diff --git a/modules/openstack_project/manifests/slave_db.pp b/modules/openstack_project/manifests/slave_db.pp new file mode 100644 index 0000000000..c9a8067a86 --- /dev/null +++ b/modules/openstack_project/manifests/slave_db.pp @@ -0,0 +1,152 @@ +# Slave database configuration +class openstack_project::slave_db( + $all_mysql_privs = false, +){ + + $root_db_password = 'insecure_slave' + + if ($::operatingsystem == 'Fedora') and ($::operatingsystemrelease >= 19) { + class {'mysql::server': + config_hash => { + 'root_password' => $root_db_password, + 'default_engine' => 'MyISAM', + 'bind_address' => '127.0.0.1', + }, + package_name => 'community-mysql-server', + } + } else { + class {'mysql::server': + config_hash => { + 'root_password' => $root_db_password, + 'default_engine' => 'MyISAM', + 'bind_address' => '127.0.0.1', + }, + } + } + + include mysql::server::account_security + + mysql::db { 'openstack_citest': + user => 'openstack_citest', + password => 'openstack_citest', + host => 'localhost', + grant => ['all'], + require => [ + Class['mysql::server'], + Class['mysql::server::account_security'], + ], + } + + # mysql::db is too dumb to realize that the same user can have + # access to multiple databases and will fail if you try creating + # a second DB with the same user. Create the DB directly as mysql::db + # above is creating the user for us. + database { 'openstack_baremetal_citest': + ensure => present, + charset => 'utf8', + provider => 'mysql', + require => [ + Class['mysql::server'], + Class['mysql::server::account_security'], + ], + } + + database_grant { 'openstack_citest@localhost/openstack_baremetal_citest': + privileges => ['all'], + provider => 'mysql', + require => Database_user['openstack_citest@localhost'], + } + + if ($all_mysql_privs == true) { + database_grant { 'openstack_citest@localhost': + privileges => ['all'], + provider => 'mysql', + require => Database_user['openstack_citest@localhost'], + } + } + + # The puppetlabs postgres module does not manage the postgres user + # and group for us. Create them here to ensure concat can create + # dirs and files owned by this user and group. + user { 'postgres': + ensure => present, + gid => 'postgres', + system => true, + require => Group['postgres'], + } + + group { 'postgres': + ensure => present, + system => true, + } + + if ($::lsbdistcodename == 'trusty') { + class { 'postgresql::globals': + version => '9.3', + before => Class['postgresql::server'], + } + } + + class { 'postgresql::server': + postgres_password => $root_db_password, + manage_firewall => false, + # The puppetlabs postgres module incorrectly quotes ip addresses + # in the postgres server config. Use localhost instead. + listen_addresses => ['localhost'], + require => [ + User['postgres'], + Class['postgresql::params'], + ], + } + + class { 'postgresql::lib::devel': + require => Class['postgresql::params'], + } + + # Create DB user and explicitly make it non superuser + # that can create databases. + postgresql::server::role { 'openstack_citest': + password_hash => postgresql_password('openstack_citest', 'openstack_citest'), + createdb => true, + superuser => false, + require => Class['postgresql::server'], + } + + postgresql::server::db { 'openstack_citest': + user => 'openstack_citest', + password => postgresql_password('openstack_citest', 'openstack_citest'), + grant => 'all', + require => [ + Class['postgresql::server'], + Postgresql::Server::Role['openstack_citest'], + ], + } + + # Alter the new database giving the test DB user ownership of the DB. + # This is necessary to make the nova unittests run properly. + postgresql_psql { 'ALTER DATABASE openstack_citest OWNER TO openstack_citest': + db => 'postgres', + refreshonly => true, + subscribe => Postgresql::Server::Db['openstack_citest'], + } + + postgresql::server::db { 'openstack_baremetal_citest': + user => 'openstack_citest', + password => postgresql_password('openstack_citest', 'openstack_citest'), + grant => 'all', + require => [ + Class['postgresql::server'], + Postgresql::Server::Role['openstack_citest'], + ], + } + + # Alter the new database giving the test DB user ownership of the DB. + # This is necessary to make the nova unittests run properly. + postgresql_psql { 'ALTER DATABASE openstack_baremetal_citest OWNER TO + openstack_citest': + db => 'postgres', + refreshonly => true, + subscribe => Postgresql::Server::Db['openstack_baremetal_citest'], + } + +} diff --git a/modules/openstack_project/manifests/thick_slave.pp b/modules/openstack_project/manifests/thick_slave.pp index 