x/packstack
Code Issues Proposed changes

Explicitely disable ssl in mariadb server config

Browse Source 
After mariadb 10.5.18, mariadb fails to start if ssl cert parameters
are configured in the file but the certificates do not exist [1]. This
problem was fixed in puppetlabs-mysql 13.1.0[2] but we use older
versions (13.0.0 in stable/zed for example) in stable branch jobs.

CentOS Stream 9 has just bumped to mariadb-10.5.22 and this is breaking
all non-ssl jobs.

[1] https://mariadb.com/kb/en/mariadb-10-5-18-release-notes/#ssl
[2] https://github.com/puppetlabs/puppetlabs-mysql/issues/1509

Change-Id: I317c5b1fa8967dc40437fa6e3258b7d8f2c79e58
This commit is contained in:
Alfredo Moralejo
2024-01-12 09:17:07 +01:00
parent 3c5da2a308
commit 0a42c916b2
4 changed files with 25 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
Puppetfile
View File

@@ -102,7 +102,7 @@ mod 'vswitch',
mod 'apache', mod 'apache',
:git => 'https://github.com/puppetlabs/puppetlabs-apache', :git => 'https://github.com/puppetlabs/puppetlabs-apache',
:ref => 'main' :ref => 'e4a1532b26e57917ea8307f3e0edd0c59a56d410'
mod 'certmonger', mod 'certmonger',
:git => 'https://github.com/rcritten/puppet-certmonger', :git => 'https://github.com/rcritten/puppet-certmonger',
@@ -110,35 +110,35 @@ mod 'certmonger',
mod 'concat', mod 'concat',
:git => 'https://github.com/puppetlabs/puppetlabs-concat', :git => 'https://github.com/puppetlabs/puppetlabs-concat',
:ref => 'main' :ref => 'v6.4.0'
mod 'firewall', mod 'firewall',
:git => 'https://github.com/puppetlabs/puppetlabs-firewall', :git => 'https://github.com/puppetlabs/puppetlabs-firewall',
:ref => 'main' :ref => '94f707c6c2b73f1665add77f797b5263da0c9bc6'
mod 'inifile', mod 'inifile',
:git => 'https://github.com/puppetlabs/puppetlabs-inifile', :git => 'https://github.com/puppetlabs/puppetlabs-inifile',
:ref => 'main' :ref => 'df46d2a0293687a157c70dab128bb5f2a53ef837'
mod 'memcached', mod 'memcached',
:git => 'https://github.com/saz/puppet-memcached', :git => 'https://github.com/saz/puppet-memcached',
:ref => 'master' :ref => '4c70dbd69fd00fe5ee10128e42abce96920faa91'
mod 'mysql', mod 'mysql',
:git => 'https://github.com/puppetlabs/puppetlabs-mysql', :git => 'https://github.com/puppetlabs/puppetlabs-mysql',
:ref => 'main' :ref => 'v10.10.0'
mod 'nssdb', mod 'nssdb',
:git => 'https://github.com/rcritten/puppet-nssdb', :git => 'https://github.com/rcritten/puppet-nssdb',
:ref => 'master' :ref => '2ed2a2df59bbeaf9cf628e1a4a499476842282fd'
mod 'rabbitmq', mod 'rabbitmq',
:git => 'https://github.com/voxpupuli/puppet-rabbitmq', :git => 'https://github.com/voxpupuli/puppet-rabbitmq',
:ref => 'master' :ref => '63fee2c701e78f61d0612738d849176ad862729c'
mod 'redis', mod 'redis',
:git => 'https://github.com/arioch/puppet-redis', :git => 'https://github.com/arioch/puppet-redis',
:ref => 'master' :ref => '547105ef0756abb82642232c09ebd3f092ed8ab6'
mod 'remote', mod 'remote',
:git => 'https://github.com/paramite/puppet-remote', :git => 'https://github.com/paramite/puppet-remote',
@@ -146,15 +146,15 @@ mod 'remote',
mod 'rsync', mod 'rsync',
:git => 'https://github.com/puppetlabs/puppetlabs-rsync', :git => 'https://github.com/puppetlabs/puppetlabs-rsync',
:ref => 'main' :ref => 'ea6397ef55273b7e20d8eccece493cceb795f5eb'
mod 'ssh', mod 'ssh',
:git => 'https://github.com/saz/puppet-ssh', :git => 'https://github.com/saz/puppet-ssh',
:ref => 'master' :ref => '6e0f430034cf349c8b613d16cf9e3a52f63183e0'
mod 'stdlib', mod 'stdlib',
:git => 'https://github.com/puppetlabs/puppetlabs-stdlib', :git => 'https://github.com/puppetlabs/puppetlabs-stdlib',
:ref => 'main' :ref => 'v6.6.0'
mod 'sysctl', mod 'sysctl',
:git => 'https://github.com/duritong/puppet-sysctl', :git => 'https://github.com/duritong/puppet-sysctl',
@@ -170,5 +170,5 @@ mod 'vcsrepo',
mod 'xinetd', mod 'xinetd',
:git => 'https://github.com/puppetlabs/puppetlabs-xinetd', :git => 'https://github.com/puppetlabs/puppetlabs-xinetd',
:ref => 'master' :ref => '8d460c4b64e357bd0ba0f2ca78509d999b59b21c'

