Refactor DB creation
- Move DB creation for every service to own task - Refactor Murano and Sahara DB configuration classes - Cherry-pick MySQL providers from upstream to allow DB creation and management on remote host - Remove openstack::db::mysql - Move database and user creation to a separete task - Either install local database or use an external one Implements: blueprint: detach-components-from-controllers Co-Authored-By: Sergii Golovatiuk <sgolovatiuk@mirantis.com> Co-Authored-By: Dmitry Ilyin <dilyin@mirantis.com> Change-Id: Iaf3b7913e8c79c08025dbdaf5f2beff7337ab644 Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
This commit is contained in:
parent
e0cc117d03
commit
906eb4217b
@ -1,36 +1,95 @@
|
|||||||
|
# == Class murano::db::mysql
|
||||||
|
#
|
||||||
|
# Class that configures mysql for sahara
|
||||||
|
#
|
||||||
|
# === Parameters:
|
||||||
|
#
|
||||||
|
# [*password*]
|
||||||
|
# Password to use for the murano user
|
||||||
|
#
|
||||||
|
# [*dbname*]
|
||||||
|
# (optional) The name of the database
|
||||||
|
# Defaults to 'murano'
|
||||||
|
#
|
||||||
|
# [*user*]
|
||||||
|
# (optional) The mysql user to create
|
||||||
|
# Defaults to 'murano'
|
||||||
|
#
|
||||||
|
# [*host*]
|
||||||
|
# (optional) The IP address of the mysql server
|
||||||
|
# Defaults to '127.0.0.1'
|
||||||
|
#
|
||||||
|
# [*charset*]
|
||||||
|
# (optional) The charset to use for the murano database
|
||||||
|
# Defaults to 'utf8'
|
||||||
|
#
|
||||||
|
# [*collate*]
|
||||||
|
# (optional) The collate to use for the morano database
|
||||||
|
# Defaults to 'utf8_general_ci'
|
||||||
|
#
|
||||||
|
# [*allowed_hosts*]
|
||||||
|
# (optional) Additional hosts that are allowed to access this DB
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
|
# [*cluster_id*]
|
||||||
|
# (optional) Deprecated. Does nothing
|
||||||
|
# Defaults to 'localzone'
|
||||||
|
#
|
||||||
|
# [*mysql_module*]
|
||||||
|
# (optional) Mysql puppet module version to use. Tested versions
|
||||||
|
# are 0.9 and 2.2.
|
||||||
|
# Defaults to '0.9'
|
||||||
|
#
|
||||||
class murano::db::mysql(
|
class murano::db::mysql(
|
||||||
$password = 'murano',
|
$password = 'murano',
|
||||||
$dbname = 'murano',
|
$dbname = 'murano',
|
||||||
$user = 'murano',
|
$user = 'murano',
|
||||||
$dbhost = 'localhost',
|
$dbhost = '127.0.0.1',
|
||||||
$charset = 'utf8',
|
$charset = 'utf8',
|
||||||
|
$collate = 'utf8_general_ci',
|
||||||
$allowed_hosts = undef,
|
$allowed_hosts = undef,
|
||||||
|
$mysql_module = '0.9'
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include 'murano::params'
|
if ($mysql_module >= 2.2) {
|
||||||
|
mysql::db { $dbname:
|
||||||
mysql::db { $dbname :
|
|
||||||
user => $user,
|
user => $user,
|
||||||
password => $password,
|
password => $password,
|
||||||
host => $dbhost,
|
host => $dbhost,
|
||||||
charset => $charset,
|
charset => $charset,
|
||||||
grant => ['all'],
|
collate => $collate,
|
||||||
|
require => Class['mysql::server'],
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
require 'mysql::python'
|
||||||
|
|
||||||
|
mysql::db { $dbname:
|
||||||
|
user => $user,
|
||||||
|
password => $password,
|
||||||
|
host => $dbhost,
|
||||||
|
charset => $charset,
|
||||||
|
require => Class['mysql::config'],
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if $allowed_hosts {
|
# Check allowed_hosts to avoid duplicate resource declarations
|
||||||
murano::db::mysql::host_access { $allowed_hosts:
|
if is_array($allowed_hosts) and delete($allowed_hosts,$dbhost) != [] {
|
||||||
|
$real_allowed_hosts = delete($allowed_hosts,$dbhost)
|
||||||
|
} elsif is_string($allowed_hosts) and ($allowed_hosts != $dbhost) {
|
||||||
|
$real_allowed_hosts = $allowed_hosts
|
||||||
|
}
|
||||||
|
|
||||||
|
if $real_allowed_hosts {
|
||||||
|
murano::db::mysql::host_access { $real_allowed_hosts:
|
||||||
user => $user,
|
user => $user,
|
||||||
password => $password,
|
password => $password,
|
||||||
database => $dbname,
|
database => $dbname,
|
||||||
|
mysql_module => $mysql_module,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$services = [ 'murano::api' ]
|
Database[$dbname] -> Class['murano::api']
|
||||||
# TODO(dteselkin): Update the line above similar
|
Database_user["${user}@${dbhost}"] -> Class['murano::api']
|
||||||
# to the line below when murano::engine is added.
|
Database_grant["${user}@${dbhost}/${dbname}"] -> Class['murano::api']
|
||||||
#$services = [ 'murano::conductor', 'murano::api' ]
|
|
||||||
Database[$dbname] -> Class[$services]
|
|
||||||
Database_user["${user}@${dbhost}"] -> Class[$services]
|
|
||||||
Database_grant["${user}@${dbhost}/${dbname}"] -> Class[$services]
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -13,8 +13,30 @@
|
|||||||
# [*database*]
|
# [*database*]
|
||||||
# the database name
|
# the database name
|
||||||
#
|
#
|
||||||
define murano::db::mysql::host_access ($user, $password, $database) {
|
# [*mysql_module*]
|
||||||
|
# mysql module version
|
||||||
|
#
|
||||||
|
define murano::db::mysql::host_access (
|
||||||
|
$user,
|
||||||
|
$password,
|
||||||
|
$database,
|
||||||
|
$mysql_module = '0.9'
|
||||||
|
) {
|
||||||
|
|
||||||
|
if ($mysql_module >= 2.2) {
|
||||||
|
mysql_user { "${user}@${name}":
|
||||||
|
password_hash => mysql_password($password),
|
||||||
|
require => Mysql_database[$database],
|
||||||
|
}
|
||||||
|
|
||||||
|
mysql_grant { "${user}@${name}/${database}.*":
|
||||||
|
privileges => ['ALL'],
|
||||||
|
options => ['GRANT'],
|
||||||
|
table => "${database}.*",
|
||||||
|
require => Mysql_user["${user}@${name}"],
|
||||||
|
user => "${user}@${name}"
|
||||||
|
}
|
||||||
|
} else {
|
||||||
database_user { "${user}@${name}":
|
database_user { "${user}@${name}":
|
||||||
password_hash => mysql_password($password),
|
password_hash => mysql_password($password),
|
||||||
provider => 'mysql',
|
provider => 'mysql',
|
||||||
@ -27,4 +49,5 @@ define murano::db::mysql::host_access ($user, $password, $database) {
|
|||||||
provider => 'mysql',
|
provider => 'mysql',
|
||||||
require => Database_user["${user}@${name}"]
|
require => Database_user["${user}@${name}"]
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -67,7 +67,10 @@ class murano (
|
|||||||
$murano_repo_url_string = undef,
|
$murano_repo_url_string = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
Class['mysql::server'] -> Class['murano::db::mysql'] -> Class['murano::murano_rabbitmq'] -> Class['murano::keystone'] -> Class['murano::python_muranoclient'] -> Class['murano::api'] -> Class['murano::dashboard']
|
Class['murano::murano_rabbitmq'] ->
|
||||||
|
Class['murano::keystone'] ->
|
||||||
|
Class['murano::python_muranoclient'] ->
|
||||||
|
Class['murano::api'] -> Class['murano::dashboard']
|
||||||
|
|
||||||
User['murano'] -> Class['murano::api'] -> File <| title == $murano_log_dir |>
|
User['murano'] -> Class['murano::api'] -> File <| title == $murano_log_dir |>
|
||||||
|
|
||||||
@ -107,14 +110,6 @@ class murano (
|
|||||||
mode => '0750',
|
mode => '0750',
|
||||||
}
|
}
|
||||||
|
|
||||||
class { 'murano::db::mysql':
|
|
||||||
password => $murano_db_password,
|
|
||||||
dbname => $murano_db_name,
|
|
||||||
user => $murano_db_user,
|
|
||||||
dbhost => $murano_db_host,
|
|
||||||
