From 85663b159867c4bd5666897b772f05bf8273ed86 Mon Sep 17 00:00:00 2001
From: liubo <liubo@pingcap.com>
Date: Fri, 6 Sep 2019 14:04:57 +0800
Subject: [PATCH 1/2] Add config check

---
 deploy.yml                                    |  7 +++
 roles/check_config/tasks/check_pd_config.yml  | 43 +++++++++++++++++
 .../check_config/tasks/check_tidb_config.yml  | 40 ++++++++++++++++
 .../check_config/tasks/check_tikv_config.yml  | 46 +++++++++++++++++++
 roles/check_config/tasks/main.yml             | 19 ++++++++
 rolling_update.yml                            |  7 +++
 6 files changed, 162 insertions(+)
 create mode 100644 roles/check_config/tasks/check_pd_config.yml
 create mode 100644 roles/check_config/tasks/check_tidb_config.yml
 create mode 100644 roles/check_config/tasks/check_tikv_config.yml
 create mode 100644 roles/check_config/tasks/main.yml

diff --git a/deploy.yml b/deploy.yml
index 37383f7cd..a46ac8d2e 100644
--- a/deploy.yml
+++ b/deploy.yml
@@ -38,6 +38,13 @@
   roles:
     - check_config_dynamic
 
+- name: Pre-check for configuration
+  hosts: pd_servers[0]
+  tags:
+    - check_config
+  roles:
+    - check_config
+
 - name: deploying node_exporter
   hosts: monitored_servers
   tags:
diff --git a/roles/check_config/tasks/check_pd_config.yml b/roles/check_config/tasks/check_pd_config.yml
new file mode 100644
index 000000000..8fc528097
--- /dev/null
+++ b/roles/check_config/tasks/check_pd_config.yml
@@ -0,0 +1,43 @@
+---
+
+- name: Load PD vars
+  include_vars: file={{ playbook_dir }}/roles/pd/defaults/main.yml
+
+- name: "Load customized config: tidb-ansible/conf/pd.yml"
+  include_vars: file={{ playbook_dir }}/conf/pd.yml name=pd_conf_custom
+
+- name: Load default config
+  include_vars: file={{ playbook_dir }}/roles/pd/vars/default.yml name=pd_conf_default
+
+- name: Generate dynamic config
+  set_fact:
+    pd_conf_generated:
+      replication:
+        location-labels: "{{ location_labels }}"
+      security:
+        cacert-path: >-
+          {%- if enable_tls|default(false) -%}{{ pd_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
+        cert-path: >-
+          {%- if enable_tls|default(false) -%}{{ pd_cert_dir }}/pd-server-{{ pd_host }}.pem{%- else -%}{%- endif -%}
+        key-path: >-
+          {%- if enable_tls|default(false) -%}{{ pd_cert_dir }}/pd-server-{{ pd_host }}-key.pem{%- else -%}{%- endif -%}
+
+- name: Generate final config
+  set_fact:
+    pd_conf: "{{ pd_conf_custom | with_default_dicts(pd_conf_generated, pd_conf_default) }}"
+
+- name: Create configuration file
+  template: src={{ playbook_dir }}/roles/pd/templates/pd.toml.j2 dest={{ tidb_check_dir }}/pd.toml mode=0644 backup=yes
+  register: pd_conf_st
+
+- name: Deploy PD binary
+  copy: src="{{ resources_dir }}/bin/pd-server" dest="{{ tidb_check_dir }}/" mode=0755 backup=yes
+
+- name: Check PD config
+  shell: cd {{ tidb_check_dir }} && ./pd-server -config ./pd.toml -config-check
+  register: pd_check_result
+
+- name: Check result
+  fail:
+    msg: "PD config error"
+  when: "'successful' not in pd_check_result.stdout"
diff --git a/roles/check_config/tasks/check_tidb_config.yml b/roles/check_config/tasks/check_tidb_config.yml
new file mode 100644
index 000000000..43f75f914
--- /dev/null
+++ b/roles/check_config/tasks/check_tidb_config.yml
@@ -0,0 +1,40 @@
+---
+
+- name: Load TiDB vars
+  include_vars: file={{ playbook_dir }}/roles/tidb/defaults/main.yml
+
+- name: "Load customized config: tidb-ansible/conf/tidb.yml"
+  include_vars: file={{ playbook_dir }}/conf/tidb.yml name=tidb_conf_custom
+
+- name: Load default config
+  include_vars: file={{ playbook_dir }}/roles/tidb/vars/default.yml name=tidb_conf_default
+
+- name: generate dynamic config
+  set_fact:
+    tidb_conf_generated:
+      security:
+        cluster-ssl-ca: >-
+          {%- if enable_tls|default(false) -%}{{ tidb_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
+        cluster-ssl-cert: >-
