From 18c42c197d36e0216a299f974a093dcbee7c82f8 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Mon, 7 Oct 2024 12:21:05 +0100 Subject: [PATCH 01/20] Adding internal virtual IPs --- resources/attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 8d2a6e93..52aae190 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -227,7 +227,7 @@ default['redborder']['druid']['historical']['maxsize'] = -1 # Virtual Ips -default['redborder']['manager']['virtual_ips'] = { external: [ { service: 'webui', deps: ['nginx'] }, { service: 'f2k' }, { service: 'sfacctd' }, { service: 'kafka' } ] } +default['redborder']['manager']['virtual_ips'] = { internal: [{ service: 'postgresql' }], external: [{ service: 'webui', deps: ['nginx'] }, { service: 'f2k' }, { service: 'sfacctd' }, { service: 'kafka' }] } # Realtime default['redborder']['druid']['realtime']['partition_num'] = 0 From 6e8191fc0d6f59fdb5f4029b0b866b39bcaf810b Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Tue, 8 Oct 2024 10:21:17 +0100 Subject: [PATCH 02/20] Passing sync_interface to keepalived --- resources/recipes/configure.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index d82f13f9..c0f07a8e 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -84,6 +84,7 @@ manager_services manager_services ipmgt node['ipaddress'] iface_management node['redborder']['management_interface'] + iface_sync node['redborder']['sync_interface'] ipaddress_sync node['ipaddress_sync'] managers_per_service node['redborder']['managers_per_services'] if manager_services['keepalived'] From 179120a3aa903cc531a5ad998b845325522d80b0 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Tue, 8 Oct 2024 14:33:00 +0100 Subject: [PATCH 03/20] Fixing hardcoing of iface in databags depending if service is internal or external --- resources/libraries/get_virtual_ip_info.rb | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/resources/libraries/get_virtual_ip_info.rb b/resources/libraries/get_virtual_ip_info.rb index 4763fdbc..47f2ca4b 100644 --- a/resources/libraries/get_virtual_ip_info.rb +++ b/resources/libraries/get_virtual_ip_info.rb @@ -26,7 +26,13 @@ def get_virtual_ip_info(managers) hash['virtual'] = true hash['run_anywhere'] = true has_any_virtual_ip = true if hash['ip'] && manager_services[service['service']] - hash['iface'] = node['redborder']['management_interface'] + + if type.to_s == 'external' + hash['iface'] = node['redborder']['management_interface'] + elsif type.to_s == 'internal' + hash['iface'] = node['redborder']['sync_interface'] + end + if manager_services[service['service']] all_deps_enabled = true unless service['deps'].nil? @@ -44,7 +50,12 @@ def get_virtual_ip_info(managers) hash['run_anywhere'] = false nodeservice = nil managers.each do |m| - hash['iface'] = node['redborder']['management_interface'] + if type.to_s == 'external' + hash['iface'] = node['redborder']['management_interface'] + elsif type.to_s == 'internal' + hash['iface'] = node['redborder']['sync_interface'] + end + run_anywhere_flag = false if m.name == node.name @@ -61,7 +72,12 @@ def get_virtual_ip_info(managers) if nodeservice.nil? managers.each do |m| - hash['iface'] = node['redborder']['management_interface'] + if type.to_s == 'external' + hash['iface'] = node['redborder']['management_interface'] + elsif type.to_s == 'internal' + hash['iface'] = node['redborder']['sync_interface'] + end + run_anywhere_flag = false run_anywhere_flag = m['redborder']['manager']['services']['overwrite'][service['service']] unless m['redborder']['manager']['services']['overwrite'].nil? run_anywhere_flag = m['redborder']['manager']['services'][m['redborder']['manager']['mode']][service['service']] if run_anywhere_flag != true && !m['redborder']['manager']['services'][m['redborder']['manager']['mode']].nil? From 3b2d72710669f739d0a07683dd2a89c39e17a8b9 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Tue, 8 Oct 2024 14:36:44 +0100 Subject: [PATCH 04/20] There is no need to pass iface sync to keepalived --- resources/recipes/configure.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index c0f07a8e..d82f13f9 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -84,7 +84,6 @@ manager_services manager_services ipmgt node['ipaddress'] iface_management node['redborder']['management_interface'] - iface_sync node['redborder']['sync_interface'] ipaddress_sync node['ipaddress_sync'] managers_per_service node['redborder']['managers_per_services'] if manager_services['keepalived'] From c4c492d75b213ee4d995c879368aec3a3d567d86 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Tue, 8 Oct 2024 14:40:33 +0100 Subject: [PATCH 05/20] fix linter --- resources/libraries/get_virtual_ip_info.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/resources/libraries/get_virtual_ip_info.rb b/resources/libraries/get_virtual_ip_info.rb index 47f2ca4b..398c2fc5 100644 --- a/resources/libraries/get_virtual_ip_info.rb +++ b/resources/libraries/get_virtual_ip_info.rb @@ -26,13 +26,11 @@ def get_virtual_ip_info(managers) hash['virtual'] = true hash['run_anywhere'] = true has_any_virtual_ip = true if hash['ip'] && manager_services[service['service']] - if type.to_s == 'external' hash['iface'] = node['redborder']['management_interface'] elsif type.to_s == 'internal' hash['iface'] = node['redborder']['sync_interface'] end - if manager_services[service['service']] all_deps_enabled = true unless service['deps'].nil? @@ -55,7 +53,6 @@ def get_virtual_ip_info(managers) elsif type.to_s == 'internal' hash['iface'] = node['redborder']['sync_interface'] end - run_anywhere_flag = false if m.name == node.name @@ -77,7 +74,6 @@ def get_virtual_ip_info(managers) elsif type.to_s == 'internal' hash['iface'] = node['redborder']['sync_interface'] end - run_anywhere_flag = false run_anywhere_flag = m['redborder']['manager']['services']['overwrite'][service['service']] unless m['redborder']['manager']['services']['overwrite'].nil? run_anywhere_flag = m['redborder']['manager']['services'][m['redborder']['manager']['mode']][service['service']] if run_anywhere_flag != true && !m['redborder']['manager']['services'][m['redborder']['manager']['mode']].nil? From abecbdca523e0cd865f8d78a1f692a5e9f552117 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=20G=C3=B3mez?= Date: Tue, 8 Oct 2024 14:56:43 +0100 Subject: [PATCH 06/20] Update CHANGELOG.md --- CHANGELOG.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 14406e03..4fb7d626 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,6 @@ cookbook-rb-manager CHANGELOG =============== -## 2.10.2 - - - nilsver - - [e788b6b] Bugfix/18447 open port kafka public zone (#207) - ## 2.10.1 - Miguel Álvarez From 837ce9cdd75a086d936d3e3f09055de2bc6b56fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=20G=C3=B3mez?= Date: Tue, 8 Oct 2024 14:57:02 +0100 Subject: [PATCH 07/20] Delete resources/libraries/open_kafka_port.rb --- resources/libraries/open_kafka_port.rb | 62 -------------------------- 1 file changed, 62 deletions(-) delete mode 100644 resources/libraries/open_kafka_port.rb diff --git a/resources/libraries/open_kafka_port.rb b/resources/libraries/open_kafka_port.rb deleted file mode 100644 index 5c80e176..00000000 --- a/resources/libraries/open_kafka_port.rb +++ /dev/null @@ -1,62 +0,0 @@ -module RbManager - module Helpers - def get_ip_of_manager_ips - # IPS in manager mode has the role ips-sensor - sensors = search(:node, 'role:ips-sensor AND -redborder_parent_id:*?').sort - sensors.map { |s| { ipaddress: s['ipaddress'] } } - end - - def rule_exists?(rule) - command = "firewall-cmd --zone=public --query-rich-rule='rule family=\"ipv4\" #{rule}' > /dev/null 2>&1" - system(command) - end - - def get_existing_ips_for_port - existing_ips = [] - list_firewall_rules = `firewall-cmd --zone=public --list-rich-rules` - list_firewall_rules.split("\n").each do |rule| - if rule.include?('port="9092"') - ip_match = rule.match(/source address="([^"]+)"/) - existing_ips << ip_match[1] if ip_match - end - end - existing_ips - end - - def open_ports_for_ips - manager_ips = get_ip_of_manager_ips - existing_ips = get_existing_ips_for_port - reload_needed = false - - if manager_ips.empty? - existing_ips.each do |ip| - remove_command = "firewall-cmd --zone=public --remove-rich-rule='rule family=\"ipv4\" source address=#{ip} port port=9092 protocol=tcp accept' --permanent" - if rule_exists?("source address=#{ip} port port=9092 protocol=tcp accept") - system(remove_command) - reload_needed = true - end - end - else - # Remove IPs that are no longer needed - ips_to_remove = existing_ips - manager_ips.map { |ips| ips[:ipaddress] } - ips_to_remove.each do |ip| - remove_command = "firewall-cmd --zone=public --remove-rich-rule='rule family=\"ipv4\" source address=#{ip} port port=9092 protocol=tcp accept' --permanent" - if rule_exists?("source address=#{ip} port port=9092 protocol=tcp accept") - system(remove_command) - reload_needed = true - end - end - - manager_ips.each do |ips| - ip_address = ips[:ipaddress] - add_command = "firewall-cmd --zone=public --add-rich-rule='rule family=\"ipv4\" source address=#{ip_address} port port=9092 protocol=tcp accept' --permanent" - unless rule_exists?("source address=#{ip_address} port port=9092 protocol=tcp accept") - system(add_command) - reload_needed = true - end - end - end - system('firewall-cmd --reload') if reload_needed - end - end -end From 7a6ae579c067175fdba565551c57f4a0c327d744 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=20G=C3=B3mez?= Date: Tue, 8 Oct 2024 14:57:17 +0100 Subject: [PATCH 08/20] Update metadata.rb --- resources/metadata.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata.rb b/resources/metadata.rb index f79939f5..33d68ea6 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -5,7 +5,7 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures redborder manager' -version '2.10.2' +version '2.10.1' depends 'rb-common' depends 'chef-server' From 3b5494df1850060c2091db4d48348871dc7ab11e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=20G=C3=B3mez?= Date: Tue, 8 Oct 2024 14:57:38 +0100 Subject: [PATCH 09/20] Update prepare_system.rb --- resources/recipes/prepare_system.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 1d6d4c71..cd6b31f5 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -31,10 +31,6 @@ node.default[:ipaddress_sync] = ipaddress_sync -# Opens the kafka port for the IP of the IPS if in manager/ssh mode. -# If the manager has 2 or more interfaces. -open_ports_for_ips if ipaddress_sync != node['ip_address'] - # get mac mac_sync = `ip a | grep -w -B2 #{ipaddress_sync} | awk '{print toupper($2)}' | head -n 1 | tr -d '\n'` node.default['mac_sync'] = mac_sync From d37e20d0eaac4947032fc312e2c19b41ef4dbdb6 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 11 Oct 2024 16:19:49 +0100 Subject: [PATCH 10/20] Fix conflicts --- resources/libraries/open_kafka_ports.rb | 62 +++++++++++++++++++++++++ resources/recipes/prepare_system.rb | 4 ++ 2 files changed, 66 insertions(+) create mode 100644 resources/libraries/open_kafka_ports.rb diff --git a/resources/libraries/open_kafka_ports.rb b/resources/libraries/open_kafka_ports.rb new file mode 100644 index 00000000..5c80e176 --- /dev/null +++ b/resources/libraries/open_kafka_ports.rb @@ -0,0 +1,62 @@ +module RbManager + module Helpers + def get_ip_of_manager_ips + # IPS in manager mode has the role ips-sensor + sensors = search(:node, 'role:ips-sensor AND -redborder_parent_id:*?').sort + sensors.map { |s| { ipaddress: s['ipaddress'] } } + end + + def rule_exists?(rule) + command = "firewall-cmd --zone=public --query-rich-rule='rule family=\"ipv4\" #{rule}' > /dev/null 2>&1" + system(command) + end + + def get_existing_ips_for_port + existing_ips = [] + list_firewall_rules = `firewall-cmd --zone=public --list-rich-rules` + list_firewall_rules.split("\n").each do |rule| + if rule.include?('port="9092"') + ip_match = rule.match(/source address="([^"]+)"/) + existing_ips << ip_match[1] if ip_match + end + end + existing_ips + end + + def open_ports_for_ips + manager_ips = get_ip_of_manager_ips + existing_ips = get_existing_ips_for_port + reload_needed = false + + if manager_ips.empty? + existing_ips.each do |ip| + remove_command = "firewall-cmd --zone=public --remove-rich-rule='rule family=\"ipv4\" source address=#{ip} port port=9092 protocol=tcp accept' --permanent" + if rule_exists?