From 188aecae44f5ce60fd978704c701d76a367bb4b3 Mon Sep 17 00:00:00 2001 From: "a@a.ru" Date: Tue, 7 May 2019 16:38:20 +0300 Subject: [PATCH 1/3] Add logs upload --- .gitignore | 2 ++ README.md | 8 +++-- ansible.cfg | 1 + attach_existing_rds.yml | 1 + clean.yml | 1 + deploy_infra.yml | 1 + deploy_software.yml | 11 +++--- group_vars/all.yml.example | 4 +-- roles/check/tasks/main.yml | 5 +++ roles/debug/defaults/main.yml | 1 + roles/debug/tasks/main.yml | 67 +++++++++++++++++++++++++++++++++++ roles/s3/tasks/main.yml | 47 ------------------------ 12 files changed, 93 insertions(+), 56 deletions(-) create mode 100644 roles/debug/defaults/main.yml create mode 100644 roles/debug/tasks/main.yml diff --git a/.gitignore b/.gitignore index 236bbb8..b59e1d0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +log.txt + # Terraform State *.terraform* *terraform.tfstate.d* diff --git a/README.md b/README.md index f862cb1..9758dd0 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ The single point of configuration in this script is a `group_vars/all.yml` file. - `aws_access_key` and `aws_secret_key` is a credentials pair that provides access to AWS for the deployer; - `backend` variable defines whether deployer should keep state files remote or locally. Set `backend` variable to `true` if you want to save state file to the remote S3 bucket; -- `upload_config_to_s3` - set to `true` if you want to upload config`all.yml` file to the S3 bucket automatically during deployment. Will not work if `backend` is set to false; +- `upload_debug_info_to_s3` - set to `true` if you want to upload debug info such as config `all.yml` file and full log output to the S3 bucket automatically after the deployment. Will not work if `backend` is set to false; - `bucket` represents a globally unique name of the bucket where your configs and state will be stored. It will be created automatically during the deployment; - `prefix` - is a unique tag to use for provisioned resources (5 alphanumeric chars or less); - `chains` - maps chains to the URLs of HTTP RPC endpoints, an ordinary blockchain node can be used; @@ -209,7 +209,7 @@ Despite the fact that Terraform cache is automatically cleared automatically bef ## Migrating deployer to another machine -You can easily manipulate your deployment from any machine with sufficient prerequisites. If `upload_config_to_s3` variable is set to true, the deployer will automatically upload your `all.yml` file to the s3 bucket, so you can easily download it to any other machine. Simply download this file to your `group_vars` folder and your new deployer will pick up the current deployment instead of creating a new one. +You can easily manipulate your deployment from any machine with sufficient prerequisites. If `upload_debug_info_to_s3` variable is set to true, the deployer will automatically upload your `all.yml` file to the s3 bucket, so you can easily download it to any other machine. Simply download this file to your `group_vars` folder and your new deployer will pick up the current deployment instead of creating a new one. ## Attaching the existing RDS instance to the current deployment @@ -219,9 +219,13 @@ In some cases you may want not to create a new database, but to add the existing **Note 1**: while executing `ansible-playbook attach_existing_rds.yml` the S3 and DynamoDB will be automatically created (if `backend` variable is set to `true`) to store Terraform state files. **Note 2**: the actual name of your resource must include prefix that you will use in this deployment. + Example: + Real resource: tf-poa + `prefix` variable: tf + `chain_db_id` variable: poa **Note 3**: make sure MultiAZ is disabled on your database. diff --git a/ansible.cfg b/ansible.cfg index 