--- # This role will attempt to fetch and load the backup manifest from a # remote S3 URL. On successful completion the contents of JSON or YAML # document will be in the var `atl_backup_manifest`. # # PREREQUISITES: # * `atl_backup_manifest_url` points at the manifest. # * The shared home filesystem is mounted if necessary (e.g. NFS/EFS). # * The database has been created and the variable `db_created` is # registered with the result (i.e: `register: db_created`). # # NOTE: The actual DB/FS restore operations could potentially be split # out into discrete roles, but currently that is not required. # # TODO: Support HTTPS with authentication. Deferred until after the # initial testing release. - block: - name: Ensure temp directory is present file: path: "{{ atl_installer_temp }}" state: directory mode: 0750 owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" changed_when: false # For Molecule idempotence check - name: Parse the manifest URL set_fact: atl_backup_manifest_url: "{{ atl_backup_manifest_url | urlsplit }}" - name: Extract manifest file information set_fact: atl_backup_manifest_bucket: "{{ atl_backup_manifest_url.hostname }}" atl_backup_manifest_path: "{{ atl_backup_manifest_url.path }}" atl_backup_manifest_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest_url.path | basename }}" - name: Fetch the manifest from S3 aws_s3: mode: get overwrite: different bucket: "{{ atl_backup_manifest_bucket }}" object: "{{ atl_backup_manifest_path }}" dest: "{{ atl_backup_manifest_dest }}" when: atl_backup_manifest_url.scheme == 's3' - name: Load parameters from manifest include_vars: file: "{{ atl_backup_manifest_dest }}" name: atl_backup_manifest - name: Define the DB and home dump destinations set_fact: # FIXME: The manifest format is still undecided so the # following usages will need to be updated once it settles.. atl_backup_id: "{{ atl_backup_manifest.name }}" atl_backup_db_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest.artifacts.db.location.location | basename }}" atl_backup_home_dest: "{{ atl_installer_temp }}/{{ atl_backup_manifest.artifacts.sharedHome.location.location | basename }}" # FIXME: Here we fetch the backups. However we may wish to stream # these directly from S3 to the target DB/FS to avoid requiring # disk-space for the intermediate files. - name: Fetch DB backup from S3 aws_s3: mode: get overwrite: different bucket: "{{ atl_backup_manifest.artifacts.db.location.location | urlsplit('hostname') }}" object: "{{ atl_backup_manifest.artifacts.db.location.location | urlsplit('path') }}" # We save the backup as a .tar file so that the postgresql_db module uses pg_restore instead of psql to do restore # This can be removed when ansible 2.10 is released dest: "{{ atl_backup_db_dest }}.tar" - name: Fetch Home backup from S3 aws_s3: mode: get overwrite: different bucket: "{{ atl_backup_manifest.artifacts.sharedHome.location.location | urlsplit('hostname') }}" object: "{{ atl_backup_manifest.artifacts.sharedHome.location.location | urlsplit('path') }}" dest: "{{ atl_backup_home_dest }}" - name: Install distro-specific restore support packages include_tasks: "{{ ansible_distribution|lower }}.yml" - name: Restore application database postgresql_db: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" port: "{{ atl_db_port }}" name: "{{ atl_jdbc_db_name }}" owner: "{{ atl_jdbc_user }}" encoding: "{{ atl_jdbc_encoding }}" lc_collate: "{{ atl_jdbc_collation }}" lc_ctype: "{{ atl_jdbc_ctype }}" template: "{{ atl_jdbc_template }}" # Depends on fetch_backup roles state: restore target: "{{ atl_backup_db_dest }}.tar" target_opts: "-Fc" register: result # managed DBs in cloud providers are not allowing full root access to the DB engine, we can safely ignore the COMMENT ON EXTENSION error failed_when: - result.rc != 0 - '"COMMENT ON EXTENSION" not in result.msg' when: db_created.changed and atl_backup_db_dest is defined - name: Restore shared home include_tasks: "{{ home_restore.yml }}" when: atl_restore_required