diff --git a/lib/facter/galera_bootstrapped.rb b/lib/facter/galera_bootstrapped.rb new file mode 100644 index 00000000..6a786304 --- /dev/null +++ b/lib/facter/galera_bootstrapped.rb @@ -0,0 +1,22 @@ +# +# Copyright (C) 2014 eNovance SAS +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Fact: galera_bootstrapped +# +Facter.add('galera_bootstrapped') do + setcode do + FileTest.exists?('/var/lib/mysql/grastate.dat') + end +end diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp index 241375a7..fe6fc088 100644 --- a/manifests/compute/hypervisor.pp +++ b/manifests/compute/hypervisor.pp @@ -359,18 +359,16 @@ # Configure Ceph keyring Ceph::Key <<| title == $cinder_rbd_user |>> - if defined(Ceph::Key[$cinder_rbd_user]) { - ensure_resource( - 'file', - "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", { - owner => 'root', - group => 'cephkeyring', - mode => '0440', - require => Ceph::Key[$cinder_rbd_user], - notify => Service['nova-compute'], - } - ) - } + ensure_resource( + 'file', + "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", { + owner => 'root', + group => 'cephkeyring', + mode => '0440', + require => Ceph::Key[$cinder_rbd_user], + notify => Service['nova-compute'], + } + ) Concat::Fragment <<| title == 'ceph-client-os' |>> } else { diff --git a/manifests/database/sql/mysql.pp b/manifests/database/sql/mysql.pp index f729b1c7..2e59f894 100644 --- a/manifests/database/sql/mysql.pp +++ b/manifests/database/sql/mysql.pp @@ -169,54 +169,73 @@ # (optional) The name or ip address of host running monitoring database (clustercheck) # Defaults to '127.0.0.1' # +# [*open_files_limit*] +# (optional) An integer that specifies the open_files_limit for MySQL +# Defaults to 65535 +# +# [*mysql_systemd_override_settings*] +# (optional) An hash of setting to override for MariaDB unit file. +# Defaults to {} +# Example : { 'LimitNOFILE' => 'infinity', 'LimitNPROC' => 4, 'TimeoutSec' => '30' } +# # [*firewall_settings*] # (optional) Allow to add custom parameters to firewall rules # Should be an hash. # Default to {} # class cloud::database::sql::mysql ( - $api_eth = '127.0.0.1', - $galera_master_name = 'mgmt001', - $galera_internal_ips = ['127.0.0.1'], - $galera_gcache = '1G', - $keystone_db_host = '127.0.0.1', - $keystone_db_user = 'keystone', - $keystone_db_password = 'keystonepassword', - $keystone_db_allowed_hosts = ['127.0.0.1'], - $cinder_db_host = '127.0.0.1', - $cinder_db_user = 'cinder', - $cinder_db_password = 'cinderpassword', - $cinder_db_allowed_hosts = ['127.0.0.1'], - $glance_db_host = '127.0.0.1', - $glance_db_user = 'glance', - $glance_db_password = 'glancepassword', - $glance_db_allowed_hosts = ['127.0.0.1'], - $heat_db_host = '127.0.0.1', - $heat_db_user = 'heat', - $heat_db_password = 'heatpassword', - $heat_db_allowed_hosts = ['127.0.0.1'], - $nova_db_host = '127.0.0.1', - $nova_db_user = 'nova', - $nova_db_password = 'novapassword', - $nova_db_allowed_hosts = ['127.0.0.1'], - $neutron_db_host = '127.0.0.1', - $neutron_db_user = 'neutron', - $neutron_db_password = 'neutronpassword', - $neutron_db_allowed_hosts = ['127.0.0.1'], - $trove_db_host = '127.0.0.1', - $trove_db_user = 'trove', - $trove_db_password = 'trovepassword', - $trove_db_allowed_hosts = ['127.0.0.1'], - $mysql_root_password = 'rootpassword', - $mysql_sys_maint_password = 'sys_maint', - $galera_clustercheck_dbuser = 'clustercheckdbuser', - $galera_clustercheck_dbpassword = 'clustercheckpassword', - $galera_clustercheck_ipaddress = '127.0.0.1', - $firewall_settings = {}, + $api_eth = '127.0.0.1', + $galera_master_name = 'mgmt001', + $galera_internal_ips = ['127.0.0.1'], + $galera_gcache = '1G', + $keystone_db_host = '127.0.0.1', + $keystone_db_user = 'keystone', + $keystone_db_password = 'keystonepassword', + $keystone_db_allowed_hosts = ['127.0.0.1'], + $cinder_db_host = '127.0.0.1', + $cinder_db_user = 'cinder', + $cinder_db_password = 'cinderpassword', + $cinder_db_allowed_hosts = ['127.0.0.1'], + $glance_db_host = '127.0.0.1', + $glance_db_user = 'glance', + $glance_db_password = 'glancepassword', + $glance_db_allowed_hosts = ['127.0.0.1'], + $heat_db_host = '127.0.0.1', + $heat_db_user = 'heat', + $heat_db_password = 'heatpassword', + $heat_db_allowed_hosts = ['127.0.0.1'], + $nova_db_host = '127.0.0.1', + $nova_db_user = 'nova', + $nova_db_password = 'novapassword', + $nova_db_allowed_hosts = ['127.0.0.1'], + $neutron_db_host = '127.0.0.1', + $neutron_db_user = 'neutron', + $neutron_db_password = 'neutronpassword', + $neutron_db_allowed_hosts = ['127.0.0.1'], + $trove_db_host = '127.0.0.1', + $trove_db_user = 'trove', + $trove_db_password = 'trovepassword', + $trove_db_allowed_hosts = ['127.0.0.1'], + $mysql_root_password = 'rootpassword', + $mysql_sys_maint_password = 'sys_maint', + $galera_clustercheck_dbuser = 'clustercheckdbuser', + $galera_clustercheck_dbpassword = 'clustercheckpassword', + $galera_clustercheck_ipaddress = '127.0.0.1', + $open_files_limit = 65535, + $mysql_systemd_override_settings = {}, + $firewall_settings = {}, ) { include 'xinetd' + if $mysql_systemd_override_settings['LimitNOFILE'] { + $open_files_limit_real = $mysql_systemd_override_settings['LimitNOFILE'] + $mysql_systemd_override_settings_real = $mysql_systemd_override_settings + } else { + $open_files_limit_real = $open_files_limit + $mysql_systemd_override_settings_real = merge($mysql_systemd_override_settings, { 'LimitNOFILE' => $open_files_limit}) + } + $gcomm_definition = inline_template('<%= @galera_internal_ips.join(",") + "?pc.wait_prim=no" -%>') # Specific to the Galera master node @@ -320,6 +339,11 @@ if $::hostname == $galera_master_name { $mysql_service_name = 'mysql-bootstrap' + if !str2bool($::galera_bootstrapped) { + $wsrep_new_cluster = '--wsrep-new-cluster' + } else { + $wsrep_new_cluster = '' + } } else { $mysql_service_name = 'mariadb' } @@ -344,6 +368,24 @@ require => [Package[$mysql_server_package_name], File[$mysql_server_config_file]] } + if $::operatingsystemrelease >= 7 { + file { "/etc/systemd/system/${mysql_service_name}.service.d" : + ensure => directory, + } + file { "/etc/systemd/system/${mysql_service_name}.service.d/custom.conf" : + content => template('cloud/database/systemd-custom.conf.erb'), + owner => 'root', + mode => '0755', + group => 'root', + notify => [Service['mysqld'], Exec['mariadb-sysctl-daemon-reload']], + } + exec { 'mariadb-sysctl-daemon-reload' : + command => '/usr/bin/systemctl daemon-reload', + refreshonly => true, + notify => Service['mysqld'], + } + } + } # RedHat 'Debian': { # Specific to Debian / Ubuntu @@ -375,7 +417,7 @@ } } # Debian default: { - err "${::osfamily} not supported yet" + fail("${::osfamily} not supported yet") } } @@ -387,16 +429,21 @@ # To check that the mysqld support the options you can : # strings `which mysqld` | grep wsrep-new-cluster # TODO: to be remove as soon as the API 25 is packaged, ie galera 3 ... + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease >= 7 { + $mysql_service_notify = Exec['mariadb-sysctl-daemon-reload'] + } else { + $mysql_service_notify = Service['mysqld'] + } file { $mysql_init_file : content => template("cloud/database/etc_initd_mysql_${::osfamily}"), owner => 'root', mode => '0755', group => 'root', - notify => Service['mysqld'], + notify => $mysql_service_notify, before => Package[$mysql_server_package_name], } - if($::osfamily == 'Debian'){ + if $::osfamily == 'Debian' { # The startup time can be longer than the default 30s so we take # care of it there. Until this bug is not resolved # https://mariadb.atlassian.net/browse/MDEV-5540, we have to do it diff --git a/manifests/network.pp b/manifests/network.pp index 0b16f7bc..b4873ab7 100644 --- a/manifests/network.pp +++ b/manifests/network.pp @@ -89,7 +89,7 @@ $core_plugin = 'neutron.plugins.cisco.network_plugin.PluginV2' } default: { - err "${plugin} plugin is not supported." + fail("${plugin} plugin is not supported.") } } diff --git a/manifests/network/controller.pp b/manifests/network/controller.pp index 092b960c..340d5ff2 100644 --- a/manifests/network/controller.pp +++ b/manifests/network/controller.pp @@ -254,7 +254,7 @@ } default: { - err "${plugin} plugin is not supported." + fail("${plugin} plugin is not supported.") } } diff --git a/manifests/network/vswitch.pp b/manifests/network/vswitch.pp index 10d663d6..0a00ce6c 100644 --- a/manifests/network/vswitch.pp +++ b/manifests/network/vswitch.pp @@ -215,7 +215,7 @@ } default: { - err "${driver} driver is not supported." + fail("${driver} driver is not supported.") } } diff --git a/manifests/object.pp b/manifests/object.pp index 0ad00e70..d7d9e917 100644 --- a/manifests/object.pp +++ b/manifests/object.pp @@ -30,6 +30,4 @@ swift_hash_suffix => $swift_hash_suffix, } - class {'cloud::object::tweaking': } - } diff --git a/manifests/object/storage.pp b/manifests/object/storage.pp index 5d755943..ae19ef7a 100644 --- a/manifests/object/storage.pp +++ b/manifests/object/storage.pp @@ -75,6 +75,8 @@ include 'cloud::object' + include 'cloud::object::tweaking' + class { 'swift::storage': storage_local_net_ip => $storage_eth, } diff --git a/manifests/object/tweaking.pp b/manifests/object/tweaking.pp index 17f54f42..ff5e552b 100644 --- a/manifests/object/tweaking.pp +++ b/manifests/object/tweaking.pp @@ -22,7 +22,7 @@ 'net.ipv4.tcp_tw_recycle' => { value => 1 }, 'net.ipv4.tcp_tw_reuse' => { value => 1 }, 'net.ipv4.tcp_syncookies' => { value => 0 }, - 'net.ipv4.ip_local_port_range' => { value => "1024\t65000" }, + 'net.ipv4.ip_local_port_range' => { value => "10000\t65000" }, 'net.core.netdev_max_backlog' => { value => 300000 }, 'net.ipv4.tcp_sack' => { value => 0 }, } diff --git a/manifests/volume/backend/rbd.pp b/manifests/volume/backend/rbd.pp index cf33d08b..c6115003 100644 --- a/manifests/volume/backend/rbd.pp +++ b/manifests/volume/backend/rbd.pp @@ -84,14 +84,12 @@ # Configure Ceph keyring Ceph::Key <<| title == $rbd_user |>> - if defined(Ceph::Key[$rbd_user]) { - ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", { - owner => 'root', - group => 'cephkeyring', - mode => '0440', - require => Ceph::Key[$rbd_user], - }) - } + ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", { + owner => 'root', + group => 'cephkeyring', + mode => '0440', + require => Ceph::Key[$rbd_user], + }) Concat::Fragment <<| title == 'ceph-client-os' |>> diff --git a/spec/classes/cloud_compute_hypervisor_spec.rb b/spec/classes/cloud_compute_hypervisor_spec.rb index c415682f..c035eb3c 100644 --- a/spec/classes/cloud_compute_hypervisor_spec.rb +++ b/spec/classes/cloud_compute_hypervisor_spec.rb @@ -383,6 +383,11 @@ class { 'cloud::network': :command => 'usermod -a -G cephkeyring nova', :unless => 'groups nova | grep cephkeyring' ) + is_expected.to contain_file('/etc/ceph/ceph.client.cinder.keyring').with({ + 'owner' => 'root', + 'group' => 'cephkeyring', + 'mode' => '0440', + }) end it 'configure libvirt driver' do diff --git a/spec/classes/cloud_database_sql_mysql_spec.rb b/spec/classes/cloud_database_sql_mysql_spec.rb index 631a90a3..09ed68c2 100644 --- a/spec/classes/cloud_database_sql_mysql_spec.rb +++ b/spec/classes/cloud_database_sql_mysql_spec.rb @@ -94,6 +94,34 @@ end # configure mysqlchk http replication + context 'configure override of systemd defaults' do + before :each do + facts.merge!( :hostname => 'os-ci-test1', + :osfamily => 'RedHat', + :operatingsystemrelease => 7 ) + end + before :each do + params.merge!(:mysql_systemd_override_settings => { 'LimitNOFILE' => 666 }) + end + + it { is_expected.to contain_file('/etc/systemd/system/mysql-bootstrap.service.d/custom.conf').with_content(/[Service]/) } + it { is_expected.to contain_file('/etc/systemd/system/mysql-bootstrap.service.d/custom.conf').with_content(/LimitNOFILE=666/) } + it { is_expected.to contain_file('/etc/my.cnf').with_content(/open_files_limit = 666/) } + end + + context 'configure open_file_limits' do + before :each do + facts.merge!