From ff7c5c62952c6eabdcb0589c7e3fe1d15a3e5ce9 Mon Sep 17 00:00:00 2001 From: HarrisChu <1726587+HarrisChu@users.noreply.github.com> Date: Tue, 11 May 2021 11:03:14 +0800 Subject: [PATCH 1/3] add ansible --- ansible/.editorconfig | 35 +++++++ ansible/.gitignore | 14 +++ ansible/README.md | 83 +++++++++++++++ ansible/README_zh.md | 77 ++++++++++++++ ansible/ansible.cfg | 23 +++++ ansible/create_users.yml | 21 ++++ ansible/deploy.yml | 38 +++++++ ansible/filter_plugins/__init__.py | 0 ansible/filter_plugins/datetime_format.py | 16 +++ ansible/filter_plugins/map_format.py | 20 ++++ ansible/group_vars/all.yml | 24 +++++ ansible/install.yml | 22 ++++ ansible/inventory.ini | 33 ++++++ ansible/remove.yml | 24 +++++ ansible/restart.yml | 42 ++++++++ ansible/roles/environment/tasks/main.yml | 18 ++++ ansible/roles/firewalld/defaults/main.yml | 3 + ansible/roles/firewalld/tasks/main.yml | 25 +++++ ansible/roles/install/tasks/main.yml | 40 +++++++ ansible/roles/local/tasks/main.yml | 47 +++++++++ ansible/roles/nebula-graphd/tasks/main.yml | 7 ++ ansible/roles/nebula-metad/tasks/main.yml | 9 ++ ansible/roles/nebula-storaged/tasks/main.yml | 8 ++ ansible/roles/op/tasks/main.yml | 12 +++ ansible/roles/prepare/tasks/main.yaml | 15 +++ ansible/roles/remove/tasks/main.yml | 31 ++++++ ansible/start.yml | 23 +++++ ansible/status.yml | 23 +++++ ansible/stop.yml | 26 +++++ ansible/templates/nebula-graphd.conf.j2 | 74 +++++++++++++ ansible/templates/nebula-metad.conf.j2 | 53 ++++++++++ ansible/templates/nebula-storaged.conf.j2 | 103 +++++++++++++++++++ 32 files changed, 989 insertions(+) create mode 100644 ansible/.editorconfig create mode 100644 ansible/.gitignore create mode 100644 ansible/README.md create mode 100644 ansible/README_zh.md create mode 100644 ansible/ansible.cfg create mode 100644 ansible/create_users.yml create mode 100644 ansible/deploy.yml create mode 100644 ansible/filter_plugins/__init__.py create mode 100644 ansible/filter_plugins/datetime_format.py create mode 100644 ansible/filter_plugins/map_format.py create mode 100644 ansible/group_vars/all.yml create mode 100644 ansible/install.yml create mode 100644 ansible/inventory.ini create mode 100644 ansible/remove.yml create mode 100644 ansible/restart.yml create mode 100644 ansible/roles/environment/tasks/main.yml create mode 100644 ansible/roles/firewalld/defaults/main.yml create mode 100644 ansible/roles/firewalld/tasks/main.yml create mode 100644 ansible/roles/install/tasks/main.yml create mode 100644 ansible/roles/local/tasks/main.yml create mode 100644 ansible/roles/nebula-graphd/tasks/main.yml create mode 100644 ansible/roles/nebula-metad/tasks/main.yml create mode 100644 ansible/roles/nebula-storaged/tasks/main.yml create mode 100644 ansible/roles/op/tasks/main.yml create mode 100644 ansible/roles/prepare/tasks/main.yaml create mode 100644 ansible/roles/remove/tasks/main.yml create mode 100644 ansible/start.yml create mode 100644 ansible/status.yml create mode 100644 ansible/stop.yml create mode 100644 ansible/templates/nebula-graphd.conf.j2 create mode 100644 ansible/templates/nebula-metad.conf.j2 create mode 100644 ansible/templates/nebula-storaged.conf.j2 diff --git a/ansible/.editorconfig b/ansible/.editorconfig new file mode 100644 index 0000000..3ce28c2 --- /dev/null +++ b/ansible/.editorconfig @@ -0,0 +1,35 @@ +# top-most EditorConfig file +root = true + +# Unix-style newlines with a newline ending every file +[*] +end_of_line = lf +insert_final_newline = true + +# Matches multiple files with brace expansion notation +# Set default charset +[*.{js,py}] +charset = utf-8 + +# 4 space indentation +[*.py] +indent_style = space +indent_size = 4 + +# Tab indentation (no size specified) +[Makefile] +indent_style = tab + +# Tab indentation (no size specified) +[*.yml, *.yaml] +indent_style = tab + +# Indentation override for all JS under lib directory +[lib/**.js] +indent_style = space +indent_size = 2 + +# Matches the exact files either package.json or .travis.yml +[{package.json,.travis.yml}] +indent_style = space +indent_size = 2 diff --git a/ansible/.gitignore b/ansible/.gitignore new file mode 100644 index 0000000..c2ffbcf --- /dev/null +++ b/ansible/.gitignore @@ -0,0 +1,14 @@ +fact_files/ +retry_files/ + +*.log + + +*.pyc + +*.idea +packages + +poetry.lock +pyproject.toml +test.yml diff --git a/ansible/README.md b/ansible/README.md new file mode 100644 index 0000000..baee9e5 --- /dev/null +++ b/ansible/README.md @@ -0,0 +1,83 @@ +# nebula-ansible + +English | [中文](README_zh.md) + +**Attention**: Now nebula-ansible is only usable for CentOS 7 + +## Introduction + +nebula-ansible is a `Nebula` cluster