puppet-keystone/manifests/db/mysql.pp

#
# implements mysql backend for keystone
#
# This class can be used to create tables, users and grant
# privelege for a mysql keystone database.
#
# == parameters
#
# [password] Password that will be used for the keystone db user.
#   Optional. Defaults to: 'keystone_default_password'
#
# [dbname] Name of keystone database. Optional. Defaults to keystone.
#
# [user] Name of keystone user. Optional. Defaults to keystone_admin.
#
# [host] Host where user should be allowed all priveleges for database.
# Optional. Defaults to 127.0.0.1.
#
# [allowed_hosts] Hosts allowed to use the database
#
# == Dependencies
#   Class['mysql::server']
#
# == Examples
# == Authors
#
#   Dan Bode dan@puppetlabs.com
#
# == Copyright
#
# Copyright 2012 Puppetlabs Inc, unless otherwise noted.
#
class keystone::db::mysql(
  $password,
  $dbname        = 'keystone',
  $user          = 'keystone_admin',
  $host          = '127.0.0.1',
  $charset       = 'latin1',
  $allowed_hosts = undef
) {

  Class['mysql::server']       -> Class['keystone::db::mysql']
  Class['keystone::db::mysql'] -> Exec<|    title == 'keystone-manage db_sync' |>
  Class['keystone::db::mysql'] -> Service<| title == 'keystone' |>
  Mysql::Db[$dbname] ~> Exec<| title == 'keystone-manage db_sync' |>

  require 'mysql::python'

  mysql::db { $dbname:
    user     => $user,
    password => $password,
    host     => $host,
    # TODO does it make sense to support other charsets?
    charset  => $charset,
    require  => Class['mysql::config'],
  }

  if $allowed_hosts {
    keystone::db::mysql::host_access { $allowed_hosts:
      user     => $user,
      password => $password,
      database => $dbname,
    }
    
    Keystone::Db::Mysql::Host_access[$allowed_hosts] -> Exec<| title == 'keystone-manage db_sync' |>
    
  }

}
Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00			`#`
			`# implements mysql backend for keystone`
			`#`
Add inline docs and comments 2012-04-06 15:48:05 -07:00			`# This class can be used to create tables, users and grant`
			`# privelege for a mysql keystone database.`
			`#`
Updates modules documentation. 2012-10-31 12:33:09 -07:00			`# == parameters`
Add inline docs and comments 2012-04-06 15:48:05 -07:00			`#`
			`# [password] Password that will be used for the keystone db user.`
			`# Optional. Defaults to: 'keystone_default_password'`
			`#`
			`# [dbname] Name of keystone database. Optional. Defaults to keystone.`
			`#`
			`# [user] Name of keystone user. Optional. Defaults to keystone_admin.`
			`#`
			`# [host] Host where user should be allowed all priveleges for database.`
			`# Optional. Defaults to 127.0.0.1.`
			`#`
Allow the database to be on another host Without any keystone package Handling allowed_hosts 2012-04-17 17:16:48 +02:00			`# [allowed_hosts] Hosts allowed to use the database`
Add inline docs and comments 2012-04-06 15:48:05 -07:00			`#`
			`# == Dependencies`
			`# Class['mysql::server']`
			`#`
			`# == Examples`
			`# == Authors`
			`#`
			`# Dan Bode dan@puppetlabs.com`
			`#`
			`# == Copyright`
			`#`
			`# Copyright 2012 Puppetlabs Inc, unless otherwise noted.`
			`#`
Move mysql to db::mysql Since keystone can use different databases, it makes sense to move the mysql classes to db::mysql. This way there is a clear standard for where other DB implementations should be located. This commit moves keystone::mysql to keystone::db::mysql and keystone::mysql::access to keystone::db::mysql::host_access. 2012-04-21 21:52:11 -07:00			`class keystone::db::mysql(`
unset password defaults. setting passwords by default in the keystone manifest is a potential security risk. This commit unsets them to force users to set their own. 2012-10-14 11:51:45 -07:00			`$password,`
Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00			`$dbname = 'keystone',`
			`$user = 'keystone_admin',`
			`$host = '127.0.0.1',`
Allow override of mysql charset. 2012-05-16 09:31:37 -05:00			`$charset = 'latin1',`
Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00			`$allowed_hosts = undef`
			`) {`

