MongoDB
 sql >> Datenbank >  >> NoSQL >> MongoDB

Wie funktionieren ansible mongodb_user-, mongodb_replicaset-Module?

Statt printjson(rs.initiate()) versuchen

rs.initiate(
  {
    _id: "configRS",
    configsvr: true,
    members: [
      { _id: 0, host: "10.0.1.141:27017" },
      { _id: 1, host: "10.0.2.229:27017" },
      { _id: 2, host: "10.0.3.30:27017" }
    ]
  }
);
rs.status();
while (! db.isMaster().ismaster ) { sleep(1000) }

Dann müssen Sie kein Mitglied hinzufügen.

Für CSRS verwende ich ein Playbook wie dieses:

- hosts: config
  tasks:
  - name: Compose variables
    set_fact:
      rs_initiate: |      
        {% set members = [] %}
        {% for host in groups['config']  | sort %}
        {% set m = {'_id': loop.index0 } %}
        {% set _ = m.update({'host': host + '.' + ansible_domain + ':' + ports.config | string }) %}
        {% set _ = members.append(m) %}
        {% endfor %}
        {% set init = {'_id': replica_set.conf} %}
        {% set _ = init.update({'members': members}) %}
        {% set _ = init.update({'configsvr': true}) %}
        {{ init }}
      rs_members: |
        {% set members = [] %}
        {% for host in groups['config'] | sort %}
        {% set _ = members.append(host + '.' + ansible_domain + ':' + ports.config | string) %}
        {% endfor %}
        {{ members }}
      replicaSetURI: "mongodb://{{ groups['config'] | product([ports.config]) | map('join', ':') | join(',') }}/admin?authSource=admin&replicaSet={{ replica_set.conf }}" 

  - name: Check if Config Replicaset is initiated
    shell: 
      cmd: "/usr/bin/mongo --norc --quiet localhost:{{ ports.config }}"
      executable: /bin/bash
      stdin: "rs.status().codeName" 
    register: result
    changed_when: false
    check_mode: no
  
  
  - set_fact:
# Needed to ensure that the Config Server Replica Set (CSRS) is initiated only once
      rs: |
        {% set i = (result.stdout == 'NotYetInitialized') %}
        {% for host in ansible_play_hosts %}
        {% set i = i and (hostvars[host].result.stdout == 'NotYetInitialized') %}
        {% endfor %}
        {{ {'NotYetInitialized': i} }}
  
  
  
  - name: Initiate Config Replicaset
    shell: 
      cmd: "/usr/bin/mongo --norc --quiet localhost:{{ ports.config }}"
      executable: /bin/bash
      stdin: |
        var i = rs.initiate({{ rs_initiate | to_json }})
        if (i.ok != 1) print(i.errmsg)
        var _ = rs.status()
        while (! db.isMaster().ismaster ) sleep(1000)
        rs.status().members.map(x => x.name)
        if (i.ok == 1) {print(rs.status().ok)} else {print(0)}
    register: ret
    failed_when: ret.stdout_lines | last != "1"
    when: rs.NotYetInitialized and inventory_hostname_short == groups['config'] | sort | first)
  
  - debug:
      msg: "{{ ret.stdout_lines }}"
    when: not ansible_check_mode and rs.NotYetInitialized and inventory_hostname_short == (groups['config'] | sort | first) and ret.stdout != ''

Um Hosts zu bestehenden CSRS hinzuzufügen, verwende ich diese hier:

- hosts: config
  tasks:
  
  - meta: end_play
    when: ansible_check_mode or rs.NotYetInitialized | default(false)

  - name: Check current Config Server Replica Set members
    shell: 
      cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.config }}"
      executable: /bin/bash
      stdin: "rs.status().members.map(x => x.name)"
    register: result
    changed_when: false
    when: inventory_hostname_short == (groups['config'] | sort | first)

  - set_fact:
      current_members: "{{ result.stdout | from_json }}"
    when: inventory_hostname_short == (groups['config'] | sort | first)

  - name: Add host to Config Server Replica Set
    shell: 
      cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.config }}"
      executable: /bin/bash
      stdin: "rs.add('{{ item }}')"
    when: inventory_hostname_short == (groups['config'] | sort | first)
    loop: "{{ rs_members | difference(current_members) | sort }}"
    register: ret
    failed_when: ret.stdout != ""

Benutzer, die ich mit diesem Playbook erstelle

- hosts: application
  tasks:

  - name: Check if authentication is enabled
    shell: 
      cmd: "/usr/bin/mongo -u admin -p {{ password.admin }} --authenticationDatabase admin --norc --quiet localhost:{{ ports.router }}"
      executable: /bin/bash
      stdin: exit 
    register: authenticate
    failed_when: false
    changed_when: false
    check_mode: no
    when: inventory_hostname_short == (groups['application'] | sort | first)

  - name: Create admin user
    shell: 
      cmd: "/usr/bin/mongo {{ (authenticate.rc == 0) | ternary('-u admin -p ' + password.admin + ' --authenticationDatabase admin', '') }} --norc --quiet localhost:{{ ports.router }}"
      executable: /bin/bash
      stdin: |
        const admin = db.getSiblingDB("admin")
        {% if authenticate.rc != 0 %}
        admin.createUser({ user: "admin", pwd: "{{ password.admin }}", roles: ["root"] })
        var _ = admin.auth("admin", "{{ password.admin }}")
        {% endif %}
        // Create more users if needed
    when: inventory_hostname_short == (groups['application'] | sort | first)
    register: ret_createUser
    changed_when: ret_createUser.stdout != ''

  - debug:
      msg: "{{ ret_createUser.stdout.split('\n') }}"
    when: not ansible_check_mode and inventory_hostname_short == (groups['application'] | sort | first) and ret_createUser.stdout != ''