Add HA plugin to the dual-master receipt
Include the installation and configuration of the
high-availability plugin in static peer mode.
This improvement allows to have the near-real-time sync
of indexes, caches and sessions between the two masters.
Feature: Issue 12753
Change-Id: I60c18868d0ba33f24180ac7a3df46c0eba260dd8
diff --git a/dual-master/Makefile b/dual-master/Makefile
index 0d168e7..d91e7c6 100644
--- a/dual-master/Makefile
+++ b/dual-master/Makefile
@@ -13,8 +13,8 @@
gerrit-build gerrit-publish
create-all: cluster wait-for-cluster-creation \
- service-master-1 service-master-2 \
- wait-for-service-master-1-creation wait-for-service-master-2-creation \
+ service-master-1 wait-for-service-master-1-creation \
+ service-master-2 wait-for-service-master-2-creation \
dns-routing wait-for-dns-routing-creation
cluster: cluster-keys
@@ -40,6 +40,7 @@
ParameterKey=DockerRegistryUrl,ParameterValue=$(DOCKER_REGISTRY_URI) \
ParameterKey=CertificateArn,ParameterValue=$(SSL_CERTIFICATE_ARN) \
ParameterKey=GerritKeyPrefix,ParameterValue=$(GERRIT_KEY_PREFIX)\
+ ParameterKey=PeerSubdomain,ParameterValue=$(MASTER2_SUBDOMAIN) \
ParameterKey=DockerImage,ParameterValue=aws-gerrit/gerrit:$(IMAGE_TAG)
service-master-2:
@@ -62,7 +63,8 @@
ParameterKey=GerritIndexVolume,ParameterValue=gerrit-index-master-2 \
ParameterKey=GerritCacheVolume,ParameterValue=gerrit-cache-master-2 \
ParameterKey=GerritDbVolume,ParameterValue=gerrit-db-master-2 \
- ParameterKey=GerritLogsVolume,ParameterValue=gerrit-logs-master-2
+ ParameterKey=GerritLogsVolume,ParameterValue=gerrit-logs-master-2 \
+ ParameterKey=PeerSubdomain,ParameterValue=$(MASTER1_SUBDOMAIN)
dns-routing:
$(AWS_FC_COMMAND) create-stack \
@@ -109,12 +111,19 @@
--region $(AWS_REGION)
@echo "*** Cluster stack '$(CLUSTER_STACK_NAME)' deleted"
-wait-for-service-master-deletion:
- @echo "*** Wait for service master stack '$(SERVICE_MASTER_STACK_NAME)' deletion"
+wait-for-service-master-1-deletion:
+ @echo "*** Wait for service master stack '$(SERVICE_MASTER1_STACK_NAME)' deletion"
$(AWS_FC_COMMAND) wait stack-delete-complete \
--stack-name $(SERVICE_MASTER1_STACK_NAME) \
--region $(AWS_REGION)
- @echo "*** Service stack master '$(SERVICE_MASTER_STACK_NAME)' deleted"
+ @echo "*** Service stack master '$(SERVICE_MASTER1_STACK_NAME)' deleted"
+
+wait-for-service-master-2-deletion:
+ @echo "*** Wait for service master stack '$(SERVICE_MASTER2_STACK_NAME)' deletion"
+ $(AWS_FC_COMMAND) wait stack-delete-complete \
+ --stack-name $(SERVICE_MASTER2_STACK_NAME) \
+ --region $(AWS_REGION)
+ @echo "*** Service stack master '$(SERVICE_MASTER2_STACK_NAME)' deleted"
wait-for-dns-routing-deletion:
@echo "*** Wait for DNS routing stack '$(DNS_ROUTING_STACK_NAME)' deletion"
diff --git a/dual-master/cf-cluster.yml b/dual-master/cf-cluster.yml
index 24d1b31..4197929 100644
--- a/dual-master/cf-cluster.yml
+++ b/dual-master/cf-cluster.yml
@@ -166,6 +166,7 @@
&& s=0 && break || s=$? && sleep 5;
done; (exit $s)
mkdir $DIR_TGT/git
+ mkdir $DIR_TGT/high-availability
chown -R 1000:1000 $DIR_TGT
cp -p /etc/fstab /etc/fstab.back-$(date +%F)
echo -e \"$DIR_SRC:/ \t\t $DIR_TGT \t\t nfs \t\t defaults \t\t 0 \t\t 0\" | tee -a /etc/fstab
diff --git a/dual-master/cf-service-master.yml b/dual-master/cf-service-master.yml
index 29b4322..b97fa2c 100644
--- a/dual-master/cf-service-master.yml
+++ b/dual-master/cf-service-master.yml
@@ -63,10 +63,17 @@
GerritKeyPrefix:
Description: Gerrit credentials keys prefix
Type: String
+ PeerSubdomain:
+ Description: The subdomain of the Gerrit cluster
+ Type: String
GerritGitVolume:
Description: Gerrit git volume name
Type: String
Default: gerrit-git-master
+ GerritWebsessionsVolume:
+ Description: Gerrit git volume name
+ Type: String
