-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
20 changed files
with
182 additions
and
109 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
secrets.sh filter=git-crypt diff=git-crypt | ||
ansible/vars/eqiad1-secrets.yaml filter=git-crypt diff=git-crypt | ||
ansible/files/csi-secret-cinderplugin.yaml.eqiad1.crypt filter=git-crypt diff=git-crypt | ||
terraform/secrets.tf filter=git-crypt diff=git-crypt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,3 +5,4 @@ dbs.yaml | |
terraform/kube.config | ||
terraform.tfstate | ||
terraform.tfstate.backup | ||
.env/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
|
||
- name: Migrate old db to new | ||
gather_facts: false | ||
hosts: localhost | ||
tasks: | ||
- name: include env vars | ||
include_vars: "vars/{{ datacenter }}.yaml" | ||
|
||
- name: include secret env vars | ||
include_vars: "vars/{{ datacenter }}-secrets.yaml" | ||
|
||
- name: Temporary directory for mysqldump | ||
ansible.builtin.tempfile: | ||
state: directory | ||
suffix: mysqldump | ||
register: dump_dir | ||
changed_when: False | ||
|
||
- name: Dump old database | ||
community.mysql.mysql_db: | ||
login_host: "{{ oldDb }}" | ||
login_user: superset | ||
login_password: "{{ dbPass }}" | ||
state: dump | ||
name: all | ||
target: "{{ dump_dir.path }}/dump.sql" | ||
|
||
- name: Restore to new database | ||
community.mysql.mysql_db: | ||
login_host: "{{ currentDb }}" | ||
login_user: superset | ||
login_password: "{{ dbPass }}" | ||
name: all | ||
state: import | ||
target: "{{ dump_dir.path }}/dump.sql" | ||
|
||
- name: Delete temporary directory | ||
ansible.builtin.file: | ||
state: absent | ||
path: "{{ dump_dir.path }}" | ||
changed_when: False |
10 changes: 10 additions & 0 deletions
10
ansible/files/csi-secret-cinderplugin.yaml.codfw1dev.crypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# This YAML file contains secret objects, | ||
# which are necessary to run csi cinder plugin. | ||
|
||
kind: Secret | ||
apiVersion: v1 | ||
metadata: | ||
name: cloud-config | ||
namespace: kube-system | ||
data: | ||
cloud.conf: W0dsb2JhbF0KYXBwbGljYXRpb24tY3JlZGVudGlhbC1pZCA9IGQ3NWI0MmE0NWVhYTQ4ZWE5MjhhMzE2NDg0ZTI1NGI0CmFwcGxpY2F0aW9uLWNyZWRlbnRpYWwtc2VjcmV0ID0gdHNDeGZfclV1RmVWY2tIOV9OMjEwRF9fZDZUZWFoSEdwWVQ0NEIwT0MyT29xdEdxV292QktuclRta3U2aDZqVjN4eF81ZUdndkV6UEtQSkpyM3dvRncKZG9tYWluLW5hbWUgPSBkZWZhdWx0CmF1dGgtdXJsID0gaHR0cHM6Ly9vcGVuc3RhY2suY29kZncxZGV2Lndpa2ltZWRpYWNsb3VkLm9yZzoyNTAwMC92Mwp0ZW5hbnQtaWQgPSBrOHMtZGV2CnJlZ2lvbiA9IGNvZGZ3MWRldi1yCg== |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- | ||
|
||
apiVersion: storage.k8s.io/v1 | ||
kind: StorageClass | ||
metadata: | ||
name: standard | ||
annotations: | ||
storageclass.kubernetes.io/is-default-class: "true" | ||
provisioner: cinder.csi.openstack.org | ||
parameters: | ||
availability: nova |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,8 +27,8 @@ configOverrides: | |
'token_key':'access_token', | ||
'remote_app': { | ||
# auth only callback mediawiki gives email and realname | ||
'client_id':'0c0ca9df92d6da2683a84dc2efc72640', | ||
'client_secret':'${OAUTH_SECRET}', | ||
'client_id':'{{ oauthClient }}', | ||
'client_secret':'{{ oauthSecret }}', | ||
