add ansible playbook

Author: vitabaks

ansible.cfg

@@ -0,0 +1,14 @@
+[defaults]
+inventory = ./inventory
+display_skipped_hosts = false
+remote_tmp = /tmp/${USER}/ansible
+host_key_checking = false
+timeout=60
+
+[persistent_connection]
+retries = 3
+connect_timeout = 60
+command_timeout = 30
+
+
+# https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg

deploy_pgcluster.yml

@@ -0,0 +1,73 @@
+---
+
+- name: Deploy PostgreSQL High-Availability Cluster (based on "Patroni" and "DCS(etcd)")
+  hosts: postgres-cluster
+  become: true
+  become_method: sudo
+  any_errors_fatal: true
+  gather_facts: true
+  vars_files: 
+    - vars/main.yml
+    - "vars/{{ ansible_os_family }}.yml"
+
+
+  pre_tasks:
+    - import_tasks: tasks/check_system.yml
+
+    - import_tasks: tasks/add-repository.yml
+      tags: [ add_repo, configure ]
+
+    - import_tasks: tasks/packages.yml
+      tags: [ install_packages, install_postgres ]
+
+    - import_tasks: tasks/sudo.yml
+      tags: [ sudo, postgres_sudo, configure ]
+
+    - import_tasks: tasks/configure.yml
+      tags: configure
+      
+  roles:
+    - role: ansible-role-firewall
+      tags: firewall
+
+  tasks:
+    - meta: flush_handlers
+    
+    - import_tasks: tasks/etcd.yml
+      when: dcs_exists == "false" and dcs_type == "etcd"
+      tags: [ etcd, etcd_cluster ]
+
+    - import_tasks: tasks/patroni.yml
+      tags: patroni
+
+    - import_tasks: tasks/pgbouncer.yml
+      when: install_pgbouncer == "true"
+      tags: pgbouncer
+
+    - import_tasks: tasks/haproxy.yml
+      when: with_haproxy_load_balancing == "true" and cluster_vip | length > 0
+      tags: [ haproxy, load_balancing ]
+
+    - import_tasks: tasks/vip-manager.yml
+      when: with_haproxy_load_balancing != "true" and cluster_vip | length > 0
+      tags: [ vip, vip_manager ]
+
+    # optional
+    - import_tasks: tasks/postgresql-users.yml
+      when: is_master == "true" and postgresql_users | length > 0
+      tags: postgresql_users
+
+    - import_tasks: tasks/postgresql-databases.yml
+      when: is_master == "true" and postgresql_databases | length > 0
+      tags: postgresql_databases
+
+    - import_tasks: tasks/postgresql-extensions.yml
+      when: is_master == "true" and postgresql_extensions | length > 0
+      tags: postgresql_extensions
+
+    # finish (info)
+    - import_tasks: tasks/deploy_finish.yml
+      tags: [ cluster_info, cluster_status ]
+
+      
+

files/requirements.txt

@@ -0,0 +1,15 @@
+psycopg2>=2.8
+urllib3>=1.19.1,!=1.21,<1.25
+boto
+PyYAML
+requests
+six >= 1.7
+kazoo>=1.3.1
+python-etcd>=0.4.3,<0.5
+python-consul>=0.7.0
+click>=4.1
+prettytable>=0.7
+tzlocal
+python-dateutil
+psutil>=2.0.0
+cdiff

files/vip-manager

@@ -0,0 +1,4 @@
+---
+
+is_master: 'true'
+postgresql_exists: 'false'

group_vars/master

@@ -0,0 +1,4 @@
+---
+
+is_master: 'false'
+postgresql_exists: 'false'

group_vars/replica

@@ -0,0 +1,28 @@
+# This is example inventory file!
+# Please specify the ip addresses and connection settings for your environment
+
+# "postgresql_exists='true'" if PostgreSQL is already exists and runing
+# "hostname=" variable is optional (used to change the server name)
+
+[master]
+10.128.64.140 postgresql_exists='false' hostname=pgnode01
+
+[replica]
+10.128.64.142 hostname=pgnode02
+10.128.64.143 hostname=pgnode03
+
+
+[postgres-cluster:children]
+master
+replica
+
+
+# Connection settings
+[all:vars]
+ansible_connection='ssh'
+ansible_ssh_port='22'
+ansible_user='root'
+ansible_ssh_pass='testpas'  # "sshpass" package is required for use "ansible_ssh_pass"
+#ansible_ssh_private_key_file=
+# ansible_python_interpreter='/usr/bin/python3'  # is required for use python3
+

inventory

@@ -0,0 +1,3 @@
+*.retry
+*/__pycache__
+*.pyc

roles/ansible-role-firewall/.gitignore

@@ -0,0 +1,30 @@
+---
+language: python
+services: docker
+
+env:
+  global:
+    - ROLE_NAME: firewall
+  matrix:
+    - MOLECULE_DISTRO: centos7
+    - MOLECULE_DISTRO: centos6
+    - MOLECULE_DISTRO: ubuntu1804
+    - MOLECULE_DISTRO: ubuntu1604
+    - MOLECULE_DISTRO: debian9
+
+install:
+  # Install test dependencies.
+  - pip install molecule docker
+
+before_script:
+  # Use actual Ansible Galaxy role name for the project directory.
+  - cd ../
+  - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
+  - cd geerlingguy.$ROLE_NAME
+
+script:
+  # Run tests.
+  - molecule test
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

roles/ansible-role-firewall/.travis.yml

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Jeff Geerling
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.