diff --git a/deployment/database/mysql-pacemaker-puppet.yaml b/deployment/database/mysql-pacemaker-puppet.yaml index 920f9d6033..a227645523 100644 --- a/deployment/database/mysql-pacemaker-puppet.yaml +++ b/deployment/database/mysql-pacemaker-puppet.yaml @@ -84,6 +84,22 @@ parameters: description: CLI tool used to manage containers. constraints: - allowed_values: ['docker', 'podman'] + MysqlGaleraSSTMethod: + type: string + default: 'rsync' + description: Method used by galera to perform State Snapshot Transfers + constraints: + - allowed_values: ['rsync', 'mariabackup'] + MysqlMariabackupUser: + type: string + default: 'mariabackup' + description: When MysqlGaleraSSTMethod is set to mariabackup, the name + of the database user that executes the SST. + MysqlMariabackupPassword: + type: string + hidden: true + description: When MysqlGaleraSSTMethod is set to mariabackup, the password + of the database user that executes the SST. resources: ContainersCommon: @@ -168,6 +184,9 @@ outputs: if: - {get_param: EnableInternalTLS} - {get_param: InternalTLSCAFile} + tripleo::profile::pacemaker::database::mysql_bundle::sst_method: {get_param: MysqlGaleraSSTMethod} + tripleo::profile::pacemaker::database::mysql_bundle::mariabackup_user: {get_param: MysqlMariabackupUser} + tripleo::profile::pacemaker::database::mysql_bundle::mariabackup_password: {get_param: MysqlMariabackupPassword} # BEGIN DOCKER SETTINGS # puppet_config: config_volume: mysql @@ -241,7 +260,11 @@ outputs: - 'timeout ${DB_MAX_TIMEOUT} /bin/bash -c ''while pgrep -af /usr/bin/mysqld_safe | grep -q -v grep; do sleep 1; done''' - 'mysqld_safe --skip-networking --wsrep-on=OFF &' - 'timeout ${DB_MAX_TIMEOUT} /bin/bash -c ''until mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" ping 2>/dev/null; do sleep 1; done''' - - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "CREATE USER ''clustercheck''@''localhost'' IDENTIFIED BY ''${DB_CLUSTERCHECK_PASSWORD}'';"' + - if: + - {equals: [{get_param: MysqlGaleraSSTMethod}, 'mariabackup']} + - - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "CREATE USER ''${DB_MARIABACKUP_USER}''@''localhost'' IDENTIFIED BY ''${DB_MARIABACKUP_PASSWORD}'';"' + - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO ''${DB_MARIABACKUP_USER}''@''localhost'';"' + - - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "CREATE USER ''clustercheck''@''localhost'' IDENTIFIED BY ''${DB_CLUSTERCHECK_PASSWORD}'';"' - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "GRANT PROCESS ON *.* TO ''clustercheck''@''localhost'' WITH GRANT OPTION;"' - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "DELETE FROM mysql.user WHERE user = ''root'' AND host NOT IN (''%'',''localhost'');"' - 'timeout ${DB_MAX_TIMEOUT} mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown' @@ -258,6 +281,8 @@ outputs: DB_MAX_TIMEOUT: 60 DB_CLUSTERCHECK_PASSWORD: {get_param: MysqlClustercheckPassword} DB_ROOT_PASSWORD: {get_param: MysqlRootPassword} + DB_MARIABACKUP_USER: {get_param: MysqlMariabackupUser} + DB_MARIABACKUP_PASSWORD: {get_param: MysqlMariabackupPassword} step_2: mysql_wait_bundle: start_order: 0 diff --git a/releasenotes/notes/galera-sst-mariabackup-5a667eed1787353f.yaml b/releasenotes/notes/galera-sst-mariabackup-5a667eed1787353f.yaml new file mode 100644 index 0000000000..fe327102b0 --- /dev/null +++ b/releasenotes/notes/galera-sst-mariabackup-5a667eed1787353f.yaml @@ -0,0 +1,17 @@ +--- +features: + - | + When deploying a new HA overcloud, the mysql/galera service can now be + configured to use mariabackup for State Snapshot Transfers (SST) by + configuring the new Heat parameter `MysqlGaleraSSTMethod`. Mariabackup + SST uses a dedicated SQL user with the appropriate grants to transfer + the database content across nodes. The user credentials can be + configured via two additional Heat parameters `MysqlMariabackupUser` + and `MysqlMariabackupPassword`. + +upgrade: + - | + The new support for mariabackup SST for the mysql/galera service is + currently limited to new overcloud deployments. Doing a stack update + to change SST method from rsync to mariabackup or the other way around + is currently not supported.