'client_kwargs':{ | ||
'scope': 'mwoauth-authonlyprivate' | ||
}, | ||
|
@@ -75,4 +75,32 @@ configOverrides: | |
# Authorized User | ||
AUTH_USER_REGISTRATION = True | ||
|
||
SQLALCHEMY_DATABASE_URI = 'mysql://superset:${DB_PASS}@2xopzht2475.svc.trove.eqiad1.wikimedia.cloud/superset' | ||
SQLALCHEMY_DATABASE_URI = 'mysql://superset:{{ dbPass }}@{{ currentDb }}/superset' | ||
|
||
extraConfigs: | ||
import_datasources.yaml: | | ||
databases: | ||
- database_name: s1 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s2 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s3 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s4 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s5 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s6 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s7 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 | ||
- database_name: s8 | ||
password: {{ replicaPass }} | ||
sqlalchemy_uri: mysql+mysqldb://[email protected]:3306/information_schema?ssl=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
--- | ||
|
||
replicaPass: 'OwWPd58ehbisJL4y' | ||
oauthClient: 'a008221205f74d2f50f6da00511ec287' | ||
oauthSecret: '1ee7bcabdfe01efecead659bc8cc4aa393c7edbe' | ||
dbPass: 'jfq3qu80ua38ru8ua3w0' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
--- | ||
|
||
currentDb: kdmnanixf6n.svc.trove.codfw1dev.wikimedia.cloud | ||
oldDb: kzh57llbocj.svc.trove.codfw1dev.wikimedia.cloud |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
--- | ||
|
||
currentDb: 3paubms4bt4.svc.trove.eqiad1.wikimedia.cloud | ||
oldDb: 2xopzht2475.svc.trove.eqiad1.wikimedia.cloud |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,54 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
datacenter='eqiad1' | ||
|
||
migrate='false' | ||
|
||
if [ "${1}" = 'eqiad1' ] | ||
then | ||
datacenter=${1} | ||
elif [ "${1}" = 'codfw1dev' ] | ||
then | ||
datacenter=${1} | ||
else | ||
echo "Please enter datacenter." | ||
echo "Usage:" | ||
echo "${0} <eqiad1|codfw1dev>" | ||
exit | ||
fi | ||
|
||
if [ "${2}" = 'migrate' ] | ||
then | ||
migrate='true' | ||
fi | ||
|
||
|
||
if ! command -v kubectl ; then | ||
echo "please install kubectl" | ||
exit 1 | ||
fi | ||
|
||
if ! command -v terraform ; then | ||
echo "please install terraform" | ||
if ! command -v helm ; then | ||
echo "please install helm" | ||
exit 1 | ||
fi | ||
|
||
if ! command -v mysqldump ; then | ||
echo "please install mariadb-client" | ||
exit 1 | ||
fi | ||
|
||
python3 -m venv .venv/deploy | ||
source .venv/deploy/bin/activate | ||
pip install ansible==8.1.0 kubernetes==26.1.0 | ||
pip install ansible==8.1.0 kubernetes==26.1.0 PyMySQL==1.1.0 | ||
|
||
cd terraform | ||
terraform init | ||
terraform apply -var datacenter=${datacenter} # -auto-approve | ||
export KUBECONFIG=$(pwd)/kube.config | ||
export KUBECONFIG=$(pwd)/terraform/kube.config | ||
|
||
cd ../ansible | ||
cd ansible | ||
ansible-playbook superset-deploy.yaml --extra-vars "datacenter=${datacenter}" | ||
|
||
if [ "${migrate}" = 'true' ] | ||
then | ||
echo "migrating!" | ||
ansible-playbook db-migrate.yaml --extra-vars "datacenter=${datacenter}" | ||
fi |
Binary file not shown.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters