mirror of
https://github.com/rapid7/metasploitable3.git
synced 2024-07-02 01:35:50 +02:00
WIP: Adding Linux VM using chef solo provisioning
This commit is contained in:
parent
ef8fed0fd2
commit
c3bf91c693
158
Vagrantfile
vendored
158
Vagrantfile
vendored
|
@ -2,12 +2,13 @@
|
||||||
# vi: set ft=ruby :
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
Vagrant.configure("2") do |config|
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.define "win2k8" do |win2k8|
|
||||||
# Base configuration for the VM and provisioner
|
# Base configuration for the VM and provisioner
|
||||||
config.vm.box = "metasploitable3"
|
win2k8.vm.box = "metasploitable3"
|
||||||
config.vm.hostname = "metasploitable3"
|
win2k8.vm.hostname = "metasploitable3"
|
||||||
config.vm.communicator = "winrm"
|
win2k8.vm.communicator = "winrm"
|
||||||
|
|
||||||
config.vm.network "private_network", type: "dhcp"
|
win2k8.vm.network "private_network", type: "dhcp"
|
||||||
|
|
||||||
# Install Chocolatey
|
# Install Chocolatey
|
||||||
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
config.vm.provision :shell, path: "scripts/installs/chocolatey.cmd"
|
||||||
|
@ -22,110 +23,135 @@ Vagrant.configure("2") do |config|
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Adjust password policy
|
# Adjust password policy
|
||||||
config.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
win2k8.vm.provision :shell, path: "scripts/configs/apply_password_settings.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Add users and add to groups
|
# Add users and add to groups
|
||||||
config.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
win2k8.vm.provision :shell, path: "scripts/configs/create_users.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Unpatched IIS and FTP
|
# Vulnerability - Unpatched IIS and FTP
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_iis.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_ftp_site.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Setup for Apache Struts
|
# Vulnerability - Setup for Apache Struts
|
||||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/java.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/tomcat.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :reload # Hack to reset environment variables
|
win2k8.vm.provision :reload # Hack to reset environment variables
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_apache_struts.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Setup for Glassfish
|
# Vulnerability - Setup for Glassfish
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_glassfish.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/start_glassfish_service.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Jenkins (1.8)
|
# Vulnerability - Jenkins (1.8)
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_jenkins.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Wordpress and phpMyAdmin
|
# Vulnerability - Wordpress and phpMyAdmin
|
||||||
# This must run after the WAMP setup.
|
# This must run after the WAMP setup.
|
||||||
config.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
|
win2k8.vm.provision :shell, path: "scripts/chocolatey_installs/vcredist2008.bat" # Visual Studio 2008 redistributable is a requirement for WAMP
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_wamp.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/start_wamp.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_wordpress.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - JMX
|
# Vulnerability - JMX
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_openjdk6.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_jmx.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Rails Server
|
# Vulnerability - Rails Server
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_ruby.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_devkit.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_rails_server.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_rails_server.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_rails_service.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - WebDAV
|
# Vulnerability - WebDAV
|
||||||
# This must run after the WAMP setup.
|
# This must run after the WAMP setup.
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_webdav.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - MySQL
|
# Vulnerability - MySQL
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_mysql.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - ManageEngine Desktop Central
|
# Vulnerability - ManageEngine Desktop Central
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_manageengine.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Axis2
|
# Vulnerability - Axis2
|
||||||
# This must run after the Apache Struts setup.
|
# This must run after the Apache Struts setup.
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_axis2.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - Common backdoors
|
# Vulnerability - Common backdoors
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_backdoors.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - SNMP
|
# Vulnerability - SNMP
|
||||||
config.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/setup_snmp.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Configure Firewall to open up vulnerable services
|
# Configure Firewall to open up vulnerable services
|
||||||
case ENV['MS3_DIFFICULTY']
|
case ENV['MS3_DIFFICULTY']
|
||||||
when 'easy'
|
when 'easy'
|
||||||
config.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
|
win2k8.vm.provision :shell, path: "scripts/configs/disable_firewall.bat"
|
||||||
else
|
else
|
||||||
config.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
win2k8.vm.provision :shell, path: "scripts/configs/configure_firewall.bat"
|
||||||
end
|
end
|
||||||
|
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Vulnerability - ElasticSearch
|
# Vulnerability - ElasticSearch
|
||||||
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
|
# This must run after the firewall rules, because it needs to make some HTTP requests in order to
|
||||||
# set up the vulnerable state.
|
# set up the vulnerable state.
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_elasticsearch.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614
|
||||||
|
|
||||||
# Configure flags
|
# Configure flags
|
||||||
config.vm.provision :shell, path: "scripts/installs/install_flags.bat"
|
win2k8.vm.provision :shell, path: "scripts/installs/install_flags.bat"
|
||||||
config.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
|
win2k8.vm.provision :shell, inline: "rm C:\\tmp\\vagrant-shell.bat" # Hack for this bug: https://github.com/mitchellh/vagrant/issues/7614a
|
||||||
|
end
|
||||||
|
|
||||||
|
config.vm.define "trusty" do |trusty|
|
||||||
|
trusty.vm.box = "ubuntu/trusty64"
|
||||||
|
trusty.vm.hostname = "metasploitableUB"
|
||||||
|
|
||||||
|
trusty.vm.network "private_network", type: "dhcp"
|
||||||
|
|
||||||
|
trusty.vm.provider "virtualbox" do |v|
|
||||||
|
v.name = "MetasploitableUB"
|
||||||
|
v.memory = 1024
|
||||||
|
end
|
||||||
|
|
||||||
|
config.omnibus.chef_version = :latest
|
||||||
|
|
||||||
|
# Provision with Chef Solo
|
||||||
|
#
|
||||||
|
config.vm.provision :chef_solo do |chef|
|
||||||
|
chef.cookbooks_path = [ 'chef/cookbooks' ]
|
||||||
|
|
||||||
|
|
||||||
|
chef.add_recipe "metasploitable::mysql"
|
||||||
|
chef.add_recipe "metasploitable::users"
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: vagrant
|
||||||
|
synced_folders:
|
||||||
|
- [<%= File.join(ENV['PWD'], '..', '..')%>, '/tmp/repo-data']
|
||||||
|
|
||||||
|
provisioner:
|
||||||
|
name: chef_zero
|
||||||
|
encrypted_data_bag_secret_key_path: 'secrets/fakey-mcfakerton'
|
||||||
|
data_bags_path: './data_bags'
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: ubuntu-16.04
|
||||||
|
- name: centos-7.2
|
||||||
|
|
||||||
|
suites:
|
||||||
|
- name: default
|
||||||
|
run_list:
|
||||||
|
- recipe[delivery_build::default]
|
||||||
|
- recipe[test]
|
||||||
|
attributes:
|
|
@ -0,0 +1,9 @@
|
||||||
|
source 'https://supermarket.chef.io'
|
||||||
|
|
||||||
|
metadata
|
||||||
|
|
||||||
|
group :delivery do
|
||||||
|
cookbook 'delivery_build', git: 'https://github.com/chef-cookbooks/delivery_build'
|
||||||
|
cookbook 'delivery-base', git: 'https://github.com/chef-cookbooks/delivery-base'
|
||||||
|
cookbook 'test', path: './test/fixtures/cookbooks/test'
|
||||||
|
end
|
|
@ -0,0 +1,3 @@
|
||||||
|
Copyright 2017 The Authors
|
||||||
|
|
||||||
|
All rights reserved, do not redistribute.
|
146
chef/cookbooks/metasploitable/.delivery/build_cookbook/README.md
Normal file
146
chef/cookbooks/metasploitable/.delivery/build_cookbook/README.md
Normal file
|
@ -0,0 +1,146 @@
|
||||||
|
# build_cookbook
|
||||||
|
|
||||||
|
A build cookbook for running the parent project through Chef Delivery
|
||||||
|
|
||||||
|
This build cookbook should be customized to suit the needs of the parent project. Using this cookbook can be done outside of Chef Delivery, too. If the parent project is a Chef cookbook, we've detected that and "wrapped" [delivery-truck](https://github.com/chef-cookbooks/delivery-truck). That means it is a dependency, and each of its pipeline phase recipes is included in the appropriate phase recipes in this cookbook. If the parent project is not a cookbook, it's left as an exercise to the reader to customize the recipes as needed for each phase in the pipeline.
|
||||||
|
|
||||||
|
## .delivery/config.json
|
||||||
|
|
||||||
|
In the parent directory to this build_cookbook, the `config.json` can be modified as necessary. For example, phases can be skipped, publishing information can be added, and so on. Refer to customer support or the Chef Delivery documentation for assistance on what options are available for this configuration.
|
||||||
|
|
||||||
|
## Test Kitchen - Local Verify Testing
|
||||||
|
|
||||||
|
This cookbook also has a `.kitchen.yml` which can be used to create local build nodes with Test Kitchen to perform the verification phases, `unit`, `syntax`, and `lint`. When running `kitchen converge`, the instances will be set up like Chef Delivery "build nodes" with the [delivery_build cookbook](https://github.com/chef-cookbooks/delivery_build). The reason for this is to make sure that the same exact kind of nodes are used by this build cookbook are run on the local workstation as would run Delivery. It will run `delivery job verify PHASE` for the parent project.
|
||||||
|
|
||||||
|
Modify the `.kitchen.yml` if necessary to change the platforms or other configuration to run the verify phases. After making changes in the parent project, `cd` into this directory (`.delivery/build_cookbook`), and run:
|
||||||
|
|
||||||
|
```
|
||||||
|
kitchen test
|
||||||
|
```
|
||||||
|
|
||||||
|
## Recipes
|
||||||
|
|
||||||
|
Each of the recipes in this build_cookbook are run in the named phase during the Chef Delivery pipeline. The `unit`, `syntax`, and `lint` recipes are additionally run when using Test Kitchen for local testing as noted in the above section.
|
||||||
|
|
||||||
|
## Making Changes - Cookbook Example
|
||||||
|
|
||||||
|
When making changes in the parent project (that which lives in `../..` from this directory), or in the recipes in this build cookbook, there is a bespoke workflow for Chef Delivery. As an example, we'll discuss a Chef Cookbook as the parent.
|
||||||
|
|
||||||
|
First, create a new branch for the changes.
|
||||||
|
|
||||||
|
```
|
||||||
|
git checkout -b testing-build-cookbook
|
||||||
|
```
|
||||||
|
|
||||||
|
Next, increment the version in the metadata.rb. This should be in the _parent_, not in this, the build_cookbook. If this is not done, the verify phase will fail.
|
||||||
|
|
||||||
|
```
|
||||||
|
% git diff
|
||||||
|
<SNIP>
|
||||||
|
-version '0.1.0'
|
||||||
|
+version '0.1.1'
|
||||||
|
```
|
||||||
|
|
||||||
|
The change we'll use for an example is to install the `zsh` package. Write a failing ChefSpec in the cookbook project's `spec/unit/recipes/default_spec.rb`.
