openstack/tripleo-heat-templates
Code Issues Proposed changes
ee65c76a27
tripleo-heat-templates/puppet/services/database/mysql.yaml
marios dec003def8 Convert tags to when statements for Q major upgrade workflow 
This converts "tags: stepN" to "when: step|int == N" for the direct
execution as an ansible playbook, with a loop variable 'step'.
The tasks all include the explicit cast |int.

This also adds a set_fact task for handling of the package removal
with the UpgradeRemovePackages parameter (no change to the interface)

The yaml-validate also now checks for duplicate 'when:' statements

Q upgrade spec @ Ibde21e6efae3a7d311bee526d63c5692c4e27b28
Related Blueprint: major-upgrade-workflow
[0]: 394a92f761/tripleo_common/utils/config.py (L141)
Change-Id: I6adc5619a28099f4e241351b63377f1e96933810
2018-01-08 13:57:47 +02:00

185 lines
6.4 KiB
YAML
Raw Blame History

heat_template_version: queens
description: >
MySQL service deployment using puppet
parameters:
#Parameters not used EndpointMap
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MysqlMaxConnections:
description: Configures MySQL max_connections config setting
type: number
default: 4096
MysqlIncreaseFileLimit:
description: Flag to increase MySQL open-files-limit to 16384
type: boolean
default: true
MysqlRootPassword:
type: string
hidden: true
default: ''
MysqlClustercheckPassword:
type: string
hidden: true
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
NovaPassword:
description: The password for the nova service and db account
type: string
hidden: true
EnableInternalTLS:
type: boolean
default: false
MysqlIPv6:
default: false
description: Enable IPv6 in MySQL
type: boolean
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
outputs:
role_data:
description: Service MySQL using composable services.
value:
service_name: mysql
config_settings:
map_merge:
-
# The Galera package should work in cluster and
# non-cluster modes based on the config file.
# We set the package name here explicitly so
# that it matches what we pre-install
# in tripleo-puppet-elements.
mysql::server::package_name: 'mariadb-galera-server'
mysql::server::manage_config_file: true
mysql_ipv6: {get_param: MysqlIPv6}
tripleo.mysql.firewall_rules:
'104 mysql galera':
dport:
- 873
- 3306
- 4444
- 4567
- 4568
- 9200
mysql_max_connections: {get_param: MysqlMaxConnections}
mysql::server::root_password:
yaql:
expression: $.data.passwords.where($ != '').first()
data:
passwords:
- {get_param: MysqlRootPassword}
- {get_param: [DefaultPasswords, mysql_root_password]}
mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
enable_galera: {get_param: EnableGalera}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]}
tripleo::profile::base::database::mysql::bind_address:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
tripleo::profile::base::database::mysql::client_bind_address:
{get_param: [ServiceNetMap, MysqlNetwork]}
tripleo::profile::base::database::mysql::generate_dropin_file_limit:
{get_param: MysqlIncreaseFileLimit}
- if:
- internal_tls_enabled
-
generate_service_certificates: true
tripleo::profile::base::database::mysql::certificate_specs:
service_certificate: '/etc/pki/tls/certs/mysql.crt'
service_key: '/etc/pki/tls/private/mysql.key'
hostname:
str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
dnsnames:
- str_replace:
template: "%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
- str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
principal:
str_replace:
template: "mysql/%{hiera('cloud_name_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
- {}
step_config: |
include ::tripleo::profile::base::database::mysql
metadata_settings:
if:
- internal_tls_enabled
-
- service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: vip
- service: mysql
network: {get_param: [ServiceNetMap, MysqlNetwork]}
type: node
- null
upgrade_tasks:
- name: Check for galera root password
when: step|int == 0
file: path=/root/.my.cnf state=file
- name: Stop service
when: step|int == 2
service: name=mariadb state=stopped
- name: Start service
when: step|int == 4
service: name=mariadb state=started
- name: Setup cell_v2 (create cell0 database)
when: step|int == 4
mysql_db:
name: nova_cell0
state: present
- name: Setup cell_v2 (grant access to the nova DB user)
when: step|int == 4
mysql_user:
str_replace:
template: "name=nova password=PASSWORD host=\"%\" priv=\"nova.*:ALL/nova_cell0.*:ALL,GRANT\" state=present"
params:
PASSWORD: {get_param: NovaPassword}
View Git Blame Copy Permalink