1 heat_template_version: pike
4 MySQL service deployment with pacemaker bundle
10 DockerMysqlConfigImage:
11 description: The container image to use for the mysql config_volume
15 description: Mapping of service endpoint -> protocol. Typically set
16 via parameter_defaults in the resource registry.
20 description: Dictionary packing service data
24 description: Mapping of service_name -> network name. Typically set
25 via parameter_defaults in the resource registry. This
26 mapping overrides those in ServiceNetMapDefaults.
37 description: Role name on which the service is applied
41 description: Parameters specific to the role
47 default: '/etc/ipa/ca.crt'
49 description: Specifies the default CA cert to use if TLS is used for
50 services in the internal network.
55 type: ../../containers-common.yaml
58 type: ../../../../puppet/services/pacemaker/database/mysql.yaml
60 EndpointMap: {get_param: EndpointMap}
61 ServiceData: {get_param: ServiceData}
62 ServiceNetMap: {get_param: ServiceNetMap}
63 DefaultPasswords: {get_param: DefaultPasswords}
64 RoleName: {get_param: RoleName}
65 RoleParameters: {get_param: RoleParameters}
69 internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
73 description: Containerized service MySQL using composable services.
75 service_name: {get_attr: [MysqlPuppetBase, role_data, service_name]}
78 - {get_attr: [MysqlPuppetBase, role_data, config_settings]}
79 - tripleo::profile::pacemaker::database::mysql_bundle::mysql_docker_image: &mysql_image {get_param: DockerMysqlImage}
80 tripleo::profile::pacemaker::database::mysql_bundle::control_port: 3123
81 tripleo.mysql.firewall_rules:
82 '104 mysql galera-bundle':
93 - internal_tls_enabled
95 tripleo::profile::pacemaker::database::mysql_bundle::ca_file:
96 get_param: InternalTLSCAFile
99 # BEGIN DOCKER SETTINGS #
102 puppet_tags: file # set this even though file is the default
106 - - "['Mysql_datadir', 'Mysql_user', 'Mysql_database', 'Mysql_grant', 'Mysql_plugin'].each |String $val| { noop_resource($val) }"
107 - "exec {'wait-for-settle': command => '/bin/true' }"
108 - "include ::tripleo::profile::pacemaker::database::mysql_bundle"
109 config_image: {get_param: DockerMysqlConfigImage}
111 /var/lib/kolla/config_files/mysql.json:
112 command: /usr/sbin/pacemaker_remoted
114 - dest: /etc/libqb/force-filesystem-sockets
118 - source: "/var/lib/kolla/config_files/src/*"
121 preserve_properties: true
122 - source: "/var/lib/kolla/config_files/src-tls/*"
126 preserve_properties: true
128 - path: /etc/pki/tls/certs/mysql.crt
132 - path: /etc/pki/tls/private/mysql.key
138 mysql_data_ownership:
144 # Kolla does only non-recursive chown
145 command: ['chown', '-R', 'mysql:', '/var/lib/mysql']
147 - /var/lib/mysql:/var/lib/mysql
153 # Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done
154 command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
155 volumes: &mysql_volumes
157 - {get_attr: [ContainersCommon, volumes]}
159 - /var/lib/kolla/config_files/mysql.json:/var/lib/kolla/config_files/config.json
160 - /var/lib/config-data/puppet-generated/mysql/:/var/lib/kolla/config_files/src:ro
161 - /var/lib/mysql:/var/lib/mysql
163 - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
164 - KOLLA_BOOTSTRAP=True
165 # NOTE(mandre) skip wsrep cluster status check
166 - KOLLA_KUBERNETES=True
170 - - 'DB_ROOT_PASSWORD'
173 expression: $.data.passwords.where($ != '').first()
176 - {get_param: MysqlRootPassword}
177 - {get_param: [DefaultPasswords, mysql_root_password]}
191 - - "cp -a /tmp/puppet-etc/* /etc/puppet; echo '{\"step\": 2}' > /etc/puppet/hieradata/docker.json"
192 - "FACTER_uuid=docker puppet apply --tags file,file_line,concat,augeas,TAGS -v -e 'CONFIG'"
194 TAGS: 'pacemaker::resource::bundle,pacemaker::property,pacemaker::resource::ocf,pacemaker::constraint::order,pacemaker::constraint::colocation,galera_ready,mysql_database,mysql_grant,mysql_user'
195 CONFIG: 'include ::tripleo::profile::base::pacemaker;include ::tripleo::profile::pacemaker::database::mysql_bundle'
198 - /etc/hosts:/etc/hosts:ro
199 - /etc/localtime:/etc/localtime:ro
200 - /etc/puppet:/tmp/puppet-etc:ro
201 - /usr/share/openstack-puppet/modules:/usr/share/openstack-puppet/modules:ro
202 - /etc/corosync/corosync.conf:/etc/corosync/corosync.conf:ro
203 - /dev/shm:/dev/shm:rw
204 - /var/lib/mysql:/var/lib/mysql:rw
206 - name: create /var/lib/mysql
211 get_attr: [MysqlPuppetBase, role_data, metadata_settings]
213 - name: get bootstrap nodeid
215 command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
216 register: bootstrap_node
217 - name: set is_bootstrap_node fact
219 set_fact: is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
220 - name: Disable the galera cluster resource
225 wait_for_resource: true
226 when: is_bootstrap_node
227 - name: Delete the stopped galera cluster resource.
232 wait_for_resource: true
233 when: is_bootstrap_node
234 - name: Disable mysql service
236 service: name=mariadb enabled=no