puppet/services/database/mysql.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   MySQL service deployment using puppet
   5
   6 parameters:
   7   #Parameters not used EndpointMap
   8   ServiceData:
   9     default: {}
  10     description: Dictionary packing service data
  11     type: json
  12   ServiceNetMap:
  13     default: {}
  14     description: Mapping of service_name -> network name. Typically set
  15                  via parameter_defaults in the resource registry.  This
  16                  mapping overrides those in ServiceNetMapDefaults.
  17     type: json
  18   DefaultPasswords:
  19     default: {}
  20     type: json
  21   RoleName:
  22     default: ''
  23     description: Role name on which the service is applied
  24     type: string
  25   RoleParameters:
  26     default: {}
  27     description: Parameters specific to the role
  28     type: json
  29   EndpointMap:
  30     default: {}
  31     description: Mapping of service endpoint -> protocol. Typically set
  32                  via parameter_defaults in the resource registry.
  33     type: json
  34   MysqlMaxConnections:
  35     description: Configures MySQL max_connections config setting
  36     type: number
  37     default: 4096
  38   MysqlIncreaseFileLimit:
  39     description: Flag to increase MySQL open-files-limit to 16384
  40     type: boolean
  41     default: true
  42   MysqlRootPassword:
  43     type: string
  44     hidden: true
  45     default: ''
  46   MysqlClustercheckPassword:
  47     type: string
  48     hidden: true
  49   EnableGalera:
  50     default: true
  51     description: Whether to use Galera instead of regular MariaDB.
  52     type: boolean
  53   NovaPassword:
  54     description: The password for the nova service and db account
  55     type: string
  56     hidden: true
  57   EnableInternalTLS:
  58     type: boolean
  59     default: false
  60   MysqlIPv6:
  61     default: false
  62     description: Enable IPv6 in MySQL
  63     type: boolean
  64
  65
  66 conditions:
  67
  68   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
  69
  70 outputs:
  71   role_data:
  72     description: Service MySQL using composable services.
  73     value:
  74       service_name: mysql
  75       config_settings:
  76         map_merge:
  77           -
  78             # The Galera package should work in cluster and
  79             # non-cluster modes based on the config file.
  80             # We set the package name here explicitly so
  81             # that it matches what we pre-install
  82             # in tripleo-puppet-elements.
  83             mysql::server::package_name: 'mariadb-galera-server'
  84             mysql::server::manage_config_file: true
  85             mysql_ipv6: {get_param: MysqlIPv6}
  86             tripleo.mysql.firewall_rules:
  87               '104 mysql galera':
  88                 dport:
  89                   - 873
  90                   - 3306
  91                   - 4444
  92                   - 4567
  93                   - 4568
  94                   - 9200
  95             mysql_max_connections: {get_param: MysqlMaxConnections}
  96             mysql::server::root_password:
  97               yaql:
  98                 expression: $.data.passwords.where($ != '').first()
  99                 data:
 100                   passwords:
 101                     - {get_param: MysqlRootPassword}
 102                     - {get_param: [DefaultPasswords, mysql_root_password]}
 103             mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
 104             enable_galera: {get_param: EnableGalera}
 105             # NOTE: bind IP is found in Heat replacing the network name with the
 106             # local node IP for the given network; replacement examples
 107             # (eg. for internal_api):
 108             # internal_api -> IP
 109             # internal_api_uri -> [IP]
 110             # internal_api_subnet - > IP/CIDR
 111             mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]}
 112             tripleo::profile::base::database::mysql::bind_address:
 113               str_replace:
 114                 template:
 115                   "%{hiera('fqdn_$NETWORK')}"
 116                 params:
 117                   $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 118             tripleo::profile::base::database::mysql::client_bind_address:
 119               {get_param: [ServiceNetMap, MysqlNetwork]}
 120             tripleo::profile::base::database::mysql::generate_dropin_file_limit:
 121               {get_param: MysqlIncreaseFileLimit}
 122           - if:
 123             - internal_tls_enabled
 124             -
 125               generate_service_certificates: true
 126               tripleo::profile::base::database::mysql::certificate_specs:
 127                 service_certificate: '/etc/pki/tls/certs/mysql.crt'
 128                 service_key: '/etc/pki/tls/private/mysql.key'
 129                 hostname:
 130                   str_replace:
 131                     template: "%{hiera('cloud_name_NETWORK')}"
 132                     params:
 133                       NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 134                 dnsnames:
 135                   - str_replace:
 136                       template: "%{hiera('cloud_name_NETWORK')}"
 137                       params:
 138                         NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 139                   - str_replace:
 140                       template:
 141                         "%{hiera('fqdn_$NETWORK')}"
 142                       params:
 143                         $NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 144                 principal:
 145                   str_replace:
 146                     template: "mysql/%{hiera('cloud_name_NETWORK')}"
 147                     params:
 148                       NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
 149             - {}
 150       step_config: |
 151         include ::tripleo::profile::base::database::mysql
 152       metadata_settings:
 153         if:
 154           - internal_tls_enabled
 155           -
 156             - service: mysql
 157               network: {get_param: [ServiceNetMap, MysqlNetwork]}
 158               type: vip
 159             - service: mysql
 160               network: {get_param: [ServiceNetMap, MysqlNetwork]}
 161               type: node
 162           - null
 163       upgrade_tasks:
 164         - name: Check for galera root password
 165           tags: step0
 166           file: path=/root/.my.cnf state=file
 167         - name: Stop service
 168           tags: step2
 169           service: name=mariadb state=stopped
 170         - name: Start service
 171           tags: step4
 172           service: name=mariadb state=started
 173         - name: Setup cell_v2 (create cell0 database)
 174           tags: step4
 175           mysql_db:
 176             name: nova_cell0
 177             state: present
 178         - name: Setup cell_v2 (grant access to the nova DB user)
 179           tags: step4
 180           mysql_user:
 181             str_replace:
 182               template: "name=nova password=PASSWORD host=\"%\" priv=\"nova.*:ALL/nova_cell0.*:ALL,GRANT\" state=present"
 183               params:
 184                 PASSWORD: {get_param: NovaPassword}