From e212fcde67af7925e1f3e040c0d6ff209097a9f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 20:40:48 +0800 Subject: [PATCH 01/17] Update configure_ag.j2 add support read_only_url and read_only_routing_url add support config ALLOW_CONNECTIONS --- templates/configure_ag.j2 | 43 ++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/templates/configure_ag.j2 b/templates/configure_ag.j2 index 8f246b54..2e7dcfe5 100644 --- a/templates/configure_ag.j2 +++ b/templates/configure_ag.j2 @@ -134,6 +134,11 @@ removing this replica re-create it'; "sql_setting_name": "SECONDARY_ROLE (ALLOW_CONNECTIONS = ALL)", "sys_setting_name": "secondary_role_allow_connections_desc", "setting_value": "ALL" +}, +"read_only_routing_url":{ + "sql_setting_name": "SECONDARY_ROLE (READ_ONLY_ROUTING_URL = " + "N'tcp://" + hostvars[item]['ansible_fqdn'] + ":" + mssql_tcp_port | string + "'" + ")", + "sys_setting_name": "read_only_routing_url", + "setting_value":"N'tcp://" + hostvars[item]['ansible_fqdn'] + ":" + mssql_tcp_port | string + "'" } }) %} {% elif hostvars[item]['mssql_ha_replica_type'] == 'witness' %} @@ -155,7 +160,7 @@ removing this replica re-create it'; WHERE groups.name = '{{ mssql_ha_ag_name }}' AND replicas.replica_server_name = '{{ hostvars[item]['ansible_hostname'] }}' AND -{% if key == 'endpoint_url' %} +{% if key in ['endpoint_url', 'read_only_routing_url'] %} {{ value.sys_setting_name }} = {{ value.setting_value }} {% else %} {{ value.sys_setting_name }} = '{{ value.setting_value }}' @@ -164,24 +169,42 @@ removing this replica re-create it'; BEGIN ALTER AVAILABILITY GROUP {{ mssql_ha_ag_name }} MODIFY REPLICA ON N'{{ hostvars[item]['ansible_hostname'] }}' WITH ( -{% if key == 'allow_connections' %} +{% if key in ['allow_connections', 'read_only_routing_url'] %} {{ value.sql_setting_name }} {% else %} {{ value.sql_setting_name }} = {{ value.setting_value }} {% endif %} ); PRINT '{{ hostvars[item]['ansible_hostname'] }}: \ -The {{ value.sql_setting_name }} setting on this \ -{{ hostvars[item]['mssql_ha_replica_type'] }} replica configured successfully'; +The +{% if key == 'read_only_routing_url' %} +{{ value.sys_setting_name }} +{% else %} +{{ value.sql_setting_name }} +{% endif %} +setting on this \ END ELSE BEGIN PRINT '{{ hostvars[item]['ansible_hostname'] }}: \ -The {{ value.sql_setting_name }} setting on this \ +The +{% if key == 'read_only_routing_url' %} +{{ value.sys_setting_name }} +{% else %} +{{ value.sql_setting_name }} +{% endif %} +setting on this \ {{ hostvars[item]['mssql_ha_replica_type'] }} replica is already set \ correctly, skipping'; END {% endfor %} +{% if hostvars[item]['mssql_ha_read_only_routing_list'] %} + ALTER AVAILABILITY GROUP {{ mssql_ha_ag_name }} MODIFY REPLICA ON + N'{{ hostvars[item]['ansible_hostname'] }}' WITH (PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} ))) + PRINT '{{ hostvars[item]['ansible_hostname'] }}: \ +The mssql_ha_read_only_routing_list setting on this \ +{{ hostvars[item]['mssql_ha_replica_type'] }} replica configured successfully'; +{% endif %} END {% elif hostvars[item]['mssql_ha_replica_type'] == 'absent' %} IF NOT EXISTS ( @@ -246,7 +269,10 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = ALL) + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') +{% if hostvars[item]['mssql_ha_replica_type'] %} + ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) +{% endif %} {% elif hostvars[item]['mssql_ha_replica_type'] in ['synchronous', 'asynchronous'] %} ), N'{{ hostvars[item]['ansible_hostname'] }}' WITH ( @@ -255,7 +281,10 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = ALL) + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') +{% if hostvars[item]['mssql_ha_replica_type'] %} + ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) +{% endif %} {% elif hostvars[item]['mssql_ha_replica_type'] == 'witness' %} ), N'{{ hostvars[item]['ansible_hostname'] }}' WITH ( From 762053accacb6d9af844bcffcc7edb0565ec5261 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 20:42:14 +0800 Subject: [PATCH 02/17] Update main.yml defalt/main.yml add new var --- defaults/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 391d9ccd..1f4a709f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -52,6 +52,8 @@ mssql_ha_reset_cert: false mssql_ha_endpoint_name: null mssql_ha_ag_name: null mssql_ha_db_names: [] +mssql_ha_allow_connections: ALL +mssql_ha_read_only_routing_list: mssql_ha_prep_for_pacemaker: "{{ mssql_ha_ag_cluster_type | lower != 'none' }}" mssql_ha_virtual_ip: null From 9ff4845ce1c59dfa9488b551d8c8ce08c79c1e39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 20:46:03 +0800 Subject: [PATCH 03/17] Add files via upload --- tests/ag_install.yaml | 95 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 tests/ag_install.yaml diff --git a/tests/ag_install.yaml b/tests/ag_install.yaml new file mode 100644 index 00000000..48e0b159 --- /dev/null +++ b/tests/ag_install.yaml @@ -0,0 +1,95 @@ +- hosts: all + vars: + mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true + mssql_accept_microsoft_odbc_driver_for_sql_server_eula: true + mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true + mssql_accept_microsoft_sql_server_standard_eula: true + mssql_version: 2022 + mssql_password: "p@55w0rD" + mssql_edition: 2Q48Q-PB48J-DRCVN-GB844-X2H4Q + mssql_datadir: "/data/mssql/1433/database/" + mssql_logdir: "/data/mssql/1433/database/" + #mssql_pre_input_sql_content: "USE MASTER;CREATE DATABASE ExampleDB2;BACKUP DATABASE ExampleDB2 TO DISK='nil'with compression;" + mssql_enable_sql_agent: true + mssql_manage_firewall: true + mssql_run_selinux_confined: false + mssql_ha_configure: true + mssql_manage_ha_cluster: true + mssql_ha_prep_for_pacemaker: true + mssql_ha_ag_cluster_type: external + mssql_ha_endpoint_port: 5022 + mssql_ha_cert_name: ExampleCert + mssql_ha_master_key_password: "p@55w0rD1" + mssql_ha_private_key_password: "p@55w0rD2" + mssql_ha_reset_cert: true + mssql_ha_endpoint_name: Example_Endpoint + mssql_ha_ag_name: ExampleAG + mssql_ha_db_names: + - test_1 + mssql_ha_login: pacemakerLogin + mssql_ha_login_password: "p@55w0rD3" + mssql_ha_virtual_ip: 192.168.200.139 + ha_cluster_cluster_name: "{{ mssql_ha_ag_name }}" + ha_cluster_hacluster_password: "p@55w0rD4" + ha_cluster_cluster_properties: + - attrs: + - name: cluster-recheck-interval + value: 2min + - name: start-failure-is-fatal + value: false + - name: stonith-enabled + value: false + ha_cluster_resource_primitives: + - id: ag_cluster + agent: ocf:mssql:ag + instance_attrs: + - attrs: + - name: ag_name + value: "{{ mssql_ha_ag_name }}" + meta_attrs: + - attrs: + - name: failure-timeout + value: 60s + - id: virtualip + agent: ocf:heartbeat:IPaddr2 + instance_attrs: + - attrs: + - name: ip + value: "{{ mssql_ha_virtual_ip }}" + operations: + - action: monitor + attrs: + - name: interval + value: 30s + ha_cluster_resource_clones: + - resource_id: ag_cluster + promotable: yes + meta_attrs: + - attrs: + - name: notify + value: true + ha_cluster_constraints_colocation: + - resource_leader: + id: ag_cluster-clone + role: Promoted + resource_follower: + id: virtualip + options: + - name: score + value: INFINITY + ha_cluster_constraints_order: + - resource_first: + id: ag_cluster-clone + action: promote + resource_then: + id: virtualip + action: start + tasks: +# - name: Set facts to create a test DB on primary as a pre task +# set_fact: +# mssql_pre_input_sql_file: create_ExampleDB.sql +# when: mssql_ha_replica_type == 'primary' + + - name: Run on all hosts to configure HA cluster + include_role: + name: microsoft.sql.server From 168ddf01ff5cb7d83eec984a66d84631f27b4a89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 20:46:47 +0800 Subject: [PATCH 04/17] Delete tests/ag_install.yaml --- tests/ag_install.yaml | 95 ------------------------------------------- 1 file changed, 95 deletions(-) delete mode 100644 tests/ag_install.yaml diff --git a/tests/ag_install.yaml b/tests/ag_install.yaml deleted file mode 100644 index 48e0b159..00000000 --- a/tests/ag_install.yaml +++ /dev/null @@ -1,95 +0,0 @@ -- hosts: all - vars: - mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true - mssql_accept_microsoft_odbc_driver_for_sql_server_eula: true - mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true - mssql_accept_microsoft_sql_server_standard_eula: true - mssql_version: 2022 - mssql_password: "p@55w0rD" - mssql_edition: 2Q48Q-PB48J-DRCVN-GB844-X2H4Q - mssql_datadir: "/data/mssql/1433/database/" - mssql_logdir: "/data/mssql/1433/database/" - #mssql_pre_input_sql_content: "USE MASTER;CREATE DATABASE ExampleDB2;BACKUP DATABASE ExampleDB2 TO DISK='nil'with compression;" - mssql_enable_sql_agent: true - mssql_manage_firewall: true - mssql_run_selinux_confined: false - mssql_ha_configure: true - mssql_manage_ha_cluster: true - mssql_ha_prep_for_pacemaker: true - mssql_ha_ag_cluster_type: external - mssql_ha_endpoint_port: 5022 - mssql_ha_cert_name: ExampleCert - mssql_ha_master_key_password: "p@55w0rD1" - mssql_ha_private_key_password: "p@55w0rD2" - mssql_ha_reset_cert: true - mssql_ha_endpoint_name: Example_Endpoint - mssql_ha_ag_name: ExampleAG - mssql_ha_db_names: - - test_1 - mssql_ha_login: pacemakerLogin - mssql_ha_login_password: "p@55w0rD3" - mssql_ha_virtual_ip: 192.168.200.139 - ha_cluster_cluster_name: "{{ mssql_ha_ag_name }}" - ha_cluster_hacluster_password: "p@55w0rD4" - ha_cluster_cluster_properties: - - attrs: - - name: cluster-recheck-interval - value: 2min - - name: start-failure-is-fatal - value: false - - name: stonith-enabled - value: false - ha_cluster_resource_primitives: - - id: ag_cluster - agent: ocf:mssql:ag - instance_attrs: - - attrs: - - name: ag_name - value: "{{ mssql_ha_ag_name }}" - meta_attrs: - - attrs: - - name: failure-timeout - value: 60s - - id: virtualip - agent: ocf:heartbeat:IPaddr2 - instance_attrs: - - attrs: - - name: ip - value: "{{ mssql_ha_virtual_ip }}" - operations: - - action: monitor - attrs: - - name: interval - value: 30s - ha_cluster_resource_clones: - - resource_id: ag_cluster - promotable: yes - meta_attrs: - - attrs: - - name: notify - value: true - ha_cluster_constraints_colocation: - - resource_leader: - id: ag_cluster-clone - role: Promoted - resource_follower: - id: virtualip - options: - - name: score - value: INFINITY - ha_cluster_constraints_order: - - resource_first: - id: ag_cluster-clone - action: promote - resource_then: - id: virtualip - action: start - tasks: -# - name: Set facts to create a test DB on primary as a pre task -# set_fact: -# mssql_pre_input_sql_file: create_ExampleDB.sql -# when: mssql_ha_replica_type == 'primary' - - - name: Run on all hosts to configure HA cluster - include_role: - name: microsoft.sql.server From 3de1a90b5757d3ae5adecf5a670b41e5fd6c0dc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 20:46:59 +0800 Subject: [PATCH 05/17] Add files via upload --- ...th_read_only_url_list_allow_connection.yml | 132 ++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 tests/test_ag_with_read_only_url_list_allow_connection.yml diff --git a/tests/test_ag_with_read_only_url_list_allow_connection.yml b/tests/test_ag_with_read_only_url_list_allow_connection.yml new file mode 100644 index 00000000..60abfc78 --- /dev/null +++ b/tests/test_ag_with_read_only_url_list_allow_connection.yml @@ -0,0 +1,132 @@ +#all: +# hosts: +# 192.168.200.136: +# ansible_user: root +# ansible_ssh_pass: "1q!" +# mssql_ha_replica_type: primary +# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_read_only_routing_list: ('node-5','node-6') +# ha_cluster: +# node_name: node-4 +# pcs_address: node-4 +# corosync_addresses: +# - 