provizioning 0.1.2 → 0.4.0

data/puppet/modules/iptables/manifests/redhat.pp

@@ -0,0 +1,24 @@
+class iptables::redhat {
+
+    service { iptables:
+        name => $operatingsystem ? {
+            default => "iptables",
+            },
+        ensure => running,
+        enable => true,
+        hasrestart => false,
+        restart => "iptables-restore < /etc/sysconfig/iptables",
+        hasstatus => true,
+        # Uncomment to automate iptables restart on config change (Careful!!)
+        # subscribe File["iptables"],
+    }
+
+    file {    
+             "iptables":
+            ensure => present,
+            path => $operatingsystem ?{
+                default => "/etc/sysconfig/iptables",
+            },
+    }
+
+}

data/puppet/modules/mysql/Modulefile

@@ -0,0 +1,7 @@
+name    'lab42-mysql'
+version '0.1.1'
+
+# dependency 'lab42/common', '>= 0.0.1'
+# dependency 'lab42/monitor', '>= 0.0.1'
+# dependency 'lab42/backup', '>= 0.0.1'
+# dependency 'lab42/firewall', '>= 0.0.1'

data/puppet/modules/mysql/README

@@ -0,0 +1,56 @@
+Puppet module: mysql
+
+# Written by Lab42 #
+# http://www.Example42.com
+
+Licence: GPLv3
+
+DESCRIPTION:
+This module installs and manages mysql.
+Standard and extended classes are available.
+Decide and customize how you want to define configuration files: static files, templates, infile modifications...
+
+
+USER VARIABLES:
+
+
+USAGE:
+# Standard Classes 
+include mysql              # Install and run mysql 
+
+include mysql::disable     # Disable mysql service.
+include mysql::disableboot # Disable mysql service at boot time, but don't stop if it's running.
+include mysql::absent      # Remove mysql package.
+
+# Extended Classes (generally require storeconfigs)
+include mysql::monitor     # Monitor mysql - Automatically included if $monitor=yes - Requires Example42's monitor module
+include mysql::backup      # Backup mysql data - Automatically included if $backup=yes - Requires Example42's backup module
+include mysql::firewall    # Manages firewall rule for mysql service - Automatically included if $firewall=yes - Requires Example42's firewall module
+
+# Generic define to set parameters in the main configuration file. EXPERIMENTAL.
+mysql::conf { "ParameterName": value="YourValue"} # Generic 
+
+# Module specific classes
+
+# Module specific defines
+mysql::grant # Grant permissions 
+mysql::query # Runs arbitrary queries
+
+GENERAL VARIABLES:
+Example42 modules collection uses some general variables that can influence the behaviour of this module.
+You can happily live without considering or setting them, but they can be useful to manage different projects maintanining the module's resuability. 
+$my_project - If set, permits you to alter and customize the module behaviour in custom project classes
+$my_project_onmodule - If set to yes your project classes are looked in a dedicated project module:
+  - $my_project_onmodule not set -> Module autoloads mysql::$my_module (MODULEPATH/mysql/manifests/$my_project.pp)
+  - $my_project_onmodule == yes -> Module autoloads $my_module::mysql (MODULEPATH/$my_project/manifests/mysql.pp)
+$base_source - Let you define an alternative source for static files:
+  - $base_source not set -> Files are looked in puppet://$servername/ (the PuppetMaster)
+  - $base_source set -> Files are looked in $base_source ( could be puppet://$servername/$my_module ) 
+  Note that the module automatically manages the different paths for Puppet pre 0.25
+  
+
+DEPENDENCIES:
+Standard classes generally don't need external modules.
+Extended classes need the relevant external modules (import monitor ; import backup ... ) and the "common" module (import common)
+mysql::conf generic infile configuration define needs the "common" module
+Check on individual module specific classes and defines if there are specific requirements.