Setup better db reps Ensure that mysql is installed before we configure keystone to use it. 2012-10-02 20:31:50 -07:00			`Class['mysql::server'] -> Class['keystone::db::mysql']`
			`Class['keystone::db::mysql'] -> Exec<\| title == 'keystone-manage db_sync' \|>`
Move mysql to db::mysql Since keystone can use different databases, it makes sense to move the mysql classes to db::mysql. This way there is a clear standard for where other DB implementations should be located. This commit moves keystone::mysql to keystone::db::mysql and keystone::mysql::access to keystone::db::mysql::host_access. 2012-04-21 21:52:11 -07:00			`Class['keystone::db::mysql'] -> Service<\| title == 'keystone' \|>`
minor style refactor move reps to top of manifest 2012-10-14 11:52:08 -07:00			`Mysql::Db[$dbname] ~> Exec<\| title == 'keystone-manage db_sync' \|>`
Ensure that Mysql is installed before service is started. This commit creates a conditional dependency that the keystone db should be setup before the service is started. 2012-04-09 23:43:27 -07:00
			`require 'mysql::python'`
Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00
			`mysql::db { $dbname:`
Move mysql to db::mysql Since keystone can use different databases, it makes sense to move the mysql classes to db::mysql. This way there is a clear standard for where other DB implementations should be located. This commit moves keystone::mysql to keystone::db::mysql and keystone::mysql::access to keystone::db::mysql::host_access. 2012-04-21 21:52:11 -07:00			`user => $user,`
			`password => $password,`
			`host => $host,`
Add inline docs and comments 2012-04-06 15:48:05 -07:00			`# TODO does it make sense to support other charsets?`
Allow override of mysql charset. 2012-05-16 09:31:37 -05:00			`charset => $charset,`
Depend on mysql::config instead of mysql::server in order to allow mysql to fully configured before creating database. 2012-05-16 09:01:38 -05:00			`require => Class['mysql::config'],`
Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00			`}`

Allow the database to be on another host Without any keystone package Handling allowed_hosts 2012-04-17 17:16:48 +02:00			`if $allowed_hosts {`
Update to use keystone::db::mysql::host_access 2012-04-24 12:55:18 +02:00			`keystone::db::mysql::host_access { $allowed_hosts:`
Allow the database to be on another host Without any keystone package Handling allowed_hosts 2012-04-17 17:16:48 +02:00			`user => $user,`
			`password => $password,`
			`database => $dbname,`
			`}`
Ensure that mysql users are created before keystone-manage db_sync. Otherwise keystone-manage might not have rights to populate keystone DDL. 2012-09-20 18:54:23 +04:00
Removed quotes in allowed_hosts as it was causing a failure when allowed_hosts is an array of hosts 2013-03-24 21:43:29 +00:00			`Keystone::Db::Mysql::Host_access[$allowed_hosts] -> Exec<\| title == 'keystone-manage db_sync' \|>`
Ensure that mysql users are created before keystone-manage db_sync. Otherwise keystone-manage might not have rights to populate keystone DDL. 2012-09-20 18:54:23 +04:00
Fix Mysql support Previously, the mysql support for keystone was not completely working. This commit resolves the following issues: - Adds a define that can authorize db users. - Ensures that keystone-manage db_sync is called when db is created. - Ensure that keystone::mysql is only configured after the keystone class. 2012-04-05 23:53:18 -07:00			`}`

Add puppet manifests to support fragments This commit adds Puppet code to allow for keystone.conf to be composed of fragments. 2012-03-29 14:39:59 -07:00			`}`