("source address=#{ip} port port=9092 protocol=tcp accept") + system(remove_command) + reload_needed = true + end + end + else + # Remove IPs that are no longer needed + ips_to_remove = existing_ips - manager_ips.map { |ips| ips[:ipaddress] } + ips_to_remove.each do |ip| + remove_command = "firewall-cmd --zone=public --remove-rich-rule='rule family=\"ipv4\" source address=#{ip} port port=9092 protocol=tcp accept' --permanent" + if rule_exists?("source address=#{ip} port port=9092 protocol=tcp accept") + system(remove_command) + reload_needed = true + end + end + + manager_ips.each do |ips| + ip_address = ips[:ipaddress] + add_command = "firewall-cmd --zone=public --add-rich-rule='rule family=\"ipv4\" source address=#{ip_address} port port=9092 protocol=tcp accept' --permanent" + unless rule_exists?("source address=#{ip_address} port port=9092 protocol=tcp accept") + system(add_command) + reload_needed = true + end + end + end + system('firewall-cmd --reload') if reload_needed + end + end +end diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index cd6b31f5..1d6d4c71 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -31,6 +31,10 @@ node.default[:ipaddress_sync] = ipaddress_sync +# Opens the kafka port for the IP of the IPS if in manager/ssh mode. +# If the manager has 2 or more interfaces. +open_ports_for_ips if ipaddress_sync != node['ip_address'] + # get mac mac_sync = `ip a | grep -w -B2 #{ipaddress_sync} | awk '{print toupper($2)}' | head -n 1 | tr -d '\n'` node.default['mac_sync'] = mac_sync From 9c6520a7078ea5df2de11d693c0d306a4798b85e Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 11 Oct 2024 16:20:23 +0100 Subject: [PATCH 11/20] Fix conflict --- resources/libraries/{open_kafka_ports.rb => open_kafka_port.rb} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename resources/libraries/{open_kafka_ports.rb => open_kafka_port.rb} (100%) diff --git a/resources/libraries/open_kafka_ports.rb b/resources/libraries/open_kafka_port.rb similarity index 100% rename from resources/libraries/open_kafka_ports.rb rename to resources/libraries/open_kafka_port.rb From b1a8ffcc8a341934df2731f11db1717853b14400 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Mon, 14 Oct 2024 13:33:33 +0100 Subject: [PATCH 12/20] Passing virtual_ips variable to postgresql --- resources/recipes/configure.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index d82f13f9..80bc901f 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -601,6 +601,7 @@ postgresql_config 'Configure postgresql' do cdomain node['redborder']['cdomain'] ipaddress node['ipaddress_sync'] + virtual_ips virtual_ips if manager_services['postgresql'] && external_services['postgresql'] == 'onpremise' action [:add, :register] else From a3449625c148c396017341304f39e34aa31d51bb Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 09:23:49 +0100 Subject: [PATCH 13/20] Removing redborder-postgresql service --- resources/attributes/default.rb | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 52aae190..2ab6de03 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -75,7 +75,6 @@ default['redborder']['memory_services']['http2k'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['chef-server'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['postgresql'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['redborder-postgresql'] = { 'count': 5, 'memory': 0 } default['redborder']['memory_services']['mongodb'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['memcached'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['hadoop-nodemanager'] = { 'count': 50, 'memory': 0 } @@ -110,7 +109,7 @@ # geoip has been removed because is not a service default['redborder']['services_group']['full'] = %w(consul chef-server zookeeper memcached rsyslog kafka logstash s3 - postgresql redborder-postgresql nginx webui druid-broker + postgresql nginx webui druid-broker druid-historical druid-realtime druid-coordinator f2k redborder-monitor