From e22c53cba7d19967c5108e046713c2bb37f0ac62 Mon Sep 17 00:00:00 2001 From: Jay Patel <78554593+jarpat@users.noreply.github.com> Date: Tue, 22 Aug 2023 11:09:23 -0400 Subject: [PATCH 1/4] feat: (IAC-1089) Valid PG Server Name and Update Doc (#84) --- docs/CONFIG-VARS.md | 8 +++++--- templates/ansible/inventory.tmpl | 6 +++--- variables.tf | 4 ++++ 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index f951557..d433820 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -289,7 +289,7 @@ postgres_servers = { **NOTE**: The `default = {}` element is always required when creating external databases. This is the system's default database server. -Each server element, like `foo = {}`, can contain none, some, or all of the parameters listed +Each server element, like `foo = {}`, can contain none, some, or all of the parameters listed. When naming the server element, it must follow a valid naming scheme, the name must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character. | Name | Description | Type | Default | Notes | | :--- | :--- | :--- | :--- | :--- | @@ -311,7 +311,9 @@ Each server element, like `foo = {}`, can contain none, some, or all of the para - The Ansible tasks that are performed include copying the certificate and key from the PostgreSQL VM into your local workspace directory. 2. If you are planning to use the [viya4-deployment repository](https://github.com/sassoftware/viya4-deployment) to perform a SAS Viya platform deployment where you have [full-stack TLS](https://github.com/sassoftware/viya4-deployment/blob/main/docs/CONFIG-VARS.md#tls) configured, make sure that the `V4_CFG_TLS_TRUSTED_CA_CERTS` variable in the viya4-deployment ansible-vars.yaml file points to a directory that contains the server_ssl_cert_file. -Here is an example of the `postgres_servers` variable where the `default` entry only overrides the `administrator_password` parameter, and the `another-server` entry overrides all parameters: +Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=dplyml0phy0dkr&docsetTarget=n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=p05lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below. + +Here is an example of the `postgres_servers` variable with the `default` server entry overriding only the `administrator_password` parameter and the `cds-postgres` entry overriding all the parameters: ```terraform postgres_servers = { @@ -319,7 +321,7 @@ postgres_servers = { administrator_password = "D0ntL00kTh1sWay" server_ip = "10.10.10.10" # Assigned values for static IPs }, - another_server = { + cds-postgres = { server_num_cpu = 8 # 8 CPUs server_memory = 16384 # 16 GB server_disk_size = 250 # 256 GB diff --git a/templates/ansible/inventory.tmpl b/templates/ansible/inventory.tmpl index 1109703..5f3db82 100644 --- a/templates/ansible/inventory.tmpl +++ b/templates/ansible/inventory.tmpl @@ -90,9 +90,9 @@ cr_server # Postgres Servers # %{ for server_name, server_data in postgres_servers ~} -[${prefix}_${server_name}_pgsql] +[${prefix}_${replace(server_name, "-", "_")}_pgsql] ${server_data.server_ip} -[${prefix}_${server_name}_pgsql:vars] +[${prefix}_${replace(server_name, "-", "_")}_pgsql:vars] postgres_server_name="${server_name}" postgres_server_version="${server_data.server_version}" postgres_server_ssl="${server_data.server_ssl}" @@ -107,7 +107,7 @@ postgres_system_setting_${system_setting.name}="${system_setting.value}" %{ endfor ~} [postgres:children] %{ for server_name, server_data in postgres_servers ~} -${prefix}_${server_name}_pgsql +${prefix}_${replace(server_name, "-", "_")}_pgsql %{ endfor ~} %{ endif ~} diff --git a/variables.tf b/variables.tf index a29c88d..12cea8c 100644 --- a/variables.tf +++ b/variables.tf @@ -260,6 +260,10 @@ variable "postgres_servers" { description = "Map of PostgreSQL server objects" type = any default = null + validation { + condition = var.postgres_servers == null || can([for pg in keys(var.postgres_servers) : regex("^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", pg)]) + error_message = "ERROR: Postgres Server names must follow a valid naming scheme. Name must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character" + } } # Regex for validation : ^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$ From 01757ae4f3fb8606cd4744e375f676130e416476 Mon Sep 17 00:00:00 2001 From: Jay Patel <78554593+jarpat@users.noreply.github.com> Date: Tue, 29 Aug 2023 16:02:38 -0400 Subject: [PATCH 2/4] doc: (IAC-1086) Update SAS Documentation URLs (#86) --- docs/CONFIG-VARS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index d433820..1adcff1 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -311,7 +311,7 @@ Each server element, like `foo = {}`, can contain none, some, or all of the para - The Ansible tasks that are performed include copying the certificate and key from the PostgreSQL VM into your local workspace directory. 