commit d6d0af3b25d22418e2ecd0a4f29e55236a3c1e4c Author: Matthew Treinish Date: Wed Sep 17 23:36:56 2014 -0400 Add mysql-proxy to enable read-only access to a db This commit adds a mysql_proxy module which will setup a read-only proxy to a mysql db. This also configures a proxy to the subunit2sql db to run on logstash.o.o to provide read only access to the data in the database. Change-Id: I478baca354354347fe50074a8e3b9f66ca890d55 diff --git a/files/mysql-proxy b/files/mysql-proxy new file mode 100644 index 0000000..b0f4448 --- /dev/null +++ b/files/mysql-proxy @@ -0,0 +1,2 @@ +ENABLED="true" +OPTIONS="--defaults-file /etc/mysql-proxy/mysql-proxy.conf" diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..778e341 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,40 @@ +# Copyright 2014 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# == Class: mysql_proxy +# +class mysql_proxy { + + package { 'mysql-proxy': + ensure => present, + } + + file { '/etc/mysql-proxy': + ensure => directory, + owner => 'root', + group => 'root', + mode => '0644', + require => Package['mysql-proxy'], + + } + + file { '/etc/default/mysql-proxy': + owner => 'root', + group => 'root', + mode => '0644', + source => 'puppet:///modules/mysql_proxy/mysql-proxy', + require => Package['mysql-proxy'], + } + +} diff --git a/manifests/server.pp b/manifests/server.pp new file mode 100644 index 0000000..8ffb1ee --- /dev/null +++ b/manifests/server.pp @@ -0,0 +1,41 @@ +# Copyright 2014 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# == Class: mysql_proxy::server +# +class mysql_proxy::server ( + $db_host, + $db_port='3306', + $lua_script = '/usr/share/mysql-proxy/rw-splitting.lua', + $admin_username = 'admin', + $admin_pass, +) { + + file { '/etc/mysql-proxy/mysql-proxy.conf': + ensure => file, + owner => 'root', + group => 'root', + mode => '0600', + content => template("mysql_proxy/mysql-proxy.conf.erb"), + require => File['/etc/mysql-proxy'] + } + + service{ 'mysql-proxy': + ensure => running, + subscribe => [ + Package['mysql-proxy'], + File['/etc/mysql-proxy/mysql-proxy.conf'], + ], + } +} diff --git a/templates/mysql-proxy.conf.erb b/templates/mysql-proxy.conf.erb new file mode 100644 index 0000000..40d8fb2 --- /dev/null +++ b/templates/mysql-proxy.conf.erb @@ -0,0 +1,8 @@ +[mysql-proxy] +log-file = /var/log/mysql-proxy.log +log-level = message +proxy-read-only-backend-addresses = <%= @db_host %>:<%= @db_port %> +proxy-lua-script = <%= @lua_script %> +admin-username = <%= @admin_username %> +admin-password = <%= @admin_pass %> +admin-lua-script = /usr/share/mysql-proxy/admin.lua