pmacct redborder-dswatcher mongodb redborder-events-counter http2k redborder-mem2incident) @@ -127,7 +126,7 @@ default['redborder']['services_group']['webui'] = %w(nginx webui) default['redborder']['services_group']['f2k'] = %w(f2k) default['redborder']['services_group']['s3'] = %w(nginx s3) -default['redborder']['services_group']['postgresql'] = %w(postgresql redborder-postgresql) +default['redborder']['services_group']['postgresql'] = %w(postgresql) default['redborder']['services'] = {} default['redborder']['services']['chef-client'] = true @@ -146,7 +145,6 @@ default['redborder']['services']['http2k'] = false default['redborder']['services']['webui'] = false default['redborder']['services']['postgresql'] = false -default['redborder']['services']['redborder-postgresql'] = false default['redborder']['services']['nginx'] = false default['redborder']['services']['redborder-cep'] = false default['redborder']['services']['rb-aioutliers'] = false @@ -191,7 +189,6 @@ default['redborder']['systemdservices']['zookeeper'] = ['zookeeper'] default['redborder']['systemdservices']['webui'] = ['webui'] default['redborder']['systemdservices']['postgresql'] = ['postgresql'] -default['redborder']['systemdservices']['redborder-postgresql'] = ['redborder-postgresql'] default['redborder']['systemdservices']['nginx'] = ['nginx'] default['redborder']['systemdservices']['redborder-cep'] = ['redborder-cep'] default['redborder']['systemdservices']['rb-aioutliers'] = ['rb-aioutliers'] From 54f31355853059ea55bd057d9a275feee6577d96 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 09:41:57 +0100 Subject: [PATCH 14/20] Fix conflicts --- resources/attributes/default.rb | 7 ------- 1 file changed, 7 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 0ed1d929..2fa822dc 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -75,13 +75,6 @@ default['redborder']['memory_services']['n2klocd'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['postgresql'] = { 'count': 10, 'memory': 0 } default['redborder']['memory_services']['rb-aioutliers'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['mongodb'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['memcached'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['hadoop-nodemanager'] = { 'count': 50, 'memory': 0 } -default['redborder']['memory_services']['hadoop-resourcemanager'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['snmp'] = { 'count': 5, 'memory': 0, 'max_limit': 10000 } -default['redborder']['memory_services']['redborder-monitor'] = { 'count': 5, 'memory': 0, 'max_limit': 20000 } -default['redborder']['memory_services']['rb-logstatter'] = { 'count': 5, 'memory': 0, 'max_limit': 20000 } default['redborder']['memory_services']['rb-arubacentral'] = { 'count': 5, 'memory': 0, 'max_limit': 20000 } default['redborder']['memory_services']['rb-logstatter'] = { 'count': 5, 'memory': 0, 'max_limit': 20000 } default['redborder']['memory_services']['redborder-ai'] = { 'count': 5, 'memory': 0 } From 12089b6b49858fe4f03bb04853c78b4db00e78f9 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 09:46:55 +0100 Subject: [PATCH 15/20] Fix conflicts --- resources/attributes/default.rb | 19 ++----------------- resources/recipes/configure.rb | 2 -- 2 files changed, 2 insertions(+), 19 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 2fa822dc..a0f1a484 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -102,24 +102,11 @@ # geoip has been removed because is not a service default['redborder']['services_group']['full'] = %w(consul chef-server zookeeper memcached rsyslog kafka logstash s3 postgresql nginx webui druid-broker - postgresql redborder-postgresql nginx webui rb-workers druid-broker + postgresql nginx webui rb-workers druid-broker druid-historical druid-realtime druid-coordinator f2k redborder-monitor sfacctd redborder-dswatcher mongodb redborder-events-counter http2k redborder-mem2incident) -default['redborder']['services_group']['custom'] = [] -default['redborder']['services_group']['core'] = %w(consul zookeeper druid-coordinator druid-overlord