CrunchyData · jmccormick2001 · Apr 10, 2019 · Apr 10, 2019
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
 public
+.DS_Store
diff --git a/ansible/README.md b/ansible/README.md
@@ -0,0 +1,15 @@
+# Crunchy Data PostgreSQL Operator Playbook
+
+<p align="center">
+  <img src="crunchy_logo.png?raw=false" alt="Mr. Crunchy" width="150"/>
+</p>
+
+Latest Release: 4.0.0
+
+## General
+
+This repository contains Ansible Roles for deploying the Crunchy PostgreSQL Operator 
+for Kubernetes and OpenShift.
+
+See the [official documentation for more information](https://crunchydata.github.io/postgres-operator-/stable/) 
+on installing Crunchy PostgreSQL Operator.
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -0,0 +1,5 @@
+[defaults]
+retry_files_enabled = False
+
+[ssh_connection]
+ssh_args = -o ControlMaster=no
diff --git a/ansible/crunchy_logo.png b/ansible/crunchy_logo.png
diff --git a/ansible/inventory b/ansible/inventory
@@ -0,0 +1,138 @@
+localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"
+
+[all:vars]
+
+crunchy_debug='false'
+
+# ===================
+# PGO Settings
+# The following settings configure the Crunchy PostgreSQL Operator 
+# functionality.
+# ===================
+pgo_client_install='true'
+
+# PGO Namespace
+pgo_namespace='pgo'
+target_namespaces='pgo'
+
+# PGO Admin Credentials
+pgo_admin_username='admin'
+pgo_admin_password=''
+
+# PGO TLS
+pgo_tls_no_verify='false'
+
+# Crunchy Container Suite images to use. The tags centos7 and rhel7 are acceptable.
+ccp_image_prefix='crunchydata'
+ccp_image_tag='centos7-11.2-2.3.1'
+
+# Crunchy PostgreSQL Operator images to use.  The tags centos7 and rhel7 are acceptable.
+pgo_image_prefix='crunchydata'
+pgo_image_tag='centos7-4.0.0-rc5'
+
+# This will set default enhancements for operator deployed PostgreSQL clusters
+auto_failover='false'
+backrest='false'
+badger='false'
+metrics='false'
+
+# pgBackRest Defaults
+archive_mode='true'
+archive_timeout=60
+
+# Log Defaults
+log_statement='none'
+log_min_duration_statement=60000
+
+# Autofail Settings
+auto_failover_replace_replica=false
+auto_failover_sleep_secs=9
+
+# Scheduler Settings
+scheduler_timeout=3600
+
+# pgBackRest S3 Settings
+#backrest_aws_s3_key=""
+#backrest_aws_s3_secret=""
+#backrest_aws_s3_bucket=""
+#backrest_aws_s3_endpoint=""
+#backrest_aws_s3_region=""
+
+# ===================
+# PostgreSQL Settings
+# Default parameters for objects created when the database container starts
+# such as: default database name and default username
+# ===================
+db_name='userdb'
+db_password_age_days=60
+db_password_length=20
+db_port=5432
+db_replicas=0
+db_user='testuser'
+
+# ==================
+# Metrics
+# ==================
+# Optional installation of Grafana and Prometheus optimized 
+# to work with the Crunchy PostgreSQL Operator
+metrics_namespace='metrics'
+
+grafana_install='true'
+grafana_admin_username='admin'
+grafana_admin_password=''
+#grafana_storage_access_mode='ReadWriteOnce'
+#grafana_storage_class_name='fast'
+#grafana_volume_size='1G'
+
+prometheus_install='true'
+#prometheus_storage_access_mode='ReadWriteOnce'
+#prometheus_storage_class_name='fast'
+#prometheus_volume_size='1G'
+
+# ==================
+# Storage Settings
+# ==================
+# Which storage definitions to use when creating persistent volumes
+# for a variety of uses.
+# Note: it is suggested that backup_storage be configured to a ReadWriteMany
+# storage provider for pgBackRest to work correctly.