192.168.200.136 +# 192.168.200.137: +# ansible_user: root +# ansible_ssh_pass: "1q!" +# mssql_ha_replica_type: synchronous +# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_read_only_routing_list: ('node-4','node-6') +# ha_cluster: +# node_name: node-5 +# pcs_address: node-5 +# corosync_addresses: +# - 192.168.200.137 +# 192.168.200.138: +# ansible_user: root +# ansible_ssh_pass: "1q!" +# mssql_ha_replica_type: synchronous +# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_read_only_routing_list: ('node-4','node-5') +# ha_cluster: +# node_name: node-6 +# pcs_address: node-6 +# corosync_addresses: +# - 192.168.200.138 + + +- hosts: all + vars: + mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true + mssql_accept_microsoft_odbc_driver_for_sql_server_eula: true + mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true + mssql_accept_microsoft_sql_server_standard_eula: true + mssql_version: 2022 + mssql_password: "p@55w0rD" + mssql_edition: 2Q48Q-PB48J-DRCVN-GB844-X2H4Q + mssql_datadir: "/data/mssql/1433/database/" + mssql_logdir: "/data/mssql/1433/database/" + #mssql_pre_input_sql_content: "USE MASTER;CREATE DATABASE ExampleDB2;BACKUP DATABASE ExampleDB2 TO DISK='nil'with compression;" + mssql_enable_sql_agent: true + mssql_manage_firewall: true + mssql_run_selinux_confined: false + mssql_ha_configure: true + mssql_manage_ha_cluster: true + mssql_ha_prep_for_pacemaker: true + mssql_ha_ag_cluster_type: external + mssql_ha_endpoint_port: 5022 + mssql_ha_cert_name: ExampleCert + mssql_ha_master_key_password: "p@55w0rD1" + mssql_ha_private_key_password: "p@55w0rD2" + mssql_ha_reset_cert: true + mssql_ha_endpoint_name: Example_Endpoint + mssql_ha_ag_name: ExampleAG + mssql_ha_db_names: + - test_1 + mssql_ha_login: pacemakerLogin + mssql_ha_login_password: "p@55w0rD3" + mssql_ha_virtual_ip: 192.168.200.139 + ha_cluster_cluster_name: "{{ mssql_ha_ag_name }}" + ha_cluster_hacluster_password: "p@55w0rD4" + ha_cluster_cluster_properties: + - attrs: + - name: cluster-recheck-interval + value: 2min + - name: start-failure-is-fatal + value: false + - name: stonith-enabled + value: false + ha_cluster_resource_primitives: + - id: ag_cluster + agent: ocf:mssql:ag + instance_attrs: + - attrs: + - name: ag_name + value: "{{ mssql_ha_ag_name }}" + meta_attrs: + - attrs: + - name: failure-timeout + value: 60s + - id: virtualip + agent: ocf:heartbeat:IPaddr2 + instance_attrs: + - attrs: + - name: ip + value: "{{ mssql_ha_virtual_ip }}" + operations: + - action: monitor + attrs: + - name: interval + value: 30s + ha_cluster_resource_clones: + - resource_id: ag_cluster + promotable: yes + meta_attrs: + - attrs: + - name: notify + value: true + ha_cluster_constraints_colocation: + - resource_leader: + id: ag_cluster-clone + role: Promoted + resource_follower: + id: virtualip + options: + - name: score + value: INFINITY + ha_cluster_constraints_order: + - resource_first: + id: ag_cluster-clone + action: promote + resource_then: + id: virtualip + action: start + tasks: +# - name: Set facts to create a test DB on primary as a pre task +# set_fact: +# mssql_pre_input_sql_file: create_ExampleDB.sql +# when: mssql_ha_replica_type == 'primary' + + - name: Run on all hosts to configure HA cluster + include_role: + name: microsoft.sql.server From c8fbd9e630931d1efde371d4a34ae99294bcc16b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 21:03:25 +0800 Subject: [PATCH 06/17] Update README.md --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index 37004286..40de409c 100644 --- a/README.md +++ b/README.md @@ -772,6 +772,26 @@ Default: no default Type: `string` +#### mssql_ha_secondary_role_allow_connections + +A host var it means allow connections type when the replica is secondary role. + +The available values are: `ALL`, `READ_ONLY`, `NO`. + +Default: ALL + +Type: `string` + +#### mssql_ha_read_only_routing_list + +A host var it means the list in ag read only router for when the replica is primary role. + +The example: 'node-4','node-6' or ('node-4','node-6') + +Default: no default + +Type: `string + #### mssql_ha_endpoint_port The TCP port used to replicate data for an Always On availability group. From 46a557bf286faa471e9a6a58ae3051359b74c390 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 21:03:47 +0800 Subject: [PATCH 07/17] Update test_ag_with_read_only_url_list_allow_connection.yml --- tests/test_ag_with_read_only_url_list_allow_connection.