Migrate to Rocky Linux 9

ansible.cfg

@@ -1,6 +1,4 @@
 [defaults]
-ansible_python_interpreter =    python
-
 remote_user =                   root
 host_key_checking =             no
 

group_vars/all.yml

@@ -721,9 +721,7 @@ mageops_language_redirect_enable: no
 mageops_language_redirect_mode: normal
 
 # Configure a vmtouch daemon force-keeping magento sources / compiled opcache in RAM
-mageops_magento_preload_fscache_enable: >-
-  {{ ( ansible_memtotal_mb | default(512, true) | int >= 7168 )
-        and php_cli_opcache_file_cache_enable | default(false, true) }}
+mageops_magento_preload_fscache_enable: no
 
 # Tune Linux Virtual Memory kernel sysctl params for lower disk IO
 mageops_app_node_optimize_kernel_vm_io: yes
@@ -1330,7 +1328,7 @@ php_fpm_pool_name: "{{ mageops_app_type }}"
 
 php_fpm_umask: "{{ mageops_app_umask }}"
 
-php_fpm_run_dir_path: "/var/run/php-fpm"
+php_fpm_run_dir_path: "/run/php-fpm"
 php_fpm_log_dir_path: "/var/log/php-fpm"
 
 php_fpm_pool_conf_dir_path: "/etc/php-fpm.d"
@@ -1556,7 +1554,7 @@ https_termination_proxy_http_port: "{{ https_termination_hide_varnish | default(
 https_termination_proxy_read_timeout: "{{ mageops_http_pipeline_request_timeout_override }}"
 
 # Special logging setup for requests for cacheable HTML pages which were a cache MISS
-https_termination_page_cache_misses_logging: yes
+https_termination_page_cache_misses_logging: no
 https_termination_page_cache_misses_logfile: "{{ nginx_log_dir }}/access.page-cache-misses.json.log"
 
 https_termination_redirect_source_domain_param: _redirect_from
@@ -1772,10 +1770,10 @@ deploy_release_save_info_file_path: "{{ mageops_ansible_temp_dir }}/RELEASE.json
 # --------------------------------------
 
 # Whether to install and enable the earlyoom daemon
-mageops_earlyoom_enable: yes
+mageops_earlyoom_enable: no
 
 earlyoom_ram_min_percent: 7
-earlyoom_swap_min_percent: 40
+earlyoom_swap_min_percent: 10
 mageops_cli_features_dir: /usr/local/lib/mageops/features
 
 # ----------------------------
@@ -1794,11 +1792,8 @@ mageops_packages_banned:
 
 # Basic packages needed for ansible/provisioning
 mageops_packages_base:
-  - python
-  - python2-pip
-  - python2-PyMySQL
-  - yum-utils
-  - yum-plugin-verify
+  - python3-pip
+  - python3-PyMySQL
   - unzip
   - git
   - rsync
@@ -1872,7 +1867,8 @@ packages_remove: "{{ mageops_packages_banned }}"
 # Package locks, for more info, check cs.versionlock role
 
 # Package locks per instance
-versionlock_varnish_packages: []
+versionlock_varnish_packages:
+  - varnish-6.0.*
 versionlock_persistent_packages: []
 versionlock_app_node_packages: []
 

requirements-galaxy.yml

@@ -1,3 +1,4 @@
+roles:
 - src: geerlingguy.mysql
 - src: geerlingguy.composer
 - src: geerlingguy.ntp
@@ -8,9 +9,7 @@
 - src: pinkeen.postfix-relay
   version: v1.1
 
-- src: pinkeen.selinux-disable
-  version: v1.1
-
-- src: zauberpony.mysql-query
-  version: v0.6.1
-
+collections:
+- name: community.aws
+- name: amazon.aws
+- name: community.mysql

requirements-python.txt

@@ -1,4 +1,4 @@
-ansible>=2.9.16,<2.10
+ansible>=6,<7
 
 # some tasks call aws command on localhost
 # make sure this is BEFORE boto3 and boto

roles/cs.ansible-plugins/meta/main.yml

@@ -1,18 +1,2 @@
 allow_duplicates: no
 dependencies:  []
-
-galaxy_info:
-  author: Filip Sobalski <[email protected]>
-  description: A collection of ansible plugins
-  company: creativestyle Polska
-  license: license (BSD, MIT)
-  min_ansible_version: 2.7
-  galaxy_tags:
-    - plugins
-    - filters
-    - filter_plugins
-    - ansible
-    - meta
-    - library
-
-

roles/cs.aws-ami-facts/defaults/main.yml

@@ -14,7 +14,7 @@ ami_facts_common_filters:
 # Find the latest CentOS ami ids here: https://www.centos.org/download/aws-images/
 ami_centos7_id:
 #  eu-central-1: ami-08b6d44b4f6f7b279 # original
-  eu-central-1: ami-0e4f9c05326f650df # cs-centos7-update-2022-08-01
+  eu-central-1: ami-06a38f9c5f75d09bd # rocky 9.0.20220706
 
 ami_base_system_image_id: "{{ ami_centos7_id[aws_region | default('eu-central-1')] }}"
 

roles/cs.aws-ami-facts/tasks/find-app-node-ami.yml

@@ -1,10 +1,10 @@
 - name: Find app node AMIs
-  ec2_ami_facts:
+  amazon.aws.ec2_ami_info:
     region: "{{ aws_region }}"
     filters: >-
       {{ ami_facts_common_filters | combine(
-          ami_facts_app_node_base_filters, 
-          ami_facts_app_node_filters, 
+          ami_facts_app_node_base_filters,
+          ami_facts_app_node_filters,
           ami_facts_app_node_tag_filters) }}
   vars:
     ami_facts_app_node_tag_filters: "{{ ami_facts_app_node_tags | prefix_keys('tag:') }}"
@@ -22,7 +22,7 @@
         aws_ami_app_node_id: "{{ aws_ami_app_node_info.image_id }}"
         aws_ami_app_node_name: "{{ aws_ami_app_node_info.name }}"
         aws_ami_app_node_location: "{{ aws_ami_app_node_info.image_location }}"
-        aws_ami_app_node_needs_db_migrations: "{{ aws_ami_app_node_info.tags.NeedsDbMigrations | default('true') | from_json }}"          
+        aws_ami_app_node_needs_db_migrations: "{{ aws_ami_app_node_info.tags.NeedsDbMigrations | default('true') | from_json }}"
         aws_ami_app_node_artifact_build_nr: "{{ aws_ami_app_node_info.tags.ArtifactBuildNr | default('null') | from_json }}"
 
 - name: Print information about newest app node AMI found
@@ -31,10 +31,10 @@
     msg: |
       ===============================================================
       =                     Found App Node AMI                      =
-      =============================================================== 
+      ===============================================================
 
       {% if ami_facts_app_node_force_id %}Note: Using forced specific AMI id.{% endif %}
-      
+
       {{ aws_ami_app_node_name }} ({{ aws_ami_app_node_id }})
 
       Baked App artifact build: #{{ aws_ami_app_node_artifact_build_nr | default('unknown', true) }}
@@ -50,4 +50,4 @@
 - name: Print information if no images were found
   when: ami_app_node_facts.images | length == 0
   debug:
-    msg: "No previous app node AMI was found! Clean build is coming..."
+    msg: "No previous app node AMI was found! Clean build is coming..."

roles/cs.aws-ami-facts/tasks/find-clean-base-ami.yml

@@ -1,5 +1,5 @@
 - name: Find clean base AMIs
-  ec2_ami_facts:
+  amazon.aws.ec2_ami_info:
     region: "{{ aws_region }}"
     filters: "{{ ami_facts_common_filters | combine(ami_facts_clean_base_filters) }}"
   register: ami_clean_base_facts
@@ -30,5 +30,5 @@
       ({{ aws_ami_clean_base_location }})
 
       --- Details ---
-      
-      {{ aws_ami_clean_base_info | to_nice_yaml }}
+
+      {{ aws_ami_clean_base_info | to_nice_yaml }}

roles/cs.aws-cli/tasks/main.yml

@@ -1,17 +1,16 @@
-- name: Make sure pip aws is not installed
-  pip:
-    name: awscli
-    state: absent
+# - name: Make sure pip aws is not installed
+#   pip:
+#     name: awscli
+#     state: absent
 
 - name: Install awscli
-  yum:
+  dnf:
     name: awscli
-    enablerepo: mageops
     state: latest
 
 - name: Ensure default AWS Region is set
   ini_file:
     path: /root/.aws/credentials
     section: default
     option: region
-    value: "{{ aws_region }}"
+    value: "{{ aws_region }}"

roles/cs.aws-cloudfront-facts/tasks/main.yml

@@ -1,18 +1,19 @@
 - name: Get list of cloudfront distributions
-  cloudfront_facts:
+  community.aws.cloudfront_info:
     region: "{{ aws_region }}"
+    summary: yes
   register: cloudfront_distributions_info
 
 - name: Set list of cloudfront distributions
   set_fact:
-    aws_cloudfront_distributions: "{{ cloudfront_distributions_info.ansible_facts.cloudfront.summary.distributions }}"
-   
+    aws_cloudfront_distributions: "{{ cloudfront_distributions_info.cloudfront.summary.distributions }}"
+
 - name: Filter cloudfront distribution list by tags
   set_fact:
     aws_cloudfront_distributions: "{{ aws_cloudfront_distributions | json_query(distributions_tag_filter_query) }}"
   vars:
     distributions_tag_filter_query: "[?{% for k, v in aws_cloudfront_distribution_tags.items() -%}Tags.{{ k }} == '{{ v }}'{% if not loop.last %} && {% endif %}{% endfor %}]"
-  
+
 - name: Warn when more than one distribution has been found
   debug:
     msg: |
@@ -31,4 +32,4 @@
   debug:
     msg: |
       Using Cloudfront Distribution: {{ aws_cloudfront_distribution_id }} with domain {{ aws_cloudfront_distribution_domain }}
-  when: aws_cloudfront_distributions | length > 0
+  when: aws_cloudfront_distributions | length > 0

roles/cs.aws-ebs-vol/tasks/main.yml

@@ -90,4 +90,4 @@
       loop_control:
         loop_var: volume
         label: "{{ volume.VolumeId }} / {{ volume | pick_keys(aws_ebs_volume_modify_params.keys()) | to_yaml | trim }} -> {{ aws_ebs_volume_modify_params | to_yaml| trim }}"
-      loop: "{{ ( aws_ebs_volume_describe.stdout | from_json ).Volumes }}"
+      loop: "{{ ( aws_ebs_volume_describe.stdout | from_json ).Volumes }}"

roles/cs.aws-ec2-cleanup/tasks/main.yml

@@ -1,5 +1,5 @@
 - name: Get available Lauch Configurations
-  ec2_lc_facts:
+  community.aws.ec2_lc_info:
     region: "{{ aws_region }}"
     sort: created_time
     sort_order: descending

roles/cs.aws-efs/tasks/main.yml

@@ -39,7 +39,7 @@
           --lifecycle-policies '{{ efs_lifecycle_policies | to_json }}'
 
 - name: Install AWS EFS utils
-  yum:
+  dnf:
     name:
         - stunnel
         - nfs-utils

roles/cs.aws-lambda-import/defaults/main.yml

@@ -3,6 +3,6 @@ aws_import_scaling_lambda_schedule: rate(5 minutes)
 aws_lambda_handle_import_scaling_name: "handleImportScaling-{{ mageops_app_name }}"
 aws_lambda_handle_import_scaling_runtime: python3.7
 