data/puppet/modules/mysql/manifests/absent.pp

@@ -0,0 +1,12 @@
+# Class: mysql::absent
+#
+# Removes mysql package
+#
+# Usage:
+# include mysql::absent
+#
+class mysql::absent inherits mysql {
+    Package["mysql"] {
+        ensure => "absent" ,
+    }
+}

data/puppet/modules/mysql/manifests/backup/example42.pp

@@ -0,0 +1,8 @@
+# Class mysql::backup::example42
+#
+# Custom backup class for example42 project.
+# Here you can override or define your settings for the backup wrapper
+#
+class mysql::backup::example42 inherits mysql::backup {
+
+}

data/puppet/modules/mysql/manifests/backup.pp

@@ -0,0 +1,49 @@
+# Class: mysql::backup
+#
+# Backups mysql data and logs using Example42 backup meta module (to be adapted to custom backup solutions)
+# It's automatically included and used if $backup=yes
+# This class permits to abstract what you want to backup from the tool and module to use for backups.
+#
+# Variables:
+# The behaviour of this class has some defaults that can be overriden by user's variables:
+# $mysql_backup_data (true|false) : Set if you want to backup mysql's data. Default: As defined in $backup_data
+# $mysql_backup_log (true|false) : Set if you want to backup mysql's logs. Default: As defined in $backup_log
+# $mysql_backup_frequency (hourly|daily|weekly|monthly) : Set the frequency of your mysql backups. Default: daily.
+# $mysql_backup_target : Define how to reach (Ip, fqdn...) this host to backup mysql from an external server. Default: As defined in $backup_target
+# 
+# You can also set some site wide variables that can be overriden by the above module specific ones:
+# $backup_data (true|false) : Set if you want to enable data backups site-wide. 
+# $backup_log (true|false) : Set if you want to enable logs backups site-wide. 
+# $backup_target : Set the ip/hostname you want to use on an external backup server to backup this host
+# For the defaults of the above variables check mysql::params
+#
+# Usage:
+# Automatically included if $backup=yes
+#
+class mysql::backup {
+
+    include mysql::params
+
+    backup { "mysql_data": 
+        frequency => "${mysql::params::backup_frequency}",
+        path      => "${mysql::params::datadir}",
+        enabled   => "${mysql::params::backup_data_enable}",
+        target    => "${mysql::params::backup_target_real}",
+    }
+    
+    backup { "mysql_logs": 
+        frequency => "${mysql::params::backup_frequency}",
+        path      => "${mysql::params::logdir}",
+        enabled   => "${mysql::params::backup_log_enable}",
+        target    => "${mysql::params::backup_target_real}",
+    }
+
+    # Include project specific backup class if $my_project is set
+    if $my_project { 
+        case $my_project_onmodule {
+            yes,true: { include "${my_project}::mysql::backup" }
+            default: { include "mysql::backup::${my_project}" }
+        }
+    }
+
+}

data/puppet/modules/mysql/manifests/client.pp

@@ -0,0 +1,18 @@
+# Class: mysql::client
+#
+# Manages mysql client installation
+#
+# Usage:
+# include mysql::client 
+#
+class mysql::client {
+
+    include mysql::params
+
+    package { "mysql-client":
+        name   => "${mysql::params::packagename_client}",
+        ensure => present,
+    }
+
+}
+

data/puppet/modules/mysql/manifests/conf.pp

@@ -0,0 +1,23 @@
+# Define mysql::conf
+#
+# General mysql main configuration file's inline modification define
+# Use with caution, it's still at experimental stage and may break in untested circumstances
+# Engine, pattern end line parameters can be tweaked for better behaviour
+#
+# Usage:
+# mysql::conf    { "mynetworks":  value => "127.0.0.0/8 10.42.42.0/24" }
+#
+define mysql::conf ($value) {
+
+    require mysql::params
+
+    config { "mysql_conf_$name":
+        file      => "${mysql::params::configfile}",
+        line      => "$name = $value",
+        pattern   => "^$name ",
+        engine    => "replaceline",
+        notify    => Service["mysql"],
+        require   => File["mysql.conf"],
+    }
+
+}

data/puppet/modules/mysql/manifests/debug.pp

@@ -0,0 +1,25 @@
+#
+# Class: mysql::debug
+#
+# This class is used only for debugging purposes
+#
+# Usage:
+# This class is used if you set $debug=yes
+#
+class mysql::debug {
+
+    # Load the variables used in this module. Check the params.pp file 
+    require mysql::params
+    include puppet::params
+
+    file { "puppet_debug_variables_mysql":
+        path    => "${puppet::params::debugdir}/variables/mysql",
+        mode    => "${mysql::params::configfile_mode}",
+        owner   => "${mysql::params::configfile_owner}",
+        group   => "${mysql::params::configfile_group}",
+        ensure  => present,
+        require => File["puppet_debug_variables"],
+        content => template("mysql/variables_mysql.erb"),
+    }
+
+}

data/puppet/modules/mysql/manifests/disable.pp

@@ -0,0 +1,13 @@
+# Class: mysql::disable
+#
+# Stops mysql service and disables it at boot time
+#
+# Usage:
+# include mysql::disable
+#
+class mysql::disable inherits mysql {
+    Service["mysql"] {
+        ensure => "stopped" ,
+        enable => "false",
+    }
+}

data/puppet/modules/mysql/manifests/disableboot.pp

@@ -0,0 +1,13 @@
+# Class: mysql::disableboot
+#
+# This class disables mysql startup at boot time but doesn't check if the service is running
+# Useful when the service is started but another applications (such as a Cluster suite)
+#
+# Usage:
+# include mysql::disableboot
+#
+class mysql::disableboot inherits mysql {
+    Service["mysql"] {
+        enable => "false",
+    }
+}

data/puppet/modules/mysql/manifests/example42.pp

@@ -0,0 +1,25 @@
+# Class mysql::example42
+#
+# Custom project class for example42 project. Use this to adapt the mysql module to your project.
+# This class is autoloaded if $my_module == example42 and $my_module_onmodule != yes
+# If $my_module_onmodule == yes Puppet tries to autoload example42::mysql
+# that is:  MODULEPATH/example42/manifests/mysql.pp
+#
+# You can use your custom project class to modify the standard behaviour of mysql module
+# If you need to override parameters of resources defined in mysql class use a syntax like
+# class mysql::example42 inherits mysql {
+#     File["mysql.conf"] {
+#         source => [ "puppet:///mysql/mysql.conf-$hostname" , "puppet:///mysql/mysql.conf" ],
+#     }
+#
+# You don't need to use class inheritance if you don't override or redefine resources in mysql class
+#
+# Note that this approach leaves you maximum flexinility on how to manage mysql application in your environment
+# You can add custom resources and decide how to provide the contents of the configuration files:
+# - Via static sourced files ( source => ) according to the naming convention you need
+# - Via custom templates ( content => ) or templates joins
+# - Via some kind on infile line modification tools, such as Augeas or the Example42's conf define approach
+#
+class mysql::example42 {
+
+}

data/puppet/modules/mysql/manifests/firewall.pp

@@ -0,0 +1,23 @@
+# Class: mysql::firewall
+#
+# Manages mysql firewalling using custom Firewall wrapper
+# By default it opens mysql's default port(s) to anybody
+# It's automatically included if $firewall=yes
+#
+# Usage:
+# Automatically included if $firewall=yes 
+#
+class mysql::firewall {
+
+    include mysql::params
+
+    firewall { "mysql_${mysql::params::protocol}_${mysql::params::port}":
+        source      => "${mysql::params::firewall_source_real}",
+        destination => "${mysql::params::firewall_destination_real}",
+        protocol    => "${mysql::params::protocol}",
+        port        => "${mysql::params::port}",
+        action      => "allow",
+        direction   => "input",
+    }
+
+}

