diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/client/perl.pp | 7 | ||||
| -rw-r--r-- | manifests/client/perl/debian.pp | 6 | ||||
| -rw-r--r-- | manifests/default_database.pp | 45 | ||||
| -rw-r--r-- | manifests/init.pp | 6 | ||||
| -rw-r--r-- | manifests/server.pp | 9 | ||||
| -rw-r--r-- | manifests/server/base.pp | 21 | ||||
| -rw-r--r-- | manifests/server/cron.pp | 2 | ||||
| -rw-r--r-- | manifests/server/cron/backup.pp | 19 | ||||
| -rw-r--r-- | manifests/server/cron/optimize.pp | 6 | ||||
| -rw-r--r-- | manifests/server/munin/base.pp | 20 | ||||
| -rw-r--r-- | manifests/server/munin/debian.pp | 17 | ||||
| -rw-r--r-- | manifests/server/munin/default.pp | 13 | ||||
| -rw-r--r-- | manifests/server/nagios.pp | 55 |
13 files changed, 160 insertions, 66 deletions
diff --git a/manifests/client/perl.pp b/manifests/client/perl.pp new file mode 100644 index 0000000..09a790b --- /dev/null +++ b/manifests/client/perl.pp @@ -0,0 +1,7 @@ +class mysql::client::perl { + + case $operatingsystem { + debian: { include mysql::client::perl::debian } + } + +} diff --git a/manifests/client/perl/debian.pp b/manifests/client/perl/debian.pp new file mode 100644 index 0000000..790eaff --- /dev/null +++ b/manifests/client/perl/debian.pp @@ -0,0 +1,6 @@ +class mysql::client::perl::debian { + + package { 'libdbd-mysql-perl': + ensure => present, + } +} diff --git a/manifests/default_database.pp b/manifests/default_database.pp new file mode 100644 index 0000000..1c99af5 --- /dev/null +++ b/manifests/default_database.pp @@ -0,0 +1,45 @@ +# create default database +# generate hashed password with: +# ruby -r'digest/sha1' -e 'puts "*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(ARGV[0])).upcase' PASSWORD +define mysql::default_database( + $username = 'absent', + $password, + $password_is_encrypted = true, + $privileges = 'all', + $host = '127.0.0.1', + $ensure = 'present' +) { + $real_username = $username ? { + 'absent' => $name, + default => $username + } + mysql_database{"$name": + ensure => $ensure + } + case $password { + 'absent': { + info("we don't create the user for database: ${name}") + $grant_require = Mysql_database["$name"] + } + default: { + mysql_user{"${real_username}@${host}": + password_hash => $password_is_encrypted ? { + true => "$password", + default => mysql_password("$password") + }, + ensure => $ensure, + require => [ + Mysql_database["$name"] + ], + } + $grant_require = [ + Mysql_database["$name"], + Mysql_user["${real_username}@${host}"] + ] + } + } + mysql_grant{"${real_username}@${host}/${name}": + privileges => "$privileges", + require => $grant_require, + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 3d8d8e3..85fc88a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,9 +1,11 @@ # mysql module # # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> -# See LICENSE for the full license granted to you. # Copyright 2008, admin(at)immerda.ch # Copyright 2008, Puzzle ITC GmbH # Marcel Härry haerry+puppet(at)puzzle.ch # Simon Josi josi+puppet(at)puzzle.ch -# +# Copyright 2009-2010, Riseup Labs <http://riseuplabs.org> +# Pietro Ferrari <pietro@riseup.net> +# Micah Anderson <micah@riseup.net> + diff --git a/manifests/server.pp b/manifests/server.pp index 51324b5..e6e5fac 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,9 +1,5 @@ class mysql::server { - include common::moduledir - $mysql_moduledir = "${common::moduledir::module_dir_path}/mysql" - module_dir { ['mysql', 'mysql/server']: } - case $operatingsystem { gentoo: { include mysql::server::gentoo } centos: { include mysql::server::centos } @@ -19,7 +15,10 @@ class mysql::server { } if $use_nagios { - include mysql::server::nagios + case $nagios_check_mysql { + false: { info("We don't do nagioschecks for mysql on ${fqdn}" ) } + default: { include mysql::server::nagios } + } } if $use_shorewall { diff --git a/manifests/server/base.pp b/manifests/server/base.pp index 480eda9..7ddff38 100644 --- a/manifests/server/base.pp +++ b/manifests/server/base.pp @@ -5,10 +5,13 @@ class mysql::server::base { file { 'mysql_main_cnf': path => '/etc/mysql/my.cnf', source => [ - "puppet://$server/modules/site-mysql/${fqdn}/my.cnf", - "puppet://$server/modules/site-mysql/my.cnf", - "puppet://$server/modules/mysql/config/my.cnf.${operatingsystem}", - "puppet://$server/modules/mysql/config/my.cnf" + "puppet:///modules/site-mysql/${fqdn}/my.cnf", + "puppet:///modules/site-mysql/my.cnf.${operatingsystem}.{lsbdistcodename}", + "puppet:///modules/site-mysql/my.cnf.