diff --git a/build/ansible/pmm-docker/post-build.yml b/build/ansible/pmm-docker/post-build.yml index 483e3f7bcea..10409a83aca 100644 --- a/build/ansible/pmm-docker/post-build.yml +++ b/build/ansible/pmm-docker/post-build.yml @@ -3,42 +3,9 @@ - hosts: all become: yes - gather_facts: yes - vars: - pmm_server_distribution: "docker" + gather_facts: no tasks: - # pmm-managed checks that if /srv/pmm-distribution exists, it contains "docker", "ovf", "ami" or "digitalocean" - all lowercase. - # TODO: refactor the build pipelines to call post-build.yml with the distribution name provided in the variable (above). - # https://jira.percona.com/browse/PMM-4991 - - name: Create a distribution file for Docker - copy: - content: "{{ pmm_server_distribution}}" - dest: /srv/pmm-distribution - owner: pmm - group: root - - - name: Remove pmm-managed database from PostgreSQL - postgresql_db: - login_user: postgres - name: pmm-managed - force: true - state: absent - environment: - PGPASSWORD: "{{ lookup('file', '/srv/.postgres_password') }}" - - - name: Remove pmm-managed role from PostgreSQL database - postgresql_user: - name: pmm-managed - state: absent - environment: - PGPASSWORD: "{{ lookup('file', '/srv/.postgres_password') }}" - - - name: Remove postgres password file so each container generates a unique one - file: - path: /srv/.postgres_password - state: absent - - name: Stop supervisord service command: supervisorctl shutdown become: true @@ -48,12 +15,11 @@ - name: Cleanup dnf cache command: dnf clean all - - name: Cleanup build logs, data, config files and package cache + - name: Cleanup build logs and package cache file: path: "{{ item }}" state: absent loop: - - /srv/logs - /var/log/dnf.log - /var/log/secure - /var/log/wtmp @@ -63,9 +29,6 @@ - /var/lib/pgsql - /var/cache/dnf - /var/cache/yum - - /srv/pmm-encryption.key - - /srv/pmm-agent/tmp - - /srv/pmm-agent/config - /usr/local/percona/pmm/config/pmm-agent.yaml - name: Remove users created by installers @@ -77,29 +40,6 @@ - clickhouse - nginx - - name: Clean Clickhouse dir - shell: find /srv/clickhouse -mindepth 1 -maxdepth 1 -print0 | xargs -0 rm -rf -- - - - name: Clean pmm-server dir - shell: find /usr/share/pmm-server -mindepth 1 -maxdepth 1 -print0 | xargs -0 rm -rf -- - - # This step is required because of a change between VictoriaMetrics 1.77.1 and 1.82.1. - # VictoriaMetrics tries to atomically rename directories in this folder on startup. - # With RedHat-based docker images the rename fails with an error "Invalid cross-device link". - # This is due to the way OverlayFS and kernel works. More info https://github.com/moby/moby/issues/25409 - # This step ensures the directory is empty on startup and the contents are recreated. - # This is not an issue if the folder is in a volume or mounted from the host OS. - - name: Recreate '/srv/victoriametrics' directory - file: - state: "{{ item }}" - path: /srv/victoriametrics - owner: pmm - group: root - mode: 0775 - loop: - - absent - - directory - - name: Remove auto-generated config files file: path: "/etc/supervisord.d/{{ item }}" @@ -112,34 +52,16 @@ - grafana.ini - nomad-server.ini - - name: Create '/srv/logs' directory - file: - path: /srv/logs - state: directory - owner: pmm - group: root - mode: 0775 - - - name: Set ownership for Grafana plugins directory - file: - path: /srv/grafana/plugins - owner: pmm - group: root - recurse: yes - state: directory - mode: 0775 + - name: Clean pmm-server dir + shell: find /usr/share/pmm-server -mindepth 1 -maxdepth 1 -print0 | xargs -0 rm -rf -- - - name: Set ownership for backup directory + - name: Clean /srv directory for fresh initialization on first start file: - path: /srv/backup + path: /srv + state: "{{ item }}" owner: pmm group: root - state: directory mode: 0775 - - - name: Set ownership