1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
# File 'modules/profile/manifests/mariadb/cloudinfra.pp', line 1
class profile::mariadb::cloudinfra (
Boolean $master = lookup('profile::mariadb::cloudinfra::master'),
Array[Stdlib::Fqdn] $enc_servers = lookup('profile::mariadb::cloudinfra::enc_servers'),
Array[Stdlib::IP::Address] $proxies = lookup('cache_hosts'),
Array[Stdlib::Fqdn] $cloudinfra_dbs = lookup('profile::mariadb::cloudinfra::cloudinfra_dbs'),
) {
if debian::codename::ge('bullseye') {
# for bullseye and newer (cloudinfra-db03+), use a Cinder volume for MariaDB storage
include ::profile::labs::cindermount::srv
}
$read_only = $master ? {
true => 0,
false => 1,
}
ferm::service { 'enc-clients':
proto => 'tcp',
port => 3306,
notrack => true,
srange => "(@resolve((${enc_servers.join(' ')})))",
}
ferm::service { 'proxies':
proto => 'tcp',
port => 3306,
notrack => true,
srange => $proxies,
}
ferm::service { 'mariadb_replication':
proto => 'tcp',
port => 3306,
notrack => true,
srange => "(@resolve((${cloudinfra_dbs.join(' ')})))",
}
require profile::mariadb::packages_wmf
include profile::mariadb::wmfmariadbpy
class { 'mariadb::service': }
class { 'mariadb::config':
config => 'role/mariadb/mysqld_config/misc.my.cnf.erb',
basedir => $profile::mariadb::packages_wmf::basedir,
datadir => '/srv/sqldata',
tmpdir => '/srv/tmp',
ssl => 'puppet-cert',
read_only => $read_only,
}
class { 'mariadb::heartbeat':
datacenter => $::site,
enabled => $master,
}
}
|