}/* ${DEST_DIR}/
|
||||
|
||||
@ -0,0 +1,36 @@
|
||||
---
|
||||
- name: "Backup storage server | create system user"
|
||||
become: yes
|
||||
ansible.builtin.user:
|
||||
name: '{{ system_user }}'
|
||||
comment: "user for backup"
|
||||
shell: /bin/bash
|
||||
register: create_user
|
||||
|
||||
- name: "Create .ssh dir"
|
||||
become: yes
|
||||
file:
|
||||
path: '/home/{{ system_user }}/.ssh/'
|
||||
mode: '0700'
|
||||
owner: '{{ system_user }}'
|
||||
group: '{{ system_user }}'
|
||||
state: directory
|
||||
|
||||
- name: "Providing SSH priv.key"
|
||||
no_log: true
|
||||
become: yes
|
||||
copy:
|
||||
dest: '/home/{{ system_user }}/.ssh/id_rsa'
|
||||
mode: '0400'
|
||||
owner: '{{ system_user }}'
|
||||
group: '{{ system_user }}'
|
||||
content: '{{ backup_user_ssh_privkey_vault }}'
|
||||
|
||||
- name: "Providing rsync script"
|
||||
become: yes
|
||||
copy:
|
||||
src: pull_remote_backups.sh
|
||||
dest: '/home/{{ system_user }}/pull_remote_backups.sh'
|
||||
mode: '0755'
|
||||
owner: '{{ system_user }}'
|
||||
group: '{{ system_user }}'
|
||||
@ -0,0 +1,4 @@
|
||||
---
|
||||
- hosts: bastelserver
|
||||
roles:
|
||||
- role: storage_server
|
||||
Loading…
Reference in New Issue