Puppet Class: profile::openstack::codfw1dev::db
- Defined in:
- modules/profile/manifests/openstack/codfw1dev/db.pp
Overview
at some point this class should inherit all the code currently present in profile::openstack::base::keystone::db
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'modules/profile/manifests/openstack/codfw1dev/db.pp', line 3
class profile::openstack::codfw1dev::db(
Array[Stdlib::Fqdn] $openstack_controllers = lookup('profile::openstack::codfw1dev::openstack_controllers'),
Array[Stdlib::Fqdn] $designate_hosts = lookup('profile::openstack::codfw1dev::designate_hosts'),
Stdlib::Fqdn $puppetmaster = lookup('profile::openstack::codfw1dev::puppetmaster::web_hostname'),
Stdlib::Compat::Array $labweb_hosts = lookup('profile::openstack::codfw1dev::labweb_hosts'),
Array[Stdlib::Fqdn] $prometheus_nodes = lookup('prometheus_nodes'),
Array[String] $mysql_root_clients = lookup('mysql_root_clients', {default_value => []}),
Array[String] $maintenance_hosts = lookup('maintenance_hosts'),
) {
include ::profile::standard
package {'mysql-server':
ensure => 'present',
}
file {'/etc/mysql/my.cnf':
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/profile/openstack/codfw1dev/db/my.cnf',
require => Package['mysql-server'],
}
prometheus::mysqld_exporter { 'default':
client_password => '',
client_socket => '/var/run/mysqld/mysqld.sock',
}
$prometheus_ferm_nodes = join($prometheus_nodes, ' ')
ferm::service { 'prometheus-mysqld-exporter':
proto => 'tcp',
port => '9104',
srange => "@resolve((${prometheus_ferm_nodes}))",
}
ferm::rule { 'cloudcontrol_mysql':
ensure => 'present',
rule => "saddr (@resolve((${join($openstack_controllers,' ')})) @resolve((${join($openstack_controllers,' ')}), AAAA) @resolve((${join($designate_hosts,' ')})) @resolve((${join($designate_hosts,' ')}), AAAA) @resolve(${puppetmaster}) @resolve(${puppetmaster}, AAAA)) proto tcp dport (3306) ACCEPT;",
}
$labweb_ips = inline_template("@resolve((<%= @labweb_hosts.join(' ') %>))")
$labweb_ip6s = inline_template("@resolve((<%= @labweb_hosts.join(' ') %>), AAAA)")
ferm::rule { 'labweb_mysql':
ensure => 'present',
rule => "saddr (${labweb_ips} ${labweb_ip6s}) proto tcp dport (3306) ACCEPT;",
}
# mysql monitoring and administration from root clients/tendril
$mysql_root_clients_str = join($mysql_root_clients, ' ')
ferm::service { 'mysql_admin_standard':
proto => 'tcp',
port => '3306',
srange => "(${mysql_root_clients_str})",
}
ferm::service { 'mysql_admin_alternative':
proto => 'tcp',
port => '3307',
srange => "(${mysql_root_clients_str})",
}
# mysql from deployment master servers and maintenance hosts (T98682, T109736)
$maintenance_hosts_str = join($maintenance_hosts, ' ')
ferm::service { 'mysql_deployment_mwmaint':
proto => 'tcp',
port => '3306',
srange => "(\$DEPLOYMENT_HOSTS ${maintenance_hosts_str})",
}
}
|