+backrest_storage='storage1'
+backup_storage='storage1'
+primary_storage='storage2'
+replica_storage='storage3'
+xlog_storage='storage1'
+
+storage1_access_mode='ReadWriteMany'
+storage1_size='1G'
+storage1_type='dynamic'
+storage1_class='nfs'
+#storage1_supplemental_groups=65534
+#storage1_fs_group=26
+
+storage2_access_mode='ReadWriteOnce'
+storage2_size='1G'
+storage2_type='dynamic'
+storage2_class='fast'
+#storage2_supplemental_groups=65534
+#storage2_fs_group=26
+
+storage3_access_mode='ReadWriteOnce'
+storage3_size='1G'
+storage3_type='dynamic'
+storage3_class='fast'
+#storage3_supplemental_groups=65534
+#storage3_fs_group=26
+
+# ==================
+# Deploy into Openshift
+# Note: openshift_token can be used for token authentication
+# ==================
+# openshift_host=''
+# openshift_skip_tls_verify=true
+# openshift_user=''
+# openshift_password=''
+
+# ==================
+# Deploy into Kubernetes
+# ==================
+# kubernetes_context=''
diff --git a/ansible/main.yml b/ansible/main.yml
@@ -0,0 +1,10 @@
+---
+- name: Deploy Crunchy PostgreSQL Operator 
+  hosts: all
+  vars:
+    all_namespaces: []
+  gather_facts: true
+  roles:
+    - pgo-preflight 
+    - pgo-operator
+    - pgo-metrics
diff --git a/ansible/roles/pgo-metrics/defaults/main.yml b/ansible/roles/pgo-metrics/defaults/main.yml
@@ -0,0 +1,9 @@
+---
+grafana_default_dashboards: "true"
+grafana_port: "3000"
+grafana_service_name: "crunchy-grafana"
+
+metrics_namespace: "crunchy-metrics"
+
+prometheus_port: "9090"
+prometheus_service_name: "crunchy-prometheus"
diff --git a/ansible/roles/pgo-metrics/tasks/cleanup.yml b/ansible/roles/pgo-metrics/tasks/cleanup.yml
@@ -0,0 +1,79 @@
+---
+- name: Use kubectl or oc
+  set_fact:
+    kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"
+  tags:
+  - deprovision-metrics
+  - upgrade-metrics
+
+- name: Delete Prometheus Deployment
+  shell: |
+    {{ kubectl_or_oc }} delete deployment crunchy-prometheus -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Grafana Deployment
+  shell: |
+    {{ kubectl_or_oc }} delete deployment crunchy-grafana -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Prometheus Service
+  shell: |
+    {{ kubectl_or_oc }} delete service {{ prometheus_service_name }} -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Grafana Service 
+  shell: |
+    {{ kubectl_or_oc }} delete service {{ grafana_service_name }} -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Prometheus Cluster Roles 
+  shell: |
+    {{ kubectl_or_oc }} delete clusterrole,clusterrolebinding {{ metrics_namespace }}-prometheus-sa -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Prometheus Service Account
+  shell: |
+    {{ kubectl_or_oc }} delete serviceaccount prometheus-sa -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Grafana PVC
+  shell: |
+    {{ kubectl_or_oc }} delete pvc grafanadata -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Prometheus PVC
+  shell: |
+    {{ kubectl_or_oc }} delete pvc prometheusdata -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
+
+- name: Delete Grafana Secret
+  shell: |
+    {{ kubectl_or_oc }} delete secret grafana-secret -n {{ metrics_namespace }}
+  ignore_errors: yes
+  no_log: false
+  tags:
+  - deprovision-metrics
diff --git a/ansible/roles/pgo-metrics/tasks/grafana.yml b/ansible/roles/pgo-metrics/tasks/grafana.yml
@@ -0,0 +1,54 @@
+---
+- fail:
+    msg: "Only set one of kubernetes_context or openshift_host"
+  when: openshift_host is defined and kubernetes_context is defined
+  tags: always
+
+- name: Set output directory fact
+  set_fact:
+    grafana_output_dir: "./output/{{ metrics_namespace }}"
