X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/dd43ee307485fbac969dac6944373b2158003211..b68187fc95272d0d940e2fa6eb9ef8c4efd25048:/cookbooks/planet/recipes/replication.rb diff --git a/cookbooks/planet/recipes/replication.rb b/cookbooks/planet/recipes/replication.rb index 2d9dc4f4b..0a25ad959 100644 --- a/cookbooks/planet/recipes/replication.rb +++ b/cookbooks/planet/recipes/replication.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: planet +# Cookbook:: planet # Recipe:: dump # -# Copyright 2013, OpenStreetMap Foundation +# Copyright:: 2013, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,89 +17,432 @@ # limitations under the License. # +require "yaml" + +include_recipe "accounts" +include_recipe "apt" include_recipe "osmosis" +include_recipe "planet::aws" +include_recipe "ruby" +include_recipe "tools" db_passwords = data_bag_item("db", "passwords") -package "ruby" -package "ruby-libxml" +## Install required packages + +package %w[ + postgresql-client + ruby-libxml + make + gcc + libc6-dev + libpq-dev + osmdbt +] + +gem_package "pg" do + gem_binary node[:ruby][:gem] +end + +## Build preload library to flush files + +remote_directory "/opt/flush" do + source "flush" + owner "root" + group "root" + mode "755" + files_owner "root" + files_group "root" + files_mode "755" +end + +execute "/opt/flush/Makefile" do + action :nothing + command "make" + cwd "/opt/flush" + user "root" + group "root" + subscribes :run, "remote_directory[/opt/flush]" +end + +## Install scripts + +remote_directory "/usr/local/bin" do + source "replication-bin" + owner "root" + group "root" + mode "755" + files_owner "root" + files_group "root" + files_mode "755" +end + +template "/usr/local/bin/users-agreed" do + source "users-agreed.erb" + owner "root" + group "root" + mode "755" +end + +template "/usr/local/bin/users-deleted" do + source "users-deleted.erb" + owner "root" + group "root" + mode "755" +end -gem_package "pg" +## Published deleted users directory -template "/usr/local/bin/replicate-changesets" do - source "changesets.bin.erb" +remote_directory "/store/planet/users_deleted" do + source "users_deleted" + owner "planet" + group "planet" + mode "755" + files_owner "root" + files_group "root" + files_mode "644" +end + +## Published replication directory + +remote_directory "/store/planet/replication" do + source "replication-cgi" owner "root" group "root" - mode 0755 + mode "755" + files_owner "root" + files_group "root" + files_mode "755" end +## Configuration directory + directory "/etc/replication" do owner "root" group "root" - mode 0755 + mode "755" end -template "/etc/replication/auth.conf" do - source "replication.auth.erb" - user "root" +## Transient state directory + +systemd_tmpfile "/run/replication" do + type "d" + owner "planet" group "planet" - mode 0640 + mode "755" +end + +## Persistent state directory + +directory "/var/lib/replication" do + owner "planet" + group "planet" + mode "755" +end + +## Temporary directory + +directory "/store/replication" do + owner "planet" + group "planet" + mode "755" +end + +## Users replication + +template "/etc/replication/users-agreed.conf" do + source "users-agreed.conf.erb" + user "planet" + group "planet" + mode "600" variables :password => db_passwords["planetdiff"] end +systemd_service "users-agreed" do + description "Update list of users accepting CTs" + user "planet" + exec_start "/usr/local/bin/users-agreed" + nice 10 + sandbox :enable_network => true + read_write_paths "/store/planet/users_agreed" +end + +systemd_timer "users-agreed" do + description "Update list of users accepting CTs" + on_calendar "7:00" +end + +systemd_service "users-deleted" do + description "Update list of deleted users" + user "planet" + exec_start "/usr/local/bin/users-deleted" + nice 10 + sandbox :enable_network => true + read_write_paths "/store/planet/users_deleted" +end + +systemd_timer "users-deleted" do + description "Update list of deleted users" + on_calendar "17:00" +end + +## Changeset replication + +directory "/store/planet/replication/changesets" do + owner "planet" + group "planet" + mode "755" +end + template "/etc/replication/changesets.conf" do source "changesets.conf.erb" user "root" group "planet" - mode 0640 + mode "640" variables :password => db_passwords["planetdiff"] end -directory "/var/lib/replication" do +systemd_service "replication-changesets" do + description "Changesets replication" + user "planet" + exec_start "/usr/local/bin/replicate-changesets /etc/replication/changesets.conf" + sandbox :enable_network => true + read_write_paths [ + "/home/planet/.aws", + "/run/replication", + "/store/planet/replication/changesets" + ] +end + +systemd_timer "replication-changesets" do + description "Changesets replication" + on_boot_sec 60 + on_unit_active_sec 60 + accuracy_sec 5 +end + +## Minutely replication + +directory "/store/planet/replication/minute" do owner "planet" group "planet" - mode 0755 + mode "755" +end + +directory "/var/lib/replication/minute" do + owner "planet" + group "planet" + mode "755" +end + +directory "/store/replication/minute" do + owner "planet" + group "planet" + mode "755" +end + +osmdbt_config = { + "database" => { + "host" => node[:web][:database_host], + "dbname" => "openstreetmap", + "user" => "planetdiff", + "password" => db_passwords["planetdiff"], + "replication_slot" => "osmdbt" + }, + "log_dir" => "/var/lib/replication/minute", + "changes_dir" => "/store/planet/replication/minute", + "tmp_dir" => "/store/replication/minute", + "run_dir" => "/run/replication" +} + +file "/etc/replication/osmdbt-config.yaml" do + user "root" + group "planet" + mode "640" + content YAML.dump(osmdbt_config) +end + +systemd_service "replication-minutely" do + description "Minutely replication" + user "planet" + working_directory "/etc/replication" + exec_start "/usr/local/bin/replicate-minute" + sandbox :enable_network => true + read_write_paths [ + "/run/replication", + "/store", + "/var/lib/replication/minute" + ] +end + +systemd_timer "replication-minutely" do + description "Minutely replication" + on_boot_sec 60 + on_unit_active_sec 60 + accuracy_sec 5 +end + +## Hourly replication + +directory "/store/planet/replication/hour" do + owner "planet" + group "planet" + mode "755" end directory "/var/lib/replication/hour" do owner "planet" group "planet" - mode 0755 + mode "755" +end + +link "/var/lib/replication/hour/data" do + to "/store/planet/replication/hour" end template "/var/lib/replication/hour/configuration.txt" do source "replication.config.erb" owner "planet" group "planet" - mode 0644 + mode "644" variables :base => "minute", :interval => 3600 end -link "/var/lib/replication/hour/data" do - to "/store/planet/replication/hour" +systemd_service "replication-hourly" do + description "Hourly replication" + user "planet" + exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/hour" + environment "LD_PRELOAD" => "/opt/flush/flush.so" + sandbox :enable_network => true + memory_deny_write_execute false + read_write_paths [ + "/store/planet/replication/hour", + "/var/lib/replication/hour" + ] +end + +systemd_timer "replication-hourly" do + description "Hourly replication" + on_calendar "*-*-* *:02/15:00" +end + +## Daily replication + +directory "/store/planet/replication/day" do + owner "planet" + group "planet" + mode "755" end directory "/var/lib/replication/day" do owner "planet" group "planet" - mode 0755 + mode "755" end -template "/var/lib/replication/hour/configuration.txt" do +link "/var/lib/replication/day/data" do + to "/store/planet/replication/day" +end + +template "/var/lib/replication/day/configuration.txt" do source "replication.config.erb" owner "planet" group "planet" - mode 0644 + mode "644" variables :base => "hour", :interval => 86400 end -link "/var/lib/replication/day/data" do - to "/store/planet/replication/day" +systemd_service "replication-daily" do + description "Daily replication" + user "planet" + exec_start "/usr/local/bin/osmosis -q --merge-replication-files workingDirectory=/var/lib/replication/day" + environment "LD_PRELOAD" => "/opt/flush/flush.so" + sandbox :enable_network => true + memory_deny_write_execute false + read_write_paths [ + "/store/planet/replication/day", + "/var/lib/replication/day" + ] end -template "/etc/cron.d/replication" do - source "replication.cron.erb" - owner "root" - group "root" - mode 0644 +systemd_timer "replication-daily" do + description "Daily replication" + on_calendar "*-*-* *:02/15:00" +end + +## Replication cleanup + +systemd_service "replication-cleanup" do + description "Cleanup replication" + user "planet" + exec_start "/usr/local/bin/replicate-cleanup" + sandbox true + read_write_paths "/var/lib/replication" +end + +systemd_timer "replication-cleanup" do + description "Cleanup replication" + on_boot_sec 60 + on_unit_active_sec 86400 + accuracy_sec 1800 +end + +## Enable/disable feeds + +if node[:planet][:replication] == "enabled" + service "users-agreed.timer" do + action [:enable, :start] + end + + service "users-deleted.timer" do + action [:enable, :start] + end + + service "replication-changesets.timer" do + action [:enable, :start] + end + + service "replication-minutely.timer" do + action [:enable, :start] + end + + service "replication-hourly.timer" do + action [:enable, :start] + end + + service "replication-daily.timer" do + action [:enable, :start] + end + + service "replication-cleanup.timer" do + action [:enable, :start] + end +else + service "users-agreed.timer" do + action [:stop, :disable] + end + + service "users-deleted.timer" do + action [:stop, :disable] + end + + service "replication-changesets.timer" do + action [:stop, :disable] + end + + service "replication-minutely.timer" do + action [:stop, :disable] + end + + service "replication-hourly.timer" do + action [:stop, :disable] + end + + service "replication-daily.timer" do + action [:stop, :disable] + end + + service "replication-cleanup.timer" do + action [:stop, :disable] + end end