blob: de935f0b664ff112c1a552d8581cc928c462889f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
mongodb_mongos
==============
A role to setup a mongos server for a MongoDB sharded cluster.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should
be mentioned here. For instance, if the role uses the EC2 module, it may be a
good idea to mention in this section that the boto package is required.
Role Variables
--------------
* `mongos_port`: The port used by the mongos process. Default `27017`.
* `mongos_service`: The name of the mongos service. Default `mongos`.
* `mongodb_user`: The Linux OS user for MongoDB. Default `mongod`.
* `mongodb_group`: The Linux OS user group for MongoDB. Default `mongod`.
* `pid_file`: The pid file for mongos. Default `/run/mongodb/mongos.pid`.
* `bind_ip`: The IP address mongos will bind to. Default `0.0.0.0`.
* `bind_ip_all`: Have mongos bind to all IP addresses instead of specifying `bind_ip`. Default `false`.
* `log_path`: Path of the log file. Default: `/var/log/mongodb/mongos.log`.
* `mypy`: Python interpretor. Default `python`.
* `mongos_package`: The name of the mongos installation package. Default `mongodb-org-mongos`.
* `config_repl_set_name`: The name of the config server replicaset. Default `cfg`.
* `config_servers`: "config1:27019, config2:27019, config3:27019"
* `openssl_keyfile_content`: The kexfile content that MongoDB uses to authenticate within a replicaset. Generate with cmd: openssl rand -base64 756.
* `openssl_keyfile_path`: Put the openssl_keyfile at this path. Default: `/etc/keyfile`.
* `net_compressors`: If this is set, this sets `net.compression.compressors` in mongos.conf.
* `mongos_config_template`: If defined allows to override path to mongod config template with custom configuration. Default `mongos.conf.j2`.
* `skip_restart`: If set to `true` will skip restarting mongos service when config file or the keyfile content changes. Default `true`.
* `mongodb_use_tls`: Whether to use tls. Default `false`.
* `mongodb_disabled_tls_protocols`: The tls protocols to be disabled. Leave blank to let MongoDB decide which protocols to allow according to the ones available on the system; check the [official docs](https://www.mongodb.com/docs/v6.0/reference/configuration-options/#mongodb-setting-net.tls.disabledProtocols) for details. Default "".
* `mongodb_allow_connections_without_certificates`: When enabled allows to bypass the certificate validation for clients that do not present a certificate, if a certificate is provided it _must_ be valid. Default `false`.
* `mongodb_certificate_key_file`: Path to the PEM-file containing the certficate and private key.
* `mongodb_certificate_ca_file`: Path to the CA-file.
Dependencies
------------
mongodb_repository
Example Playbook
----------------
```yaml
- hosts: servers
roles:
- mongodb_repository
- mongodb_mongos
```
License
-------
BSD
Author Information
------------------
Rhys Campbell (https://github.com/rhysmeister)
|
