1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00

Merge pull request #3241 from holta/mongodb-spring-cleaning

WIP: Tighten up roles/mongodb — runs 'apt-mark hold mongodb-org mongodb-org-server' on 64-bit RPi if installing MongoDB >= 5.0
This commit is contained in:
A Holt 2022-06-10 00:51:18 -04:00 committed by GitHub
commit be71adc6a1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 109 additions and 62 deletions

View file

@ -20,6 +20,12 @@
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
mongodb_64bit_version: 4.4 # 5.0 also works as of 2022-06-09, but can fail on
# "pre-2011" CPU's lacking AVX. VERIFY both X.Y versions exist (+ work!) below:
#
# 1) https://www.mongodb.org/static/pgp/server-X.Y.asc ~= https://pgp.mongodb.com
# 2) http://repo.mongodb.org/apt/debian &/OR https://repo.mongodb.org/apt/ubuntu
mongodb_conf: /etc/mongod.conf mongodb_conf: /etc/mongod.conf
mongodb_db_path: "{{ content_base }}/dbdata/mongodb" # /library/dbdata/mongodb mongodb_db_path: "{{ content_base }}/dbdata/mongodb" # /library/dbdata/mongodb
mongodb_db_lock_file: "{{ mongodb_db_path }}/mongod.lock" mongodb_db_lock_file: "{{ mongodb_db_path }}/mongod.lock"

View file

@ -1,4 +1,9 @@
# 1. INSTALL MongoDB PACKAGES OR BINARIES # MongoDB Install Docs:
# https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/
# https://www.mongodb.com/docs/manual/installation/
# 1. INSTALL MongoDB PACKAGES AND/OR BINARIES
# 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so # 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so
# https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/ is # https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/ is
@ -52,62 +57,80 @@
src: mongod.conf.j2 src: mongod.conf.j2
dest: "{{ mongodb_conf }}" # /etc/mongod.conf dest: "{{ mongodb_conf }}" # /etc/mongod.conf
- name: 'Create 2 dirs: /var/lib/mongodb, /var/log/mongodb (mongodb:mongodb)'
file:
state: directory
path: "{{ item }}"
owner: mongodb
group: mongodb
with_items:
- /var/lib/mongodb
- /var/log/mongodb
# end block # end block
when: not (ansible_architecture == "x86_64" or ansible_architecture == "aarch64") when: not (ansible_architecture == "x86_64" or ansible_architecture == "aarch64")
# 32-bit OS's are handled above: this should handle aarch32 including 32-bit # 32-bit OS's are handled above: this should handle aarch32 including 32-bit
# Ubuntu from https://ubuntu.com/download/raspberry-pi but Ubuntu 20.04 32-bit # Ubuntu from https://ubuntu.com/download/raspberry-pi but Ubuntu 20.04+ and
# might fail untested, and 32-bit Intel might puke as this was orginally # 22.04+ 32-bit might fail untested, and 32-bit Intel might puke as this was
# deployed for Raspbian. (Haven't seen bootable 32-bit Intel installers for a # orginally deployed for Raspbian. (Haven't seen bootable 32-bit Intel
# while now.) 64-bit OS's proceed below. # installers for a while now.) 64-bit OS's proceed below.
- block: - block:
- name: Add mongodb.org signing key (only 64-bit support available) - name: Add mongodb.org signing key (only 64-bit support available) for MongoDB version {{ mongodb_64bit_version }}
shell: wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | apt-key add - shell: wget -qO - https://www.mongodb.org/static/pgp/server-{{ mongodb_64bit_version }}.asc | apt-key add -
#shell: wget -qO - https://pgp.mongodb.com/server-{{ mongodb_64bit_version }}.asc | apt-key add -
args: args:
warn: false warn: false
- name: Use mongodb-org's Debian repo for Debian (only amd64 support available) - name: Install mongodb-org's Debian buster source/repo (we only use x86_64 i.e. arm64) for MongoDB version {{ mongodb_64bit_version }}
apt_repository: apt_repository:
# 2020-10-28: http://repo.mongodb.org/apt/debian/dists/ supports only # 2020-10-28 and 2022-06-09: http://repo.mongodb.org/apt/debian/dists/
# {buster 10, stretch 9, jessie 8, wheezy 7} # supports only {Buster 10, Stretch 9, Jessie 8, Wheezy 7}. So Bullseye
# so Debian 11 "Bullseye" (testing branch) can revert to buster for now: # 11 and Bookworm 12 (testing branch) revert to buster for now:
repo: deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main repo: deb http://repo.mongodb.org/apt/debian buster/mongodb-org/{{ mongodb_64bit_version }} main
#repo: deb http://repo.mongodb.org/apt/debian {{ ansible_distribution_release }}/mongodb-org/4.4 main #repo: deb http://repo.mongodb.org/apt/debian {{ ansible_distribution_release }}/mongodb-org/4.4 main
state: present state: present
filename: mongodb-org filename: mongodb-org
when: is_debian and (ansible_architecture == "x86_64") when: is_debian and ansible_architecture == "x86_64"
# Debian 10 aarch64 might work below but is blocked in main.yml - name: Otherwise install mongodb-org's Ubuntu focal source/repo [ arch=amd64,arm64 ] for MongoDB version {{ mongodb_64bit_version }}
- name: Use mongodb-org's Ubuntu focal repo for RasPiOS-aarch64
apt_repository: apt_repository:
repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/{{ mongodb_64bit_version }} multiverse
state: present state: present
filename: mongodb-org filename: mongodb-org
when: is_raspbian and (ansible_architecture == "aarch64") when: not (is_debian and ansible_architecture == "x86_64")
- name: Use mongodb-org's Ubuntu focal repo for Linux Mint - 64bit only # # Debian 10 aarch64 might work below but is blocked in main.yml
apt_repository: # - name: Use mongodb-org's Ubuntu focal repo for RasPiOS-aarch64
repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse # apt_repository:
state: present # repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse
filename: mongodb-org # state: present
when: is_linuxmint # filename: mongodb-org
# when: is_raspbian and ansible_architecture == "aarch64"
- name: Use mongodb-org's Ubuntu repo for all non-Mint Ubuntu - 64bit only # - name: Use mongodb-org's Ubuntu focal repo for Linux Mint - 64bit only
apt_repository: # apt_repository:
# 2020-10-27: https://repo.mongodb.org/apt/ubuntu/dists/ supports only # repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse
# {focal 20.04, bionic 18.04, xenial 16.04, trusty 14.04, precise 12.04} # state: present
# so other Ubuntu's like groovy 20.10 need to revert to recent LTS repo: # filename: mongodb-org
repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse # when: is_linuxmint
#repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu {{ ansible_distribution_release }}/mongodb-org/4.4 multiverse
state: present # - name: Use mongodb-org's Ubuntu repo for all non-Mint Ubuntu - 64bit only
filename: mongodb-org # apt_repository:
when: is_ubuntu and not is_linuxmint # # 2020-10-27: https://repo.mongodb.org/apt/ubuntu/dists/ supports only
# # {focal 20.04, bionic 18.04, xenial 16.04, trusty 14.04, precise 12.04}
# # so other Ubuntu's like groovy 20.10 need to revert to recent LTS repo:
# repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse
# #repo: deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu {{ ansible_distribution_release }}/mongodb-org/4.4 multiverse
# state: present
# filename: mongodb-org
# when: is_ubuntu and not is_linuxmint
- name: "Install packages: mongodb-org, mongodb-org-server" - name: "Install packages: mongodb-org, mongodb-org-server"