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/test_ag_with_read_only_url_list_allow_connection.yml b/tests/test_ag_with_read_only_url_list_allow_connection.yml index 60abfc78..036ea9cb 100644 --- a/tests/test_ag_with_read_only_url_list_allow_connection.yml +++ b/tests/test_ag_with_read_only_url_list_allow_connection.yml @@ -4,7 +4,7 @@ # ansible_user: root # ansible_ssh_pass: "1q!" # mssql_ha_replica_type: primary -# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_secondary_role_allow_connections: READ_ONLY # mssql_ha_read_only_routing_list: ('node-5','node-6') # ha_cluster: # node_name: node-4 @@ -15,7 +15,7 @@ # ansible_user: root # ansible_ssh_pass: "1q!" # mssql_ha_replica_type: synchronous -# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_secondary_role_allow_connections: READ_ONLY # mssql_ha_read_only_routing_list: ('node-4','node-6') # ha_cluster: # node_name: node-5 @@ -26,7 +26,7 @@ # ansible_user: root # ansible_ssh_pass: "1q!" # mssql_ha_replica_type: synchronous -# mssql_ha_allow_connections: READ_ONLY +# mssql_ha_secondary_role_allow_connections: READ_ONLY # mssql_ha_read_only_routing_list: ('node-4','node-5') # ha_cluster: # node_name: node-6 From 5356634b1d6212d44ecb3f8db11d8073e39006fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 21:04:08 +0800 Subject: [PATCH 08/17] Update main.yml --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1f4a709f..fab3c045 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -52,7 +52,7 @@ mssql_ha_reset_cert: false mssql_ha_endpoint_name: null mssql_ha_ag_name: null mssql_ha_db_names: [] -mssql_ha_allow_connections: ALL +mssql_ha_secondary_role_allow_connections: ALL mssql_ha_read_only_routing_list: mssql_ha_prep_for_pacemaker: "{{ mssql_ha_ag_cluster_type | lower != 'none' }}" From 68f7ba9de54e464c49916d4073fdefbb32c14522 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 21:05:48 +0800 Subject: [PATCH 09/17] Update configure_ag.j2 --- templates/configure_ag.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/configure_ag.j2 b/templates/configure_ag.j2 index 2e7dcfe5..146203fb 100644 --- a/templates/configure_ag.j2 +++ b/templates/configure_ag.j2 @@ -131,9 +131,9 @@ removing this replica re-create it'; "setting_value":hostvars[item]['__mssql_ha_seeding_mode'] }, "allow_connections":{ - "sql_setting_name": "SECONDARY_ROLE (ALLOW_CONNECTIONS = ALL)", + "sql_setting_name": "SECONDARY_ROLE (ALLOW_CONNECTIONS = " + hostvars[item]['mssql_ha_secondary_role_allow_connections'] + ")", "sys_setting_name": "secondary_role_allow_connections_desc", - "setting_value": "ALL" + "setting_value": hostvars[item]['mssql_ha_secondary_role_allow_connections'] }, "read_only_routing_url":{ "sql_setting_name": "SECONDARY_ROLE (READ_ONLY_ROUTING_URL = " + "N'tcp://" + hostvars[item]['ansible_fqdn'] + ":" + mssql_tcp_port | string + "'" + ")", @@ -269,7 +269,7 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') {% if hostvars[item]['mssql_ha_replica_type'] %} ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) {% endif %} @@ -281,7 +281,7 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') {% if hostvars[item]['mssql_ha_replica_type'] %} ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) {% endif %} From 1c193d8d09d2968abdc7934cd94d4b0514f22cb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 22:22:29 +0800 Subject: [PATCH 10/17] Update configure_ag.j2 --- templates/configure_ag.j2 | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/templates/configure_ag.j2 b/templates/configure_ag.j2 index 146203fb..93d41634 100644 --- a/templates/configure_ag.j2 +++ b/templates/configure_ag.j2 @@ -131,9 +131,9 @@ removing this replica re-create it'; "setting_value":hostvars[item]['__mssql_ha_seeding_mode'] }, "allow_connections":{ - "sql_setting_name": "SECONDARY_ROLE (ALLOW_CONNECTIONS = " + hostvars[item]['mssql_ha_secondary_role_allow_connections'] + ")", + "sql_setting_name": "SECONDARY_ROLE (ALLOW_CONNECTIONS = " + (hostvars[item]['mssql_ha_secondary_role_allow_connections'] | default('ALL')) + ")", "sys_setting_name": "secondary_role_allow_connections_desc", - "setting_value": hostvars[item]['mssql_ha_secondary_role_allow_connections'] + "setting_value": (hostvars[item]['mssql_ha_secondary_role_allow_connections'] | default('ALL')) }, "read_only_routing_url":{ "sql_setting_name": "SECONDARY_ROLE (READ_ONLY_ROUTING_URL = " + "N'tcp://" + hostvars[item]['ansible_fqdn'] + ":" + mssql_tcp_port | string + "'" + ")", @@ -182,7 +182,8 @@ The {% else %} {{ value.sql_setting_name }} {% endif %} -setting on this \ +setting on this \ +{{ hostvars[item]['mssql_ha_replica_type'] }} replica configured successfully'; END ELSE BEGIN @@ -198,7 +199,7 @@ setting on this \ correctly, skipping'; END {% endfor %} -{% if hostvars[item]['mssql_ha_read_only_routing_list'] %} +{% if not (hostvars[item]['mssql_ha_read_only_routing_list'] | default('')) == '' %} ALTER AVAILABILITY GROUP {{ mssql_ha_ag_name }} MODIFY REPLICA ON N'{{ hostvars[item]['ansible_hostname'] }}' WITH (PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} ))) PRINT '{{ hostvars[item]['ansible_hostname'] }}: \ @@ -269,8 +270,8 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') -{% if hostvars[item]['mssql_ha_replica_type'] %} + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] | default('ALL') }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') +{% if not (hostvars[item]['mssql_ha_read_only_routing_list'] | default('')) == '' %} ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) {% endif %} {% elif hostvars[item]['mssql_ha_replica_type'] in ['synchronous', 'asynchronous'] %} @@ -281,8 +282,8 @@ BEGIN AVAILABILITY_MODE = {{ hostvars[item]['__mssql_ha_availability_mode'] }}, FAILOVER_MODE = {{ hostvars[item]['__mssql_ha_failover_mode'] }}, SEEDING_MODE = {{ hostvars[item]['__mssql_ha_seeding_mode'] }}, - SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') -{% if hostvars[item]['mssql_ha_replica_type'] %} + SECONDARY_ROLE (ALLOW_CONNECTIONS = {{ hostvars[item]['mssql_ha_secondary_role_allow_connections'] | default('ALL') }},READ_ONLY_ROUTING_URL = N'tcp://{{ hostvars[item]['ansible_fqdn'] }}:{{ mssql_tcp_port }}') +{% if not (hostvars[item]['mssql_ha_read_only_routing_list'] | default('')) == '' %} ,PRIMARY_ROLE(READ_ONLY_ROUTING_LIST = ( {{ hostvars[item]['mssql_ha_read_only_routing_list'] }} )) {% endif %} {% elif hostvars[item]['mssql_ha_replica_type'] == 'witness' %} From 21f5367f49f08220815ecaa3a4a4bef30ca79844 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 22:23:35 +0800 Subject: [PATCH 11/17] Update main.yml --- defaults/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index fab3c045..391d9ccd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -52,8 +52,6 @@ mssql_ha_reset_cert: false mssql_ha_endpoint_name: null mssql_ha_ag_name: null mssql_ha_db_names: [] -mssql_ha_secondary_role_allow_connections: ALL -mssql_ha_read_only_routing_list: mssql_ha_prep_for_pacemaker: "{{ mssql_ha_ag_cluster_type | lower != 'none' }}" mssql_ha_virtual_ip: null From 4268ae46fbd645b377be7a65797ca5bc6183ce24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 22:26:17 +0800 Subject: [PATCH 12/17] Update README.md --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 40de409c..a7eb423c 100644 --- a/README.md +++ b/README.md @@ -778,7 +778,7 @@ A host var it means allow connections type when the replica is secondary role. The available values are: `ALL`, `READ_ONLY`, `NO`. -Default: ALL +Default: `ALL` Type: `string` @@ -786,9 +786,11 @@ Type: `string` A host var it means the list in ag read only router for when the replica is primary role. +If variable is undefined will not set read only routing list. + The example: 'node-4','node-6' or ('node-4','node-6') -Default: no default +Default: `` Type: `string From e59f9349c1efb6dfa7b280da1b340bfc1fa7bf19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 22:58:27 +0800 Subject: [PATCH 13/17] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a7eb423c..05c31ea8 100644 --- a/README.md +++ b/README.md @@ -792,7 +792,7 @@ The example: 'node-4','node-6' or ('node-4','node-6') Default: `` -Type: `string +Type: `string` #### mssql_ha_endpoint_port From 79a858a7343745ca1c005666934559c399bf66b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 23:00:29 +0800 Subject: [PATCH 14/17] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 05c31ea8..c0b1e334 100644 --- a/README.md +++ b/README.md @@ -788,6 +788,8 @@ A host var it means the list in ag read only router for when the replica is prim If variable is undefined will not set read only routing list. +See the doc from microsoft https://learn.microsoft.com/zh-cn/sql/database-engine/availability-groups/windows/configure-read-only-routing-for-an-availability-group-sql-server?view=sql-server-ver16 + The example: 'node-4','node-6' or ('node-4','node-6') Default: `` From cc7f1b1f7ceab42445cc2128978d59223237a466 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Sun, 23 Feb 2025 23:03:15 +0800 Subject: [PATCH 15/17] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c0b1e334..ae47000a 100644 --- a/README.md +++ b/README.md @@ -784,7 +784,7 @@ Type: `string` #### mssql_ha_read_only_routing_list -A host var it means the list in ag read only router for when the replica is primary role. +Read only routing list in availability group for when the replica is primary role. If variable is undefined will not set read only routing list. From 01883425f451fbc676bb0fafa7d200bff7e613fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Wed, 26 Feb 2025 10:18:27 +0800 Subject: [PATCH 16/17] Update tests/test_ag_with_read_only_url_list_allow_connection.yml Co-authored-by: Richard Megginson --- tests/test_ag_with_read_only_url_list_allow_connection.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/test_ag_with_read_only_url_list_allow_connection.yml b/tests/test_ag_with_read_only_url_list_allow_connection.yml index 036ea9cb..370286ca 100644 --- a/tests/test_ag_with_read_only_url_list_allow_connection.yml +++ b/tests/test_ag_with_read_only_url_list_allow_connection.yml @@ -1,3 +1,4 @@ +--- #all: # hosts: # 192.168.200.136: From 04b16329a210481e5268c193544fd253fe008164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A6=8F?= <69781045+zhuatuzilo@users.noreply.github.com> Date: Wed, 26 Feb 2025 10:18:32 +0800 Subject: [PATCH 17/17] Update tests/test_ag_with_read_only_url_list_allow_connection.yml Co-authored-by: Richard Megginson --- tests/test_ag_with_read_only_url_list_allow_connection.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/test_ag_with_read_only_url_list_allow_connection.yml b/tests/test_ag_with_read_only_url_list_allow_connection.yml index 370286ca..7681a0c8 100644 --- a/tests/test_ag_with_read_only_url_list_allow_connection.yml +++ b/tests/test_ag_with_read_only_url_list_allow_connection.yml @@ -36,7 +36,8 @@ # - 192.168.200.138 -- hosts: all +- name: Test AG with read only URL list allow connection + hosts: all vars: mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true mssql_accept_microsoft_odbc_driver_for_sql_server_eula: true