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'godzilla::default' do
|
||||||
|
context 'When all attributes are default, on an unspecified platform' do
|
||||||
|
let(:chef_run) do
|
||||||
|
runner = ChefSpec::ServerRunner.new
|
||||||
|
runner.converge(described_recipe)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'installs zsh' do
|
||||||
|
expect(chef_run).to install_package('zsh')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
Commit the local changes as work in progress. The `delivery job` expects to use a clean git repository.
|
||||||
|
|
||||||
|
```
|
||||||
|
git add ../..
|
||||||
|
git commit -m 'WIP: Testing changes'
|
||||||
|
```
|
||||||
|
|
||||||
|
From _this_ directory (`.delivery/build_cookbook`, relative to the parent cookbook project), run
|
||||||
|
|
||||||
|
```
|
||||||
|
cd .delivery/build_cookbook
|
||||||
|
kitchen converge
|
||||||
|
```
|
||||||
|
|
||||||
|
This will take some time at first, because the VMs need to be created, Chef installed, the Delivery CLI installed, etc. Later runs will be faster until they are destroyed. It will also fail on the first VM, as expected, because we wrote the test first. Now edit the parent cookbook project's default recipe to install `zsh`.
|
||||||
|
|
||||||
|
```
|
||||||
|
cd ../../
|
||||||
|
$EDITOR/recipes/default.rb
|
||||||
|
```
|
||||||
|
|
||||||
|
It should look like this:
|
||||||
|
|
||||||
|
```
|
||||||
|
package 'zsh'
|
||||||
|
```
|
||||||
|
|
||||||
|
Create another commit.
|
||||||
|
|
||||||
|
```
|
||||||
|
git add .
|
||||||
|
git commit -m 'WIP: Install zsh in default recipe'
|
||||||
|
```
|
||||||
|
|
||||||
|
Now rerun kitchen from the build_cookbook.
|
||||||
|
|
||||||
|
```
|
||||||
|
cd .delivery/build_cookbook
|
||||||
|
kitchen converge
|
||||||
|
```
|
||||||
|
|
||||||
|
This will take awhile because it will now pass on the first VM, and then create the second VM. We should have warned you this was a good time for a coffee break.
|
||||||
|
|
||||||
|
```
|
||||||
|
Recipe: test::default
|
||||||
|
|
||||||
|
- execute HOME=/home/vagrant delivery job verify unit --server localhost --ent test --org kitchen
|
||||||
|
* execute[HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen] action run
|
||||||
|
- execute HOME=/home/vagrant delivery job verify lint --server localhost --ent test --org kitchen
|
||||||
|
|
||||||
|
- execute HOME=/home/vagrant delivery job verify syntax --server localhost --ent test --org kitchen
|
||||||
|
|
||||||
|
Running handlers:
|
||||||
|
Running handlers complete
|
||||||
|
Chef Client finished, 3/32 resources updated in 54.665445968 seconds
|
||||||
|
Finished converging <default-centos-71> (1m26.83s).
|
||||||
|
```
|
||||||
|
|
||||||
|
Victory is ours! Our verify phase passed on the build nodes.
|
||||||
|
|
||||||
|
We are ready to run this through our Delivery pipeline. Simply run `delivery review` on the local system from the parent project, and it will open a browser window up to the change we just added.
|
||||||
|
|
||||||
|
```
|
||||||
|
cd ../..
|
||||||
|
delivery review
|
||||||
|
```
|
||||||
|
|
||||||
|
## FAQ
|
||||||
|
|
||||||
|
### Why don't I just run rspec and foodcritic/rubocop on my local system?
|
||||||
|
|
||||||
|
An objection to the Test Kitchen approach is that it is much faster to run the unit, lint, and syntax commands for the project on the local system. That is totally true, and also totally valid. Do that for the really fast feedback loop. However, the dance we do with Test Kitchen brings a much higher degree of confidence in the changes we're making, that everything will run on the build nodes in Chef Delivery. We strongly encourage this approach before actually pushing the changes to Delivery.
|
||||||
|
|
||||||
|
### Why do I have to make a commit every time?
|
||||||
|
|
||||||
|
When running `delivery job`, it expects to merge the commit for the changeset against the clean master branch. If we don't save our progress by making a commit, our local changes aren't run through `delivery job` in the Test Kitchen build instances. We can always perform an interactive rebase, and modify the original changeset message in Delivery with `delivery review --edit`. The latter won't modify the git commits, only the changeset in Delivery.
|
||||||
|
|
||||||
|
### What do I do next?
|
||||||
|
|
||||||
|
Make changes in the cookbook project as required for organizational goals and needs. Modify the `build_cookbook` as necessary for the pipeline phases that the cookbook should go through.
|
||||||
|
|
||||||
|
### What if I get stuck?
|
||||||
|
|
||||||
|
Contact Chef Support, or your Chef Customer Success team and they will help you get unstuck.
|
|
@ -0,0 +1,107 @@
|
||||||
|
# Put files/directories that should be ignored in this file when uploading
|
||||||
|
# to a chef-server or supermarket.
|
||||||
|
# Lines that start with '# ' are comments.
|
||||||
|
|
||||||
|
# OS generated files #
|
||||||
|
######################
|
||||||
|
.DS_Store
|
||||||
|
Icon?
|
||||||
|
nohup.out
|
||||||
|
ehthumbs.db
|
||||||
|
Thumbs.db
|
||||||
|
|
||||||
|
# SASS #
|
||||||
|
########
|
||||||
|
.sass-cache
|
||||||
|
|
||||||
|
# EDITORS #
|
||||||
|
###########
|
||||||
|
\#*
|
||||||
|
.#*
|
||||||
|
*~
|
||||||
|
*.sw[a-z]
|
||||||
|
*.bak
|
||||||
|
REVISION
|
||||||
|
TAGS*
|
||||||
|
tmtags
|
||||||
|
*_flymake.*
|
||||||
|
*_flymake
|
||||||
|
*.tmproj
|
||||||
|
.project
|
||||||
|
.settings
|
||||||
|
mkmf.log
|
||||||
|
|
||||||
|
## COMPILED ##
|
||||||
|
##############
|
||||||
|
a.out
|
||||||
|
*.o
|
||||||
|
*.pyc
|
||||||
|
*.so
|
||||||
|
*.com
|
||||||
|
*.class
|
||||||
|
*.dll
|
||||||
|
*.exe
|
||||||
|
*/rdoc/
|
||||||
|
|
||||||
|
# Testing #
|
||||||
|
###########
|
||||||
|
.watchr
|
||||||
|
.rspec
|
||||||
|
spec/*
|
||||||
|
spec/fixtures/*
|
||||||
|
test/*
|
||||||
|
features/*
|
||||||
|
examples/*
|
||||||
|
Guardfile
|
||||||
|
Procfile
|
||||||
|
.kitchen*
|
||||||
|
.rubocop.yml
|
||||||
|
spec/*
|
||||||
|
Rakefile
|
||||||
|
.travis.yml
|
||||||
|
.foodcritic
|
||||||
|
.codeclimate.yml
|
||||||
|
|
||||||
|
# SCM #
|
||||||
|
#######
|
||||||
|
.git
|
||||||
|
*/.git
|
||||||
|
.gitignore
|
||||||
|
.gitmodules
|
||||||
|
.gitconfig
|
||||||
|
.gitattributes
|
||||||
|
.svn
|
||||||
|
*/.bzr/*
|
||||||
|
*/.hg/*
|
||||||
|
*/.svn/*
|
||||||
|
|
||||||
|
# Berkshelf #
|
||||||
|
#############
|
||||||
|
Berksfile
|
||||||
|
Berksfile.lock
|
||||||
|
cookbooks/*
|
||||||
|
tmp
|
||||||
|
|
||||||
|
# Policyfile #
|
||||||
|
##############
|
||||||
|
Policyfile.rb
|
||||||
|
Policyfile.lock.json
|
||||||
|
|
||||||
|
# Cookbooks #
|
||||||
|
#############
|
||||||
|
CONTRIBUTING*
|
||||||
|
CHANGELOG*
|
||||||
|
TESTING*
|
||||||
|
MAINTAINERS.toml
|
||||||
|
|
||||||
|
# Strainer #
|
||||||
|
############
|
||||||
|
Colanderfile
|
||||||
|
Strainerfile
|
||||||
|
.colander
|
||||||
|
.strainer
|
||||||
|
|
||||||
|
# Vagrant #
|
||||||
|
###########
|
||||||
|
.vagrant
|
||||||
|
Vagrantfile
|
|
@ -0,0 +1 @@
|
||||||
|
{"id": "delivery_builder_keys"}
|
|
@ -0,0 +1,7 @@
|
||||||
|
name 'build_cookbook'
|
||||||
|
maintainer 'The Authors'
|
||||||
|
maintainer_email 'you@example.com'
|
||||||
|
license 'all_rights'
|
||||||
|
version '0.1.0'
|
||||||
|
|
||||||
|
depends 'delivery-truck'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: default
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::default'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: deploy
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::deploy'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: functional
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::functional'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: lint
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::lint'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: provision
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::provision'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: publish
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::publish'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: quality
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::quality'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: security
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::security'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: smoke
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::smoke'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: syntax
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::syntax'
|
|
@ -0,0 +1,6 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: build_cookbook
|
||||||
|
# Recipe:: unit
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
include_recipe 'delivery-truck::unit'
|
|
@ -0,0 +1,2 @@
|
||||||
|
name 'test'
|
||||||
|
version '0.1.0'
|
|
@ -0,0 +1,7 @@
|
||||||
|
%w(unit lint syntax).each do |phase|
|
||||||
|
# TODO: This works on Linux/Unix. Not Windows.
|
||||||
|
execute "HOME=/home/vagrant delivery job verify #{phase} --server localhost --ent test --org kitchen" do
|
||||||
|
cwd '/tmp/repo-data'
|
||||||
|
user 'vagrant'
|
||||||
|
end
|
||||||
|
end
|
12
chef/cookbooks/metasploitable/.delivery/config.json
Normal file
12
chef/cookbooks/metasploitable/.delivery/config.json
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{
|
||||||
|
"version": "2",
|
||||||
|
"build_cookbook": {
|
||||||
|
"name": "build_cookbook",
|
||||||
|
"path": ".delivery/build_cookbook"
|
||||||
|
},
|
||||||
|
"skip_phases": [],
|
||||||
|
"job_dispatch": {
|
||||||
|
"version": "v2"
|
||||||
|
},
|
||||||
|
"dependencies": []
