Browse Source

Rework mongodb formula (ubuntu packages: 2.4, 2.6)

- Cosmetic
- Switch to mongodb-org packages
- Disable auth by default
- Change configuration file format
- Add possibility ti deploy replica set without auth
- Wait 10 sec before replica set initialization

Change-Id: I088b98587967e872282db620635b5d62fd9b1d87
Related-PROD: PROD-19866
master
Ildar Svetlov 6 years ago
parent
commit
a92e01ed57
5 changed files with 52 additions and 153 deletions
  1. +1
    -10
      metadata/service/server/cluster.yml
  2. +1
    -7
      metadata/service/server/single.yml
  3. +13
    -104
      mongodb/files/mongodb.conf
  4. +6
    -8
      mongodb/map.jinja
  5. +31
    -24
      mongodb/server.sls

+ 1
- 10
metadata/service/server/cluster.yml View File

@@ -3,19 +3,10 @@ applications:
classes:
- service.mongodb.support
parameters:
_param:
mongodb_server_replica_set: default
mongodb:
server:
enabled: true
admin:
user: admin
password: ${_param:mongodb_admin_password}
bind:
address: 0.0.0.0
port: 27017
replica_set: ${_param:mongodb_server_replica_set}
shared_key: ${_param:mongodb_shared_key}
members: ${_param:mongodb_server_members}
master: ${_param:mongodb_master}

replica_set: rs0

+ 1
- 7
metadata/service/server/single.yml View File

@@ -6,12 +6,6 @@ parameters:
mongodb:
server:
enabled: true
admin:
user: admin
password: ${_param:mongodb_admin_password}
bind:
address: 0.0.0.0
address: 127.0.0.1
port: 27017
shard_service: False
config_service: False
shared_key: ${_param:mongodb_shared_key}

+ 13
- 104
mongodb/files/mongodb.conf View File

@@ -1,116 +1,25 @@
{%- from "mongodb/map.jinja" import server with context %}

# mongodb.conf

# Where to store the data.
dbpath=/var/lib/mongodb
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/

#where to log
logpath=/var/log/mongodb/mongodb.log
port={{ server.bind.port }}
bind_ip={{ server.bind.address }}

logpath=/var/log/mongodb/mongod.log
logappend=true

bind_ip = {{ server.bind.address }}
#port = 27017

# Enable journaling, http://www.mongodb.org/display/DOCS/Journaling
dbpath=/var/lib/mongodb
journal=true

# Enables periodic logging of CPU utilization and I/O wait
#cpu = true

keyFile = /etc/mongodb.key

{%- if server.replica_set is defined %}
replSet = {{ server.replica_set }}
{%- if server.authorization.get('enabled', False) %}
auth=true
{%- endif %}

# Turn on/off security. Off is currently the default
#noauth = true
auth = true

# Inspect all client data for validity on receipt (useful for
# developing drivers)
#objcheck = true

# Enable db quota management
#quota = true

#OpenStack guide for Juno
smallfiles = true

# Verbose logging output.
verbose = {{ server.logging.get('verbose', False)|lower }}

# logLevel
setParameter = logLevel={{ server.logging.get('logLevel', 1) }}

# Set oplogging level where n is
# 0=off (default)
# 1=W
# 2=R
# 3=both
# 7=W+some reads
{%- if server.logging.oplogLevel is defined %}
oplog = {{ server.logging.get('oplogLevel') }}
{%- if server.shared_key is defined %}
keyFile=/etc/mongodb.key
{%- endif %}

# Diagnostic/debugging option
#nocursors = true

# Ignore query hints
#nohints = true

# Disable the HTTP interface (Defaults to localhost:27018).
#nohttpinterface = true

# Turns off server-side scripting. This will result in greatly limited
# functionality
#noscripting = true

# Turns off table scans. Any query that would do a table scan fails.
#notablescan = true

# Disable data file preallocation.
#noprealloc = true

# Specify .ns file size for new databases.
# nssize = <size>

# Accout token for Mongo monitoring server.
#mms-token = <token>

# Server name for Mongo monitoring server.
#mms-name = <server-name>

# Ping interval for Mongo monitoring server.
#mms-interval = <seconds>

# Replication Options

# in replicated mongo databases, specify here whether this is a slave or master
#slave = true
#source = master.example.com
# Slave only: specify a single database to replicate
#only = master.example.com
# or
#master = true
#source = slave.example.com

# Address of a server to pair with.
#pairwith = <server:port>
# Address of arbiter server.
#arbiter = <server:port>
# Automatically resync if slave data is stale
#autoresync
# Custom size for replication operation log.
#oplogSize = <MB>
# Size limit for in-memory storage of op ids.
#opIdMem = <bytes>