hadoop-resourcemanager) # consul server -default['redborder']['services_group']['chef'] = %w(chef-server) -default['redborder']['services_group']['kafka'] = %w(kafka) -default['redborder']['services_group']['historical'] = %w(druid-historical) -default['redborder']['services_group']['middlemanager'] = %w(druid-middlemanager) -default['redborder']['services_group']['broker'] = %w(druid-broker) -default['redborder']['services_group']['http2k'] = %w(http2k) -default['redborder']['services_group']['samza'] = %w(hadoop-nodemanager) -default['redborder']['services_group']['webui'] = %w(nginx webui) -default['redborder']['services_group']['f2k'] = %w(f2k) -default['redborder']['services_group']['s3'] = %w(nginx s3) -default['redborder']['services_group']['postgresql'] = %w(postgresql) default['redborder']['services_group']['custom'] = %w(consul) default['redborder']['services_group']['core'] = %w(consul zookeeper druid-coordinator druid-overlord) # consul server default['redborder']['services_group']['chef'] = %w(consul chef-server) @@ -131,7 +118,7 @@ default['redborder']['services_group']['webui'] = %w(consul nginx webui rb-workers) default['redborder']['services_group']['f2k'] = %w(consul f2k) default['redborder']['services_group']['s3'] = %w(consul nginx s3) -default['redborder']['services_group']['postgresql'] = %w(consul postgresql redborder-postgresql) +default['redborder']['services_group']['postgresql'] = %w(consul postgresql) default['redborder']['services'] = {} default['redborder']['services']['chef-client'] = true @@ -156,8 +143,6 @@ default['redborder']['services']['sfacct'] = false default['redborder']['services']['postfix'] = true default['redborder']['services']['postgresql'] = false -default['redborder']['services']['nginx'] = false -default['redborder']['services']['redborder-cep'] = false default['redborder']['services']['radiusd'] = false default['redborder']['services']['rb-aioutliers'] = false default['redborder']['services']['rb-arubacentral'] = false diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 632c7bec..869c3158 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -579,8 +579,6 @@ end postgresql_config 'Configure postgresql' do - cdomain node['redborder']['cdomain'] - ipaddress node['ipaddress_sync'] if manager_services['postgresql'] && external_services['postgresql'] == 'onpremise' cdomain node['redborder']['cdomain'] ipaddress node['ipaddress_sync'] From cbebd92cdc27115d426ead59ac9dda49087ecd74 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 10:10:33 +0100 Subject: [PATCH 16/20] Removing consul in postgresql custom mode --- resources/attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index a0f1a484..26b4010d 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -118,7 +118,7 @@ default['redborder']['services_group']['webui'] = %w(consul nginx webui rb-workers) default['redborder']['services_group']['f2k'] = %w(consul f2k) default['redborder']['services_group']['s3'] = %w(consul nginx s3) -default['redborder']['services_group']['postgresql'] = %w(consul postgresql) +default['redborder']['services_group']['postgresql'] = %w(postgresql) default['redborder']['services'] = {} default['redborder']['services']['chef-client'] = true From e1b4fe871c7901d6cf598775ba8b7282b4983caa Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 10:11:26 +0100 Subject: [PATCH 17/20] Removing redborder-postgresql --- resources/attributes/default.rb | 3 --- 1 file changed, 3 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 26b4010d..25adca81 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -82,7 +82,6 @@ default['redborder']['memory_services']['redborder-mem2incident'] = { 'count': 5, 'memory': 0 } default['redborder']['memory_services']['redborder-monitor'] = { 'count': 5, 'memory': 0, 'max_limit': 20000 } default['redborder']['memory_services']['redborder-nmsp'] = { 'count': 10, 'memory': 0 } -default['redborder']['memory_services']['redborder-postgresql'] = { 'count': 5, 'memory': 0 } default['redborder']['memory_services']['snmp'] = { 'count': 5, 'memory': 0, 'max_limit': 