|
||||||
|
}
|
36
chef/cookbooks/metasploitable/.delivery/project.toml
Normal file
36
chef/cookbooks/metasploitable/.delivery/project.toml
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
# Delivery Prototype for Local Phases Execution
|
||||||
|
#
|
||||||
|
# The purpose of this file is to prototype a new way to execute
|
||||||
|
# phases locally on your workstation. The delivery-cli will read
|
||||||
|
# this file and execute the command(s) that are configured for
|
||||||
|
# each phase. You can customize them by just modifying the phase
|
||||||
|
# key on this file.
|
||||||
|
#
|
||||||
|
# By default these phases are configured for Cookbook Workflow only
|
||||||
|
#
|
||||||
|
# As this is still a prototype we are not modifying the current
|
||||||
|
# config.json file and it will continue working as usual.
|
||||||
|
|
||||||
|
[local_phases]
|
||||||
|
unit = "chef exec rspec spec/"
|
||||||
|
lint = "chef exec cookstyle"
|
||||||
|
# Foodcritic includes rules only appropriate for community cookbooks
|
||||||
|
# uploaded to Supermarket. We turn off any rules tagged "supermarket"
|
||||||
|
# by default. If you plan to share this cookbook you should remove
|
||||||
|
# '-t ~supermarket' below to enable supermarket rules.
|
||||||
|
syntax = "chef exec foodcritic . --exclude spec -f any -t ~supermarket"
|
||||||
|
provision = "chef exec kitchen create"
|
||||||
|
deploy = "chef exec kitchen converge"
|
||||||
|
smoke = "chef exec kitchen verify"
|
||||||
|
# The functional phase is optional, you can define it by uncommenting
|
||||||
|
# the line below and running the command: `delivery local functional`
|
||||||
|
# functional = ""
|
||||||
|
cleanup = "chef exec kitchen destroy"
|
||||||
|
|
||||||
|
# Remote project.toml file
|
||||||
|
#
|
||||||
|
# Specify a remote URI location for the `project.toml` file.
|
||||||
|
# This is useful for teams that wish to centrally manage the behavior
|
||||||
|
# of the `delivery local` command across many different projects.
|
||||||
|
#
|
||||||
|
# remote_file = "https://url/project.toml"
|
21
chef/cookbooks/metasploitable/.gitignore
vendored
Normal file
21
chef/cookbooks/metasploitable/.gitignore
vendored
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
.vagrant
|
||||||
|
*~
|
||||||
|
*#
|
||||||
|
.#*
|
||||||
|
\#*#
|
||||||
|
.*.sw[a-z]
|
||||||
|
*.un~
|
||||||
|
|
||||||
|
# Bundler
|
||||||
|
Gemfile.lock
|
||||||
|
bin/*
|
||||||
|
.bundle/*
|
||||||
|
|
||||||
|
# test kitchen
|
||||||
|
.kitchen/
|
||||||
|
.kitchen.local.yml
|
||||||
|
|
||||||
|
# Chef
|
||||||
|
Berksfile.lock
|
||||||
|
.zero-knife.rb
|
||||||
|
Policyfile.lock.json
|
26
chef/cookbooks/metasploitable/.kitchen.yml
Normal file
26
chef/cookbooks/metasploitable/.kitchen.yml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
driver:
|
||||||
|
name: vagrant
|
||||||
|
|
||||||
|
provisioner:
|
||||||
|
name: chef_zero
|
||||||
|
# You may wish to disable always updating cookbooks in CI or other testing environments.
|
||||||
|
# For example:
|
||||||
|
# always_update_cookbooks: <%= !ENV['CI'] %>
|
||||||
|
always_update_cookbooks: true
|
||||||
|
|
||||||
|
verifier:
|
||||||
|
name: inspec
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: ubuntu-16.04
|
||||||
|
- name: centos-7.2
|
||||||
|
|
||||||
|
suites:
|
||||||
|
- name: default
|
||||||
|
run_list:
|
||||||
|
- recipe[metasploitable::default]
|
||||||
|
verifier:
|
||||||
|
inspec_tests:
|
||||||
|
- test/smoke/default
|
||||||
|
attributes:
|
3
chef/cookbooks/metasploitable/Berksfile
Normal file
3
chef/cookbooks/metasploitable/Berksfile
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
source 'https://supermarket.chef.io'
|
||||||
|
|
||||||
|
metadata
|
4
chef/cookbooks/metasploitable/README.md
Normal file
4
chef/cookbooks/metasploitable/README.md
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# metasploitable
|
||||||
|
|
||||||
|
TODO: Enter the cookbook description here.
|
||||||
|
|
107
chef/cookbooks/metasploitable/chefignore
Normal file
107
chef/cookbooks/metasploitable/chefignore
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
# Put files/directories that should be ignored in this file when uploading
|
||||||
|
# to a chef-server or supermarket.
|
||||||
|
# Lines that start with '# ' are comments.
|
||||||
|
|
||||||
|
# OS generated files #
|
||||||
|
######################
|
||||||
|
.DS_Store
|
||||||
|
Icon?
|
||||||
|
nohup.out
|
||||||
|
ehthumbs.db
|
||||||
|
Thumbs.db
|
||||||
|
|
||||||
|
# SASS #
|
||||||
|
########
|
||||||
|
.sass-cache
|
||||||
|
|
||||||
|
# EDITORS #
|
||||||
|
###########
|
||||||
|
\#*
|
||||||
|
.#*
|
||||||
|
*~
|
||||||
|
*.sw[a-z]
|
||||||
|
*.bak
|
||||||
|
REVISION
|
||||||
|
TAGS*
|
||||||
|
tmtags
|
||||||
|
*_flymake.*
|
||||||
|
*_flymake
|
||||||
|
*.tmproj
|
||||||
|
.project
|
||||||
|
.settings
|
||||||
|
mkmf.log
|
||||||
|
|
||||||
|
## COMPILED ##
|
||||||
|
##############
|
||||||
|
a.out
|
||||||
|
*.o
|
||||||
|
*.pyc
|
||||||
|
*.so
|
||||||
|
*.com
|
||||||
|
*.class
|
||||||
|
*.dll
|
||||||
|
*.exe
|
||||||
|
*/rdoc/
|
||||||
|
|
||||||
|
# Testing #
|
||||||
|
###########
|
||||||
|
.watchr
|
||||||
|
.rspec
|
||||||
|
spec/*
|
||||||
|
spec/fixtures/*
|
||||||
|
test/*
|
||||||
|
features/*
|
||||||
|
examples/*
|
||||||
|
Guardfile
|
||||||
|
Procfile
|
||||||
|
.kitchen*
|
||||||
|
.rubocop.yml
|
||||||
|
spec/*
|
||||||
|
Rakefile
|
||||||
|
.travis.yml
|
||||||
|
.foodcritic
|
||||||
|
.codeclimate.yml
|
||||||
|
|
||||||
|
# SCM #
|
||||||
|
#######
|
||||||
|
.git
|
||||||
|
*/.git
|
||||||
|
.gitignore
|
||||||
|
.gitmodules
|
||||||
|
.gitconfig
|
||||||
|
.gitattributes
|
||||||
|
.svn
|
||||||
|
*/.bzr/*
|
||||||
|
*/.hg/*
|
||||||
|
*/.svn/*
|
||||||
|
|
||||||
|
# Berkshelf #
|
||||||
|
#############
|
||||||
|
Berksfile
|
||||||
|
Berksfile.lock
|
||||||
|
cookbooks/*
|
||||||
|
tmp
|
||||||
|
|
||||||
|
# Policyfile #
|
||||||
|
##############
|
||||||
|
Policyfile.rb
|
||||||
|
Policyfile.lock.json
|
||||||
|
|
||||||
|
# Cookbooks #
|
||||||
|
#############
|
||||||
|
CONTRIBUTING*
|
||||||
|
CHANGELOG*
|
||||||
|
TESTING*
|
||||||
|
MAINTAINERS.toml
|
||||||
|
|
||||||
|
# Strainer #
|
||||||
|
############
|
||||||
|
Colanderfile
|
||||||
|
Strainerfile
|
||||||
|
.colander
|
||||||
|
.strainer
|
||||||
|
|
||||||
|
# Vagrant #
|
||||||
|
###########
|
||||||
|
.vagrant
|
||||||
|
Vagrantfile
|
21
chef/cookbooks/metasploitable/metadata.rb
Normal file
21
chef/cookbooks/metasploitable/metadata.rb
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
name 'metasploitable'
|
||||||
|
maintainer 'Rapid7'
|
||||||
|
maintainer_email ''
|
||||||
|
license 'BSD-3-clause'
|
||||||
|
description 'Installs/Configures metasploitable3'
|
||||||
|
long_description 'Installs/Configures metasploitable3'
|
||||||
|
version '0.1.0'
|
||||||
|
|
||||||
|
# The `issues_url` points to the location where issues for this cookbook are
|
||||||
|
# tracked. A `View Issues` link will be displayed on this cookbook's page when
|
||||||
|
# uploaded to a Supermarket.
|
||||||
|
#
|
||||||
|
# issues_url 'https://github.com/<insert_org_here>/metasploitable3/issues' if respond_to?(:issues_url)
|
||||||
|
|
||||||
|
# The `source_url` points to the development reposiory for this cookbook. A
|
||||||
|
# `View Source` link will be displayed on this cookbook's page when uploaded to
|
||||||
|
# a Supermarket.
|
||||||
|
#
|
||||||
|
# source_url 'https://github.com/<insert_org_here>/metasploitable3' if respond_to?(:source_url)
|
||||||
|
|
||||||
|
depends 'mysql'
|
5
chef/cookbooks/metasploitable/recipes/default.rb
Normal file
5
chef/cookbooks/metasploitable/recipes/default.rb
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: metasploitable
|
||||||
|
# Recipe:: default
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
16
chef/cookbooks/metasploitable/recipes/mysql.rb
Normal file
16
chef/cookbooks/metasploitable/recipes/mysql.rb
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: metasploitable
|
||||||
|
# Recipe:: mysql
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
|
||||||
|
mysql_client 'default' do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_service 'default' do
|
||||||
|
initial_root_password 'sploitme'
|
||||||
|
bind_address '0.0.0.0'
|
||||||
|
port '3306'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
35
chef/cookbooks/metasploitable/recipes/users.rb
Normal file
35
chef/cookbooks/metasploitable/recipes/users.rb
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: metasploitable
|
||||||
|
# Recipe:: users
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, Rapid7, All Rights Reserved.
