puppet/services/database/mysql.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   MySQL service deployment using puppet
   5
   6 parameters:
   7   #Parameters not used EndpointMap
   8   ServiceData:
   9     default: {}
  10     description: Dictionary packing service data
  11     type: json
  12   ServiceNetMap:
  13     default: {}
  14     description: Mapping of service_name -> network name. Typically set
  15                  via parameter_defaults in the resource registry.  This
  16                  mapping overrides those in ServiceNetMapDefaults.
  17     type: json
  18   DefaultPasswords:
  19     default: {}
  20     type: json
  21   RoleName:
  22     default: ''
  23     description: Role name on which the service is applied
  24     type: string
  25   RoleParameters:
  26     default: {}
  27     description: Parameters specific to the role
  28     type: json
  29   EndpointMap:
  30     default: {}
  31     description: Mapping of service endpoint -> protocol. Typically set
  32                  via parameter_defaults in the resource registry.
  33     type: json
  34   MysqlMaxConnections:
  35     description: Configures MySQL max_connections config setting
  36     type: number
  37     default: 4096
  38   MysqlIncreaseFileLimit:
  39     description: Flag to increase MySQL open-files-limit to 16384
  40     type: boolean
  41     default: true
  42   MysqlRootPassword:
  43     type: string
  44     hidden: true
  45     default: ''
  46   MysqlClustercheckPassword:
  47     type: string
  48     hidden: true
  49   EnableGalera:
  50     default: true
  51     description: Whether to use Galera instead of regular MariaDB.
  52     type: boolean
  53   NovaPassword:
  54     description: The password for the nova service and db account
  55     type: string
  56     hidden: true
  57   EnableInternalTLS:
  58     type: boolean
  59     default: false
  60
  61 conditions:
  62
  63   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
  64
  65 outputs:
  66   role_data:
  67     description: Service MySQL using composable services.
  68     value:
  69       service_name: mysql
  70       config_settings:
  71         map_merge:
  72           -
  73             # The Galera package should work in cluster and
  74             # non-cluster modes based on the config file.
  75             # We set the package name here explicitly so
  76             # that it matches what we pre-install
  77             # in tripleo-puppet-elements.
  78             mysql::server::package_name: 'mariadb-galera-server'
  79             mysql::server::manage_config_file: true
  80             tripleo.mysql.firewall_rules:
  81               '104 mysql galera':
  82                 dport:
  83                   - 873
  84                   - 3306
  85                   - 4444
  86                   - 4567
  87                   - 4568
  88                   - 9200
  89             mysql_max_connections: {get_param: MysqlMaxConnections}
  90             mysql::server::root_password:
  91               yaql:
  92                 expression: $.data.passwords.where($ != '').first()
  93                 data:
  94                   passwords:
  95                     - {get_param: MysqlRootPassword}
  96                     - {get_param: [DefaultPasswords, mysql_root_password]}
  97             mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
  98             enable_galera: {get_param: EnableGalera}
  99             # NOTE: bind IP is found in Heat replacing the network name with the
 100             # local node IP for the given network; replacement examples
 101             # (eg. for internal_api):
 102             # internal_api -> IP
 103             # internal_api_uri -> [IP]
 104             # internal_api_subnet - > IP/CIDR
 105             mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]}
 106             tripleo::profile::base::database::mysql::bind_address:
 107               str_replace:
 108                 template:
 109                   "%{hiera('fqdn_$NETWORK')}"
 110                 params:
 111                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 112             tripleo::profile::base::database::mysql::client_bind_address:
 113               {get_param: [ServiceNetMap, MysqlNetwork]}
 114             tripleo::profile::base::database::mysql::generate_dropin_file_limit:
 115               {get_param: MysqlIncreaseFileLimit}
 116           - generate_service_certificates: true
 117             tripleo::profile::base::database::mysql::certificate_specs:
 118               service_certificate: '/etc/pki/tls/certs/mysql.crt'
 119               service_key: '/etc/pki/tls/private/mysql.key'
 120               hostname:
 121                 str_replace:
 122                   template: "%{hiera('cloud_name_NETWORK')}"
 123                   params:
 124                     NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 125               dnsnames:
 126                 - str_replace:
 127                     template: "%{hiera('cloud_name_NETWORK')}"
 128                     params:
 129                       NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 130                 - str_replace:
 131                     template:
 132                       "%{hiera('fqdn_$NETWORK')}"
 133                     params:
 134                       $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 135               principal:
 136                 str_replace:
 137                   template: "mysql/%{hiera('cloud_name_NETWORK')}"
 138                   params:
 139                     NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 140       step_config: |
 141         include ::tripleo::profile::base::database::mysql
 142       metadata_settings:
 143         if:
 144           - internal_tls_enabled
 145           -
 146             - service: mysql
 147               network: {get_param: [ServiceNetMap, MysqlNetwork]}
 148               type: vip
 149             - service: mysql
 150               network: {get_param: [ServiceNetMap, MysqlNetwork]}
 151               type: node
 152           - null
 153       upgrade_tasks:
 154         - name: Check for galera root password
 155           tags: step0
 156           file: path=/root/.my.cnf state=file
 157         - name: Stop service
 158           tags: step2
 159           service: name=mariadb state=stopped
 160         - name: Start service
 161           tags: step4
 162           service: name=mariadb state=started
 163         - name: Setup cell_v2 (create cell0 database)
 164           tags: step4
 165           mysql_db:
 166             name: nova_cell0
 167             state: present
 168         - name: Setup cell_v2 (grant access to the nova DB user)
 169           tags: step4
 170           mysql_user:
 171             str_replace:
 172               template: "name=nova password=PASSWORD host=\"%\" priv=\"nova.*:ALL/nova_cell0.*:ALL,GRANT\" state=present"
 173               params:
 174                 PASSWORD: {get_param: NovaPassword}