From 6df489e579e1c3d330ddd76ddf88672ff850aa9c Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Tue, 30 Aug 2022 13:16:37 +1000 Subject: [PATCH 01/13] some WIP for adding bitbucket mesh support --- aws_bitbucket_mesh_node.yml | 16 ++++++ roles/bitbucket_mesh/defaults/main.yml | 3 ++ roles/bitbucket_mesh/tasks/main.yml | 51 +++++++++++++++++++ .../bitbucket_mesh/templates/mesh.service.j2 | 26 ++++++++++ 4 files changed, 96 insertions(+) create mode 100644 aws_bitbucket_mesh_node.yml create mode 100644 roles/bitbucket_mesh/defaults/main.yml create mode 100644 roles/bitbucket_mesh/tasks/main.yml create mode 100644 roles/bitbucket_mesh/templates/mesh.service.j2 diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml new file mode 100644 index 0000000..1957b1a --- /dev/null +++ b/aws_bitbucket_mesh_node.yml @@ -0,0 +1,16 @@ +--- +- hosts: aws_node_local + become: true + + vars: + # See group_vars/aws_node_local.yml, which pull vars from the environment. + atl_product_family: "stash" + atl_product_edition: "bitbucket" + atl_product_user: "bitbucket" + + + roles: + - role: linux_common + - role: aws_common + - role: product_common + - role: bitbucket_mesh diff --git a/roles/bitbucket_mesh/defaults/main.yml b/roles/bitbucket_mesh/defaults/main.yml new file mode 100644 index 0000000..cb3e292 --- /dev/null +++ b/roles/bitbucket_mesh/defaults/main.yml @@ -0,0 +1,3 @@ +mesh_install_dir: /opt/atlassian/mesh +bitbucket_mesh_maven_repo: https://packages.atlassian.com/maven-external +bitbucket_mesh_version: "1.3.1" \ No newline at end of file diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml new file mode 100644 index 0000000..ce1b820 --- /dev/null +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -0,0 +1,51 @@ +--- + +- name: set up the bitbucket mesh group + ansible.builtin.group: + name: "{{ atl_product_user }}" + gid: 1001 + state: present + +- name: set up the bitbucket mesh user + ansible.builtin.user: + name: "{{ atl_product_user }}" + uid: 1001 + state: present + comment: "mesh_runtime_user" + groups: "{{ atl_product_user }}" + home: "{{ mesh_install_dir }}" + +- name: Create Bitbucket dirs if necessary + ansible.builtin.file: + path: "{{ item }}" + owner: "{{ atl_product_user }}" + group: "{{ atl_product_user }}" + mode: 0750 + state: directory + with_items: + - "{{ atl_home_base }}/{{ atl_product_edition }}" + - "{{ mesh_install_dir }}" + +- name: Template out the mesh service file + ansible.builtin.template: + src: mesh.service.j2 + dest: "/usr/lib/systemd/system/mesh.service" + owner: "root" + group: "root" + mode: 0740 + +- name: download the mesh distribution using maven + community.general.maven_artifact: + group_id: "com.atlassian.bitbucket.mesh" + artifact_id: "mesh-distribution" + extension: "tar.gz" + repository_url: "{{ bitbucket_mesh_maven_repo }}" + dest: "{{ mesh_install_dir }}" + mode: "0644" + owner: "{{ atl_product_user }}" + group: "{{ atl_product_user }}" + register: maven_download + +- name: debug + debug: + var: maven_download \ No newline at end of file diff --git a/roles/bitbucket_mesh/templates/mesh.service.j2 b/roles/bitbucket_mesh/templates/mesh.service.j2 new file mode 100644 index 0000000..f95a22c --- /dev/null +++ b/roles/bitbucket_mesh/templates/mesh.service.j2 @@ -0,0 +1,26 @@ +[Unit] +Description=Atlassian bitbucket-mesh +After=syslog.target network-online.target + +[Service] +Type=forking +UMask=0027 +User={{ atl_product_user }} +Group={{ atl_product_user }} +StandardOutput=journal+console +StandardError=journal+console +LimitNOFILE=65336 +Environment=MESH_HOME={{ atl_home_base }}/{{ atl_product_edition }} +Environment=JAVA_HOME=/usr/lib/jvm/java +Environment=JRE_HOME=/usr/lib/jvm/java +Environment=JMX_REMOTE_AUTH=password +Environment=JMX_PASSWORD_FILE=/var/atlassian/application-data/jmx/jmx.access +Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log" +Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }} +PIDFile={{ atl_home_base }}/{{ atl_product_edition }}/log/mesh.pid +PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME +ExecStart={{ mesh_install_dir }}/current/bin/start-mesh.sh +ExecStop={{ mesh_install_dir }}/current/bin/stop-mesh.sh + +[Install] +WantedBy=multi-user.target \ No newline at end of file From bb92b68bf2678f48178417aead7b0d3883af0df5 Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Wed, 31 Aug 2022 09:40:35 +1000 Subject: [PATCH 02/13] remove user/group since they're done in linux-common. making the mesh version come from product version --- roles/bitbucket_mesh/tasks/main.yml | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index ce1b820..37d8ab3 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -1,25 +1,10 @@ --- -- name: set up the bitbucket mesh group - ansible.builtin.group: - name: "{{ atl_product_user }}" - gid: 1001 - state: present - -- name: set up the bitbucket mesh user - ansible.builtin.user: - name: "{{ atl_product_user }}" - uid: 1001 - state: present - comment: "mesh_runtime_user" - groups: "{{ atl_product_user }}" - home: "{{ mesh_install_dir }}" - - name: Create Bitbucket dirs if necessary ansible.builtin.file: path: "{{ item }}" - owner: "{{ atl_product_user }}" - group: "{{ atl_product_user }}" + owner: "{{ atl_product_user_uid }}" + group: "{{ atl_product_user_uid }}" mode: 0750 state: directory with_items: @@ -39,11 +24,12 @@ group_id: "com.atlassian.bitbucket.mesh" artifact_id: "mesh-distribution" extension: "tar.gz" + version: "{{ atl_product_version }}" repository_url: "{{ bitbucket_mesh_maven_repo }}" dest: "{{ mesh_install_dir }}" mode: "0644" - owner: "{{ atl_product_user }}" - group: "{{ atl_product_user }}" + owner: "{{ atl_product_user_uid }}" + group: "{{ atl_product_user_uid }}" register: maven_download - name: debug From 73de6b7f614e439e88df21b92adfb8df0329cf29 Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Wed, 31 Aug 2022 11:22:19 +1000 Subject: [PATCH 03/13] adding startup role and moving the service template to the normal one --- aws_bitbucket_mesh_node.yml | 17 +++++++- roles/bitbucket_mesh/tasks/main.yml | 41 ++++++++++++++----- .../bitbucket_mesh/templates/mesh.service.j2 | 26 ------------ 3 files changed, 45 insertions(+), 39 deletions(-) delete mode 100644 roles/bitbucket_mesh/templates/mesh.service.j2 diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index 1957b1a..c094cec 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -5,12 +5,25 @@ vars: # See group_vars/aws_node_local.yml, which pull vars from the environment. atl_product_family: "stash" - atl_product_edition: "bitbucket" + atl_product_edition: "mesh" atl_product_user: "bitbucket" - + atl_systemd_service_name: "mesh.service" + atl_startup_systemd_params: + - 'UMask=0027' + - 'Environment=MESH_HOME={{ atl_home_base }}/{{ atl_product_edition }}' + - 'Environment=JAVA_HOME=/usr/lib/jvm/java' + - 'Environment=JRE_HOME=/usr/lib/jvm/java' + - 'Environment=JMX_REMOTE_AUTH=password' + - 'Environment=JMX_PASSWORD_FILE=/var/atlassian/application-data/jmx/jmx.access' + - 'Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log"' + - 'Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}' + atl_startup_exec_path: "{{ mesh_install_dir }}/current/bin/start-mesh.sh" + atl_stop_exec_path: "{{ mesh_install_dir }}/current/bin/stop-mesh.sh" + atl_systemd_service_target: "multi-user.target" roles: - role: linux_common - role: aws_common - role: product_common - role: bitbucket_mesh + - role: product_startup diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index 37d8ab3..ed72725 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -11,14 +11,6 @@ - "{{ atl_home_base }}/{{ atl_product_edition }}" - "{{ mesh_install_dir }}" -- name: Template out the mesh service file - ansible.builtin.template: - src: mesh.service.j2 - dest: "/usr/lib/systemd/system/mesh.service" - owner: "root" - group: "root" - mode: 0740 - - name: download the mesh distribution using maven community.general.maven_artifact: group_id: "com.atlassian.bitbucket.mesh" @@ -27,11 +19,38 @@ version: "{{ atl_product_version }}" repository_url: "{{ bitbucket_mesh_maven_repo }}" dest: "{{ mesh_install_dir }}" + keep_name: yes mode: "0644" owner: "{{ atl_product_user_uid }}" group: "{{ atl_product_user_uid }}" register: maven_download -- name: debug - debug: - var: maven_download \ No newline at end of file +- name: extract the downloaded artifact + ansible.builtin.unarchive: + src: "{{ maven_download.dest }}" + dest: "/opt/atlassian/mesh/" + creates: "/opt/atlassian/mesh/atlassian-bitbucket-mesh-{{ atl_product_version }}" + mode: 0755 + owner: "{{ atl_product_user }}" + group: "{{ atl_product_user }}" + register: mesh_extract + when: + - maven_download.changed | bool + - not maven_download.failed + +# the owner/group on the unarchive above isn't thorough +- name: adjust permissions on the extracted directory + ansible.builtin.file: + state: directory + path: "/opt/atlassian/mesh/atlassian-bitbucket-mesh-{{ atl_product_version }}" + owner: "{{ atl_product_user }}" + group: "{{ atl_product_user }}" + recurse: yes + +- name: symlink to the current version + ansible.builtin.file: + src: "/opt/atlassian/mesh/atlassian-bitbucket-mesh-{{ atl_product_version }}" + dest: "/opt/atlassian/mesh/current" + state: link + when: + - mesh_extract.changed | bool diff --git a/roles/bitbucket_mesh/templates/mesh.service.j2 b/roles/bitbucket_mesh/templates/mesh.service.j2 deleted file mode 100644 index f95a22c..0000000 --- a/roles/bitbucket_mesh/templates/mesh.service.j2 +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Atlassian bitbucket-mesh -After=syslog.target network-online.target - -[Service] -Type=forking -UMask=0027 -User={{ atl_product_user }} -Group={{ atl_product_user }} -StandardOutput=journal+console -StandardError=journal+console -LimitNOFILE=65336 -Environment=MESH_HOME={{ atl_home_base }}/{{ atl_product_edition }} -Environment=JAVA_HOME=/usr/lib/jvm/java -Environment=JRE_HOME=/usr/lib/jvm/java -Environment=JMX_REMOTE_AUTH=password -Environment=JMX_PASSWORD_FILE=/var/atlassian/application-data/jmx/jmx.access -Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log" -Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }} -PIDFile={{ atl_home_base }}/{{ atl_product_edition }}/log/mesh.pid -PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME -ExecStart={{ mesh_install_dir }}/current/bin/start-mesh.sh -ExecStop={{ mesh_install_dir }}/current/bin/stop-mesh.sh - -[Install] -WantedBy=multi-user.target \ No newline at end of file From 1992ab07259ab10f7a2dfd174a171225db4092da Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Wed, 31 Aug 2022 13:49:54 +1000 Subject: [PATCH 04/13] tweaking the service startup options, altering permissions and ensuring the jmx access file exists --- aws_bitbucket_mesh_node.yml | 3 +++ roles/bitbucket_mesh/tasks/main.yml | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index c094cec..a88c2cf 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -17,9 +17,12 @@ - 'Environment=JMX_PASSWORD_FILE=/var/atlassian/application-data/jmx/jmx.access' - 'Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log"' - 'Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}' + - 'PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME' + atl_startup_exec_path: "{{ mesh_install_dir }}/current/bin/start-mesh.sh" atl_stop_exec_path: "{{ mesh_install_dir }}/current/bin/stop-mesh.sh" atl_systemd_service_target: "multi-user.target" + atl_startup_exec_options: [] roles: - role: linux_common diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index ed72725..fa3d29b 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -7,8 +7,10 @@ group: "{{ atl_product_user_uid }}" mode: 0750 state: directory + recurse: yes with_items: - "{{ atl_home_base }}/{{ atl_product_edition }}" + - "{{ atl_home_base }}/{{ atl_product_user }}" - "{{ mesh_install_dir }}" - name: download the mesh distribution using maven @@ -54,3 +56,11 @@ state: link when: - mesh_extract.changed | bool + +- name: touch the jmx password file + ansible.builtin.file: + src: '/var/atlassian/application-data/jmx/jmx.access' + state: touch + owner: "{{ atl_product_user_uid }}" + group: "{{ atl_product_user_uid }}" + mode: 0600 \ No newline at end of file From 88d9f4c4fecaa793b485b888756bde931d8bfea8 Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Wed, 31 Aug 2022 14:22:40 +1000 Subject: [PATCH 05/13] relocating the jmx access file --- aws_bitbucket_mesh_node.yml | 2 +- roles/bitbucket_mesh/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index a88c2cf..975a04d 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -14,7 +14,7 @@ - 'Environment=JAVA_HOME=/usr/lib/jvm/java' - 'Environment=JRE_HOME=/usr/lib/jvm/java' - 'Environment=JMX_REMOTE_AUTH=password' - - 'Environment=JMX_PASSWORD_FILE=/var/atlassian/application-data/jmx/jmx.access' + - 'Environment=JMX_PASSWORD_FILE={{ atl_home_base }}/{{ atl_product_edition }}/jmx.access' - 'Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log"' - 'Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}' - 'PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME' diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index fa3d29b..750be97 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -59,7 +59,7 @@ - name: touch the jmx password file ansible.builtin.file: - src: '/var/atlassian/application-data/jmx/jmx.access' + path: "{{ atl_home_base }}/{{ atl_product_edition }}/jmx.access" state: touch owner: "{{ atl_product_user_uid }}" group: "{{ atl_product_user_uid }}" From b16d16a0fc24512891d6d17be11a9f1bf063197c Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Wed, 31 Aug 2022 15:07:29 +1000 Subject: [PATCH 06/13] modifying the service script to find the correct pid file for mesh nodes --- aws_bitbucket_mesh_node.yml | 1 + roles/product_startup/templates/product.service.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index 975a04d..80ad066 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -7,6 +7,7 @@ atl_product_family: "stash" atl_product_edition: "mesh" atl_product_user: "bitbucket" + atl_product_home: "{{ atl_home_base }}/{{ atl_product_edition }}" atl_systemd_service_name: "mesh.service" atl_startup_systemd_params: - 'UMask=0027' diff --git a/roles/product_startup/templates/product.service.j2 b/roles/product_startup/templates/product.service.j2 index 9c16e66..fa6d398 100644 --- a/roles/product_startup/templates/product.service.j2 +++ b/roles/product_startup/templates/product.service.j2 @@ -17,7 +17,7 @@ StandardError=journal+console {# Bitbucket DC sets up its service start/stop logging in a different way to all our other DC offerings and so we exclude it from having the catalina.out redirect and foreground startup #} {% if (atl_product_family == "stash") %} -PIDFile={{ atl_product_home }}/log/bitbucket.pid +PIDFile={{ atl_product_home }}/log/{{ atl_product_edition }}.pid ExecStart={{ atl_startup_exec_path }}{% for c in atl_startup_exec_options %} {{ c }}{% endfor %} ExecStop={{ atl_stop_exec_path }} From c481e9dd050b98d1b63d049df4c64faa78b2afb9 Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Thu, 1 Sep 2022 09:20:12 +1000 Subject: [PATCH 07/13] removing the jmx parameters by default --- aws_bitbucket_mesh_node.yml | 4 +--- roles/bitbucket_mesh/tasks/main.yml | 9 --------- 2 files changed, 1 insertion(+), 12 deletions(-) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index 80ad066..4192453 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -14,11 +14,9 @@ - 'Environment=MESH_HOME={{ atl_home_base }}/{{ atl_product_edition }}' - 'Environment=JAVA_HOME=/usr/lib/jvm/java' - 'Environment=JRE_HOME=/usr/lib/jvm/java' - - 'Environment=JMX_REMOTE_AUTH=password' - - 'Environment=JMX_PASSWORD_FILE={{ atl_home_base }}/{{ atl_product_edition }}/jmx.access' - 'Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log"' - 'Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}' - - 'PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME' + - 'PassEnvironment=JAVA_HOME' atl_startup_exec_path: "{{ mesh_install_dir }}/current/bin/start-mesh.sh" atl_stop_exec_path: "{{ mesh_install_dir }}/current/bin/stop-mesh.sh" diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index 750be97..b18fde0 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -38,7 +38,6 @@ register: mesh_extract when: - maven_download.changed | bool - - not maven_download.failed # the owner/group on the unarchive above isn't thorough - name: adjust permissions on the extracted directory @@ -56,11 +55,3 @@ state: link when: - mesh_extract.changed | bool - -- name: touch the jmx password file - ansible.builtin.file: - path: "{{ atl_home_base }}/{{ atl_product_edition }}/jmx.access" - state: touch - owner: "{{ atl_product_user_uid }}" - group: "{{ atl_product_user_uid }}" - mode: 0600 \ No newline at end of file From cfa4debc7e8cd74701fdc8fd2251e235c5a06b1b Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Thu, 1 Sep 2022 09:43:26 +1000 Subject: [PATCH 08/13] adding mesh.properties and handlers --- roles/bitbucket_mesh/handlers/main.yml | 19 +++++++++++++++++++ roles/bitbucket_mesh/tasks/main.yml | 8 ++++++++ .../templates/mesh.properties.j2 | 10 ++++++++++ 3 files changed, 37 insertions(+) create mode 100644 roles/bitbucket_mesh/handlers/main.yml create mode 100644 roles/bitbucket_mesh/templates/mesh.properties.j2 diff --git a/roles/bitbucket_mesh/handlers/main.yml b/roles/bitbucket_mesh/handlers/main.yml new file mode 100644 index 0000000..57275c9 --- /dev/null +++ b/roles/bitbucket_mesh/handlers/main.yml @@ -0,0 +1,19 @@ +--- + +- name: Restart Product + service: + name: "{{ atl_systemd_service_name }}" + state: restarted + when: + - atl_startup_restart + - molecule_yml is not defined + no_log: true + +- name: Enable Product + service: + name: "{{ atl_systemd_service_name }}" + enabled: true + when: + - atl_startup_enable + - molecule_yml is not defined + no_log: true diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index b18fde0..7857c7c 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -55,3 +55,11 @@ state: link when: - mesh_extract.changed | bool + +- name: template out mesh.properties + ansible.builtin.template: + src: bitbucket-mesh.properties.j2 + dest: "{{ atl_home_base }}/{{ atl_product_edition }}/mesh.properties" + owner: "{{ atl_product_user }}" + group: "{{ atl_product_user }}" + mode: 0600 diff --git a/roles/bitbucket_mesh/templates/mesh.properties.j2 b/roles/bitbucket_mesh/templates/mesh.properties.j2 new file mode 100644 index 0000000..d658684 --- /dev/null +++ b/roles/bitbucket_mesh/templates/mesh.properties.j2 @@ -0,0 +1,10 @@ +# Listen for gRPC requests on all interfaces by default. This allows connecting to the node remotely +grpc.server.address=0.0.0.0 + +authentication.token={{ ansible_hostname | hash('md5') }} +node.name= {{ ansible_hostname }} +node.id={{ ansible_hostname }} + +jmx.enabled={{ mesh_jmx_enabled | default(false) }} +management.metrics.export.jmx.domain={{ mesh_jmx_export_domain | default("") }} +metrics.tags.host={{ ansible_hostname }} \ No newline at end of file From 4e6a600f5663e3c8d0baea498df844100433197b Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Thu, 1 Sep 2022 09:50:59 +1000 Subject: [PATCH 09/13] renaming the mesh.properties file --- roles/bitbucket_mesh/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index 7857c7c..c737817 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -58,7 +58,7 @@ - name: template out mesh.properties ansible.builtin.template: - src: bitbucket-mesh.properties.j2 + src: mesh.properties.j2 dest: "{{ atl_home_base }}/{{ atl_product_edition }}/mesh.properties" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" From 7a7d2d225943ada4a031932d7a844b84e84be4f5 Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Thu, 1 Sep 2022 10:24:44 +1000 Subject: [PATCH 10/13] adding the jmx file back as mesh is failing to start without it --- aws_bitbucket_mesh_node.yml | 4 +++- roles/bitbucket_mesh/tasks/main.yml | 10 +++++++++- roles/bitbucket_mesh/templates/mesh.properties.j2 | 2 +- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index 4192453..80ad066 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -14,9 +14,11 @@ - 'Environment=MESH_HOME={{ atl_home_base }}/{{ atl_product_edition }}' - 'Environment=JAVA_HOME=/usr/lib/jvm/java' - 'Environment=JRE_HOME=/usr/lib/jvm/java' + - 'Environment=JMX_REMOTE_AUTH=password' + - 'Environment=JMX_PASSWORD_FILE={{ atl_home_base }}/{{ atl_product_edition }}/jmx.access' - 'Environment="JVM_SUPPORT_RECOMMENDED_ARGS=-Dmesh.enabled=true -Dplugin.bitbucket-git.mesh.sidecar.child-process=false -Dcom.sun.management.jmxremote.port=4444 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath={{ atl_home_base }}/{{ atl_product_edition }}/log"' - 'Environment=JVM_MAXIMUM_MEMORY={{ atl_jvm_heap }}' - - 'PassEnvironment=JAVA_HOME' + - 'PassEnvironment=JMX_REMOTE_AUTH JMX_PASSWORD_FILE JAVA_HOME' atl_startup_exec_path: "{{ mesh_install_dir }}/current/bin/start-mesh.sh" atl_stop_exec_path: "{{ mesh_install_dir }}/current/bin/stop-mesh.sh" diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index c737817..8934f16 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -56,10 +56,18 @@ when: - mesh_extract.changed | bool +- name: touch the jmx password file + ansible.builtin.file: + path: "{{ atl_home_base }}/{{ atl_product_edition }}/jmx.access" + state: touch + owner: "{{ atl_product_user_uid }}" + group: "{{ atl_product_user_uid }}" + mode: 0600 + - name: template out mesh.properties ansible.builtin.template: src: mesh.properties.j2 dest: "{{ atl_home_base }}/{{ atl_product_edition }}/mesh.properties" owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" - mode: 0600 + mode: 0600 \ No newline at end of file diff --git a/roles/bitbucket_mesh/templates/mesh.properties.j2 b/roles/bitbucket_mesh/templates/mesh.properties.j2 index d658684..1143ced 100644 --- a/roles/bitbucket_mesh/templates/mesh.properties.j2 +++ b/roles/bitbucket_mesh/templates/mesh.properties.j2 @@ -2,7 +2,7 @@ grpc.server.address=0.0.0.0 authentication.token={{ ansible_hostname | hash('md5') }} -node.name= {{ ansible_hostname }} +node.name={{ ansible_hostname }} node.id={{ ansible_hostname }} jmx.enabled={{ mesh_jmx_enabled | default(false) }} From 1cdfd4fd464eb25fb425a6fda21ac4c1b458ad3b Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Thu, 15 Sep 2022 13:26:08 +1000 Subject: [PATCH 11/13] removing the template of mesh.properties for now --- roles/bitbucket_mesh/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/bitbucket_mesh/tasks/main.yml b/roles/bitbucket_mesh/tasks/main.yml index 8934f16..c9b3e77 100644 --- a/roles/bitbucket_mesh/tasks/main.yml +++ b/roles/bitbucket_mesh/tasks/main.yml @@ -64,10 +64,10 @@ group: "{{ atl_product_user_uid }}" mode: 0600 -- name: template out mesh.properties - ansible.builtin.template: - src: mesh.properties.j2 - dest: "{{ atl_home_base }}/{{ atl_product_edition }}/mesh.properties" - owner: "{{ atl_product_user }}" - group: "{{ atl_product_user }}" - mode: 0600 \ No newline at end of file +# - name: template out mesh.properties +# ansible.builtin.template: +# src: mesh.properties.j2 +# dest: "{{ atl_home_base }}/{{ atl_product_edition }}/mesh.properties" +# owner: "{{ atl_product_user }}" +# group: "{{ atl_product_user }}" +# mode: 0600 \ No newline at end of file From 392f8a0476e18cac367587736beaf14d47fc5fae Mon Sep 17 00:00:00 2001 From: Geoff Jacobs Date: Mon, 19 Sep 2022 13:20:57 +1000 Subject: [PATCH 12/13] adding efs to the mesh nodes to share files between them (not used for normal data storage). Also used in ansible jobs that require to only be run from one of the x nodes. --- aws_bitbucket_mesh_node.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/aws_bitbucket_mesh_node.yml b/aws_bitbucket_mesh_node.yml index 80ad066..9af397f 100644 --- a/aws_bitbucket_mesh_node.yml +++ b/aws_bitbucket_mesh_node.yml @@ -28,6 +28,7 @@ roles: - role: linux_common - role: aws_common + - role: aws_shared_fs_config - role: product_common - role: bitbucket_mesh - role: product_startup From 650bb0b916da19a6cbf1c63aa615a26164cf9d62 Mon Sep 17 00:00:00 2001 From: Lee Goolsbee Date: Mon, 26 Sep 2022 09:18:03 -0500 Subject: [PATCH 13/13] ITPLT-1857 use FQCN for bb mesh handler tasks --- roles/bitbucket_mesh/handlers/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/bitbucket_mesh/handlers/main.yml b/roles/bitbucket_mesh/handlers/main.yml index 57275c9..d0864a8 100644 --- a/roles/bitbucket_mesh/handlers/main.yml +++ b/roles/bitbucket_mesh/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: Restart Product - service: + ansible.builtin.service: name: "{{ atl_systemd_service_name }}" state: restarted when: @@ -10,7 +10,7 @@ no_log: true - name: Enable Product - service: + ansible.builtin.service: name: "{{ atl_systemd_service_name }}" enabled: true when: