From e3040d64b245ae953a8249ffd53378f2be6a9b46 Mon Sep 17 00:00:00 2001 From: Chuck Levesque Date: Mon, 11 Mar 2024 19:07:42 -0400 Subject: [PATCH] migrate rdbms to exe - RHEL 9 fixes Signed-off-by: Chuck Levesque --- builder/requirements.yml | 10 +- galaxy.yml | 4 +- requirements.yml | 15 +- .../base/templates/configs/tls-7.1.0.j2 | 2 +- .../base/templates/configs/tls-7.1.7.j2 | 4 + .../base/templates/configs/tls-cm-7.j2 | 10 +- roles/config/cluster/base/vars/main.yml | 4 +- roles/config/cluster/ecs/tasks/main.yml | 5 +- roles/deployment/definition/defaults/main.yml | 11 +- .../krb5_client/tasks/freeipa.yml | 9 + .../rdbms/files/utf8-template.sql | 23 -- roles/infrastructure/rdbms/meta/main.yml | 18 - roles/infrastructure/rdbms/tasks/main.yml | 29 -- .../rdbms/tasks/mariadb-Debian.yml | 31 -- .../rdbms/tasks/mariadb-RedHat.yml | 27 -- .../rdbms/tasks/mysql-RedHat.yml | 36 -- .../rdbms/tasks/postgresql-Debian.yml | 40 -- .../rdbms/tasks/postgresql-RedHat.yml | 58 --- .../rdbms/tasks/template_fix.yml | 35 -- .../rdbms/templates/cloudera.cnf | 26 -- .../rdbms/vars/mariadb-Debian.yml | 19 - .../rdbms/vars/mariadb-RedHat.yml | 15 - roles/infrastructure/rdbms/vars/mariadb.yml | 20 - roles/infrastructure/rdbms/vars/mysql.yml | 23 -- .../rdbms/vars/postgresql-Debian.yml | 23 -- .../rdbms/vars/postgresql-RedHat.yml | 28 -- .../infrastructure/rdbms/vars/postgresql.yml | 37 -- .../prereqs/mysql_connector/defaults/main.yml | 21 -- roles/prereqs/mysql_connector/meta/main.yml | 17 - roles/prereqs/mysql_connector/tasks/main.yml | 79 ---- .../mysql_connector/templates/my_config.h | 355 ------------------ .../oracle_connector/defaults/main.yml | 22 -- roles/prereqs/oracle_connector/meta/main.yml | 17 - roles/prereqs/oracle_connector/tasks/main.yml | 85 ----- roles/prereqs/os/tasks/main-RedHat.yml | 2 +- roles/prereqs/os/tasks/main.yml | 4 +- .../os/vars/RedHat-7.yml} | 13 +- .../os/vars/{RedHat.yml => RedHat-8.yml} | 3 +- .../main.yml => prereqs/os/vars/RedHat-9.yml} | 10 +- .../postgresql_connector/defaults/main.yml | 19 - .../postgresql_connector/meta/main.yml | 17 - .../postgresql_connector/tasks/main.yml | 50 --- roles/prereqs/pvc_ecs/tasks/main.yml | 53 ++- roles/prereqs/user_accounts/tasks/main.yml | 4 +- 44 files changed, 108 insertions(+), 1225 deletions(-) create mode 100644 roles/config/cluster/base/templates/configs/tls-7.1.7.j2 delete mode 100644 roles/infrastructure/rdbms/files/utf8-template.sql delete mode 100644 roles/infrastructure/rdbms/meta/main.yml delete mode 100644 roles/infrastructure/rdbms/tasks/main.yml delete mode 100644 roles/infrastructure/rdbms/tasks/mariadb-Debian.yml delete mode 100644 roles/infrastructure/rdbms/tasks/mariadb-RedHat.yml delete mode 100644 roles/infrastructure/rdbms/tasks/mysql-RedHat.yml delete mode 100644 roles/infrastructure/rdbms/tasks/postgresql-Debian.yml delete mode 100644 roles/infrastructure/rdbms/tasks/postgresql-RedHat.yml delete mode 100644 roles/infrastructure/rdbms/tasks/template_fix.yml delete mode 100644 roles/infrastructure/rdbms/templates/cloudera.cnf delete mode 100644 roles/infrastructure/rdbms/vars/mariadb-Debian.yml delete mode 100644 roles/infrastructure/rdbms/vars/mariadb-RedHat.yml delete mode 100644 roles/infrastructure/rdbms/vars/mariadb.yml delete mode 100644 roles/infrastructure/rdbms/vars/mysql.yml delete mode 100644 roles/infrastructure/rdbms/vars/postgresql-Debian.yml delete mode 100644 roles/infrastructure/rdbms/vars/postgresql-RedHat.yml delete mode 100644 roles/infrastructure/rdbms/vars/postgresql.yml delete mode 100644 roles/prereqs/mysql_connector/defaults/main.yml delete mode 100644 roles/prereqs/mysql_connector/meta/main.yml delete mode 100644 roles/prereqs/mysql_connector/tasks/main.yml delete mode 100644 roles/prereqs/mysql_connector/templates/my_config.h delete mode 100644 roles/prereqs/oracle_connector/defaults/main.yml delete mode 100644 roles/prereqs/oracle_connector/meta/main.yml delete mode 100644 roles/prereqs/oracle_connector/tasks/main.yml rename roles/{infrastructure/rdbms/vars/mysql-RedHat.yml => prereqs/os/vars/RedHat-7.yml} (72%) rename roles/prereqs/os/vars/{RedHat.yml => RedHat-8.yml} (90%) rename roles/{infrastructure/rdbms/handlers/main.yml => prereqs/os/vars/RedHat-9.yml} (79%) delete mode 100644 roles/prereqs/postgresql_connector/defaults/main.yml delete mode 100644 roles/prereqs/postgresql_connector/meta/main.yml delete mode 100644 roles/prereqs/postgresql_connector/tasks/main.yml diff --git a/builder/requirements.yml b/builder/requirements.yml index 31595fcb..260c07ab 100644 --- a/builder/requirements.yml +++ b/builder/requirements.yml @@ -1,5 +1,5 @@ --- -# Copyright 2023 Cloudera, Inc. All Rights Reserved. +# Copyright 2024 Cloudera, Inc. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,11 +16,3 @@ collections: - source: . type: dir - -roles: - - name: geerlingguy.postgresql - version: 2.2.0 - - # geerlingguy.mysql with fix for issue #332 - - src: https://github.com/dbeech/ansible-role-mysql - version: master \ No newline at end of file diff --git a/galaxy.yml b/galaxy.yml index c02db4fd..3cc38f97 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -16,7 +16,7 @@ namespace: cloudera name: cluster -version: 4.3.0 +version: 4.3.0-dev readme: README.md authors: [] @@ -35,7 +35,7 @@ tags: dependencies: 'ansible.posix': '1.3.0' - 'community.crypto': '2.2.1' + 'community.crypto': '2.17.1' 'community.general': '4.5.0' repository: https://github.com/cloudera-labs/cloudera.cluster diff --git a/requirements.yml b/requirements.yml index fdcd7d71..4018f1a4 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,6 +1,6 @@ --- -# Copyright 2023 Cloudera, Inc. +# Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,24 +14,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -roles: - - name: geerlingguy.postgresql - version: 2.2.0 - - # geerlingguy.mysql with fix for issue #332 - - src: https://github.com/dbeech/ansible-role-mysql - version: master collections: - name: ansible.posix version: 1.3.0 - name: community.crypto - version: 2.2.1 + version: 2.17.1 - name: community.general version: 4.5.0 - name: community.mysql - version: 3.1.0 + version: 3.8.0 - name: community.postgresql - version: 1.6.1 + version: 3.3.0 - name: freeipa.ansible_freeipa version: 1.11.1 diff --git a/roles/config/cluster/base/templates/configs/tls-7.1.0.j2 b/roles/config/cluster/base/templates/configs/tls-7.1.0.j2 index 0b07bf2e..743e0f49 100644 --- a/roles/config/cluster/base/templates/configs/tls-7.1.0.j2 +++ b/roles/config/cluster/base/templates/configs/tls-7.1.0.j2 @@ -109,7 +109,7 @@ LIVY: ssl_server_keystore_location: {{ tls_keystore_path_generic }} ssl_server_keystore_password: {{ tls_keystore_password }} OZONE: - DATANODE: + OZONE_DATANODE: ssl_client_truststore_location: {{ tls_truststore_path }} ssl_client_truststore_password: {{ tls_truststore_password }} ssl_enabled: true diff --git a/roles/config/cluster/base/templates/configs/tls-7.1.7.j2 b/roles/config/cluster/base/templates/configs/tls-7.1.7.j2 new file mode 100644 index 00000000..b13928cb --- /dev/null +++ b/roles/config/cluster/base/templates/configs/tls-7.1.7.j2 @@ -0,0 +1,4 @@ +--- +OZONE: + SERVICEWIDE: + hdds.grpc.tls.enabled: true \ No newline at end of file diff --git a/roles/config/cluster/base/templates/configs/tls-cm-7.j2 b/roles/config/cluster/base/templates/configs/tls-cm-7.j2 index 4d3aabce..9f81c7ab 100644 --- a/roles/config/cluster/base/templates/configs/tls-cm-7.j2 +++ b/roles/config/cluster/base/templates/configs/tls-cm-7.j2 @@ -104,8 +104,7 @@ LIVY: ssl_enabled: true ssl_server_keystore_location: {{ tls_keystore_path_generic }} ssl_server_keystore_password: {{ tls_keystore_password }} -OZONE: - DATANODE: + OZONE_DATANODE: ssl_client_truststore_location: {{ tls_truststore_path }} ssl_client_truststore_password: {{ tls_truststore_password }} ssl_enabled: true @@ -143,6 +142,13 @@ OZONE: ssl_server_keystore_keypassword: {{ tls_keystore_password }} ssl_server_keystore_location: {{ tls_keystore_path_generic }} ssl_server_keystore_password: {{ tls_keystore_password }} + HTTPFS_GATEWAY: + ssl_client_truststore_location: {{ tls_truststore_path }} + ssl_client_truststore_password: {{ tls_truststore_password }} + ssl_enabled: true + ssl_server_keystore_keypassword: {{ tls_keystore_password }} + ssl_server_keystore_location: {{ tls_keystore_path_generic }} + ssl_server_keystore_password: {{ tls_keystore_password }} NIFI: NIFI_NODE: ssl_enabled: true diff --git a/roles/config/cluster/base/vars/main.yml b/roles/config/cluster/base/vars/main.yml index 02cf6975..4e891930 100644 --- a/roles/config/cluster/base/vars/main.yml +++ b/roles/config/cluster/base/vars/main.yml @@ -64,10 +64,12 @@ custom_config_templates: condition: "{{ cluster.security.tls | default(False) and cloudera_runtime_version is version('7.1.0','>=') }}" - template: configs/tls-7.1.4.j2 condition: "{{ cluster.security.tls | default(False) and cloudera_runtime_version is version('7.1.4','>=') and (cloudera_runtime_pre_upgrade is undefined or cloudera_runtime_pre_upgrade is version('7.1.4','>=')) }}" + - template: configs/tls-7.1.7.j2 + condition: "{{ cluster.security.tls | default(False) and cloudera_runtime_version is version('7.1.7','>=') }}" - template: configs/tls-7.3.1.j2 condition: "{{ cluster.security.tls | default(False) and cloudera_manager_version is version('7.3.1', '>=') }}" - template: configs/tls-cm-7.j2 - condition: "{{ cluster.security.tls | default(False) and cloudera_manager_version is version('7.1.0','>=') }}" + condition: "{{ cluster.security.tls | default(False) and cloudera_manager_version is version('7.1.0','>=') }}" # Custom configurations for Cloudera Streams Processing components on CDH 6.x - template: configs/schemaregistry.j2 condition: >- diff --git a/roles/config/cluster/ecs/tasks/main.yml b/roles/config/cluster/ecs/tasks/main.yml index aeec29b9..6024a0ed 100644 --- a/roles/config/cluster/ecs/tasks/main.yml +++ b/roles/config/cluster/ecs/tasks/main.yml @@ -17,8 +17,9 @@ # This variable is used by other roles # please take care when changing it - set_fact: - databases: "{{ database_defaults | combine(cluster.databases | default({}), recursive=True) }}" - +# databases: "{{ database_defaults | combine(cluster.databases | default({}), recursive=True) }}" + databases: [] + - name: Retrieve repository metadata include_role: name: cloudera.cluster.deployment.repometa diff --git a/roles/deployment/definition/defaults/main.yml b/roles/deployment/definition/defaults/main.yml index 3473c2b8..194bd686 100644 --- a/roles/deployment/definition/defaults/main.yml +++ b/roles/deployment/definition/defaults/main.yml @@ -1,4 +1,4 @@ -# Copyright 2023 Cloudera, Inc. +# Copyright 2024 Cloudera, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,12 +24,15 @@ default_database_versions: postgresql: '7': 10 '8': 12 + '9': 14 mariadb: '7': 10.2 - '8': 10.2 + '8': 10.6 + '9': 10.6 mysql: '7': 5.7 - '8': 8.0 + '8': 8.0 + '9': 8.0 # Located in cloudera.cluster.infrastructure.krb5_common #krb5_realm: CLOUDERA.LOCAL @@ -125,7 +128,7 @@ database_defaults: QUEUEMANAGER: host: "{{ database_host }}" port: "{{ database_type | cloudera.cluster.default_database_port }}" - type: postgresql + type: "{{ database_type }}" name: queuemanager user: queuemanager password: "{{ database_default_password }}" diff --git a/roles/infrastructure/krb5_client/tasks/freeipa.yml b/roles/infrastructure/krb5_client/tasks/freeipa.yml index f90ad950..6d73d523 100644 --- a/roles/infrastructure/krb5_client/tasks/freeipa.yml +++ b/roles/infrastructure/krb5_client/tasks/freeipa.yml @@ -67,3 +67,12 @@ when: - krb5_kdc_type == 'Red Hat IPA' - "'cluster' in group_names or 'cloudera_manager' in group_names" + +- name: Remove ipa includedir directive + lineinfile: + path: /etc/krb5.conf + regexp: "^includedir /etc/krb5.conf.d/" + state: absent + when: + - krb5_kdc_type == 'Red Hat IPA' + - "'cluster' in group_names or 'cloudera_manager' in group_names" diff --git a/roles/infrastructure/rdbms/files/utf8-template.sql b/roles/infrastructure/rdbms/files/utf8-template.sql deleted file mode 100644 index f95dc7ab..00000000 --- a/roles/infrastructure/rdbms/files/utf8-template.sql +++ /dev/null @@ -1,23 +0,0 @@ --- Copyright 2021 Cloudera, Inc. --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. - -update pg_database set datallowconn = TRUE where datname = 'template0'; -\c template0 -update pg_database set datistemplate = FALSE where datname = 'template1'; -drop database template1; -create database template1 with template = template0 encoding = 'UTF8'; -update pg_database set datistemplate = TRUE where datname = 'template1'; -\c template1 -update pg_database set datallowconn = FALSE where datname = 'template0'; - diff --git a/roles/infrastructure/rdbms/meta/main.yml b/roles/infrastructure/rdbms/meta/main.yml deleted file mode 100644 index 1a3d1690..00000000 --- a/roles/infrastructure/rdbms/meta/main.yml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -dependencies: - - role: cloudera.cluster.deployment.definition - - role: cloudera.cluster.infrastructure.ca_common diff --git a/roles/infrastructure/rdbms/tasks/main.yml b/roles/infrastructure/rdbms/tasks/main.yml deleted file mode 100644 index c809292f..00000000 --- a/roles/infrastructure/rdbms/tasks/main.yml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -- name: Include database type specific variables - include_vars: - file: "{{ database_type }}.yml" - -- name: Include database type and OS specific variables - include_vars: - file: "{{ database_type }}-{{ ansible_os_family }}.yml" - -- name: Install database - include_tasks: - file: "{{ item }}" - with_first_found: - - "{{ database_type }}-{{ ansible_os_family }}.yml" - - "{{ database_type }}.yml" diff --git a/roles/infrastructure/rdbms/tasks/mariadb-Debian.yml b/roles/infrastructure/rdbms/tasks/mariadb-Debian.yml deleted file mode 100644 index 66724199..00000000 --- a/roles/infrastructure/rdbms/tasks/mariadb-Debian.yml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Install MariaDB apt key - apt_key: - url: https://mariadb.org/mariadb_release_signing_key.asc - state: present - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install MariaDB apt repository - apt_repository: - repo: deb [arch=amd64,arm64,ppc64el] https://downloads.mariadb.com/MariaDB/mariadb-{{ database_version }}/repo/ubuntu/ bionic main - state: present - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install MariaDB - include_role: - name: ansible-role-mysql diff --git a/roles/infrastructure/rdbms/tasks/mariadb-RedHat.yml b/roles/infrastructure/rdbms/tasks/mariadb-RedHat.yml deleted file mode 100644 index da4ae4de..00000000 --- a/roles/infrastructure/rdbms/tasks/mariadb-RedHat.yml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Install MariaDB repository - yum_repository: - name: MariaDB - description: MariaDB {{ database_version }} repository for RHEL/CentOS 7 - baseurl: https://yum.mariadb.org/{{ database_version }}/rhel7-amd64 - gpgkey: https://yum.mariadb.org/RPM-GPG-KEY-MariaDB - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install MariaDB - include_role: - name: ansible-role-mysql diff --git a/roles/infrastructure/rdbms/tasks/mysql-RedHat.yml b/roles/infrastructure/rdbms/tasks/mysql-RedHat.yml deleted file mode 100644 index 4d775fb3..00000000 --- a/roles/infrastructure/rdbms/tasks/mysql-RedHat.yml +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2023 Cloudera, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Import GPG Key - rpm_key: - key: https://repo.mysql.com/RPM-GPG-KEY-mysql-2022 - state: present - when: - - not (skip_rdbms_repo_setup | default(False)) - -- name: Install MySQL Community repository - yum: - name: https://repo.mysql.com/mysql{{ database_version | replace('.','') }}-community-release-el{{ ansible_distribution_major_version }}.rpm - update_cache: true - lock_timeout: 180 - state: present - when: - - not (skip_rdbms_repo_setup | default(False)) - - -- name: Install MySQL - include_role: - name: ansible-role-mysql \ No newline at end of file diff --git a/roles/infrastructure/rdbms/tasks/postgresql-Debian.yml b/roles/infrastructure/rdbms/tasks/postgresql-Debian.yml deleted file mode 100644 index 21cb7b98..00000000 --- a/roles/infrastructure/rdbms/tasks/postgresql-Debian.yml +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Install PostgreSQL apt key - apt_key: - url: https://www.postgresql.org/media/keys/ACCC4CF8.asc - state: present - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install PostgreSQL apt repository - apt_repository: - repo: "deb https://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main" - state: present - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install PostgreSQL - include_role: - name: geerlingguy.postgresql - -- name: Install python-psycopg2 - ansible.builtin.pip: - name: psycopg2-binary - state: latest - -- name: Fix UTF-8 template - include_tasks: - file: template_fix.yml diff --git a/roles/infrastructure/rdbms/tasks/postgresql-RedHat.yml b/roles/infrastructure/rdbms/tasks/postgresql-RedHat.yml deleted file mode 100644 index d5a06625..00000000 --- a/roles/infrastructure/rdbms/tasks/postgresql-RedHat.yml +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Install PostgreSQL common repository - yum_repository: - name: pgdg-common - description: PostgreSQL common for RHEL/CentOS - baseurl: https://download.postgresql.org/pub/repos/yum/common/redhat/rhel-$releasever-$basearch - gpgkey: https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL - when: not (skip_rdbms_repo_setup | default(False)) - -- name: Install PostgreSQL version repository - yum_repository: - name: pgdg - description: PostgreSQL {{ postgresql_version }} for RHEL/CentOS - baseurl: https://download.postgresql.org/pub/repos/yum/{{ postgresql_version }}/redhat/rhel-$releasever-$basearch - gpgkey: https://download.postgresql.org/pub/repos/yum/keys/PGDG-RPM-GPG-KEY-RHEL - when: not (skip_rdbms_repo_setup | default(False)) - -- name: disable default Postgres module in Rhel 8 - command: dnf module disable -y postgresql - register: __postgres_module_result - changed_when: - - '"Disabling modules" in __postgres_module_result.stdout' - when: - - ansible_os_family == 'RedHat' - - ansible_distribution_major_version | int >= 8 - -- name: Install PostgreSQL - include_role: - name: geerlingguy.postgresql - -- name: Fix UTF-8 template - include_tasks: - file: template_fix.yml - -- name: Remove repositories and clean metadata - yum_repository: - name: "{{ item }}" - state: absent - with_items: - - pgdg-common - - pgdg - when: not (skip_rdbms_repo_setup | default(False)) - notify: yum clean metadata diff --git a/roles/infrastructure/rdbms/tasks/template_fix.yml b/roles/infrastructure/rdbms/tasks/template_fix.yml deleted file mode 100644 index 1a04815e..00000000 --- a/roles/infrastructure/rdbms/tasks/template_fix.yml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Copy SQL to change template to UTF-8 - copy: - src: files/utf8-template.sql - dest: "{{ local_temp_dir }}" - owner: postgres - group: postgres - mode: 0660 - -- name: Run SQL to change template to UTF-8 - command: "psql -f {{ local_temp_dir }}/utf8-template.sql" - become: yes - become_user: postgres - -- name: Remove SQL file - file: - path: "{{ local_temp_dir }}/utf8-template.sql" - state: absent - become: yes - become_user: postgres diff --git a/roles/infrastructure/rdbms/templates/cloudera.cnf b/roles/infrastructure/rdbms/templates/cloudera.cnf deleted file mode 100644 index 6468f195..00000000 --- a/roles/infrastructure/rdbms/templates/cloudera.cnf +++ /dev/null @@ -1,26 +0,0 @@ -[mysqld] -log_bin_trust_function_creators = 1 -{% if database_tls %} -# SSL configuration -ssl_ca = {{ tls_chain_path }} -ssl_cert = {{ tls_cert_path_generic }} -ssl_key = {{ tls_key_path_plaintext_generic }} -{% if database_version is version('8.0','>=') %} -require_secure_transport = {{ mysql_require_secure_transport | default('OFF') }} -{% endif %} -{% if database_version is version('10.5.2','>=') %} -require_secure_transport = {{ mysql_require_secure_transport | default('OFF') }} -{% endif %} -{% if mysql_ssl_cipher is defined %} -ssl_cipher = {{ mysql_ssl_cipher }} -{% endif %} -{% if mysql_ssl_crl is defined %} -ssl_crl = {{ mysql_ssl_crl }} -{% endif %} -{% if mysql_ssl_crlpath is defined %} -ssl_crlpath = {{ mysql_ssl_crlpath }} -{% endif %} -{% if mysql_tls_version is defined %} -tls_version = {{ mysql_tls_version }} -{% endif %} -{% endif %} diff --git a/roles/infrastructure/rdbms/vars/mariadb-Debian.yml b/roles/infrastructure/rdbms/vars/mariadb-Debian.yml deleted file mode 100644 index 9fa139d7..00000000 --- a/roles/infrastructure/rdbms/vars/mariadb-Debian.yml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -mysql_packages: - - mariadb-client - - mariadb-server - - python-mysqldb diff --git a/roles/infrastructure/rdbms/vars/mariadb-RedHat.yml b/roles/infrastructure/rdbms/vars/mariadb-RedHat.yml deleted file mode 100644 index 90e4e0a3..00000000 --- a/roles/infrastructure/rdbms/vars/mariadb-RedHat.yml +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- diff --git a/roles/infrastructure/rdbms/vars/mariadb.yml b/roles/infrastructure/rdbms/vars/mariadb.yml deleted file mode 100644 index aa89f31c..00000000 --- a/roles/infrastructure/rdbms/vars/mariadb.yml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -mysql_pid_file: /var/run/mariadb/mariadb.pid -mysql_innodb_large_prefix: 0 -mysql_config_include_files: - - src: "cloudera.cnf" - force: true diff --git a/roles/infrastructure/rdbms/vars/mysql.yml b/roles/infrastructure/rdbms/vars/mysql.yml deleted file mode 100644 index 2f3af74b..00000000 --- a/roles/infrastructure/rdbms/vars/mysql.yml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2023 Cloudera, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -mysql_daemon: mysqld -mysql_log_error: /var/log/mysql.log -mysql_syslog_tag: mysql -mysql_pid_file: /var/run/mysql/mysql.pid -mysql_innodb_large_prefix: 0 -mysql_config_include_files: - - src: "cloudera.cnf" - force: true \ No newline at end of file diff --git a/roles/infrastructure/rdbms/vars/postgresql-Debian.yml b/roles/infrastructure/rdbms/vars/postgresql-Debian.yml deleted file mode 100644 index ec5af0ac..00000000 --- a/roles/infrastructure/rdbms/vars/postgresql-Debian.yml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -postgresql_version: "{{ database_version }}" -postgresql_data_dir: "/var/lib/postgresql/{{ postgresql_version }}/main" -postgresql_bin_path: "/usr/lib/postgresql/{{ postgresql_version }}/bin" -postgresql_config_path: "/etc/postgresql/{{ postgresql_version }}/main" -postgresql_packages: - - "postgresql-{{ postgresql_version }}" - - "postgresql-contrib-{{ postgresql_version }}" - - "postgresql-server-dev-{{ postgresql_version }}" diff --git a/roles/infrastructure/rdbms/vars/postgresql-RedHat.yml b/roles/infrastructure/rdbms/vars/postgresql-RedHat.yml deleted file mode 100644 index 142816e7..00000000 --- a/roles/infrastructure/rdbms/vars/postgresql-RedHat.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 2023 Cloudera, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -postgresql_version: "{{ database_version }}" -postgresql_data_dir: /var/lib/pgsql/{{ postgresql_version }}/data -postgresql_bin_path: /usr/pgsql-{{ postgresql_version }}/bin -postgresql_config_path: /var/lib/pgsql/{{ postgresql_version }}/data -postgresql_daemon: postgresql-{{ postgresql_version }}.service -# Removed devel package as avoids dependency on perl-IPC-run in pg 12+ -postgresql_packages: - - postgresql{{ postgresql_version | regex_replace('\.','') }} - - postgresql{{ postgresql_version | regex_replace('\.','') }}-server - - postgresql{{ postgresql_version | regex_replace('\.','') }}-libs - - postgresql{{ postgresql_version | regex_replace('\.','') }}-contrib -# - postgresql{{ postgresql_version | regex_replace('\.','') }}-devel -postgresql_python_library: python-psycopg2 diff --git a/roles/infrastructure/rdbms/vars/postgresql.yml b/roles/infrastructure/rdbms/vars/postgresql.yml deleted file mode 100644 index a676b7c8..00000000 --- a/roles/infrastructure/rdbms/vars/postgresql.yml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -postgresql_global_config_options: - - option: log_directory - value: 'log' - - option: listen_addresses - value: '*' - - option: max_connections - value: 300 - - option: ssl - value: "{{ 'on' if database_tls else 'off' }}" - - option: ssl_cert_file - value: "{{ tls_cert_path_generic if database_tls else None }}" - - option: ssl_key_file - value: "{{ tls_key_path_plaintext_generic if database_tls else None }}" - - option: ssl_ca_file - value: "{{ tls_chain_path if database_tls else None }}" - -postgresql_hba_entries: - - {type: local, database: all, user: postgres, auth_method: peer} - - {type: local, database: all, user: all, auth_method: peer} - - {type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5} - - {type: host, database: all, user: all, address: '::1/128', auth_method: md5} - - {type: host, database: all, user: all, address: '0.0.0.0/0', auth_method: md5} diff --git a/roles/prereqs/mysql_connector/defaults/main.yml b/roles/prereqs/mysql_connector/defaults/main.yml deleted file mode 100644 index d9e82ff0..00000000 --- a/roles/prereqs/mysql_connector/defaults/main.yml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2023 Cloudera, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -mysql_connector_url: https://cdn.mysql.com//Downloads/Connector-J/mysql-connector-java-5.1.49.zip -mysql_connector_checksum: md5:5ecd588e13f14de07faa5c67f5caf3f1 -mysql_connector_download_dir: "{{ local_temp_dir }}" -mysql_connector_extract_dir: "{{ local_temp_dir }}" -mysql_connector_local_path: "{{ mysql_connector_extract_dir }}/mysql-connector-java-5.1.49/mysql-connector-java-5.1.49-bin.jar" \ No newline at end of file diff --git a/roles/prereqs/mysql_connector/meta/main.yml b/roles/prereqs/mysql_connector/meta/main.yml deleted file mode 100644 index 016374de..00000000 --- a/roles/prereqs/mysql_connector/meta/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -dependencies: - - role: cloudera.cluster.deployment.definition diff --git a/roles/prereqs/mysql_connector/tasks/main.yml b/roles/prereqs/mysql_connector/tasks/main.yml deleted file mode 100644 index b176cc3d..00000000 --- a/roles/prereqs/mysql_connector/tasks/main.yml +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2023 Cloudera, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Download MySQL Connector/J - get_url: - url: "{{ mysql_connector_url }}" - dest: "{{ mysql_connector_download_dir }}/mysql-connector-java.zip" - checksum: "{{ mysql_connector_checksum }}" - mode: 0644 - become: no - run_once: true - delegate_to: localhost - -- name: Create /usr/share/java directory - file: - path: /usr/share/java - state: directory - mode: 0755 - -- name: Install unzip package - ansible.builtin.package: - lock_timeout: "{{ (ansible_os_family == 'RedHat') | ternary(60, omit) }}" - name: unzip - state: present - -- name: Extract MySQL Connector/J zip file - unarchive: - src: "{{ mysql_connector_download_dir }}/mysql-connector-java.zip" - dest: "{{ mysql_connector_extract_dir }}" - exclude: - - src - -- name: Copy MySQL Connector/J jar file to correct location - copy: - src: "{{ mysql_connector_local_path }}" - dest: /usr/share/java/mysql-connector-java.jar - remote_src: yes - mode: 0644 - -# MySql on rhel8 fix -- name: Fix MySQL on RHEL8 - when: - - ansible_distribution == "RedHat" - - ansible_distribution_major_version == "8" - block: - - name: Remove mariadb packages if needed - package: - name: mariadb-devel - state: absent - - - name: Install mysql-devel package - package: - name: mysql-devel - state: installed - - - name: Send my_config.h for RHEL 8 - template: - src: my_config.h - dest: /usr/include/mysql/my_config.h - -## TODO Fix for RHEL8 - - name: Install Mysql packages for python - PyMySQL - shell: /usr/local/bin/pip install PyMySQL --force-reinstall --ignore-installed - ignore_errors: true - - diff --git a/roles/prereqs/mysql_connector/templates/my_config.h b/roles/prereqs/mysql_connector/templates/my_config.h deleted file mode 100644 index f5efd7b1..00000000 --- a/roles/prereqs/mysql_connector/templates/my_config.h +++ /dev/null @@ -1,355 +0,0 @@ -/* Copyright (c) 2009, 2021, Oracle and/or its affiliates. - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License, version 2.0, - as published by the Free Software Foundation. - - This program is also distributed with certain software (including - but not limited to OpenSSL) that is licensed under separate terms, - as designated in a particular file or component or in included license - documentation. The authors of MySQL hereby grant you an additional - permission to link the program and your derivative works with the - separately licensed software that they have included with MySQL. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License, version 2.0, for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ - - #ifndef MY_CONFIG_H - #define MY_CONFIG_H - - /* - * From configure.cmake, in order of appearance - */ - - /* Libraries */ - #define HAVE_LIBM 1 - /* #undef HAVE_LIBNSL */ - #define HAVE_LIBCRYPT 1 - /* #undef HAVE_LIBSOCKET */ - #define HAVE_LIBDL 1 - #define HAVE_LIBRT 1 - /* #undef HAVE_LIBWRAP */ - /* #undef HAVE_LIBWRAP_PROTOTYPES */ - - /* Header files */ - #define HAVE_ALLOCA_H 1 - #define HAVE_ARPA_INET_H 1 - #define HAVE_DLFCN_H 1 - #define HAVE_EXECINFO_H 1 - #define HAVE_FPU_CONTROL_H 1 - #define HAVE_GRP_H 1 - #define HAVE_LANGINFO_H 1 - #define HAVE_MALLOC_H 1 - #define HAVE_NETINET_IN_H 1 - #define HAVE_POLL_H 1 - #define HAVE_PWD_H 1 - #define HAVE_STRINGS_H 1 - #define HAVE_SYS_CDEFS_H 1 - #define HAVE_SYS_IOCTL_H 1 - #define HAVE_SYS_MMAN_H 1 - #define HAVE_SYS_PRCTL_H 1 - #define HAVE_SYS_RESOURCE_H 1 - #define HAVE_SYS_SELECT_H 1 - #define HAVE_SYS_SOCKET_H 1 - #define HAVE_TERM_H 1 - #define HAVE_TERMIOS_H 1 - #define HAVE_TERMIO_H 1 - #define HAVE_UNISTD_H 1 - #define HAVE_SYS_WAIT_H 1 - #define HAVE_SYS_PARAM_H 1 - #define HAVE_FNMATCH_H 1 - #define HAVE_SYS_UN_H 1 - #define HAVE_SASL_SASL_H 1 - - /* Functions */ - /* #undef HAVE_ALIGNED_MALLOC */ - #define HAVE_BACKTRACE 1 - #define HAVE_INDEX 1 - #define HAVE_CHOWN 1 - #define HAVE_CUSERID 1 - /* #undef HAVE_DIRECTIO */ - #define HAVE_FTRUNCATE 1 - #define HAVE_FCHMOD 1 - #define HAVE_FCNTL 1 - #define HAVE_FDATASYNC 1 - #define HAVE_DECL_FDATASYNC 1 - #define HAVE_FEDISABLEEXCEPT 1 - #define HAVE_FSYNC 1 - /* #undef HAVE_GETHRTIME */ - #define HAVE_GETPASS 1 - /* #undef HAVE_GETPASSPHRASE */ - #define HAVE_GETPWNAM 1 - #define HAVE_GETPWUID 1 - #define HAVE_GETRUSAGE 1 - #define HAVE_INITGROUPS 1 - /* #undef HAVE_ISSETUGID */ - #define HAVE_GETUID 1 - #define HAVE_GETEUID 1 - #define HAVE_GETGID 1 - #define HAVE_GETEGID 1 - /* #undef HAVE_LSAN_DO_RECOVERABLE_LEAK_CHECK */ - #define HAVE_MADVISE 1 - #define HAVE_MALLOC_INFO 1 - #define HAVE_MLOCK 1 - #define HAVE_MLOCKALL 1 - #define HAVE_MMAP64 1 - #define HAVE_POLL 1 - #define HAVE_POSIX_FALLOCATE 1 - #define HAVE_POSIX_MEMALIGN 1 - #define HAVE_PTHREAD_CONDATTR_SETCLOCK 1 - #define HAVE_PTHREAD_GETAFFINITY_NP 1 - #define HAVE_PTHREAD_SIGMASK 1 - #define HAVE_SLEEP 1 - #define HAVE_STPCPY 1 - #define HAVE_STPNCPY 1 - /* #undef HAVE_STRLCPY */ - /* #undef HAVE_STRLCAT */ - #define HAVE_STRSIGNAL 1 - /* #undef HAVE_TELL */ - #define HAVE_VASPRINTF 1 - #define HAVE_MEMALIGN 1 - #define HAVE_NL_LANGINFO 1 - /* #undef HAVE_HTONLL */ - #define HAVE_EPOLL 1 - - /* WL2373 */ - #define HAVE_SYS_TIME_H 1 - #define HAVE_SYS_TIMES_H 1 - #define HAVE_TIMES 1 - #define HAVE_GETTIMEOFDAY 1 - - /* Symbols */ - #define HAVE_LRAND48 1 - #define GWINSZ_IN_SYS_IOCTL 1 - #define FIONREAD_IN_SYS_IOCTL 1 - /* #undef FIONREAD_IN_SYS_FILIO */ - #define HAVE_MADV_DONTDUMP 1 - #define HAVE_O_TMPFILE - - /* #undef HAVE_KQUEUE */ - #define HAVE_SETNS 1 - /* #undef HAVE_KQUEUE_TIMERS */ - #define HAVE_POSIX_TIMERS 1 - - /* Endianess */ - /* #undef WORDS_BIGENDIAN */ - #define HAVE_ENDIAN_CONVERSION_MACROS 1 - - /* Type sizes */ - #define SIZEOF_VOIDP 8 - #define SIZEOF_CHARP 8 - #define SIZEOF_LONG 8 - #define SIZEOF_SHORT 2 - #define SIZEOF_INT 4 - #define SIZEOF_LONG_LONG 8 - #define SIZEOF_TIME_T 8 - #define HAVE_ULONG 1 - #define HAVE_U_INT32_T 1 - #define HAVE_TM_GMTOFF 1 - - /* Support for tagging symbols with __attribute__((visibility("hidden"))) */ - #define HAVE_VISIBILITY_HIDDEN 1 - - /* Code tests*/ - #define HAVE_CLOCK_GETTIME 1 - #define HAVE_CLOCK_REALTIME 1 - #define STACK_DIRECTION -1 - #define TIME_WITH_SYS_TIME 1 - /* #undef NO_FCNTL_NONBLOCK */ - #define HAVE_PAUSE_INSTRUCTION 1 - /* #undef HAVE_FAKE_PAUSE_INSTRUCTION */ - /* #undef HAVE_HMT_PRIORITY_INSTRUCTION */ - #define HAVE_ABI_CXA_DEMANGLE 1 - #define HAVE_BUILTIN_UNREACHABLE 1 - #define HAVE_BUILTIN_EXPECT 1 - #define HAVE_BUILTIN_STPCPY 1 - #define HAVE_GCC_SYNC_BUILTINS 1 - /* #undef HAVE_VALGRIND */ - #define HAVE_SYS_GETTID 1 - /* #undef HAVE_PTHREAD_GETTHREADID_NP */ - /* #undef HAVE_PTHREAD_THREADID_NP */ - #define HAVE_INTEGER_PTHREAD_SELF 1 - #define HAVE_PTHREAD_SETNAME_NP 1 - - /* IPV6 */ - /* #undef HAVE_NETINET_IN6_H */ - /* #undef HAVE_STRUCT_IN6_ADDR */ - - /* - * Platform specific CMake files - */ - #define MACHINE_TYPE "x86_64" - /* #undef LINUX_ALPINE */ - /* #undef LINUX_SUSE */ - #define HAVE_LINUX_LARGE_PAGES 1 - /* #undef HAVE_SOLARIS_LARGE_PAGES */ - /* #undef HAVE_SOLARIS_ATOMIC */ - /* #undef WITH_SYSTEMD_DEBUG */ - #define SYSTEM_TYPE "Linux" - /* This should mean case insensitive file system */ - /* #undef FN_NO_CASE_SENSE */ - - /* - * From main CMakeLists.txt - */ - /* #undef CHECK_ERRMSG_FORMAT */ - #define MAX_INDEXES 64U - /* #undef WITH_INNODB_MEMCACHED */ - /* #undef ENABLE_MEMCACHED_SASL */ - /* #undef ENABLE_MEMCACHED_SASL_PWDB */ - #define ENABLED_PROFILING 1 - /* #undef HAVE_ASAN */ - /* #undef HAVE_LSAN */ - /* #undef HAVE_UBSAN */ - /* #undef HAVE_TSAN */ - /* #undef ENABLED_LOCAL_INFILE */ - /* #undef KERBEROS_LIB_CONFIGURED */ - #define SCRAM_LIB_CONFIGURED - /* #undef WITH_HYPERGRAPH_OPTIMIZER */ - - /* Lock Order */ - /* #undef WITH_LOCK_ORDER */ - - /* Character sets and collations */ - #define DEFAULT_MYSQL_HOME "/usr/local/mysql" - #define SHAREDIR "/usr/local/mysql/share" - #define DEFAULT_BASEDIR "/usr/local/mysql" - #define MYSQL_DATADIR "/usr/local/mysql/data" - #define MYSQL_KEYRINGDIR "/usr/local/mysql/keyring" - #define DEFAULT_CHARSET_HOME "/usr/local/mysql" - #define PLUGINDIR "/usr/local/mysql/lib/plugin" - #define DEFAULT_SYSCONFDIR "/usr/local/mysql/etc" - #define DEFAULT_TMPDIR P_tmpdir - /* - * Readline - */ - #define HAVE_MBSTATE_T - #define HAVE_LANGINFO_CODESET - #define HAVE_WCSDUP - #define HAVE_WCHAR_T 1 - #define HAVE_WINT_T 1 - #define HAVE_CURSES_H 1 - /* #undef HAVE_NCURSES_H */ - #define USE_LIBEDIT_INTERFACE 1 - #define HAVE_HIST_ENTRY 1 - #define USE_NEW_EDITLINE_INTERFACE 1 - #define EDITLINE_HAVE_COMPLETION_CHAR 1 - /* #undef EDITLINE_HAVE_COMPLETION_INT */ - - - /* - * Libedit - */ - #define HAVE_GETLINE 1 - /* #undef HAVE___SECURE_GETENV */ - #define HAVE_SECURE_GETENV 1 - /* #undef HAVE_VIS */ - /* #undef HAVE_UNVIS */ - /* #undef HAVE_GETPW_R_DRAFT */ - #define HAVE_GETPW_R_POSIX - - /* - * Character sets - */ - #define MYSQL_DEFAULT_CHARSET_NAME "utf8mb4" - #define MYSQL_DEFAULT_COLLATION_NAME "utf8mb4_0900_ai_ci" - - /* - * Performance schema - */ - #define WITH_PERFSCHEMA_STORAGE_ENGINE 1 - /* #undef DISABLE_PSI_THREAD */ - /* #undef DISABLE_PSI_MUTEX */ - /* #undef DISABLE_PSI_RWLOCK */ - /* #undef DISABLE_PSI_COND */ - /* #undef DISABLE_PSI_FILE */ - /* #undef DISABLE_PSI_TABLE */ - /* #undef DISABLE_PSI_SOCKET */ - /* #undef DISABLE_PSI_STAGE */ - /* #undef DISABLE_PSI_STATEMENT */ - /* #undef DISABLE_PSI_SP */ - /* #undef DISABLE_PSI_PS */ - /* #undef DISABLE_PSI_IDLE */ - /* #undef DISABLE_PSI_ERROR */ - /* #undef DISABLE_PSI_STATEMENT_DIGEST */ - /* #undef DISABLE_PSI_METADATA */ - /* #undef DISABLE_PSI_MEMORY */ - /* #undef DISABLE_PSI_TRANSACTION */ - - /* - * MySQL version - */ - #define MYSQL_VERSION_MAJOR 8 - #define MYSQL_VERSION_MINOR 0 - #define MYSQL_VERSION_PATCH 25 - #define MYSQL_VERSION_EXTRA "" - #define PACKAGE "mysql" - #define PACKAGE_VERSION "8.0.25" - #define VERSION "8.0.25" - #define PROTOCOL_VERSION 10 - - /* - * CPU info - */ - #define CPU_LEVEL1_DCACHE_LINESIZE 64 - - - /* - * NDB - */ - /* #undef HAVE_GETRLIMIT */ - /* #undef WITH_NDBCLUSTER_STORAGE_ENGINE */ - /* #undef HAVE_PTHREAD_SETSCHEDPARAM */ - - /* - * Other - */ - /* #undef EXTRA_DEBUG */ - #define HANDLE_FATAL_SIGNALS 1 - - /* - * Hardcoded values needed by libevent/NDB/memcached - */ - #define HAVE_FCNTL_H 1 - #define HAVE_GETADDRINFO 1 - #define HAVE_INTTYPES_H 1 - /* libevent's select.c is not Windows compatible */ - #ifndef _WIN32 - #define HAVE_SELECT 1 - #endif - #define HAVE_SIGNAL_H 1 - #define HAVE_STDARG_H 1 - #define HAVE_STDINT_H 1 - #define HAVE_STDLIB_H 1 - #define HAVE_STRTOK_R 1 - #define HAVE_STRTOLL 1 - #define HAVE_SYS_STAT_H 1 - #define HAVE_SYS_TYPES_H 1 - #define SIZEOF_CHAR 1 - - /* For --secure-file-priv */ - #define DEFAULT_SECURE_FILE_PRIV_DIR "NULL" - #define HAVE_LIBNUMA 1 - - /* For default value of --early_plugin_load */ - /* #undef DEFAULT_EARLY_PLUGIN_LOAD */ - - /* For default value of --partial_revokes */ - #define DEFAULT_PARTIAL_REVOKES 0 - - #define SO_EXT ".so" - - - /* From libmysql/CMakeLists.txt */ - #define HAVE_UNIX_DNS_SRV 1 - /* #undef HAVE_WIN32_DNS_SRV */ - - /* ARM crc32 support */ - /* #undef HAVE_ARMV8_CRC32_INTRINSIC */ - - #endif \ No newline at end of file diff --git a/roles/prereqs/oracle_connector/defaults/main.yml b/roles/prereqs/oracle_connector/defaults/main.yml deleted file mode 100644 index f42e3c77..00000000 --- a/roles/prereqs/oracle_connector/defaults/main.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -maven_repo: "https://repo1.maven.org/maven2" - -oracle_connector_group_id: com.oracle.database.jdbc -oracle_connector_artifact_id: ojdbc8 -oracle_connector_version: 19.7.0.0 -oracle_connector_maven_url: "{{ maven_repo }}" diff --git a/roles/prereqs/oracle_connector/meta/main.yml b/roles/prereqs/oracle_connector/meta/main.yml deleted file mode 100644 index 016374de..00000000 --- a/roles/prereqs/oracle_connector/meta/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -dependencies: - - role: cloudera.cluster.deployment.definition diff --git a/roles/prereqs/oracle_connector/tasks/main.yml b/roles/prereqs/oracle_connector/tasks/main.yml deleted file mode 100644 index e455a107..00000000 --- a/roles/prereqs/oracle_connector/tasks/main.yml +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Setup the Oracle JDBC Driver - block: - - - name: Download Oracle Connector - maven_artifact: - group_id: "{{ oracle_connector_group_id }}" - artifact_id: "{{ oracle_connector_artifact_id }}" - version: "{{ oracle_connector_version }}" - dest: "{{ local_temp_dir }}/{{ oracle_connector_artifact_id }}-connector-java-{{ oracle_connector_version }}.jar" - repository_url: "{{ oracle_connector_maven_url }}" - become: no - run_once: true - connection: local - delegate_to: localhost - - - name: Create /usr/share/java directory - file: - path: /usr/share/java - state: directory - mode: 0755 - - - name: Copy Oracle Connector jar file to correct location - copy: - src: "{{ local_temp_dir }}/{{ oracle_connector_artifact_id }}-connector-java-{{ oracle_connector_version }}.jar" - dest: /usr/share/java/oracle-connector-java.jar - mode: 0644 - - when: - - not (skip_oracle_jdbc_driver_distribution | default(False)) - - oracle_connector_maven_url is defined - - oracle_connector_maven_url != '' - -- name: Ensure directory for the instantclient - file: - path: /usr/share/oracle/instantclient/lib - state: directory - mode: 0755 - when: - - oracle_instantclient_basic_zip is defined - - oracle_instantclient_sdk_zip is defined - -- name: Ensure unzip is available - ansible.builtin.package: - lock_timeout: "{{ (ansible_os_family == 'RedHat') | ternary(60, omit) }}" - name: unzip - state: present - when: - - oracle_instantclient_basic_zip is defined - - oracle_instantclient_sdk_zip is defined - -- name: Unarchive basic instantclient - unarchive: - src: "{{ oracle_instantclient_basic_zip }}" - dest: /usr/share/oracle/instantclient/lib - extra_opts: [ "-j" ] - when: oracle_instantclient_basic_zip is defined - -- name: Unarchive sdk instantclient - unarchive: - src: "{{ oracle_instantclient_sdk_zip }}" - dest: /usr/share/oracle/instantclient/lib - extra_opts: [ "-j" ] - when: oracle_instantclient_sdk_zip is defined - -- name: Install the libaio package - ansible.builtin.package: - lock_timeout: "{{ (ansible_os_family == 'RedHat') | ternary(60, omit) }}" - name: libaio - state: present diff --git a/roles/prereqs/os/tasks/main-RedHat.yml b/roles/prereqs/os/tasks/main-RedHat.yml index 1f570e26..2c505ff2 100644 --- a/roles/prereqs/os/tasks/main-RedHat.yml +++ b/roles/prereqs/os/tasks/main-RedHat.yml @@ -36,7 +36,7 @@ # leaving as separate group for when py2 is finally deprecated - name: Setup System python2 on Rhel8 when: - - ansible_distribution_major_version | int >= 8 + - needs_python2 block: - name: Check if Python2 is installed so we don't end up with multiple versions shell: python2 --version diff --git a/roles/prereqs/os/tasks/main.yml b/roles/prereqs/os/tasks/main.yml index 378b2cf9..71cbea18 100644 --- a/roles/prereqs/os/tasks/main.yml +++ b/roles/prereqs/os/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. +# Copyright 2024 Cloudera, Inc. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ - name: Include variables include_vars: - file: "{{ ansible_os_family }}.yml" + file: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" - name: Apply OS-specific configurations include_tasks: diff --git a/roles/infrastructure/rdbms/vars/mysql-RedHat.yml b/roles/prereqs/os/vars/RedHat-7.yml similarity index 72% rename from roles/infrastructure/rdbms/vars/mysql-RedHat.yml rename to roles/prereqs/os/vars/RedHat-7.yml index 22d6eb17..3a4b0cf1 100644 --- a/roles/infrastructure/rdbms/vars/mysql-RedHat.yml +++ b/roles/prereqs/os/vars/RedHat-7.yml @@ -1,4 +1,4 @@ -# Copyright 2023 Cloudera, Inc. +v# Copyright 2024 Cloudera, Inc. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +14,11 @@ --- -mysql_packages: - - mysql - - mysql-server \ No newline at end of file +dns_package: bind-utils +nscd_package: nscd +nscd_service: nscd +ntp_package: ntp +ntp_service: ntpd +rngd_package: rng-tools +rngd_service: rngd +needs_python2: True \ No newline at end of file diff --git a/roles/prereqs/os/vars/RedHat.yml b/roles/prereqs/os/vars/RedHat-8.yml similarity index 90% rename from roles/prereqs/os/vars/RedHat.yml rename to roles/prereqs/os/vars/RedHat-8.yml index da449ab5..0329c92d 100644 --- a/roles/prereqs/os/vars/RedHat.yml +++ b/roles/prereqs/os/vars/RedHat-8.yml @@ -1,4 +1,4 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. +# Copyright 2024 Cloudera, Inc. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,3 +21,4 @@ ntp_package: ntp ntp_service: ntpd rngd_package: rng-tools rngd_service: rngd +needs_python2: True \ No newline at end of file diff --git a/roles/infrastructure/rdbms/handlers/main.yml b/roles/prereqs/os/vars/RedHat-9.yml similarity index 79% rename from roles/infrastructure/rdbms/handlers/main.yml rename to roles/prereqs/os/vars/RedHat-9.yml index 034c8b04..86e25f38 100644 --- a/roles/infrastructure/rdbms/handlers/main.yml +++ b/roles/prereqs/os/vars/RedHat-9.yml @@ -14,5 +14,11 @@ --- -- name: yum clean metadata - ansible.builtin.command: yum clean metadata +dns_package: bind-utils +nscd_package: nscd +nscd_service: nscd +ntp_package: ntp +ntp_service: ntpd +rngd_package: rng-tools +rngd_service: rngd +needs_python2: False \ No newline at end of file diff --git a/roles/prereqs/postgresql_connector/defaults/main.yml b/roles/prereqs/postgresql_connector/defaults/main.yml deleted file mode 100644 index c61d17ed..00000000 --- a/roles/prereqs/postgresql_connector/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -postgresql_connector_url: https://jdbc.postgresql.org/download/postgresql-42.3.3.jar -postgresql_connector_checksum: md5:bef0b2e1c6edcd8647c24bed31e1a4ac -install_py3_psycopg2: false \ No newline at end of file diff --git a/roles/prereqs/postgresql_connector/meta/main.yml b/roles/prereqs/postgresql_connector/meta/main.yml deleted file mode 100644 index 016374de..00000000 --- a/roles/prereqs/postgresql_connector/meta/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -dependencies: - - role: cloudera.cluster.deployment.definition diff --git a/roles/prereqs/postgresql_connector/tasks/main.yml b/roles/prereqs/postgresql_connector/tasks/main.yml deleted file mode 100644 index 20877c42..00000000 --- a/roles/prereqs/postgresql_connector/tasks/main.yml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2023 Cloudera, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- - -- name: Download PostgreSQL Connector - get_url: - url: "{{ postgresql_connector_url }}" - dest: "{{ local_temp_dir }}/postgresql-connector-java.jar" - checksum: "{{ postgresql_connector_checksum }}" - mode: 0644 - become: no - run_once: true - delegate_to: localhost - -- name: Create /usr/share/java directory - file: - path: /usr/share/java - state: directory - mode: 0755 - -- name: Copy PostgreSQL Connector jar file to correct location - copy: - src: "{{ local_temp_dir }}/postgresql-connector-java.jar" - dest: /usr/share/java/postgresql-connector-java.jar - mode: 0644 - -# SSB will need the python3-psycopg2 connector - -- name: Create python3-psycopg2 directory - file: - path: "/usr/share/python3" - state: directory - mode: '777' - when: install_py3_psycopg2 == true - -- name: Install python3-psycopg2 - shell: "pip3 install psycopg2-binary==2.8.5 -t /usr/share/python3" - when: install_py3_psycopg2 == true \ No newline at end of file diff --git a/roles/prereqs/pvc_ecs/tasks/main.yml b/roles/prereqs/pvc_ecs/tasks/main.yml index 2e269c4e..5d137fe8 100644 --- a/roles/prereqs/pvc_ecs/tasks/main.yml +++ b/roles/prereqs/pvc_ecs/tasks/main.yml @@ -38,20 +38,53 @@ - name: Install iptables for rhel7 ansible.builtin.package: lock_timeout: 180 - name: "{{ __iptables_item }}" + name: "iptables" update_cache: yes state: present - loop: - - iptables - loop_control: - loop_var: __iptables_item - name: Setup iptables for rhel8 - when: ansible_distribution_major_version | int >= 8 + when: + - ansible_distribution_major_version | int == 8 block: - name: Install iptables for rhel8, using rpm option tsflags=noscripts ansible.builtin.command: dnf install -y iptables --setopt=tsflags=noscripts +- name: Setup deprecated iptables for rhel9 + when: + - ansible_distribution_major_version | int >= 9 + block: + - name: Install iptables for rhel9, using rpm option tsflags=noscripts + ansible.builtin.command: dnf install -y iptables --setopt=tsflags=noscripts + + - name: Check for existence of lnk /usr/sbin/iptables-nft + ansible.builtin.stat: + path: /usr/sbin/iptables-nft + register: iptables_nft + + - name: Create symlink for iptables + ansible.builtin.file: + path: /usr/sbin/iptables + src: /usr/sbin/iptables-nft + state: link + follow: false + when: iptables_nft.stat.islnk + + - name: Create symlink for iptables-save + ansible.builtin.file: + path: /usr/sbin/iptables-save + src: /usr/sbin/iptables-nft-save + state: link + follow: false + when: iptables_nft.stat.islnk + + - name: Create symlink for iptables-restore + ansible.builtin.file: + path: /usr/sbin/iptables-restore + src: /usr/sbin/iptables-nft-restore + state: link + follow: false + when: iptables_nft.stat.islnk + - name: Flush iptables ansible.builtin.iptables: flush: yes @@ -73,15 +106,11 @@ owner: root group: root mode: 0644 - when: - - ansible_distribution_major_version|int >= 7 - - ansible_facts.services["NetworkManager.service"]['status'] != "not-found" + when: ansible_facts.services["NetworkManager.service"]['status'] != "not-found" - name: Reload NetworkManager daemon ansible.builtin.service: state: restarted daemon_reload: true name: NetworkManager.service - when: - - ansible_distribution_major_version|int >= 7 - - ansible_facts.services["NetworkManager.service"]['status'] != "not-found" + when: ansible_facts.services["NetworkManager.service"]['status'] != "not-found" diff --git a/roles/prereqs/user_accounts/tasks/main.yml b/roles/prereqs/user_accounts/tasks/main.yml index 45117bed..90c7d686 100644 --- a/roles/prereqs/user_accounts/tasks/main.yml +++ b/roles/prereqs/user_accounts/tasks/main.yml @@ -35,7 +35,9 @@ - set_fact: local_accounts: "{{ local_accounts | union(mariadb_accounts) }}" - when: '"db_server" in group_names and database_type == "mariadb"' + when: + - '"db_server" in group_names' + - database_type == "mysql" or database_type == "mariadb" - name: Create local user accounts ansible.builtin.user: