Support providing ZDM configuration as YAML file

datastax · Jul 4, 2024 · bc6e085 · bc6e085
1 parent 8980640
commit bc6e085
Show file tree

Hide file tree

Showing 8 changed files with 182 additions and 14 deletions.
diff --git a/ansible/deploy_zdm_proxy.yml b/ansible/deploy_zdm_proxy.yml
@@ -209,6 +209,7 @@
 - name: Create ZDM proxy configuration env file
   hosts: proxies
   vars_files:
+    - vars/zdm_proxy_container_config.yml
     - vars/zdm_proxy_cluster_config.yml
     - vars/zdm_proxy_core_config.yml
     - vars/zdm_proxy_advanced_config.yml
@@ -220,18 +221,18 @@
       file:
         path: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
         state: directory
-    - name: Generate env var file from template for immutable configuration
+    - name: Generate configuration file from template for immutable configuration
       template:
-        src: "zdm_proxy_immutable_config.j2"
+        src: "{{ 'zdm_proxy_immutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_immutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_immutable_config_fragment_file_name }}"
-    - name: Generate env var file from template for mutable configuration
+    - name: Generate configuration file from template for mutable configuration
       template:
-        src: "zdm_proxy_mutable_config.j2"
+        src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}"
     - name: Merge the immutable and mutable configuration files into a single one
       assemble:
         src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
-        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}"
+        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}"
 
 - name: Install ZDM Proxy
   hosts: proxies
@@ -251,7 +252,8 @@
       vars:
         ansible_python_interpreter: python3
 
-    - name: Create ZDM proxy container
+    - name: Create ZDM proxy container with env vars
+      when: "zdm_proxy_config_mode == 'env_vars'"
       docker_container:
         name: "{{ zdm_proxy_container_name }}"
         image: "docker.io/{{ zdm_proxy_image }}"
@@ -272,6 +274,24 @@
       vars:
         ansible_python_interpreter: python3
 
+    - name: Create ZDM proxy container with configuration file
+      when: "zdm_proxy_config_mode == 'conf_file'"
+      docker_container:
+        name: "{{ zdm_proxy_container_name }}"
+        image: "docker.io/{{ zdm_proxy_image }}"
+        command:
+          - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}"
+        mounts:
+          - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            type: bind
+        network_mode: host
+        restart_policy: unless-stopped
+        restart: yes
+        state: started
+      vars:
+        ansible_python_interpreter: python3
+
     - name: Wait for this ZDM proxy to come up
       uri:
         url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness"

diff --git a/ansible/rolling_update_zdm_proxy.yml b/ansible/rolling_update_zdm_proxy.yml
@@ -18,20 +18,21 @@
 - name: Create ZDM proxy configuration env file based on the latest configuration
   hosts: proxies
   vars_files:
+    - vars/zdm_proxy_container_config.yml
     - vars/zdm_proxy_cluster_config.yml
     - vars/zdm_proxy_core_config.yml
     - vars/zdm_proxy_advanced_config.yml
     - vars/zdm_playbook_internal_config.yml
 
   tasks:
-    - name: Generate env var file from template for mutable configuration
+    - name: Generate configuration file from template for mutable configuration
       template:
-        src: "zdm_proxy_mutable_config.j2"
+        src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}"
     - name: Merge the immutable and mutable configuration files into a single one
       assemble:
         src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
-        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}"
+        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}"
 
 - name: Configure and restart each ZDM proxy in a rolling fashion
   hosts: proxies
@@ -45,7 +46,8 @@
     - vars/zdm_proxy_core_config.yml  # this inclusion is for backward compatibility and will be removed in the future
 
   tasks:
-    - name: Create ZDM proxy container with updated configuration
+    - name: Create ZDM proxy container with updated env vars
+      when: "zdm_proxy_config_mode == 'env_vars'"
       docker_container:
         name: "{{ zdm_proxy_container_name }}"
         image: "{{ zdm_proxy_image }}"
@@ -65,6 +67,25 @@
         state: started
       vars:
         ansible_python_interpreter: python3
+
+    - name: Create ZDM proxy container with updated configuration file
+      when: "zdm_proxy_config_mode == 'conf_file'"
+      docker_container:
+        name: "{{ zdm_proxy_container_name }}"
+        image: "{{ zdm_proxy_image }}"
+        command:
+          - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}"
+        mounts:
+          - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            type: bind
+        network_mode: host
+        restart_policy: unless-stopped
+        restart: yes
+        state: started
+      vars:
+        ansible_python_interpreter: python3
+
     - name: Wait for this ZDM proxy to come up
       uri:
         url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness"
@@ -76,6 +97,3 @@
     - pause:
         prompt: "Pause for {{ pause_between_restarts_in_seconds }} seconds after restarting this ZDM proxy instance"
         seconds: "{{ pause_between_restarts_in_seconds }}"
-
-
-
diff --git a/...e/templates/zdm_proxy_immutable_config.j2 → ...es/zdm_proxy_immutable_config_env_vars.j2 b/...e/templates/zdm_proxy_immutable_config.j2 → ...es/zdm_proxy_immutable_config_env_vars.j2
diff --git a/ansible/templates/zdm_proxy_immutable_config_file.j2 b/ansible/templates/zdm_proxy_immutable_config_file.j2
@@ -0,0 +1,72 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+
+{% set zdm_proxy_address_list = [] %}
+{% for host in groups['proxies'] %}
+    {{ zdm_proxy_address_list.append(host) }}
+{% endfor %}
+proxy_topology_index:{{ groups['proxies'].index(hostvars[inventory_hostname]['ansible_default_ipv4']['address']) }}
+proxy_topology_addresses:{{ zdm_proxy_address_list|join(',') }}
+
+{% if ( origin_contact_points is defined ) %}
+origin_contact_points:{{ origin_contact_points }}
+  {% if ( origin_port is defined ) %}
+origin_port:{{ origin_port }}
+  {% endif %}
+{% elif ( ( origin_scb_downloaded is defined and origin_scb_downloaded == 'success' ) or ( origin_scb_provided is defined and origin_scb_provided == 'success' ) )%}
+origin_secure_connect_bundle_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/origin_scb.zip
+{% endif %}
+{% if ( origin_local_datacenter is defined ) %}
+origin_local_datacenter:{{ origin_local_datacenter }}
+{% endif %}
+
+{% if ( target_contact_points is defined ) %}
+target_contact_points:{{ target_contact_points }}
+  {% if ( target_port is defined ) %}
+target_port:{{ target_port }}
+  {% endif %}
+{% elif ( target_scb_downloaded is defined and target_scb_downloaded == 'success' ) or ( target_scb_provided is defined and target_scb_provided == 'success' ) %}
+target_secure_connect_bundle_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/target_scb.zip
+{% endif %}
+{% if ( target_local_datacenter is defined ) %}
+target_local_datacenter:{{ target_local_datacenter }}
+{% endif %}
+
+proxy_listen_address:{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
+proxy_listen_port:{{ zdm_proxy_listen_port }}
+
+metrics_address:{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
+metrics_port:{{ metrics_port }}
+
+{% if ( origin_tls_user_dir_path is defined and origin_tls_server_ca_filename is defined ) %}
+origin_tls_server_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_server_ca_filename }}
+{% endif %}
+{% if ( origin_tls_user_dir_path is defined and origin_tls_client_cert_filename is defined ) %}
+origin_tls_client_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_cert_filename }}
+{% endif %}
+{% if ( origin_tls_user_dir_path is defined and origin_tls_client_key_filename is defined ) %}
+origin_tls_client_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_key_filename }}
+{% endif %}
+
+{% if ( target_tls_user_dir_path is defined and target_tls_server_ca_filename is defined ) %}