+          {%- if enable_tls|default(false) -%}{{ tidb_cert_dir }}/tidb-server-{{ tidb_host }}.pem{%- else -%}{%- endif -%}
+        cluster-ssl-key: >-
+          {%- if enable_tls|default(false) -%}{{ tidb_cert_dir }}/tidb-server-{{ tidb_host }}-key.pem{%- else -%}{%- endif -%}
+
+- name: Generate final config
+  set_fact:
+    tidb_conf: "{{ tidb_conf_custom | with_default_dicts(tidb_conf_generated, tidb_conf_default) }}"
+
+- name: Create configuration file
+  template: src={{ playbook_dir }}/roles/tidb/templates/tidb.toml.j2 dest={{ tidb_check_dir }}/tidb.toml mode=0644 backup=yes
+
+- name: Deploy TiDB binary
+  copy: src="{{ resources_dir }}/bin/tidb-server" dest="{{ tidb_check_dir }}/" mode=0755 backup=yes
+
+- name: Check TiDB config
+  shell: cd {{ tidb_check_dir }} && ./tidb-server -config ./tidb.toml -config-check
+  register: tidb_check_result
+
+- name: Check result
+  fail:
+    msg: "TiDB config error"
+  when: "'successful' not in tidb_check_result.stdout"
diff --git a/roles/check_config/tasks/check_tikv_config.yml b/roles/check_config/tasks/check_tikv_config.yml
new file mode 100644
index 000000000..97849928b
--- /dev/null
+++ b/roles/check_config/tasks/check_tikv_config.yml
@@ -0,0 +1,46 @@
+---
+
+- name: Load TiKV vars
+  include_vars: file={{ playbook_dir }}/roles/tikv/defaults/main.yml
+
+- name: "Load customized config: tidb-ansible/conf/tikv.yml"
+  include_vars: file={{ playbook_dir }}/conf/tikv.yml name=tikv_conf_custom
+
+- name: Load default config
+  include_vars: file={{ playbook_dir }}/roles/tikv/vars/default.yml name=tikv_conf_default
+
+- name: generate dynamic config
+  set_fact:
+    tikv_conf_generated:
+      server:
+        labels: "{{ labels }}"
+      rocksdb:
+        wal-dir: "{{ wal_dir }}"
+      raftstore:
+        raftdb-path: "{{ raftdb_path }}"
+      security:
+        ca-path: >-
+          {%- if enable_tls|default(false) -%}{{ tikv_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
+        cert-path: >-
+          {%- if enable_tls|default(false) -%}{{ tikv_cert_dir }}/tikv-server-{{ tikv_host }}.pem{%- else -%}{%- endif -%}
+        key-path: >-
+          {%- if enable_tls|default(false) -%}{{ tikv_cert_dir }}/tikv-server-{{ tikv_host }}-key.pem{%- else -%}{%- endif -%}
+
+- name: Generate final config
+  set_fact:
+    tikv_conf: "{{ tikv_conf_custom | with_default_dicts(tikv_conf_generated, tikv_conf_default) }}"
+
+- name: Create configuration file
+  template: src={{ playbook_dir }}/roles/tikv/templates/tikv.toml.j2 dest={{ tidb_check_dir }}/tikv.toml mode=0644 backup=yes
+
+- name: Deploy TiKV binary
+  copy: src="{{ resources_dir }}/bin/tikv-server" dest="{{ tidb_check_dir }}/" mode=0755 backup=yes
+
+- name: Check TiKV config
+  shell: cd {{ tidb_check_dir }} && ./tikv-server --pd-endpoints pd:port --config ./tikv.toml --config-check
+  register: tikv_check_result
+
+- name: Check result
+  fail:
+    msg: "TiKV config error"
+  when: "'successful' not in tikv_check_result.stdout"
diff --git a/roles/check_config/tasks/main.yml b/roles/check_config/tasks/main.yml
new file mode 100644
index 000000000..101910637
--- /dev/null
+++ b/roles/check_config/tasks/main.yml
@@ -0,0 +1,19 @@
+---
+
+- set_fact:
+    tidb_check_dir: "/tmp/tidb_check_config"
+
+- name: Create temporary check directory
+  file: name={{ tidb_check_dir }} state=directory
+
+- name: Check PD config
+  include_tasks: check_pd_config.yml
+
+- name: Check TiKV config
+  include_tasks: check_tikv_config.yml
+
+- name: Check TiDB config
+  include_tasks: check_tidb_config.yml
+
+- name: Delete temporary check directory
+  file: name={{ tidb_check_dir }} state=absent
diff --git a/rolling_update.yml b/rolling_update.yml
index e4d5dfaee..1d9d25468 100644
--- a/rolling_update.yml
+++ b/rolling_update.yml
@@ -55,6 +55,13 @@
         - current_version.stdout_lines[0].replace(' ','').split(':')[1] < "v2.0.1"
         - tidb_version >= "v2.1.0" or tidb_version == "latest"
 