+ Default: gerrit-ha-websessions-master
GerritDataVolume:
Description: Gerrit data volume name
Type: String
@@ -130,9 +137,17 @@
Value: false
- Name: GERRIT_KEY_PREFIX
Value: !Ref GerritKeyPrefix
+ - Name: SETUP_HA
+ Value: true
+ - Name: HA_PEER_URL
+ Value: !Sub 'https://${PeerSubdomain}.${HostedZoneName}'
+ - Name: HOSTED_ZONE_NAME
+ Value: !Ref HostedZoneName
MountPoints:
- SourceVolume: !Ref GerritGitVolume
ContainerPath: /var/gerrit/git
+ - SourceVolume: !Ref GerritWebsessionsVolume
+ ContainerPath: /var/gerrit/high-availability
- SourceVolume: !Ref GerritDataVolume
ContainerPath: /var/gerrit/data
- SourceVolume: !Ref GerritIndexVolume
@@ -162,6 +177,9 @@
- Name: !Ref 'GerritGitVolume'
Host:
SourcePath: "/mnt/efs/gerrit-shared/git"
+ - Name: !Ref 'GerritWebsessionsVolume'
+ Host:
+ SourcePath: "/mnt/efs/gerrit-shared/high-availability"
- Name: !Ref 'GerritDbVolume'
DockerVolumeConfiguration:
Scope: shared
diff --git a/gerrit/Makefile b/gerrit/Makefile
index bc39a08..7b9d7eb 100644
--- a/gerrit/Makefile
+++ b/gerrit/Makefile
@@ -18,6 +18,11 @@
-O ./plugins/javamelody.jar \
|| { echo >&2 "Cannot download javamelody plugin: Check internet connection. Aborting"; exit 1; }
+ @echo "Downloading HA plugin $(GERRIT_BRANCH)"
+ wget $(GERRIT_CI)/plugin-high-availability-bazel-$(GERRIT_BRANCH)/$(LAST_BUILD)/high-availability/high-availability.jar \
+ -O ./plugins/high-availability.jar \
+ || { echo >&2 "Cannot download high-availability plugin: Check internet connection. Aborting"; exit 1; }
+
gerrit-build:
cat Dockerfile | \
GERRIT_VERSION=$(GERRIT_VERSION) GERRIT_PATCH=$(GERRIT_PATCH) envsubst | \
diff --git a/gerrit/etc/gerrit.config.template b/gerrit/etc/gerrit.config.template
index 630f1cb..5cdbd19 100644
--- a/gerrit/etc/gerrit.config.template
+++ b/gerrit/etc/gerrit.config.template
@@ -33,6 +33,7 @@
listenUrl = http://*:8080/
filterClass = com.googlesource.gerrit.plugins.ootb.FirstTimeRedirect
firstTimeRedirectUrl = /login/%23%2F?account_id=1000000
+ requestLog = true
[cache]
directory = cache
[plugins]
@@ -58,3 +59,6 @@
excludeMetrics = caches/.*
{% endif %}
+
+[auth]
+ cookiedomain = .{{ COOKIE_DOMAIN }}
diff --git a/gerrit/etc/high-availability.config.template b/gerrit/etc/high-availability.config.template
new file mode 100644
index 0000000..ff94d0d
--- /dev/null
+++ b/gerrit/etc/high-availability.config.template
@@ -0,0 +1,8 @@
+[main]
+ sharedDirectory = /var/gerrit/high-availability
+
+[peerInfo]
+ strategy = static
+
+[peerInfo "static"]
+ url = {{ HA_PEER_URL }}
diff --git a/gerrit/setup_gerrit.py b/gerrit/setup_gerrit.py
index fc15a6b..d1b10b9 100755
--- a/gerrit/setup_gerrit.py
+++ b/gerrit/setup_gerrit.py
@@ -8,6 +8,7 @@
from jinja2 import Environment, FileSystemLoader
setupReplication = (os.getenv('SETUP_REPLICATION') == 'true')
+setupHA = (os.getenv('SETUP_HA') == 'true')
def get_secret(secret_name):
# Create a Secrets Manager client
@@ -144,7 +145,8 @@
'LDAP_GROUP_BASE': config['ldap']['groupBase'],
'SMTP_SERVER': config['smtp']["server"],
'SMTP_USER': config['smtp']["user"],
- 'SMTP_DOMAIN': config['smtp']["domain"]
+ 'SMTP_DOMAIN': config['smtp']["domain"],
+ 'COOKIE_DOMAIN': os.getenv('HOSTED_ZONE_NAME'),
})
f.write(template.render(config_for_template))
@@ -159,3 +161,11 @@
SLAVE_1_URL=config['remote-slave']['url'],
SLAVE_1_AMDIN_URL=config['remote-slave']['adminUrl']
))
+
+if (setupHA):
+ print("Setting HA config in '" +
+ GERRIT_CONFIG_DIRECTORY + "high-availability.config'")
+ config.read(BASE_CONFIG_DIR + '/high-availability.setup')
+ template = env.get_template("high-availability.config.template")
+ with open(GERRIT_CONFIG_DIRECTORY + "high-availability.config", 'w', encoding='utf-8') as f:
+ f.write(template.render(HA_PEER_URL=os.getenv('HA_PEER_URL')))