data/puppet/modules/mysql/manifests/grant.pp

@@ -0,0 +1,29 @@
+define mysql::grant (
+    $mysql_db,
+    $mysql_user,
+    $mysql_password,
+    $mysql_privileges = "ALL",
+    $mysql_host = "localhost",
+    $mysql_grant_filepath = "/root"
+    ) {
+
+    include mysql
+
+    file {
+        "mysqlgrant-$mysql_user-$mysql_db.sql":
+        mode => 600, owner => root, group => root,
+        ensure => present,
+        path => "$mysql_grant_filepath/mysqlgrant-$mysql_user-$mysql_db.sql",
+        content => template("mysql/grant.erb"),
+        notify => Exec["mysqlgrant-$mysql_user-$mysql_db"],
+    }
+
+    exec {
+        "mysqlgrant-$mysql_user-$mysql_db":
+            command => "mysql < $mysql_grant_filepath/mysqlgrant-$mysql_user-$mysql_db.sql",
+            require => Service["mysql"],
+            unless  => "mysql --user=$mysql_user --password=$mysql_password $mysql_db",
+    }
+
+}
+

data/puppet/modules/mysql/manifests/init.pp

@@ -0,0 +1,67 @@
+#
+# Class: mysql
+#
+# Manages mysql.
+# Include it to install and run mysql
+# It defines package, service, main configuration file.
+#
+# Usage:
+# include mysql
+#
+class mysql {
+
+    # Load the variables used in this module. Check the params.pp file 
+    require mysql::params
+
+    # Basic Package - Service - Configuration file management
+    package { "mysql":
+        name   => "${mysql::params::packagename}",
+        ensure => present,
+    }
+
+    service { "mysql":
+        name       => "${mysql::params::servicename}",
+        ensure     => running,
+        enable     => true,
+        hasrestart => true,
+        hasstatus  => "${mysql::params::hasstatus}",
+        pattern    => "${mysql::params::processname}",
+        require    => Package["mysql"],
+        subscribe  => File["mysql.conf"],
+    }
+
+    file { "mysql.conf":
+        path    => "${mysql::params::configfile}",
+        mode    => "${mysql::params::configfile_mode}",
+        owner   => "${mysql::params::configfile_owner}",
+        group   => "${mysql::params::configfile_group}",
+        ensure  => present,
+        require => Package["mysql"],
+        notify  => Service["mysql"],
+        # content => template("mysql/mysql.conf.erb"),
+    }
+
+    # Include OS specific subclasses, if necessary
+    case $operatingsystem {
+        default: { }
+    }
+
+    # Include extended classes, if 
+    if $backup == "yes" { include mysql::backup }
+    if $monitor == "yes" { include mysql::monitor }
+    if $firewall == "yes" { include mysql::firewall }
+
+    # Include project specific class if $my_project is set
+    # The extra project class is by default looked in mysql module 
+    # If $my_project_onmodule == yes it's looked in your project module
+    if $my_project { 
+        case $my_project_onmodule {
+            yes,true: { include "${my_project}::mysql" }
+            default: { include "mysql::${my_project}" }
+        }
+    }
+
+    # Include debug class is debugging is enabled ($debug=yes)
+    if ( $debug == "yes" ) or ( $debug == true ) { include mysql::debug }
+
+}

data/puppet/modules/mysql/manifests/monitor/example42.pp

@@ -0,0 +1,8 @@
+# Class mysql::monitor::example42
+#
+# Custom monitor class for example42 project.
+# Here you can override or define your settings for the monitor wrapper
+#
+class mysql::monitor::example42 inherits mysql::monitor {
+
+}

data/puppet/modules/mysql/manifests/monitor.pp

@@ -0,0 +1,77 @@
+# Class: mysql::monitor
+#
+# Monitors mysql process/ports/service using Example42 monitor meta module (to be adapted to custom monitor solutions)
+# It's automatically included ad used if $monitor=yes and is defined at least one monitoring software in $monitor_tool
+# This class permits to abstract what you want to monitor from the actual tool and modules you'll use for monitoring
+# and can be used to quickly deploy a new monitoring solution
+#
+# Variables:
+# The behaviour of this class has some defaults that can be overriden by user's variables:
+# $mysql_monitor_port (true|false) : Set if you want to monitor mysql's port(s). If any. Default: As defined in $monitor_port
+# $mysql_monitor_url (true|false) : Set if you want to monitor mysql's url(s). If any. Default: As defined in $monitor_url
+# $mysql_monitor_process (true|false) : Set if you want to monitor mysql's process. If any. Default: As defined in $monitor_process
+# $mysql_monitor_plugin (true|false) : Set if you want to monitor mysql using specific monitor tool's plugin  i   s. If any. Default: As defined in $monitor_plugin
+# $mysql_monitor_target : Define how to reach (Ip, fqdn...) the host to monitor mysql from an external server. Default: As defined in $monitor_target
+# $mysql_monitor_url : Define the baseurl (http://$fqdn/...) to use for eventual mysql URL checks. Default: As defined in $monitor_url
+# 
+# You can therefore set site wide variables that can be overriden by the above module specific ones:
+# $monitor_port (true|false) : Set if you want to enable port monitoring site-wide.
+# $monitor_url (true|false) : Set if you want to enable url checking site-wide.
+# $monitor_process (true|false) : Set if you want to enable process monitoring site-wide.
+# $monitor_plugin (true|false) : Set if you want to try to use specific plugins of your monitoring tools 
+# $monitor_target : Set the ip/hostname you want to use on an external monitoring server to monitor this host
+# $monitor_baseurl : Set baseurl to use for eventual URL checks of services provided by this host
+# For the defaults of the above variables check mysql::params
+#
+# Usage:
+# Automatically included if $monitor=yes
+# Use the variable $monitor_tool (can be an array) to define the monitoring software you want to use.
+# To customize specific and more granular behaviours use the above variables and eventually your custom modulename::monitor::$my_project class
+#
+class mysql::monitor {
+
+    include mysql::params
+
+    # Port monitoring
+    monitor::port { "mysql_${mysql::params::protocol}_${mysql::params::port}": 
+        protocol    => "${mysql::params::protocol}",
+        port        => "${mysql::params::port}",
+        target      => "${mysql::params::monitor_target_real}",
+        enable      => "${mysql::params::monitor_port_enable}",
+        checksource => "local", # When MySql binds to localhost
+        tool        => "${monitor_tool}",
+    }
+    
+    # URL monitoring 
+    monitor::url { "mysql_url":
+        url      => "${mysql::params::monitor_baseurl_real}/index.php",
+        pattern  => "${mysql::params::monitor_url_pattern}",
+        enable   => "${mysql::params::monitor_url_enable}",
+        tool     => "${monitor_tool}",
+    }
+
+    # Process monitoring 
+    monitor::process { "mysql_process":
+        process  => "${mysql::params::processname}",
+        service  => "${mysql::params::servicename}",
+        pidfile  => "${mysql::params::pidfile}",
+        enable   => "${mysql::params::monitor_process_enable}",
+        tool     => "${monitor_tool}",
+    }
+
+    # Use a specific plugin (according to the monitor tool used)
+    monitor::plugin { "mysql_plugin":
+        plugin   => "mysql",
+        enable   => "${mysql::params::monitor_plugin_enable}",
+        tool     => "${monitor_tool}",
+    }
+
+    # Include project specific monitor class if $my_project is set
+    if $my_project { 
+        case $my_project_onmodule {
+            yes,true: { include "${my_project}::mysql::monitor" }
+            default: { include "mysql::monitor::${my_project}" }
+        }
+    }
+
+}