Move MySQL settings out of puppet/controller.yaml

This moves the config settings out of controller.yaml for MySQL and into puppet/services/database/mysql.yaml. The top leve MysqlRootPassword is still maintained by default in overcloud.yaml so that users who upgrade won't get broken. New users may optionally specify the MysqlRootPassword as a parameter instead which will take priority over the top level generated parameter. We drop the top level MysqlClusterUniquePart because it is no longer used (I think it was a remnant from t-i-e). Related-Bug: #1604414 Change-Id: I06ebac0f4c87dabfccefb2e550a64650868c5b26
2016-08-17 10:15:05 -04:00 · 2016-08-17 10:15:05 -04:00 · 58bf3932a8
commit 58bf3932a8
parent a95e4c2afe
5 changed files with 43 additions and 73 deletions
--- a/default_passwords.yaml
+++ b/default_passwords.yaml
@ -5,8 +5,6 @@ description: Passwords we manage at the top level
 parameters:
  DefaultMysqlRootPassword:
    type: string
-  DefaultMysqlClusterPassword:
-    type: string
  DefaultRabbitCookie:
    type: string
  DefaultHeatAuthEncryptionKey:
@ -21,7 +19,6 @@ outputs:
    description: Password data
    value:
      mysql_root_password: {get_param: DefaultMysqlRootPassword}
-      mysql_cluster_password: {get_param: DefaultMysqlClusterPassword}
      rabbit_cookie: {get_param: DefaultRabbitCookie}
      heat_auth_encryption_key: {get_param: DefaultHeatAuthEncryptionKey}
      pcsd_password: {get_param: DefaultPcsdPassword}
--- a/overcloud.yaml
+++ b/overcloud.yaml
@ -399,15 +399,12 @@ resources:
          controllerExtraConfig: {get_param: controllerExtraConfig}
          HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
          HorizonSecret: {get_resource: HorizonSecret}
-          MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
-          MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
          PcsdPassword: {get_resource: PcsdPassword}
          RabbitCookie: {get_attr: [RabbitCookie, value]}
          RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
          RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]}
          ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
          EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
-          MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]}
          Hostname:
            str_replace:
              template: {get_param: ControllerHostnameFormat}
@ -612,11 +609,6 @@ resources:
    properties:
      length: 10

-  MysqlClusterUniquePart:
-    type: OS::Heat::RandomString
-    properties:
-      length: 10
-
  RabbitCookie:
    type: OS::Heat::RandomString
    properties:
@ -627,7 +619,6 @@ resources:
    type: OS::TripleO::DefaultPasswords
    properties:
      DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
-      DefaultMysqlClusterPassword: {get_attr: [MysqlClusterUniquePart, value]}
      DefaultRabbitCookie: {get_attr: [RabbitCookie, value]}
      DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]}
      DefaultPcsdPassword: {get_attr: [PcsdPassword, value]}
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@ -4,10 +4,6 @@ description: >
  OpenStack controller node configured by Puppet.