-aws_lambda_import_scaling_deploy_package_version: "1.7.0"
+aws_lambda_import_scaling_deploy_package_version: "1.7.1"
 aws_lambda_import_scaling_deploy_package_url: "https://github.com/mageops/aws-lambdas-autoscaling/releases/download/{{ aws_lambda_import_scaling_deploy_package_version }}/autoscaling-lambdas-deploy-package.python3.7.zip"
-aws_lambda_import_scaling_deploy_package_path: "{{ mageops_ansible_temp_dir }}/import-scaling-lambda-deploy-package-{{ aws_lambda_import_scaling_deploy_package_version }}.zip"
+aws_lambda_import_scaling_deploy_package_path: "{{ mageops_ansible_temp_dir }}/import-scaling-lambda-deploy-package-{{ aws_lambda_import_scaling_deploy_package_version }}.zip"

roles/cs.aws-lambda-varnish/defaults/main.yml

@@ -1,5 +1,5 @@
-aws_lambda_varnish_deploy_package_url: "https://github.com/mageops/aws-lambdas-autoscaling/releases/download/1.6.0/autoscaling-lambdas-deploy-package.python3.7.zip"
-aws_lambda_varnish_deploy_package_path: "{{ mageops_ansible_temp_dir }}/varnish-lambda-deploy-package.zip"
+aws_lambda_varnish_deploy_package_url: "https://github.com/mageops/aws-lambdas-autoscaling/releases/download/1.7.1/autoscaling-lambdas-deploy-package.python3.7.zip"
+aws_lambda_varnish_deploy_package_path: "{{ mageops_ansible_temp_dir }}/varnish-lambda-deploy-package-f44a1b91479964bca0e73e222c1c004f08e87a3c.zip"
 aws_lambda_varnish_runtime: python3.7
 
 aws_lambda_handle_varnish_autoscaling_event_name: "handleVarnishAutoscalingEvent-{{ mageops_app_name }}"

roles/cs.aws-logs/tasks/002-install-daemon.yml

@@ -1,5 +1,4 @@
 - name: Install AWS Cloudwatch Agent
-  yum:
+  dnf:
     name: "{{ aws_cloudwatch_agent_package }}"
     state: latest
-

roles/cs.aws-logs/tasks/004-setup-magento-crash-report-handler.yml

@@ -1,9 +1,9 @@
 - name: Install AWS Exception Forwarder package
-  yum:
+  dnf:
     name: "{{ aws_cloudwatch_exception_forwarder_package }}"
 
 - name: Set up magento exception report pushing cronjob
   cron:
     name: "Push magento exception reports to CloudWatch Logs"
     minute: "*/2"
-    job: "/bin/aws-excfwd push:directory -v --formatter=serialized_array --region={{ aws_region }} --group=/{{ mageops_project }}/{{ mageops_environment }}/magento/report {{ aws_logs_project_root }}/var/report/ --stream={{ aws_logs_stream_name }}"
+    job: "/bin/aws-excfwd push:directory -v --formatter=serialized_array --region={{ aws_region }} --group=/{{ mageops_project }}/{{ mageops_environment }}/magento/report {{ aws_logs_project_root }}/var/report/ --stream={{ aws_logs_stream_name }}"

roles/cs.aws-node-ami-builder/tasks/main.yml

@@ -50,8 +50,7 @@
           | flatten
           | map(attribute='value')
           | map(attribute='volume_id')
-          | list
-          | to_nice_json }}
+          | list }}
     aws_ebs_volume_modify_type: "{{ aws_builder_node_ebs_volume_type }}"
     aws_ebs_volume_modify_iops: "{{ aws_builder_node_ebs_gp3_iops }}"
     aws_ebs_volume_modify_throughput: "{{ aws_builder_node_ebs_gp3_throughput }}"

