On Nov 1, 6:50 pm, treydock <treyd...@gmail.com> wrote:
> On Oct 31, 3:09 pm, Dan Bode <d...@puppetlabs.com> wrote:
>
>
>
>
>
>
>
>
>
> > On Mon, Oct 31, 2011 at 12:44 PM, treydock <treyd...@gmail.com> wrote:
>
> > > On Oct 31, 1:56 pm, treydock <treyd...@gmail.com> wrote:
> > > > On Oct 31, 1:05 pm, Dan Bode <d...@puppetlabs.com> wrote:
>
> > > > > On Mon, Oct 31, 2011 at 10:55 AM, treydock <treyd...@gmail.com> wrote:
>
> > > > > > On Oct 31, 12:26 pm, Dan Bode <d...@puppetlabs.com> wrote:
> > > > > > > you are running into a documentation issue. All of the
> > > configuration was
> > > > > > > moved to a new parameter called: config_hash. I can submit a patch
>
> > > > > > > On Mon, Oct 31, 2011 at 10:01 AM, treydock <treyd...@gmail.com>
> > > wrote:
> > > > > > > > I'm working to begin managing MySQL with the puppetlabs-mysql
> > > provided
> > > > > > > > module, but am not able to get very far with the README
> > > documentation.
>
> > > > > > > > So far, simply trying to add the server module and define the
> > > > > > > > root_password is failing like so,
>
> > > > > > > > err: Could not retrieve catalog from remote server: Error 400 on
> > > > > > > > SERVER: Invalid parameter root_password at
> > > > > > > > /etc/puppet/manifests/
> > > > > > > > nodes.pp:882 on node puppetnode1.tld
>
> > > > > > > > The definition looks like this,
>
> > > > > > > > node 'puppetnode1.tld' {
>
> > > > > > > > class { 'mysql::server':
> > > > > > > > root_password => 'test'
> > > > > > > > }
>
> > > > > > > should be changed to:
>
> > > > > > > class { 'mysql::server':
> > > > > > > config_hash => { root_password => 'test'}
> > > > > > > }
>
> > > > > > > > database_user { 'treydock@localhost':
> > > > > > > > password_hash => mysql_password('pass')
> > > > > > > > }
>
> > > > > > > database_grant { 'treydock@localhost/*':
>
> > > > > > > > privileges => ['ALL'],
> > > > > > > > }
>
> > > > > > > > mysql::db { 'zabbix':
> > > > > > > > user => 'zabbix',
> > > > > > > > password => 'zabbix',
> > > > > > > > host => 'localhost',
> > > > > > > > grant => ['ALL'],
> > > > > > > > }
>
> > > > > > > > }
>
> > > > > > > > The database_user and _grant thus far haven't actually done
> > > anything.
> > > > > > > > I'm assuming it's because mysql::server isn't working or being
> > > > > > > > applied.
>
> > > > > > > > There's likely something very obvious I'm missing. This is also
> > > my
> > > > > > > > first time using parameterized classes.
>
> > > > > > > > Thanks
> > > > > > > > - Trey
>
> > > > > > > > --
> > > > > > > > You received this message because you are subscribed to the
> > > Google
> > > > > > Groups
> > > > > > > > "Puppet Users" group.
> > > > > > > > To post to this group, send email to
> > > puppet-users@googlegroups.com.
> > > > > > > > To unsubscribe from this group, send email to
> > > > > > > > puppet-users+unsubscr...@googlegroups.com.
> > > > > > > > For more options, visit this group at
> > > > > > > >http://groups.google.com/group/puppet-users?hl=en.
>
> > > > > > Ah that was it! Thanks.
>
> > > > > > Is there a way to similuate or run the equivilant of
> > > > > > "mysql_secure_installation" within this module? I tried an initial
> > > > > > attempt with the following...but once it's added to the
> > > > > > mysql::server
> > > > > > class it never seems to get called...
>
> > > > > what failed? How did you add it to the mysql::server class?