allowed_hosts => $murano_db_allowed_hosts,
|
|
||||||
}
|
|
||||||
|
|
||||||
class { 'murano::python_muranoclient':
|
class { 'murano::python_muranoclient':
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -162,8 +157,9 @@ class murano (
|
|||||||
external_network => $external_network,
|
external_network => $external_network,
|
||||||
}
|
}
|
||||||
|
|
||||||
class { 'murano::dashboard' :
|
$dashboard = '/usr/share/openstack-dashboard/openstack_dashboard/settings.py'
|
||||||
settings_py => '/usr/share/openstack-dashboard/openstack_dashboard/settings.py',
|
class { 'murano::dashboard':
|
||||||
|
settings_py => $dashboard,
|
||||||
repo_url_string => $murano_repo_url_string,
|
repo_url_string => $murano_repo_url_string,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -7,8 +7,21 @@ Puppet::Type.type(:database).provide(:mysql) do
|
|||||||
optional_commands :mysql => 'mysql'
|
optional_commands :mysql => 'mysql'
|
||||||
optional_commands :mysqladmin => 'mysqladmin'
|
optional_commands :mysqladmin => 'mysqladmin'
|
||||||
|
|
||||||
|
# Optional defaults file
|
||||||
|
def self.defaults_file
|
||||||
|
if File.file?('/root/.my.cnf')
|
||||||
|
"--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf"
|
||||||
|
else
|
||||||
|
nil
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def defaults_file
|
||||||
|
self.class.defaults_file
|
||||||
|
end
|
||||||
|
|
||||||
def self.instances
|
def self.instances
|
||||||
mysql('-NBe', "show databases").split("\n").collect do |name|
|
mysql(defaults_file, '-NBe', "show databases").split("\n").collect do |name|
|
||||||
new(:name => name)
|
new(:name => name)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@ -17,7 +30,7 @@ Puppet::Type.type(:database).provide(:mysql) do
|
|||||||
tries=10
|
tries=10
|
||||||
begin
|
begin
|
||||||
debug("Trying to create database #{@resource[:name]} ")
|
debug("Trying to create database #{@resource[:name]} ")
|
||||||
mysql('-NBe', "create database `#{@resource[:name]}` character set #{resource[:charset]}")
|
mysql(defaults_file, '-NBe', "create database `#{@resource[:name]}` character set #{resource[:charset]}")
|
||||||
rescue
|
rescue
|
||||||
debug("Can't connect to the server: #{tries} tries to reconnect")
|
debug("Can't connect to the server: #{tries} tries to reconnect")
|
||||||
sleep 5
|
sleep 5
|
||||||
@ -26,20 +39,20 @@ Puppet::Type.type(:database).provide(:mysql) do
|
|||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
mysqladmin('-f', 'drop', @resource[:name])
|
mysqladmin(defaults_file, '-f', 'drop', @resource[:name])
|
||||||
end
|
end
|
||||||
|
|
||||||
def charset
|
def charset
|
||||||
mysql('-NBe', "show create database `#{resource[:name]}`").match(/.*?(\S+)\s\*\//)[1]
|
mysql(defaults_file, '-NBe', "show create database `#{resource[:name]}`").match(/.*?(\S+)\s\*\//)[1]
|
||||||
end
|
end
|
||||||
|
|
||||||
def charset=(value)
|
def charset=(value)
|
||||||
mysql('-NBe', "alter database `#{resource[:name]}` CHARACTER SET #{value}")
|
mysql(defaults_file, '-NBe', "alter database `#{resource[:name]}` CHARACTER SET #{value}")
|
||||||
end
|
end
|
||||||
|
|
||||||
def exists?
|
def exists?
|
||||||
begin
|
begin
|
||||||
mysql('-NBe', "show databases").match(/^#{@resource[:name]}$/)
|
mysql(defaults_file, '-NBe', "show databases").match(/^#{@resource[:name]}$/)
|
||||||
rescue => e
|
rescue => e
|
||||||
debug(e.message)
|
debug(e.message)
|
||||||
return nil
|
return nil
|
||||||
|
@ -11,6 +11,19 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
optional_commands :mysql => 'mysql'
|
optional_commands :mysql => 'mysql'
|
||||||
optional_commands :mysqladmin => 'mysqladmin'
|
optional_commands :mysqladmin => 'mysqladmin'
|
||||||
|
|
||||||
|
# Optional defaults file
|
||||||
|
def self.defaults_file
|
||||||
|
if File.file?('/root/.my.cnf')
|
||||||
|
"--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf"
|
||||||
|
else
|
||||||
|
nil
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def defaults_file
|
||||||
|
self.class.defaults_file
|
||||||
|
end
|
||||||
|
|
||||||
def self.prefetch(resources)
|
def self.prefetch(resources)
|
||||||
@user_privs = nil
|
@user_privs = nil
|
||||||
@db_privs = nil
|
@db_privs = nil
|
||||||
@ -33,19 +46,19 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
end
|
end
|
||||||
|
|
||||||
def self.query_user_privs
|
def self.query_user_privs
|
||||||
results = mysql("mysql", "-Be", "describe user")
|
results = mysql(defaults_file, "mysql", "-Be", "describe user")
|
||||||
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
|
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
|
||||||
@user_privs = column_names.delete_if { |e| !( e =~/_priv$/) }
|
@user_privs = column_names.delete_if { |e| !( e =~/_priv$/) }
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.query_db_privs
|
def self.query_db_privs
|
||||||
results = mysql("mysql", "-Be", "describe db")
|
results = mysql(defaults_file, "mysql", "-Be", "describe db")
|
||||||
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
|
column_names = results.split(/\n/).map { |l| l.chomp.split(/\t/)[0] }
|
||||||
@db_privs = column_names.delete_if { |e| !(e =~/_priv$/) }
|
@db_privs = column_names.delete_if { |e| !(e =~/_priv$/) }
|
||||||
end
|
end
|
||||||
|
|
||||||
def mysql_flush
|
def mysql_flush
|
||||||
mysqladmin "flush-privileges"
|
mysqladmin defaults_file, "flush-privileges"
|
||||||
end
|
end
|
||||||
|
|
||||||
# this parses the
|
# this parses the
|
||||||
@ -73,11 +86,11 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
name = split_name(@resource[:name])
|
name = split_name(@resource[:name])
|
||||||
case name[:type]
|
case name[:type]
|
||||||
when :user
|
when :user
|
||||||
mysql "mysql", "-e", "INSERT INTO user (host, user) VALUES ('%s', '%s')" % [
|
mysql defaults_file, "mysql", "-e", "INSERT INTO user (host, user) VALUES ('%s', '%s')" % [
|
||||||
name[:host], name[:user],
|
name[:host], name[:user],
|
||||||
]
|
]
|
||||||
when :db
|
when :db
|
||||||
mysql "mysql", "-e", "INSERT INTO db (host, user, db) VALUES ('%s', '%s', '%s')" % [
|
mysql defaults_file, "mysql", "-e", "INSERT INTO db (host, user, db) VALUES ('%s', '%s', '%s')" % [
|
||||||
name[:host], name[:user], name[:db],
|
name[:host], name[:user], name[:db],
|
||||||
]
|
]
|
||||||
end
|
end
|
||||||
@ -86,7 +99,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
mysql "mysql", "-e", "REVOKE ALL ON '%s'.* FROM '%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name], @resource[:host] ]
|
mysql defaults_file, "mysql", "-e", "REVOKE ALL ON '%s'.* FROM '%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name], @resource[:host] ]
|
||||||
end
|
end
|
||||||
|
|
||||||
def row_exists?
|
def row_exists?
|
||||||
@ -95,7 +108,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
if name[:type] == :db
|
if name[:type] == :db
|
||||||
fields << :db
|
fields << :db
|
||||||
end
|
end
|
||||||
not mysql( "mysql", "-NBe", 'SELECT "1" FROM %s WHERE %s' % [ name[:type], fields.map do |f| "%s = '%s'" % [f, name[f]] end.join(' AND ')]).empty?
|
not mysql(defaults_file, "mysql", "-NBe", 'SELECT "1" FROM %s WHERE %s' % [ name[:type], fields.map do |f| "%s = '%s'" % [f, name[f]] end.join(' AND ')]).empty?
|
||||||
end
|
end
|
||||||
|
|
||||||
def all_privs_set?
|
def all_privs_set?