10000 } default['redborder']['memory_services']['webui'] = { 'count': 40, 'memory': 0 } default['redborder']['memory_services']['zookeeper'] = { 'count': 20, 'memory': 0 } @@ -156,7 +155,6 @@ default['redborder']['services']['redborder-mem2incident'] = false default['redborder']['services']['redborder-monitor'] = true default['redborder']['services']['redborder-nmsp'] = false -default['redborder']['services']['redborder-postgresql'] = false default['redborder']['services']['redborder-scanner'] = false default['redborder']['services']['rsyslog'] = true default['redborder']['services']['s3'] = false @@ -199,7 +197,6 @@ default['redborder']['systemdservices']['redborder-mem2incident'] = ['redborder-mem2incident'] default['redborder']['systemdservices']['redborder-monitor'] = ['redborder-monitor'] default['redborder']['systemdservices']['redborder-nmsp'] = ['redborder-nmsp'] -default['redborder']['systemdservices']['redborder-postgresql'] = ['redborder-postgresql'] default['redborder']['systemdservices']['redborder-scanner'] = ['redborder-scanner'] default['redborder']['systemdservices']['rsyslog'] = ['rsyslog'] default['redborder']['systemdservices']['s3'] = ['minio'] From e332fce4471109beab8389f07af112e9ddd75906 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Fri, 25 Oct 2024 15:00:12 +0100 Subject: [PATCH 18/20] Adding consul again --- resources/attributes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 25adca81..f5669eb5 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -117,7 +117,7 @@ default['redborder']['services_group']['webui'] = %w(consul nginx webui rb-workers) default['redborder']['services_group']['f2k'] = %w(consul f2k) default['redborder']['services_group']['s3'] = %w(consul nginx s3) -default['redborder']['services_group']['postgresql'] = %w(postgresql) +default['redborder']['services_group']['postgresql'] = %w(consul postgresql) default['redborder']['services'] = {} default['redborder']['services']['chef-client'] = true From 56ea39f27f8a451653a9e21dee5e6c0881d8d89a Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Mon, 28 Oct 2024 12:35:33 +0000 Subject: [PATCH 19/20] Fixing services --- resources/attributes/default.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index f5669eb5..fe6586b9 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -100,7 +100,6 @@ # geoip has been removed because is not a service default['redborder']['services_group']['full'] = %w(consul chef-server zookeeper memcached rsyslog kafka logstash s3 - postgresql nginx webui druid-broker postgresql nginx webui rb-workers druid-broker druid-historical druid-realtime druid-coordinator f2k redborder-monitor sfacctd redborder-dswatcher mongodb From 564e6fc372bc0e4568ca0fd0cbee5f894394c0b1 Mon Sep 17 00:00:00 2001 From: Rafael Gomez Date: Tue, 26 Nov 2024 15:54:08 +0000 Subject: [PATCH 20/20] Changing order of postgresql cookbook --- resources/recipes/configure.rb | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 2f03f0a9..8921e019 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -100,6 +100,23 @@ end end +# Determine external +begin + external_services = data_bag_item('rBglobal', 'external_services') +rescue + external_services = {} +end + +postgresql_config 'Configure postgresql' do + if manager_services['postgresql'] && external_services['postgresql'] == 'onpremise' + cdomain node['redborder']['cdomain'] + ipaddress node['ipaddress_sync'] + action [:add, :register] + else + action [:remove, :deregister] + end +end + zookeeper_config 'Configure Zookeeper' do if manager_services['zookeeper'] port node['zookeeper']['port'] @@ -595,23 +612,6 @@ end end -# Determine external -begin - external_services = data_bag_item('rBglobal', 'external_services') -rescue - external_services = {} -end - -postgresql_config 'Configure postgresql' do - if manager_services['postgresql'] && external_services['postgresql'] == 'onpremise' - cdomain node['redborder']['cdomain'] - ipaddress node['ipaddress_sync'] - action [:add, :register] - else - action [:remove, :deregister] - end -end - s3_secrets = {} begin