Support providing ZDM configuration as YAML file

lukasz-antoniak · web-flow · commit 08142af78b30 · 2024-07-08T17:00:04.000+02:00
diff --git a/ansible/deploy_zdm_proxy.yml b/ansible/deploy_zdm_proxy.yml
@@ -209,29 +209,39 @@
 - name: Create ZDM proxy configuration env file
   hosts: proxies
   vars_files:
+    - vars/zdm_proxy_container_config.yml
     - vars/zdm_proxy_cluster_config.yml
     - vars/zdm_proxy_core_config.yml
     - vars/zdm_proxy_advanced_config.yml
     - vars/zdm_proxy_custom_tls_config.yml
     - vars/zdm_playbook_internal_config.yml
 
   tasks:
+    - name: Applying default ZDM proxy config mode
+      when: zdm_proxy_config_mode is undefined
+      set_fact:
+        zdm_proxy_config_mode: "env_vars"
+    - name: Verify proxy container configuration
+      assert:
+        that: zdm_proxy_config_mode == "env_vars" or zdm_proxy_config_mode == "config_file"
+        success_msg: "ZDM proxy container correctly configured"
+        fail_msg: "Invalid value of 'zdm_proxy_config_mode' parameter, supported values are 'env_vars' or 'config_file'"
     - name: Create configuration fragment directory
       file:
         path: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
         state: directory
-    - name: Generate env var file from template for immutable configuration
+    - name: Generate configuration file from template for immutable configuration
       template:
-        src: "zdm_proxy_immutable_config.j2"
+        src: "{{ 'zdm_proxy_immutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_immutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_immutable_config_fragment_file_name }}"
-    - name: Generate env var file from template for mutable configuration
+    - name: Generate configuration file from template for mutable configuration
       template:
-        src: "zdm_proxy_mutable_config.j2"
+        src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}"
     - name: Merge the immutable and mutable configuration files into a single one
       assemble:
         src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
-        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}"
+        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}"
 
 - name: Install ZDM Proxy
   hosts: proxies
@@ -251,7 +261,8 @@
       vars:
         ansible_python_interpreter: python3
 
-    - name: Create ZDM proxy container
+    - name: Create ZDM proxy container with env vars
+      when: "zdm_proxy_config_mode == 'env_vars'"
       docker_container:
         name: "{{ zdm_proxy_container_name }}"
         image: "docker.io/{{ zdm_proxy_image }}"
@@ -272,6 +283,24 @@
       vars:
         ansible_python_interpreter: python3
 
+    - name: Create ZDM proxy container with configuration file
+      when: "zdm_proxy_config_mode == 'config_file'"
+      docker_container:
+        name: "{{ zdm_proxy_container_name }}"
+        image: "docker.io/{{ zdm_proxy_image }}"
+        command:
+          - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}"
+        mounts:
+          - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            type: bind
+        network_mode: host
+        restart_policy: unless-stopped
+        restart: yes
+        state: started
+      vars:
+        ansible_python_interpreter: python3
+
     - name: Wait for this ZDM proxy to come up
       uri:
         url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness"
diff --git a/ansible/rolling_update_zdm_proxy.yml b/ansible/rolling_update_zdm_proxy.yml
@@ -18,20 +18,30 @@
 - name: Create ZDM proxy configuration env file based on the latest configuration
   hosts: proxies
   vars_files:
+    - vars/zdm_proxy_container_config.yml
     - vars/zdm_proxy_cluster_config.yml
     - vars/zdm_proxy_core_config.yml
     - vars/zdm_proxy_advanced_config.yml
     - vars/zdm_playbook_internal_config.yml
 
   tasks:
-    - name: Generate env var file from template for mutable configuration
+    - name: Applying default ZDM proxy config mode
+      when: zdm_proxy_config_mode is undefined
+      set_fact:
+        zdm_proxy_config_mode: "env_vars"
+    - name: Verify proxy container configuration
+      assert:
+        that: zdm_proxy_config_mode == "env_vars" or zdm_proxy_config_mode == "config_file"
+        success_msg: "ZDM proxy container correctly configured"
+        fail_msg: "Invalid value of 'zdm_proxy_config_mode' parameter, supported values are 'env_vars' or 'config_file'"
+    - name: Generate configuration file from template for mutable configuration
       template:
-        src: "zdm_proxy_mutable_config.j2"
+        src: "{{ 'zdm_proxy_mutable_config_env_vars.j2' if zdm_proxy_config_mode == 'env_vars' else 'zdm_proxy_mutable_config_file.j2' }}"
         dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}/{{ zdm_proxy_mutable_config_fragment_file_name }}"
     - name: Merge the immutable and mutable configuration files into a single one
       assemble:
         src: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_config_fragments_dir_name }}"
-        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name }}"
+        dest: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_environment_config_file_name if zdm_proxy_config_mode == 'env_vars' else (zdm_proxy_shared_assets_dir_name + '/' + zdm_proxy_config_file_name) }}"
 