+  tags: always
+
+- name: Ensure output directory exists
+  file: 
+    path: "{{ grafana_output_dir }}"
+    state: directory
+    mode: 0700
+  tags: always
+
+- name: Use kubectl or oc
+  set_fact:
+    kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"
+  tags: always
+
+- name: Deploy Grafana
+  block:
+    - name: Template Grafana Secret
+      template:
+        src: "grafana-secret.json.j2"
+        dest: "{{ grafana_output_dir }}/grafana-secret.json"
+        mode: '0600'
+      tags: [install-metrics]
+
+    - name: Create Grafana Secret
+      command: "{{ kubectl_or_oc }} create -f {{ grafana_output_dir }}/grafana-secret.json -n {{ metrics_namespace }}"
+      tags: [install-metrics]
+
+    - name: Template Grafana Deployment
+      template:
+        src: "{{ item }}"
+        dest: "{{ grafana_output_dir }}/{{ item | replace('.j2', '') }}"
+        mode: '0600'
+      with_items: 
+      - grafana-pvc.json.j2
+      - grafana-service.json.j2
+      - grafana-deployment.json.j2
+      tags: [install-metrics]
+
+    - name: Create Grafana Deployment
+      command: "{{ kubectl_or_oc }} create -f {{ grafana_output_dir }}/{{ item }} -n {{ metrics_namespace }}"
+      with_items:
+      - grafana-pvc.json
+      - grafana-service.json
+      - grafana-deployment.json
+      tags: [install-metrics]
diff --git a/ansible/roles/pgo-metrics/tasks/kubernetes.yml b/ansible/roles/pgo-metrics/tasks/kubernetes.yml
@@ -0,0 +1,11 @@
+---
+- name: Get Namespace Details
+  shell: "kubectl get namespace {{ metrics_namespace }}" 
+  register: namespace_details
+  ignore_errors: yes
+  tags: install-metrics
+
+- name: Create Namespace {{ metrics_namespace }}
+  shell: "kubectl create namespace {{ metrics_namespace }}"
+  when: namespace_details.rc != 0
+  tags: install-metrics
diff --git a/ansible/roles/pgo-metrics/tasks/kubernetes_auth.yml b/ansible/roles/pgo-metrics/tasks/kubernetes_auth.yml
@@ -0,0 +1,4 @@
+---
+- name: Set the Kubernetes Context
+  shell: "kubectl config set-context {{ kubernetes_context }}"
+  tags: always
diff --git a/ansible/roles/pgo-metrics/tasks/main.yml b/ansible/roles/pgo-metrics/tasks/main.yml
@@ -0,0 +1,42 @@
+---
+- include_tasks: "preflight-grafana.yml"
+  tags: always
+  when: "grafana_install == 'true'"
+
+- include_tasks: "preflight-prometheus.yml"
+  tags: always
+  when: "prometheus_install == 'true'"
+
+- include_tasks: "{{ tasks }}"
+  with_items:
+    - openshift_auth.yml
+    - openshift.yml
+  loop_control:
+    loop_var: tasks
+  when: openshift_host is defined
+  tags: always
+
+- include_tasks: "{{ tasks }}"
+  with_items:
+    - kubernetes_auth.yml
+    - kubernetes.yml
+  loop_control:
+    loop_var: tasks
+  when: kubernetes_context is defined
+  tags: always
+
+- include_tasks: cleanup.yml
+  tags: [deprovision-metrics, upgrade-metrics]
+
+- name: Use kubectl or oc
+  set_fact:
+    kubectl_or_oc: "{{ openshift_oc_bin if openshift_oc_bin is defined else 'kubectl' }}"
+  tags: always
+
+- include_tasks: prometheus.yml
+  when: prometheus_install == "true"
+  tags: always
+
+- include_tasks: grafana.yml
+  when: grafana_install == "true"
+  tags: always
diff --git a/ansible/roles/pgo-metrics/tasks/openshift.yml b/ansible/roles/pgo-metrics/tasks/openshift.yml
@@ -0,0 +1,11 @@
+---
+- name: Get Project Details
+  shell: "{{ openshift_oc_bin}} get project {{ metrics_namespace }}"
+  register: namespace_details
+  ignore_errors: yes
+  tags: install-metrics
+
+- name: Create Project {{ metrics_namespace }}
+  shell: "{{ openshift_oc_bin}} new-project {{ metrics_namespace }}"
+  when: namespace_details.rc != 0
+  tags: install-metrics