puppet-openstack-cloud/manifests/database/sql.pp

#
# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# MySQL Galera Node
#

class privatecloud::database::sql (
    $local_ip                  = $ipaddress,
    $service_provider          = sysv,
    $galera_nextserver         = $os_params::galera_nextserver,
    $galera_master             = $os_params::galera_master,
    $mysql_password            = $os_params::mysql_password,
    $keystone_db_host          = $os_params::keystone_db_host,
    $keystone_db_user          = $os_params::keystone_db_user,
    $keystone_db_password      = $os_params::keystone_db_password,
    $keystone_db_allowed_hosts = $os_params::keystone_db_allowed_hosts,
    $cinder_db_host            = $os_params::cinder_db_host,
    $cinder_db_user            = $os_params::cinder_db_user,
    $cinder_db_password        = $os_params::cinder_db_password,
    $cinder_db_allowed_hosts   = $os_params::cinder_db_allowed_hosts,
    $glance_db_host            = $os_params::glance_db_host,
    $glance_db_user            = $os_params::glance_db_user,
    $glance_db_password        = $os_params::glance_db_password,
    $glance_db_allowed_hosts   = $os_params::glance_db_allowed_hosts,
    $heat_db_host              = $os_params::heat_db_host,
    $heat_db_user              = $os_params::heat_db_user,
    $heat_db_password          = $os_params::heat_db_password,
    $heat_db_allowed_hosts     = $os_params::heat_db_allowed_hosts,
    $nova_db_host              = $os_params::nova_db_host,
    $nova_db_user              = $os_params::nova_db_user,
    $nova_db_password          = $os_params::nova_db_password,
    $nova_db_allowed_hosts     = $os_params::nova_db_allowed_hosts,
    $neutron_db_host           = $os_params::neutron_db_host,
    $neutron_db_user           = $os_params::neutron_db_user,
    $neutron_db_password       = $os_params::neutron_db_password,
    $neutron_db_allowed_hosts  = $os_params::neutron_db_allowed_hosts,
    $mysql_debian_sys_maint    = $os_params::mysql_debian_sys_maint,
    $mysql_password            = $os_params::mysql_password
) {

  include 'xinetd'


  class { 'mysql::server':
    package_name      => 'mariadb-galera-server',
    config_hash       => {
      bind_address  => $local_ip,
      root_password => $mysql_password,
    },
    service_provider  => 'debian',
    notify            => Service['xinetd'],
  }

  if $::hostname == $galera_master {

# OpenStack DB
    class { 'keystone::db::mysql':
      dbname        => 'keystone',
      user          => $keystone_db_user,
      password      => $keystone_db_password,
      host          => $keystone_db_host,
      allowed_hosts => $keystone_db_allowed_hosts,
    }
    class { 'glance::db::mysql':
      dbname        => 'glance',
      user          => $glance_db_user,
      password      => $glance_db_password,
      host          => $glance_db_host,
      allowed_hosts => $glance_db_allowed_hosts,
    }
    class { 'nova::db::mysql':
      dbname        => 'nova',
      user          => $nova_db_user,
      password      => $nova_db_password,
      host          => $nova_db_host,
      allowed_hosts => $nova_db_allowed_hosts,
    }

    class { 'cinder::db::mysql':
      dbname        => 'cinder',
      user          => $cinder_db_user,
      password      => $cinder_db_password,
      host          => $cinder_db_host,
      allowed_hosts => $cinder_db_allowed_hosts,
    }

    class { 'neutron::db::mysql':
      dbname        => 'neutron',
      user          => $neutron_db_user,
      password      => $neutron_db_password,
      host          => $neutron_db_host,
      allowed_hosts => $neutron_db_allowed_hosts,
    }

    class { 'heat::db::mysql':
      dbname        => 'heat',
      user          => $heat_db_user,
      password      => $heat_db_password,
      host          => $heat_db_host,
      allowed_hosts => $heat_db_allowed_hosts,
    }

# Monitoring DB
    warning('Database mapping must be updated to puppetlabs/puppetlabs-mysql >= 2.x (see: https://dev.ring.enovance.com/redmine/issues/4510)')

    database { 'monitoring':
      ensure  => 'present',
      charset => 'utf8',
      require => File['/root/.my.cnf']
    }
    database_user { 'clustercheckuser@localhost':
      ensure        => 'present',
      # can not change password in clustercheck script
      password_hash => mysql_password('clustercheckpassword!'),
      provider      => 'mysql',
      require       => File['/root/.my.cnf']
    }
    database_grant { 'clustercheckuser@localhost/monitoring':
      privileges => ['all']
    }

    Database_user<<| |>>
  }

  database_user { 'debian-sys-maint@localhost':
    ensure        => 'present',
    password_hash => mysql_password($mysql_debian_sys_maint),
    provider      => 'mysql',
    require       => File['/root/.my.cnf']
  }

  # set the same debian_sys_maint password
  file{'/etc/mysql/debian.cnf':
    content => "# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = ${mysql_debian_sys_maint}
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host     = localhost
user     = debian-sys-maint
password = ${mysql_debian_sys_maint}
socket   = /var/run/mysqld/mysqld.sock
basedir  = /usr
",
    mode    => '0600',
  }

  # Disabled because monitor depends on checkmulti which is broken
  #  class { 'monitor::galera::httpsrv': }

  @@haproxy::balancermember{$::fqdn:
    listening_service => 'galera_cluster',
    server_names      => $::hostname,
    ipaddresses       => $local_ip,
    ports             => '3306',
    options           =>
      inline_template('check inter 2000 rise 2 fall 5 port 9200 <% if @hostname != @galera_master -%>backup<% end %>')
  }


  mysql::server::config{'basic_config':
    notify_service => false,
    notify         => Exec['clean-mysql-binlog'],
    settings       => inline_template('
[mysqld]
### dim : general ###
max_connections         = 1000
connect_timeout         = 5
wait_timeout            = 600
max_allowed_packet      = 64M
thread_cache_size       = 128
sort_buffer_size        = 4M
bulk_insert_buffer_size = 16M
tmp_table_size          = 128M
max_heap_table_size     = 128M
query_cache_limit  = 1M
query_cache_size   = 16M

### dim : myisam ###
myisam_recover          = BACKUP
key_buffer_size         = 16M
open-files-limit        = 65535
table_open_cache        = 500
table_definition_cache  = 500
myisam_sort_buffer_size = 512M
concurrent_insert       = 2
read_buffer_size        = 2M
read_rnd_buffer_size    = 1M

### dim : log ###
slow_query_log      = 1
slow_query_log_file = /var/log/mysql/slow.log
log_error           = /var/log/mysql/error.log
long_query_time     = 1
log_slow_verbosity  = query_plan

### dim : innodb conf  ###
innodb_buffer_pool_size         = 64M
innodb_flush_log_at_trx_commit  = 1
innodb_lock_wait_timeout        = 50
innodb_thread_concurrency       = 48
innodb_file_per_table           = 1
innodb_open_files               = 65535
innodb_io_capacity              = 1000
innodb_file_format              = Barracuda
innodb_file_format_max          = Barracuda
innodb_max_dirty_pages_pct      = 50

# sileht: mandatory for galera
binlog_format=ROW
innodb_autoinc_lock_mode=2
innodb_locks_unsafe_for_binlog=1
# sileht: galera stuff TODO: change login/password
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_name="galera_cluster"
<%- if hostname != galera_master -%>
wsrep_cluster_address="gcomm://<%= @galera_nextserver[@galera_master] %>"
<%- else -%>
wsrep_cluster_address="gcomm://"
<%- end -%>
wsrep_sst_auth=root:<%= scope.lookupvar("$mysql_password") %>
wsrep_certify_nonPK=1
wsrep_convert_LOCK_to_trx=0
wsrep_auto_increment_control=1
wsrep_drupal_282555_workaround=0
wsrep_causal_reads=0
wsrep_sst_method=rsync
wsrep_node_address="<%= @local_ip %>"
wsrep_node_incoming_address="<%= @local_ip %>"

# this value here are used by /usr/bin/innobackupex
# and wsrep_sst_xtrabackup take only one configuration file and use the last one
# (/etc/mysql/my.cnf is not used)
datadir = /var/lib/mysql
tmpdir = /tmp
innodb_flush_method             = O_DIRECT
innodb_log_buffer_size          = 32M
innodb_log_file_size            = 256M
innodb_log_files_in_group       = 2
#innodb_data_file_path
#innodb_data_home_dir
#innodb_fast_checksum
#innodb_log_block_size
#innodb_log_group_home_dir
#innodb_page_size
'),
  }

  exec{'clean-mysql-binlog':
    # first sync take a long time
    command     => '/bin/bash -c "/usr/bin/mysqladmin --defaults-file=/root/.my.cnf shutdown ; killall -9 nc ; /bin/rm -f /var/lib/mysql/ib_logfile* ; /etc/init.d/mysql start || { true ; sleep 60 ; }"',
    require     => [
      File['/root/.my.cnf'],
      Service['mysqld'],
    ],
    refreshonly => true,
  }

}