6ff87dd6d4
The hiera function is deprecated and does not work with the latest hieradata version 5. It should be replaced by the new lookup function[1]. [1] https://puppet.com/docs/puppet/7/hiera_automatic.html With the lookup function, we can define value type and merge behavior, but these are kept default at this moment to limit scope of this change to just simple replacement. Adding value type might be useful to make sure the value is in expected type (especially when a boolean value is expected), but we will revisit that later. example: lookup(<NAME>, [<VALUE TYPE>], [<MERGE BEHAVIOR>], [<DEFAULT VALUE>]) This also replaces the hiera_array function which is also deprecated, according to the guideline[2]. [2] https://puppet.com/docs/puppet/7/hiera_migrate.html#updated_classic_hiera_function_calls Change-Id: Ic9930107fbc68cba3432f4424f113071325efcb7
70 lines
2.4 KiB
Puppet
70 lines
2.4 KiB
Puppet
class packstack::mariadb ()
|
|
{
|
|
if lookup('CONFIG_MARIADB_INSTALL') == 'y' {
|
|
create_resources(packstack::firewall, lookup('FIREWALL_MARIADB_RULES', undef, undef, {}))
|
|
$max_connections = lookup('CONFIG_SERVICE_WORKERS') * 128
|
|
|
|
if ($::mariadb_provides_galera) {
|
|
# Since mariadb 10.1 galera is included in main mariadb
|
|
$mariadb_package_name = 'mariadb-server-galera'
|
|
$mariadb_present = 'present'
|
|
} else {
|
|
# Package mariadb-server conflicts with mariadb-server-galera
|
|
$mariadb_package_name = 'mariadb-server-galera'
|
|
$mariadb_present = 'absent'
|
|
}
|
|
ensure_packages(['mariadb-server'], {'ensure' => $mariadb_present})
|
|
|
|
$bind_address = lookup('CONFIG_IP_VERSION') ? {
|
|
'ipv6' => '::0',
|
|
default => '0.0.0.0',
|
|
# TO-DO(mmagr): Add IPv6 support when hostnames are used
|
|
}
|
|
|
|
$mysql_root_password = lookup('CONFIG_MARIADB_PW')
|
|
|
|
class { 'mysql::server':
|
|
package_name => $mariadb_package_name,
|
|
restart => true,
|
|
root_password => $mysql_root_password,
|
|
require => Package['mariadb-server'],
|
|
override_options => {
|
|
'mysqld' => {
|
|
'bind_address' => $bind_address,
|
|
'default_storage_engine' => 'InnoDB',
|
|
'max_connections' => $max_connections,
|
|
'open_files_limit' => '-1',
|
|
# galera options
|
|
'wsrep_provider' => 'none',
|
|
'wsrep_cluster_name' => 'galera_cluster',
|
|
'wsrep_sst_method' => 'rsync',
|
|
'wsrep_sst_auth' => "root:${mysql_root_password}",
|
|
},
|
|
},
|
|
}
|
|
|
|
# deleting database users for security
|
|
# this is done in mysql::server::account_security but has problems
|
|
# when there is no fqdn, so we're defining a slightly different one here
|
|
mysql_user { [ 'root@127.0.0.1', 'root@::1', '@localhost', '@%' ]:
|
|
ensure => 'absent',
|
|
require => Class['mysql::server'],
|
|
}
|
|
|
|
if ($::fqdn != '' and $::fqdn != 'localhost') {
|
|
mysql_user { [ "root@${::fqdn}", "@${::fqdn}"]:
|
|
ensure => 'absent',
|
|
require => Class['mysql::server'],
|
|
}
|
|
}
|
|
if ($::fqdn != $::hostname and $::hostname != 'localhost') {
|
|
mysql_user { ["root@${::hostname}", "@${::hostname}"]:
|
|
ensure => 'absent',
|
|
require => Class['mysql::server'],
|
|
}
|
|
}
|
|
} else {
|
|
class { 'remote::db': }
|
|
}
|
|
}
|