elzar 0.0.1

data/cookbooks/database/recipes/snapshot.rb

@@ -0,0 +1,62 @@
+#
+# Author:: AJ Christensen (<aj@opscode.com>)
+# Cookbook Name:: database
+# Recipe:: snapshot
+#
+# Copyright 2009-2010, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+include_recipe "aws"
+include_recipe "xfs"
+
+%w{ebs_vol_dev db_role app_environment username password aws_access_key_id aws_secret_access_key snapshots_to_keep volume_id}.collect do |key|
+  Chef::Application.fatal!("Required db_snapshot configuration #{key} not found.", -47) unless node.db_snapshot.has_key? key
+end
+
+connection_info = {:host => localhost, :username => node.db_snapshot.username, :password => node.db_snapshot.password}
+
+mysql_database "locking tables for #{node.db_snapshot.app_environment}" do
+  connection connection_info
+  sql "flush tables with read lock"
+  action :query
+end
+
+execute "xfs freeze" do
+  command "xfs_freeze -f #{node.db_snapshot.ebs_vol_dev}"
+end
+
+aws_ebs_volume "#{node.db_snapshot.db_role.first}_#{node.db_snapshot.app_environment}" do
+  aws_access_key node.db_snapshot.aws_access_key_id
+  aws_secret_access_key node.db_snapshot.aws_secret_access_key
+  size 50
+  device node.db_snapshot.ebs_vol_dev
+  snapshots_to_keep node.db_snapshot.snapshots_to_keep
+  action :snapshot
+  volume_id node.db_snapshot.volume_id
+  ignore_failure true # if this fails, continue to unfreeze and unlock
+end
+
+execute "xfs unfreeze" do
+  command "xfs_freeze -u #{node.db_snapshot.ebs_vol_dev}"
+end
+
+mysql_database "unflushing tables for #{node.db_snapshot.app_environment}" do
+  connection connection_info
+  sql "unlock tables"
+  action :query
+end
+
+aws_ebs_volume "#{node.db_snapshot.db_role.first}_#{node.db_snapshot.app_environment}" do
+  action :prune
+end

data/cookbooks/database/templates/default/app_grants.sql.erb

@@ -0,0 +1,8 @@
+# Generated by Chef. Local modifications will be overwritten.
+<% @db_info.each do |env,db| -%>
+# Privileges for databases in <%= env %>
+GRANT ALL ON <%= db['database'] %>.* TO '<%= db['username'] %>'@'localhost' IDENTIFIED BY '<%= db['password'] %>';
+GRANT ALL ON <%= db['database'] %>.* TO '<%= db['username'] %>'@'<%= node['fqdn'] %>' IDENTIFIED BY '<%= db['password'] %>';
+GRANT ALL ON <%= db['database'] %>.* TO '<%= db['username'] %>'@'%' IDENTIFIED BY '<%= db['password'] %>';
+<% end -%>
+flush privileges;

data/cookbooks/database/templates/default/aws_config.erb

@@ -0,0 +1,3 @@
+AWS_ACCESS_KEY_ID=<%= @access_key %>
+AWS_SECRET_ACCESS_KEY=<%= @secret_key %>
+BUCKET_BASE_NAME=db-backups

data/cookbooks/database/templates/default/chef-solo-database-snapshot.cron.erb

@@ -0,0 +1,10 @@
+# Managed by Chef
+# m h  dom mon dow   command
+# Keep 1 day of hourly, 7 days of daily, 4 weeks of weekly and 1 year of monthly snapshots
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+<% cs = "chef-solo -j #{@json_attribs} -c #{@config_file}" %>
+00 * * * * root <%= cs %>
+15 0 * * * root <%= cs %>
+30 0 * * 0 root <%= cs %>
+45 0 1 * * root <%= cs %>
+

data/cookbooks/database/templates/default/chef-solo-database-snapshot.json.erb

@@ -0,0 +1 @@
+<%= require 'json'; JSON.pretty_generate(@output) %>

data/cookbooks/database/templates/default/chef-solo-database-snapshot.rb.erb

@@ -0,0 +1,6 @@
+executable_path ENV['PATH'] ? ENV['PATH'].split(File::PATH_SEPARATOR) : []
+<% if @cookbook_path.is_a? Array %>
+  cookbook_path [ <%= @cookbook_path.collect { |cb| "\"#{cb}\""}.join(", ") -%> ]
+<% else %>
+  cookbook_path "<%= @cookbook_path -%>"
+<% end %>

data/cookbooks/database/templates/default/ebs-backup-cron.erb

@@ -0,0 +1,2 @@
+# Chef Name: ebs_db_backup
+15 0 * * * root /usr/local/bin/db-backup.sh

data/cookbooks/database/templates/default/ebs-db-backup.sh.erb

@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# Back up a MySQL database via EBS snapshot
+
+. /mnt/aws-config/config
+
+/opt/ec2_mysql/bin/ec2_mysql -a $AWS_ACCESS_KEY_ID -s $AWS_SECRET_ACCESS_KEY -p '<%= @mysql_root_passwd %>' -k 5 master
+echo "done"

data/cookbooks/database/templates/default/ebs-db-restore.sh.erb

@@ -0,0 +1,10 @@
+#!/bin/bash
+#
+# Restore a MySQL database from EBS
+
+mkdir -p /mnt/restore
+
+. /mnt/aws-config/config
+
+/opt/ec2_mysql/bin/ec2_mysql -a $AWS_ACCESS_KEY_ID -s $AWS_SECRET_ACCESS_KEY -p '<%= @mysql_root_password %>' -v '<%= @ebs_vol_id %>' -m /mnt/restore -d <%= @mysql_device %> -r <%= @mysql_device %> -l debug -n slave
+echo "done"

data/cookbooks/database/templates/default/s3cfg.erb

@@ -0,0 +1,27 @@
+[default]
+access_key = <%= @aws['aws_access_key_id'] %>
+acl_public = False
+bucket_location = US
+debug_syncmatch = False
+default_mime_type = binary/octet-stream
+delete_removed = False
+dry_run = False
+encrypt = False
+force = False
+gpg_command = /usr/bin/gpg
+gpg_decrypt = %(gpg_command)s -d --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
+gpg_encrypt = %(gpg_command)s -c --verbose --no-use-agent --batch --yes --passphrase-fd %(passphrase_fd)s -o %(output_file)s %(input_file)s
+gpg_passphrase = 
+guess_mime_type = False
+host_base = s3.amazonaws.com
+host_bucket = %(bucket)s.s3.amazonaws.com
+human_readable_sizes = False
+preserve_attrs = True
+proxy_host = 
+proxy_port = 0
+recv_chunk = 4096
+secret_key = <%= @aws['aws_secret_access_key'] %>
+send_chunk = 4096
+simpledb_host = sdb.amazonaws.com
+use_https = True
+verbosity = WARNING

data/cookbooks/mysql/README.md

@@ -0,0 +1,148 @@
+Description
+===========
+
+Installs and configures MySQL client or server.
+
+Requirements
+============
+
+Platform
+--------
+
+* Debian, Ubuntu
+* CentOS, Red Hat, Fedora
+
+Tested on:
+
+* Debian 5.0
+* Ubuntu 10.04
+* CentOS 5.5
+
+Cookbooks
+---------
+
+Requires Opscode's openssl cookbook for secure password generation.
+
+Requires a C compiler and Ruby development package in order to build mysql gem with native extensions. On Debian and Ubuntu systems this is satisfied by installing the "build-essential" and "ruby-dev" packages before running Chef. See USAGE below for information on how to handle this during a Chef run.
+
+Resources and Providers
+=======================
+
+The LWRP that used to ship as part of this cookbook has been refactored into the [database](https://github.com/opscode/cookbooks/tree/master/database) cookbook.  Please see the README for details on updated usage.
+
+Attributes
+==========
+
+* `mysql['server_root_password']` - Set the server's root password with this, default is a randomly generated password with `OpenSSL::Random.random_bytes`.
+* `mysql['server_repl_password']` - Set the replication user 'repl' password with this, default is a randomly generated password with `OpenSSL::Random.random_bytes`.
+* `mysql['server_debian_password']` - Set the debian-sys-maint user password with this, default is a randomly generated password with `OpenSSL::Random.random_bytes`.
+* `mysql['bind_address']` - Listen address for MySQLd, default is node's ipaddress.
+* `mysql['data_dir']` - Location for mysql data directory, default is "/var/lib/mysql"
+* `mysql['conf_dir']` - Location for mysql conf directory, default is "/etc/mysql"
+* `mysql['ec2_path']` - location of mysql data_dir on EC2 nodes, default "/mnt/mysql"
+
+Performance tuning attributes, each corresponds to the same-named parameter in my.cnf; default values listed
+
+* `mysql['tunable']['key_buffer']`          = "250M"
+* `mysql['tunable']['max_connections']`     = "800"
+* `mysql['tunable']['wait_timeout']`        = "180"
+* `mysql['tunable']['net_write_timeout']`   = "30"
+* `mysql['tunable']['net_write_timeout']`   = "30"
+* `mysql['tunable']['back_log']`            = "128"
+* `mysql['tunable']['table_cache']`         = "128"
+* `mysql['tunable']['max_heap_table_size']` = "32M"
+* `mysql['tunable']['expire_logs_days']`    = "10"
+* `mysql['tunable']['max_binlog_size']`     = "100M"
+
+Usage
+=====
+
+On client nodes,
+
+    include_recipe "mysql::client"
+
+This will install the MySQL client libraries and development headers on the system. It will also install the Ruby Gem `mysql`, so that the cookbook's LWRP (above) can be used. This is done during the compile-phase of the Chef run. On platforms that are known to have a native package (currently Debian, Ubuntu, Red hat, Centos, Fedora and SUSE), the package will be installed. Other platforms will use the RubyGem.
+
+This creates a resource object for the package and does the installation before other recipes are parsed. You'll need to have the C compiler and such (ie, build-essential on Ubuntu) before running the recipes, but we already do that when installing Chef :-). 
+
+On server nodes,
+
+    include_recipe "mysql::server"
+
+On Debian and Ubuntu, this will preseed the mysql-server package with the randomly generated root password from the attributes file. On other platforms, it simply installs the required packages. It will also create an SQL file, /etc/mysql/grants.sql, that will be used to set up grants for the root, repl and debian-sys-maint users.
+
+On EC2 nodes,
+
+    include_recipe "mysql::server_ec2"
+
+When the `ec2_path` doesn't exist we look for a mounted filesystem (eg, EBS) and move the data_dir there.
+
+The client recipe is already included by server and 'default' recipes.
+
+For more infromation on the compile vs execution phase of a Chef run:
+
+* http://wiki.opscode.com/display/chef/Anatomy+of+a+Chef+Run
+
+Changes/Roadmap
+===============
+
+### v1.2.2
+
+* [COOK-826] mysql::server recipe doesn't quote password string
+* [COOK-834] Add 'scientific' and 'amazon' platforms to mysql cookbook
+
+### v1.2.1
+
+* [COOK-644] Mysql client cookbook 'package missing' error message is confusing
+* [COOK-645] RHEL6/CentOS6 - mysql cookbook contains 'skip-federated' directive which is unsupported on MySQL 5.1
+
+### v1.2.0
+
+* [COOK-684] remove mysql_database LWRP
+
+### v1.0.8:
+
+* [COOK-633] ensure "cloud" attribute is available
+
+### v1.0.7:
+
+* [COOK-614] expose all mysql tunable settings in config
+* [COOK-617] bind to private IP if available
+
+### v1.0.6:
+
+* [COOK-605] install mysql-client package on ubuntu/debian
+
+### v1.0.5:
+
+* [COOK-465] allow optional remote root connections to mysql
+* [COOK-455] improve platform version handling
+* externalize conf_dir attribute for easier cross platform support
+* change datadir attribute to data_dir for consistency
+
+### v1.0.4:
+
+* fix regressions on debian platform
+* [COOK-578] wrap root password in quotes
+* [COOK-562] expose all tunables in my.cnf
+
+License and Author
+==================
+
+Author:: Joshua Timberman (<joshua@opscode.com>)
+Author:: AJ Christensen (<aj@opscode.com>)
+Author:: Seth Chisamore (<schisamo@opscode.com>)
+
+Copyright:: 2009-2011 Opscode, Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/cookbooks/mysql/attributes/server.rb

@@ -0,0 +1,68 @@
+#
+# Cookbook Name:: mysql
+# Attributes:: server
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+default['mysql']['bind_address']               = attribute?('cloud') ? cloud['local_ipv4'] : ipaddress
+default['mysql']['data_dir']                   = "/var/lib/mysql"
+
+case node["platform"]
+when "centos", "redhat", "fedora", "suse", "scientific", "amazon"
+  set['mysql']['conf_dir']                    = '/etc'
+  set['mysql']['socket']                      = "/var/lib/mysql/mysql.sock"
+  set['mysql']['pid_file']                    = "/var/run/mysqld/mysqld.pid"
+  set['mysql']['old_passwords']               = 1
+else
+  set['mysql']['conf_dir']                    = '/etc/mysql'
+  set['mysql']['socket']                      = "/var/run/mysqld/mysqld.sock"
+  set['mysql']['pid_file']                    = "/var/run/mysqld/mysqld.pid"
+  set['mysql']['old_passwords']               = 0
+end
+
+if attribute?('ec2')
+  default['mysql']['ec2_path']    = "/mnt/mysql"
+  default['mysql']['ebs_vol_dev'] = "/dev/sdi"
+  default['mysql']['ebs_vol_size'] = 50
+end
+
+default['mysql']['allow_remote_root']               = false
+default['mysql']['tunable']['back_log']             = "128"
+default['mysql']['tunable']['key_buffer']           = "256M"
+default['mysql']['tunable']['max_allowed_packet']   = "16M"
+default['mysql']['tunable']['max_connections']      = "800"
+default['mysql']['tunable']['max_heap_table_size']  = "32M"
+default['mysql']['tunable']['myisam_recover']       = "BACKUP"
+default['mysql']['tunable']['net_read_timeout']     = "30"
+default['mysql']['tunable']['net_write_timeout']    = "30"
+default['mysql']['tunable']['table_cache']          = "128"
+default['mysql']['tunable']['table_open_cache']     = "128"
+default['mysql']['tunable']['thread_cache']         = "128"
+default['mysql']['tunable']['thread_cache_size']    = 8
+default['mysql']['tunable']['thread_concurrency']   = 10
+default['mysql']['tunable']['thread_stack']         = "256K"
+default['mysql']['tunable']['wait_timeout']         = "180"
+
+default['mysql']['tunable']['query_cache_limit']    = "1M"
+default['mysql']['tunable']['query_cache_size']     = "16M"
+
+default['mysql']['tunable']['log_slow_queries']     = "/var/log/mysql/slow.log"
+default['mysql']['tunable']['long_query_time']      = 2
+
+default['mysql']['tunable']['expire_logs_days']     = 10
+default['mysql']['tunable']['max_binlog_size']      = "100M"
+
+default['mysql']['tunable']['innodb_buffer_pool_size']  = "256M"

data/cookbooks/mysql/libraries/database.rb

@@ -0,0 +1,19 @@
+begin
+  require 'mysql'
+rescue LoadError
+  Chef::Log.info("Missing gem 'mysql'")
+end
+
+module Opscode
+  module Mysql
+    module Database
+      def db
+        @db ||= ::Mysql.new new_resource.host, new_resource.username, new_resource.password
+      end
+      def close
+        @db.close rescue nil
+        @db = nil
+      end
+    end
+  end
+end

data/cookbooks/mysql/libraries/helpers.rb

@@ -0,0 +1,33 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+module Opscode
+  module Mysql
+    module Helpers
+
+      def debian_before_squeeze?
+        platform?("debian") && (node.platform_version.to_f < 6.0)
+      end
+
+      def ubuntu_before_lucid?
+        platform?("ubuntu") && (node.platform_version.to_f < 10.0)
+      end
+
+    end
+  end
+end

data/cookbooks/mysql/metadata.rb

@@ -0,0 +1,90 @@
+maintainer        "Opscode, Inc."
+maintainer_email  "cookbooks@opscode.com"
+license           "Apache 2.0"
+description       "Installs and configures mysql for client or server"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version           "1.2.2"
+recipe            "mysql", "Includes the client recipe to configure a client"
+recipe            "mysql::client", "Installs packages required for mysql clients using run_action magic"
+recipe            "mysql::server", "Installs packages required for mysql servers w/o manual intervention"
+recipe            "mysql::server_ec2", "Performs EC2-specific mountpoint manipulation"
+
+%w{ debian ubuntu centos suse fedora redhat scientific amazon }.each do |os|
+  supports os
+end
+
+depends "openssl"
+
+attribute "mysql/server_root_password",
+  :display_name => "MySQL Server Root Password",
+  :description => "Randomly generated password for the mysqld root user",
+  :default => "randomly generated"
+
+attribute "mysql/bind_address",
+  :display_name => "MySQL Bind Address",
+  :description => "Address that mysqld should listen on",
+  :default => "ipaddress"
+
+attribute "mysql/data_dir",
+  :display_name => "MySQL Data Directory",
+  :description => "Location of mysql databases",
+  :default => "/var/lib/mysql"
+
+attribute "mysql/conf_dir",
+  :display_name => "MySQL Conf Directory",
+  :description => "Location of mysql conf files",
+  :default => "/etc/mysql"
+
+attribute "mysql/ec2_path",
+  :display_name => "MySQL EC2 Path",
+  :description => "Location of mysql directory on EC2 instance EBS volumes",
+  :default => "/mnt/mysql"
+
+attribute "mysql/tunable",
+  :display_name => "MySQL Tunables",
+  :description => "Hash of MySQL tunable attributes",
+  :type => "hash"
+
+attribute "mysql/tunable/key_buffer",
+  :display_name => "MySQL Tuntable Key Buffer",
+  :default => "250M"
+
+attribute "mysql/tunable/max_connections",
+  :display_name => "MySQL Tunable Max Connections",
+  :default => "800"
+
+attribute "mysql/tunable/wait_timeout",
+  :display_name => "MySQL Tunable Wait Timeout",
+  :default => "180"
+
+attribute "mysql/tunable/net_read_timeout",
+  :display_name => "MySQL Tunable Net Read Timeout",
+  :default => "30"
+
+attribute "mysql/tunable/net_write_timeout",
+  :display_name => "MySQL Tunable Net Write Timeout",
+  :default => "30"
+
+attribute "mysql/tunable/back_log",
+  :display_name => "MySQL Tunable Back Log",
+  :default => "128"
+
+attribute "mysql/tunable/table_cache",
+  :display_name => "MySQL Tunable Table Cache for MySQL < 5.1.3",
+  :default => "128"
+
+attribute "mysql/tunable/table_open_cache",
+  :display_name => "MySQL Tunable Table Cache for MySQL >= 5.1.3",
+  :default => "128"
+
+attribute "mysql/tunable/max_heap_table_size",
+  :display_name => "MySQL Tunable Max Heap Table Size",
+  :default => "32M"
+
+attribute "mysql/tunable/expire_logs_days",
+  :display_name => "MySQL Exipre Log Days",
+  :default => "10"
+
+attribute "mysql/tunable/max_binlog_size",
+  :display_name => "MySQL Max Binlog Size",
+  :default => "100M"