Puppet Class: profile::openstack::codfw1dev::db
- Defined in:
- modules/profile/manifests/openstack/codfw1dev/db.pp
Overview
SPDX-License-Identifier: Apache-2.0
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'modules/profile/manifests/openstack/codfw1dev/db.pp', line 2
class profile::openstack::codfw1dev::db(
Array[Stdlib::Fqdn] $labweb_hosts = lookup('profile::openstack::codfw1dev::labweb_hosts'),
Array[Stdlib::IP::Address] $mysql_root_clients = lookup('mysql_root_clients', {default_value => []}),
Array[Stdlib::IP::Address] $maintenance_hosts = lookup('maintenance_hosts'),
) {
package {'wmf-mariadb106':
ensure => 'present',
}
# TODO: consider using profile::pki::get_cert
# This creates also /etc/mysql/ssl
puppet::expose_agent_certs { '/etc/mysql':
ensure => present,
provide_private => true,
user => 'mysql',
group => 'mysql',
}
file {'/etc/mysql/my.cnf':
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/profile/openstack/codfw1dev/db/my.cnf',
require => Package['wmf-mariadb106'],
}
prometheus::mysqld_exporter { 'default':
client_password => '',
client_socket => '/var/run/mysqld/mysqld.sock',
}
firewall::service { 'labweb_mysql':
proto => 'tcp',
port => 3306,
srange => $labweb_hosts,
}
# mysql monitoring and administration from root clients/tendril
$mysql_root_clients_str = join($mysql_root_clients, ' ')
ferm::service { 'mysql_admin_standard':
proto => 'tcp',
port => '3306',
srange => "(${mysql_root_clients_str})",
}
ferm::service { 'mysql_admin_alternative':
proto => 'tcp',
port => '3307',
srange => "(${mysql_root_clients_str})",
}
# mysql from deployment master servers and maintenance hosts (T98682, T109736)
$maintenance_hosts_str = join($maintenance_hosts, ' ')
ferm::service { 'mysql_deployment_mwmaint':
proto => 'tcp',
port => '3306',
srange => "(\$DEPLOYMENT_HOSTS ${maintenance_hosts_str})",
}
}
|