( :hostname => 'os-ci-test1', + :osfamily => 'RedHat', + :operatingsystemrelease => 7 ) + end + before :each do + params.merge!(:open_files_limit => 666) + end + + it { is_expected.to contain_file('/etc/my.cnf').with_content(/open_files_limit = 666/) } + end + context 'configure databases on the galera master server' do before :each do @@ -271,7 +299,8 @@ context 'on RedHat platforms' do let :facts do - { :osfamily => 'RedHat' } + { :osfamily => 'RedHat', + :operatingsystemrelease => 7 } end let :platform_params do diff --git a/spec/classes/cloud_network_vswitch_spec.rb b/spec/classes/cloud_network_vswitch_spec.rb index 6078ad50..d101b76e 100644 --- a/spec/classes/cloud_network_vswitch_spec.rb +++ b/spec/classes/cloud_network_vswitch_spec.rb @@ -133,7 +133,7 @@ before :each do params.merge!(:driver => 'Something') end - it { should compile.and_raise_error(/Something plugin is not supported./) } + it_raises 'a Puppet::Error', /Something driver is not supported./ end context 'with default firewall enabled' do diff --git a/spec/classes/cloud_object_storage_spec.rb b/spec/classes/cloud_object_storage_spec.rb index 766e2121..f62605ac 100644 --- a/spec/classes/cloud_object_storage_spec.rb +++ b/spec/classes/cloud_object_storage_spec.rb @@ -39,6 +39,10 @@ 'storage_local_net_ip' => '127.0.0.1', }) + is_expected.to contain_sysctl('net.ipv4.ip_local_port_range').with( + :val => "10000\t65000", + ) + is_expected.to contain_swift__storage__server('6000').with({ 'type' => 'object', 'config_file_path' => 'object-server.conf', diff --git a/spec/classes/cloud_volume_storage_spec.rb b/spec/classes/cloud_volume_storage_spec.rb index f2c1d77e..79ffac63 100644 --- a/spec/classes/cloud_volume_storage_spec.rb +++ b/spec/classes/cloud_volume_storage_spec.rb @@ -154,6 +154,11 @@ :path => ['/usr/sbin', '/usr/bin', '/bin', '/sbin'], :unless => 'groups cinder | grep cephkeyring' ) + is_expected.to contain_file('/etc/ceph/ceph.client.cinder.keyring').with({ + 'owner' => 'root', + 'group' => 'cephkeyring', + 'mode' => '0440', + }) end end diff --git a/templates/database/etc_initd_mysql_RedHat b/templates/database/etc_initd_mysql_RedHat index ec2a168a..79a8b36e 100755 --- a/templates/database/etc_initd_mysql_RedHat +++ b/templates/database/etc_initd_mysql_RedHat @@ -32,7 +32,7 @@ Group=mysql ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n # Note: we set --basedir to prevent probes that might trigger SELinux alarms, # per bug #547485 -ExecStart=/usr/bin/mysqld_safe --wsrep-new-cluster --basedir=/usr +ExecStart=/usr/bin/mysqld_safe <%= @wsrep_new_cluster %> --basedir=/usr ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID # Give a reasonable amount of time for the server to start up/shut down diff --git a/templates/database/mysql.conf.erb b/templates/database/mysql.conf.erb index 1696c903..cba4d7d4 100644 --- a/templates/database/mysql.conf.erb +++ b/templates/database/mysql.conf.erb @@ -20,7 +20,7 @@ max_heap_table_size = 128M query_cache_type = 0 myisam_recover = BACKUP key_buffer_size = 16M -open_files_limit = 65535 +open_files_limit = <%= @open_files_limit_real %> table_open_cache = 1024 table_definition_cache = 500 myisam_sort_buffer_size = 512M @@ -37,7 +37,7 @@ innodb_flush_log_at_trx_commit = 1 innodb_lock_wait_timeout = 50 innodb_thread_concurrency = 48 innodb_file_per_table = 1 -innodb_open_files = 65535 +innodb_open_files = <%= @open_files_limit_real %> innodb_io_capacity = 1000 innodb_file_format = Barracuda innodb_file_format_max = Barracuda diff --git a/templates/database/systemd-custom.conf.erb b/templates/database/systemd-custom.conf.erb new file mode 100644 index 00000000..3e88a5de --- /dev/null +++ b/templates/database/systemd-custom.conf.erb @@ -0,0 +1,4 @@ +[Service] +<% @mysql_systemd_override_settings_real.each do |key, value| -%> +<%= key -%>=<%= value %> +<% end -%>