>
> > > > > > class mysql::server::secure {
>
> > > > > > database_user {
> > > > > > "''":
> > > > > > ensure => absent,
> > > > > > require => Service['mysqld'];
>
> > > > > > "root@${fqdn}":
> > > > > > ensure => absent,
> > > > > > require => Service['mysqld'];
> > > > > > }
>
> > > > > > database {
> > > > > > "test":
> > > > > > ensure => absent,
> > > > > > require => Service['mysqld'];
> > > > > > }
>
> > > > > > }
>
> > > > > > Would the easier route be to just modify the
> > > mysql_secure_installation
> > > > > > script to be more puppet friendly?
>
> > > > > > Thanks
> > > > > > - Trey
>
> > > > > > --
> > > > > > You received this message because you are subscribed to the Google
> > > Groups
> > > > > > "Puppet Users" group.
> > > > > > To post to this group, send email to puppet-users@googlegroups.com.
> > > > > > To unsubscribe from this group, send email to
> > > > > > puppet-users+unsubscr...@googlegroups.com.
> > > > > > For more options, visit this group at
> > > > > >http://groups.google.com/group/puppet-users?hl=en.
>
> > > > It didn't fail, it just simply did nothing.
>
> > > > This is it's inclusion in mysql::server
>
> > > > class mysql::server(
> > > > $service_name = $mysql::params::service_name,
> > > > $config_hash = {},
> > > > $package_name = 'mysql-server'
> > > > ) inherits mysql::params {
>
> > > > include mysql::server::secure
>
> > > > # automatically create a class to deal with
> > > > # configuration
> > > > $hash = {
> > > > "mysql::config" => $config_hash
> > > > }
>
> > > > I am doing it via Exec now anyways. Though I'd prefer to do it with
> > > > the new type and provider
>
> > > > - Trey
>
> > > Slightly different question...is there a way to pass / store the hash
> > > for the root password rather than the plain text password? Similar to
> > > how the puppet user resource works?
>
> > I am not quite sure if mysql supports that. Could you open a ticket
> > here:http://projects.puppetlabs.com/projects/modulesandexplain what the
> > implementation would look like?
>
> > thanks
>
> > > Thanks
> > > - Trey
>
> > > --
> > > You received this message because you are subscribed to the Google Groups
> > > "Puppet Users" group.
> > > To post to this group, send email to puppet-users@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > puppet-users+unsubscr...@googlegroups.com.
> > > For more options, visit this group at
> > >http://groups.google.com/group/puppet-users?hl=en.
>
> I'll put that in once I can think of a way to implement it.
>
> I've run into some strange behavior where every run seems to result in
> some changes to the rights on a database user.
>
> I've run "puppetd --test --debug -v " dozens of times and the results
> are never the same, anywhere between 1 to 3 of the grants I've defined
> will get alerted.
>
> Here's my test case (messing with phpMyAdmin)...
>
> mysql::db { 'phpmyadmin':
> user => 'pma_ctrl_user',
> password => '****',
> host => 'localhost',
> grant => [ 'select_priv', 'insert_priv', 'delete_priv',
> 'alter_priv' ],
> charset => 'utf8',
> }
>
> database_grant { 'pma_ctrl_user@localhost/mysql.db':
> privileges => ['select_priv'],
> }
> database_grant { 'pma_ctrl_user@localhost/mysql.host':
> privileges => ['select_priv'],
> }
> database_grant { 'pma_ctrl_user@localhost/mysql.tables_priv':
> privileges => ['select_priv'],
> }
>
> And this is an example of what looks like a successful execution of
> the command...
>
> Using pastebin cause it's impossible to read if pasted here.
>
> One run -http://pastebin.com/Ey8qt08T
>
> A run about 10 minutes later -http://pastebin.com/JNX0daVt
>
> Each time the changes differ. Also is the "Executing .. " debug
> output from puppet not verbatim? I've tried pasting that into the
> terminal which does not work.
>
> Thanks
> - Trey
Well I think I found out why this could be happening, unfortunately
I'm not very good with regex and can't offer much help as far as a
solution.
It seems the regex "^([^@]*)@([^\/]*)(\/(.*))?$" doesn't understand
the "." between the database name and table name. When I use a regex
tester it shows this
-----------
$1 - pma_ctrl_user
$2 - localhost
$3 - /mysql.db
$4 - mysql.db
That makes me think it was intended to split the database and table
name, but I can't for the life of me get the regex to do that. Is
that an accurate conclusion of this problem?
Thanks
- Trey
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