# SSL options
# Enable SSL on normal ports
#sslOnNormalPorts = true
# SSL Key file and password
#sslPEMKeyFile = /etc/ssl/mongodb.pem
#sslPEMKeyPassword = pass
{%- if server.replica_set is defined %}
replSet={{ server.replica_set }}
{%- endif %}

+ 6
- 8
mongodb/map.jinja View File

@@ -1,30 +1,28 @@
{% set server = salt['grains.filter_by']({
'Debian': {
'pkgs': ['mongodb-server', 'mongodb', 'python-pymongo', 'mongodb-clients'],
'pkgs': ['mongodb-server', 'mongodb', 'mongodb-clients'],
'service': 'mongodb',
'lock_dir': "/var/lock/mongodb",
'logging': {},
'bind': {
'address': '0.0.0.0',
'address': '127.0.0.1',
'port': 27017
},
'config_service': False,
'shard_service': True,
'authorization': {},
'admin': {
'username': 'root'
}
},
'RedHat': {
'pkgs': ['mongodb-server', 'mongodb', 'python-pymongo', 'mongodb-clients'],
'pkgs': ['mongodb-server', 'mongodb', 'mongodb-clients'],
'service': 'mongod',
'lock_dir': "/var/lock/mongodb",
'logging': {},
'bind': {
'address': '0.0.0.0',
'address': '127.0.0.1',
'port': 27017
},
'config_service': False,
'shard_service': True,
'authorization': {},
'admin': {
'username': 'root'
}

+ 31
- 24
mongodb/server.sls View File

@@ -1,6 +1,6 @@
{%- from "mongodb/map.jinja" import server with context %}
{%- if server.enabled %}

{%- if server.get('enabled', False) %}
mongodb_packages:
pkg.installed:
- names: {{ server.pkgs }}
@@ -13,7 +13,6 @@ mongodb_packages:
- pkg: mongodb_packages

{%- if server.shared_key is defined %}

/etc/mongodb.key:
file.managed:
- contents_pillar: mongodb:server:shared_key
@@ -23,7 +22,6 @@ mongodb_packages:
- pkg: mongodb_packages
- watch_in:
- service: mongodb_service

{%- endif %}

{{ server.lock_dir }}:
@@ -43,9 +41,37 @@ mongodb_service:
- watch:
- file: /etc/mongodb.conf

{%- if server.members is not defined or server.master == pillar.linux.system.name %}
{# We are not a cluster or we are master #}
{%- if server.members is defined and server.master == pillar.linux.system.name %}

/var/tmp/mongodb_cluster.js:
file.managed:
- source: salt://mongodb/files/cluster.js
- template: jinja
- mode: 600
- user: root

mongodb_setup_cluster_wait:
cmd.run:
- name: 'sleep 10'
- unless: 'mongo localhost:27017 --quiet --eval "rs.conf()" | grep -i object -q'
- require:
- service: mongodb_service
- file: /var/tmp/mongodb_cluster.js

mongodb_setup_cluster:
cmd.run:
- name: 'mongo localhost:27017 /var/tmp/mongodb_cluster.js && mongo localhost:27017 --quiet --eval "rs.conf()" | grep -i object -q'
- unless: 'mongo localhost:27017 --quiet --eval "rs.conf()" | grep -i object -q'
- require:
- service: mongodb_service
- file: /var/tmp/mongodb_cluster.js
- cmd: mongodb_setup_cluster_wait

{%- endif %}

{%- if server.members is not defined or server.master == pillar.linux.system.name %}

{%- if server.authorization.get('enabled', False) %}
/var/tmp/mongodb_user.js:
file.managed:
- source: salt://mongodb/files/user.js
@@ -92,25 +118,6 @@ mongodb_{{ database_name }}_fix_role:

{%- endfor %}

{%- if server.members is defined %}

/var/tmp/mongodb_cluster.js:
file.managed:
- source: salt://mongodb/files/cluster.js
- template: jinja
- mode: 600
- user: root

mongodb_setup_cluster:
cmd.run:
- name: 'mongo localhost:27017/admin /var/tmp/mongodb_cluster.js && mongo localhost:27017/admin --quiet --eval "rs.conf()" | grep object -q'
- unless: 'mongo localhost:27017/admin -u admin -p {{ server.admin.password }} --quiet --eval "rs.conf()" | grep object -q'
- require:
- service: mongodb_service
- file: /var/tmp/mongodb_cluster.js
- require_in:
- cmd: mongodb_change_root_password

{%- endif %}

{%- endif %}

Loading…
Cancel
Save