 parameters:
-  AdminPassword:
-    description: The password for the keystone admin account, used for monitoring, querying neutron etc.
-    type: string
-    hidden: true
  AodhPassword:
    description: The password for the aodh services.
    type: string
@ -47,10 +43,6 @@ parameters:
    default: false
    description: Whether to enable fencing in Pacemaker or not.
    type: boolean
-  EnableGalera:
-    default: true
-    description: Whether to use Galera instead of regular MariaDB.
-    type: boolean
  EnableLoadBalancer:
    default: true
    description: Whether to deploy a LoadBalancer on the Controller
@ -149,31 +141,6 @@ parameters:
    default: false
    description: Whether IPtables rules should be purged before setting up the new ones.
    type: boolean
-  MysqlClusterUniquePart:
-    description: A unique identifier of the MySQL cluster the controller is in.
-    type: string
-    default: 'unset'  # Has to be here because of the ignored empty value bug
-    # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
-    # constraints:
-    # - length: {min: 4, max: 10}
-  MysqlInnodbBufferPoolSize:
-    description: >
-        Specifies the size of the buffer pool in megabytes. Setting to
-        zero should be interpreted as "no value" and will defer to the
-        lower level default.
-    type: number
-    default: 0
-  MysqlMaxConnections:
-    description: Configures MySQL max_connections config setting
-    type: number
-    default: 4096
-  MysqlClustercheckPassword:
-    type: string
-    hidden: true
-  MysqlRootPassword:
-    type: string
-    hidden: true
-    default: ''  # Has to be here because of the ignored empty value bug
  NeutronMetadataProxySharedSecret:
    description: Shared secret to prevent spoofing
    type: string
@ -251,9 +218,6 @@ parameters:
    type: string
    description: Nova Compute upgrade level
    default: ''
-  MysqlVirtualIP:
-    type: string
-    default: ''
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
@ -485,25 +449,14 @@ resources:
        haproxy_stats_user: {get_param: HAProxyStatsUser}
        heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
        horizon_secret: {get_param: HorizonSecret}
-        admin_password: {get_param: AdminPassword}
        debug: {get_param: Debug}
        keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
        keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
        keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
        enable_fencing: {get_param: EnableFencing}
-        enable_galera: {get_param: EnableGalera}
        enable_load_balancer: {get_param: EnableLoadBalancer}
        manage_firewall: {get_param: ManageFirewall}
        purge_firewall_rules: {get_param: PurgeFirewallRules}
-        mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
-        mysql_max_connections: {get_param: MysqlMaxConnections}
-        mysql_root_password: {get_param: MysqlRootPassword}
-        mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
-        mysql_cluster_name:
-          str_replace:
-            template: tripleo-CLUSTER
-            params:
-              CLUSTER: {get_param: MysqlClusterUniquePart}
        neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
        aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
        aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
@ -569,8 +522,6 @@ resources:
        redis_vip: {get_param: RedisVirtualIP}
        sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
        memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
-        mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
-        mysql_virtual_ip: {get_param: MysqlVirtualIP}
        ceph_cluster_network:
          get_attr:
            - NetIpMap
@ -680,17 +631,6 @@ resources:
                # MongoDB
                mongodb::server::bind_ip: {get_input: mongo_db_network}

-                # MySQL
-                admin_password: {get_input: admin_password}
-                enable_galera: {get_input: enable_galera}
-                mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
-                mysql_max_connections: {get_input: mysql_max_connections}
-                mysql::server::root_password: {get_input: mysql_root_password}
-                mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
-                mysql_cluster_name: {get_input: mysql_cluster_name}
-                mysql_bind_host: {get_input: mysql_network}
-                mysql_virtual_ip: {get_input: mysql_virtual_ip}
-
                # Neutron
                neutron::bind_host: {get_input: neutron_api_network}
                neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
--- a/puppet/services/database/mysql.yaml
+++ b/puppet/services/database/mysql.yaml
@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14

 description: >
  MySQL service deployment using puppet
@ -19,6 +19,21 @@ parameters:
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
+  MysqlMaxConnections:
+    description: Configures MySQL max_connections config setting
+    type: number
+    default: 4096
+  MysqlRootPassword:
+    type: string
+    hidden: true
+    default: ''
+  MysqlClustercheckPassword:
+    type: string
+    hidden: true
+  EnableGalera:
+    default: true
+    description: Whether to use Galera instead of regular MariaDB.
+    type: boolean

 outputs:
  role_data:
@ -42,5 +57,22 @@ outputs:
              - 4567
              - 4568
              - 9200
+        mysql_max_connections: {get_param: MysqlMaxConnections}
+        mysql::server::root_password:
+          yaql:
+            expression: $.data.passwords.where($ != '').first()
+            data:
+              passwords:
+                - {get_param: MysqlRootPassword}
+                - {get_param: [DefaultPasswords, mysql_root_password]}
+        mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
+        enable_galera: {get_param: EnableGalera}
+        # NOTE: bind IP is found in Heat replacing the network name with the
+        # local node IP for the given network; replacement examples
+        # (eg. for internal_api):
+        # internal_api -> IP
+        # internal_api_uri -> [IP]
+        # internal_api_subnet - > IP/CIDR
+        mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]}
      step_config: |
        include ::tripleo::profile::base::database::mysql
--- a/puppet/services/pacemaker/database/mysql.yaml
+++ b/puppet/services/pacemaker/database/mysql.yaml
@ -20,11 +20,21 @@ parameters:
                 via parameter_defaults in the resource registry.
    type: json

+resources:
+
+  MysqlBase:
+    type: ../../database/mysql.yaml
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
 outputs:
  role_data:
    description: Service MySQL with Pacemaker using composable services.
    value:
      service_name: mysql
      config_settings:
+        get_attr: [MysqlBase, role_data, config_settings]
      step_config: |
        include ::tripleo::profile::pacemaker::database::mysql