|
||||||
@ -117,9 +130,9 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
|
|
||||||
case name[:type]
|
case name[:type]
|
||||||
when :user
|
when :user
|
||||||
privs = mysql "mysql", "-Be", 'select * from user where user="%s" and host="%s"' % [ name[:user], name[:host] ]
|
privs = mysql defaults_file, "mysql", "-Be", 'select * from user where user="%s" and host="%s"' % [ name[:user], name[:host] ]
|
||||||
when :db
|
when :db
|
||||||
privs = mysql "mysql", "-Be", 'select * from db where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ]
|
privs = mysql defaults_file, "mysql", "-Be", 'select * from db where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ]
|
||||||
end
|
end
|
||||||
|
|
||||||
if privs.match(/^$/)
|
if privs.match(/^$/)
|
||||||
@ -170,7 +183,7 @@ Puppet::Type.type(:database_grant).provide(:mysql) do
|
|||||||
# puts "set:", set
|
# puts "set:", set
|
||||||
stmt = stmt << set << where
|
stmt = stmt << set << where
|
||||||
|
|
||||||
mysql "mysql", "-Be", stmt
|
mysql defaults_file, "mysql", "-Be", stmt
|
||||||
mysql_flush
|
mysql_flush
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -7,33 +7,46 @@ Puppet::Type.type(:database_user).provide(:mysql) do
|
|||||||
optional_commands :mysql => 'mysql'
|
optional_commands :mysql => 'mysql'
|
||||||
optional_commands :mysqladmin => 'mysqladmin'
|
optional_commands :mysqladmin => 'mysqladmin'
|
||||||
|
|
||||||
|
# Optional defaults file
|
||||||
|
def self.defaults_file
|
||||||
|
if File.file?('/root/.my.cnf')
|
||||||
|
"--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf"
|
||||||
|
else
|
||||||
|
nil
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def defaults_file
|
||||||
|
self.class.defaults_file
|
||||||
|
end
|
||||||
|
|
||||||
def self.instances
|
def self.instances
|
||||||
users = mysql("mysql", '-BNe' "select concat(User, '@',Host) as User from mysql.user").split("\n")
|
users = mysql(defaults_file, "mysql", '-BNe' "select concat(User, '@',Host) as User from mysql.user").split("\n")
|
||||||
users.select{ |user| user =~ /.+@/ }.collect do |name|
|
users.select{ |user| user =~ /.+@/ }.collect do |name|
|
||||||
new(:name => name)
|
new(:name => name)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
mysql("mysql", "-e", "create user '%s' identified by PASSWORD '%s'" % [ @resource[:name].sub("@", "'@'"), @resource.value(:password_hash) ])
|
mysql(defaults_file, "mysql", "-e", "create user '%s' identified by PASSWORD '%s'" % [ @resource[:name].sub("@", "'@'"), @resource.value(:password_hash) ])
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
mysql("mysql", "-e", "drop user '%s'" % @resource.value(:name).sub("@", "'@'") )
|
mysql(defaults_file, "mysql", "-e", "drop user '%s'" % @resource.value(:name).sub("@", "'@'") )
|
||||||
end
|
end
|
||||||
|
|
||||||
def password_hash
|
def password_hash
|
||||||
mysql("mysql", "-NBe", "select password from user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).chomp
|
mysql(defaults_file, "mysql", "-NBe", "select password from user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).chomp
|
||||||
end
|
end
|
||||||
|
|
||||||
def password_hash=(string)
|
def password_hash=(string)
|
||||||
mysql("mysql", "-e", "SET PASSWORD FOR '%s' = '%s'" % [ @resource[:name].sub("@", "'@'"), string ] )
|
mysql(defaults_file, "mysql", "-e", "SET PASSWORD FOR '%s' = '%s'" % [ @resource[:name].sub("@", "'@'"), string ] )
|
||||||
end
|
end
|
||||||
|
|
||||||
def exists?
|
def exists?
|
||||||
tries=10
|
tries=10
|
||||||
begin
|
begin
|
||||||
not mysql("mysql", "-NBe", "select '1' from user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).empty?
|
not mysql(defaults_file, "mysql", "-NBe", "select '1' from user where CONCAT(user, '@', host) = '%s'" % @resource.value(:name)).empty?
|
||||||
rescue
|
rescue
|
||||||
debug("Can't connect to the mysql server: #{tries} tries to reconnect")
|
debug("Can't connect to the mysql server: #{tries} tries to reconnect")
|
||||||
sleep 5
|
sleep 5
|
||||||
@ -43,7 +56,7 @@ Puppet::Type.type(:database_user).provide(:mysql) do
|
|||||||
|
|
||||||
def flush
|
def flush
|
||||||
@property_hash.clear
|
@property_hash.clear
|
||||||
mysqladmin "flush-privileges"
|
mysqladmin defaults_file, "flush-privileges"
