Jcrespo has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/398450 )
Change subject: [WIP] Update mariadb::proxy to the latest style and path
locations
......................................................................
[WIP] Update mariadb::proxy to the latest style and path locations
Create profile::mariadb::proxy{,::master,::replicas}, for the base,
master failover and replica load balancing roles. Replica class is
unused, so probably untested and doesn't work.
Make socker and pid configurable, default to /run location, but
it can now be overriden by host by host migration from /tmp to
/run.
The patch is missing the several hiera keys for the individual or
role-based pointing to servers.
Bug: T148507
Change-Id: I71a888b516866ab22174565b00c426fafe55a7d9
---
M manifests/site.pp
M modules/haproxy/manifests/init.pp
R modules/haproxy/templates/check_haproxy.erb
A modules/profile/manifests/mariadb/proxy.pp
A modules/profile/manifests/mariadb/proxy/master.pp
A modules/profile/manifests/mariadb/proxy/replicas.pp
R modules/profile/templates/mariadb/proxy/db-master-stretch.cfg.erb
R modules/profile/templates/mariadb/proxy/db-master.cfg.erb
R modules/profile/templates/mariadb/proxy/db-replicas.cfg.erb
R modules/profile/templates/mariadb/proxy/db.cfg.erb
M modules/role/manifests/mariadb/proxy.pp
M modules/role/manifests/mariadb/proxy/master.pp
A modules/role/manifests/mariadb/proxy/replicas.pp
D modules/role/manifests/mariadb/proxy/slaves.pp
14 files changed, 86 insertions(+), 138 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/50/398450/1
diff --git a/manifests/site.pp b/manifests/site.pp
index 718a2ea..81d21bf 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -626,77 +626,13 @@
}
# Proxies for misc databases
-node /^dbproxy100(1|6)\.eqiad\.wmnet$/ {
- class { '::role::mariadb::proxy::master':
- shard => 'm1',
- primary_name => 'db1016',
- primary_addr => '10.64.0.20',
- secondary_name => 'db1001',
- secondary_addr => '10.64.0.5',
- }
-}
-
-node /^dbproxy100(2|7)\.eqiad\.wmnet$/ {
- class { '::role::mariadb::proxy::master':
- shard => 'm2',
- primary_name => 'db1020',
- primary_addr => '10.64.16.9',
- secondary_name => 'db2011',
- secondary_addr => '10.192.0.14',
- }
-}
-
-node /^dbproxy100(3|8)\.eqiad\.wmnet$/ {
- class { '::role::mariadb::proxy::master':
- shard => 'm3',
- primary_name => 'db1043',
- primary_addr => '10.64.16.32',
- secondary_name => 'db1059',
- secondary_addr => '10.64.32.29',
- }
-}
-
-# stretch haproxies (1.7) require the port number
-node /^dbproxy100(4|9)\.eqiad\.wmnet$/ {
- class { '::role::mariadb::proxy::master':
- shard => 'm4',
- primary_name => 'db1107',
- primary_addr => '10.64.0.214:3306',
- secondary_name => 'db1108',
- secondary_addr => '10.64.32.71:3306',
- }
-}
-
-node 'dbproxy1005.eqiad.wmnet' {
- role(mariadb::ferm_wmcs)
- class { '::role::mariadb::proxy::master':
- shard => 'm5',
- primary_name => 'db1009',
- primary_addr => '10.64.0.13',
- secondary_name => 'db2030',
- secondary_addr => '10.192.16.18',
- }
+node /^dbproxy10(01|02|03|04|05|06|07|08|09)\.eqiad\.wmnet$/ {
+ role(mariadb::proxy)
}
# labsdb proxies (controling replica service dbs)
-node 'dbproxy1010.eqiad.wmnet' {
- class { '::role::mariadb::proxy::master':
- shard => 'labsdb',
- primary_name => 'labsdb1009',
- primary_addr => '10.64.4.14',
- secondary_name => 'labsdb1010',
- secondary_addr => '10.64.37.23',
- }
-}
-
-node 'dbproxy1011.eqiad.wmnet' {
- class { '::role::mariadb::proxy::master':
- shard => 'labsdb',
- primary_name => 'labsdb1011',
- primary_addr => '10.64.37.24',
- secondary_name => 'labsdb1010',
- secondary_addr => '10.64.37.23',
- }
+node 'dbproxy101[01].eqiad.wmnet' {
+ role(mariadb::proxy)
}
node /^dbmonitor[12]001\.wikimedia\.org$/ {
diff --git a/modules/haproxy/manifests/init.pp
b/modules/haproxy/manifests/init.pp
