Add db::mysql and db::mysql::host_access to openstacklib
The db::mysql resource is a library resource that can be used by nova, cinder, ceilometer, etc., rather than replicating equivalent functionality across all of these modules. See https://review.openstack.org/#/c/104289 Change-Id: I76bd93d1579179932d1f48cea4bb80a2576a7fba
This commit is contained in:
parent
474a3bbabe
commit
9931e15c60
|
@ -0,0 +1,74 @@
|
|||
# == Definition: openstacklib::db::mysql
|
||||
#
|
||||
# This resource configures a mysql database for an OpenStack service
|
||||
#
|
||||
# == Parameters:
|
||||
#
|
||||
# [*dbname*]
|
||||
# The name of the database
|
||||
# string; optional; default to the $title of the resource, i.e. 'nova'
|
||||
#
|
||||
# [*user*]
|
||||
# The database user to create;
|
||||
# string; optional; default to the $title of the resource, i.e. 'nova'
|
||||
#
|
||||
# [*password_hash*]
|
||||
# Password hash to use for the database user for this service;
|
||||
# string; required
|
||||
#
|
||||
# [*host*]
|
||||
# The IP address or hostname of the user in mysql_grant;
|
||||
# string; optional; default to '127.0.0.1'
|
||||
#
|
||||
# [*charset*]
|
||||
# The charset to use for the database;
|
||||
# string; optional; default to 'utf8'
|
||||
#
|
||||
# [*collate*]
|
||||
# The collate to use for the database;
|
||||
# string; optional; default to 'utf8_unicode_ci'
|
||||
#
|
||||
# [*allowed_hosts*]
|
||||
# Additional hosts that are allowed to access this database;
|
||||
# array or string; optional; default to undef
|
||||
#
|
||||
# [*grant*]
|
||||
# Privileges given to the database user;
|
||||
# string or array of strings; optional; default to 'ALL'
|
||||
|
||||
define openstacklib::db::mysql (
|
||||
$password,
|
||||
$user = $title,
|
||||
$dbname = $title,
|
||||
$host = '127.0.0.1',
|
||||
$charset = 'utf8',
|
||||
$collate = 'utf8_unicode_ci',
|
||||
$allowed_hosts = undef,
|
||||
$grant = 'ALL',
|
||||
) {
|
||||
mysql::db { $dbname:
|
||||
user => $user,
|
||||
password => $password,
|
||||
host => $host,
|
||||
charset => $charset,
|
||||
collate => $collate,
|
||||
grant => $grant
|
||||
}
|
||||
|
||||
# Check allowed_hosts to avoid duplicate resource declarations
|
||||
if is_array($allowed_hosts) and delete($allowed_hosts,$host) != [] {
|
||||
$real_allowed_hosts = delete($allowed_hosts,$host)
|
||||
} elsif is_string($allowed_hosts) and ($allowed_hosts != $host) {
|
||||
$real_allowed_hosts = $allowed_hosts
|
||||
}
|
||||
|
||||
if $real_allowed_hosts {
|
||||
openstacklib::db::mysql::host_access { $real_allowed_hosts:
|
||||
user => $user,
|
||||
password => $password,
|
||||
database => $dbname,
|
||||
grant => $grant,
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
# Allow a user to access the database for the service
|
||||
#
|
||||
# == Namevar
|
||||
# The host to allow
|
||||
#
|
||||
# == Parameters
|
||||
# [*user*]
|
||||
# username to allow
|
||||
#
|
||||
# [*password*]
|
||||
# user password
|
||||
#
|
||||
# [*database*]
|
||||
# the database name
|
||||
#
|
||||
# [*grant*]
|
||||
# the privileges to grant to this user
|
||||
#
|
||||
define openstacklib::db::mysql::host_access (
|
||||
$user,
|
||||
$password,
|
||||
$database,
|
||||
$grant,
|
||||
) {
|
||||
mysql_user { "${user}@${name}":
|
||||
password_hash => mysql_password($password),
|
||||
require => Mysql_database[$database],
|
||||
}
|
||||
|
||||
mysql_grant { "${user}@${name}/${database}.*":
|
||||
privileges => $grant,
|
||||
options => ['GRANT'],
|
||||
table => "${database}.*",
|
||||
require => Mysql_user["${user}@${name}"],
|
||||
user => "${user}@${name}",
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue