diff --git a/manifests/profile/database.pp b/manifests/profile/database.pp
index d8bc92757892f103861286abc707e8b6f735ff20..f1f2b5ab875a0f7383d85ff8ae10ab6eed5d6718 100644
--- a/manifests/profile/database.pp
+++ b/manifests/profile/database.pp
@@ -9,7 +9,6 @@ class iaas::profile::database (
#
# $max_connections = 1024,
) {
-
package{'xinetd':
ensure => installed,
} ->
@@ -21,22 +20,65 @@ class iaas::profile::database (
mysql_cluster_servers => $mysql_cluster_servers,
mysql_port => $mysql_port,
master => $percona_master,
- }
-# class { 'galera':
-# galera_servers => $servers,
-# galera_master => $galera_master,
-# root_password => $galera_password,
-# configure_firewall => false,
-# override_options => {
-# 'mysqld' => { 'max_connections' => "${max_connections}" }
-# }
-# } -> Service['mysqld'] -> anchor { 'database-service': }
-#
- @@haproxy::balancermember { "percona_cluster_${::fqdn}":
- listening_service => 'percona_cluster',
- server_names => $::hostname,
- ipaddresses => $::ipaddress,
- ports => '3306',
-# options => 'check port 9200 inter 2000 rise 2 fall 5 backup',
- }
+ } ->
+#exec { 'init user sstuser':
+# command => "mysql -u root -e \"CREATE USER \'${percona::wsrep_sst_user}\'@\'localhost\' IDENTIFIED BY \'${percona::wsrep_sst_passwo rd}\';\"",
+# path => [ '/bin', '/usr/bin' ],
+# unless => "test -f ${percona::datadir}/first/db.opt",
+# require => Exec[$percona::percona_service]
+# } ->
+# exec { 'grant privileges':
+# command => "mysql -u root -e \"GRANT RELOAD, LOCK TABLES, REPLICATION CLIENT ON *.* TO \'${percona::wsrep_sst_user}\'@\'localhost\' ;\"",
+# path => [ '/bin', '/usr/bin' ],
+# unless => "test -f ${percona::datadir}/first/db.opt",
+# require => Exec[$percona::percona_service],
+# } ~>
+# exec { 'grant process':
+# command => "mysql -u root -e \"GRANT USAGE ON *.* TO 'clustercheckuser'@'localhost' IDENTIFIED BY 'CLUSTERCHECK_PWD'; FLUSH PRIVILE GES;\"",
+# path => [ '/bin', '/usr/bin' ],
+# unless => "test -f ${percona::datadir}/first/db.opt",
+# require => Exec[$percona::percona_service],
+# } ~>
+ exec { 'create a keystone database':
+ command => "mysql -u root -e \"CREATE DATABASE IF NOT EXISTS keystone\"",
+ path => [ '/bin', '/usr/bin' ],
+ }
+ exec { 'create keystone grant':
+ command => "mysql -u root -e \"GRANT ALL ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone'; FLUSH PRIVILEGES;\"",
+ path => ['/bin', '/usr/bin'],
+ }
+ exec { 'create a glance database':
+ command => "mysql -u root -e \"CREATE DATABASE IF NOT EXISTS glance\"",
+ path => [ '/bin', '/usr/bin' ],
+ }
+ exec { 'create glance grant':
+ command => "mysql -u root -e \"GRANT ALL ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance'; FLUSH PRIVILEGES;\"",
+ path => ['/bin', '/usr/bin'],
+ }
+ exec { 'create a nova database':
+ command => "mysql -u root -e \"CREATE DATABASE IF NOT EXISTS nova\"",
+ path => [ '/bin', '/usr/bin' ],
+ }
+ exec { 'create nova grant':
+ command => "mysql -u root -e \"GRANT ALL ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova'; FLUSH PRIVILEGES;\"",
+ path => ['/bin', '/usr/bin'],
+ }
+ exec { 'create a neutron database':
+ command => "mysql -u root -e \"CREATE DATABASE IF NOT EXISTS neutron\"",
+ path => [ '/bin', '/usr/bin' ],
+ }
+ exec { 'create neutron grant':
+ command => "mysql -u root -e \"GRANT ALL ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron'; FLUSH PRIVILEGES;\"",
+ path => ['/bin', '/usr/bin'],
+ }
+ exec { 'create a cinder database':
+ command => "mysql -u root -e \"CREATE DATABASE IF NOT EXISTS cinder\"",
+ path => [ '/bin', '/usr/bin' ],
+ }
+ exec { 'create cinder grant':
+ command => "mysql -u root -e \"GRANT ALL ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'cinder'; FLUSH PRIVILEGES;\"",
+ path => ['/bin', '/usr/bin'],
+ }
+
+
}
diff --git a/manifests/profile/haproxy.pp b/manifests/profile/haproxy.pp
index 8ace7947f3635f1cbc6e19771290bdab3e767fdd..43dabae6ee11b51f578ebf25416d2012460c07f8 100644
--- a/manifests/profile/haproxy.pp
+++ b/manifests/profile/haproxy.pp
@@ -74,130 +74,185 @@ class iaas::profile::haproxy (
options => 'check port 9200 backup',
}
}
-# haproxy::listen { 'rabbitmq':
- # ipaddress => '0.0.0.0',
- # mode => 'tcp',
- # ports => '5672',
- # options => {
- # 'option' => ['tcpka'],
- # 'timeout' => [
- # 'client 7d',
- # 'server 7d',
- # ]
- # }
- # }
-
- haproxy::listen { 'keystone_admin_cluster':
- ipaddress => '0.0.0.0',
- ports => '35357',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'keystone_public_internal_cluster':
- ipaddress => '0.0.0.0',
- ports => '5000',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'glance_api_cluster':
- ipaddress => '0.0.0.0',
- ports => '9292',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'glance_registry_cluster':
- ipaddress => '0.0.0.0',
- ports => '9191',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- 'http-check' => 'expect status 401',
- }
- }
-
- haproxy::listen { 'cinder_api_cluster':
- ipaddress => '0.0.0.0',
- ports => '8776',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'nova_api_cluster':
+
+ haproxy::listen { 'mysql_cluster_nova':
ipaddress => '0.0.0.0',
- ports => '8774',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'nova_metadata_api_cluster':
- ipaddress => '0.0.0.0',
- ports => '8775',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
-
- haproxy::listen { 'nova_novncproxy':
- ipaddress => '0.0.0.0',
- ports => '6080',
+ mode => 'tcp',
+ ports => '7306',
options => {
- 'option' => ['tcpka', 'tcplog'],
+ 'option' => ['httpchk','tcpka'],
+ 'balance' => 'leastconn',
}
}
- haproxy::listen { 'neutron_api_cluster':
- ipaddress => '0.0.0.0',
- ports => '9696',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
+ if $servers != undef {
+ haproxy::balancermember { 'mysql_cluster_nova_prior':
+ listening_service => 'mysql_cluster_nova',
+ ports => '3307',
+ server_names => $servers[priority_hostname],
+ ipaddresses => $servers[priority_ip],
+ options => 'check port 9200',
+ }
+ haproxy::balancermember { 'mysql_cluster_nova_secondaries':
+ listening_service => 'mysql_cluster_nova',
+ ports => '3307',
+ server_names => $servers[hostnames],
+ ipaddresses => $servers[ips],
+ options => 'check port 9200 backup',
+ }
}
-
- haproxy::listen { 'heat_api_cluster':
+
+ haproxy::listen { 'mysql_cluster_neutron':
ipaddress => '0.0.0.0',
- ports => '8004',
+ mode => 'tcp',
+ ports => '9306',
options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
+ 'option' => ['httpchk','tcpka'],
+ 'balance' => 'leastconn',
}
}
- haproxy::listen { 'heat_api_cfn_cluster':
- ipaddress => '0.0.0.0',
- ports => '8000',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
+ if $servers != undef {
+ haproxy::balancermember { 'mysql_cluster_neutron_prior':
+ listening_service => 'mysql_cluster_neutron',
+ ports => '3307',
+ server_names => $servers[priority_hostname],
+ ipaddresses => $servers[priority_ip],
+ options => 'check port 9200',
+ }
+ haproxy::balancermember { 'mysql_cluster_neutron_secondaries':
+ listening_service => 'mysql_cluster_neutron',
+ ports => '3307',
+ server_names => $servers[hostnames],
+ ipaddresses => $servers[ips],
+ options => 'check port 9200 backup',
+ }
}
- haproxy::listen { 'heat_api_cw_cluster':
- ipaddress => '0.0.0.0',
- ports => '8003',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
+# haproxy::listen { 'rabbitmq':
+ # ipaddress => '0.0.0.0',
+ # mode => 'tcp',
+ # ports => '5672',
+ # options => {
+ # 'option' => ['tcpka'],
+ # 'timeout' => [
+ # 'client 7d',
+ # 'server 7d',
+ # ]
+ # }
+ # }
- haproxy::listen { 'horizon_cluster':
- ipaddress => '0.0.0.0',
- ports => '80',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- }
- }
+# haproxy::listen { 'keystone_admin_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '35357',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'keystone_public_internal_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '5000',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
- haproxy::listen { 'ceilometer_api_cluster':
- ipaddress => '0.0.0.0',
- ports => '8777',
- options => {
- 'option' => ['tcpka', 'httpchk', 'tcplog'],
- 'http-check' => 'expect status 401',
- }
- }
+# haproxy::listen { 'glance_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '9292',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'glance_registry_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '9191',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# 'http-check' => 'expect status 401',
+# }
+# }
+#
+# haproxy::listen { 'cinder_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8776',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'nova_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8774',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'nova_metadata_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8775',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'nova_novncproxy':
+# ipaddress => '0.0.0.0',
+# ports => '6080',
+# options => {
+# 'option' => ['tcpka', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'neutron_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '9696',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'heat_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8004',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'heat_api_cfn_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8000',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'heat_api_cw_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8003',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'horizon_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '80',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# }
+# }
+#
+# haproxy::listen { 'ceilometer_api_cluster':
+# ipaddress => '0.0.0.0',
+# ports => '8777',
+# options => {
+# 'option' => ['tcpka', 'httpchk', 'tcplog'],
+# 'http-check' => 'expect status 401',
+# }
+# }
}