index 74c9e53..c70bd00 100644
--- a/modules/haproxy/manifests/init.pp
+++ b/modules/haproxy/manifests/init.pp
@@ -2,6 +2,8 @@
class haproxy(
$template = 'haproxy/haproxy.cfg.erb',
+ $socket = '/run/haproxy/haproxy.sock',
+ $pid = '/run/haproxy/haproxy.pid',
) {
package { [
@@ -27,10 +29,10 @@
}
file { '/usr/lib/nagios/plugins/check_haproxy':
- owner => 'root',
- group => 'root',
- mode => '0755',
- source => 'puppet:///modules/haproxy/check_haproxy',
+ owner => 'root',
+ group => 'root',
+ mode => '0755',
+ content => template('modules/haproxy/check_haproxy'),
}
if os_version('debian >= jessie') {
diff --git a/modules/haproxy/files/check_haproxy
b/modules/haproxy/templates/check_haproxy.erb
similarity index 96%
rename from modules/haproxy/files/check_haproxy
rename to modules/haproxy/templates/check_haproxy.erb
index c501703..f4a2ac5 100755
--- a/modules/haproxy/files/check_haproxy
+++ b/modules/haproxy/templates/check_haproxy.erb
@@ -9,7 +9,7 @@
UNKN="UNKNOWN"
EUNKN=3
-socket="/tmp/haproxy.socket"
+socket="<%= @socket %>"
check="check_alive"
for var in "$@"; do
@@ -70,4 +70,4 @@
echo "${CRIT} unkown check ${check} "
-exit $ECRIT
\ No newline at end of file
+exit $ECRIT
diff --git a/modules/profile/manifests/mariadb/proxy.pp
b/modules/profile/manifests/mariadb/proxy.pp
new file mode 100644
index 0000000..8a5cc2d
--- /dev/null
+++ b/modules/profile/manifests/mariadb/proxy.pp
@@ -0,0 +1,21 @@
+# base profile to have a manually-managed haproxy installation, pointing to
+# to nowere by default. Check ::profile::mariadb::proxy::{master,replica} for
+# it to do something useful (failover or load balancing)
+class ::profile::mariadb::proxy (
+ $pid = hiera('::profile::mariadb::proxy::pid',
'/run/haproxy/haproxy.pid'),
+ $socket = hiera('::profile::mariadb::proxy::pid',
'/run/haproxy/haproxy.sock'),
+ ){
+
+ class { 'haproxy':
+ template => 'profile/mariadb/proxy/db.cfg.erb',
+ pid => $pid,
+ socket => $socket,
+ }
+
+ package { [
+ 'mysql-client',
+ 'percona-toolkit',
+ ]:
+ ensure => present,
+ }
+}
diff --git a/modules/profile/manifests/mariadb/proxy/master.pp
b/modules/profile/manifests/mariadb/proxy/master.pp
new file mode 100644
index 0000000..6f11db9
--- /dev/null
+++ b/modules/profile/manifests/mariadb/proxy/master.pp
@@ -0,0 +1,26 @@
+# proxy in with 2 hosts, active-passive (with failover) scenario
+class profile::mariadb::proxy::master (
+ $primary_name = hiera(::profile::mariadb::proxy::master::primary_name),
+ $primary_addr = hiera(::profile::mariadb::proxy::master::primary_addr),
+ $secondary_name = hiera(::profile::mariadb::proxy::master::secondary_name),
+ $secondary_addr = hiera(::profile::mariadb::proxy::master::seconady_addr),
+ ) {
+ # patch until all haproxies have been upgraded to 1.7
+ if os_version('debian >= stretch') {
+ $master_template = 'db-master-stretch.cfg'
+ } else {
+ $master_template = 'db-master.cfg'
+ }
+
+ file { '/etc/haproxy/conf.d/db-master.cfg':
+ owner => 'haproxy',
+ group => 'haproxy',
+ mode => '0440',
+ content => template("profile/mariadb/proxy/${master_template}.erb"),
+ }
+
+ nrpe::monitor_service { 'haproxy_failover':
+ description => 'haproxy failover',
+ nrpe_command => '/usr/lib/nagios/plugins/check_haproxy
--check=failover',
+ }
+}
diff --git a/modules/profile/manifests/mariadb/proxy/replicas.pp
b/modules/profile/manifests/mariadb/proxy/replicas.pp
new file mode 100644
index 0000000..8223c82
--- /dev/null
+++ b/modules/profile/manifests/mariadb/proxy/replicas.pp
@@ -0,0 +1,11 @@
+# load balancing between several replica dbs
+class profile::mariadb::proxy::replicas(
+ $servers = hiera('::profile::mariadb::proxy::replicas::servers'),
+ ) {
+
+ file { '/etc/haproxy/conf.d/db-replicas.cfg':
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ content => template('profile/mariadb/proxy/db-replicas.cfg.erb'),