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
@ -1,154 +0,0 @@
|
|||||||
#
|
|
||||||
# === Class: openstack::db::mysql
|
|
||||||
#
|
|
||||||
# Create MySQL databases for all components of
|
|
||||||
# OpenStack that require a database
|
|
||||||
#
|
|
||||||
# === Parameters
|
|
||||||
#
|
|
||||||
# [mysql_root_password] Root password for mysql. Required.
|
|
||||||
# [keystone_db_password] Password for keystone database. Required.
|
|
||||||
# [glance_db_password] Password for glance database. Required.
|
|
||||||
# [nova_db_password] Password for nova database. Required.
|
|
||||||
# [mysql_bind_address] Address that mysql will bind to. Optional .Defaults to '0.0.0.0'.
|
|
||||||
# [mysql_account_security] If a secure mysql db should be setup. Optional .Defaults to true.
|
|
||||||
# [keystone_db_user] DB user for keystone. Optional. Defaults to 'keystone'.
|
|
||||||
# [keystone_db_dbname] DB name for keystone. Optional. Defaults to 'keystone'.
|
|
||||||
# [glance_db_user] DB user for glance. Optional. Defaults to 'glance'.
|
|
||||||
# [glance_db_dbname]. Name of glance DB. Optional. Defaults to 'glance'.
|
|
||||||
# [nova_db_user]. Name of nova DB user. Optional. Defaults to 'nova'.
|
|
||||||
# [nova_db_dbname]. Name of nova DB. Optional. Defaults to 'nova'.
|
|
||||||
# [allowed_hosts] List of hosts that are allowed access. Optional. Defaults to false.
|
|
||||||
# [enabled] If the db service should be started. Optional. Defaults to true.
|
|
||||||
#
|
|
||||||
# === Example
|
|
||||||
#
|
|
||||||
# class { 'openstack::db::mysql':
|
|
||||||
# mysql_root_password => 'changeme',
|
|
||||||
# keystone_db_password => 'changeme',
|
|
||||||
# glance_db_password => 'changeme',
|
|
||||||
# nova_db_password => 'changeme',
|
|
||||||
# allowed_hosts => ['127.0.0.1', '10.0.0.%'],
|
|
||||||
# }
|
|
||||||
class openstack::db::mysql (
|
|
||||||
# Required MySQL
|
|
||||||
# passwords
|
|
||||||
$mysql_root_password,
|
|
||||||
$keystone_db_password,
|
|
||||||
$glance_db_password,
|
|
||||||
$nova_db_password,
|
|
||||||
$cinder_db_password,
|
|
||||||
$neutron_db_password,
|
|
||||||
# MySQL
|
|
||||||
$mysql_bind_address = '0.0.0.0',
|
|
||||||
$mysql_account_security = true,
|
|
||||||
# Keystone
|
|
||||||
$keystone_db_user = 'keystone',
|
|
||||||
$keystone_db_dbname = 'keystone',
|
|
||||||
# Glance
|
|
||||||
$glance_db_user = 'glance',
|
|
||||||
$glance_db_dbname = 'glance',
|
|
||||||
# Nova
|
|
||||||
$nova_db_user = 'nova',
|
|
||||||
$nova_db_dbname = 'nova',
|
|
||||||
$allowed_hosts = false,
|
|
||||||
# Cinder
|
|
||||||
$cinder = true,
|
|
||||||
$cinder_db_user = 'cinder',
|
|
||||||
$cinder_db_dbname = 'cinder',
|
|
||||||
# neutron
|
|
||||||
$neutron = true,
|
|
||||||
$neutron_db_user = 'neutron',
|
|
||||||
$neutron_db_dbname = 'neutron',
|
|
||||||
$enabled = true,
|
|
||||||
$galera_cluster_name = 'openstack',
|
|
||||||
$primary_controller = false,
|
|
||||||
$galera_node_address = '127.0.0.1',
|
|
||||||
$db_host = '127.0.0.1',
|
|
||||||
$galera_nodes = ['127.0.0.1'],
|
|
||||||
$mysql_skip_name_resolve = false,
|
|
||||||
$custom_setup_class = undef,
|
|
||||||
$use_syslog = false,
|
|
||||||
$debug = false,
|
|
||||||
) {
|
|
||||||
|
|
||||||
if $custom_setup_class {
|
|
||||||
file { '/etc/mysql/my.cnf':
|
|
||||||
ensure => absent,
|
|
||||||
require => Class['mysql::server']
|
|
||||||
}
|
|
||||||
$config_hash_real = {
|
|
||||||
'config_file' => '/etc/my.cnf'
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$config_hash_real = {}
|
|
||||||
}
|
|
||||||
|
|
||||||
class { "mysql::server" :
|
|
||||||
bind_address => '0.0.0.0',
|
|
||||||
etc_root_password => true,
|
|
||||||
root_password => $mysql_root_password,
|
|
||||||
old_root_password => '',
|
|
||||||
galera_cluster_name => $galera_cluster_name,
|
|
||||||
primary_controller => $primary_controller,
|
|
||||||
galera_node_address => $galera_node_address,
|
|
||||||
galera_nodes => $galera_nodes,
|
|
||||||
enabled => $enabled,
|
|
||||||
custom_setup_class => $custom_setup_class,
|
|
||||||
mysql_skip_name_resolve => $mysql_skip_name_resolve,
|
|
||||||
use_syslog => $use_syslog,
|
|
||||||
config_hash => $config_hash_real,
|
|
||||||
}
|
|
||||||
|
|
||||||
# This removes default users and guest access
|
|
||||||
if $mysql_account_security and $custom_setup_class == undef {
|
|
||||||
class { 'mysql::server::account_security': }
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($enabled) {
|
|
||||||
# Create the Keystone db
|
|
||||||
class { 'keystone::db::mysql':
|
|
||||||
user => $keystone_db_user,
|
|
||||||
password => $keystone_db_password,
|
|
||||||
dbname => $keystone_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create the Glance db
|
|
||||||
class { 'glance::db::mysql':
|
|
||||||
user => $glance_db_user,
|
|
||||||
password => $glance_db_password,
|
|
||||||
dbname => $glance_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
}
|
|
||||||
|
|
||||||
# Create the Nova db
|
|
||||||
class { 'nova::db::mysql':
|
|
||||||
user => $nova_db_user,
|
|
||||||
password => $nova_db_password,
|
|
||||||
dbname => $nova_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
}
|
|
||||||
|
|
||||||
# create cinder db
|
|
||||||
if ($cinder) {
|
|
||||||
class { 'cinder::db::mysql':
|
|
||||||
user => $cinder_db_user,
|
|
||||||
password => $cinder_db_password,
|
|
||||||
dbname => $cinder_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# create neutron db
|
|
||||||
if ($neutron) {
|
|
||||||
class { 'neutron::db::mysql':
|
|
||||||
user => $neutron_db_user,
|
|
||||||
password => $neutron_db_password,
|
|
||||||
dbname => $neutron_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -6,7 +6,6 @@ class openstack::heat (
|
|||||||
$enabled = true,
|
$enabled = true,
|
||||||
|
|
||||||
$keystone_auth = true,
|
$keystone_auth = true,
|
||||||
$create_heat_db = true,
|
|
||||||
$keystone_host = '127.0.0.1',
|
$keystone_host = '127.0.0.1',
|
||||||
$keystone_port = '35357',
|
$keystone_port = '35357',
|
||||||
$keystone_service_port = '5000',
|
$keystone_service_port = '5000',
|
||||||
@ -118,19 +117,6 @@ class openstack::heat (
|
|||||||
action => 'accept',
|
action => 'accept',
|
||||||
}
|
}
|
||||||
|
|
||||||
# Follow the Heat installation order
|
|
||||||
# DB
|
|
||||||
if ($create_heat_db){
|
|
||||||
class { 'heat::db::mysql':
|
|
||||||
password => $db_password,
|
|
||||||
dbname => $db_name,
|
|
||||||
user => $db_user,
|
|
||||||
host => $db_host,
|
|
||||||
allowed_hosts => $db_allowed_hosts,
|
|
||||||
require => Firewall['204 heat-api'],
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($keystone_auth){
|
if ($keystone_auth){
|
||||||
# Auth
|
# Auth
|
||||||
class { 'heat::keystone::auth' :
|
class { 'heat::keystone::auth' :
|
||||||
|
43
deployment/puppet/osnailyfacter/manifests/mysql_access.pp
Normal file
43
deployment/puppet/osnailyfacter/manifests/mysql_access.pp
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
# == Class osnailyfacter::mysql_access
|
||||||
|
#
|
||||||
|
# Class that configures .my.cnf for services
|
||||||
|
#
|
||||||
|
# === Parameters:
|
||||||
|
#
|
||||||
|
# [*db_user*]
|
||||||
|
# (optional) The mysql user to create
|
||||||
|
# Defaults to 'root'
|
||||||
|
#
|
||||||
|
# [*db_password*]
|
||||||
|
# Password to use for db_user
|
||||||
|
#
|
||||||
|
# [*db_host*]
|
||||||
|
# (optional) The IP address of the mysql server
|
||||||
|
# Defaults to '127.0.0.1'
|
||||||
|
#
|
||||||
|
class osnailyfacter::mysql_access (
|
||||||
|
$ensure = 'present',
|
||||||
|
$db_user = 'root',
|
||||||
|
$db_password = '',
|
||||||
|
$db_host = 'localhost',
|
||||||
|
) {
|
||||||
|
$default_file_path = '/root/.my.cnf'
|
||||||
|
$host_file_path = "/root/.my.${db_host}.cnf"
|
||||||
|
|
||||||
|
file { "${db_host}-mysql-access":
|
||||||
|
ensure => $ensure,
|
||||||
|
path => $host_file_path,
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0640',
|
||||||
|
content => template('osnailyfacter/mysql.access.cnf.erb')
|
||||||
|
}
|
||||||
|
|
||||||
|
if $ensure == 'present' {
|
||||||
|
file { 'default-mysql-access-link':
|
||||||
|
ensure => 'symlink',
|
||||||
|
path => $default_file_path,
|
||||||
|
target => $host_file_path,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
41
deployment/puppet/osnailyfacter/manifests/mysql_root.pp
Normal file
41
deployment/puppet/osnailyfacter/manifests/mysql_root.pp
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
# == Class osnailyfacter::mysql_root
|
||||||
|
#
|
||||||
|
# Class for root grant permissions
|
||||||
|
#
|
||||||
|
# [*password*]
|
||||||
|
# Password to use with root user
|
||||||
|
#
|
||||||
|
class osnailyfacter::mysql_root (
|
||||||
|
$password = '',
|
||||||
|
) {
|
||||||
|
|
||||||
|
Exec {
|
||||||
|
path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
|
||||||
|
creates => '/root/.my.cnf',
|
||||||
|
}
|
||||||
|
|
||||||
|
exec { 'mysql_drop_test' :
|
||||||
|
command => "mysql -NBe \"drop database if exists test\"",
|
||||||
|
} ->
|
||||||
|
|
||||||
|
exec { 'mysql_root_%' :
|
||||||
|
command => "mysql -NBe \"grant all on *.* to 'root'@'%' with grant option\"",
|
||||||
|
} ->
|
||||||
|
|
||||||
|
exec { 'mysql_root_localhost' :
|
||||||
|
command => "mysql -NBe \"grant all on *.* to 'root'@'localhost' with grant option\"",
|
||||||
|
} ->
|
||||||
|
|
||||||
|
exec { 'mysql_root_127.0.0.1' :
|
||||||
|
command => "mysql -NBe \"grant all on *.* to 'root'@'127.0.0.1' with grant option\"",
|
||||||
|
} ->
|