|
||||||
|
|
||||||
|
users = {'leah_organa' => { password: '$1$2ny4/xaH$tAFV5fbEqHx2OkOPIQhpx0' },
|
||||||
|
'luke_skywalker' => { password: '$1$n8tgrGRs$8xaS40CFS1J5iIAEmbnx50' },
|
||||||
|
'han_solo' => { password: '$1$L/2/AWAh$ZMUulbFhP2IesZ6xwBmaV0' },
|
||||||
|
'artoo_detoo' => { password: '$1$DlEuqBUm$u71bKO9I603kDCqEphmon1' },
|
||||||
|
'c_three_pio' => { password: '$1$4JMoAFqs$b5MwsiCfOASdUKktx6wQ7/' },
|
||||||
|
'ben_kenobi' => { password: '$1$vmHrrI9b$OyLulJjgi18GxgREG5V5c1' },
|
||||||
|
'darth_vader' => { password: '$1$c7AfQJ86$zvcdz7pPate7GdCQ.yfTf0' },
|
||||||
|
'anakin_skywalker' => { password: '$1$AvIldIHu$o1s2OCU4n/qSCGQMKMgkH/' },
|
||||||
|
'jarjar_binks' => { password: '$1$SNokFi0c$F.SvjZQjYRSuoBuobRWMh1' },
|
||||||
|
'lando_calrissian' => { password: '$1$8aWC7zHq$bz6K2rZVD7XlMNqBIIMGX.' },
|
||||||
|
'boba_fett' => { password: '$1$TjxlmV4j$k/rG1vb4.pj.z0yFWJ.ZD0' },
|
||||||
|
'jabba_hutt' => { password: '$1$1q5jRHYC$LIp/8O/g9qg3NaeGOxGSl/' },
|
||||||
|
'greedo' => { password: '$1$1lmZ0rOJ$GITT5.sX0tvOQeC2/wWQF1' },
|
||||||
|
'chewbacca' => { password: '$1$AjU5ZLh9$WjO.j9fYh3yms3HSDBKya1' },
|
||||||
|
'kylo_ren' => { password: '$1$Zcw3AKDA$1Mjgzmr/HpmFXuxUjj2Vv1' }
|
||||||
|
}
|
||||||
|
uid = 1111
|
||||||
|
|
||||||
|
users.each do |username, opts|
|
||||||
|
user username do
|
||||||
|
supports :manage_home => true
|
||||||
|
password opts[:password]
|
||||||
|
uid uid
|
||||||
|
gid '100'
|
||||||
|
home "/home/#{username}"
|
||||||
|
shell '/bin/bash'
|
||||||
|
end
|
||||||
|
uid += 1
|
||||||
|
end
|
2
chef/cookbooks/metasploitable/spec/spec_helper.rb
Normal file
2
chef/cookbooks/metasploitable/spec/spec_helper.rb
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
require 'chefspec'
|
||||||
|
require 'chefspec/berkshelf'
|
|
@ -0,0 +1,20 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: metasploitable
|
||||||
|
# Spec:: default
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'metasploitable::default' do
|
||||||
|
context 'When all attributes are default, on an unspecified platform' do
|
||||||
|
let(:chef_run) do
|
||||||
|
runner = ChefSpec::ServerRunner.new
|
||||||
|
runner.converge(described_recipe)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'converges successfully' do
|
||||||
|
expect { chef_run }.to_not raise_error
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,20 @@
|
||||||
|
#
|
||||||
|
# Cookbook:: metasploitable
|
||||||
|
# Spec:: default
|
||||||
|
#
|
||||||
|
# Copyright:: 2017, The Authors, All Rights Reserved.
|
||||||
|
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'metasploitable::mysql' do
|
||||||
|
context 'When all attributes are default, on an unspecified platform' do
|
||||||
|
let(:chef_run) do
|
||||||
|
runner = ChefSpec::ServerRunner.new
|
||||||
|
runner.converge(described_recipe)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'converges successfully' do
|
||||||
|
expect { chef_run }.to_not raise_error
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,18 @@
|
||||||
|
# # encoding: utf-8
|
||||||
|
|
||||||
|
# Inspec test for recipe metasploitable::default
|
||||||
|
|
||||||
|
# The Inspec reference, with examples and extensive documentation, can be
|
||||||
|
# found at http://inspec.io/docs/reference/resources/
|
||||||
|
|
||||||
|
unless os.windows?
|
||||||
|
describe user('root') do
|
||||||
|
it { should exist }
|
||||||
|
skip 'This is an example test, replace with your own test.'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe port(80) do
|
||||||
|
it { should_not be_listening }
|
||||||
|
skip 'This is an example test, replace with your own test.'
|
||||||
|
end
|
18
chef/cookbooks/metasploitable/test/smoke/default/mysql.rb
Normal file
18
chef/cookbooks/metasploitable/test/smoke/default/mysql.rb
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# # encoding: utf-8
|
||||||
|
|
||||||
|
# Inspec test for recipe metasploitable::mysql
|
||||||
|
|
||||||
|
# The Inspec reference, with examples and extensive documentation, can be
|
||||||
|
# found at http://inspec.io/docs/reference/resources/
|
||||||
|
|
||||||
|
unless os.windows?
|
||||||
|
describe user('root') do
|
||||||
|
it { should exist }
|
||||||
|
skip 'This is an example test, replace with your own test.'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe port(80) do
|
||||||
|
it { should_not be_listening }
|
||||||
|
skip 'This is an example test, replace with your own test.'
|
||||||
|
end
|
1
chef/cookbooks/mysql/.foodcritic
Normal file
1
chef/cookbooks/mysql/.foodcritic
Normal file
|
@ -0,0 +1 @@
|
||||||
|
~FC005
|
665
chef/cookbooks/mysql/CHANGELOG.md
Normal file
665
chef/cookbooks/mysql/CHANGELOG.md
Normal file
|
@ -0,0 +1,665 @@
|
||||||
|
# mysql Cookbook CHANGELOG
|
||||||
|
|
||||||
|
This file is used to list changes made in each version of the mysql cookbook.
|
||||||
|
|
||||||
|
## 8.2.0 (2016-12-03)
|
||||||
|
|
||||||
|
- Include client development packages on RHEL/SUSE platforms
|
||||||
|
|
||||||
|
## 8.1.1 (2016-10-31)
|
||||||
|
- Fixing CVE-2016-6662 - Reverting execure bit on mysql config
|
||||||
|
|
||||||
|
## 8.1.0 (2016-10-29)
|
||||||
|
|
||||||
|
- Drop hardcoded, specific package version logic that broke many users
|
||||||
|
|
||||||
|
## 8.0.4 (2016-09-26)
|
||||||
|
- Bump debian version
|
||||||
|
- Updated packages for 12.04 and 14.04 too
|
||||||
|
- Add chef_version metadata
|
||||||
|
- Update platforms in the kitchen file
|
||||||
|
- Add selinux to the Berksfile for testing
|
||||||
|
- Make sure yum repos are setup in local Test Kitchen
|
||||||
|
|
||||||
|
## 8.0.3 (2016-09-14)
|
||||||
|
- [GH-390] Fix #390 incorrect escaping of initial_root_password
|
||||||
|
- Updated package versions for Ubuntu 16.04
|
||||||
|
- Testing updates
|
||||||
|
|
||||||
|
# v8.0.2 (2016-08-25)
|
||||||
|
- Various bug fixed and updates to package version strings
|
||||||
|
|
||||||
|
# v8.0.1 (2016-07-20)
|
||||||
|
- Fixed a regression in the mysql_client resource where the action was changed from create to install in the 8.0 release
|
||||||
|
- Added oracle, opensuse, and opensuseleap as supported platforms in the metadata
|
||||||
|
|
||||||
|
# v8.0.0 (2016-07-11)
|
||||||
|
|
||||||
|
- Converting from LWRP to custom resources
|
||||||
|
- Removing yum-mysql and other dependencies.
|
||||||
|
- ^ BREAKING CHANGE: RHELish users are now responsible
|
||||||
|
for including a recipe from the "yum-mysql" or equivalent
|
||||||
|
cookbook before utilizing the mysql_* resources.
|
||||||
|
- More thoughtful ChefSpec
|
||||||
|
- Renaming "replication" test suite to "smoke"
|
||||||
|
- Moving to Inspec
|
||||||
|
|
||||||
|
## v7.2.0 (2016-06-30)
|
||||||
|
|
||||||
|
- Support openeSUSE leap
|
||||||
|
- Support Fedora 24
|
||||||
|
|
||||||
|
## v7.1.2 (2016-06-30)
|
||||||
|
|
||||||
|
- Avoid deprecation warnings on the upcoming Chef 12.12 release
|
||||||
|
|
||||||
|
## v7.1.1 (2016-06-03)
|
||||||
|
|
||||||
|
- Fix apparmor blocking writes to non-default tmp_dirs
|
||||||
|
- Updated apparmor config to allow read & write to sock.lock file
|
||||||
|
- Use cookstyle instead of Rubocop directly
|
||||||
|
|
||||||
|
## v7.1.0 (2016-05-11)
|
||||||
|
|
||||||
|
- Added support for Ubuntu 16.04
|
||||||
|
|
||||||
|
## v7.0.0 (2016-04-19)
|
||||||
|
|
||||||
|
- Removed support for legacy distros: Ubuntu 10.04/13.04/14.10/15.04, Fedora 20/21, OmniOS r151006, opensuse 11.3/12.0
|
||||||
|
- Added support for Fedora 23, suse 13.X, and Ubuntu 16.04
|
||||||
|
- Updated the systemd support to create unit files in /etc/systemd and not /usr/lib/systemd
|
||||||
|
- Adding umask to bash resource that sets root password PR #386 @gziskind
|
||||||
|
- Cleaned up the Test Kitchen config to test the right platform version + mysql pairings
|
||||||
|
- Added Travis CI Test Kitchen testing on Fedora 22/23 and removed Fedora 21
|
||||||
|
- Updated the platforms used in the specs
|
||||||
|
|
||||||
|
## v6.1.3 (2016-03-14)
|
||||||
|
|
||||||
|
- Added support for Ubuntu 15.10
|
||||||
|
- Added support for Amazon Linux 2016-03
|
||||||
|
- Updated Kitchen testing configs
|
||||||
|
|
||||||
|
## v6.1.2 (2015-10-05)
|
||||||
|
|
||||||
|
- Added support for Amazon Linux 2015.09
|
||||||
|
|
||||||
|
## v6.1.1 (2015-09-24)
|
||||||
|
|
||||||
|
- Completing ChefSpec matchers
|
||||||
|
|
||||||
|
## v6.1.0 (2015-07-17)
|
||||||
|
|
||||||
|
- Adding tunables for tmp_dir, error_log, and pid_file
|
||||||
|
- Adding mysqld_options hash interface for main my.cnf template
|
||||||
|
|
||||||
|
## v6.0.31 (2015-07-13)
|
||||||
|
|
||||||
|
- Reverting create_stop_system_service checks
|
||||||
|
|
||||||
|
## v6.0.30 (2015-07-13)
|
||||||
|
|
||||||
|
- Ubuntu 15.04 support
|
||||||
|
- Check for scripts and unit files during create_stop_system_service
|
||||||
|
|
||||||
|
## v6.0.29 (2015-07-12)
|
||||||
|
|
||||||
|
- Patch to allow blank root password
|
||||||
|
- Adding package information for Suse 12.0
|
||||||
|
|
||||||
|
## v6.0.28 (2015-07-10)
|
||||||
|
|
||||||
|
- Fixes for 12.4.x
|
||||||
|
|
||||||
|
## v6.0.27 (2015-07-09)
|
||||||
|
|
||||||
|
- Allowing integer value for port number
|
||||||
|
|
||||||
|
## v6.0.26 (2015-07-07)
|
||||||
|
|
||||||
|
- Reverting breaking changes introduced in 6.0.25
|
||||||
|
|
||||||
|
## v6.0.25 (2015-07-06)
|
||||||
|
|
||||||
|
- Fixes for 12.4.1
|
||||||
|
|
||||||
|
## v6.0.24 (2015-06-27)
|
||||||
|
|
||||||
|
- 341 - Changing default GRANT for root from '%' to 'localhost' and '127.0.0.1'
|
||||||
|
|
||||||
|
## v6.0.23 (2015-06-21)
|
||||||
|
|
||||||
|
- 354 Better handling of long MySQL startup times
|
||||||
|
|
||||||
|
## v6.0.22 (2015-05-07)
|
||||||
|
|
||||||
|
- Debian 8 (Jessie) support
|
||||||
|
|
||||||
|
## v6.0.21 (2015-04-08)
|
||||||
|
|
||||||
|
- Fix to Upstart prestart script when using custom socket
|
||||||
|
- Adding --explicit_defaults_for_timestamp mysql_install_db_cmd for
|
||||||
|
- 5.6 and above
|
||||||
|
|
||||||
|
## v6.0.20 (2015-03-27)
|
||||||
|
|
||||||
|
- 318 - Fixing Upstart pre-start script to handle custom socket paths
|
||||||
|
|
||||||
|
## v6.0.19 (2015-03-25)
|
||||||
|
|
||||||
|
- Adding support for Amazon Linux 2015.03
|
||||||
|
|
||||||
|
## v6.0.18 (2015-03-24)
|
||||||
|
|
||||||
|
- Adding support for 5.6 and 5.7 packages from dotdeb repos on Debian 7
|
||||||
|
|
||||||
|
## v6.0.17 (2015-03-13)
|
||||||
|
|
||||||
|
- Updated for MySQL 5.7.6.
|
||||||
|
- Handing removal of mysql_install_db and mysqld_safe
|
||||||
|
|
||||||
|
## v6.0.16 (2015-03-10)
|
||||||
|
|
||||||
|
- Moved --defaults-file as first option to mysql_install_db_script
|
||||||
|
|
||||||
|
## v6.0.15 (2015-02-26)
|
||||||
|
|
||||||
|
- Updating docker detection fix to pass specs
|
||||||
|
|
||||||
|
## v6.0.14 (2015-02-26)
|
||||||
|
|
||||||
|
- Fixed debian system service :disable action. Now survives reboot
|
||||||
|
- Fixing centos-7 instance :enable action. Now survives
|
||||||
|
- Not applying Apparmor policy if running in a Docker container
|
||||||
|
|
||||||
|
## v6.0.13 (2015-02-15)
|
||||||
|
|
||||||
|
- Adding support for special characters in initial_root_password
|
||||||
|
- Fixing failure status bug in sysvinit script
|
||||||
|
|
||||||
|
## v6.0.12 (2015-02-30)
|
||||||
|
|
||||||
|
- No changes. Released a 6.0.11 that was identical to 6.0.10.
|
||||||
|
- Git before coffee.
|
||||||
|
|
||||||
|
## v6.0.11 (2015-02-30)
|
||||||
|
|
||||||
|
- Adding support for configurable socket files
|
||||||
|
|
||||||
|
## v6.0.10 (2015-01-19)
|
||||||
|
|
||||||
|
- Fix #282 - Fixing up data_dir template variable
|
||||||
|
|
||||||
|
## v6.0.9 (2015-01-19)
|
||||||
|
|
||||||
|
- Fix #282 - undefined method `parsed_data_dir' bug
|
||||||
|
|
||||||
|
## v6.0.8 (2015-01-19)
|
||||||
|
|
||||||
|
- Refactoring helper methods out of resource classes
|
||||||
|
|
||||||
|
## v6.0.7 (2015-01-14)
|
||||||
|
|
||||||
|
- Fixing timing issue with Upstart provider :restart and :reload
|
||||||
|
- actions where service returns before being available
|
||||||
|
|
||||||
|
## v6.0.6 (2014-12-26)
|
||||||
|
|
||||||
|
- Fixing subtle bug where MysqlCookbook::Helper methods were polluting Chef::Resource
|
||||||
|
|
||||||
|
## v6.0.5 (2014-12-25)
|
||||||
|
|
||||||
|
- Using 'include_recipe' instead of 'recipe_eval' in LWRP
|
||||||
|
- Fixing type checking on package_name attribute in mysql_client resource.
|
||||||
|
|
||||||
|
## v6.0.4 (2014-12-21)
|
||||||
|
|
||||||
|
- Suggest available versions if current is not available for current platform.
|
||||||
|
|
||||||
|
## v6.0.3 (2014-12-17)
|
||||||
|
|
||||||
|
- Adding bind_address parameter to mysql_service resource
|
||||||
|
|
||||||
|
## v6.0.2 (2014-12-17)
|
||||||
|
|
||||||
|
- Fixing sysvinit provider to survive reboots
|
||||||
|
|
||||||
|
## v6.0.1 (2014-12-16)
|
||||||
|
|
||||||
|
- Fixing Upstart template to survive reboots
|
||||||
|
|
||||||
|
## v6.0.0 (2014-12-15)
|
||||||
|
|
||||||
|
- Major version update
|
||||||
|
- Cookbook now provides LWRPs instead of recipes
|
||||||
|
- Platform providers re-factored into init system providers
|
||||||
|
- Separated :create and :start actions for use in recipes that build containers
|
||||||
|
- mysql_service now supports multiple instances on the same machine
|
||||||
|
- mysql_service no longer attempts to manage user records
|
||||||
|
- Removal of debian-sys-maint
|
||||||
|
- Unified Sysvinit script that works on all platforms
|
||||||
|
- mysql_config resource introduced
|
||||||
|
- mysql_client fixed up
|
||||||
|
- Refactored acceptance tests
|
||||||
|
- Temporarily dropped FreeBSD support
|
||||||
|
|
||||||
|
## v5.6.1 (2014-10-29)
|
||||||
|
|
||||||
|
- Use Gem::Version instead of Chef::Version
|
||||||
|
|
||||||
|
## v5.6.0 (2014-10-29)
|
||||||
|
|
||||||
|
- Changing default charset to utf8
|
||||||
|
- Quoting passwords in debian.cnf.erb
|
||||||
|
- Amazon 2014.09 support
|
||||||
|
- Ubuntu 14.10 support
|
||||||
|
- Only hide passwords from STDOUT via "sensitive true" in chef-client higher than 11.14
|
||||||
|
- Updating test harness
|
||||||
|
|
||||||
|
## v5.5.4 (2014-10-07)
|
||||||
|
|
||||||
|
- Adding sensitive flag to execute resources to protect passwords from logs
|
||||||
|
|
||||||
|
## v5.5.3 (2014-09-24)
|
||||||
|
|
||||||
|
- Reverting back to Upstart on Ubuntu 14.04
|
||||||
|
|
||||||
|
## v5.5.2 (2014-09-8)
|
||||||
|
|
||||||
|
- Reverting commit that broke Debian pass_string
|
||||||
|
|
||||||
|
## v5.5.1 (2014-09-2)
|
||||||
|
|
||||||
|
- Switching Ubuntu service provider to use SysVinit instead of Upstart
|
||||||
|
|
||||||
|
## v5.5.0 (2014-08-27)
|
||||||
|
|
||||||
|
- Adding package version and action parameters to mysql_service resource
|
||||||
|
- Fixing Debian pass_string
|
||||||
|
|
||||||
|
## v5.4.4 (2014-08-27)
|
||||||
|
|
||||||
|
- Changing module namespace to MysqlCookbook
|
||||||
|
|
||||||
|
## v5.4.3 (2014-08-25)
|
||||||
|
|
||||||
|
- More refactoring. Moving helper function bits into resource parsed_parameters
|
||||||
|
|
||||||
|
## v5.4.2 (2014-08-25)
|
||||||
|
|
||||||
|
- Moving provider local variables into definitions for RHEL provider
|
||||||
|
|
||||||
|
## v5.4.1 (2014-08-25)
|
||||||
|
|
||||||
|
- Refactoring resources into the LWRP style with parsed parameters
|
||||||
|
- Moving provider local variables into definitions
|
||||||
|
|
||||||
|
## v5.4.0 (2014-08-25)
|
||||||
|
|
||||||
|
- 212 - support for centos-7 (mysql55 and mysql56)
|
||||||
|
- Adding (untested) Debian-6 support
|
||||||
|
- Adding Suse support to metadata.rb
|
||||||
|
- Adding ability to change MySQL root password
|
||||||
|
- Added libmysqlclient-devel package to SuSE client provider
|
||||||
|
- Appeasing AppArmor
|
||||||
|
- Reducing duplication in client provider
|
||||||
|
|
||||||
|
## v5.3.6 (2014-06-18)
|
||||||
|
|
||||||
|
- Fixing pid path location. Updating tests to include real RHEL
|
||||||
|
|
||||||
|
## v5.3.4 (2014-06-16)
|
||||||
|
|
||||||
|
- Fixing specs for Amazon Linux server package names
|
||||||
|
|
||||||
|
## v5.3.2 (2014-06-16)
|
||||||
|
|
||||||
|
- Fixing Amazon Linux support
|
||||||
|
|
||||||
|
## v5.3.0 (2014-06-11)
|
||||||
|
|
||||||
|
- 189 - Fix server_repl_password description
|
||||||
|
- 191 - Adding support for server55 and server56 on el-6
|
||||||
|
- 193 - Fix syntax in mysql_service example
|
||||||
|
- 199 - Adding Suse support
|
||||||
|
|
||||||
|
## v5.2.12 (2014-05-19)
|
||||||
|
|
||||||
|
PR #192 - recipes/server.rb should honor parameter node['mysql']['version']
|
||||||
|
|
||||||
|
## v5.2.10 (2014-05-15)
|
||||||
|
|
||||||
|
- COOK-4394 - restore freebsd support
|
||||||
|
|
||||||
|
## v5.2.8 (2014-05-15)
|
||||||
|
|
||||||
|
- [COOK-4653] - Missing mySQL 5.6 support for Ubuntu 14.04
|
||||||
|
|
||||||
|
## v5.2.6 (2014-05-07)
|
||||||
|
|
||||||
|
- [COOK-4625] - Fix password resource parameter consumption on Debian and Ubuntu
|
||||||
|
- Fix up typos and version numbers in PLATFORMS.md
|
||||||
|
- Fix up specs from COOK-4613 changes
|
||||||
|
|
||||||
|
## v5.2.4 (2014-05-02)
|
||||||
|
|
||||||
|
- [COOK-4613] - Fix permissions on mysql data_dir to allow global access to mysql.sock
|
||||||
|
|
||||||
|
## v5.2.2 (2014-04-24)
|
||||||
|
|
||||||
|
- [COOK-4564] - Using positive tests for datadir move
|
||||||
|
|
||||||
|
## v5.2.0 (2014-04-22)
|
||||||
|
|
||||||
|
- [COOK-4551] - power grants.sql from resource parameters
|
||||||
|
|
||||||
|
## v5.1.12 (2014-04-21)
|
||||||
|
|
||||||
|
- [COOK-4554] - Support for Debian Sid
|
||||||
|
|
||||||
|
## v5.1.10 (2014-04-21)
|
||||||
|
|
||||||
|
- [COOK-4565] Support for Ubuntu 14.04
|
||||||
|
- [COOK-4565] Adding Specs and TK platform
|
||||||
|
- Removing non-LTS 13.10 specs and TK platform
|
||||||
|
|
||||||
|
## v5.1.8 (2014-04-12)
|
||||||
|
|
||||||
|
Adding Ubuntu 13.04 to Platforminfo
|
||||||
|
|
||||||
|
## v5.1.6 (2014-04-11)
|
||||||
|
|
||||||
|
- [COOK-4548] - Add template[/etc/mysql/debian.cnf] to Ubuntu provider
|
||||||
|
|
||||||
|
## v5.1.4 (2014-04-11)
|
||||||
|
|
||||||
|
- [COOK-4547] - Shellescape server_root_password
|
||||||
|
|
||||||
|
## v5.1.2 (2014-04-09)
|
||||||
|
|
||||||
|
- [COOK-4519] - Fix error in run_dir for Ubuntu
|
||||||
|
- [COOK-4531] - Fix pid and run_dir for Debian
|
||||||
|
|
||||||
|
## v5.1.0 (2014-04-08)
|
||||||
|
|
||||||
|
[COOK-4523] - Allow for both :restart and :reload
|
||||||
|
|
||||||
|
## v5.0.6 (2014-04-07)
|
||||||
|
|
||||||
|
- [COOK-4519] - Updating specs to reflect pid file change on Ubuntu
|
||||||
|
|
||||||
|
## v5.0.4 (2014-04-07)
|
||||||
|
|
||||||
|
- [COOK-4519] - Fix path to pid file on Ubuntu
|
||||||
|
|
||||||
|
## v5.0.2 (2014-04-01)
|
||||||
|
|
||||||
|
- Moving server_deprecated into recipes directory
|
||||||
|
|
||||||
|
## v5.0.0 (2014-03-31)
|
||||||
|
|
||||||
|
- Rewriting as a library cookbook
|
||||||
|
- Exposing mysql_service and mysql_client resources
|
||||||
|
- User now needs to supply configuration
|
||||||
|
- Moving attribute driven recipe to server-deprecated
|
||||||
|
|
||||||
|
## v4.1.2 (2014-02-28)
|
||||||
|
|
||||||
|
- [COOK-4349] - Fix invalid platform check
|
||||||
|
- [COOK-4184] - Better handling of Ubuntu upstart service
|
||||||
|
- [COOK-2100] - Changing innodb_log_file_size tunable results in inability to start MySQL
|
||||||
|
|
||||||
|
## v4.1.1 (2014-02-25)
|
||||||
|
|
||||||
|
- **[COOK-2966] - Address foodcritic failures'
|
||||||
|
- **[COOK-4182] - Template parse failure in /etc/init/mysql.conf (data_dir)'
|
||||||
|
- **[COOK-4198] - Added missing tunable'
|
||||||
|
- **[COOK-4206] - create root@127.0.0.1, as well as root@localhost'
|
||||||
|
|
||||||
|
## v4.0.20 (2014-01-18)
|
||||||
|
|
||||||
|
- [COOK-3931] - MySQL Server Recipe Regression for Non-LTS Ubuntu Versions
|
||||||
|
- [COOK-3945] - MySQL cookbook fails on Ubuntu 13.04/13.10
|
||||||
|
- [COOK-3966] - mysql::server recipe can't find a template with debian 7.x
|
||||||
|
- [COOK-3985] - Missing /etc/mysql/debian.cnf template on mysql::_server_debian.rb recipe (mysql 4.0.4)
|
||||||
|
- [COOK-3974] - debian.cnf not updated
|
||||||
|
- [COOK-4001] - Pull request: Fixes for broken mysql::server on Debian
|
||||||
|
- [COOK-4071] - Mysql cookbook doesn't work on debian 7.2
|
||||||
|
|
||||||
|
## v4.0.14
|
||||||
|
|
||||||
|
Fixing style cops
|
||||||
|
|
||||||
|
## v4.0.12
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- **[COOK-4068](https://tickets.chef.io/browse/COOK-4068)** - rework MySQL Windows recipe
|
||||||
|
|
||||||
|
### Improvement
|
||||||
|
|
||||||
|
- **[COOK-3801](https://tickets.chef.io/browse/COOK-3801)** - Add innodb_adaptive_flushing_method and innodb_adaptive_checkpoint
|
||||||
|
|
||||||
|
## v4.0.10
|
||||||
|
|
||||||
|
fixing metadata version error. locking to 3.0
|
||||||
|
|
||||||
|
## v4.0.8
|
||||||
|
|
||||||
|
Locking yum dependency to '< 3'
|
||||||
|
|
||||||
|
## v4.0.6
|
||||||
|
|
||||||
|
# Bug
|
||||||
|
|
||||||
|
- [COOK-3943] Notifying service restart on grants update
|
||||||
|
|
||||||
|
## v4.0.4
|
||||||
|
|
||||||
|
[COOK-3952] - Adding 'recursive true' to directory resources
|
||||||
|
|
||||||
|
## v4.0.2
|
||||||
|
|
||||||
|
### BUGS
|
||||||
|
|
||||||
|
- Adding support for Amazon Linux in attributes/server_rhel.rb
|
||||||
|
- Fixing bug where unprivileged users cannot connect over a local socket. Adding integration test.
|
||||||
|
- Fixing bug in mysql_grants_cmd generation
|
||||||
|
|
||||||
|
## v4.0.0
|
||||||
|
|
||||||
|
- [COOK-3928] Heavily refactoring for readability. Moving platform implementation into separate recipes
|
||||||
|
- Moving integration tests from minitest to serverspec, removing "improper" tests
|
||||||
|
- Moving many attributes into the ['mysql']['server']['whatever'] namespace
|
||||||
|
- [COOK-3481] - Merged Lucas Welsh's Windows bits and moved into own recipe
|
||||||
|
- [COOK-3697] - Adding security hardening attributes
|
||||||
|
- [COOK-3780] - Fixing data_dir on Debian and Ubuntu
|
||||||
|
- [COOK-3807] - Don't use execute[assign-root-password] on Debian and Ubuntu
|
||||||
|
- [COOK-3881] - Fixing /etc being owned by mysql user
|
||||||
|
|
||||||
|
## v3.0.12
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- **[COOK-3752](https://tickets.chef.io/browse/COOK-3752)** - mysql service fails to start in mysql::server recipe
|
||||||
|
|
||||||
|
## v3.0.10
|
||||||
|
|
||||||
|
- Fix a failed release attempt for v3.0.8
|
||||||
|
|
||||||
|
## v3.0.8
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- **[COOK-3749](https://tickets.chef.io/browse/COOK-3749)** - Fix a regression with Chef 11-specific features
|
||||||
|
|
||||||
|
## v3.0.6
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- **[COOK-3674](https://tickets.chef.io/browse/COOK-3674)** - Fix an issue where the MySQL server fails to set the root password correctly when `data_dir` is a non-default value
|
||||||
|
- **[COOK-3647](https://tickets.chef.io/browse/COOK-3647)** - Fix README typo (databas => database)
|
||||||
|
- **[COOK-3477](https://tickets.chef.io/browse/COOK-3477)** - Fix log-queries-not-using-indexes not working
|
||||||
|
- **[COOK-3436](https://tickets.chef.io/browse/COOK-3436)** - Pull percona repo in compilation phase
|
||||||
|
- **[COOK-3208](https://tickets.chef.io/browse/COOK-3208)** - Fix README typo (LitenPort => ListenPort)
|
||||||
|
- **[COOK-3149](https://tickets.chef.io/browse/COOK-3149)** - Create my.cnf before installing
|
||||||
|
- **[COOK-2681](https://tickets.chef.io/browse/COOK-2681)** - Fix log_slow_queries for 5.5+
|
||||||
|
- **[COOK-2606](https://tickets.chef.io/browse/COOK-2606)** - Use proper bind address on cloud providers
|
||||||
|
|
||||||
|
### Improvement
|
||||||
|
|
||||||
|
- **[COOK-3498](https://tickets.chef.io/browse/COOK-3498)** - Add support for replicate_* variables in my.cnf
|
||||||
|
|
||||||
|
## v3.0.4
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- **[COOK-3310](https://tickets.chef.io/browse/COOK-3310)** - Fix missing `GRANT` option
|
||||||
|
- **[COOK-3233](https://tickets.chef.io/browse/COOK-3233)** - Fix escaping special characters
|
||||||
|
- **[COOK-3156](https://tickets.chef.io/browse/COOK-3156)** - Fix GRANTS file when `remote_root_acl` is specified
|
||||||
|
- **[COOK-3134](https://tickets.chef.io/browse/COOK-3134)** - Fix Chef 11 support
|
||||||
|
- **[COOK-2318](https://tickets.chef.io/browse/COOK-2318)** - Remove redundant `if` block around `node.mysql.tunable.log_bin`
|
||||||
|
|
||||||
|
## v3.0.2
|
||||||
|
|
||||||
|
### Bug
|
||||||
|
|
||||||
|
- [COOK-2158]: apt-get update is run twice at compile time
|
||||||
|
- [COOK-2832]: mysql grants.sql file has errors depending on attrs
|
||||||
|
- [COOK-2995]: server.rb is missing a platform_family comparison value
|
||||||
|
|
||||||
|
### Sub-task
|
||||||
|
|
||||||
|
- [COOK-2102]: `innodb_flush_log_at_trx_commit` value is incorrectly set based on CPU count
|
||||||
|
|
||||||
|
## v3.0.0
|
||||||
|
|
||||||
|
**Note** This is a backwards incompatible version with previous versions of the cookbook. Tickets that introduce incompatibility are COOK-2615 and COOK-2617.
|
||||||
|
|
||||||
|
- [COOK-2478] - Duplicate 'read_only' server attribute in base and tunable
|
||||||
|
- [COOK-2471] - Add tunable to set slave_compressed_protocol for reduced network traffic
|
||||||
|
- [COOK-1059] - Update attributes in mysql cookbook to support missing options for my.cnf usable by Percona
|
||||||
|
- [COOK-2590] - Typo in server recipe to do with conf_dir and confd_dir
|
||||||
|
- [COOK-2602] - Add `lower_case_table_names` tunable
|
||||||
|
- [COOK-2430] - Add a tunable to create a network ACL when allowing `remote_root_access`
|
||||||
|
- [COOK-2619] - mysql: isamchk deprecated
|
||||||
|
- [COOK-2515] - Better support for SUSE distribution for mysql cookbook
|
||||||
|
- [COOK-2557] - mysql::percona_repo attributes missing and key server typo
|
||||||
|
- [COOK-2614] - Duplicate `innodb_file_per_table`
|
||||||
|
- [COOK-2145] - MySQL cookbook should remove anonymous and password less accounts
|
||||||
|
- [COOK-2553] - Enable include directory in my.cnf template for any platform
|
||||||
|
- [COOK-2615] - Rename `key_buffer` to `key_buffer_size`
|
||||||
|
- [COOK-2626] - Percona repo URL is being constructed incorrectly
|
||||||
|
- [COOK-2616] - Unneeded attribute thread_cache
|
||||||
|
- [COOK-2618] - myisam-recover not using attribute value
|
||||||
|
- [COOK-2617] - open-files is a duplicate of open-files-limit
|
||||||
|
|
||||||
|
## v2.1.2
|
||||||
|
|
||||||
|
- [COOK-2172] - Mysql cookbook duplicates `binlog_format` configuration
|
||||||
|
|
||||||
|
## v2.1.0
|
||||||
|
|
||||||
|
- [COOK-1669] - Using platform("ubuntu") in default attributes always returns true
|
||||||
|
- [COOK-1694] - Added additional my.cnf fields and reorganized cookbook to avoid race conditions with mysql startup and sql script execution
|
||||||
|
- [COOK-1851] - Support server-id and binlog_format settings
|
||||||
|
- [COOK-1929] - Update msyql server attributes file because setting attributes without specifying a precedence is deprecated
|
||||||
|
- [COOK-1999] - Add read_only tunable useful for replication slave servers
|
||||||
|
|
||||||
|
## v2.0.2
|
||||||
|
|
||||||
|
- [COOK-1967] - mysql: trailing comma in server.rb platform family
|
||||||
|
|
||||||
|
## v2.0.0
|
||||||
|
|
||||||
|
**Important note for this release**
|
||||||
|
|
||||||
|
Under Chef Solo, you must set the node attributes for the root, debian and repl passwords or the run will completely fail. See COOK-1737 for background on this.
