You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by vv...@apache.org on 2018/07/24 12:32:30 UTC
[incubator-openwhisk] branch master updated: Set erlang magic
cookie for couchdb (#3853)
This is an automated email from the ASF dual-hosted git repository.
vvraskin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk.git
The following commit(s) were added to refs/heads/master by this push:
new 5f55295 Set erlang magic cookie for couchdb (#3853)
5f55295 is described below
commit 5f5529526e8fea83cf24c78bfd20bfb388f0af85
Author: jiangpch <ji...@navercorp.com>
AuthorDate: Tue Jul 24 20:32:26 2018 +0800
Set erlang magic cookie for couchdb (#3853)
---
ansible/roles/couchdb/tasks/deploy.yml | 16 ++++++++++++++--
ansible/tasks/gen_erl_cookie.yml | 35 ++++++++++++++++++++++++++++++++++
2 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/ansible/roles/couchdb/tasks/deploy.yml b/ansible/roles/couchdb/tasks/deploy.yml
index 628257a..499440b 100644
--- a/ansible/roles/couchdb/tasks/deploy.yml
+++ b/ansible/roles/couchdb/tasks/deploy.yml
@@ -7,6 +7,10 @@
set_fact:
coordinator: "{{ groups['db'][0] }}"
+- name: "Set the volumes"
+ set_fact:
+ volumes: []
+
- name: check if db credentials are valid for CouchDB
fail: msg="The db provider in your {{ hosts_dir }}/group_vars/all is {{ db.provider }}, it has to be CouchDB, pls double check"
when: db.provider != "CouchDB"
@@ -20,9 +24,17 @@
vars:
instance: "{{instances | selectattr('name', 'equalto', 'db') | list | first}}"
set_fact:
- volume_dir: "{{ instance.volume.fsmount | default( '/mnt/' + group_names|first, true ) }}:/usr/local/var/lib/couchdb"
+ volumes: "{{ volumes }} + [ '{{ instance.volume.fsmount | default( '/mnt/' + group_names|first, true ) }}:/usr/local/var/lib/couchdb' ]"
when: (block_device is defined) and (block_device in disk_status.stdout)
+- include_tasks: gen_erl_cookie.yml
+ when: (db.instances|int >= 2)
+
+- name: "set the erlang cookie volume"
+ set_fact:
+ volumes: "{{ volumes }} + [ '{{ config_root_dir }}/erlang.cookie:/opt/couchdb/.erlang.cookie' ]"
+ when: (db.instances|int >= 2)
+
- name: "(re)start CouchDB from '{{ couchdb_image }} ' "
vars:
couchdb_image: "{{ couchdb.docker_image | default('apache/couchdb:' ~ couchdb.version ) }}"
@@ -32,7 +44,7 @@
state: started
recreate: true
restart_policy: "{{ docker.restart.policy }}"
- volumes: "{{volume_dir | default([])}}"
+ volumes: "{{ volumes }}"
ports:
- "{{ db.port }}:5984"
- "4369:4369"
diff --git a/ansible/tasks/gen_erl_cookie.yml b/ansible/tasks/gen_erl_cookie.yml
new file mode 100644
index 0000000..3496e34
--- /dev/null
+++ b/ansible/tasks/gen_erl_cookie.yml
@@ -0,0 +1,35 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+---
+
+# generate erlang cookie for CouchDB
+
+- name: "generate erlang cookie"
+ local_action: command openssl rand -base64 32op
+ register: random_stdout
+ run_once: true
+ when: erlang_cookie is not defined
+
+- set_fact:
+ erlang_cookie: "{{ random_stdout.stdout }}"
+ when: erlang_cookie is not defined
+
+- name: "ensure config root dir exists"
+ file:
+ path: "{{ config_root_dir }}"
+ state: directory
+
+# when enable uid namespace mode, couchdb container doesn't have permission to change the owner of files which mounted
+# from host, so the container will be failed to start. Use a temporary container here to create the file erlang.cookie
+# with the correct user 'couchdb' as its owner
+- name: "create the erlang cookie file on remote"
+ vars:
+ couchdb_image: "{{ couchdb.docker_image | default('apache/couchdb:' ~ couchdb.version ) }}"
+ command: "docker run --rm -v /tmp:/tmp -u couchdb {{ couchdb_image }} sh -c 'echo {{ erlang_cookie }} >> /tmp/erlang.cookie'"
+ become: true
+
+- name: "move erlang.cookie from /tmp to {{ config_root_dir }}"
+ shell: "chmod 400 /tmp/erlang.cookie && mv /tmp/erlang.cookie {{ config_root_dir }}/erlang.cookie"
+ args:
+ warn: false
+ become: true