||||||
|
|
||||||
|
exec { 'mysql_root_password' :
|
||||||
|
command => "mysql -NBe \"update mysql.user set password = password('${password}') where user = 'root'\"",
|
||||||
|
} ->
|
||||||
|
|
||||||
|
exec { 'mysql_flush_privileges' :
|
||||||
|
command => "mysql -NBe \"flush privileges\"",
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -1,111 +1,106 @@
|
|||||||
notice('MODULAR: database.pp')
|
notice('MODULAR: database.pp')
|
||||||
|
|
||||||
$neutron = hiera('use_neutron')
|
|
||||||
$mysql_hash = hiera('mysql')
|
|
||||||
$keystone_hash = hiera('keystone')
|
|
||||||
$glance_hash = hiera('glance')
|
|
||||||
$nova_hash = hiera('nova')
|
|
||||||
$cinder_hash = hiera('cinder')
|
|
||||||
$internal_address = hiera('internal_address')
|
$internal_address = hiera('internal_address')
|
||||||
$network_scheme = hiera('network_scheme', {})
|
$management_network_range = hiera('management_network_range')
|
||||||
$neutron_db_password = hiera('neutron_db_password', false)
|
|
||||||
$controller_nodes = hiera('controller_nodes')
|
$controller_nodes = hiera('controller_nodes')
|
||||||
$use_syslog = hiera('use_syslog', true)
|
$use_syslog = hiera('use_syslog', true)
|
||||||
$primary_controller = hiera('primary_controller')
|
$primary_controller = hiera('primary_controller')
|
||||||
$management_vip = hiera('management_vip')
|
$management_vip = hiera('management_vip')
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
|
||||||
$haproxy_stats_port = '10000'
|
$haproxy_stats_port = '10000'
|
||||||
$haproxy_stats_url = "http://${management_vip}:${haproxy_stats_port}/;csv"
|
$haproxy_stats_url = "http://${management_vip}:${haproxy_stats_port}/;csv"
|
||||||
|
|
||||||
$mysql_root_password = $mysql_hash['root_password']
|
$mysql_database_password = $mysql_hash['root_password']
|
||||||
|
$mysql_database_enabled = pick($mysql_hash['enabled'], true)
|
||||||
|
$mysql_db_host = pick($database_vip, $management_vip, 'localhost')
|
||||||
|
|
||||||
$mysql_bind_address = '0.0.0.0'
|
$mysql_bind_address = '0.0.0.0'
|
||||||
$mysql_account_security = true
|
|
||||||
|
|
||||||
$keystone_db_user = 'keystone'
|
|
||||||
$keystone_db_dbname = 'keystone'
|
|
||||||
$keystone_db_password = $keystone_hash['db_password']
|
|
||||||
|
|
||||||
$glance_db_user = 'glance'
|
|
||||||
$glance_db_dbname = 'glance'
|
|
||||||
$glance_db_password = $glance_hash['db_password']
|
|
||||||
|
|
||||||
$nova_db_user = 'nova'
|
|
||||||
$nova_db_dbname = 'nova'
|
|
||||||
$nova_db_password = $nova_hash['db_password']
|
|
||||||
|
|
||||||
$cinder_db_user = 'cinder'
|
|
||||||
$cinder_db_dbname = 'cinder'
|
|
||||||
$cinder_db_password = $cinder_hash['db_password']
|
|
||||||
|
|
||||||
$neutron_db_user = 'neutron'
|
|
||||||
$neutron_db_dbname = 'neutron'
|
|
||||||
|
|
||||||
$enabled = true
|
$enabled = true
|
||||||
$allowed_hosts = [ '%', $::hostname ]
|
|
||||||
$galera_cluster_name = 'openstack'
|
$galera_cluster_name = 'openstack'
|
||||||
$galera_node_address = $internal_address
|
$galera_node_address = $internal_address
|
||||||
$galera_nodes = $controller_nodes
|
$galera_nodes = $controller_nodes
|
||||||
$custom_mysql_setup_class = 'galera'
|
|
||||||
$mysql_skip_name_resolve = true
|
$mysql_skip_name_resolve = true
|
||||||
|
$custom_setup_class = 'galera'
|
||||||
|
|
||||||
$status_user = 'clustercheck'
|
$status_user = 'clustercheck'
|
||||||
$status_password = $mysql_hash['wsrep_password']
|
$status_password = $mysql_hash['wsrep_password']
|
||||||
$backend_port = '3307'
|
$backend_port = '3307'
|
||||||
$backend_timeout = '10'
|
$backend_timeout = '10'
|
||||||
$man_net = $network_scheme['endpoints'][$network_scheme['roles']['management']]['IP']
|
|
||||||
|
|
||||||
###############################################################################
|
#############################################################################
|
||||||
|
|
||||||
class { 'openstack::db::mysql':
|
if $mysql_database_enabled {
|
||||||
mysql_root_password => $mysql_root_password,
|
|
||||||
mysql_bind_address => $mysql_bind_address,
|
if $custom_setup_class {
|
||||||
mysql_account_security => $mysql_account_security,
|
file { '/etc/mysql/my.cnf':
|
||||||
keystone_db_user => $keystone_db_user,
|
ensure => absent,
|
||||||
keystone_db_password => $keystone_db_password,
|
require => Class['mysql::server']
|
||||||
keystone_db_dbname => $keystone_db_dbname,
|
}
|
||||||
glance_db_user => $glance_db_user,
|
$config_hash_real = {
|
||||||
glance_db_password => $glance_db_password,
|
'config_file' => '/etc/my.cnf'
|
||||||
glance_db_dbname => $glance_db_dbname,
|
}
|
||||||
nova_db_user => $nova_db_user,
|
} else {
|
||||||
nova_db_password => $nova_db_password,
|
$config_hash_real = { }
|
||||||
nova_db_dbname => $nova_db_dbname,
|
}
|
||||||
cinder => $cinder,
|
|
||||||
cinder_db_user => $cinder_db_user,
|
class { 'mysql::server':
|
||||||
cinder_db_password => $cinder_db_password,
|
bind_address => '0.0.0.0',
|
||||||
cinder_db_dbname => $cinder_db_dbname,
|
etc_root_password => true,
|
||||||
neutron => $neutron,
|
root_password => $mysql_database_password,
|
||||||
neutron_db_user => $neutron_db_user,
|
old_root_password => '',
|
||||||
neutron_db_password => $neutron_db_password,
|
|
||||||
neutron_db_dbname => $neutron_db_dbname,
|
|
||||||
allowed_hosts => $allowed_hosts,
|
|
||||||
enabled => $enabled,
|
|
||||||
galera_cluster_name => $galera_cluster_name,
|
galera_cluster_name => $galera_cluster_name,
|
||||||
primary_controller => $primary_controller,
|
primary_controller => $primary_controller,
|
||||||
galera_node_address => $galera_node_address,
|
galera_node_address => $galera_node_address,
|
||||||
galera_nodes => $galera_nodes,
|
galera_nodes => $galera_nodes,
|
||||||
custom_setup_class => $custom_mysql_setup_class,
|
enabled => $enabled,
|
||||||
|
custom_setup_class => $custom_setup_class,
|
||||||
mysql_skip_name_resolve => $mysql_skip_name_resolve,
|
mysql_skip_name_resolve => $mysql_skip_name_resolve,
|
||||||
use_syslog => $use_syslog,
|
use_syslog => $use_syslog,
|
||||||
}
|
config_hash => $config_hash_real,
|
||||||
|
}
|
||||||
|
|
||||||
class { 'openstack::galera::status':
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_user => 'root',
|
||||||
|
db_password => $mysql_database_password,
|
||||||
|
db_host => $mysql_db_host,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_root':
|
||||||
|
password => $mysql_database_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
exec { 'initial_access_config':
|
||||||
|
command => '/bin/ln -sf /etc/mysql/conf.d/password.cnf /root/.my.cnf',
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'openstack::galera::status':
|
||||||
status_user => $status_user,
|
status_user => $status_user,
|
||||||
status_password => $status_password,
|
status_password => $status_password,
|
||||||
status_allow => $galera_node_address,
|
status_allow => $galera_node_address,
|
||||||
backend_host => $galera_node_address,
|
backend_host => $galera_node_address,
|
||||||
backend_port => $backend_port,
|
backend_port => $backend_port,
|
||||||
backend_timeout => $backend_timeout,
|
backend_timeout => $backend_timeout,
|
||||||
only_from => "127.0.0.1 240.0.0.2 ${man_net}",
|
only_from => "127.0.0.1 240.0.0.2 ${management_network_range}",
|
||||||
}
|
}
|
||||||
|
|
||||||
haproxy_backend_status { 'mysql' :
|
haproxy_backend_status { 'mysql' :
|
||||||
name => 'mysqld',
|
name => 'mysqld',
|
||||||
url => $haproxy_stats_url,
|
url => $haproxy_stats_url,
|
||||||
|
}
|
||||||
|
|
||||||
|
package { 'socat':
|
||||||
|
ensure => 'present'
|
||||||
|
}
|
||||||
|
|
||||||
|
Package['socat'] ->
|
||||||
|
Class['mysql::server'] ->
|
||||||
|
Class['osnailyfacter::mysql_root'] ->
|
||||||
|
Exec['initial_access_config'] ->
|
||||||
|
Class['openstack::galera::status'] ->
|
||||||
|
Haproxy_backend_status['mysql'] ->
|
||||||
|
Class['osnailyfacter::mysql_access']
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
package { 'socat': ensure => present }
|
|
||||||
|
|
||||||
Package['socat'] -> Class['openstack::db::mysql']
|
|
||||||
Class['openstack::db::mysql'] -> Class['openstack::galera::status']
|
|
||||||
Class['openstack::galera::status'] -> Haproxy_backend_status['mysql']
|
|
||||||
Class['mysql::server'] -> Haproxy_backend_status['mysql']
|
|
||||||
|
47
deployment/puppet/osnailyfacter/modular/glance/glance_db.pp
Normal file
47
deployment/puppet/osnailyfacter/modular/glance/glance_db.pp
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
notice('MODULAR: glance_db.pp')
|
||||||
|
|
||||||
|
$glance_hash = hiera_hash('glance', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($glance_hash['db_user'], 'glance')
|
||||||
|
$db_name = pick($glance_hash['db_name'], 'glance')
|
||||||
|
$db_password = pick($glance_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($glance_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($glance_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($glance_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($glance_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $db_create {
|
||||||
|
|
||||||
|
class { 'glance::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['glance::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -8,15 +8,6 @@ class GlancePreTest < Test::Unit::TestCase
|
|||||||
assert TestCommon::HAProxy.backend_present?(BACKEND), "There is no '#{BACKEND}' HAProxy backend!"
|
assert TestCommon::HAProxy.backend_present?(BACKEND), "There is no '#{BACKEND}' HAProxy backend!"