for Grafana dashboards version file - file: - path: /srv/grafana/PERCONA_DASHBOARDS_VERSION - owner: pmm - group: root - state: file + loop: + - absent + - directory diff --git a/build/ansible/roles/nginx/files/nginx.conf b/build/ansible/roles/nginx/files/nginx.conf index 6cb09557950..e3ec684fa02 100644 --- a/build/ansible/roles/nginx/files/nginx.conf +++ b/build/ansible/roles/nginx/files/nginx.conf @@ -12,12 +12,11 @@ events { } http { - # Configure temporary directories to use /usr/share/pmm-server/nginx - client_body_temp_path /usr/share/pmm-server/nginx/client_temp; - proxy_temp_path /usr/share/pmm-server/nginx/proxy_temp; - fastcgi_temp_path /usr/share/pmm-server/nginx/fastcgi_temp; - uwsgi_temp_path /usr/share/pmm-server/nginx/uwsgi_temp; - scgi_temp_path /usr/share/pmm-server/nginx/scgi_temp; + client_body_temp_path /srv/nginx/tmp/client; + proxy_temp_path /srv/nginx/tmp/proxy; + fastcgi_temp_path /srv/nginx/tmp/fastcgi; + uwsgi_temp_path /srv/nginx/tmp/uwsgi; + scgi_temp_path /srv/nginx/tmp/scgi; map $http_upgrade $connection_upgrade { default upgrade; diff --git a/build/ansible/roles/nginx/tasks/main.yml b/build/ansible/roles/nginx/tasks/main.yml index c7f49314afc..277bb545230 100644 --- a/build/ansible/roles/nginx/tasks/main.yml +++ b/build/ansible/roles/nginx/tasks/main.yml @@ -8,12 +8,11 @@ mode: 0775 loop: - /usr/share/pmm-server/static/ - - /usr/share/pmm-server/nginx/ - - /usr/share/pmm-server/nginx/client_temp/ - - /usr/share/pmm-server/nginx/proxy_temp/ - - /usr/share/pmm-server/nginx/fastcgi_temp/ - - /usr/share/pmm-server/nginx/uwsgi_temp/ - - /usr/share/pmm-server/nginx/scgi_temp/ + - /srv/nginx/tmp/client/ + - /srv/nginx/tmp/proxy/ + - /srv/nginx/tmp/fastcgi/ + - /srv/nginx/tmp/uwsgi/ + - /srv/nginx/tmp/scgi/ - /etc/nginx/conf.d/ - /etc/nginx/ssl/ diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index a5b6b15198b..3c108d29430 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -73,27 +73,13 @@ if [ "$CURRENT_UID" != "1000" ] || [ "$CURRENT_GID" != "0" ]; then echo "NSS wrapper enabled with $NSS_WRAPPER_LIB" fi -# Check /usr/share/pmm-server directory on every start -echo "Checking /usr/share/pmm-server directory structure..." -# Still ensure critical directories exist, but don't create empty ones -if [ ! -d "/usr/share/pmm-server/nginx" ]; then - echo "Creating nginx temp directories..." - mkdir -p /usr/share/pmm-server/nginx/{client_temp,proxy_temp,fastcgi_temp,uwsgi_temp,scgi_temp} -fi - -if [ ! -d "/srv/pmm-agent/tmp" ]; then - echo "Creating pmm-agent temp directory..." - install -d -m 770 /srv/pmm-agent/tmp -fi - # Initialize /srv if empty declare DIST_FILE=/srv/pmm-distribution if [ ! -f "$DIST_FILE" ]; then echo -n "$PMM_DISTRIBUTION_METHOD" > "$DIST_FILE" echo "Initializing /srv..." - mkdir -p /srv/{backup,clickhouse,grafana,logs,nginx,prometheus,victoriametrics} + mkdir -p /srv/{backup,clickhouse,grafana/plugins,logs,nginx,prometheus/rules,victoriametrics} echo "Copying grafana plugins and the VERSION file..." - mkdir -p /srv/grafana/plugins cp -r /usr/share/percona-dashboards/panels/* /srv/grafana/plugins if is_enabled "$PMM_HA_ENABLE"; then @@ -125,6 +111,16 @@ if [ ! -f "$DIST_FILE" ]; then fi fi +if [ ! -d "/srv/nginx/tmp" ]; then + echo "Creating nginx temp directories..." + mkdir -p /srv/nginx/tmp/{client,proxy,fastcgi,uwsgi,scgi} +fi + +if [ ! -d "/srv/pmm-agent/tmp" ]; then + echo "Creating pmm-agent temp directory..." + install -d -m 770 /srv/pmm-agent/tmp +fi + if is_enabled "$PMM_HA_ENABLE"; then echo "Skipping embedded PostgreSQL migration in HA mode." elif is_enabled "$PMM_DISABLE_BUILTIN_POSTGRES"; then @@ -179,5 +175,5 @@ fi unset AGENT_CONFIG_DIR AGENT_ID -# Start supervisor in foreground +# Start supervisor in foreground, i.e. as PID 1 exec supervisord -n -c /etc/supervisord.conf