deployment tool based on [ansible playbook](https://docs.ansible.com/ansible/latest/cli/ansible-playbook.html). + +## Usage + +### Prepare + +Prepare linux user, nebula directory on deployment machine. + +```bash +useradd nebula +passwd nebula +# nebula directory is '/home/nebula/nebula' by default. Could change it by yourself. +mkdir -p /data +chown -R nebula:nebula /data +``` + +Perform SSH login without password on control machine. + +```bash +ssh-keygen +ssh-copy-id nebula@{your_deployment_machine} + +``` + +### Install ansible + +```bash + +sudo yum install ansible + +``` + +Execute + +```shell +ansible --version +``` + +and make sure your ansible version is > `2.5`. + +Other installation methods can be seen [here](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) + +### Config ansible-playbook + +* Git clone the project. +* Change `inventory.ini` + - `install_source_type`, choose nebula package type, `GA` or `nightly`. + - `ansible_ssh_user`, the Linux ssh user, e.g. `nebula` + - `packages_dir`, RPM download directory on control machine. + - `deploy_dir`, nebula directory on deployment machine. e.g. `/home/nebula/nebula` + +* Change templates configuration if needed. **IMPORTANT**, DO NOT CHANGE `--local_ip` and `--meta_server_addrs` + +* Run `ansible -m ping all` to verify if all machines can be reached via SSH. + +### Run playbooks + +```bash +# install +ansible-playbook install.yml + +# start +ansible-playbook start.yml + +# stop +ansible-playbook stop.yml + +# status +ansible-playbook status.yml + +# remove +# remote binary firstly, then remove the whole directory. +ansible-playbook remove.yml + +``` diff --git a/ansible/README_zh.md b/ansible/README_zh.md new file mode 100644 index 0000000..663fa57 --- /dev/null +++ b/ansible/README_zh.md @@ -0,0 +1,77 @@ +# nebula-ansible + +Nebula-Graph ansible 安装工具,用于部署 nebula 集群。 + +## 前提 + +1. 操作系统是 Centos7 +2. 操作机有外网权限,可以下载 OSS 的 RPM 包 +3. 部署的机器已经建好用户,而且打通从控制机到部署机的 SSH。 +4. 所有机器的端口、数据盘等配置是一样的。 + +## 步骤 + +### 准备 + +部署机,创建用户,给用户目录权限,示例 + +```bash +useradd nebula +passwd nebula +# 默认安装在 /home/nebula/nebula,也可以自己制定部署目录 +mkdir -p /data +chown -R nebula:nebula /data +``` + +控制机,打通 ssh + +```bash +ssh-keygen +ssh-copy-id nebula@{your_deploy_machine} + +``` + +### 安装 ansible + +```bash + +sudo yum install ansible + +``` + +### 配置 ansible-playbook + +* Git clone 工程。 +* 修改 `inventory.ini` 文件 + - `install_source_type`,配置安装 GA 还是 nightly 的包。 + - `ansible_ssh_user`, SSH 的 Linux 用户,如 `nebula` + - `packages_dir`,操作机下载 rpm 包的目录。 + - `deploy_dir`,部署服务所在目录,如 `/home/nebula/nebula` + +* 修改 templates 中的各个配置 (如需要)。**注意**,不要更改 `--local_ip` 和 `--meta_server_addrs` + +* 运行 `ansible -m ping all` 看是否 ssh 已经打通 + +### 运行 + +```bash +# 安装 +# 如果只修改配置文件,不会重复覆盖二进制文件。 +# 即当目录有二进制文件时不会替换,如果要替换二进制,先执行删除 +# 需要安装的 rpm 包,会先下载到执行机的 package 文件夹 +ansible-playbook install.yml + +# 启动 +ansible-playbook start.yml + +# 停止 +ansible-playbook stop.yml + +# 查看状态 +ansible-playbook status.yml + +# 删除 +# 先删除二进制文件,后删除整个部署目录,两个操作分别有提示。 +ansible-playbook remove.yml + +``` diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg new file mode 100644 index 0000000..22ab86d --- /dev/null +++ b/ansible/ansible.cfg @@ -0,0 +1,23 @@ +[defaults] +inventory = inventory.ini +forks = 12 + +transport = ssh +host_key_checking = Fasle + +gathering = smart +gather_subset = network,hardware +fact_caching = jsonfile +fact_caching_connection = fact_files +retry_files_save_path = retry_files + +stdout_callback = yaml +callback_whitelist = profile_tasks, timer + +deprecation_warnings = False +log_path = ansible.log + +[ssh_connection] +pipelining=True +ssh_args = -o ControlMaster=auto -o ControlPersist=30m -o ConnectionAttempts=100 -o UserKnownHostsFile=/dev/null + diff --git a/ansible/create_users.yml b/ansible/create_users.yml new file mode 100644 index 0000000..981e4b7 --- /dev/null +++ b/ansible/create_users.yml @@ -0,0 +1,21 @@ +--- + +- hosts: all + tasks: + - name: create user + user: name={{ username }} shell=/bin/bash createhome=yes + + - name: set authorized key + authorized_key: + user: "{{ username }}" + key: "{{ lookup('file', '/home/{{ username }}/.ssh/id_rsa.pub') }}" + state: present + + - name: update sudoers file + lineinfile: + path: /etc/sudoers + insertafter: EOF + line: '{{ username }} ALL=(ALL) NOPASSWD: ALL' + regexp: '^{{ username }} .