+- name: Pre-check for configuration
+  hosts: pd_servers[0]
+  tags:
+    - check_config
+  roles:
+    - check_config
+
 - hosts: pd_servers[0]
   any_errors_fatal: true
   serial: 1

From 68fa06a232d419333612b3d32493a9a6de1ebeea Mon Sep 17 00:00:00 2001
From: liubo <liubo@pingcap.com>
Date: Mon, 23 Sep 2019 18:32:56 +0800
Subject: [PATCH 2/2] Update config check (#971)

---
 roles/check_config/tasks/check_pd_config.yml  | 13 ++++++-------
 .../check_config/tasks/check_tidb_config.yml  | 15 +++++++++------
 .../check_config/tasks/check_tikv_config.yml  | 19 +++++++++++--------
 3 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/roles/check_config/tasks/check_pd_config.yml b/roles/check_config/tasks/check_pd_config.yml
index 8fc528097..b6093389d 100644
--- a/roles/check_config/tasks/check_pd_config.yml
+++ b/roles/check_config/tasks/check_pd_config.yml
@@ -1,19 +1,19 @@
 ---
 
 - name: Load PD vars
-  include_vars: file={{ playbook_dir }}/roles/pd/defaults/main.yml
+  include_vars: file={{ playbook_dir }}/roles/pd/defaults/main.yml name=pd_vars_check
 
 - name: "Load customized config: tidb-ansible/conf/pd.yml"
-  include_vars: file={{ playbook_dir }}/conf/pd.yml name=pd_conf_custom
+  include_vars: file={{ playbook_dir }}/conf/pd.yml name=pd_conf_custom_check
 
 - name: Load default config
-  include_vars: file={{ playbook_dir }}/roles/pd/vars/default.yml name=pd_conf_default
+  include_vars: file={{ playbook_dir }}/roles/pd/vars/default.yml name=pd_conf_default_check
 
 - name: Generate dynamic config
   set_fact:
-    pd_conf_generated:
+    pd_conf_generated_check:
       replication:
-        location-labels: "{{ location_labels }}"
+        location-labels: "{{ pd_vars_check.location_labels }}"
       security:
         cacert-path: >-
           {%- if enable_tls|default(false) -%}{{ pd_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
@@ -24,11 +24,10 @@
 
 - name: Generate final config
   set_fact:
-    pd_conf: "{{ pd_conf_custom | with_default_dicts(pd_conf_generated, pd_conf_default) }}"
+    pd_conf: "{{ pd_conf_custom_check | with_default_dicts(pd_conf_generated_check, pd_conf_default_check) }}"
 
 - name: Create configuration file
   template: src={{ playbook_dir }}/roles/pd/templates/pd.toml.j2 dest={{ tidb_check_dir }}/pd.toml mode=0644 backup=yes
-  register: pd_conf_st
 
 - name: Deploy PD binary
   copy: src="{{ resources_dir }}/bin/pd-server" dest="{{ tidb_check_dir }}/" mode=0755 backup=yes
diff --git a/roles/check_config/tasks/check_tidb_config.yml b/roles/check_config/tasks/check_tidb_config.yml
index 43f75f914..37ac4cc63 100644
--- a/roles/check_config/tasks/check_tidb_config.yml
+++ b/roles/check_config/tasks/check_tidb_config.yml
@@ -1,17 +1,20 @@
 ---
 
-- name: Load TiDB vars
-  include_vars: file={{ playbook_dir }}/roles/tidb/defaults/main.yml
+- name: Load TiDB default vars
+  include_vars: file={{ playbook_dir }}/roles/tidb/defaults/main.yml name=tidb_vars_check
+
+- name: Load TiDB group vars
+  include_vars: file={{ playbook_dir }}/group_vars/tidb_servers.yml name=tidb_vars_check
 
 - name: "Load customized config: tidb-ansible/conf/tidb.yml"
-  include_vars: file={{ playbook_dir }}/conf/tidb.yml name=tidb_conf_custom
+  include_vars: file={{ playbook_dir }}/conf/tidb.yml name=tidb_conf_custom_check
 
 - name: Load default config
-  include_vars: file={{ playbook_dir }}/roles/tidb/vars/default.yml name=tidb_conf_default
+  include_vars: file={{ playbook_dir }}/roles/tidb/vars/default.yml name=tidb_conf_default_check
 
 - name: generate dynamic config
   set_fact:
-    tidb_conf_generated:
+    tidb_conf_generated_check:
       security:
         cluster-ssl-ca: >-
           {%- if enable_tls|default(false) -%}{{ tidb_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
@@ -22,7 +25,7 @@
 
 - name: Generate final config
   set_fact:
-    tidb_conf: "{{ tidb_conf_custom | with_default_dicts(tidb_conf_generated, tidb_conf_default) }}"
+    tidb_conf: "{{ tidb_conf_custom_check | with_default_dicts(tidb_conf_generated_check, tidb_conf_default_check) }}"
 
 - name: Create configuration file
   template: src={{ playbook_dir }}/roles/tidb/templates/tidb.toml.j2 dest={{ tidb_check_dir }}/tidb.toml mode=0644 backup=yes
diff --git a/roles/check_config/tasks/check_tikv_config.yml b/roles/check_config/tasks/check_tikv_config.yml
index 97849928b..aeabda73b 100644
--- a/roles/check_config/tasks/check_tikv_config.yml
+++ b/roles/check_config/tasks/check_tikv_config.yml
@@ -1,23 +1,26 @@
 ---
 
+- set_fact:
+    tikv_log_dir: "{{ deploy_dir }}/log"
+
 - name: Load TiKV vars
-  include_vars: file={{ playbook_dir }}/roles/tikv/defaults/main.yml
+  include_vars: file={{ playbook_dir }}/roles/tikv/defaults/main.yml name=tikv_vars_check
 
 - name: "Load customized config: tidb-ansible/conf/tikv.yml"
-  include_vars: file={{ playbook_dir }}/conf/tikv.yml name=tikv_conf_custom
+  include_vars: file={{ playbook_dir }}/conf/tikv.yml name=tikv_conf_custom_check
 
 - name: Load default config
-  include_vars: file={{ playbook_dir }}/roles/tikv/vars/default.yml name=tikv_conf_default
+  include_vars: file={{ playbook_dir }}/roles/tikv/vars/default.yml name=tikv_conf_default_check
 
 - name: generate dynamic config
   set_fact:
-    tikv_conf_generated:
+    tikv_conf_generated_check:
       server:
-        labels: "{{ labels }}"
+        labels: "{{ tikv_vars_check.labels }}"
       rocksdb:
-        wal-dir: "{{ wal_dir }}"
+        wal-dir: "{{ tikv_vars_check.wal_dir }}"
       raftstore:
-        raftdb-path: "{{ raftdb_path }}"
+        raftdb-path: "{{ tikv_vars_check.raftdb_path }}"
       security:
         ca-path: >-
           {%- if enable_tls|default(false) -%}{{ tikv_cert_dir }}/ca.pem{%- else -%}{%- endif -%}
@@ -28,7 +31,7 @@
 
 - name: Generate final config
   set_fact:
-    tikv_conf: "{{ tikv_conf_custom | with_default_dicts(tikv_conf_generated, tikv_conf_default) }}"
+    tikv_conf: "{{ tikv_conf_custom_check | with_default_dicts(tikv_conf_generated_check, tikv_conf_default_check) }}"
 
 - name: Create configuration file
   template: src={{ playbook_dir }}/roles/tikv/templates/tikv.toml.j2 dest={{ tidb_check_dir }}/tikv.toml mode=0644 backup=yes