94ace06..d30db00 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -4,3 +4,4 @@ pipelining = True inventory = hosts deprecation_warnings = False host_key_checking=false +log_path=log.txt diff --git a/attach_existing_rds.yml b/attach_existing_rds.yml index 6dfe35e..4c61c8d 100644 --- a/attach_existing_rds.yml +++ b/attach_existing_rds.yml @@ -5,6 +5,7 @@ - { role: s3, when: "backend|bool == true" } - { role: dynamodb, when: "backend|bool == true" } - { role: attach_existing_rds } + - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } vars_prompt: - name: "confirmation" prompt: "Are you sure you want to attach the existing RDS? If backend variable is set to True, this action includes creating the S3 and DynamoDB table for storing Terraform state files." diff --git a/clean.yml b/clean.yml index 4f1492e..c1e664a 100644 --- a/clean.yml +++ b/clean.yml @@ -11,3 +11,4 @@ - roles/main_infra/files/main.tfvars - roles/main_infra/files/backend.tfvars - roles/main_infra/files/terraform.tfplan + - log.txt diff --git a/deploy_infra.yml b/deploy_infra.yml index c85c19c..dcce016 100644 --- a/deploy_infra.yml +++ b/deploy_infra.yml @@ -5,3 +5,4 @@ - { role: s3, when: "backend|bool == true" } - { role: dynamodb, when: "backend|bool == true" } - { role: main_infra } + - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } diff --git a/deploy_software.yml b/deploy_software.yml index acfa6d4..931f2a1 100644 --- a/deploy_software.yml +++ b/deploy_software.yml @@ -1,8 +1,3 @@ -- name: Save config file - hosts: localhost - roles: - - { role: s3, when: "backend|bool == true" } - - name: Deploy BlockScout hosts: localhost tasks: @@ -13,3 +8,9 @@ loop_control: loop_var: chain index_var: index + +- name: Save debug files + hosts: localhost + roles: + - { role: s3, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index 6d2314f..c5759a1 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -11,8 +11,8 @@ aws_region: "us-east-1" ## If set to true backend will be uploaded and stored at S3 bucket, so you can easily manage your deployment from any machine. It is highly recommended to do not change this variable backend: true -## If this is set to true along with backend variable, this config file will be saved to s3 bucket. Please, make sure to name it as all.yml. Otherwise, no upload will be performed -upload_config_to_s3: true +## If this is set to true along with backend variable, this config file and the log output will be saved to s3 bucket. Please, make sure to name it as all.yml. Otherwise, no upload will be performed +upload_debug_info_to_s3: true ## The bucket and dynamodb_table variables will be used only when backend variable is set to true ## Name of the bucket where TF state files will be stored diff --git a/roles/check/tasks/main.yml b/roles/check/tasks/main.yml index 2792753..30205d2 100644 --- a/roles/check/tasks/main.yml +++ b/roles/check/tasks/main.yml @@ -1,3 +1,8 @@ +- name: Clean log file + file: + state: absent + path: "log.txt" + - name: Check prefix fail: msg: "The prefix '{{ prefix }}' is invalid. It must consist only of the lowercase characters a-z and digits 0-9, and must be between 3 and 5 characters long." diff --git a/roles/debug/defaults/main.yml b/roles/debug/defaults/main.yml new file mode 100644 index 0000000..1c7d2a8 --- /dev/null +++ b/roles/debug/defaults/main.yml @@ -0,0 +1 @@ +aws_profile: "default" diff --git a/roles/debug/tasks/main.yml b/roles/debug/tasks/main.yml new file mode 100644 index 0000000..cc261de --- /dev/null +++ b/roles/debug/tasks/main.yml @@ -0,0 +1,67 @@ +- name: Check log file exists + stat: + path: "{{ playbook_dir }}/log.txt" + register: stat_result + +- name: Upload logs to s3 + aws_s3: + bucket: "{{ prefix }}-{{ bucket }}" + object: log.txt + src: "{{ playbook_dir }}/log.txt" + mode: put + profile: "{{ profile }}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" + region: "{{ region }}" + vars: + access_key: "{{ aws_access_key|default(omit) }}" + secret_key: "{{ aws_secret_key|default(omit) }}" + profile: "{{ aws_profile|default(omit) }}" + region: "{{ aws_region|default(omit) }}" + when: stat_result.stat.exists == true + +- name: Check if config file exists + stat: + path: "{{ playbook_dir }}/group_vars/all.yml" + register: stat_result + +- name: Copy temporary file to be uploaded + command: "cp {{ playbook_dir }}/group_vars/all.yml {{ playbook_dir }}/group_vars/all.yml.temp" + when: stat_result.stat.exists == True + +- name: Remove insecure AWS variables + replace: + path: "{{ playbook_dir }}/group_vars/all.yml.temp" + regexp: 'aws_.*' + replace: '' + when: stat_result.stat.exists == True + +- name: Remove other insecure variables + replace: + path: "{{ playbook_dir }}/group_vars/all.yml.temp" + regexp: 'secret_.*' + replace: '' + when: stat_result.stat.exists == True + +- name: Upload config to S3 bucket + aws_s3: + bucket: "{{ prefix }}-{{ bucket }}" + object: all.yml + src: "{{ playbook_dir }}/group_vars/all.yml.temp" + mode: put + profile: "{{ profile }}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" + region: "{{ region }}" + vars: + access_key: "{{ aws_access_key|default(omit) }}" + secret_key: "{{ aws_secret_key|default(omit) }}" + profile: "{{ aws_profile|default(omit) }}" + region: "{{ aws_region|default(omit) }}" + when: stat_result.stat.exists == True + +- name: Remove temp file + file: + path: "{{ playbook_dir }}/group_vars/all.yml.temp" + state: absent + when: stat_result.stat.exists == True diff --git a/roles/s3/tasks/main.yml b/roles/s3/tasks/main.yml index 0d666ff..e91b7d3 100644 --- a/roles/s3/tasks/main.yml +++ b/roles/s3/tasks/main.yml @@ -46,50 +46,3 @@ secret_key: "{{ aws_secret_key|default(omit) }}" profile: "{{ aws_profile|default(omit) }}" region: "{{ aws_region|default(omit) }}" - -- name: Check if config file exists - stat: - path: "{{ playbook_dir }}/group_vars/all.yml" - register: stat_result - when: upload_config_to_s3|bool == True - -- name: Copy temporary file to be uploaded - command: "cp {{ playbook_dir }}/group_vars/all.yml {{ playbook_dir }}/group_vars/all.yml.temp" - when: upload_config_to_s3|bool == True - -- name: Remove insecure AWS variables - replace: - path: "{{ playbook_dir }}/group_vars/all.yml.temp" - regexp: 'aws_.*' - replace: '' - when: upload_config_to_s3|bool == True - -- name: Remove other insecure variables - replace: - path: "{{ playbook_dir }}/group_vars/all.yml.temp" - regexp: 'secret_.*' - replace: '' - when: upload_config_to_s3|bool == True - -- name: Upload config to S3 bucket - aws_s3: - bucket: "{{ prefix }}-{{ bucket }}" - object: all.yml - src: "{{ playbook_dir }}/group_vars/all.yml.temp" - mode: put - profile: "{{ profile }}" - aws_access_key: "{{ access_key }}" - aws_secret_key: "{{ secret_key }}" - region: "{{ region }}" - vars: - access_key: "{{ aws_access_key|default(omit) }}" - secret_key: "{{ aws_secret_key|default(omit) }}" - profile: "{{ aws_profile|default(omit) }}" - region: "{{ aws_region|default(omit) }}" - when: upload_config_to_s3|bool == True and stat_result.stat.exists == True - -- name: Remove temp file - file: - path: "{{ playbook_dir }}/group_vars/all.yml.temp" - state: absent - when: upload_config_to_s3|bool == True From 64f4c9f3c19164b7c3235d92792ad9baaacf5952 Mon Sep 17 00:00:00 2001 From: "a@a.ru" Date: Wed, 15 May 2019 14:15:48 +0300 Subject: [PATCH 2/3] Add backward compatibility --- attach_existing_rds.yml | 3 ++- deploy_infra.yml | 3 ++- deploy_software.yml | 5 +++-- group_vars/all.yml.example | 3 ++- roles/{debug => s3_config}/defaults/main.yml | 0 roles/{debug => s3_config}/tasks/main.yml | 22 -------------------- roles/s3_debug/defaults/main.yml | 1 + roles/s3_debug/tasks/main.yml | 21 +++++++++++++++++++ 8 files changed, 31 insertions(+), 27 deletions(-) rename roles/{debug => s3_config}/defaults/main.yml (100%) rename roles/{debug => s3_config}/tasks/main.yml (70%) create mode 100644 roles/s3_debug/defaults/main.yml create mode 100644 roles/s3_debug/tasks/main.yml diff --git a/attach_existing_rds.yml b/attach_existing_rds.yml index 4c61c8d..8605f37 100644 --- a/attach_existing_rds.yml +++ b/attach_existing_rds.yml @@ -5,7 +5,8 @@ - { role: s3, when: "backend|bool == true" } - { role: dynamodb, when: "backend|bool == true" } - { role: attach_existing_rds } - - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } + - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } vars_prompt: - name: "confirmation" prompt: "Are you sure you want to attach the existing RDS? If backend variable is set to True, this action includes creating the S3 and DynamoDB table for storing Terraform state files." diff --git a/deploy_infra.yml b/deploy_infra.yml index dcce016..1820e92 100644 --- a/deploy_infra.yml +++ b/deploy_infra.yml @@ -5,4 +5,5 @@ - { role: s3, when: "backend|bool == true" } - { role: dynamodb, when: "backend|bool == true" } - { role: main_infra } - - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } + - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } diff --git a/deploy_software.yml b/deploy_software.yml index 931f2a1..747a840 100644 --- a/deploy_software.yml +++ b/deploy_software.yml @@ -12,5 +12,6 @@ - name: Save debug files hosts: localhost roles: - - { role: s3, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } - - { role: debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + - { role: s3, when: "backend|bool == true and (upload_debug_info_to_s3|bool == true or upload_config_to_s3|bool ==true)" } + - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } + - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } diff --git a/group_vars/all.yml.example b/group_vars/all.yml.example index c5759a1..d08ced7 100644 --- a/group_vars/all.yml.example +++ b/group_vars/all.yml.example @@ -11,7 +11,8 @@ aws_region: "us-east-1" ## If set to true backend will be uploaded and stored at S3 bucket, so you can easily manage your deployment from any machine. It is highly recommended to do not change this variable backend: true -## If this is set to true along with backend variable, this config file and the log output will be saved to s3 bucket. Please, make sure to name it as all.yml. Otherwise, no upload will be performed +## If this is set to true along with backend variable, this config file/the log output will be saved to s3 bucket. Please, make sure to name the config file "all.yml". Otherwise, no upload will be performed +upload_config_to_s3: true upload_debug_info_to_s3: true ## The bucket and dynamodb_table variables will be used only when backend variable is set to true diff --git a/roles/debug/defaults/main.yml b/roles/s3_config/defaults/main.yml similarity index 100% rename from roles/debug/defaults/main.yml rename to roles/s3_config/defaults/main.yml diff --git a/roles/debug/tasks/main.yml b/roles/s3_config/tasks/main.yml similarity index 70% rename from roles/debug/tasks/main.yml rename to roles/s3_config/tasks/main.yml index cc261de..dd598a9 100644 --- a/roles/debug/tasks/main.yml +++ b/roles/s3_config/tasks/main.yml @@ -1,25 +1,3 @@ -- name: Check log file exists - stat: - path: "{{ playbook_dir }}/log.txt" - register: stat_result - -- name: Upload logs to s3 - aws_s3: - bucket: "{{ prefix }}-{{ bucket }}" - object: log.txt - src: "{{ playbook_dir }}/log.txt" - mode: put - profile: "{{ profile }}" - aws_access_key: "{{ access_key }}" - aws_secret_key: "{{ secret_key }}" - region: "{{ region }}" - vars: - access_key: "{{ aws_access_key|default(omit) }}" - secret_key: "{{ aws_secret_key|default(omit) }}" - profile: "{{ aws_profile|default(omit) }}" - region: "{{ aws_region|default(omit) }}" - when: stat_result.stat.exists == true - - name: Check if config file exists stat: path: "{{ playbook_dir }}/group_vars/all.yml" diff --git a/roles/s3_debug/defaults/main.yml b/roles/s3_debug/defaults/main.yml new file mode 100644 index 0000000..1c7d2a8 --- /dev/null +++ b/roles/s3_debug/defaults/main.yml @@ -0,0 +1 @@ +aws_profile: "default" diff --git a/roles/s3_debug/tasks/main.yml b/roles/s3_debug/tasks/main.yml new file mode 100644 index 0000000..084af1d --- /dev/null +++ b/roles/s3_debug/tasks/main.yml @@ -0,0 +1,21 @@ +- name: Check log file exists + stat: + path: "{{ playbook_dir }}/log.txt" + register: stat_result + +- name: Upload logs to s3 + aws_s3: + bucket: "{{ prefix }}-{{ bucket }}" + object: log.txt + src: "{{ playbook_dir }}/log.txt" + mode: put + profile: "{{ profile }}" + aws_access_key: "{{ access_key }}" + aws_secret_key: "{{ secret_key }}" + region: "{{ region }}" + vars: + access_key: "{{ aws_access_key|default(omit) }}" + secret_key: "{{ aws_secret_key|default(omit) }}" + profile: "{{ aws_profile|default(omit) }}" + region: "{{ aws_region|default(omit) }}" + when: stat_result.stat.exists == true From 4cf45a97974a22e6d19596555f007892ef36bfd0 Mon Sep 17 00:00:00 2001 From: "a@a.ru" Date: Wed, 15 May 2019 15:23:27 +0300 Subject: [PATCH 3/3] Make debug info uploader work even if error occured during deployment --- README.md | 3 ++- attach_existing_rds.yml | 28 ++++++++++++++++++++-------- deploy_infra.yml | 26 +++++++++++++++++++------- deploy_software.yml | 32 ++++++++++++++++++-------------- roles/check/tasks/main.yml | 5 ----- 5 files changed, 59 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index 9758dd0..1ec9889 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,8 @@ The single point of configuration in this script is a `group_vars/all.yml` file. - `aws_access_key` and `aws_secret_key` is a credentials pair that provides access to AWS for the deployer; - `backend` variable defines whether deployer should keep state files remote or locally. Set `backend` variable to `true` if you want to save state file to the remote S3 bucket; -- `upload_debug_info_to_s3` - set to `true` if you want to upload debug info such as config `all.yml` file and full log output to the S3 bucket automatically after the deployment. Will not work if `backend` is set to false; +- `upload_config_to_s3` - set to `true` if you want to upload config `all.yml` file to the S3 bucket automatically after the deployment. Will not work if `backend` is set to false; +- `upload_debug_info_to_s3` - set to `true` if you want to upload full log output to the S3 bucket automatically after the deployment. Will not work if `backend` is set to false. *IMPORTANT*: Locally logs are stored at `log.txt` which is not cleaned automatically. Please, do not forget to clean it manually or using the `clean.yml` playbook; - `bucket` represents a globally unique name of the bucket where your configs and state will be stored. It will be created automatically during the deployment; - `prefix` - is a unique tag to use for provisioned resources (5 alphanumeric chars or less); - `chains` - maps chains to the URLs of HTTP RPC endpoints, an ordinary blockchain node can be used; diff --git a/attach_existing_rds.yml b/attach_existing_rds.yml index 8605f37..2675396 100644 --- a/attach_existing_rds.yml +++ b/attach_existing_rds.yml @@ -1,13 +1,25 @@ - name: Attach existing RDS instance hosts: localhost - roles: - - { role: check } - - { role: s3, when: "backend|bool == true" } - - { role: dynamodb, when: "backend|bool == true" } - - { role: attach_existing_rds } - - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } - - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + tasks: + - block: + - include_role: + name: check + - include_role: + name: "{{ item }}" + with_items: + - s3 + - dynamodb + when: backend|bool == true + - include_role: + name: attach_existing_rds + always: + - include_role: + name: s3_config + when: backend|bool == true and upload_config_to_s3|bool == true + - include_role: + name: s3_debug + when: backend|bool == true and upload_debug_info_to_s3|bool == true vars_prompt: - name: "confirmation" - prompt: "Are you sure you want to attach the existing RDS? If backend variable is set to True, this action includes creating the S3 and DynamoDB table for storing Terraform state files." + prompt: "Are you sure you want to attach the existing RDS? If backend variable is set to True, this action also includes creating the S3 and DynamoDB table for storing Terraform state files." default: False diff --git a/deploy_infra.yml b/deploy_infra.yml index 1820e92..5d64e04 100644 --- a/deploy_infra.yml +++ b/deploy_infra.yml @@ -1,9 +1,21 @@ - name: Prepare infrastructure hosts: localhost - roles: - - { role: check } - - { role: s3, when: "backend|bool == true" } - - { role: dynamodb, when: "backend|bool == true" } - - { role: main_infra } - - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } - - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + tasks: + - block: + - include_role: + name: check + - include_role: + name: "{{ item }}" + with_items: + - s3 + - dynamodb + when: backend|bool == true + - include_role: + name: main_infra + always: + - include_role: + name: s3_config + when: backend|bool == true and upload_config_to_s3|bool == true + - include_role: + name: s3_debug + when: backend|bool == true and upload_debug_info_to_s3|bool == true diff --git a/deploy_software.yml b/deploy_software.yml index 747a840..21c38ce 100644 --- a/deploy_software.yml +++ b/deploy_software.yml @@ -1,17 +1,21 @@ - name: Deploy BlockScout hosts: localhost tasks: - - name: Use role in loop - include_role: - name: main_software - loop: "{{ chain_custom_environment.keys() }}" - loop_control: - loop_var: chain - index_var: index - -- name: Save debug files - hosts: localhost - roles: - - { role: s3, when: "backend|bool == true and (upload_debug_info_to_s3|bool == true or upload_config_to_s3|bool ==true)" } - - { role: s3_config, when: "backend|bool == true and upload_config_to_s3|bool == true" } - - { role: s3_debug, when: "backend|bool == true and upload_debug_info_to_s3|bool == true" } + - block: + - name: Use role in loop + include_role: + name: main_software + loop: "{{ chain_custom_environment.keys() }}" + loop_control: + loop_var: chain + index_var: index + always: + - include_role: + name: s3 + when: backend|bool == true and (upload_debug_info_to_s3|bool == true or upload_config_to_s3|bool ==true) + - include_role: + name: s3_config + when: backend|bool == true and upload_config_to_s3|bool == true + - include_role: + name: s3_debug + when: backend|bool == true and upload_debug_info_to_s3|bool == true diff --git a/roles/check/tasks/main.yml b/roles/check/tasks/main.yml index 30205d2..2792753 100644 --- a/roles/check/tasks/main.yml +++ b/roles/check/tasks/main.yml @@ -1,8 +1,3 @@ -- name: Clean log file - file: - state: absent - path: "log.txt" - - name: Check prefix fail: msg: "The prefix '{{ prefix }}' is invalid. It must consist only of the lowercase characters a-z and digits 0-9, and must be between 3 and 5 characters long."