1
packstack/puppet/modules/packstack/manifests/mariadb.pp
View File

@@ -39,6 +39,7 @@ class packstack::mariadb ()
'wsrep_cluster_name' => 'galera_cluster', 'wsrep_cluster_name' => 'galera_cluster',
'wsrep_sst_method' => 'rsync', 'wsrep_sst_method' => 'rsync',
'wsrep_sst_auth' => "root:${mysql_root_password}", 'wsrep_sst_auth' => "root:${mysql_root_password}",
'ssl-disable' => true,
}, },
}, },
} }

13
run_tests.sh
View File

@@ -17,7 +17,7 @@ export PATH=$PATH:/usr/local/sbin:/usr/sbin
SCENARIO=${SCENARIO:-scenario001} SCENARIO=${SCENARIO:-scenario001}
BRANCH=master BRANCH=stable/wallaby
# Find OS version and release # Find OS version and release
source /etc/os-release source /etc/os-release
@@ -278,8 +278,15 @@ if [ "${INSTALL_FROM_SOURCE}" = true ]; then
if ([ "$OS_NAME" = "RedHat" ] || [ "$OS_NAME" = "CentOS" ]) && [ $OS_VERSION -gt 8 ]; then if ([ "$OS_NAME" = "RedHat" ] || [ "$OS_NAME" = "CentOS" ]) && [ $OS_VERSION -gt 8 ]; then
$SUDO gem install r10k $SUDO gem install r10k
else else
$SUDO gem install gettext -v 3.2.9 --no-ri --no-rdoc cat <<EOF >/tmp/Gemfile
$SUDO gem install r10k -v 2.6.4 --no-ri --no-rdoc source 'http://rubygems.org'
gem 'fast_gettext', '<1.2.0'
gem 'gettext', '< 3.3.0'
gem 'multipart-post', '<2.2.0'
gem 'semantic_puppet', '<1.1.0'
gem 'r10k', '= 2.6.4'
EOF
$SUDO gem install -g /tmp/Gemfile
fi fi
# make sure there is no puppet module pre-installed # make sure there is no puppet module pre-installed
$SUDO rm -rf "${PUPPETFILE_DIR:?}/"* $SUDO rm -rf "${PUPPETFILE_DIR:?}/"*

2
tox.ini
View File

@@ -10,7 +10,7 @@ setenv = VIRTUAL_ENV={envdir}
LANGUAGE=en_US:en LANGUAGE=en_US:en
LC_ALL=C LC_ALL=C
deps = deps =
-c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
-r{toxinidir}/test-requirements.txt -r{toxinidir}/test-requirements.txt
-r{toxinidir}/requirements.txt -r{toxinidir}/requirements.txt