*' + state: present + diff --git a/ansible/deploy.yml b/ansible/deploy.yml new file mode 100644 index 0000000..5eeedf6 --- /dev/null +++ b/ansible/deploy.yml @@ -0,0 +1,38 @@ +--- +# deploy Nebula Graph cluster + +- name: set environment + hosts: all + become: true + roles: + - environment + +- name: copy nebula package to all machines in the cluster and install nebula on them + hosts: all + become: true + roles: + - install + +- name: configuration for metad service + hosts: metad_servers + become: true + roles: + - metad + +- name: configuration for graphd service + hosts: graphd_servers + become: true + roles: + - graphd + +- name: configuration for storaged service + hosts: storaged_servers + become: true + roles: + - storaged + +- name: configuration for firewall + hosts: all + become: true + roles: + - { role: firewalld, when: enable_firewalld is defined and enable_firewalld } diff --git a/ansible/filter_plugins/__init__.py b/ansible/filter_plugins/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/ansible/filter_plugins/datetime_format.py b/ansible/filter_plugins/datetime_format.py new file mode 100644 index 0000000..35fc27c --- /dev/null +++ b/ansible/filter_plugins/datetime_format.py @@ -0,0 +1,16 @@ +# -*- encoding: utf-8 -*- +import datetime + + +def yesturday_format(value): + yesturday = value - datetime.timedelta(days=1) + return yesturday.strftime('%Y.%m.%d') + + +class FilterModule(object): + """ jinja2 filters """ + + def filters(self): + return { + 'yesturday_format': yesturday_format, + } diff --git a/ansible/filter_plugins/map_format.py b/ansible/filter_plugins/map_format.py new file mode 100644 index 0000000..fa38759 --- /dev/null +++ b/ansible/filter_plugins/map_format.py @@ -0,0 +1,20 @@ +# -*- encoding: utf-8 -*- + +from jinja2.utils import soft_unicode + + +def map_format(value, pattern): + """ + e.g. + "{{ groups['metad']|map('map_format', '%s:9559')|join(',') }}" + """ + return soft_unicode(pattern) % (value) + + +class FilterModule(object): + """ jinja2 filters """ + + def filters(self): + return { + 'map_format': map_format, + } diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml new file mode 100644 index 0000000..287ce30 --- /dev/null +++ b/ansible/group_vars/all.yml @@ -0,0 +1,24 @@ +nebula_packages: + name: + "{%- if install_source_type == 'GA' -%} + nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }} + {%- else -%} + nebula-graph-{{ now()|yesturday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} + {%- endif -%}" + + version: + "{%- if install_source_type.lower() == 'ga' -%} + {{ nebula_version }} + {%- else -%} + {{ nebula_version }}-{{ now()|yesturday_format }}-nightly + {%- endif -%}" + + url: + "{%- if install_source_type.lower() == 'ga' -%} + https://oss-cdn.nebula-graph.io/package/{{ nebula_version }}/nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }} + {%- else -%} + https://oss-cdn.nebula-graph.io/package/v2-nightly/{{ now()|yesturday_format }}/nebula-graph-{{ now()|yesturday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} + {%- endif -%}" + + + diff --git a/ansible/install.yml b/ansible/install.yml new file mode 100644 index 0000000..977ed70 --- /dev/null +++ b/ansible/install.yml @@ -0,0 +1,22 @@ +--- +- hosts: localhost + connection: local + gather_facts: false + roles: + - local + +- hosts: all + roles: + - prepare + +- hosts: metad + roles: + - nebula-metad + +- hosts: storaged + roles: + - nebula-storaged + +- hosts: graphd + roles: + - nebula-graphd diff --git a/ansible/inventory.ini b/ansible/inventory.ini new file mode 100644 index 0000000..45b33be --- /dev/null +++ b/ansible/inventory.ini @@ -0,0 +1,33 @@ +[all:vars] +# GA or nightly +install_source_type = GA +nebula_version = 2.0.1 +os_version = el7 +arc = x86_64 +pkg = rpm + +packages_dir = {{ playbook_dir }}/packages +deploy_dir = /home/nebula/nebula +data_dir = {{ deploy_dir }}/data + +# ssh user +ansible_ssh_user = nebula + +force_download = False + +[metad] +192.168.8.147 + +[graphd] +192.168.8.145 +192.168.8.146 +192.168.8.147 + +[storaged] +192.168.8.145 +192.168.8.146 +192.168.8.147 + + +[test] +192.168.8.145 diff --git a/ansible/remove.yml b/ansible/remove.yml new file mode 100644 index 0000000..e169525 --- /dev/null +++ b/ansible/remove.yml @@ -0,0 +1,24 @@ +--- +- name: stop nebula-graph first + import_playbook: stop.yml + +- hosts: all + vars_prompt: + - name: confirmed + prompt: "Are you sure you want to remove the Nebula-Graph? Will delete binary only (yes/no)" + vars: + delete_type: binary + roles: + - remove + + +- hosts: all + vars_prompt: + - name: confirmed + prompt: "Are you sure you want to remove the Nebula-Graph? Will delete all data files (yes/no)" + vars: + delete_type: data + roles: + - remove + + diff --git a/ansible/restart.yml b/ansible/restart.yml new file mode 100644 index 0000000..89a7098 --- /dev/null +++ b/ansible/restart.yml @@ -0,0 +1,42 @@ +--- +- hosts: graphd + roles: + - op + vars: + - module: graphd + - op: stop + +- hosts: storaged + roles: + - op + vars: + - module: storaged + - op: stop + +- hosts: metad + roles: + - op + vars: + - module: metad + - op: stop + +- hosts: metad + roles: + - op + vars: + - module: metad + - op: start + +- hosts: storaged + roles: + - op + vars: + - module: storaged + - op: start + +- hosts: graphd + roles: + - op + vars: + - module: graphd + - op: start diff --git a/ansible/roles/environment/tasks/main.yml b/ansible/roles/environment/tasks/main.yml new file mode 100644 index 0000000..0eee006 --- /dev/null +++ b/ansible/roles/environment/tasks/main.yml @@ -0,0 +1,18 @@ +- name: modify soft limit of max open files number + lineinfile: + path: /etc/security/limits.conf + regexp: '^root soft nofile' + insertafter: EOF + line: 'root soft nofile 654321' + +- name: modify hard limit of max open files number + lineinfile: + path: /etc/security/limits.conf + regexp: '^root hard nofile' + insertafter: EOF + line: 'root hard nofile 654321' + +- name: restart sshd to make the changes on /etc/security/limits.conf take effect + service: + name: sshd + state: restarted diff --git a/ansible/roles/firewalld/defaults/main.yml b/ansible/roles/firewalld/defaults/main.yml new file mode 100644 index 0000000..f0ecd69 --- /dev/null +++ b/ansible/roles/firewalld/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +firewalld_ports: [45500/tcp,45501/tcp,11000/tcp,11002/tcp,44500/tcp,44501/tcp,12000/tcp,12002/tcp,3699/tcp,13000/tcp,13002/tcp] diff --git a/ansible/roles/firewalld/tasks/main.yml b/ansible/roles/firewalld/tasks/main.yml new file mode 100644 index 0000000..d93a558 --- /dev/null +++ b/ansible/roles/firewalld/tasks/main.yml @@ -0,0 +1,25 @@ +--- +# Tasks to configure firewalld rules + +- name: All enabled ports + debug: var=firewalld_ports + +# need root +- name: determine if firewalld is running + command: bash -c 'firewall-cmd --state || exit 0' + register: firewalld_running + ignore_errors: true + changed_when: false + +- name: enable firewalld ports + firewalld: + port: '{{ item }}' + permanent: true + state: enabled + when: firewalld_running.stdout.strip() == "running" + with_items: "{{ firewalld_ports }}" + register: firewalld + +- name: reload firewalld + service: name=firewalld state=reloaded + when: firewalld.changed is defined and firewalld.changed diff --git a/ansible/roles/install/tasks/main.yml b/ansible/roles/install/tasks/main.yml new file mode 100644 index 0000000..6fac8c5 --- /dev/null +++ b/ansible/roles/install/tasks/main.yml @@ -0,0 +1,40 @@ +- name: create directory to store nebula package on all machines in the cluster + file: + path: "{{ deploy_dir }}" + state: directory + mode: 0775 + +- name: verify if the package is exist + stat: + path: "{{ deploy_dir }}/bin" + register: stat_package + +- name: verify if the rpm is exist + stat: + path: "{{ deploy_dir }}/{{ nebula_packages.name }}" + register: stat_rpm + +- name: copy nebula package from Control Machine to all machines in the cluster + copy: + src: "{{ packages_dir }}/{{ nebula_packages.name }}" + dest: "{{ deploy_dir }}" + when: + - not stat_rpm.stat.exists + + +- name: unzip rpm file + shell: "{{ item }}" + with_items: + - "cd {{ deploy_dir }} && rpm2cpio {{ nebula_packages.name }} |cpio -div" + - "mv {{ deploy_dir }}/usr/local/nebula/bin {{ deploy_dir }}/" + - "mv {{ deploy_dir }}/usr/local/nebula/etc {{ deploy_dir }}/" + - "mv {{ deploy_dir }}/usr/local/nebula/share {{ deploy_dir }}/" + - "mv {{ deploy_dir }}/usr/local/nebula/scripts {{ deploy_dir }}/" + + when: + - not stat_package.stat.exists + +- name: config {{ module }}.conf + template: + src: "{{ playbook_dir}}/templates/{{ module }}.conf.j2" + dest: "{{ deploy_dir }}/etc/{{ module }}.conf" diff --git a/ansible/roles/local/tasks/main.yml b/ansible/roles/local/tasks/main.yml new file mode 100644 index 0000000..1d55481 --- /dev/null +++ b/ansible/roles/local/tasks/main.yml @@ -0,0 +1,47 @@ +--- +# local preparation on Control Machine + +- name: make sure that the Ansible version is Ansible 2.4.2 later, otherwise a compatibility issue occurs + assert: + that: + - ansible_version.full is version('2.5', '>') + +- name: detect outbound network + shell: > + warn=no + curl -s --connect-timeout 10 github.com 2>/dev/null >/dev/null; echo $? + changed_when: false + register: outbound_network_st + +- name: set outbound network fact + set_fact: has_outbound_network={{ outbound_network_st.stdout.strip() == '0' }} + +- name: create a directory of downloads if it does not exist + file: + path: "{{ packages_dir }}" + state: directory + mode: 0755 + +- name: check if the nebula package has existed + stat: + path: "{{ packages_dir }}/{{ nebula_packages.name }}" + register: stat_result + +- name: verfiy the preparation + fail: + msg: "The Control Machine don't have access to the Internet to download nebula package, and the package is also not found in {{ packages_dir }} on the Control Machine." + when: + - not has_outbound_network + - not stat_result.stat.exists + +- name: download nebula graph package + get_url: + url: "{{ nebula_packages.url }}" + dest: "{{ packages_dir }}" + mode: 0755 + register: get_url_result + until: "'OK' in get_url_result.msg or 'file already exists' in get_url_result.msg" + retries: 2 + when: + - has_outbound_network + - force_download or not stat_result.stat.exists diff --git a/ansible/roles/nebula-graphd/tasks/main.yml b/ansible/roles/nebula-graphd/tasks/main.yml new file mode 100644 index 0000000..c094107 --- /dev/null +++ b/ansible/roles/nebula-graphd/tasks/main.yml @@ -0,0 +1,7 @@ +# configure /usr/local/nebula/etc/nebula-graphd.conf for graphd services + +- name: install graphd + include_role: + name: install + vars: + module: nebula-graphd diff --git a/ansible/roles/nebula-metad/tasks/main.yml b/ansible/roles/nebula-metad/tasks/main.yml new file mode 100644 index 0000000..c959953 --- /dev/null +++ b/ansible/roles/nebula-metad/tasks/main.yml @@ -0,0 +1,9 @@ +# configure /usr/local/nebula/etc/nebula-metad.conf for metad service + +- name: install metad + include_role: + name: install + vars: + module: nebula-metad + + diff --git a/ansible/roles/nebula-storaged/tasks/main.yml b/ansible/roles/nebula-storaged/tasks/main.yml new file mode 100644 index 0000000..dd92875 --- /dev/null +++ b/ansible/roles/nebula-storaged/tasks/main.yml @@ -0,0 +1,8 @@ +# configure /usr/local/nebula/etc/nebula-storaged.conf for storaged services + +- name: install storaged + include_role: + name: install + vars: + module: nebula-storaged + diff --git a/ansible/roles/op/tasks/main.yml b/ansible/roles/op/tasks/main.yml new file mode 100644 index 0000000..eb87402 --- /dev/null +++ b/ansible/roles/op/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: opration - {{ op }} {{ module }} + shell: "{{ deploy_dir }}/scripts/nebula.service {{ op }} {{ module }}" + register: result + +- name: echo result - {{ op }} {{ module }} + debug: + msg: "{{ result.stdout }}" + + + + diff --git a/ansible/roles/prepare/tasks/main.yaml b/ansible/roles/prepare/tasks/main.yaml new file mode 100644 index 0000000..54463d3 --- /dev/null +++ b/ansible/roles/prepare/tasks/main.yaml @@ -0,0 +1,15 @@ +--- +- name: disk space check - fail when disk is full + shell: df -h {{ data_dir }} | tail -n1 + register: disk_space_st + failed_when: " '100%' in disk_space_st.stdout " + changed_when: false + +# Debian GNU/Linux, Ubuntu, Fedora, CentOS, CoreOS +- name: Get distro name from /etc/os-release + shell: "([ -f /etc/os-release ] && grep '^NAME=' /etc/os-release | sed s'/NAME=//' | tr -d \\\") || ([ -f /etc/redhat-release ] && cat /etc/redhat-release | cut '-d ' -f1)" + register: distro_st + failed_when: false + changed_when: false + tags: + - always diff --git a/ansible/roles/remove/tasks/main.yml b/ansible/roles/remove/tasks/main.yml new file mode 100644 index 0000000..56f258d --- /dev/null +++ b/ansible/roles/remove/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: Information + debug: + msg: "Must input 'yes', abort the playbook " + when: + - confirmed != 'yes' + +- meta: end_play + when: + - confirmed != 'yes' + +- name: Remove folder + file: + path: "{{ deploy_dir }}/{{ item }}" + state: absent + with_items: + - bin + - scripts + - etc + - share + - cluster.id + + when: + - delete_type == 'binary' + +- name: Remove folder + file: + path: "{{ deploy_dir }}" + state: absent + when: + - delete_type == 'data' diff --git a/ansible/start.yml b/ansible/start.yml new file mode 100644 index 0000000..8749990 --- /dev/null +++ b/ansible/start.yml @@ -0,0 +1,23 @@ +--- +# start nebula services + +- hosts: metad + roles: + - op + vars: + - module: metad + - op: start + +- hosts: storaged + roles: + - op + vars: + - module: storaged + - op: start + +- hosts: graphd + roles: + - op + vars: + - module: graphd + - op: start diff --git a/ansible/status.yml b/ansible/status.yml new file mode 100644 index 0000000..dce9b4d --- /dev/null +++ b/ansible/status.yml @@ -0,0 +1,23 @@ +--- +# stop nebula services + +- hosts: metad + roles: + - op + vars: + - module: metad + - op: status + +- hosts: storaged + roles: + - op + vars: + - module: storaged + - op: status + +- hosts: graphd + roles: + - op + vars: + - module: graphd + - op: status diff --git a/ansible/stop.yml b/ansible/stop.yml new file mode 100644 index 0000000..07ad02f --- /dev/null +++ b/ansible/stop.yml @@ -0,0 +1,26 @@ +--- +# stop nebula services +- hosts: graphd + roles: + - op + vars: + - module: graphd + - op: stop + ignore_errors: true + + +- hosts: storaged + roles: + - op + vars: + - module: storaged + - op: stop + ignore_errors: true + +- hosts: metad + roles: + - op + vars: + - module: metad + - op: stop + ignore_errors: true diff --git a/ansible/templates/nebula-graphd.conf.j2 b/ansible/templates/nebula-graphd.conf.j2 new file mode 100644 index 0000000..7698784 --- /dev/null +++ b/ansible/templates/nebula-graphd.conf.j2 @@ -0,0 +1,74 @@ +########## basics ########## +# Whether to run as a daemon process +--daemonize=true +# The file to host the process id +--pid_file=pids/nebula-graphd.pid +# Whether to enable optimizer +--enable_optimizer=true + +########## logging ########## +# The directory to host logging files, which must already exists +--log_dir=logs +# Log level, 0, 1, 2, 3 for INFO, WARNING, ERROR, FATAL respectively +--minloglevel=0 +# Verbose log level, 1, 2, 3, 4, the higher of the level, the more verbose of the logging +--v=0 +# Maximum seconds to buffer the log messages +--logbufsecs=0 +# Whether to redirect stdout and stderr to separate output files +--redirect_stdout=true +# Destination filename of stdout and stderr, which will also reside in log_dir. +--stdout_log_file=graphd-stdout.log +--stderr_log_file=graphd-stderr.log +# Copy log messages at or above this level to stderr in addition to logfiles. The numbers of severity levels INFO, WARNING, ERROR, and FATAL are 0, 1, 2, and 3, respectively. +--stderrthreshold=2 + +########## query ########## +# Whether to treat partial success as an error. +# This flag is only used for Read-only access, and Modify access always treats partial success as an error. +--accept_partial_success=false + +########## networking ########## +# Comma separated Meta Server Addresses +--meta_server_addrs={{ groups['metad']|map('map_format', '%s:9559')|join(',') }} +# Local IP used to identify the nebula-graphd process. +# Change it to an address other than loopback if the service is distributed or +# will be accessed remotely. +--local_ip={{ hostvars[inventory_hostname].ansible_default_ipv4.address }} +# Network device to listen on +--listen_netdev=any +# Port to listen on +--port=9669 +# To turn on SO_REUSEPORT or not +--reuse_port=false +# Backlog of the listen socket, adjust this together with net.core.somaxconn +--listen_backlog=1024 +# Seconds before the idle connections are closed, 0 for never closed +--client_idle_timeout_secs=0 +# Seconds before the idle sessions are expired, 0 for no expiration +--session_idle_timeout_secs=0 +# The number of threads to accept incoming connections +--num_accept_threads=1 +# The number of networking IO threads, 0 for # of CPU cores +--num_netio_threads=0 +# The number of threads to execute user queries, 0 for # of CPU cores +--num_worker_threads=0 +# HTTP service ip +--ws_ip=0.0.0.0 +# HTTP service port +--ws_http_port=19669 +# HTTP2 service port +--ws_h2_port=19670 + +# The default charset when a space is created +--default_charset=utf8 +# The defaule collate when a space is created +--default_collate=utf8_bin + +########## authorization ########## +# Enable authorization +--enable_authorize=true + +########## Authentication ########## +# User login authentication type, password for nebula authentication, ldap for ldap authentication, cloud for cloud authentication +--auth_type=password diff --git a/ansible/templates/nebula-metad.conf.j2 b/ansible/templates/nebula-metad.conf.j2 new file mode 100644 index 0000000..5ebd5bd --- /dev/null +++ b/ansible/templates/nebula-metad.conf.j2 @@ -0,0 +1,53 @@ +########## basics ########## +# Whether to run as a daemon process +--daemonize=true +# The file to host the process id +--pid_file=pids/nebula-metad.pid + +########## logging ########## +# The directory to host logging files, which must already exists +--log_dir=logs +# Log level, 0, 1, 2, 3 for INFO, WARNING, ERROR, FATAL respectively +--minloglevel=0 +# Verbose log level, 1, 2, 3, 4, the higher of the level, the more verbose of the logging +--v=0 +# Maximum seconds to buffer the log messages +--logbufsecs=0 +# Whether to redirect stdout and stderr to separate output files +--redirect_stdout=true +# Destination filename of stdout and stderr, which will also reside in log_dir. +--stdout_log_file=metad-stdout.log +--stderr_log_file=metad-stderr.log +# Copy log messages at or above this level to stderr in addition to logfiles. The numbers of severity levels INFO, WARNING, ERROR, and FATAL are 0, 1, 2, and 3, respectively. +--stderrthreshold=2 + +########## networking ########## +# Comma separated Meta Server addresses +--meta_server_addrs={{ groups['metad']|map('map_format', '%s:9559')|join(',') }} +# Local IP used to identify the nebula-metad process. +# Change it to an address other than loopback if the service is distributed or +# will be accessed remotely. +--local_ip={{ hostvars[inventory_hostname].ansible_default_ipv4.address }} +# Meta daemon listening port +--port=9559 +# HTTP service ip +--ws_ip=0.0.0.0 +# HTTP service port +--ws_http_port=19559 +# HTTP2 service port +--ws_h2_port=19560 + +########## storage ########## +# Root data path, here should be only single path for metad +--data_path=data/meta + +########## Misc ######### +# The default number of parts when a space is created +--default_parts_num=100 +# The default replica factor when a space is created +--default_replica_factor=1 + +--heartbeat_interval_secs=10 + +############## rocksdb Options ############## +--rocksdb_wal_sync=true diff --git a/ansible/templates/nebula-storaged.conf.j2 b/ansible/templates/nebula-storaged.conf.j2 new file mode 100644 index 0000000..02b3ea1 --- /dev/null +++ b/ansible/templates/nebula-storaged.conf.j2 @@ -0,0 +1,103 @@ +########## basics ########## +# Whether to run as a daemon process +--daemonize=true +# The file to host the process id +--pid_file=pids/nebula-storaged.pid + +########## logging ########## +# The directory to host logging files, which must already exists +--log_dir=logs +# Log level, 0, 1, 2, 3 for INFO, WARNING, ERROR, FATAL respectively +--minloglevel=0 +# Verbose log level, 1, 2, 3, 4, the higher of the level, the more verbose of the logging +--v=0 +# Maximum seconds to buffer the log messages +--logbufsecs=0 +# Whether to redirect stdout and stderr to separate output files +--redirect_stdout=true +# Destination filename of stdout and stderr, which will also reside in log_dir. +--stdout_log_file=storaged-stdout.log +--stderr_log_file=storaged-stderr.log +# Copy log messages at or above this level to stderr in addition to logfiles. The numbers of severity levels INFO, WARNING, ERROR, and FATAL are 0, 1, 2, and 3, respectively. +--stderrthreshold=2 + +########## networking ########## +# Comma separated Meta server addresses +--meta_server_addrs={{ groups['metad']|map('map_format', '%s:9559')|join(',') }} +# Local IP used to identify the nebula-storaged process. +# Change it to an address other than loopback if the service is distributed or +# will be accessed remotely. +--local_ip={{ hostvars[inventory_hostname].ansible_default_ipv4.address }} +# Storage daemon listening port +--port=9779 +# HTTP service ip +--ws_ip=0.0.0.0 +# HTTP service port +--ws_http_port=19779 +# HTTP2 service port +--ws_h2_port=19780 +# heartbeat with meta service +--heartbeat_interval_secs=10 + +######### Raft ######### +# Raft election timeout +--raft_heartbeat_interval_secs=30 +# RPC timeout for raft client (ms) +--raft_rpc_timeout_ms=500 +## recycle Raft WAL +--wal_ttl=14400 + +########## Disk ########## +# Root data path. Split by comma. e.g. --data_path=/disk1/path1/,/disk2/path2/ +# One path per Rocksdb instance. +--data_path=data/storage + +# The default reserved bytes for one batch operation +--rocksdb_batch_size=4096 +# The default block cache size used in BlockBasedTable. (MB) +# recommend: 1/3 of all memory +--rocksdb_block_cache=4096 + +# Compression algorithm, options: no,snappy,lz4,lz4hc,zlib,bzip2,zstd +# For the sake of binary compatibility, the default value is snappy. +# Recommend to use: +# * lz4 to gain more CPU performance, with the same compression ratio with snappy +# * zstd to occupy less disk space +# * lz4hc for the read-heavy write-light scenario +--rocksdb_compression=lz4 + +# Set different compressions for different levels +# For example, if --rocksdb_compression is snappy, +# "no:no:lz4:lz4::zstd" is identical to "no:no:lz4:lz4:snappy:zstd:snappy" +# In order to disable compression for level 0/1, set it to "no:no" +--rocksdb_compression_per_level= + +############## rocksdb Options ############## +# rocksdb DBOptions in json, each name and value of option is a string, given as "option_name":"option_value" separated by comma +--rocksdb_db_options={"max_subcompactions":"4","max_background_jobs":"4"} +# rocksdb ColumnFamilyOptions in json, each name and value of option is string, given as "option_name":"option_value" separated by comma +--rocksdb_column_family_options={"disable_auto_compactions":"false","write_buffer_size":"67108864","max_write_buffer_number":"4","max_bytes_for_level_base":"268435456"} +# rocksdb BlockBasedTableOptions in json, each name and value