opuppet/module-puppetlabs-mysql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
No description
160 commits 1 branch 0 tags 1.4 MiB
Ruby 73.3%
Puppet 24.3%
HTML 2.4%
Find a file
Reid Vandewiele 8dac527b2a Add priv validation to database_grant provider 
The mysql database_grant provider currently has what is arguably a heinous
design flaw. At present:

 1. The 'privileges' parameter for the database_grant type, mysql provider,
    does not expect the same syntax as the mysql Grant command ('SELECT',
    'UPDATE', 'DELETE', etc). Rather, it expects the user to supply column
    names used to store raw grants in the mysql.db or mysql.user tables
    internally ('Select_priv', 'Update_priv', 'Delete_priv', etc).

 2. If a user supplies `privileges => [ 'SELECT', 'INSERT' ]` instead of
    `privileges => [ 'Select_priv', 'Insert_priv' ]`, the provider fails
    silently and will continuously attempt to update the privileges with
    each successive puppet run. In the specific example provided, all privs
    for the user/db will be set to false since e.g. 'INSERT' does not match
    any valid privilege.

Unfortunately it doesn't look simple to modify the provider such that the
intuitive SELECT, DELETE, etc. keywords can be used without changing
existing behavior. Leaving that alone for now, it *is* pretty simple to add
a validation function that will at least fail cleanly if non-functional
privilege values are supplied that don't mean anything to the provider. If
the user is trying to use valid MySQL Grant syntax, the new validation
procedure will recognize this and suggest a correction. Hopefully giving
users this kind of warning will clue them in to what kind of input the
provider expects.
2012-08-04 10:28:06 -07:00
files (#12412) mysqltuner.pl update 2012-02-04 07:08:08 +11:00
lib/puppet Add priv validation to database_grant provider 2012-08-04 10:28:06 -07:00
manifests Add enabled parameter to mysql::server 2012-06-18 14:09:42 -07:00
spec Fix negative tests on rspec 2.11 2012-07-23 16:39:37 -07:00
templates (#14330) Add support for FreeBSD 2012-05-30 19:12:25 -07:00
tests Merge pull request #64 from runningman/backup 2012-05-10 22:44:52 -07:00
.fixtures.yml Update the module to the new layout for easier testing and packaging 2012-05-24 16:55:22 -07:00
.gemfile Switch to using the puppetlabs_spec_helper gem for common files 2012-05-31 15:32:36 -07:00
.gitignore Update the module to the new layout for easier testing and packaging 2012-05-24 16:55:22 -07:00
.travis.yml Switch to using the puppetlabs_spec_helper gem for common files 2012-05-31 15:32:36 -07:00
CHANGELOG Update module for 0.4.0 2012-07-24 12:20:03 -07:00
LICENSE Added documentation and license to module. 2011-05-31 20:47:19 -07:00
Modulefile Update module for 0.4.0 2012-07-24 12:20:03 -07:00
Rakefile Switch to using the puppetlabs_spec_helper gem for common files 2012-05-31 15:32:36 -07:00
README.md Merge pull request #64 from runningman/backup 2012-05-10 22:44:52 -07:00
TODO added some additional TODOS 2011-06-03 13:27:44 -07:00

README.md

Mysql module for Puppet

This module manages mysql on Linux (RedHat/Debian) distros. A native mysql provider implements database resource type to handle database, database user, and database permission.

Description

This module uses the fact osfamily which is supported by Facter 1.6.1+. If you do not have facter 1.6.1 in your environment, the following manifests will provide the same functionality in site.pp (before declaring any node):

if ! $::osfamily {
  case $::operatingsystem {
    'RedHat', 'Fedora', 'CentOS', 'Scientific', 'SLC', 'Ascendos', 'CloudLinux', 'PSBM', 'OracleLinux', 'OVS', 'OEL': {
      $osfamily = 'RedHat'
    }
    'ubuntu', 'debian': {
      $osfamily = 'Debian'
    }
    'SLES', 'SLED', 'OpenSuSE', 'SuSE': {
      $osfamily = 'Suse'
    }
    'Solaris', 'Nexenta': {
      $osfamily = 'Solaris'
    }
    default: {
      $osfamily = $::operatingsystem
    }
  }
}

This module depends on creates_resources function which is introduced in Puppet 2.7. Users on puppet 2.6 can use the following module which provides this functionality:

http://github.com/puppetlabs/puppetlabs-create_resources

This module is based on work by David Schmitt. The following contributor have contributed patches to this module (beyond Puppet Labs):

  • Christian G. Warden
  • Daniel Black
  • Justin Ellison
  • Lowe Schmidt
  • Matthias Pigulla
  • William Van Hevelingen
  • Michael Arnold

Usage

mysql

Installs the mysql-client package.

class { 'mysql': }

mysql::java

Installs mysql bindings for java.

class { 'mysql::java': }

mysql::python

Installs mysql bindings for python.

class { 'mysql::python': }

mysql::ruby

Installs mysql bindings for ruby.

class { 'mysql::ruby': }

mysql::server

Installs mysql-server packages, configures my.cnf and starts mysqld service:

class { 'mysql::server':
  config_hash => { 'root_password' => 'foo' }
}

Database login information stored in /root/.my.cnf.

mysql::db

Creates a database with a user and assign some privileges.

mysql::db { 'mydb':
  user     => 'myuser',
  password => 'mypass',
  host     => 'localhost',
  grant    => ['all'],
}

mysql::backup

Installs a mysql backup script, cronjob, and priviledged backup user.

class { 'mysql::backup':
  backupuser     => 'myuser',
  backuppassword => 'mypassword',
  backupdir      => '/tmp/backups',
}

Providers for database types:

MySQL provider supports puppet resources command:

$ puppet resource database
database { 'information_schema':
  ensure  => 'present',
  charset => 'utf8',
}
database { 'mysql':
  ensure  => 'present',
  charset => 'latin1',
}

The custom resources can be used in any other manifests:

database { 'mydb':
  charset => 'latin1',
}

database_user { 'bob@localhost':
  password_hash => mysql_password('foo')
}

database_grant { 'user@localhost/database':
  privileges => ['all'] ,
}

A resource default can be specified to handle dependency:

Database {
  require => Class['mysql::server'],
}