DCD-352: First cut of a synchrony startup script.

2025-12-14 08:53:07 -06:00 · 2019-05-28 14:06:45 +10:00
parent de9453b8ca
commit b23a2a40d8
8 changed files with 171 additions and 1 deletions
--- a/aws_confluence_synchrony_node.yml
+++ b/aws_confluence_synchrony_node.yml
@@ -0,0 +1,20 @@
 ---
 - hosts: aws_node_local
  become: true
  vars:
    # See group_vars/aws_node_local.yml, which pull vars from the environment.
    atl_product_family: "confluence"
    atl_product_user: "confluence"
    atl_product_edition: "confluence"
  roles:
    - role: linux_common
    - role: aws_common
    - role: aws_efs_config
    - role: product_common
    - role: product_install
    - role: confluence_common
    # Synchrony is 12-factor, so configuration in the startup
    - role: synchrony_startup
--- a/roles/synchrony_startup/defaults/main.yml
+++ b/roles/synchrony_startup/defaults/main.yml
@@ -0,0 +1,7 @@
 ---
 # FIXME: Add others as map?
 atl_synchrony_cluster_type: "aws"
 atl_synchrony_memory: "{{ lookup('env', 'ATL_SYNCHRONY_MEMORY') or '-Xmx2g'"
 atl_synchrony_stack_space: "{{ lookup('env', 'ATL_SYNCHRONY_STACK_SPACE') or '-Xss2048k'"
--- a/roles/synchrony_startup/files/start-synchrony
+++ b/roles/synchrony_startup/files/start-synchrony
@@ -0,0 +1,63 @@
 #!/bin/bash
 set -e
 # Synchrony startup wrapper for systemd. Note: This expects the
 # environment to be setup, usually by sourceing /etc/atl and
 # /etc/atl.synchrony with EnvironmentFile. See the rest of this role
 # for details. The rest of the variables below need to be calculated
 # at runtime.
 # Find the first Postgres driver in lib folder
 SYNCHRONY_JWT_PRIVATE_KEY="UNSET"
 SYNCHRONY_JWT_PUBLIC_KEY="UNSET"
 ATL_POSTGRES_DRIVER_PATH=$(ls -t ${ATL_CONFLUENCE_INSTALL_DIR}/confluence/WEB-INF/lib/postgresql*.jar | head -n 1)
 SYNCHRONY_CLASSPATH="${ATL_SYNCHRONY_JAR_PATH}:${ATL_POSTGRES_DRIVER_PATH}"
 # To support retries these commands won't fail the script by virtue of using `--shell` option for xmllint.
 function extractJWTKeyFromConfluenceConfig {
    local keyType=$1
    if [[ "${keyType}" != "jwt.private.key" && "${keyType}" != "jwt.public.key" ]]; then
        atl_log "Unexpected value for keyType - ${keyType} to extract JWT key from confluence.cfg.xml"
        exit 1
    fi
    echo "cat //properties/property[@name='${keyType}']/text()" | xmllint --nocdata --shell ${ATL_CONFLUENCE_SHARED_CONFIG_FILE} | sed '1d;$d'
 }
 # Synchrony requires JWT keys to communicate with Confluence application. These keys are written to the config file
 # after admin will go through the setup and provide license. This function waits for the keys being available in the
 # config file.
 function waitForConfluenceConfigInSharedHome() {
    atl_log "=== BEGIN: Waiting for confluence.cfg.xml available in shared home folder ==="
    while [[ ! -f ${ATL_CONFLUENCE_SHARED_CONFIG_FILE} ]]; do
 	sleep ${ATL_SYNCHRONY_WAITING_CONFIG_TIME}
 	atl_log "====== :   Keep waiting for ${ATL_SYNCHRONY_WAITING_CONFIG_TIME} seconds ======"
    done
    atl_log "====== : Fetching JWT keys from Confluence config... ======"
    while [[ -z ${SYNCHRONY_JWT_PRIVATE_KEY} || -z ${SYNCHRONY_JWT_PUBLIC_KEY} ]]; do
    	SYNCHRONY_JWT_PRIVATE_KEY=$(extractJWTKeyFromConfluenceConfig 'jwt.private.key') >> ${ATL_LOG} 2>&1
        SYNCHRONY_JWT_PUBLIC_KEY=$(extractJWTKeyFromConfluenceConfig 'jwt.public.key') >> ${ATL_LOG} 2>&1
        if [[ -z ${SYNCHRONY_JWT_PRIVATE_KEY} || -z ${SYNCHRONY_JWT_PUBLIC_KEY} ]]; then
 	    atl_log "====== :   Could not load value for JWT key; will wait for next ${ATL_SYNCHRONY_WAITING_CONFIG_TIME} seconds before reload ======"
 	    sleep ${ATL_SYNCHRONY_WAITING_CONFIG_TIME}
        fi
    done
    atl_log "=== END: Waiting for confluence.cfg.xml available in shared home folder ==="
 }
 ######################################################################
 # Start Synchrony service
 waitForConfluenceConfigInSharedHome
 exec ${_RUNJAVA} \
     ${SYNCHRONY_CLASSPATH} \
     ${ATL_SYNCHRONY_JVM_PROPERTIES} \
     -Djwt.private.key=${SYNCHRONY_JWT_PRIVATE_KEY} \
     -Djwt.public.key=${SYNCHRONY_JWT_PUBLIC_KEY} \
     synchrony.core sql
--- a/roles/synchrony_startup/handlers/main.yml
+++ b/roles/synchrony_startup/handlers/main.yml
@@ -0,0 +1,9 @@
 ---
 - name: Restart Synchrony
  service:
    name: synchrony.service
    state: restarted
 - name: Enable Synchrony
  command: systemctl enable synchrony.service
--- a/roles/synchrony_startup/tasks/main.yml
+++ b/roles/synchrony_startup/tasks/main.yml
@@ -0,0 +1,27 @@
 ---
 - name: Install the startup wrapper script
  copy:
    src: start-synchrony
    dest: "{{ atl_installation_base }}/bin/start-synchrony"
    group: "{{ atl_product_user }}"
    mode: "0750"
  notify:
    - Restart Synchrony
 - name: Install the Synchrony environment settings
  template:
    src: "atl.synchrony.j2"
    dest: "/etc/atl.synchrony"
    group: "{{ atl_product_user }}"
    mode: "0640"    
  notify:
    - Restart Synchrony
 - name: "Install Synchrony service file"
  template:
    src: "synchrony.service.j2"
    dest: "/etc/systemd/system/synchrony.service"
  notify:
    - Enable Synchrony
    - Restart Synchrony
--- a/roles/synchrony_startup/templates/atl.synchrony.j2
+++ b/roles/synchrony_startup/templates/atl.synchrony.j2
@@ -0,0 +1,28 @@
 # Generated by Ansible Synchrony playbook. Usually sourced with
 # EnvironmentFile in the systemd service file.
 ATL_SYNCHRONY_SERVICE_NAME="synchrony"
 ATL_CONFLUENCE_INSTALL_DIR="{{ atl_product_installation_current }}"
 ATL_CONFLUENCE_SHARED_CONFIG_FILE="{{ atl_product_home_shared }}/confluence.cfg.xml"
 ATL_SYNCHRONY_JAR_PATH="{{ atl_product_installation_current }}/confluence/WEB-INF/packages/synchrony-standalone.jar"
 AWS_EC2_PRIVATE_IP="{{ atl_local_ipv4 }}"
 _RUNJAVA="{{ atl_product_installation_current }}/jre/bin/java"
 ATL_SYNCHRONY_JVM_PROPERTIES="{{ atl_synchrony_stack_space }} {{ atl_synchrony_memory }} \
 -Dsynchrony.cluster.impl=hazelcast-btf \
 -Dsynchrony.database.url={{ atl_jdbc_url }} \
 -Dsynchrony.database.username={{ atl_jdbc_user }} \
 -Dsynchrony.database.password={{ atl_jdbc_password }} \
 -Dsynchrony.bind={{ atl_local_ipv4 }} \
 -Dsynchrony.cluster.bind={{ atl_local_ipv4 }} \
 -Dcluster.interfaces={{ atl_local_ipv4 }} \
 -Dsynchrony.cluster.base.port=25500 \
 -Dsynchrony.service.url={{ atl_synchrony_service_url }} \
 -Dsynchrony.context.path=/synchrony \
 -Dsynchrony.port=8091 \
 -Dcluster.name=Synchrony-Cluster \
 -Dcluster.join.type={{ atl_synchrony_cluster_type }} \
 -Dcluster.join.aws.tag.key={{ atl_hazelcast_network_aws_tag_key }} \
 -Dcluster.join.aws.tag.value={{ atl_hazelcast_network_aws_tag_value }} \
 -Dcluster.join.aws.region={{ atl_hazelcast_network_aws_iam_region }}
--- a/roles/synchrony_startup/templates/synchrony.service.j2
+++ b/roles/synchrony_startup/templates/synchrony.service.j2
@@ -0,0 +1,16 @@
 [Unit]
 Description=Atlassian Synchrony Server
 After=network-online.target
 [Service]
 User={{ atl_product_user }}
 Group={{ atl_product_user }}
 EnvironmentFile=/etc/atl
 EnvironmentFile=/etc/atl.synchrony
 ExecStart={{ atl_product_installation_current }}/bin/{{ atl_startup_script_map[atl_product_family] }} -fg
 Restart=on-failure
 [Install]
 WantedBy=multi-target.target