|
||||||
|
|
||||||
|
- [COOK-1390] - MySQL service cannot start after reboot
|
||||||
|
- [COOK-1610] - Set root password outside preseed (blocker for drop-in mysql replacements)
|
||||||
|
- [COOK-1624] - Mysql cookbook fails to even compile on windows
|
||||||
|
- [COOK-1669] - Using platform("ubuntu") in default attributes always returns true
|
||||||
|
- [COOK-1686] - Add mysql service start
|
||||||
|
- [COOK-1687] - duplicate `innodb_buffer_pool_size` attribute
|
||||||
|
- [COOK-1704] - mysql cookbook fails spec tests when minitest-handler cookbook enabled
|
||||||
|
- [COOK-1737] - Fail a chef-solo run when `server_root_password`, `server_debian_password`, and/or `server_repl_password` is not set
|
||||||
|
- [COOK-1769] - link to database recipe in mysql README goes to old chef/cookbooks repo instead of chef-cookbook organization
|
||||||
|
- [COOK-1963] - use `platform_family`
|
||||||
|
|
||||||
|
## v1.3.0
|
||||||
|
|
||||||
|
**Important note for this release**
|
||||||
|
|
||||||
|
This version no longer installs Ruby bindings in the client recipe by default. Use the ruby recipe if you'd like the RubyGem. If you'd like packages from your distribution, use them in your application's specific cookbook/recipe, or modify the client packages attribute. This resolves the following tickets:
|
||||||
|
|
||||||
|
- COOK-932
|
||||||
|
- COOK-1009
|
||||||
|
- COOK-1384
|
||||||
|
|
||||||
|
Additionally, this cookbook now has tests (COOK-1439) for use under test-kitchen.
|
||||||
|
|
||||||
|
The following issues are also addressed in this release.
|
||||||
|
|
||||||
|
- [COOK-1443] - MySQL (>= 5.1.24) does not support `innodb_flush_method` = fdatasync
|
||||||
|
- [COOK-1175] - Add Mac OS X support
|
||||||
|
- [COOK-1289] - handle additional tunable attributes
|
||||||
|
- [COOK-1305] - add auto-increment-increment and auto-increment-offset attributes
|
||||||
|
- [COOK-1397] - make the port an attribute
|
||||||
|
- [COOK-1439] - Add MySQL cookbook tests for test-kitchen support
|
||||||
|
- [COOK-1236] - Move package names into attributes to allow percona to free-ride
|
||||||
|
- [COOK-934] - remove deprecated mysql/libraries/database.rb, use the database cookbook instead.
|
||||||
|
- [COOK-1475] - fix restart on config change
|
||||||
|
|
||||||
|
## v1.2.6
|
||||||
|
|
||||||
|
- [COOK-1113] - Use an attribute to determine if upstart is used
|
||||||
|
- [COOK-1121] - Add support for Windows
|
||||||
|
- [COOK-1140] - Fix conf.d on Debian
|
||||||
|
- [COOK-1151] - Fix server_ec2 handling /var/lib/mysql bind mount
|
||||||
|
- [COOK-1321] - Document setting password attributes for solo
|
||||||
|
|
||||||
|
## v1.2.4
|
||||||
|
|
||||||
|
- [COOK-992] - fix FATAL nameerror
|
||||||
|
- [COOK-827] - `mysql:server_ec2` recipe can't mount `data_dir`
|
||||||
|
- [COOK-945] - FreeBSD support
|
||||||
|
|
||||||
|
## v1.2.2
|
||||||
|
|
||||||
|
- [COOK-826] mysql::server recipe doesn't quote password string
|
||||||
|
- [COOK-834] Add 'scientific' and 'amazon' platforms to mysql cookbook
|
||||||
|
|
||||||
|
## v1.2.1
|
||||||
|
|
||||||
|
- [COOK-644] Mysql client cookbook 'package missing' error message is confusing
|
||||||
|
- [COOK-645] RHEL6/CentOS6 - mysql cookbook contains 'skip-federated' directive which is unsupported on MySQL 5.1
|
||||||
|
|
||||||
|
## v1.2.0
|
||||||
|
|
||||||
|
- [COOK-684] remove mysql_database LWRP
|
||||||
|
|
||||||
|
## v1.0.8
|
||||||
|
|
||||||
|
- [COOK-633] ensure "cloud" attribute is available
|
||||||
|
|
||||||
|
## v1.0.7
|
||||||
|
|
||||||
|
- [COOK-614] expose all mysql tunable settings in config
|
||||||
|
- [COOK-617] bind to private IP if available
|
||||||
|
|
||||||
|
## v1.0.6
|
||||||
|
|
||||||
|
- [COOK-605] install mysql-client package on ubuntu/debian
|
||||||
|
|
||||||
|
## v1.0.5
|
||||||
|
|
||||||
|
- [COOK-465] allow optional remote root connections to mysql
|
||||||
|
- [COOK-455] improve platform version handling
|
||||||
|
- externalize conf_dir attribute for easier cross platform support
|
||||||
|
- change datadir attribute to data_dir for consistency
|
||||||
|
|
||||||
|
## v1.0.4
|
||||||
|
|
||||||
|
- fix regressions on debian platform
|
||||||
|
- [COOK-578] wrap root password in quotes
|
||||||
|
- [COOK-562] expose all tunables in my.cnf
|
2
chef/cookbooks/mysql/CONTRIBUTING.md
Normal file
2
chef/cookbooks/mysql/CONTRIBUTING.md
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
Please refer to
|
||||||
|
https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD
|
16
chef/cookbooks/mysql/MAINTAINERS.md
Normal file
16
chef/cookbooks/mysql/MAINTAINERS.md
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
<!-- This is a generated file. Please do not edit directly -->
|
||||||
|
|
||||||
|
# Maintainers
|
||||||
|
|
||||||
|
This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
|
||||||
|
|
||||||
|
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
|
||||||
|
|
||||||
|
# Project Maintainer
|
||||||
|
* [Tim Smith](https://github.com/tas50)
|
||||||
|
|
||||||
|
# Maintainers
|
||||||
|
* [Jennifer Davis](https://github.com/sigje)
|
||||||
|
* [Sean OMeara](https://github.com/someara)
|
||||||
|
* [Tim Smith](https://github.com/tas50)
|
||||||
|
* [Thom May](https://github.com/thommay)
|
444
chef/cookbooks/mysql/README.md
Normal file
444
chef/cookbooks/mysql/README.md
Normal file
|
@ -0,0 +1,444 @@
|
||||||
|
# MySQL Cookbook
|
||||||
|
|
||||||
|
[![Build Status](https://travis-ci.org/chef-cookbooks/mysql.svg?branch=master)](https://travis-ci.org/chef-cookbooks/mysql) [![Cookbook Version](https://img.shields.io/cookbook/v/mysql.svg)](https://supermarket.chef.io/cookbooks/mysql)
|
||||||
|
|
||||||
|
The Mysql Cookbook is a library cookbook that provides resource primitives (LWRPs) for use in recipes. It is designed to be a reference example for creating highly reusable cross-platform cookbooks.
|
||||||
|
|
||||||
|
## Scope
|
||||||
|
|
||||||
|
This cookbook is concerned with the "MySQL Community Server", particularly those shipped with F/OSS Unix and Linux distributions. It does not address forks or value-added repackaged MySQL distributions like Drizzle, MariaDB, or Percona.
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
|
||||||
|
- Chef 12.5 or higher
|
||||||
|
- Network accessible package repositories
|
||||||
|
- 'recipe[selinux::disabled]' on RHEL platforms
|
||||||
|
|
||||||
|
## Platform Support
|
||||||
|
|
||||||
|
The following platforms have been tested with Test Kitchen:
|
||||||
|
|
||||||
|
```
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| | 5.0 | 5.1 | 5.5 | 5.6 | 5.7 |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| debian-7 | | | X | | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| debian-8 | | | X | | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| ubuntu-12.04 | | | X | | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| ubuntu-14.04 | | | X | X | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| ubuntu-16.04 | | | | | X |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| centos-5 | X | X | X | X | X |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| centos-6 | | X | X | X | X |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| centos-7 | | | X | X | X |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| fedora | | | | X | X |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| openSUSE 13.2 | | | | X | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
| openSUSE 42.1 | | | | X | |
|
||||||
|
|----------------+-----+-----+-----+-----+-----|
|
||||||
|
```
|
||||||
|
|
||||||
|
## Cookbook Dependencies
|
||||||
|
|
||||||
|
There are no hard coupled dependencies.
|
||||||
|
However, there is a loose dependency on `yum-mysql-community` for RHEL/Centos platforms.
|
||||||
|
As of the 8.0 version of this cookbook, configuration of the package repos is now the
|
||||||
|
responsibility of the user.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Place a dependency on the mysql cookbook in your cookbook's metadata.rb
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
depends 'mysql', '~> 8.0'
|
||||||
|
```
|
||||||
|
|
||||||
|
Then, in a recipe:
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_service 'foo' do
|
||||||
|
port '3306'
|
||||||
|
version '5.5'
|
||||||
|
initial_root_password 'change me'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
The service name on the OS is `mysql-foo`. You can manually start and stop it with `service mysql-foo start` and `service mysql-foo stop`.
|
||||||
|
|
||||||
|
The configuration file is at `/etc/mysql-foo/my.cnf`. It contains the minimum options to get the service running. It looks like this.
|
||||||
|
|
||||||
|
```
|
||||||
|
# Chef generated my.cnf for instance mysql-foo
|
||||||
|
|
||||||
|
[client]
|
||||||
|
default-character-set = utf8
|
||||||
|
port = 3306
|
||||||
|
socket = /var/run/mysql-foo/mysqld.sock
|
||||||
|
|
||||||
|
[mysql]
|
||||||
|
default-character-set = utf8
|
||||||
|
|
||||||
|
[mysqld]
|
||||||
|
user = mysql
|
||||||
|
pid-file = /var/run/mysql-foo/mysqld.pid
|
||||||
|
socket = /var/run/mysql-foo/mysqld.sock
|
||||||
|
port = 3306
|
||||||
|
datadir = /var/lib/mysql-foo
|
||||||
|
tmpdir = /tmp
|
||||||
|
log-error = /var/log/mysql-foo/error.log
|
||||||
|
!includedir /etc/mysql-foo/conf.d
|
||||||
|
|
||||||
|
[mysqld_safe]
|
||||||
|
socket = /var/run/mysql-foo/mysqld.sock
|
||||||
|
```
|
||||||
|
|
||||||
|
You can put extra configuration into the conf.d directory by using the `mysql_config` resource, like this:
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_service 'foo' do
|
||||||
|
port '3306'
|
||||||
|
version '5.5'
|
||||||
|
initial_root_password 'change me'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_config 'foo' do
|
||||||
|
source 'my_extra_settings.erb'
|
||||||
|
notifies :restart, 'mysql_service[foo]'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
You are responsible for providing `my_extra_settings.erb` in your own cookbook's templates folder.