+ }
diff --git a/modules/role/templates/haproxy/db-master-stretch.cfg.erb
b/modules/profile/templates/mariadb/proxy/db-master-stretch.cfg.erb
similarity index 100%
rename from modules/role/templates/haproxy/db-master-stretch.cfg.erb
rename to modules/profile/templates/mariadb/proxy/db-master-stretch.cfg.erb
diff --git a/modules/role/templates/haproxy/db-master.cfg.erb
b/modules/profile/templates/mariadb/proxy/db-master.cfg.erb
similarity index 100%
rename from modules/role/templates/haproxy/db-master.cfg.erb
rename to modules/profile/templates/mariadb/proxy/db-master.cfg.erb
diff --git a/modules/role/templates/haproxy/db-slaves.cfg.erb
b/modules/profile/templates/mariadb/proxy/db-replicas.cfg.erb
similarity index 100%
rename from modules/role/templates/haproxy/db-slaves.cfg.erb
rename to modules/profile/templates/mariadb/proxy/db-replicas.cfg.erb
diff --git a/modules/role/templates/haproxy/db.cfg.erb
b/modules/profile/templates/mariadb/proxy/db.cfg.erb
similarity index 82%
rename from modules/role/templates/haproxy/db.cfg.erb
rename to modules/profile/templates/mariadb/proxy/db.cfg.erb
index f83899e..a94cf68 100644
--- a/modules/role/templates/haproxy/db.cfg.erb
+++ b/modules/profile/templates/mariadb/proxy/db.cfg.erb
@@ -1,11 +1,11 @@
# Note: This file is managed by puppet.
global
- pidfile /var/run/haproxy.pid
+ pidfile <%= @pid %>
daemon
user haproxy
group haproxy
- stats socket /tmp/haproxy.socket mode 666 level user
+ stats socket <%= @socket %> mode 666 level user
defaults
#log global
diff --git a/modules/role/manifests/mariadb/proxy.pp
b/modules/role/manifests/mariadb/proxy.pp
index b23a7b8..4ff76c1 100644
--- a/modules/role/manifests/mariadb/proxy.pp
+++ b/modules/role/manifests/mariadb/proxy.pp
@@ -1,23 +1,10 @@
# generic config for a database proxy using haproxy
-class role::mariadb::proxy(
- $shard
- ) {
-
- system::role { 'mariadb::proxy':
- description => "DB Proxy ${shard}",
- }
-
+class role::mariadb::proxy {
include ::standard
- package { [
- 'mysql-client',
- 'percona-toolkit',
- ]:
- ensure => present,
+ system::role { 'mariadb::proxy':
+ description => "DB Proxy",
}
- class { 'haproxy':
- template => 'role/haproxy/db.cfg.erb',
- }
+ include ::profile::haproxy
}
-
diff --git a/modules/role/manifests/mariadb/proxy/master.pp
b/modules/role/manifests/mariadb/proxy/master.pp
index 003d96c..f249f9e 100644
--- a/modules/role/manifests/mariadb/proxy/master.pp
+++ b/modules/role/manifests/mariadb/proxy/master.pp
@@ -1,33 +1,8 @@
# db master failover with a proxy
-class role::mariadb::proxy::master(
- $shard,
- $primary_name,
- $primary_addr,
- $secondary_name,
- $secondary_addr,
- ) {
+class role::mariadb::proxy::master {
include role::mariadb::ferm
-
- class { 'role::mariadb::proxy':
- shard => $shard,
- }
- if os_version('debian >= stretch') {
- $master_template = 'db-master-stretch.cfg'
- } else {
- $master_template = 'db-master.cfg'
- }
-
- file { '/etc/haproxy/conf.d/db-master.cfg':
- owner => 'root',
- group => 'root',
- mode => '0444',
- content => template("role/haproxy/${master_template}.erb"),
- }
-
- nrpe::monitor_service { 'haproxy_failover':
- description => 'haproxy failover',
- nrpe_command => '/usr/lib/nagios/plugins/check_haproxy
--check=failover',
- }
+ include ::profile::mariadb::proxy
+ include ::profile::mariadb::proxy::master
}
diff --git a/modules/role/manifests/mariadb/proxy/replicas.pp
b/modules/role/manifests/mariadb/proxy/replicas.pp
new file mode 100644
index 0000000..c6fd1eb
--- /dev/null
+++ b/modules/role/manifests/mariadb/proxy/replicas.pp
@@ -0,0 +1,7 @@
+# db replicas load balancing with a proxy
+class role::mariadb::proxy::replicas {
+
+ include role::mariadb::ferm
+ include ::profile::mariadb::proxy
+ include ::profile::mariadb::proxy::replicas
+}
diff --git a/modules/role/manifests/mariadb/proxy/slaves.pp
b/modules/role/manifests/mariadb/proxy/slaves.pp
deleted file mode 100644
index a3f67ff..0000000
--- a/modules/role/manifests/mariadb/proxy/slaves.pp
+++ /dev/null
@@ -1,17 +0,0 @@
-# database read-only load balancing proxy
-class role::mariadb::proxy::slaves(
- $shard,
- $servers,
- ) {
-
- class { 'role::mariadb::proxy':
- shard => $shard,
- }
-
- file { '/etc/haproxy/conf.d/db-slaves.cfg':
- owner => 'root',
- group => 'root',
- mode => '0444',
- content => template('role/haproxy/db-slaves.cfg.erb'),
- }
-}
--
To view, visit https://gerrit.wikimedia.org/r/398450
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I71a888b516866ab22174565b00c426fafe55a7d9
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Jcrespo <jcre...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