roles/cs.aws-node-facts/tasks/main.yml

@@ -46,6 +46,8 @@
     aws_app_builder_node_ami_id: "{{ aws_nodes_info.app_builder.image_id | default(omit, true) }}"
     aws_persistent_node_ami_id: "{{ aws_nodes_info.persistent.image_id | default(omit, true) }}"
     aws_varnish_node_ami_id: "{{ aws_nodes_info.varnish_loadbalancer.image_id | default(omit, true) }}"
+    # Ansible require at least one variable to be set in set_fact, this dummy set is required in case there is no instances present
+    _dummy: "_"
 
 - name: Set varnish host to varnish loadbalancer
   set_fact:

roles/cs.aws-node-persistent/tasks/main.yml

@@ -60,14 +60,13 @@
     name: cs.aws-ebs-vol
   vars:
     aws_ebs_volume_modify_ids: >-
-      {{ ( aws_persistent_ec2.instances + aws_persistent_ec2.tagged_instances ) 
-          | map(attribute='block_device_mapping') 
-          | map('dict2items') 
-          | flatten 
+      {{ ( aws_persistent_ec2.instances + aws_persistent_ec2.tagged_instances )
+          | map(attribute='block_device_mapping')
+          | map('dict2items')
+          | flatten
           | map(attribute='value')
           | map(attribute='volume_id')
-          | list
-          | to_nice_json }}
+          | list }}
     aws_ebs_volume_modify_type: "{{ aws_persistent_node_ebs_volume_type }}"
     aws_ebs_volume_modify_iops: "{{ aws_persistent_node_ebs_gp3_iops }}"
     aws_ebs_volume_modify_throughput: "{{ aws_persistent_node_ebs_gp3_throughput }}"

roles/cs.aws-node-varnish/tasks/main.yml

@@ -49,13 +49,12 @@
   vars:
     aws_ebs_volume_modify_ids: >-
       {{ ( aws_varnish_ec2.instances + aws_varnish_ec2.tagged_instances )
-          | map(attribute='block_device_mapping') 
-          | map('dict2items') 
-          | flatten 
+          | map(attribute='block_device_mapping')
+          | map('dict2items')
+          | flatten
           | map(attribute='value')
           | map(attribute='volume_id')
-          | list
-          | to_nice_json }}
+          | list }}
     aws_ebs_volume_modify_type: "{{ aws_varnish_node_ebs_volume_type }}"
     aws_ebs_volume_modify_iops: "{{ aws_varnish_node_ebs_gp3_iops }}"
     aws_ebs_volume_modify_throughput: "{{ aws_varnish_node_ebs_gp3_throughput }}"

roles/cs.aws-rds-facts/tasks/main.yml

@@ -1,5 +1,5 @@
 - name: Get list of RDS instances
-  rds_instance_facts:
+  community.aws.rds_instance_info:
     region: "{{ aws_region }}"
   register: rds_instances_info
 

roles/cs.aws-rds-gfs-backup/tasks/main.yml

@@ -4,7 +4,7 @@
   when: rds_gfs_instance_id is not defined
 
 - name: Get facts about RDS instance
-  rds_instance_facts:
+  community.aws.rds_instance_info:
     db_instance_identifier: "{{ rds_gfs_instance_id }}"
     region: "{{ aws_region }}"
   register: rds_gfs_instance_data
@@ -45,5 +45,3 @@
 
 - import_tasks: cluster-db.yml
   when: rds_gfs_cluster_id != False
-
-

roles/cs.aws-region-facts/tasks/main.yml

@@ -1,5 +1,5 @@
 - name: Get AWS region
-  aws_region_facts:
+  community.aws.aws_region_info:
     region: "{{ aws_region }}"
   register: region_facts
 
@@ -42,4 +42,3 @@
   set_fact:
     aws_s3_website_endpoint: "{{ aws_s3_website_info.website_endpoint }}"
     cacheable: yes
-