Puppet Class: profile::openstack::codfw1dev::db

Defined in:
modules/profile/manifests/openstack/codfw1dev/db.pp

Overview

at some point this class should inherit all the code currently present in profile::openstack::base::keystone::db

Parameters:

  • openstack_controllers (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::openstack::codfw1dev::openstack_controllers'))
  • designate_hosts (Array[Stdlib::Fqdn]) (defaults to: lookup('profile::openstack::codfw1dev::designate_hosts'))
  • puppetmaster (Stdlib::Fqdn) (defaults to: lookup('profile::openstack::codfw1dev::puppetmaster::web_hostname'))
  • labweb_hosts (Stdlib::Compat::Array) (defaults to: lookup('profile::openstack::codfw1dev::labweb_hosts'))
  • mysql_root_clients (Array[String]) (defaults to: lookup('mysql_root_clients', {default_value => []}))
  • maintenance_hosts (Array[String]) (defaults to: lookup('maintenance_hosts')) 


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'modules/profile/manifests/openstack/codfw1dev/db.pp', line 3

class profile::openstack::codfw1dev::db(
    Array[Stdlib::Fqdn] $openstack_controllers = lookup('profile::openstack::codfw1dev::openstack_controllers'),
    Array[Stdlib::Fqdn] $designate_hosts = lookup('profile::openstack::codfw1dev::designate_hosts'),
    Stdlib::Fqdn        $puppetmaster = lookup('profile::openstack::codfw1dev::puppetmaster::web_hostname'),
    Stdlib::Compat::Array $labweb_hosts = lookup('profile::openstack::codfw1dev::labweb_hosts'),
    Array[String] $mysql_root_clients = lookup('mysql_root_clients', {default_value => []}),
    Array[String] $maintenance_hosts = lookup('maintenance_hosts'),
) {

    package {'mysql-server':
        ensure => 'present',
    }

    file {'/etc/mysql/my.cnf':
        owner   => 'root',
        group   => 'root',
        mode    => '0644',
        source  => 'puppet:///modules/profile/openstack/codfw1dev/db/my.cnf',
        require => Package['mysql-server'],
    }

    prometheus::mysqld_exporter { 'default':
        client_password => '',
        client_socket   => '/var/run/mysqld/mysqld.sock',
    }

    ferm::rule { 'cloudcontrol_mysql':
        ensure => 'present',
        rule   => "saddr (@resolve((${join($openstack_controllers,' ')})) @resolve((${join($openstack_controllers,' ')}), AAAA) @resolve((${join($designate_hosts,' ')})) @resolve((${join($designate_hosts,' ')}), AAAA) @resolve(${puppetmaster}) @resolve(${puppetmaster}, AAAA)) proto tcp dport (3306) ACCEPT;",
    }

    $labweb_ips = inline_template("@resolve((<%= @labweb_hosts.join(' ') %>))")
    $labweb_ip6s = inline_template("@resolve((<%= @labweb_hosts.join(' ') %>), AAAA)")
    ferm::rule { 'labweb_mysql':
        ensure => 'present',
        rule   => "saddr (${labweb_ips} ${labweb_ip6s}) proto tcp dport (3306) ACCEPT;",
    }

    # mysql monitoring and administration from root clients/tendril
    $mysql_root_clients_str = join($mysql_root_clients, ' ')
    ferm::service { 'mysql_admin_standard':
        proto  => 'tcp',
        port   => '3306',
        srange => "(${mysql_root_clients_str})",
    }
    ferm::service { 'mysql_admin_alternative':
        proto  => 'tcp',
        port   => '3307',
        srange => "(${mysql_root_clients_str})",
    }

    # mysql from deployment master servers and maintenance hosts (T98682, T109736)
    $maintenance_hosts_str = join($maintenance_hosts, ' ')
    ferm::service { 'mysql_deployment_mwmaint':
        proto  => 'tcp',
        port   => '3306',
        srange => "(\$DEPLOYMENT_HOSTS ${maintenance_hosts_str})",
    }

}