package: package:
name: name:
- mongodb-org - mongodb-org # Meta-package that's auto-installed anyway (SO PROB UNNEC HERE?)
- mongodb-org-server - mongodb-org-server
state: present state: present
@ -121,56 +144,73 @@
- name: Establish {{ mongodb_conf }} port {{ mongodb_port }} -- takes effect on next (re)start of mongodb.service -- via enable-or-disable.yml or via sugarizer.service auto-starting MongoDB on demand - name: Establish {{ mongodb_conf }} port {{ mongodb_port }} -- takes effect on next (re)start of mongodb.service -- via enable-or-disable.yml or via sugarizer.service auto-starting MongoDB on demand
lineinfile: lineinfile:
path: "{{ mongodb_conf }}" path: "{{ mongodb_conf }}"
regexp: '^\s*port:' # \s = any whitespace char. stackoverflow.com/a/38491899 regexp: '^\s*port:'
line: " port: {{ mongodb_port }}" # 27017 line: " port: {{ mongodb_port }}" # 27017
# 2022-06-07 #3236 MongoDB 5.0.9 "Illegal instruction" on RPi 4 also reveals: # 2022-06-07 #3236 MongoDB 5.0.9 "Illegal instruction" on RPi 4...
# (1) dbPath fix in /etc/mongod.conf (~12 lines above) from /var/lib/mongodb # https://www.mongodb.com/community/forums/t/core-dump-on-mongodb-5-0-on-rpi-4/115291/14
# to /library/dbdata/mongodb # ...as ARM v8-A < ARM v8.2-A ...also reveals:
# (2) mongod.lock is effectively NO LONGER A LOCK FILE -- but rather a PID #
# (1) For Intel x86_64, MongoDB 5.x requires Sandy Bridge or later.
# For AMD x86_64, MongoDB 5.x requires Bulldozer or later.
# Roughly speaking, this means post-2011 CPUs with AVX instructions:
# https://github.com/docker-library/mongo/issues/485#issuecomment-891991814
# (2) dbPath needed fixing in /etc/mongod.conf (~16 lines above) from
# /var/lib/mongodb to /library/dbdata/mongodb
# (3) mongod.lock is effectively NO LONGER A LOCK FILE -- but rather a PID
# file (it may be zero bytes, but never goes away) as confirmed with # file (it may be zero bytes, but never goes away) as confirmed with
# MongoDB 4.4.14 on RPi 4 and 5.0.9 Ubuntu 22.04 on x86_64. And now # MongoDB 4.4.14 on RPi 4 and 5.0.9 Ubuntu 22.04 on x86_64. And now
# 'mongod --repair --dbpath /library/dbdata/mongodb/' IGNORES mongod.lock # 'mongod --repair --dbpath /library/dbdata/mongodb/' IGNORES mongod.lock
# (3) mongodb.service should really use a more graceful way to shut down # (4) mongodb.service needed a more graceful way to shut down than
# than 'killall mongod' (MongoDB 5+ shuts down w/ 15sec quiesce period). # 'killall mongod' (MongoDB 5+ shuts down w/ 15sec quiesce period).
# (4) MongoDB 6.0 is likely imminent but in the meantime a 2022-01-12 option # (5) MongoDB 6.0 is likely imminent; meantime a 2022-01-12 option (~12
# (stanza below) is MongoDB 5.0.5 compiled for 64-bit RPi 4 and RPi 400: # lines below) is MongoDB 5.0.5 compiled for 64-bit RPi 4 and RPi 400:
# https://andyfelong.com/downloads/raspbian_mongodb_5.0.5.gz # https://andyfelong.com/downloads/raspbian_mongodb_5.0.5.gz
# https://andyfelong.com/2021/08/mongodb-4-4-under-raspberry-pi-os-64-bit-raspbian64/ # https://andyfelong.com/2021/08/mongodb-4-4-under-raspberry-pi-os-64-bit-raspbian64/
- name: OVERWRITING AN APT PACKAGE IS RISKY (IT MIGHT LATER UPDATE + OVERWRITE THIS!) BUT FOR NOW download & unzip 76MB http://download.iiab.io/packages/raspbian_mongodb_5.0.5.gz OVERWRITING 5.0.9+ {mongo, mongod, mongos} in /usr/bin - name: If hardware is Raspberry Pi and mongodb_64bit_version >= 5.0, run 'apt-mark hold mongodb-org mongodb-org-server' -- so MongoDB 5.0.5 binaries {mongo, mongod, mongos} can be installed without apt interfering in future
command: apt-mark hold mongodb-org mongodb-org-server
when: rpi_model != "none" and mongodb_64bit_version is version('5.0', '>=')
- name: If hardware is Raspberry Pi and mongodb_64bit_version >= 5.0, unarchive 76MB {{ iiab_download_url }}//packages/raspbian_mongodb_5.0.5.gz OVERWRITING 5.0.9+ {mongo, mongod, mongos} in /usr/bin
unarchive: unarchive:
remote_src: yes remote_src: yes
src: "{{ iiab_download_url }}/raspbian_mongodb_5.0.5.gz" src: "{{ iiab_download_url }}/raspbian_mongodb_5.0.5.gz"
dest: /usr/bin dest: /usr/bin
when: rpi_model != "none" when: rpi_model != "none" and mongodb_64bit_version is version('5.0', '>=')
# end block # end block
when: ansible_architecture == "aarch64" or ansible_architecture == "x86_64" when: ansible_architecture == "aarch64" or ansible_architecture == "x86_64"
# 2. CONFIGURE MongoDB FOR IIAB # 2. CONFIGURE MongoDB FOR IIAB
- name: 'Create 3 dirs for MongoDB: /var/lib/mongodb, /var/log/mongodb, {{ mongodb_db_path }}' # - name: 'Create 3 dirs for MongoDB: /var/lib/mongodb, /var/log/mongodb, {{ mongodb_db_path }}'
# file:
# state: directory
# path: "{{ item }}"
# owner: mongodb
# group: mongodb
# with_items:
# #- { path: '/var/run/mongodb' }
# - /var/lib/mongodb
# - /var/log/mongodb
# - "{{ mongodb_db_path }}" # /library/dbdata/mongodb
- name: 'Create dir {{ mongodb_db_path }} (mongodb:mongodb)'
file: file:
state: directory state: directory
path: "{{ item }}" path: "{{ mongodb_db_path }}" # /library/dbdata/mongodb
owner: mongodb owner: mongodb
group: mongodb group: mongodb
with_items:
#- { path: '/var/run/mongodb' }
- /var/lib/mongodb
- /var/log/mongodb
- "{{ mongodb_db_path }}" # /library/dbdata/mongodb
- name: Install mongodb.service, /usr/bin/iiab-mongodb-repair-if-no-lock from templates - name: Install mongodb.service, /usr/bin/iiab-mongodb-repair-if-no-lock from templates
template: template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}" mode: "{{ item.mode }}"
#owner: root
#group: root
with_items: with_items:
- { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' } - { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' }
- { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' } - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' }

View file

@ -35,18 +35,19 @@
- debug: - debug:
var: is_raspbian var: is_raspbian
# might be able to lift this once we know using bionic would work # # might be able to lift this once we know using bionic would work
- name: EXIT 'mongodb' ROLE & CONTINUE, IF 'is_debian_10 and aarch64 and not is_raspbian' i.e. TRUE DEBIAN with arch64 # - name: EXIT 'mongodb' ROLE & CONTINUE, IF 'is_debian_10 and aarch64 and not is_raspbian' i.e. TRUE DEBIAN with arch64
fail: # FORCE IT RED THIS ONCE! # fail: # FORCE IT RED THIS ONCE!
msg: ATTEMPTED MongoDB INSTALLATION WITH (TRUE) DEBIAN aarch64, which is not supported upstream. Nevertheless IIAB will continue (consider this a warning!) # msg: ATTEMPTED MongoDB INSTALLATION WITH (TRUE) DEBIAN aarch64, which is not supported upstream. Nevertheless IIAB will continue (consider this a warning!)
when: (ansible_architecture == "aarch64") and is_debian_10 and not is_raspbian # when: (ansible_architecture == "aarch64") and is_debian_10 and not is_raspbian
ignore_errors: yes # ignore_errors: yes
# ELSE... # ELSE...
- name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml - name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml include_tasks: install.yml
when: mongodb_installed is undefined and not (ansible_architecture == "aarch64" and is_debian_10 and not is_raspbian) when: mongodb_installed is undefined
# when: mongodb_installed is undefined and not (ansible_architecture == "aarch64" and is_debian_10 and not is_raspbian)
- name: Enable or Disable MongoDB, if mongodb_installed is defined (sugarizer.service auto-starts MongoDB as nec, so doesn't need this or care what happens here!) - name: Enable or Disable MongoDB, if mongodb_installed is defined (sugarizer.service auto-starts MongoDB as nec, so doesn't need this or care what happens here!)