parameterize health check; refactor serial_then_parallel

2025-04-10 12:50:28 -07:00 · 2024-05-16 11:16:20 +02:00 · 2024-05-16 11:16:20 +02:00 · 4b21569f36
commit 4b21569f36
parent f63b20b9d4
5 changed files with 23 additions and 28 deletions
--- a/roles/keycloak_quarkus/README.md
+++ b/roles/keycloak_quarkus/README.md
@ -103,6 +103,8 @@ Role Defaults
 |`keycloak_quarkus_systemd_wait_for_delay`| Activation delay for service systemd unit (seconds) | `10` |
 |`keycloak_quarkus_restart_strategy`| Strategy task file for restarting in HA (one of provided restart/['serial.yml','none.yml','serial_then_parallel.yml']) or path to file when providing custom strategy | `restart/serial.yml` |
 |`keycloak_quarkus_restart_health_check`| Whether to wait for successful health check after restart | `{{ keycloak_quarkus_ha_enabled }}` |
+|`keycloak_quarkus_restart_health_check_delay`| Seconds to let pass before starting healch checks | `10` |
+|`keycloak_quarkus_restart_health_check_reries`| Number of attempts for successful health check before failing | `25` |
 |`keycloak_quarkus_restart_pause`| Seconds to wait between restarts in HA strategy | `15` |


--- a/roles/keycloak_quarkus/defaults/main.yml
+++ b/roles/keycloak_quarkus/defaults/main.yml
@ -157,4 +157,6 @@ keycloak_quarkus_supported_policy_types: ['password-blacklists']
 # files in restart directory (one of [ 'serial', 'none', 'serial_then_parallel' ]), or path to file when providing custom strategy
 keycloak_quarkus_restart_strategy: restart/serial.yml
 keycloak_quarkus_restart_health_check: "{{ keycloak_quarkus_ha_enabled }}"
+keycloak_quarkus_restart_health_check_delay: 10
+keycloak_quarkus_restart_health_check_reries: 25
 keycloak_quarkus_restart_pause: 15
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@ -445,6 +445,14 @@ argument_specs:
                description: "Seconds to wait between restarts in HA strategy"
                default: 15
                type: int
+            keycloak_quarkus_restart_health_check_delay:
+                description: "Seconds to let pass before starting healch checks"
+                default: 10
+                type: 'int'
+            keycloak_quarkus_restart_health_check_reries:
+                description: "Number of attempts for successful health check before failing"
+                default: 25
+                type: 'int'
    downstream:
        options:
            rhbk_version:
--- a/roles/keycloak_quarkus/tasks/restart.yml
+++ b/roles/keycloak_quarkus/tasks/restart.yml
@ -12,9 +12,9 @@
    url: "{{ keycloak.health_url }}"
  register: keycloak_status
  until: keycloak_status.status == 200
-  retries: 25
-  delay: 10
-  when: keycloak_quarkus_restart_health_check
+  retries: "{{ keycloak_quarkus_restart_health_check_reries }}"
+  delay: "{{ keycloak_quarkus_restart_health_check_delay }}"
+  when: internal_force_health_check | default(keycloak_quarkus_restart_health_check)

 - name: Pause to give distributed ispn caches time to (re-)replicate back onto first host
  ansible.builtin.pause:
--- a/roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
+++ b/roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
@ -1,31 +1,14 @@
 ---
 - name: Verify first restarted service with health URL, then rest restart in parallel
  block:
-    - name: "Restart and enable {{ keycloak.service_name }} service on first host"
-      ansible.builtin.systemd:
-        name: "{{ keycloak.service_name }}"
-        enabled: true
-        state: restarted
-        daemon_reload: true
-      become: true
-      delegate_to: "{{ ansible_play_hosts | first }}"
-      run_once: true
-
-    - name: "Wait until {{ keycloak.service_name }} service becomes active {{ keycloak.health_url }}"
-      ansible.builtin.uri:
-        url: "{{ keycloak.health_url }}"
-      register: keycloak_status
-      until: keycloak_status.status == 200
-      retries: 25
-      delay: 10
-      delegate_to: "{{ ansible_play_hosts | first }}"
-      run_once: true
-
-    - name: Pause to give distributed ispn caches time to (re-)replicate back onto first host
-      ansible.builtin.pause:
-        seconds: "{{ keycloak_quarkus_restart_pause }}"
-      when:
-        - keycloak_quarkus_ha_enabled
+    - name: "Restart and enable {{ keycloak.service_name }} service on initial host"
+      ansible.builtin.include_tasks:
+        file: restart.yml
+        apply:
+          delegate_to: "{{ ansible_play_hosts | first }}"
+          run_once: true
+      vars:
+        internal_force_health_check: true

    - name: "Restart and enable {{ keycloak.service_name }} service on other hosts"
      ansible.builtin.systemd: