DEV-371: added stuff to do remote backup
Ketelsen, Sven
4 years ago
parent
a15ef1982e
commit
e17c62f81e
@ -0,0 +1,113 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
# creates remote database backup
|
||||||
|
# - postgres
|
||||||
|
# - executed on stage specific server: {{ stage }}-postgres-02 (currently: slave)
|
||||||
|
# - creates database backup for ALL databases in postgres-server
|
||||||
|
# - mariadb
|
||||||
|
# - executed on stage specific server: {{ stage }}-maria-01
|
||||||
|
# - creates database backup for ALL databases in mariadb-server
|
||||||
|
|
||||||
|
# Parameters:
|
||||||
|
# playbook inventory
|
||||||
|
# stage := the name of the stage (e.g. dev, int, qa, prod)
|
||||||
|
# smardigo message callback
|
||||||
|
# scope_id := (scope id of the management process)
|
||||||
|
# process_instance_id := (process instance id of the management process)
|
||||||
|
# smardigo_management_action := (smardigo management action anme of the management process)
|
||||||
|
|
||||||
|
#############################################################
|
||||||
|
# Creating inventory dynamically for given parameters
|
||||||
|
#############################################################
|
||||||
|
|
||||||
|
- hosts: localhost
|
||||||
|
connection: local
|
||||||
|
gather_facts: false
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: "Check if ansible version is at least 2.10.x"
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- ansible_version.major >= 2
|
||||||
|
- ansible_version.minor >= 10
|
||||||
|
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
|
||||||
|
|
||||||
|
# add virtual server to load stage specific variables as context
|
||||||
|
- name: "Add <{{ stage }}-virtual-host-to-read-groups-vars> to hosts"
|
||||||
|
add_host:
|
||||||
|
name: "{{ stage }}-virtual-host-to-read-groups-vars"
|
||||||
|
groups:
|
||||||
|
- "stage_{{ stage }}"
|
||||||
|
changed_when: False
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: "Add {{ database_engine }} servers to hosts if necessary"
|
||||||
|
add_host:
|
||||||
|
name: "{{ stage }}-{{ database_engine }}-01"
|
||||||
|
groups:
|
||||||
|
- "stage_{{ stage }}"
|
||||||
|
- '{{ database_engine }}'
|
||||||
|
changed_when: False
|
||||||
|
- name: "Add 'storage' servers to hosts if necessary"
|
||||||
|
add_host:
|
||||||
|
name: "{{ stage }}-fgrz-01"
|
||||||
|
groups:
|
||||||
|
- "stage_{{ stage }}"
|
||||||
|
- storage
|
||||||
|
changed_when: False
|
||||||
|
|
||||||
|
##############################################################
|
||||||
|
## Creating remote database backups for created inventory
|
||||||
|
##############################################################
|
||||||
|
|
||||||
|
- hosts: "postgres:maria"
|
||||||
|
serial: "{{ serial_number | default(1) }}"
|
||||||
|
tasks:
|
||||||
|
- name: "Trigger backup mechanism"
|
||||||
|
include_role:
|
||||||
|
name: '{{ database_engine }}'
|
||||||
|
tasks_from: _create_backup
|
||||||
|
|
||||||
|
#############################################################
|
||||||
|
# Syncing remote database backups to storage server
|
||||||
|
#############################################################
|
||||||
|
|
||||||
|
- hosts: "postgres:maria:storage"
|
||||||
|
serial: "{{ serial_number | default(5) }}"
|
||||||
|
vars:
|
||||||
|
storageserver_system_user: 'backuphamster'
|
||||||
|
tasks:
|
||||||
|
# I could not get it up and running with <synchronize> module
|
||||||
|
# to sync data from remote server A to remote server B
|
||||||
|
- name: "Syncing remote backups"
|
||||||
|
become: yes
|
||||||
|
become_user: '{{ storageserver_system_user }}'
|
||||||
|
vars:
|
||||||
|
database_server_ip: "{{ stage }}-{{ database_engine }}-01.{{ domain }}"
|
||||||
|
shell: '/home/{{ storageserver_system_user }}/pull_remote_backups.sh {{ database_server_ip }} {{ stage }} {{ database_engine }}'
|
||||||
|
when:
|
||||||
|
- inventory_hostname in groups['storage']
|
||||||
|
|
||||||
|
- name: "Cleanup remote backup dirs: {{ database_engine }}"
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: '{{ backup_directory }}/{{ database_engine }}/{{ ansible_date_time.date }}'
|
||||||
|
state: absent
|
||||||
|
when:
|
||||||
|
- not inventory_hostname in groups['storage']
|
||||||
|
|
||||||
|
#############################################################
|
||||||
|
# Sending smardigo management message to process
|
||||||
|
#############################################################
|
||||||
|
|
||||||
|
- hosts: "{{ stage }}-virtual-host-to-read-groups-vars"
|
||||||
|
serial: "{{ serial_number | default(1) }}"
|
||||||
|
gather_facts: false
|
||||||
|
connection: local
|
||||||
|
run_once: true
|
||||||
|
vars:
|
||||||
|
connect_jwt_username: "{{ management_admin_username }}"
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: "Sending smardigo management message to <{{ smardigo_management_url }}>"
|
||||||
|
include_tasks: tasks/smardigo_management_message.yml
|
||||||
@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
#TODO needs to be removed after story DEV-361 is finished
|
||||||
|
hetzner_server_type: "{{ hetzner_server_type_bastelserver | default('cx21') }}"
|
||||||
|
hetzner_server_labels: "stage={{ stage }} service=bastelserver"
|
||||||
|
|
||||||
|
docker_enabled: false
|
||||||
|
traefik_enabled: false
|
||||||
|
filebeat_enabled: false
|
||||||
|
node_exporter_enabled: false
|
||||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1 +1,5 @@
|
|||||||
---
|
---
|
||||||
|
my_cnf_file: '/root/.my.cnf'
|
||||||
|
database_engine: maria
|
||||||
|
backup_dest_dir: "{{ backup_directory }}/{{ database_engine }}/{{ ansible_date_time.date }}"
|
||||||
|
backup_status_file: '{{ backup_dest_dir }}/backup_finished'
|
||||||
|
|||||||
@ -0,0 +1,57 @@
|
|||||||
|
---
|
||||||
|
- name: "Create destination backup directory"
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: '{{ backup_dest_dir }}'
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
|
- name: "Create {{ my_cnf_file }} file"
|
||||||
|
become: yes
|
||||||
|
copy:
|
||||||
|
dest: '{{ my_cnf_file }}'
|
||||||
|
mode: '0600'
|
||||||
|
content: |
|
||||||
|
[client]
|
||||||
|
user={{ mysql_root_username }}
|
||||||
|
password={{ mysql_root_password }}
|
||||||
|
|
||||||
|
# there is no ansible module already in place
|
||||||
|
# so using shell module
|
||||||
|
- name: "Creating mariabackup ... + doing async check if successful or not"
|
||||||
|
become: yes
|
||||||
|
shell: |
|
||||||
|
set -o pipefail
|
||||||
|
/usr/bin/mariabackup --defaults-file={{ my_cnf_file }} --backup --stream=xbstream | gzip > {{ backup_dest_dir }}/mariabackupstream_{{ current_date_time }}.gz
|
||||||
|
args:
|
||||||
|
executable: /bin/bash
|
||||||
|
async: 3600 # allows duration for task up to 3600sec
|
||||||
|
poll: 30 # rechecks every 30sec if task has finished yet
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
# just to make it easier to detect potential failures.
|
||||||
|
# maybe: can be removed later
|
||||||
|
- name: "Create STATUS file for successful backup"
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: '{{ backup_status_file }}_{{ current_date_time }}'
|
||||||
|
state: touch
|
||||||
|
mode: '0644'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
|
- name: "Prepare backup dir..."
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: '{{ backup_dest_dir }}'
|
||||||
|
owner: '{{ backupuser_username }}'
|
||||||
|
group: '{{ backupuser_username }}'
|
||||||
|
recurse: yes
|
||||||
|
|
||||||
|
- name: "Remove {{ my_cnf_file }} file"
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: '{{ my_cnf_file }}'
|
||||||
|
state: absent
|
||||||
@ -0,0 +1,47 @@
|
|||||||
|
---
|
||||||
|
- name: "Ensure needed packages"
|
||||||
|
become: yes
|
||||||
|
package:
|
||||||
|
name: pigz
|
||||||
|
|
||||||
|
- name: "Create destination backup directory"
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: '{{ backup_dest_dir }}'
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
owner: postgres
|
||||||
|
group: postgres
|
||||||
|
|
||||||
|
# there is no ansible module already in place
|
||||||
|
# so using shell module
|
||||||
|
- name: "Creating pg_basebackup ... + doing async check if successful or not"
|
||||||
|
become: yes
|
||||||
|
become_user: postgres
|
||||||
|
shell: |
|
||||||
|
set -o pipefail
|
||||||
|
/usr/bin/pg_basebackup -Ft -X fetch -D - | pigz -p 4 > {{ backup_dest_dir }}/basebackup_{{ current_date_time }}.tar.gz
|
||||||
|
args:
|
||||||
|
executable: /bin/bash
|
||||||
|
async: 3600 # allows duration for task up to 3600sec
|
||||||
|
poll: 30 # rechecks every 30sec if task has finished yet
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
# just to make it easier to detect potential failures.
|
||||||
|
# maybe: can be removed later
|
||||||
|
- name: "Create STATUS file for successful backup"
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: '{{ backup_status_file }}_{{ current_date_time }}'
|
||||||
|
state: touch
|
||||||
|
mode: '0644'
|
||||||
|
owner: postgres
|
||||||
|
group: postgres
|
||||||
|
|
||||||
|
- name: "Prepare backup dir..."
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: '{{ backup_dest_dir }}'
|
||||||
|
owner: '{{ backupuser_username }}'
|
||||||
|
group: '{{ backupuser_username }}'
|
||||||
|
recurse: yes
|
||||||
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
system_user: backuphamster
|
||||||
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
REMOTE_SYSTEM_USER=backupuser
|
||||||
|
DATABASE_SERVER_IP=$1
|
||||||
|
STAGE=$2
|
||||||
|
DATABASE_ENGINE=$3
|
||||||
|
DEST_DIR=${HOME}/backups/${STAGE}/${DATABASE_ENGINE}/
|
||||||
|
|
||||||
|
mkdir -p ${DEST_DIR}
|
||||||
|
rsync -av --remove-source-files -e "ssh -o StrictHostKeyChecking=no" ${REMOTE_SYSTEM_USER}@${DATABASE_SERVER_IP}:/backups/${DATABASE_ENGINE}/* ${DEST_DIR}/
|
||||||
|
|
||||||
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
- name: "Backup storage server | create system user"
|
||||||
|
become: yes
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: '{{ system_user }}'
|
||||||
|
comment: "user for backup"
|
||||||
|
shell: /bin/bash
|
||||||
|
register: create_user
|
||||||
|
|
||||||
|
- name: "Create .ssh dir"
|
||||||
|
become: yes
|
||||||
|
file:
|
||||||
|
path: '/home/{{ system_user }}/.ssh/'
|
||||||
|
mode: '0700'
|
||||||
|
owner: '{{ system_user }}'
|
||||||
|
group: '{{ system_user }}'
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: "Providing SSH priv.key"
|
||||||
|
no_log: true
|
||||||
|
become: yes
|
||||||
|
copy:
|
||||||
|
dest: '/home/{{ system_user }}/.ssh/id_rsa'
|
||||||
|
mode: '0400'
|
||||||
|
owner: '{{ system_user }}'
|
||||||
|
group: '{{ system_user }}'
|
||||||
|
content: '{{ backup_user_ssh_privkey_vault }}'
|
||||||
|
|
||||||
|
- name: "Providing rsync script"
|
||||||
|
become: yes
|
||||||
|
copy:
|
||||||
|
src: pull_remote_backups.sh
|
||||||
|
dest: '/home/{{ system_user }}/pull_remote_backups.sh'
|
||||||
|
mode: '0755'
|
||||||
|
owner: '{{ system_user }}'
|
||||||
|
group: '{{ system_user }}'
|
||||||
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
- hosts: bastelserver
|
||||||
|
roles:
|
||||||
|
- role: storage_server
|
||||||
Loading…
Reference in New Issue