 - name: Configure and restart each ZDM proxy in a rolling fashion
   hosts: proxies
@@ -45,7 +55,8 @@
     - vars/zdm_proxy_core_config.yml  # this inclusion is for backward compatibility and will be removed in the future
 
   tasks:
-    - name: Create ZDM proxy container with updated configuration
+    - name: Create ZDM proxy container with updated env vars
+      when: "zdm_proxy_config_mode == 'env_vars'"
       docker_container:
         name: "{{ zdm_proxy_container_name }}"
         image: "{{ zdm_proxy_image }}"
@@ -65,6 +76,25 @@
         state: started
       vars:
         ansible_python_interpreter: python3
+
+    - name: Create ZDM proxy container with updated configuration file
+      when: "zdm_proxy_config_mode == 'config_file'"
+      docker_container:
+        name: "{{ zdm_proxy_container_name }}"
+        image: "{{ zdm_proxy_image }}"
+        command:
+          - "--config={{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{zdm_proxy_config_file_name}}"
+        mounts:
+          - source: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            target: "{{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}"
+            type: bind
+        network_mode: host
+        restart_policy: unless-stopped
+        restart: yes
+        state: started
+      vars:
+        ansible_python_interpreter: python3
+
     - name: Wait for this ZDM proxy to come up
       uri:
         url: "http://{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}:{{ metrics_port }}/health/readiness"
@@ -76,6 +106,3 @@
     - pause:
         prompt: "Pause for {{ pause_between_restarts_in_seconds }} seconds after restarting this ZDM proxy instance"
         seconds: "{{ pause_between_restarts_in_seconds }}"
-
-
-
diff --git a/ansible/templates/zdm_proxy_immutable_config_env_vars.j2 b/ansible/templates/zdm_proxy_immutable_config_env_vars.j2
diff --git a/ansible/templates/zdm_proxy_immutable_config_file.j2 b/ansible/templates/zdm_proxy_immutable_config_file.j2
@@ -0,0 +1,72 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+
+{% set zdm_proxy_address_list = [] %}
+{% for host in groups['proxies'] %}
+    {{ zdm_proxy_address_list.append(host) }}
+{% endfor %}
+proxy_topology_index: {{ groups['proxies'].index(hostvars[inventory_hostname]['ansible_default_ipv4']['address']) }}
+proxy_topology_addresses: {{ zdm_proxy_address_list|join(',') }}
+
+{% if ( origin_contact_points is defined ) %}
+origin_contact_points: {{ origin_contact_points }}
+  {% if ( origin_port is defined ) %}
+origin_port: {{ origin_port }}
+  {% endif %}
+{% elif ( ( origin_scb_downloaded is defined and origin_scb_downloaded == 'success' ) or ( origin_scb_provided is defined and origin_scb_provided == 'success' ) )%}
+origin_secure_connect_bundle_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/origin_scb.zip
+{% endif %}
+{% if ( origin_local_datacenter is defined ) %}
+origin_local_datacenter: {{ origin_local_datacenter }}
+{% endif %}
+
+{% if ( target_contact_points is defined ) %}
+target_contact_points: {{ target_contact_points }}
+  {% if ( target_port is defined ) %}
+target_port: {{ target_port }}
+  {% endif %}
+{% elif ( target_scb_downloaded is defined and target_scb_downloaded == 'success' ) or ( target_scb_provided is defined and target_scb_provided == 'success' ) %}
+target_secure_connect_bundle_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/target_scb.zip
+{% endif %}
+{% if ( target_local_datacenter is defined ) %}
+target_local_datacenter: {{ target_local_datacenter }}
+{% endif %}
+
+proxy_listen_address: {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
+proxy_listen_port: {{ zdm_proxy_listen_port }}
+
+metrics_address: {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}
+metrics_port: {{ metrics_port }}
+
+{% if ( origin_tls_user_dir_path is defined and origin_tls_server_ca_filename is defined ) %}
+origin_tls_server_ca_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_server_ca_filename }}
+{% endif %}
+{% if ( origin_tls_user_dir_path is defined and origin_tls_client_cert_filename is defined ) %}
+origin_tls_client_cert_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_cert_filename }}
+{% endif %}
+{% if ( origin_tls_user_dir_path is defined and origin_tls_client_key_filename is defined ) %}
+origin_tls_client_key_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ origin_tls_dest_dir_name }}/{{ origin_tls_client_key_filename }}
+{% endif %}
+
+{% if ( target_tls_user_dir_path is defined and target_tls_server_ca_filename is defined ) %}
+target_tls_server_ca_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_server_ca_filename }}
+{% endif %}
+{% if ( target_tls_user_dir_path is defined and target_tls_client_cert_filename is defined ) %}
+target_tls_client_cert_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_cert_filename }}
+{% endif %}
+{% if ( target_tls_user_dir_path is defined and target_tls_client_key_filename is defined ) %}
+target_tls_client_key_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ target_tls_dest_dir_name }}/{{ target_tls_client_key_filename }}
+{% endif %}
+
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_ca_filename is defined ) %}
+proxy_tls_ca_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_ca_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_cert_filename is defined ) %}
+proxy_tls_cert_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_cert_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_user_dir_path is defined and zdm_proxy_tls_key_filename is defined ) %}
+proxy_tls_key_path: {{ zdm_proxy_home_dir }}/{{ zdm_proxy_shared_assets_dir_name }}/{{ zdm_proxy_tls_dest_dir_name }}/{{ zdm_proxy_tls_key_filename }}
+{% endif %}
+{% if ( zdm_proxy_tls_require_client_auth is defined ) %}
+proxy_tls_require_client_auth: {{ zdm_proxy_tls_require_client_auth }}
+{% endif %}
+
diff --git a/ansible/templates/zdm_proxy_mutable_config_env_vars.j2 b/ansible/templates/zdm_proxy_mutable_config_env_vars.j2
diff --git a/ansible/templates/zdm_proxy_mutable_config_file.j2 b/ansible/templates/zdm_proxy_mutable_config_file.j2
@@ -0,0 +1,58 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+
+{% if ( primary_cluster is defined ) %}
+primary_cluster: {{ primary_cluster }}
+{% endif %}
+
+{% if ( read_mode is defined ) %}
+read_mode: {{ read_mode }}
+{% endif %}
+
+{% if ( log_level is defined ) %}
+log_level: {{ log_level }}
+{% endif %}
+
+origin_username: {{ origin_username | default('') }}
+origin_password: {{ origin_password | default('') }}
+target_username: {{ target_username | default('') }}
+target_password: {{ target_password | default('') }}
+
+{% if ( zdm_proxy_max_clients_connections is defined ) %}
+proxy_max_client_connections: {{ zdm_proxy_max_clients_connections }}
+{% endif %}
+
+{% if ( zdm_proxy_request_timeout_ms is defined ) %}
+proxy_request_timeout_ms: {{ zdm_proxy_request_timeout_ms }}
+{% endif %}
+{% if ( origin_connection_timeout_ms is defined ) %}
+origin_connection_timeout_ms: {{ origin_connection_timeout_ms }}
+{% endif %}
+{% if ( target_connection_timeout_ms is defined ) %}
+target_connection_timeout_ms: {{ target_connection_timeout_ms }}
+{% endif %}
+{% if ( async_handshake_timeout_ms is defined ) %}
+async_handshake_timeout_ms: {{ async_handshake_timeout_ms }}
+{% endif %}
+{% if ( heartbeat_interval_ms is defined ) %}
+heartbeat_interval_ms: {{ heartbeat_interval_ms }}
+{% endif %}
+{% if ( zdm_proxy_max_stream_ids is defined ) %}
+proxy_max_stream_ids: {{ zdm_proxy_max_stream_ids }}
+{% endif %}
+
+{% if ( metrics_enabled is defined ) %}
+metrics_enabled: {{ metrics_enabled }}
+{% endif %}
+
+{% if ( system_queries_mode is defined ) %}
+system_queries_mode: {{ system_queries_mode }}
+{% endif %}
+
+{% if ( replace_cql_functions is defined ) %}
+replace_cql_functions: {{ replace_cql_functions }}
+{% endif %}
+
+{% if ( forward_client_credentials_to_origin is defined ) %}
+forward_client_credentials_to_origin: {{ forward_client_credentials_to_origin }}
+{% endif %}
+
diff --git a/ansible/vars/zdm_playbook_internal_config.yml b/ansible/vars/zdm_playbook_internal_config.yml
@@ -11,6 +11,7 @@ zdm_proxy_config_fragments_dir_name: zdm_proxy_config_fragments
 zdm_proxy_mutable_config_fragment_file_name: zdm_proxy_mutable_config.env
 zdm_proxy_immutable_config_fragment_file_name: zdm_proxy_immutable_config.env
 zdm_proxy_environment_config_file_name: zdm_proxy_config.env
+zdm_proxy_config_file_name: zdm_proxy_config.yml
 
 origin_scb_file_name: origin_scb
 target_scb_file_name: target_scb
diff --git a/ansible/vars/zdm_proxy_container_config.yml b/ansible/vars/zdm_proxy_container_config.yml
@@ -2,4 +2,8 @@
 zdm_proxy_image: datastax/zdm-proxy:2.x
 
 create_containers: 1
-zdm_proxy_container_name: zdm-proxy-container
+zdm_proxy_container_name: zdm-proxy-container
+
+# Defines how configuration shall be passed to ZDM proxy.
+# Allowed values are "env_vars" and "config_file".
+zdm_proxy_config_mode: env_vars