+target_tls_server_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_server_ca_filename }}
+{% endif %}
+{% if ( target_tls_user_dir_path is defined and target_tls_client_cert_filename is defined ) %}
+target_tls_client_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_cert_filename }}
+{% endif %}
+{% if ( target_tls_user_dir_path is defined and target_tls_client_key_filename is defined ) %}
+target_tls_client_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_key_filename }}
+{% endif %}
+
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_ca_filename is defined ) %}
+proxy_tls_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_ca_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_cert_filename is defined ) %}
+proxy_tls_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_cert_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_key_filename is defined ) %}
+proxy_tls_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_key_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_require_client_auth is defined ) %}
+proxy_tls_require_client_auth:{{ zdm_proxy_tls_require_client_auth }}
+{% endif %}
+
diff --git a/...ble/templates/zdm_proxy_mutable_config.j2 → ...ates/zdm_proxy_mutable_config_env_vars.j2 b/...ble/templates/zdm_proxy_mutable_config.j2 → ...ates/zdm_proxy_mutable_config_env_vars.j2
diff --git a/ansible/templates/zdm_proxy_mutable_config_file.j2 b/ansible/templates/zdm_proxy_mutable_config_file.j2
@@ -0,0 +1,53 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+
+{% if ( primary_cluster is defined ) %}
+primary_cluster:{{ primary_cluster }}
+{% endif %}
+
+{% if ( read_mode is defined ) %}
+read_mode:{{ read_mode }}
+{% endif %}
+
+{% if ( log_level is defined ) %}
+log_level:{{ log_level }}
+{% endif %}
+
+{% if ( zdm_proxy_max_clients_connections is defined ) %}
+proxy_max_client_connections:{{ zdm_proxy_max_clients_connections }}
+{% endif %}
+
+{% if ( zdm_proxy_request_timeout_ms is defined ) %}
+proxy_request_timeout_ms:{{ zdm_proxy_request_timeout_ms }}
+{% endif %}
+{% if ( origin_connection_timeout_ms is defined ) %}
+origin_connection_timeout_ms:{{ origin_connection_timeout_ms }}
+{% endif %}
+{% if ( target_connection_timeout_ms is defined ) %}
+target_connection_timeout_ms:{{ target_connection_timeout_ms }}
+{% endif %}
+{% if ( async_handshake_timeout_ms is defined ) %}
+async_handshake_timeout_ms:{{ async_handshake_timeout_ms }}
+{% endif %}
+{% if ( heartbeat_interval_ms is defined ) %}
+heartbeat_interval_ms:{{ heartbeat_interval_ms }}
+{% endif %}
+{% if ( zdm_proxy_max_stream_ids is defined ) %}
+proxy_max_stream_ids:{{ zdm_proxy_max_stream_ids }}
+{% endif %}
+
+{% if ( metrics_enabled is defined ) %}
+metrics_enabled:{{ metrics_enabled }}
+{% endif %}
+
+{% if ( system_queries_mode is defined ) %}
+system_queries_mode:{{ system_queries_mode }}
+{% endif %}
+
+{% if ( replace_cql_functions is defined ) %}
+replace_cql_functions:{{ replace_cql_functions }}
+{% endif %}
+
+{% if ( forward_client_credentials_to_origin is defined ) %}
+forward_client_credentials_to_origin:{{ forward_client_credentials_to_origin }}
+{% endif %}
+
diff --git a/ansible/vars/zdm_playbook_internal_config.yml b/ansible/vars/zdm_playbook_internal_config.yml
@@ -11,6 +11,7 @@ zdm_proxy_config_fragments_dir_name: zdm_proxy_config_fragments
 zdm_proxy_mutable_config_fragment_file_name: zdm_proxy_mutable_config.env
 zdm_proxy_immutable_config_fragment_file_name: zdm_proxy_immutable_config.env
 zdm_proxy_environment_config_file_name: zdm_proxy_config.env
+zdm_proxy_config_file_name: zdm_proxy_config.yml
 
 origin_scb_file_name: origin_scb
 target_scb_file_name: target_scb

diff --git a/ansible/vars/zdm_proxy_container_config.yml b/ansible/vars/zdm_proxy_container_config.yml
@@ -2,4 +2,8 @@
 zdm_proxy_image: datastax/zdm-proxy:2.x
 
 create_containers: 1
-zdm_proxy_container_name: zdm-proxy-container
+zdm_proxy_container_name: zdm-proxy-container
+
+# Defines how configuration shall be passed to ZDM proxy.
+# Allowed values are "env_vars" and "conf_file".
+zdm_proxy_config_mode: env_vars