DCD-386: Convert Synchrony startup to new general systemd role.

roles/synchrony_config/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+
+# FIXME: Add others as map?
+atl_synchrony_cluster_type: "aws"
+
+atl_synchrony_memory: "{{ lookup('env', 'ATL_SYNCHRONY_MEMORY') or '-Xmx2g' }}"
+atl_synchrony_stack_space: "{{ lookup('env', 'ATL_SYNCHRONY_STACK_SPACE') or '-Xss2048k' }}"

roles/synchrony_config/files/start-synchrony

@@ -0,0 +1,63 @@
+#!/bin/bash
+
+set -e
+
+# Synchrony startup wrapper for systemd. Note: This expects the
+# environment to be setup, usually by sourceing /etc/atl and
+# /etc/atl.synchrony with EnvironmentFile. See the rest of this role
+# for details. The rest of the variables below need to be calculated
+# at runtime.
+
+# Find the first Postgres driver in lib folder
+SYNCHRONY_JWT_PRIVATE_KEY=""
+SYNCHRONY_JWT_PUBLIC_KEY=""
+
+ATL_POSTGRES_DRIVER_PATH=$(ls -t ${ATL_CONFLUENCE_INSTALL_DIR}/confluence/WEB-INF/lib/postgresql*.jar | head -n 1)
+SYNCHRONY_CLASSPATH="${ATL_SYNCHRONY_JAR_PATH}:${ATL_POSTGRES_DRIVER_PATH}"
+
+
+# To support retries these commands won't fail the script by virtue of using `--shell` option for xmllint.
+function extractJWTKeyFromConfluenceConfig {
+    local keyType=$1
+    if [[ "${keyType}" != "jwt.private.key" && "${keyType}" != "jwt.public.key" ]]; then
+        echo "Unexpected value for keyType - ${keyType} to extract JWT key from confluence.cfg.xml"
+        exit 1
+    fi
+    echo "cat //properties/property[@name='${keyType}']/text()" | xmllint --nocdata --shell ${ATL_CONFLUENCE_SHARED_CONFIG_FILE} | sed '1d;$d'
+}
+
+# Synchrony requires JWT keys to communicate with Confluence application. These keys are written to the config file
+# after admin will go through the setup and provide license. This function waits for the keys being available in the
+# config file.
+function waitForConfluenceConfigInSharedHome() {
+    echo "=== BEGIN: Waiting for confluence.cfg.xml available in shared home folder ==="
+    while [[ ! -f ${ATL_CONFLUENCE_SHARED_CONFIG_FILE} ]]; do
+	sleep ${ATL_SYNCHRONY_WAITING_CONFIG_TIME}
+	echo "====== :   Keep waiting for ${ATL_SYNCHRONY_WAITING_CONFIG_TIME} seconds ======"
+    done
+
+    echo "====== : Fetching JWT keys from Confluence config... ======"
+    while [[ -z ${SYNCHRONY_JWT_PRIVATE_KEY} || -z ${SYNCHRONY_JWT_PUBLIC_KEY} ]]; do
+    	SYNCHRONY_JWT_PRIVATE_KEY=$(extractJWTKeyFromConfluenceConfig 'jwt.private.key') 2>&1
+        SYNCHRONY_JWT_PUBLIC_KEY=$(extractJWTKeyFromConfluenceConfig 'jwt.public.key') 2>&1
+        if [[ -z ${SYNCHRONY_JWT_PRIVATE_KEY} || -z ${SYNCHRONY_JWT_PUBLIC_KEY} ]]; then
+	    echo "====== :   Could not load value for JWT key; will wait for next ${ATL_SYNCHRONY_WAITING_CONFIG_TIME} seconds before reload ======"
+	    sleep ${ATL_SYNCHRONY_WAITING_CONFIG_TIME}
+        fi
+    done
+
+    echo "=== END: Waiting for confluence.cfg.xml available in shared home folder ==="
+}
+
+
+######################################################################
+# Start Synchrony service
+
+waitForConfluenceConfigInSharedHome
+
+exec ${_RUNJAVA} \
+     -classpath ${SYNCHRONY_CLASSPATH} \
+     ${ATL_SYNCHRONY_JVM_PROPERTIES} \
+     -Djwt.private.key=${SYNCHRONY_JWT_PRIVATE_KEY} \
+     -Djwt.public.key=${SYNCHRONY_JWT_PUBLIC_KEY} \
+     synchrony.core sql

roles/synchrony_config/tasks/main.yml

@@ -0,0 +1,15 @@
+---
+
+- name: Install the startup wrapper script
+  copy:
+    src: start-synchrony
+    dest: "{{ atl_installation_base }}/bin/start-synchrony"
+    group: "{{ atl_product_user }}"
+    mode: "0750"
+
+- name: Install the Synchrony environment settings
+  template:
+    src: "atl.synchrony.j2"
+    dest: "/etc/atl.synchrony"
+    group: "{{ atl_product_user }}"
+    mode: "0640"    

roles/synchrony_config/templates/atl.synchrony.j2

@@ -0,0 +1,28 @@
+# Generated by Ansible Synchrony playbook. Usually sourced with
+# EnvironmentFile in the systemd service file.
+
+ATL_SYNCHRONY_SERVICE_NAME="synchrony"
+ATL_CONFLUENCE_INSTALL_DIR="{{ atl_product_installation_current }}"
+ATL_CONFLUENCE_SHARED_CONFIG_FILE="{{ atl_product_home_shared }}/confluence.cfg.xml"
+ATL_SYNCHRONY_JAR_PATH="{{ atl_product_installation_current }}/confluence/WEB-INF/packages/synchrony-standalone.jar"
+
+AWS_EC2_PRIVATE_IP="{{ atl_local_ipv4 }}"
+_RUNJAVA="{{ atl_product_installation_current }}/jre/bin/java"
+
+ATL_SYNCHRONY_JVM_PROPERTIES="{{ atl_synchrony_stack_space }} {{ atl_synchrony_memory }} \
+ -Dsynchrony.cluster.impl=hazelcast-btf \
+ -Dsynchrony.database.url={{ atl_jdbc_url }} \
+ -Dsynchrony.database.username={{ atl_jdbc_user }} \
+ -Dsynchrony.database.password={{ atl_jdbc_password }} \
+ -Dsynchrony.bind={{ atl_local_ipv4 }} \
+ -Dsynchrony.cluster.bind={{ atl_local_ipv4 }} \
+ -Dcluster.interfaces={{ atl_local_ipv4 }} \
+ -Dsynchrony.cluster.base.port=25500 \
+ -Dsynchrony.service.url={{ atl_synchrony_service_url }} \
+ -Dsynchrony.context.path=/synchrony \
+ -Dsynchrony.port=8091 \
+ -Dcluster.name=Synchrony-Cluster \
+ -Dcluster.join.type={{ atl_synchrony_cluster_type }} \
+ -Dcluster.join.aws.tag.key={{ atl_hazelcast_network_aws_tag_key }} \
+ -Dcluster.join.aws.tag.value={{ atl_hazelcast_network_aws_tag_value }} \
+ -Dcluster.join.aws.region={{ atl_hazelcast_network_aws_iam_region }}"