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_mysql_accessible_for_glance
|
|
||||||
TestCommon::MySQL.pass = TestCommon::Settings.glance['db_password']
|
|
||||||
TestCommon::MySQL.user = 'glance'
|
|
||||||
TestCommon::MySQL.host = TestCommon::Settings.management_vip
|
|
||||||
TestCommon::MySQL.port = 3306
|
|
||||||
TestCommon::MySQL.db = 'glance'
|
|
||||||
assert TestCommon::MySQL.connection?, 'Cannot connect to MySQL with Glance auth!'
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_amqp_accessible
|
def test_amqp_accessible
|
||||||
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
||||||
end
|
end
|
||||||
|
@ -11,3 +11,14 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/glance/glance_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/glance/glance_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/glance/glance_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/glance/glance_post.rb
|
||||||
|
|
||||||
|
- id: glance-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [glance]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/glance/glance_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
|
||||||
|
@ -50,7 +50,6 @@ if $::operatingsystem == 'Ubuntu' {
|
|||||||
class { 'openstack::heat' :
|
class { 'openstack::heat' :
|
||||||
external_ip => $controller_node_public,
|
external_ip => $controller_node_public,
|
||||||
keystone_auth => pick($heat_hash['keystone_auth'], true),
|
keystone_auth => pick($heat_hash['keystone_auth'], true),
|
||||||
create_heat_db => pick($heat_hash['create_heat_db'], true),
|
|
||||||
api_bind_host => $internal_address,
|
api_bind_host => $internal_address,
|
||||||
api_cfn_bind_host => $internal_address,
|
api_cfn_bind_host => $internal_address,
|
||||||
api_cloudwatch_bind_host => $internal_address,
|
api_cloudwatch_bind_host => $internal_address,
|
||||||
|
47
deployment/puppet/osnailyfacter/modular/heat/heat_db.pp
Normal file
47
deployment/puppet/osnailyfacter/modular/heat/heat_db.pp
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
notice('MODULAR: heat_db.pp')
|
||||||
|
|
||||||
|
$heat_hash = hiera_hash('heat', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($heat_hash['db_user'], 'heat')
|
||||||
|
$db_name = pick($heat_hash['db_name'], 'heat')
|
||||||
|
$db_password = pick($heat_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($heat_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($heat_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($heat_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($heat_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $db_create {
|
||||||
|
|
||||||
|
class { 'heat::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['heat::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -1,10 +1,6 @@
|
|||||||
require File.join File.dirname(__FILE__), '../test_common.rb'
|
require File.join File.dirname(__FILE__), '../test_common.rb'
|
||||||
|
|
||||||
class HeatPostTest < Test::Unit::TestCase
|
class HeatPostTest < Test::Unit::TestCase
|
||||||
def test_mysql_connection_without_auth
|
|
||||||
TestCommon::MySQL.no_auth
|
|
||||||
assert TestCommon::MySQL.connection?, 'Cannot connect to MySQL without auth!'
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_amqp_accessible
|
def test_amqp_accessible
|
||||||
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
||||||
|
@ -11,3 +11,13 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/heat/heat_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/heat/heat_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/heat/heat_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/heat/heat_post.rb
|
||||||
|
|
||||||
|
- id: heat-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [heat]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/heat/heat_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -0,0 +1,45 @@
|
|||||||
|
notice('MODULAR: keystone_db.pp')
|
||||||
|
|
||||||
|
$keystone_hash = hiera_hash('keystone', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($keystone_hash['db_user'], 'keystone')
|
||||||
|
$db_name = pick($keystone_hash['db_name'], 'keystone')
|
||||||
|
$db_password = pick($keystone_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($keystone_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($keystone_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($keystone_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($keystone_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
if $db_create {
|
||||||
|
|
||||||
|
class { 'keystone::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['keystone::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -13,15 +13,6 @@ class KeystonePreTest < Test::Unit::TestCase
|
|||||||
assert TestCommon::HAProxy.backend_present?(ADMIN_BACKEND), "There is no '#{ADMIN_BACKEND}' HAProxy backend!"
|
assert TestCommon::HAProxy.backend_present?(ADMIN_BACKEND), "There is no '#{ADMIN_BACKEND}' HAProxy backend!"
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_mysql_accessible_for_keystone
|
|
||||||
TestCommon::MySQL.pass = TestCommon::Settings.keystone['db_password']
|
|
||||||
TestCommon::MySQL.user = 'keystone'
|
|
||||||
TestCommon::MySQL.host = TestCommon::Settings.management_vip
|
|
||||||
TestCommon::MySQL.port = 3306
|
|
||||||
TestCommon::MySQL.db = 'keystone'
|
|
||||||
assert TestCommon::MySQL.connection?, 'Cannot connect to MySQL with Keystone auth!'
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_amqp_accessible
|
def test_amqp_accessible
|
||||||
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
||||||
end
|
end
|
||||||
|
@ -11,3 +11,13 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/keystone/keystone_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/keystone/keystone_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/keystone/keystone_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/keystone/keystone_post.rb
|
||||||
|
|
||||||
|
- id: keystone-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [keystone]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/keystone/keystone_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -116,12 +116,8 @@ if $murano_hash['enabled'] {
|
|||||||
|
|
||||||
######################
|
######################
|
||||||
|
|
||||||
class mysql::server {}
|
|
||||||
class mysql::config {}
|
|
||||||
class rabbitmq::service {}
|
class rabbitmq::service {}
|
||||||
class openstack::firewall {}
|
class openstack::firewall {}
|
||||||
include mysql::server
|
|
||||||
include mysql::config
|
|
||||||
include rabbitmq::service
|
include rabbitmq::service
|
||||||
include openstack::firewall
|
include openstack::firewall
|
||||||
|
|
||||||
|
50
deployment/puppet/osnailyfacter/modular/murano/murano_db.pp
Normal file
50
deployment/puppet/osnailyfacter/modular/murano/murano_db.pp
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
notice('MODULAR: murano_db.pp')
|
||||||
|
|
||||||
|
$murano_hash = hiera_hash('murano', {})
|
||||||
|
$murano_enabled = pick($murano_hash['enabled'], false)
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($murano_hash['db_user'], 'murano')
|
||||||
|
$db_name = pick($murano_hash['db_name'], 'murano')
|
||||||
|
$db_password = pick($murano_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($murano_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($murano_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($murano_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($murano_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $murano_enabled and $db_create {
|
||||||
|
|
||||||
|
class { 'murano::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['murano::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
||||||
|
class murano::api {}
|
||||||
|
include murano::api
|
@ -2,11 +2,6 @@ require File.join File.dirname(__FILE__), '../test_common.rb'
|
|||||||
|
|
||||||
class MuranoPreTest < Test::Unit::TestCase
|
class MuranoPreTest < Test::Unit::TestCase
|
||||||
|
|
||||||
def test_mysql_connection_without_auth
|
|
||||||
TestCommon::MySQL.no_auth
|
|
||||||
assert TestCommon::MySQL.connection?, 'Cannot connect to MySQL without auth!'
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_amqp_accessible
|
def test_amqp_accessible
|
||||||
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
||||||
end
|
end
|
||||||
|
@ -11,3 +11,13 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/murano/murano_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/murano/murano_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/murano/murano_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/murano/murano_post.rb
|
||||||
|
|
||||||
|
- id: murano-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [murano]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/murano/murano_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -0,0 +1,47 @@
|
|||||||
|
notice('MODULAR: cinder_db.pp')
|
||||||
|
|
||||||
|
$cinder_hash = hiera_hash('cinder', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($cinder_hash['db_user'], 'cinder')
|
||||||
|
$db_name = pick($cinder_hash['db_name'], 'cinder')
|
||||||
|
$db_password = pick($cinder_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($cinder_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($cinder_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($cinder_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($cinder_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $db_create {
|
||||||
|
|
||||||
|
class { 'cinder::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['cinder::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -7,3 +7,13 @@
|
|||||||
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-cinder/openstack-cinder.pp
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-cinder/openstack-cinder.pp
|
||||||
puppet_modules: /etc/puppet/modules
|
puppet_modules: /etc/puppet/modules
|
||||||
timeout: 1200
|
timeout: 1200
|
||||||
|
|
||||||
|
- id: cinder_db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [openstack-cinder]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-cinder/cinder_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 1200
|
||||||
|
@ -0,0 +1,47 @@
|
|||||||
|
notice('MODULAR: nova_db.pp')
|
||||||
|
|
||||||
|
$nova_hash = hiera_hash('nova', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($nova_hash['db_user'], 'nova')
|
||||||
|
$db_name = pick($nova_hash['db_name'], 'nova')
|
||||||
|
$db_password = pick($nova_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($nova_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($nova_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($nova_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($nova_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $db_create {
|
||||||
|
|
||||||
|
class { 'nova::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['nova::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -7,3 +7,13 @@
|
|||||||
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-controller/openstack-controller.pp
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-controller/openstack-controller.pp
|
||||||
puppet_modules: /etc/puppet/modules
|
puppet_modules: /etc/puppet/modules
|
||||||
timeout: 3600
|
timeout: 3600
|
||||||
|
|
||||||
|
- id: nova-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [openstack-controller]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-controller/nova_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -0,0 +1,50 @@
|
|||||||
|
notice('MODULAR: neutron_db.pp')
|
||||||
|
|
||||||
|
$use_neutron = hiera('use_neutron', false)
|
||||||
|
$neutron_hash = hiera_hash('quantum_settings', {})
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$neutron_db = merge($neutron_hash['database'], {})
|
||||||
|
|
||||||
|
$db_user = pick($neutron_db['db_user'], 'neutron')
|
||||||
|
$db_name = pick($neutron_db['db_name'], 'neutron')
|
||||||
|
$db_password = pick($neutron_db['passwd'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($neutron_db['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($neutron_db['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($neutron_db['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($neutron_db['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $use_neutron and $db_create {
|
||||||
|
|
||||||
|
class { 'neutron::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['neutron::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
@ -11,6 +11,7 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-controller_post.rb
|
||||||
|
|
||||||
- id: openstack-network-compute
|
- id: openstack-network-compute
|
||||||
type: puppet
|
type: puppet
|
||||||
groups: [compute]
|
groups: [compute]
|
||||||
@ -24,3 +25,13 @@
|
|||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_pre.rb
|
||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/openstack-network/openstack-network-compute_post.rb
|
||||||
|
|
||||||
|
- id: neutron-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [openstack-network]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/openstack-network/neutron_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -79,11 +79,5 @@ if $sahara_hash['enabled'] {
|
|||||||
|
|
||||||
#########################
|
#########################
|
||||||
|
|
||||||
class mysql::server {}
|
|
||||||
class mysql::config {}
|
|
||||||
|
|
||||||
include mysql::server
|
|
||||||
include mysql::config
|
|
||||||
|
|
||||||
class openstack::firewall {}
|
class openstack::firewall {}
|
||||||
include openstack::firewall
|
include openstack::firewall
|
||||||
|
50
deployment/puppet/osnailyfacter/modular/sahara/sahara_db.pp
Normal file
50
deployment/puppet/osnailyfacter/modular/sahara/sahara_db.pp
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
notice('MODULAR: sahara_db.pp')
|
||||||
|
|
||||||
|
$sahara_hash = hiera_hash('sahara', {})
|
||||||
|
$sahara_enabled = pick($sahara_hash['enabled'], false)
|
||||||
|
$mysql_hash = hiera_hash('mysql', {})
|
||||||
|
$management_vip = hiera('management_vip', undef)
|
||||||
|
$database_vip = hiera('database_vip', undef)
|
||||||
|
|
||||||
|
$mysql_root_user = pick($mysql_hash['root_user'], 'root')
|
||||||
|
$mysql_db_create = pick($mysql_hash['db_create'], true)
|
||||||
|
$mysql_root_password = $mysql_hash['root_password']
|
||||||
|
|
||||||
|
$db_user = pick($sahara_hash['db_user'], 'sahara')
|
||||||
|
$db_name = pick($sahara_hash['db_name'], 'sahara')
|
||||||
|
$db_password = pick($sahara_hash['db_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$db_host = pick($sahara_hash['db_host'], $database_vip, $management_vip, 'localhost')
|
||||||
|
$db_create = pick($sahara_hash['db_create'], $mysql_db_create)
|
||||||
|
$db_root_user = pick($sahara_hash['root_user'], $mysql_root_user)
|
||||||
|
$db_root_password = pick($sahara_hash['root_password'], $mysql_root_password)
|
||||||
|
|
||||||
|
$allowed_hosts = [ $::hostname, 'localhost', '127.0.0.1', '%' ]
|
||||||
|
|
||||||
|
validate_string($mysql_root_user)
|
||||||
|
|
||||||
|
if $sahara_enabled and $db_create {
|
||||||
|
|
||||||
|
class { 'sahara::db::mysql':
|
||||||
|
user => $db_user,
|
||||||
|
password => $db_password,
|
||||||
|
dbname => $db_name,
|
||||||
|
allowed_hosts => $allowed_hosts,
|
||||||
|
}
|
||||||
|
|
||||||
|
class { 'osnailyfacter::mysql_access':
|
||||||
|
db_host => $db_host,
|
||||||
|
db_user => $db_root_user,
|
||||||
|
db_password => $db_root_password,
|
||||||
|
}
|
||||||
|
|
||||||
|
Class['osnailyfacter::mysql_access'] -> Class['sahara::db::mysql']
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
class mysql::config {}
|
||||||
|
include mysql::config
|
||||||
|
class mysql::server {}
|
||||||
|
include mysql::server
|
||||||
|
class sahara::api {}
|
||||||
|
include sahara::api
|
@ -2,17 +2,12 @@ require File.join File.dirname(__FILE__), '../test_common.rb'
|
|||||||
|
|
||||||
class SaharaPreTest < Test::Unit::TestCase
|
class SaharaPreTest < Test::Unit::TestCase
|
||||||
|
|
||||||
def test_mysql_connection_without_auth
|
|
||||||
TestCommon::MySQL.no_auth
|
|
||||||
assert TestCommon::MySQL.connection?, 'Cannot connect to MySQL without auth!'
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_amqp_accessible
|
def test_amqp_accessible
|
||||||
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
assert TestCommon::AMQP.connection?, 'Cannot connect to AMQP server!'
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_haproxy_sahara_backend_present
|
def test_haproxy_sahara_backend_present
|
||||||
assert TestCommon::HAProxy.backend_present?('sahara'), 'No murano haproxy backend!'
|
assert TestCommon::HAProxy.backend_present?('sahara'), 'No sahara haproxy backend!'
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_horizon_haproxy_backend_online
|
def test_horizon_haproxy_backend_online
|
||||||
|
@ -12,3 +12,12 @@
|
|||||||
test_post:
|
test_post:
|
||||||
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/sahara/sahara_post.rb
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/sahara/sahara_post.rb
|
||||||
|
|
||||||
|
- id: sahara-db
|
||||||
|
type: puppet
|
||||||
|
groups: [primary-controller]
|
||||||
|
required_for: [sahara]
|
||||||
|
requires: [database]
|
||||||
|
parameters:
|
||||||
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/sahara/sahara_db.pp
|
||||||
|
puppet_modules: /etc/puppet/modules
|
||||||
|
timeout: 3600
|
||||||
|
@ -0,0 +1,6 @@
|
|||||||
|
<%- %w(mysql client mysqldump mysqladmin mysqlcheck).each do |section| %>
|
||||||
|
[<%= section %>]
|
||||||
|
user = '<%= @db_user %>'
|
||||||
|
password = '<%= @db_password %>'
|
||||||
|
host = '<%= @db_host %>'
|
||||||
|
<%- end %>
|
@ -1,27 +1,90 @@
|
|||||||
|
# == Class sahara::db::mysql
|
||||||
|
#
|
||||||
|
# Class that configures mysql for sahara
|
||||||
|
#
|
||||||
|
# === Parameters:
|
||||||
|
#
|
||||||
|
# [*password*]
|
||||||
|
# Password to use for the sahara user
|
||||||
|
#
|
||||||
|
# [*dbname*]
|
||||||
|
# (optional) The name of the database
|
||||||
|
# Defaults to 'sahara'
|
||||||
|
#
|
||||||
|
# [*user*]
|
||||||
|
# (optional) The mysql user to create
|
||||||
|
# Defaults to 'sahara'
|
||||||
|
#
|
||||||
|
# [*host*]
|
||||||
|
# (optional) The IP address of the mysql server
|
||||||
|
# Defaults to '127.0.0.1'
|
||||||
|
#
|
||||||
|
# [*charset*]
|
||||||
|
# (optional) The charset to use for the sahara database
|
||||||
|
# Defaults to 'utf8'
|
||||||
|
#
|
||||||
|
# [*collate*]
|
||||||
|
# (optional) The collate to use for the sahara database
|
||||||
|
# Defaults to 'utf8_general_ci'
|
||||||
|
#
|
||||||
|
# [*allowed_hosts*]
|
||||||
|
# (optional) Additional hosts that are allowed to access this DB
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
|
# [*cluster_id*]
|
||||||
|
# (optional) Deprecated. Does nothing
|
||||||
|
# Defaults to 'localzone'
|
||||||
|
#
|
||||||
|
# [*mysql_module*]
|
||||||
|
# (optional) Mysql puppet module version to use. Tested versions
|
||||||
|
# are 0.9 and 2.2.
|
||||||
|
# Defaults to '0.9'
|
||||||
|
#
|
||||||
class sahara::db::mysql(
|
class sahara::db::mysql(
|
||||||
$password = 'sahara',
|
$password,
|
||||||
$dbname = 'sahara',
|
$dbname = 'sahara',
|
||||||
$user = 'sahara',
|
$user = 'sahara',
|
||||||
$dbhost = 'localhost',
|
$dbhost = '127.0.0.1',
|
||||||
$charset = 'utf8',
|
$charset = 'utf8',
|
||||||
|
$collate = 'utf8_general_ci',
|
||||||
$allowed_hosts = undef,
|
$allowed_hosts = undef,
|
||||||
|
$mysql_module = '0.9'
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include 'sahara::params'
|
if ($mysql_module >= 2.2) {
|
||||||
|
mysql::db { $dbname:
|
||||||
mysql::db { $dbname :
|
|
||||||
user => $user,
|
user => $user,
|
||||||
password => $password,
|
password => $password,
|
||||||
host => $dbhost,
|
host => $dbhost,
|
||||||
charset => $charset,
|
charset => $charset,
|
||||||
grant => ['all'],
|
collate => $collate,
|
||||||
|
require => Class['mysql::server'],
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
require 'mysql::python'
|
||||||
|
|
||||||
|
mysql::db { $dbname:
|
||||||
|
user => $user,
|
||||||
|
password => $password,
|
||||||
|
host => $dbhost,
|
||||||
|
charset => $charset,
|
||||||
|
require => Class['mysql::config'],
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if $allowed_hosts {
|
# Check allowed_hosts to avoid duplicate resource declarations
|
||||||
sahara::db::mysql::host_access { $allowed_hosts:
|
if is_array($allowed_hosts) and delete($allowed_hosts,$dbhost) != [] {
|
||||||
|
$real_allowed_hosts = delete($allowed_hosts,$dbhost)
|
||||||
|
} elsif is_string($allowed_hosts) and ($allowed_hosts != $dbhost) {
|
||||||
|
$real_allowed_hosts = $allowed_hosts
|
||||||
|
}
|
||||||
|
|
||||||
|
if $real_allowed_hosts {
|
||||||
|
sahara::db::mysql::host_access { $real_allowed_hosts:
|
||||||
user => $user,
|
user => $user,
|
||||||
password => $password,
|
password => $password,
|
||||||
database => $dbname,
|
database => $dbname,
|
||||||
|
mysql_module => $mysql_module,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -13,8 +13,30 @@
|
|||||||
# [*database*]
|
# [*database*]
|
||||||
# the database name
|
# the database name
|
||||||
#
|
#
|
||||||
define sahara::db::mysql::host_access ($user, $password, $database) {
|
# [*mysql_module*]
|
||||||
|
# mysql module version
|
||||||
|
#
|
||||||
|
define sahara::db::mysql::host_access (
|
||||||
|
$user,
|
||||||
|
$password,
|
||||||
|
$database,
|
||||||
|
$mysql_module = '0.9'
|
||||||
|
) {
|
||||||
|
|
||||||
|
if ($mysql_module >= 2.2) {
|
||||||
|
mysql_user { "${user}@${name}":
|
||||||
|
password_hash => mysql_password($password),
|
||||||
|
require => Mysql_database[$database],
|
||||||
|
}
|
||||||
|
|
||||||
|
mysql_grant { "${user}@${name}/${database}.*":
|
||||||
|
privileges => ['ALL'],
|
||||||
|
options => ['GRANT'],
|
||||||
|
table => "${database}.*",
|
||||||
|
require => Mysql_user["${user}@${name}"],
|
||||||
|
user => "${user}@${name}"
|
||||||
|
}
|
||||||
|
} else {
|
||||||
database_user { "${user}@${name}":
|
database_user { "${user}@${name}":
|
||||||
password_hash => mysql_password($password),
|
password_hash => mysql_password($password),
|
||||||
provider => 'mysql',
|
provider => 'mysql',
|
||||||
@ -27,4 +49,5 @@ define sahara::db::mysql::host_access ($user, $password, $database) {
|
|||||||
provider => 'mysql',
|
provider => 'mysql',
|
||||||
require => Database_user["${user}@${name}"]
|
require => Database_user["${user}@${name}"]
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -39,14 +39,6 @@ class sahara (
|
|||||||
|
|
||||||
$sql_connection = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?read_timeout=60"
|
$sql_connection = "mysql://${db_user}:${db_password}@${db_host}/${db_name}?read_timeout=60"
|
||||||
|
|
||||||
class { 'sahara::db::mysql':
|
|
||||||
password => $db_password,
|
|
||||||
dbname => $db_name,
|
|
||||||
user => $db_user,
|
|
||||||
dbhost => $db_host,
|
|
||||||
allowed_hosts => $db_allowed_hosts,
|
|
||||||
}
|
|
||||||
|
|
||||||
class { 'sahara::api':
|
class { 'sahara::api':
|
||||||
enabled => $enabled,
|
enabled => $enabled,
|
||||||
auth_uri => $auth_uri,
|
auth_uri => $auth_uri,
|
||||||
@ -106,8 +98,6 @@ class sahara (
|
|||||||
action => 'accept',
|
action => 'accept',
|
||||||
}
|
}
|
||||||
|
|
||||||
Class['mysql::server'] ->
|
|
||||||
Class['sahara::db::mysql'] ->
|
|
||||||
Firewall[$firewall_rule] ->
|
Firewall[$firewall_rule] ->
|
||||||
Class['sahara::keystone::auth'] ->
|
Class['sahara::keystone::auth'] ->
|
||||||
Class['sahara::api']
|
Class['sahara::api']
|
||||||
|
8
tests/noop/spec/hosts/glance/glance_db_spec.rb
Normal file
8
tests/noop/spec/hosts/glance/glance_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'glance/glance_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
8
tests/noop/spec/hosts/heat/heat_db_spec.rb
Normal file
8
tests/noop/spec/hosts/heat/heat_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'heat/heat_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
8
tests/noop/spec/hosts/keystone/keystone_db_spec.rb
Normal file
8
tests/noop/spec/hosts/keystone/keystone_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'keystone/keystone_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
8
tests/noop/spec/hosts/murano/murano_db_spec.rb
Normal file
8
tests/noop/spec/hosts/murano/murano_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'murano/murano_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
8
tests/noop/spec/hosts/openstack-cinder/cinder_db_spec.rb
Normal file
8
tests/noop/spec/hosts/openstack-cinder/cinder_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'openstack-cinder/cinder_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'openstack-controller/nova_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'openstack-network/neutron_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
8
tests/noop/spec/hosts/sahara/sahara_db_spec.rb
Normal file
8
tests/noop/spec/hosts/sahara/sahara_db_spec.rb
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
require 'shared-examples'
|
||||||
|
manifest = 'sahara/sahara_db.pp'
|
||||||
|
|
||||||
|
describe manifest do
|
||||||
|
test_ubuntu_and_centos manifest
|
||||||
|
end
|
||||||
|
|
Loading…
Reference in New Issue
Block a user