of option is string, given as "option_name":"option_value" separated by comma +--rocksdb_block_based_table_options={"block_size":"8192"} + +# Whether or not to enable rocksdb's statistics, disabled by default +--enable_rocksdb_statistics=false + +# Statslevel used by rocksdb to collection statistics, optional values are +# * kExceptHistogramOrTimers, disable timer stats, and skip histogram stats +# * kExceptTimers, Skip timer stats +# * kExceptDetailedTimers, Collect all stats except time inside mutex lock AND time spent on compression. +# * kExceptTimeForMutex, Collect all stats except the counters requiring to get time inside the mutex lock. +# * kAll, Collect all stats +--rocksdb_stats_level=kExceptHistogramOrTimers + +# Whether or not to enable rocksdb's prefix bloom filter, disabled by default. +--enable_rocksdb_prefix_filtering=false +# Whether or not to enable the whole key filtering. +--enable_rocksdb_whole_key_filtering=true +# The prefix length for each key to use as the filter value. +# can be 12 bytes(PartitionId + VertexID), or 16 bytes(PartitionId + VertexID + TagID/EdgeType). +--rocksdb_filtering_prefix_length=12 + +############### misc #################### +--max_handlers_per_req=1 From 944a887e34f1e1fac7923b4a7c25250e9ab5ac0c Mon Sep 17 00:00:00 2001 From: HarrisChu <1726587+HarrisChu@users.noreply.github.com> Date: Wed, 12 May 2021 10:48:58 +0800 Subject: [PATCH 2/3] fix typo --- ansible/README_zh.md | 2 +- ansible/filter_plugins/datetime_format.py | 8 ++++---- ansible/group_vars/all.yml | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible/README_zh.md b/ansible/README_zh.md index 663fa57..99d1c53 100644 --- a/ansible/README_zh.md +++ b/ansible/README_zh.md @@ -44,7 +44,7 @@ sudo yum install ansible * Git clone 工程。 * 修改 `inventory.ini` 文件 - `install_source_type`,配置安装 GA 还是 nightly 的包。 - - `ansible_ssh_user`, SSH 的 Linux 用户,如 `nebula` + - `ansible_ssh_user`, SSH 的 Linux 用户,如 `nebula` - `packages_dir`,操作机下载 rpm 包的目录。 - `deploy_dir`,部署服务所在目录,如 `/home/nebula/nebula` diff --git a/ansible/filter_plugins/datetime_format.py b/ansible/filter_plugins/datetime_format.py index 35fc27c..7ccdec6 100644 --- a/ansible/filter_plugins/datetime_format.py +++ b/ansible/filter_plugins/datetime_format.py @@ -2,9 +2,9 @@ import datetime -def yesturday_format(value): - yesturday = value - datetime.timedelta(days=1) - return yesturday.strftime('%Y.%m.%d') +def yesterday_format(value): + yesterday = value - datetime.timedelta(days=1) + return yesterday.strftime('%Y.%m.%d') class FilterModule(object): @@ -12,5 +12,5 @@ class FilterModule(object): def filters(self): return { - 'yesturday_format': yesturday_format, + 'yesterday_format': yesterday_format, } diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 287ce30..57962b8 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -3,21 +3,21 @@ nebula_packages: "{%- if install_source_type == 'GA' -%} nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }} {%- else -%} - nebula-graph-{{ now()|yesturday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} + nebula-graph-{{ now()|yesterday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} {%- endif -%}" version: "{%- if install_source_type.lower() == 'ga' -%} {{ nebula_version }} {%- else -%} - {{ nebula_version }}-{{ now()|yesturday_format }}-nightly + {{ nebula_version }}-{{ now()|yesterday_format }}-nightly {%- endif -%}" url: "{%- if install_source_type.lower() == 'ga' -%} https://oss-cdn.nebula-graph.io/package/{{ nebula_version }}/nebula-graph-{{ nebula_version }}.{{ os_version }}.{{ arc }}.{{ pkg }} {%- else -%} - https://oss-cdn.nebula-graph.io/package/v2-nightly/{{ now()|yesturday_format }}/nebula-graph-{{ now()|yesturday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} + https://oss-cdn.nebula-graph.io/package/v2-nightly/{{ now()|yesterday_format }}/nebula-graph-{{ now()|yesterday_format }}-nightly.{{ os_version }}.{{ arc }}.{{ pkg }} {%- endif -%}" From b586588231fb05a566af78588de56ac2ab827c45 Mon Sep 17 00:00:00 2001 From: HarrisChu <1726587+HarrisChu@users.noreply.github.com> Date: Wed, 12 May 2021 10:50:51 +0800 Subject: [PATCH 3/3] add local config --- ansible/templates/nebula-graphd.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/templates/nebula-graphd.conf.j2 b/ansible/templates/nebula-graphd.conf.j2 index 7698784..1481b1f 100644 --- a/ansible/templates/nebula-graphd.conf.j2 +++ b/ansible/templates/nebula-graphd.conf.j2 @@ -1,6 +1,7 @@ ########## basics ########## # Whether to run as a daemon process --daemonize=true +--local_config=true # The file to host the process id --pid_file=pids/nebula-graphd.pid # Whether to enable optimizer