2. If you are planning to use the [viya4-deployment repository](https://github.com/sassoftware/viya4-deployment) to perform a SAS Viya platform deployment where you have [full-stack TLS](https://github.com/sassoftware/viya4-deployment/blob/main/docs/CONFIG-VARS.md#tls) configured, make sure that the `V4_CFG_TLS_TRUSTED_CA_CERTS` variable in the viya4-deployment ansible-vars.yaml file points to a directory that contains the server_ssl_cert_file. -Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=dplyml0phy0dkr&docsetTarget=n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=p05lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below. +Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://go.documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=dplyml0phy0dkr&docsetTarget=n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://go.documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=p05lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below. Here is an example of the `postgres_servers` variable with the `default` server entry overriding only the `administrator_password` parameter and the `cds-postgres` entry overriding all the parameters: From 1ab57169fabd9b16bccd34cf6ea82ac8332a701c Mon Sep 17 00:00:00 2001 From: Adam Smith <18425703+AWSmith0216@users.noreply.github.com> Date: Mon, 18 Sep 2023 15:06:26 -0400 Subject: [PATCH 3/4] feat: (IAC-1113) Add node labels and taints with a label selector matching on both the short and long hostname (#61) --- roles/kubernetes/node/labels_taints/tasks/labels.yaml | 2 +- roles/kubernetes/node/labels_taints/tasks/taints.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kubernetes/node/labels_taints/tasks/labels.yaml b/roles/kubernetes/node/labels_taints/tasks/labels.yaml index 3954464..232c6f2 100644 --- a/roles/kubernetes/node/labels_taints/tasks/labels.yaml +++ b/roles/kubernetes/node/labels_taints/tasks/labels.yaml @@ -4,7 +4,7 @@ --- - name: Applying labels ansible.builtin.shell: | - kubectl label nodes {{ ansible_hostname }} {{ label }} --overwrite + kubectl label nodes -l 'kubernetes.io/hostname in ({{ ansible_hostname }},{{ ansible_fqdn }})' {{ label }} --overwrite with_items: "{{ labels }}" loop_control: loop_var: label diff --git a/roles/kubernetes/node/labels_taints/tasks/taints.yaml b/roles/kubernetes/node/labels_taints/tasks/taints.yaml index 48f778e..d293c05 100644 --- a/roles/kubernetes/node/labels_taints/tasks/taints.yaml +++ b/roles/kubernetes/node/labels_taints/tasks/taints.yaml @@ -4,7 +4,7 @@ --- - name: Applying taints ansible.builtin.shell: | - kubectl taint nodes {{ ansible_hostname }} {{ taint }} --overwrite + kubectl taint nodes -l 'kubernetes.io/hostname in ({{ ansible_hostname }},{{ ansible_fqdn }})' {{ taint }} --overwrite with_items: "{{ taints }}" loop_control: loop_var: taint From 7ce0061869e1c2039820cc7bc8b6e0567daf722e Mon Sep 17 00:00:00 2001 From: Adam Smith <18425703+AWSmith0216@users.noreply.github.com> Date: Mon, 18 Sep 2023 15:06:39 -0400 Subject: [PATCH 4/4] feat: (IAC-1114) Use the 'search' test rather than find when checking node names for labelling purposes (#60) --- roles/kubernetes/node/labels_taints/tasks/main.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kubernetes/node/labels_taints/tasks/main.yaml b/roles/kubernetes/node/labels_taints/tasks/main.yaml index 02be973..83699e2 100644 --- a/roles/kubernetes/node/labels_taints/tasks/main.yaml +++ b/roles/kubernetes/node/labels_taints/tasks/main.yaml @@ -8,7 +8,7 @@ vars: labels: "{{ item.value }}" with_dict: "{{ node_labels }}" - when: ansible_nodename.find(item.key) != -1 + when: ansible_nodename is search(item.key) tags: - install - update @@ -19,7 +19,7 @@ vars: taints: "{{ item.value }}" with_dict: "{{ node_taints }}" - when: ansible_nodename.find(item.key) != -1 + when: ansible_nodename is search(item.key) tags: - install - update