Skip to content

Commit bc13d64

Browse files
piifpiif
committed
handle storage formatting and scram users in combined and separate modes
1 parent de4b5f6 commit bc13d64

File tree

3 files changed

+154
-4
lines changed

3 files changed

+154
-4
lines changed

roles/kafka_broker/tasks/get_meta_properties.yml

+93-2
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,103 @@
11
---
2+
# with kraft combined mode, first install have to define clusterid, instead of getting it from dedicateed controllers
3+
- name: Check meta.properties
4+
when: kraft_combined
5+
ansible.builtin.stat:
6+
path: "{{ kafka_controller_final_properties['log.dirs'] }}/meta.properties"
7+
register: meta_properties
8+
9+
- name: Initialize ClusterId
10+
when:
11+
- kraft_combined
12+
- not meta_properties.stat.exists
13+
run_once: true
14+
shell: "{{ binary_base_path }}/bin/kafka-storage random-uuid"
15+
environment:
16+
KAFKA_OPTS: "-Xlog:all=error -XX:+IgnoreUnrecognizedVMOptions"
17+
register: random_uuid
18+
19+
- name: Set ClusterId
20+
when:
21+
- kraft_combined
22+
- not meta_properties.stat.exists
23+
run_once: true
24+
set_fact:
25+
clusterid: "{{ random_uuid.stdout }}"
26+
delegate_to: "{{ item }}"
27+
delegate_facts: true
28+
loop: "{{ groups.kafka_broker }}"
29+
30+
# after first install in combined mode, get clusterid from one broker node
231
- name: Extract ClusterId from meta.properties on KRaft Controller
32+
when:
33+
- kraft_combined
34+
- meta_properties.stat.exists
35+
run_once: true
36+
slurp:
37+
src: "{{ kafka_controller_final_properties['log.dirs'] }}/meta.properties"
38+
register: uuid_broker
39+
40+
- name: Set ClusterId
41+
when:
42+
- kraft_combined
43+
- meta_properties.stat.exists
44+
run_once: true
45+
set_fact:
46+
clusterid: "{{ (uuid_broker['content'] | b64decode).partition('cluster.id=')[2].partition('\n')[0] }}"
47+
delegate_to: "{{ item }}"
48+
delegate_facts: true
49+
loop: "{{ groups.kafka_broker }}"
50+
51+
# when combined mode, broker must declare scram users
52+
- name: Prepare SCRAM Users
53+
when: kraft_combined
54+
set_fact:
55+
scram_users_to_create: []
56+
57+
- name: Prepare SCRAM 512 Users
58+
when:
59+
- "'SCRAM-SHA-512' in kafka_broker_sasl_enabled_mechanisms"
60+
- kraft_combined
61+
set_fact:
62+
scram_users_to_create: "{{ scram_users_to_create + [ '--add-scram SCRAM-SHA-512=[name=\"'+ item.value['principal'] + '\",password=\"' + item.value['password'] + '\"]' ] }}"
63+
loop: "{{ sasl_scram_users_final|dict2items }}"
64+
loop_control:
65+
label: "{{ item.value['principal'] }}"
66+
67+
- name: Create SCRAM 256 Users
68+
when:
69+
- "'SCRAM-SHA-256' in kafka_broker_sasl_enabled_mechanisms"
70+
- kraft_combined
71+
set_fact:
72+
scram_users_to_create: "{{ scram_users_to_create + [ '--add-scram SCRAM-SHA-256=[name=\"'+ item.value['principal'] + '\",password=\"' + item.value['password'] + '\"]' ] }}"
73+
loop: "{{ sasl_scram_users_final|dict2items }}"
74+
loop_control:
75+
label: "{{ item.value['principal'] }}"
76+
77+
- name: Format Storage Directory
78+
when: kraft_combined
79+
shell: "{{ binary_base_path }}/bin/kafka-storage format -t {{ clusterid }} -c {{ kafka_broker.config_file }} --ignore-formatted {{ scram_users_to_create|join(' ') }}"
80+
register: format_meta
81+
82+
# with dedicated controller nodes, clusterid is already defined onto controller nodes
83+
- name: Extract ClusterId from meta.properties on KRaft Controller
84+
when: not kraft_combined
85+
run_once: true
386
slurp:
487
src: "{{ kafka_controller_final_properties['log.dirs'] }}/meta.properties"
588
delegate_to: "{{ groups.kafka_controller[0] }}"
689
register: uuid_broker
790

91+
- name: Set ClusterId
92+
when: not kraft_combined
93+
run_once: true
94+
set_fact:
95+
clusterid: "{{ (uuid_broker['content'] | b64decode).partition('cluster.id=')[2].partition('\n')[0] }}"
96+
delegate_to: "{{ item }}"
97+
delegate_facts: true
98+
loop: "{{ groups.kafka_broker }}"
99+
8100
- name: Format Storage Directory
101+
when: not kraft_combined
9102
shell: "{{ binary_base_path }}/bin/kafka-storage format -t {{ clusterid }} -c {{ kafka_broker.config_file }} --ignore-formatted"
10103
register: format_meta
11-
vars:
12-
clusterid: "{{ (uuid_broker['content'] | b64decode).partition('cluster.id=')[2].partition('\n')[0] }}"

roles/kafka_broker/tasks/main.yml

+2
Original file line numberDiff line numberDiff line change
@@ -391,6 +391,7 @@
391391
run_once: true
392392
when:
393393
- "'SCRAM-SHA-512' in kafka_broker_sasl_enabled_mechanisms"
394+
- not kraft_enabled|bool
394395
no_log: "{{mask_secrets|bool}}"
395396

396397
# Only supported when zookeeper is enabled
@@ -405,6 +406,7 @@
405406
run_once: true
406407
when:
407408
- "'SCRAM-SHA-256' in kafka_broker_sasl_enabled_mechanisms"
409+
- not kraft_enabled|bool
408410
no_log: "{{ mask_sensitive_logs|bool }}"
409411

410412
- name: Deploy JMX Exporter Config File

roles/kafka_controller/tasks/get_meta_properties.yml

+59-2
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,70 @@
11
---
2-
- name: Get ClusterId
2+
3+
- name: Prepare SCRAM Users
4+
set_fact:
5+
scram_users_to_create: []
6+
7+
- name: Prepare SCRAM 512 Users
8+
when:
9+
- "'SCRAM-SHA-512' in kafka_broker_sasl_enabled_mechanisms"
10+
set_fact:
11+
scram_users_to_create: "{{ scram_users_to_create + [ '--add-scram SCRAM-SHA-512=[name=\"'+ item.value['principal'] + '\",password=\"' + item.value['password'] + '\"]' ] }}"
12+
loop: "{{ sasl_scram_users_final|dict2items }}"
13+
loop_control:
14+
label: "{{ item.value['principal'] }}"
15+
16+
- name: Prepare SCRAM 256 Users
17+
when:
18+
- "'SCRAM-SHA-256' in kafka_broker_sasl_enabled_mechanisms"
19+
set_fact:
20+
scram_users_to_create: "{{ scram_users_to_create + [ '--add-scram SCRAM-SHA-256=[name=\"'+ item.value['principal'] + '\",password=\"' + item.value['password'] + '\"]' ] }}"
21+
loop: "{{ sasl_scram_users_final|dict2items }}"
22+
loop_control:
23+
label: "{{ item.value['principal'] }}"
24+
25+
- name: Check meta.properties
26+
run_once: true
27+
ansible.builtin.stat:
28+
path: "{{ kafka_controller_final_properties['log.dirs'] }}/meta.properties"
29+
register: meta_properties
30+
31+
# if meta.properties does not exists , create uuid
32+
- name: Initialize ClusterId
33+
when: not meta_properties.stat.exists
34+
run_once: true
335
shell: "{{ binary_base_path }}/bin/kafka-storage random-uuid"
436
environment:
537
KAFKA_OPTS: "-Xlog:all=error -XX:+IgnoreUnrecognizedVMOptions"
638
register: uuid_key
39+
40+
- name: Set ClusterId
41+
when: not meta_properties.stat.exists
42+
run_once: true
43+
set_fact:
44+
clusterid: "{{ random_uuid.stdout }}"
45+
delegate_to: "{{ item }}"
46+
delegate_facts: true
47+
loop: groups['kafka_controller']
48+
49+
# else, extract it from meta.properties
50+
- name: Extract ClusterId from meta.properties
51+
when: meta_properties.stat.exists
52+
run_once: true
53+
slurp:
54+
src: "{{ kafka_controller_final_properties['log.dirs'] }}/meta.properties"
55+
register: uuid_broker
56+
57+
- name: Set ClusterId
58+
when: meta_properties.stat.exists
759
run_once: true
60+
set_fact:
61+
clusterid: "{{ (uuid_broker['content'] | b64decode).partition('cluster.id=')[2].partition('\n')[0] }}"
62+
delegate_to: "{{ item }}"
63+
delegate_facts: true
64+
loop: "{{ groups['kafka_controller'] }}"
865

966
- name: Format Data Directory
10-
shell: "{{ binary_base_path }}/bin/kafka-storage format -t {{ clusterid }} -c {{ kafka_controller.config_file }} --ignore-formatted"
67+
shell: "{{ binary_base_path }}/bin/kafka-storage format -t {{ clusterid }} -c {{ kafka_controller.config_file }} --ignore-formatted {{ scram_users_to_create|join(' ') }}"
1168
register: format_meta
1269
vars:
1370
clusterid: "{{ uuid_key.stdout }}"

0 commit comments

Comments
 (0)