From c2e9cbc39479a5547463f0523dc4af83f50f4163 Mon Sep 17 00:00:00 2001 From: Vivian Rook <91909295+vivian-rook@users.noreply.github.com> Date: Mon, 11 Sep 2023 11:58:43 -0400 Subject: [PATCH] DB back to internal postgres db (#9) * DB back to internal postgres db Bug: T342699 * README * cutover to main domain --- README.md | 26 +++++++---------- ansible/db-migrate.yaml | 42 ---------------------------- ansible/superset-deploy.yaml | 3 -- ansible/templates/values.yaml.j2 | 10 +++++-- ansible/vars/codfw1dev-secrets.yaml | 1 - ansible/vars/codfw1dev.yaml | 4 --- ansible/vars/eqiad1-secrets.yaml | Bin 546 -> 453 bytes ansible/vars/eqiad1.yaml | 4 --- db-backup/backup.sh | 12 ++++++++ db-backup/pg_dump.sh | 3 ++ deploy.sh | 19 ------------- terraform/123-1.tf | 33 ++++++++++++++++++++++ terraform/123.tf | 5 ---- terraform/db.tf | 26 ----------------- terraform/secrets.tf | Bin 473 -> 317 bytes terraform/vars.tf | 31 -------------------- 16 files changed, 66 insertions(+), 153 deletions(-) delete mode 100644 ansible/db-migrate.yaml delete mode 100644 ansible/vars/codfw1dev.yaml delete mode 100644 ansible/vars/eqiad1.yaml create mode 100644 db-backup/backup.sh create mode 100644 db-backup/pg_dump.sh create mode 100644 terraform/123-1.tf delete mode 100644 terraform/db.tf diff --git a/README.md b/README.md index bfdd3cf..f33d823 100644 --- a/README.md +++ b/README.md @@ -4,30 +4,24 @@ cd terraform terraform init terraform apply -var datacenter="" -if a new database was created update currentDb and oldDB values in ansible/vars/eqiad1.yaml - # When k8s is setup, start here -To install run `deploy.sh [migrate]` +To install run `deploy.sh ` ## Disaster recovery deploy after deploy.sh Create OAuth role: all query access on all_query_access # To migrate the db: -`deploy.sh migrate` +``` +export KUBECONFIG= +kubectl exec -it pod/superset-postgresql-0 -- bash +pg_dump --username=superset superset -F t > /tmp/db.tar -# manual db backup and restore: -in Horizon create a new trove database: -Volume Size: 8 -Datastore: mysql 5.7.29 -Flavor: g3.cores2.ram4.disk20 -Initial Databases: superset -Initial Admin User: superset -``` -mysqldump -h -u superset -p superset > superset.backup -mysql -u superset -h -p superset < superset.backup -# update values.yaml-template with new hostname -bash deploy.sh upgrade +kubectl cp default/superset-postgresql-0:tmp/db.tar ./db.tar +export KUBECONFIG= +kubectl cp ./db.tar default/superset-postgresql-0:tmp/db.tar +kubectl exec -it pod/superset-postgresql-0 -- bash +pg_restore -c -U superset -F t -d superset /tmp/db.tar ``` # Upgrade notes diff --git a/ansible/db-migrate.yaml b/ansible/db-migrate.yaml deleted file mode 100644 index 8c70cbd..0000000 --- a/ansible/db-migrate.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- - -- name: Migrate old db to new - gather_facts: false - hosts: localhost - tasks: - - name: include env vars - include_vars: "vars/{{ datacenter }}.yaml" - - - name: include secret env vars - include_vars: "vars/{{ datacenter }}-secrets.yaml" - - - name: Temporary directory for mysqldump - ansible.builtin.tempfile: - state: directory - suffix: mysqldump - register: dump_dir - changed_when: False - - - name: Dump old database - community.mysql.mysql_db: - login_host: "{{ oldDb }}" - login_user: superset - login_password: "{{ dbPass }}" - state: dump - name: all - target: "{{ dump_dir.path }}/dump.sql" - - - name: Restore to new database - community.mysql.mysql_db: - login_host: "{{ currentDb }}" - login_user: superset - login_password: "{{ dbPass }}" - name: all - state: import - target: "{{ dump_dir.path }}/dump.sql" - - - name: Delete temporary directory - ansible.builtin.file: - state: absent - path: "{{ dump_dir.path }}" - changed_when: False diff --git a/ansible/superset-deploy.yaml b/ansible/superset-deploy.yaml index 6c4f53e..75b4153 100644 --- a/ansible/superset-deploy.yaml +++ b/ansible/superset-deploy.yaml @@ -4,9 +4,6 @@ gather_facts: false hosts: localhost tasks: - - name: include env vars - include_vars: vars/{{ datacenter }}.yaml - - name: include secret env vars include_vars: vars/{{ datacenter }}-secrets.yaml diff --git a/ansible/templates/values.yaml.j2 b/ansible/templates/values.yaml.j2 index 06d5fd4..f582684 100644 --- a/ansible/templates/values.yaml.j2 +++ b/ansible/templates/values.yaml.j2 @@ -75,32 +75,38 @@ configOverrides: # Authorized User AUTH_USER_REGISTRATION = True - SQLALCHEMY_DATABASE_URI = 'mysql://superset:{{ dbPass }}@{{ currentDb }}/superset' - extraConfigs: import_datasources.yaml: | databases: - database_name: s1 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s1.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s2 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s2.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s3 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s3.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s4 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s4.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s5 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s5.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s6 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s6.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s7 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s7.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true - database_name: s8 password: {{ replicaPass }} sqlalchemy_uri: mysql+mysqldb://s52788@s8.analytics.db.svc.wikimedia.cloud:3306/information_schema?ssl=1 + allow_run_async: true diff --git a/ansible/vars/codfw1dev-secrets.yaml b/ansible/vars/codfw1dev-secrets.yaml index f63e0c2..838f70e 100644 --- a/ansible/vars/codfw1dev-secrets.yaml +++ b/ansible/vars/codfw1dev-secrets.yaml @@ -3,4 +3,3 @@ replicaPass: 'OwWPd58ehbisJL4y' oauthClient: 'a008221205f74d2f50f6da00511ec287' oauthSecret: '1ee7bcabdfe01efecead659bc8cc4aa393c7edbe' -dbPass: 'jfq3qu80ua38ru8ua3w0' diff --git a/ansible/vars/codfw1dev.yaml b/ansible/vars/codfw1dev.yaml deleted file mode 100644 index 334ac53..0000000 --- a/ansible/vars/codfw1dev.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -currentDb: kdmnanixf6n.svc.trove.codfw1dev.wikimedia.cloud -oldDb: kzh57llbocj.svc.trove.codfw1dev.wikimedia.cloud diff --git a/ansible/vars/eqiad1-secrets.yaml b/ansible/vars/eqiad1-secrets.yaml index bad0e9e25a730fe38dc35240641881f53fe7663c..ece1605638fc8049388c39de83bbc10da23868d1 100644 GIT binary patch literal 453 zcmV;$0XqHwM@dveQdv+`0A1O(JB+y|ou88g$fG!NWS$Djdom{#P5lM`UR=yhb@?M_ z7#1_cAsv6T(22D|l7Ef3yiwH;I%rk#2z$6GhvJC5)MV}FZ0n2^Z&M%pPY4Co02-SQRYru@6X%qq- zIx-SSKnGuG#Oi+~!fkW^j>w3iLuL}c*M?tk$E>@vcpD9!baU_<; zK%5U))_af7jjdZYmc>EeV!4fD$XJ0E{8wyE*V?$tZqb@16%=%Ry_E!n!HATG%xj)O zG|TqKf*iG%WWWg-dzh94!wGHmylZy3_lj=69CWrP@A!>xf32QouoXF&aqiR10OaCR zlln+NwVqC2eJ$`cGf*Wo#J5tTH?m?lSW97hG&uSZ#z+Y(T-0yoG%rZ04V&(F{F=UQ zD@c&VvS)h|{UgpSfS9$&ga=#l5Qr2&ITe(cylWJWEFw+FxxXA1wN_F)#f^GVEb1V< v>gpr^Ig%yts31)Ed3exEWWzJX7{kDwP-(Fy~+!okV9iZvp+UryB zm>t*bi)L|29V!tEmAu0r61fK`sc5PO;ie>&8%RJ#w8V9C;~Sa!O!~u(j#f%6R_MBY zNwGrvn&+TA(>X8$?3kmwE)Q5UXYBABeBFl1t&MxjJ~_2c_VP7vz9=&zqZyCJfNAr< zhW%DOemiJp_$h~w7y^>E#+heJJR_BQ=P@9{MK>_eTS=Ckn!;`SRItaELI6@YLb>ZgLn2&f{e^`*UgMERuo} zWnEy8-Cs_QE8)p>Udh^ADyk&%6T4icPtT*_sM*^dcJuNn5(ybf!Le=ck8l0_Qn%#y zmxBtEfs;3=Nu~A7pESqyRH@X~lAOrM99d=34G}&UdcHw0g5*S}lKC;N1D!ff;N;dK z?sl&xnV$|QvQS9HYsdVqCu;!)q(OJ{$8z4FcRK{D{l#Nf4{sU-iXi93ycLz-0gHod z9_kjy()bOmknVI7dew}@(5-{Ekx#8m*4`xDMiBmhGmCSbE(=jXHwyvlfb?b9zX&&L kkIWDk5Wd5Of4=^j`Cb>uizt`fD(fl5ZG%7%Qvd(} diff --git a/ansible/vars/eqiad1.yaml b/ansible/vars/eqiad1.yaml deleted file mode 100644 index 3c28288..0000000 --- a/ansible/vars/eqiad1.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -currentDb: 3paubms4bt4.svc.trove.eqiad1.wikimedia.cloud -oldDb: 2xopzht2475.svc.trove.eqiad1.wikimedia.cloud diff --git a/db-backup/backup.sh b/db-backup/backup.sh new file mode 100644 index 0000000..125adfc --- /dev/null +++ b/db-backup/backup.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +mv ./superset-db-backup.4 ./superset-db-backup.5 +mv ./superset-db-backup.3 ./superset-db-backup.4 +mv ./superset-db-backup.2 ./superset-db-backup.3 +mv ./superset-db-backup.1 ./superset-db-backup.2 +mv ./superset-db-backup ./superset-db-backup.1 + +kubectl cp ./pg_dump.sh default/superset-postgresql-0:/tmp/pg_dump.sh +kubectl exec -it pod/superset-postgresql-0 -- bash /tmp/pg_dump.sh +kubectl cp default/superset-postgresql-0:tmp/db.tar ./superset-db-backup + diff --git a/db-backup/pg_dump.sh b/db-backup/pg_dump.sh new file mode 100644 index 0000000..0586a62 --- /dev/null +++ b/db-backup/pg_dump.sh @@ -0,0 +1,3 @@ +#!/bin/bash +export PGPASSWORD="superset" +pg_dump --username=superset superset -F t > /tmp/db.tar diff --git a/deploy.sh b/deploy.sh index a59378a..5ea27e7 100644 --- a/deploy.sh +++ b/deploy.sh @@ -2,8 +2,6 @@ set -e -migrate='false' - if [ "${1}" = 'eqiad1' ] then datacenter=${1} @@ -17,12 +15,6 @@ else exit fi -if [ "${2}" = 'migrate' ] -then - migrate='true' -fi - - if ! command -v kubectl ; then echo "please install kubectl" exit 1 @@ -33,11 +25,6 @@ if ! command -v helm ; then exit 1 fi -if ! command -v mysqldump ; then - echo "please install mariadb-client" - exit 1 -fi - python3 -m venv .venv/deploy source .venv/deploy/bin/activate pip install ansible==8.1.0 kubernetes==26.1.0 PyMySQL==1.1.0 @@ -46,9 +33,3 @@ export KUBECONFIG=$(pwd)/terraform/kube.config cd ansible ansible-playbook superset-deploy.yaml --extra-vars "datacenter=${datacenter}" - -if [ "${migrate}" = 'true' ] -then - echo "migrating!" - ansible-playbook db-migrate.yaml --extra-vars "datacenter=${datacenter}" -fi diff --git a/terraform/123-1.tf b/terraform/123-1.tf new file mode 100644 index 0000000..aeb6d25 --- /dev/null +++ b/terraform/123-1.tf @@ -0,0 +1,33 @@ +resource "openstack_containerinfra_cluster_v1" "k8s_123_1" { + name = "superset${var.name[var.datacenter]}-123-1" + cluster_template_id = resource.openstack_containerinfra_clustertemplate_v1.template_123_1.id + master_count = 1 + node_count = var.workers[var.datacenter] +} + +resource "local_file" "kube_config" { + content = resource.openstack_containerinfra_cluster_v1.k8s_123_1.kubeconfig.raw_config + filename = "kube.config" +} + +resource "openstack_containerinfra_clustertemplate_v1" "template_123_1" { + name = "superset${var.name[var.datacenter]}-123-1" + coe = "kubernetes" + dns_nameserver = "8.8.8.8" + docker_storage_driver = "overlay2" + docker_volume_size = "20" + external_network_id = var.external_network_id[var.datacenter] + fixed_subnet = var.fixed_subnet[var.datacenter] + fixed_network = var.fixed_network[var.datacenter] + flavor = var.worker_flavor[var.datacenter] + floating_ip_enabled = "false" + image = var.image_name[var.datacenter] + master_flavor = var.control_flavor[var.datacenter] + network_driver = "flannel" + + labels = { + kube_tag = "v1.23.15-rancher1-linux-amd64" + hyperkube_prefix = "docker.io/rancher/" + cloud_provider_enabled = "true" + } +} diff --git a/terraform/123.tf b/terraform/123.tf index ce05329..3c3db46 100644 --- a/terraform/123.tf +++ b/terraform/123.tf @@ -5,11 +5,6 @@ resource "openstack_containerinfra_cluster_v1" "k8s_123" { node_count = var.workers[var.datacenter] } -resource "local_file" "kube_config" { - content = resource.openstack_containerinfra_cluster_v1.k8s_123.kubeconfig.raw_config - filename = "kube.config" -} - resource "openstack_containerinfra_clustertemplate_v1" "template_123" { name = "superset${var.name[var.datacenter]}-123" coe = "kubernetes" diff --git a/terraform/db.tf b/terraform/db.tf deleted file mode 100644 index 50e3639..0000000 --- a/terraform/db.tf +++ /dev/null @@ -1,26 +0,0 @@ -resource "openstack_db_instance_v1" "superset" { - region = var.region[var.datacenter] - name = "superset${var.name[var.datacenter]}" - flavor_id = var.db_flavor_uuid[var.datacenter] - size = var.db_size[var.datacenter] - - network { - uuid = var.network_uuid[var.datacenter] - } - - user { - name = "superset" - host = "%" - password = var.db_password[var.datacenter] - databases = ["superset"] - } - - database { - name = "superset" - } - - datastore { - version = "5.7.29" - type = "mysql" - } -} diff --git a/terraform/secrets.tf b/terraform/secrets.tf index 672bd6d63042e2834f644649fc5fede4da1749e5..d6f3473fc2b61d32977d1b0803cf549b94a340fc 100644 GIT binary patch literal 317 zcmV-D0mA+OM@dveQdv+`0ESi?@15R=d{xXzVI(NrAi7wHV_es_sRFx!mlM-h^s+x; z-CX&Xt;3g$sB6J4VtNj!@MfR3FNb7PaUo)cBH_}VZ&s=_veLNhzuhG7bRwi&A?vGh zSy99P+js>)Mj(3oYbM5uXY1Y<5+J>t-Y)iZr+!VB-u}iIN$lXq94b*PrQjH+J&$OD zg( literal 473 zcmV;~0Ve(cM@dveQdv+`00`Myrz)fu%tthhXqc%~ke!X~N-D!}eftT)$r7;MD~I>_ zGTQL^Ge~c5dxwn@2PI0X7U7ZaA+&)Ibd{2B;||P^P?Xlv)GDAWTSgVgAZyap-44X% z8*Ug&Yr*atY__0-aphmB6D2%k^p!0WHp{MyfYy6mCHD$EFT81Y$g(4gT)y6tY~xDd z>E+X{17|%O3RuN}VL!;NZ<@6Ur0DPxg@zCapFQM6Fs3Bw_*;(n|FLt%%)Mm7qwCgV zwZbH9sK<@mRPMqYZkbHmW~@oHiVK3d762eZFFLI`X;m%1T6N8bPk4&LU-YG`bbSgS z_#f4!HjzSN&7UGJV zS|RAi_RiafOzJuLTL#voCx4(_%zjiXDC)H`*l`Y~+&bOBWKIdr<_}0=TNSMT@F}T5 zmIC4XVlca%gD&fGiTmix14;7wnv_=iQ2k|_qcNexlf;3Ec3(YVIk14=_L+Bd%*6K^ zY7#J*4DhVE0TZI2koPbZun~_|^Bw1=a}{t&Q-QjBLZeEx_U_?i)ERWC?K{&vnqINH Pje;L!QTB8>kaon*M=J5B diff --git a/terraform/vars.tf b/terraform/vars.tf index 357d050..582215b 100644 --- a/terraform/vars.tf +++ b/terraform/vars.tf @@ -84,34 +84,3 @@ variable "workers" { "eqiad1" = "2" } } - - -# trove vars -variable "network_uuid" { - type = map(any) - default = { - "codfw1dev" = "05a5494a-184f-4d5c-9e98-77ae61c56daa" # lan-flat-cloudinstances2b - "eqiad1" = "7425e328-560c-4f00-8e99-706f3fb90bb4" # lan-flat-cloudinstances2b - } -} -variable "db_flavor_uuid" { - type = map(any) - default = { - "codfw1dev" = "5b2ca632-2ea0-4007-9b40-4f84f8e2428b" - "eqiad1" = "55d5d90f-c5c6-44ff-bb8a-be7b077481cf" - } -} -variable "region" { - type = map(any) - default = { - "codfw1dev" = "codfw1dev-r" - "eqiad1" = "eqiad1-r" - } -} -variable "db_size" { - type = map(any) - default = { - "codfw1dev" = "1" - "eqiad1" = "4" - } -}