${operatingsystem}", + "puppet:///modules/site-mysql/my.cnf", + "puppet:///modules/mysql/config/my.cnf.${operatingsystem}.{lsbdistcodename}", + "puppet:///modules/mysql/config/my.cnf.${operatingsystem}", + "puppet:///modules/mysql/config/my.cnf" ], ensure => file, require => Package['mysql-server'], @@ -37,8 +40,8 @@ class mysql::server::base { } file { 'mysql_setmysqlpass.sh': - path => "${mysql_moduledir}/server/setmysqlpass.sh", - source => "puppet://${server}/modules/mysql/scripts/${operatingsystem}/setmysqlpass.sh", + path => '/usr/local/sbin/setmysqlpass.sh', + source => "puppet:///modules/mysql/scripts/${operatingsystem}/setmysqlpass.sh", require => Package['mysql-server'], owner => root, group => 0, mode => 0500; } @@ -52,8 +55,8 @@ class mysql::server::base { } exec { 'mysql_set_rootpw': - command => "${mysql_moduledir}/server/setmysqlpass.sh ${mysql_rootpw}", - unless => "mysqladmin -uroot status > /dev/null", + command => "/usr/local/sbin/setmysqlpass.sh ${mysql_rootpw}", + unless => "/usr/bin/mysqladmin -uroot status > /dev/null", require => [ File['mysql_setmysqlpass.sh'], Package['mysql-server'] ], refreshonly => true, } @@ -70,7 +73,7 @@ class mysql::server::base { ensure => running, enable => true, hasstatus => true, - require => Package['mysql-client'], + require => Package['mysql-server'], } # Collect all databases and users diff --git a/manifests/server/cron.pp b/manifests/server/cron.pp deleted file mode 100644 index 36a7a1f..0000000 --- a/manifests/server/cron.pp +++ /dev/null @@ -1,2 +0,0 @@ -class mysql::server::cron { -} diff --git a/manifests/server/cron/backup.pp b/manifests/server/cron/backup.pp index 33b8f0f..c1e84d1 100644 --- a/manifests/server/cron/backup.pp +++ b/manifests/server/cron/backup.pp @@ -5,18 +5,23 @@ class mysql::server::cron::backup { default => $mysql_backup_dir, } - file { 'mysql_backup_dir': - path => $real_mysql_backup_dir, - source => "puppet://${server}/modules/common/empty", - ensure => directory, - owner => root, group => 0, mode => 0700, + case $mysql_manage_backup_dir { + false: { info("We don't manage \$mysql_backup_dir ($mysql_backup_dir)") } + default: { + file { 'mysql_backup_dir': + path => $real_mysql_backup_dir, + ensure => directory, + before => Cron['mysql_backup_cron'], + owner => root, group => 0, mode => 0700; + } + } } cron { 'mysql_backup_cron': - command => '/usr/bin/mysqldump --default-character-set=utf8 --all-databases --all --flush-logs --lock-tables --single-transaction | gzip > ${real_mysql_backup_dir}/mysqldump.sql.gz && chmod 600 ${real_mysql_backup_dir}/mysqldump.sql.gz', + command => "/usr/bin/mysqldump --default-character-set=utf8 --all-databases --all --flush-logs --lock-tables --single-transaction | gzip > ${real_mysql_backup_dir}/mysqldump.sql.gz && chmod 600 ${real_mysql_backup_dir}/mysqldump.sql.gz", user => 'root', minute => 0, hour => 1, - require => [ Exec['mysql_set_rootpw'], File['mysql_root_cnf'], File['mysql_backup_dir'] ], + require => [ Exec['mysql_set_rootpw'], File['mysql_root_cnf'] ], } } diff --git a/manifests/server/cron/optimize.pp b/manifests/server/cron/optimize.pp index 29ee66e..c238930 100644 --- a/manifests/server/cron/optimize.pp +++ b/manifests/server/cron/optimize.pp @@ -1,13 +1,13 @@ class mysql::server::cron::optimize { file { 'mysql_optimize_script': - path => "${mysql_moduledir}/server/optimize_tables.rb", - source => "puppet://${server}/modules/mysql/scripts/optimize_tables.rb", + path => '/usr/local/sbin/optimize_mysql_tables.rb', + source => "puppet:///modules/mysql/scripts/optimize_tables.rb", owner => root, group => 0, mode => 0700; } cron { 'mysql_optimize_cron': - command => "${mysql_moduledir}/server/optimize_tables.rb", + command => '/usr/local/sbin/optimize_mysql_tables.rb', user => 'root', minute => 40, hour => 6, diff --git a/manifests/server/munin/base.pp b/manifests/server/munin/base.pp new file mode 100644 index 0000000..ad4bb8a --- /dev/null +++ b/manifests/server/munin/base.pp @@ -0,0 +1,20 @@ +class mysql::server::munin::base { + + file { + "/usr/local/share/munin-plugins/mysql_connections": + source => "puppet:///modules/mysql/munin/mysql_connections", + mode => 0755, owner => root, group => root; + + "/usr/local/share/munin-plugins/mysql_qcache": + source => "puppet:///modules/mysql/munin/mysql_qcache", + mode => 0755, owner => root, group => root; + + "/usr/local/share/munin-plugins/mysql_qcache_mem": + source => "puppet:///modules/mysql/munin/mysql_qcache_mem", + mode => 0755, owner => root, group => root; + + "/usr/local/share/munin-plugins/mysql_size_all": + source => "puppet:///modules/mysql/munin/mysql_size_all", + mode => 0755, owner => root, group => root; + } +} diff --git a/manifests/server/munin/debian.pp b/manifests/server/munin/debian.pp index 2b2acb4..d1636d5 100644 --- a/manifests/server/munin/debian.pp +++ b/manifests/server/munin/debian.pp @@ -1,9 +1,14 @@ # manifests/server/munin/debian.pp -class mysql::server::munin::debian { - munin::plugin { - [mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads]: - config => "user root\nenv.mysqlopts --defaults-file=/etc/mysql/debian.cnf", - require => Package['mysql'], - } +class mysql::server::munin::debian inherits mysql::server::munin::base { + munin::plugin { + [ mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads ]: + config => "user root\nenv.mysqlopts --defaults-file=/etc/mysql/debian.cnf", + require => Package['mysql']; + + [ mysql_connections, mysql_qcache, mysql_cache_mem, mysql_size_all ]: + config => "user root\nenv.mysqlopts --defaults-file=/etc/mysql/debian.cnf", + script_path_in => "/usr/local/share/munin-plugins", + require => Package['mysql']; + } } diff --git a/manifests/server/munin/default.pp b/manifests/server/munin/default.pp index b60ff0d..2660ea0 100644 --- a/manifests/server/munin/default.pp +++ b/manifests/server/munin/default.pp @@ -1,6 +1,6 @@ # manifests/server/munin/default.pp -class mysql::server::munin::default { +class mysql::server::munin::default inherits mysql::server::munin::base { case $munin_mysql_password { '': { fail("please specify \$munin_mysql_password to enable mysql munin plugin")} } @@ -16,8 +16,13 @@ class mysql::server::munin::default { } munin::plugin { - [mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads]: - config => "env.mysqlopts --user=munin --password=${munin_mysql_password} -h localhost", - require => [ Mysql_grant['munin@localhost'], Mysql_user['munin@localhost'], Package['mysql'] ] + [ mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads ]: + config => "env.mysqlopts --user=munin --password=${munin_mysql_password} -h localhost", + require => [ Mysql_grant['munin@localhost'], Mysql_user['munin@localhost'], Package['mysql'] ]; + + [ mysql_connections, mysql_qcache, mysql_cache_mem, mysql_size_all ]: + script_path_in => "/usr/local/share/munin-plugins", + config => "env.mysqlopts --user=munin --password=${munin_mysql_password} -h localhost", + require => [ Mysql_grant['munin@localhost'], Mysql_user['munin@localhost'], Package['mysql'] ]; } } diff --git a/manifests/server/nagios.pp b/manifests/server/nagios.pp index 4c1c153..4e2b8b8 100644 --- a/manifests/server/nagios.pp +++ b/manifests/server/nagios.pp @@ -1,33 +1,32 @@ # manifests/server/nagios.pp class mysql::server::nagios { - case $nagios_mysql_password { - '': { fail("please specify \$nagios_mysql_password to enable nagios mysql check")} - } - - # Flip this variable if you need to check MySQL through check_ssh or check_nrpe, - # in that case you will have to manually define nagios::service::mysql - if ($nagios_mysql_notcp != true) { - $nagios_mysql_user = 'nagios@%' - nagios::service::mysql { 'mysql': - check_hostname => $fqdn, - check_username => 'nagios', - check_password => $nagios_mysql_password, - check_mode => 'tcp', - require => Mysql_grant[$nagios_mysql_user], - } - } - else { - $nagios_mysql_user = 'nagios@localhost' - } - - mysql_user{$nagios_mysql_user: - password_hash => mysql_password("${nagios_mysql_password}"), - require => Package['mysql'], - } - - mysql_grant{$nagios_mysql_user: - privileges => 'select_priv', - require => [ Mysql_user[$nagios_mysql_user], Package['mysql'] ], + case $nagios_mysql_password { + '': { fail("please specify \$nagios_mysql_password to enable nagios mysql check")} + } + + # Flip this variable if you need to check MySQL through check_ssh or check_nrpe, + # in that case you will have to manually define nagios::service::mysql + if ($nagios_mysql_notcp != true) { + $nagios_mysql_user = 'nagios@%' + nagios::service::mysql { 'connection-time': + check_hostname => $fqdn, + require => Mysql_grant[$nagios_mysql_user], } + } + else { + $nagios_mysql_user = 'nagios@localhost' + } + + mysql_user{$nagios_mysql_user: + password_hash => mysql_password("${nagios_mysql_password}"), + require => Package['mysql'], + } + + # repl_client_priv is needed to check the replication slave status + # modes: slave-lag, slave-io-running and slave-sql-running + mysql_grant{$nagios_mysql_user: + privileges => [ 'select_priv', 'repl_client_priv' ], + require => [ Mysql_user[$nagios_mysql_user], Package['mysql'] ], + } } |