8a7a9d3047..87a3ccbcb7 100644 --- a/modules/openstack_project/manifests/thick_slave.pp +++ b/modules/openstack_project/manifests/thick_slave.pp @@ -100,149 +100,14 @@ class openstack_project::thick_slave( require => Package[$::openstack_project::jenkins_params::rubygems_package], } - if ($::operatingsystem == 'Fedora') and ($::operatingsystemrelease >= 19) { - class {'mysql::server': - config_hash => { - 'root_password' => 'insecure_slave', - 'default_engine' => 'MyISAM', - 'bind_address' => '127.0.0.1', - }, - package_name => 'community-mysql-server', + if ($::in_chroot) { + notify { 'databases in chroot': + message => 'databases and grants not created, running in chroot', } } else { - class {'mysql::server': - config_hash => { - 'root_password' => 'insecure_slave', - 'default_engine' => 'MyISAM', - 'bind_address' => '127.0.0.1', - } + class { 'openstack_project::slave_db': + all_mysql_privs => $all_mysql_privs, } } - - include mysql::server::account_security - - mysql::db { 'openstack_citest': - user => 'openstack_citest', - password => 'openstack_citest', - host => 'localhost', - grant => ['all'], - require => [ - Class['mysql::server'], - Class['mysql::server::account_security'], - ], - } - - # mysql::db is too dumb to realize that the same user can have - # access to multiple databases and will fail if you try creating - # a second DB with the same user. Create the DB directly as mysql::db - # above is creating the user for us. - database { 'openstack_baremetal_citest': - ensure => present, - charset => 'utf8', - provider => 'mysql', - require => [ - Class['mysql::server'], - Class['mysql::server::account_security'], - ], - } - - database_grant { 'openstack_citest@localhost/openstack_baremetal_citest': - privileges => ['all'], - provider => 'mysql', - require => Database_user['openstack_citest@localhost'], - } - - if ($all_mysql_privs == true) { - database_grant { 'openstack_citest@localhost': - privileges => ['all'], - provider => 'mysql', - require => Database_user['openstack_citest@localhost'], - } - } - - # The puppetlabs postgres module does not manage the postgres user - # and group for us. Create them here to ensure concat can create - # dirs and files owned by this user and group. - user { 'postgres': - ensure => present, - gid => 'postgres', - system => true, - require => Group['postgres'], - } - - group { 'postgres': - ensure => present, - system => true, - } - - if ($::lsbdistcodename == 'trusty') { - class { 'postgresql::globals': - version => '9.3', - before => Class['postgresql::server'], - } - } - - class { 'postgresql::server': - postgres_password => 'insecure_slave', - manage_firewall => false, - # The puppetlabs postgres module incorrectly quotes ip addresses - # in the postgres server config. Use localhost instead. - listen_addresses => ['localhost'], - require => [ - User['postgres'], - Class['postgresql::params'], - ], - } - - class { 'postgresql::lib::devel': - require => Class['postgresql::params'], - } - - # Create DB user and explicitly make it non superuser - # that can create databases. - postgresql::server::role { 'openstack_citest': - password_hash => postgresql_password('openstack_citest', 'openstack_citest'), - createdb => true, - superuser => false, - require => Class['postgresql::server'], - } - - postgresql::server::db { 'openstack_citest': - user => 'openstack_citest', - password => postgresql_password('openstack_citest', 'openstack_citest'), - grant => 'all', - require => [ - Class['postgresql::server'], - Postgresql::Server::Role['openstack_citest'], - ], - } - - # Alter the new database giving the test DB user ownership of the DB. - # This is necessary to make the nova unittests run properly. - postgresql_psql { 'ALTER DATABASE openstack_citest OWNER TO openstack_citest': - db => 'postgres', - refreshonly => true, - subscribe => Postgresql::Server::Db['openstack_citest'], - } - - postgresql::server::db { 'openstack_baremetal_citest': - user => 'openstack_citest', - password => postgresql_password('openstack_citest', 'openstack_citest'), - grant => 'all', - require => [ - Class['postgresql::server'], - Postgresql::Server::Role['openstack_citest'], - ], - } - - # Alter the new database giving the test DB user ownership of the DB. - # This is necessary to make the nova unittests run properly. - postgresql_psql { 'ALTER DATABASE openstack_baremetal_citest OWNER TO - openstack_citest': - db => 'postgres', - refreshonly => true, - subscribe => Postgresql::Server::Db['openstack_baremetal_citest'], - } - } # vim:sw=2:ts=2:expandtab:textwidth=79