diff --git a/ansible/deploy_zdm_proxy.yml b/ansible/deploy_zdm_proxy.yml index c5e283b..0245c5d 100644 --- a/ansible/deploy_zdm_proxy.yml +++ b/ansible/deploy_zdm_proxy.yml @@ -209,6 +209,7 @@ - name: Create ZDM proxy configuration env file hosts: proxies vars_files: + - vars/zdm_proxy_container_config.yml - vars/zdm_proxy_cluster_config.yml - vars/zdm_proxy_core_config.yml - vars/zdm_proxy_advanced_config.yml @@ -220,18 +221,18 @@ file: path: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}" state: directory - - name: Generate env var file from template for immutable configuration + - name: Generate configuration file from template for immutable configuration template: - src: "zdm_proxy_immutable_config.j2" + src: "{{ 'zdm_proxy_immutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_immutable_config_file.j2' }}" dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_immutable_config_fragment_file_name }}" - - name: Generate env var file from template for mutable configuration + - name: Generate configuration file from template for mutable configuration template: - src: "zdm_proxy_mutable_config.j2" + src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}" dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}" - name: Merge the immutable and mutable configuration files into a single one assemble: src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}" - dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}" + dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}" - name: Install ZDM Proxy hosts: proxies @@ -251,7 +252,8 @@ vars: ansible_python_interpreter: python3 - - name: Create ZDM proxy container + - name: Create ZDM proxy container with env vars + when: "zdm_proxy_config_mode == 'env_vars'" docker_container: name: "{{ zdm_proxy_container_name }}" image: "docker.io/{{ zdm_proxy_image }}" @@ -272,6 +274,24 @@ vars: ansible_python_interpreter: python3 + - name: Create ZDM proxy container with configuration file + when: "zdm_proxy_config_mode == 'conf_file'" + docker_container: + name: "{{ zdm_proxy_container_name }}" + image: "docker.io/{{ zdm_proxy_image }}" + command: + - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}" + mounts: + - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}" + target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}" + type: bind + network_mode: host + restart_policy: unless-stopped + restart: yes + state: started + vars: + ansible_python_interpreter: python3 + - name: Wait for this ZDM proxy to come up uri: url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness" diff --git a/ansible/rolling_update_zdm_proxy.yml b/ansible/rolling_update_zdm_proxy.yml index 2e470b5..9ae845d 100644 --- a/ansible/rolling_update_zdm_proxy.yml +++ b/ansible/rolling_update_zdm_proxy.yml @@ -18,20 +18,21 @@ - name: Create ZDM proxy configuration env file based on the latest configuration hosts: proxies vars_files: + - vars/zdm_proxy_container_config.yml - vars/zdm_proxy_cluster_config.yml - vars/zdm_proxy_core_config.yml - vars/zdm_proxy_advanced_config.yml - vars/zdm_playbook_internal_config.yml tasks: - - name: Generate env var file from template for mutable configuration + - name: Generate configuration file from template for mutable configuration template: - src: "zdm_proxy_mutable_config.j2" + src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}" dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}" - name: Merge the immutable and mutable configuration files into a single one assemble: src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}" - dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}" + dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}" - name: Configure and restart each ZDM proxy in a rolling fashion hosts: proxies @@ -45,7 +46,8 @@ - vars/zdm_proxy_core_config.yml # this inclusion is for backward compatibility and will be removed in the future tasks: - - name: Create ZDM proxy container with updated configuration + - name: Create ZDM proxy container with updated env vars + when: "zdm_proxy_config_mode == 'env_vars'" docker_container: name: "{{ zdm_proxy_container_name }}" image: "{{ zdm_proxy_image }}" @@ -65,6 +67,25 @@ state: started vars: ansible_python_interpreter: python3 + + - name: Create ZDM proxy container with updated configuration file + when: "zdm_proxy_config_mode == 'conf_file'" + docker_container: + name: "{{ zdm_proxy_container_name }}" + image: "{{ zdm_proxy_image }}" + command: + - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}" + mounts: + - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}" + target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}" + type: bind + network_mode: host + restart_policy: unless-stopped + restart: yes + state: started + vars: + ansible_python_interpreter: python3 + - name: Wait for this ZDM proxy to come up uri: url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness" @@ -76,6 +97,3 @@ - pause: prompt: "Pause for {{ pause_between_restarts_in_seconds }} seconds after restarting this ZDM proxy instance" seconds: "{{ pause_between_restarts_in_seconds }}" - - - diff --git a/ansible/templates/zdm_proxy_immutable_config.j2 b/ansible/templates/zdm_proxy_immutable_config_env_vars.j2 similarity index 100% rename from ansible/templates/zdm_proxy_immutable_config.j2 rename to ansible/templates/zdm_proxy_immutable_config_env_vars.j2 diff --git a/ansible/templates/zdm_proxy_immutable_config_file.j2 b/ansible/templates/zdm_proxy_immutable_config_file.j2 new file mode 100644 index 0000000..9b96f67 --- /dev/null +++ b/ansible/templates/zdm_proxy_immutable_config_file.j2 @@ -0,0 +1,72 @@ +#jinja2: lstrip_blocks: "True", trim_blocks: "True" + +{% set zdm_proxy_address_list = [] %} +{% for host in groups['proxies'] %} + {{ zdm_proxy_address_list.append(host) }} +{% endfor %} +proxy_topology_index:{{ groups['proxies'].index(hostvars[inventory_hostname]['ansible_default_ipv4']['address']) }} +proxy_topology_addresses:{{ zdm_proxy_address_list|join(',') }} + +{% if ( origin_contact_points is defined ) %} +origin_contact_points:{{ origin_contact_points }} + {% if ( origin_port is defined ) %} +origin_port:{{ origin_port }} + {% endif %} +{% elif ( ( origin_scb_downloaded is defined and origin_scb_downloaded == 'success' ) or ( origin_scb_provided is defined and origin_scb_provided == 'success' ) )%} +origin_secure_connect_bundle_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/origin_scb.zip +{% endif %} +{% if ( origin_local_datacenter is defined ) %} +origin_local_datacenter:{{ origin_local_datacenter }} +{% endif %} + +{% if ( target_contact_points is defined ) %} +target_contact_points:{{ target_contact_points }} + {% if ( target_port is defined ) %} +target_port:{{ target_port }} + {% endif %} +{% elif ( target_scb_downloaded is defined and target_scb_downloaded == 'success' ) or ( target_scb_provided is defined and target_scb_provided == 'success' ) %} +target_secure_connect_bundle_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/target_scb.zip +{% endif %} +{% if ( target_local_datacenter is defined ) %} +target_local_datacenter:{{ target_local_datacenter }} +{% endif %} + +proxy_listen_address:{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} +proxy_listen_port:{{ zdm_proxy_listen_port }} + +metrics_address:{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }} +metrics_port:{{ metrics_port }} + +{% if ( origin_tls_user_dir_path is defined and origin_tls_server_ca_filename is defined ) %} +origin_tls_server_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_server_ca_filename }} +{% endif %} +{% if ( origin_tls_user_dir_path is defined and origin_tls_client_cert_filename is defined ) %} +origin_tls_client_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_cert_filename }} +{% endif %} +{% if ( origin_tls_user_dir_path is defined and origin_tls_client_key_filename is defined ) %} +origin_tls_client_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_key_filename }} +{% endif %} + +{% if ( target_tls_user_dir_path is defined and target_tls_server_ca_filename is defined ) %} +target_tls_server_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_server_ca_filename }} +{% endif %} +{% if ( target_tls_user_dir_path is defined and target_tls_client_cert_filename is defined ) %} +target_tls_client_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_cert_filename }} +{% endif %} +{% if ( target_tls_user_dir_path is defined and target_tls_client_key_filename is defined ) %} +target_tls_client_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_key_filename }} +{% endif %} + +{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_ca_filename is defined ) %} +proxy_tls_ca_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_ca_filename }} +{% endif %} +{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_cert_filename is defined ) %} +proxy_tls_cert_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_cert_filename }} +{% endif %} +{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_key_filename is defined ) %} +proxy_tls_key_path:{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_key_filename }} +{% endif %} +{% if ( zdm_proxy_tls_require_client_auth is defined ) %} +proxy_tls_require_client_auth:{{ zdm_proxy_tls_require_client_auth }} +{% endif %} + diff --git a/ansible/templates/zdm_proxy_mutable_config.j2 b/ansible/templates/zdm_proxy_mutable_config_env_vars.j2 similarity index 100% rename from ansible/templates/zdm_proxy_mutable_config.j2 rename to ansible/templates/zdm_proxy_mutable_config_env_vars.j2 diff --git a/ansible/templates/zdm_proxy_mutable_config_file.j2 b/ansible/templates/zdm_proxy_mutable_config_file.j2 new file mode 100644 index 0000000..81adf8c --- /dev/null +++ b/ansible/templates/zdm_proxy_mutable_config_file.j2 @@ -0,0 +1,53 @@ +#jinja2: lstrip_blocks: "True", trim_blocks: "True" + +{% if ( primary_cluster is defined ) %} +primary_cluster:{{ primary_cluster }} +{% endif %} + +{% if ( read_mode is defined ) %} +read_mode:{{ read_mode }} +{% endif %} + +{% if ( log_level is defined ) %} +log_level:{{ log_level }} +{% endif %} + +{% if ( zdm_proxy_max_clients_connections is defined ) %} +proxy_max_client_connections:{{ zdm_proxy_max_clients_connections }} +{% endif %} + +{% if ( zdm_proxy_request_timeout_ms is defined ) %} +proxy_request_timeout_ms:{{ zdm_proxy_request_timeout_ms }} +{% endif %} +{% if ( origin_connection_timeout_ms is defined ) %} +origin_connection_timeout_ms:{{ origin_connection_timeout_ms }} +{% endif %} +{% if ( target_connection_timeout_ms is defined ) %} +target_connection_timeout_ms:{{ target_connection_timeout_ms }} +{% endif %} +{% if ( async_handshake_timeout_ms is defined ) %} +async_handshake_timeout_ms:{{ async_handshake_timeout_ms }} +{% endif %} +{% if ( heartbeat_interval_ms is defined ) %} +heartbeat_interval_ms:{{ heartbeat_interval_ms }} +{% endif %} +{% if ( zdm_proxy_max_stream_ids is defined ) %} +proxy_max_stream_ids:{{ zdm_proxy_max_stream_ids }} +{% endif %} + +{% if ( metrics_enabled is defined ) %} +metrics_enabled:{{ metrics_enabled }} +{% endif %} + +{% if ( system_queries_mode is defined ) %} +system_queries_mode:{{ system_queries_mode }} +{% endif %} + +{% if ( replace_cql_functions is defined ) %} +replace_cql_functions:{{ replace_cql_functions }} +{% endif %} + +{% if ( forward_client_credentials_to_origin is defined ) %} +forward_client_credentials_to_origin:{{ forward_client_credentials_to_origin }} +{% endif %} + diff --git a/ansible/vars/zdm_playbook_internal_config.yml b/ansible/vars/zdm_playbook_internal_config.yml index f588e23..1790946 100644 --- a/ansible/vars/zdm_playbook_internal_config.yml +++ b/ansible/vars/zdm_playbook_internal_config.yml @@ -11,6 +11,7 @@ zdm_proxy_config_fragments_dir_name: zdm_proxy_config_fragments zdm_proxy_mutable_config_fragment_file_name: zdm_proxy_mutable_config.env zdm_proxy_immutable_config_fragment_file_name: zdm_proxy_immutable_config.env zdm_proxy_environment_config_file_name: zdm_proxy_config.env +zdm_proxy_config_file_name: zdm_proxy_config.yml origin_scb_file_name: origin_scb target_scb_file_name: target_scb diff --git a/ansible/vars/zdm_proxy_container_config.yml b/ansible/vars/zdm_proxy_container_config.yml index 284aaea..85e709d 100644 --- a/ansible/vars/zdm_proxy_container_config.yml +++ b/ansible/vars/zdm_proxy_container_config.yml @@ -2,4 +2,8 @@ zdm_proxy_image: datastax/zdm-proxy:2.x create_containers: 1 -zdm_proxy_container_name: zdm-proxy-container \ No newline at end of file +zdm_proxy_container_name: zdm-proxy-container + +# Defines how configuration shall be passed to ZDM proxy. +# Allowed values are "env_vars" and "conf_file". +zdm_proxy_config_mode: env_vars \ No newline at end of file