|
||||||
|
|
||||||
|
## Connecting with the mysql CLI command
|
||||||
|
|
||||||
|
Logging into the machine and typing `mysql` with no extra arguments will fail. You need to explicitly connect over the socket with `mysql -S /var/run/mysql-foo/mysqld.sock`, or over the network with `mysql -h 127.0.0.1`
|
||||||
|
|
||||||
|
## Upgrading from older version of the mysql cookbook
|
||||||
|
|
||||||
|
- It is strongly recommended that you rebuild the machine from scratch. This is easy if you have your `data_dir` on a dedicated mount point. If you _must_ upgrade in-place, follow the instructions below.
|
||||||
|
- The 6.x series supports multiple service instances on a single machine. It dynamically names the support directories and service names. `/etc/mysql becomes /etc/mysql-instance_name`. Other support directories in `/var` `/run` etc work the same way. Make sure to specify the `data_dir` property on the `mysql_service` resource to point to the old `/var/lib/mysql` directory.
|
||||||
|
|
||||||
|
## Resources Overview
|
||||||
|
|
||||||
|
### mysql_service
|
||||||
|
|
||||||
|
The `mysql_service` resource manages the basic plumbing needed to get a MySQL server instance running with minimal configuration.
|
||||||
|
|
||||||
|
The `:create` action handles package installation, support directories, socket files, and other operating system level concerns. The internal configuration file contains just enough to get the service up and running, then loads extra configuration from a conf.d directory. Further configurations are managed with the `mysql_config` resource.
|
||||||
|
|
||||||
|
- If the `data_dir` is empty, a database will be initialized, and a
|
||||||
|
- root user will be set up with `initial_root_password`. If this
|
||||||
|
- directory already contains database files, no action will be taken.
|
||||||
|
|
||||||
|
The `:start` action starts the service on the machine using the appropriate provider for the platform. The `:start` action should be omitted when used in recipes designed to build containers.
|
||||||
|
|
||||||
|
#### Example
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_service 'default' do
|
||||||
|
version '5.7'
|
||||||
|
bind_address '0.0.0.0'
|
||||||
|
port '3306'
|
||||||
|
data_dir '/data'
|
||||||
|
initial_root_password 'Ch4ng3me'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
Please note that when using `notifies` or `subscribes`, the resource to reference is `mysql_service[name]`, not `service[mysql]`.
|
||||||
|
|
||||||
|
#### Parameters
|
||||||
|
|
||||||
|
- `charset` - specifies the default character set. Defaults to `utf8`.
|
||||||
|
- `data_dir` - determines where the actual data files are kept on the machine. This is useful when mounting external storage. When omitted, it will default to the platform's native location.
|
||||||
|
- `error_log` - Tunable location of the error_log
|
||||||
|
- `initial_root_password` - allows the user to specify the initial root password for mysql when initializing new databases. This can be set explicitly in a recipe, driven from a node attribute, or from data_bags. When omitted, it defaults to `ilikerandompasswords`. Please be sure to change it.
|
||||||
|
- `instance` - A string to identify the MySQL service. By convention, to allow for multiple instances of the `mysql_service`, directories and files on disk are named `mysql-<instance_name>`. Defaults to the resource name.
|
||||||
|
- `package_action` - Defaults to `:install`.
|
||||||
|
- `package_name` - Defaults to a value looked up in an internal map.
|
||||||
|
- `package_version` - Specific version of the package to install,passed onto the underlying package manager. Defaults to `nil`.
|
||||||
|
- `bind_address` - determines the listen IP address for the mysqld service. When omitted, it will be determined by MySQL. If the address is "regular" IPv4/IPv6address (e.g 127.0.0.1 or ::1), the server accepts TCP/IP connections only for that particular address. If the address is "0.0.0.0" (IPv4) or "::" (IPv6), the server accepts TCP/IP connections on all IPv4 or IPv6 interfaces.
|
||||||
|
- `mysqld_options` - A key value hash of options to be rendered into the main my.cnf. WARNING - It is highly recommended that you use the `mysql_config` resource instead of sending extra config into a `mysql_service` resource. This will allow you to set up notifications and subscriptions between the service and its configuration. That being said, this can be useful for adding extra options needed for database initialization at first run.
|
||||||
|
- `port` - determines the listen port for the mysqld service. When omitted, it will default to '3306'.
|
||||||
|
- `run_group` - The name of the system group the `mysql_service` should run as. Defaults to 'mysql'.
|
||||||
|
- `run_user` - The name of the system user the `mysql_service` should run as. Defaults to 'mysql'.
|
||||||
|
- `pid_file` - Tunable location of the pid file.
|
||||||
|
- `socket` - determines where to write the socket file for the `mysql_service` instance. Useful when configuring clients on the same machine to talk over socket and skip the networking stack. Defaults to a calculated value based on platform and instance name.
|
||||||
|
- `tmp_dir` - Tunable location of the tmp_dir
|
||||||
|
- `version` - allows the user to select from the versions available for the platform, where applicable. When omitted, it will install the default MySQL version for the target platform. Available version numbers are `5.0`, `5.1`, `5.5`, `5.6`, and `5.7`, depending on platform.
|
||||||
|
|
||||||
|
#### Actions
|
||||||
|
|
||||||
|
- `:create` - Configures everything but the underlying operating system service.
|
||||||
|
- `:delete` - Removes everything but the package and data_dir.
|
||||||
|
- `:start` - Starts the underlying operating system service
|
||||||
|
- `:stop`- Stops the underlying operating system service
|
||||||
|
- `:restart` - Restarts the underlying operating system service
|
||||||
|
- `:reload` - Reloads the underlying operating system service
|
||||||
|
|
||||||
|
#### Providers
|
||||||
|
|
||||||
|
Chef selects the appropriate provider based on platform and version, but you can specify one if your platform support it.
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_service[instance-1] do
|
||||||
|
port '1234'
|
||||||
|
data_dir '/mnt/lottadisk'
|
||||||
|
provider Chef::Provider::MysqlServiceSysvinit
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
- `Chef::Provider::MysqlServiceBase` - Configures everything needed to run a MySQL service except the platform service facility. This provider should never be used directly. The `:start`, `:stop`, `:restart`, and `:reload` actions are stubs meant to be overridden by the providers below.
|
||||||
|
- `Chef::Provider::MysqlServiceSmf` - Starts a `mysql_service` using the Service Management Facility, used by Solaris and Illumos. Manages the FMRI and method script.
|
||||||
|
- `Chef::Provider::MysqlServiceSystemd` - Starts a `mysql_service` using SystemD. Manages the unit file and activation state
|
||||||
|
- `Chef::Provider::MysqlServiceSysvinit` - Starts a `mysql_service` using SysVinit. Manages the init script and status.
|
||||||
|
- `Chef::Provider::MysqlServiceUpstart` - Starts a `mysql_service` using Upstart. Manages job definitions and status.
|
||||||
|
|
||||||
|
### mysql_config
|
||||||
|
|
||||||
|
The `mysql_config` resource is a wrapper around the core Chef `template` resource. Instead of a `path` parameter, it uses the `instance` parameter to calculate the path on the filesystem where file is rendered.
|
||||||
|
|
||||||
|
#### Example
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_config[default] do
|
||||||
|
source 'site.cnf.erb'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Parameters
|
||||||
|
|
||||||
|
- `config_name` - The base name of the configuration file to be rendered into the conf.d directory on disk. Defaults to the resource name.
|
||||||
|
- `cookbook` - The name of the cookbook to look for the template source. Defaults to nil
|
||||||
|
- `group` - System group for file ownership. Defaults to 'mysql'.
|
||||||
|
- `instance` - Name of the `mysql_service` instance the config is meant for. Defaults to 'default'.
|
||||||
|
- `owner` - System user for file ownership. Defaults to 'mysql'.
|
||||||
|
- `source` - Template in cookbook to be rendered.
|
||||||
|
- `variables` - Variables to be passed to the underlying `template` resource.
|
||||||
|
- `version` - Version of the `mysql_service` instance the config is meant for. Used to calculate path. Only necessary when using packages with unique configuration paths, such as RHEL Software Collections or OmniOS. Defaults to 'nil'
|
||||||
|
|
||||||
|
#### Actions
|
||||||
|
|
||||||
|
- `:create` - Renders the template to disk at a path calculated using the instance parameter.
|
||||||
|
- `:delete` - Deletes the file from the conf.d directory calculated using the instance parameter.
|
||||||
|
|
||||||
|
#### More Examples
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_service 'instance-1' do
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_service 'instance-2' do
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_config 'logging' do
|
||||||
|
instance 'instance-1'
|
||||||
|
source 'logging.cnf.erb'
|
||||||
|
action :create
|
||||||
|
notifies :restart, 'mysql_service[instance-1]'
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_config 'security settings for instance-2' do
|
||||||
|
config_name 'security'
|
||||||
|
instance 'instance-2'
|
||||||
|
source 'security_stuff.cnf.erb'
|
||||||
|
variables(:foo => 'bar')
|
||||||
|
action :create
|
||||||
|
notifies :restart, 'mysql_service[instance-2]'
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
### mysql_client
|
||||||
|
|
||||||
|
The `mysql_client` resource manages the MySQL client binaries and development libraries.
|
||||||
|
|
||||||
|
It is an example of a "singleton" resource. Declaring two `mysql_client` resources on a machine usually won't yield two separate copies of the client binaries, except for platforms that support multiple versions (RHEL SCL, OmniOS).
|
||||||
|
|
||||||
|
#### Example
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
mysql_client 'default' do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Properties
|
||||||
|
|
||||||
|
- `package_name` - An array of packages to be installed. Defaults to a value looked up in an internal map.
|
||||||
|
- `package_version` - Specific versions of the package to install, passed onto the underlying package manager. Defaults to `nil`.
|
||||||
|
- `version` - Major MySQL version number of client packages. Only valid on for platforms that support multiple versions, such as RHEL via Software Collections and OmniOS.
|
||||||
|
|
||||||
|
#### Actions
|
||||||
|
|
||||||
|
- `:create` - Installs the client software
|
||||||
|
- `:delete` - Removes the client software
|
||||||
|
|
||||||
|
## Advanced Usage Examples
|
||||||
|
|
||||||
|
There are a number of configuration scenarios supported by the use of resource primitives in recipes. For example, you might want to run multiple MySQL services, as different users, and mount block devices that contain pre-existing databases.
|
||||||
|
|
||||||
|
### Multiple Instances as Different Users
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
# instance-1
|
||||||
|
user 'alice' do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory '/mnt/data/mysql/instance-1' do
|
||||||
|
owner 'alice'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
mount '/mnt/data/mysql/instance-1' do
|
||||||
|
device '/dev/sdb1'
|
||||||
|
fstype 'ext4'
|
||||||
|
action [:mount, :enable]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_service 'instance-1' do
|
||||||
|
port '3307'
|
||||||
|
run_user 'alice'
|
||||||
|
data_dir '/mnt/data/mysql/instance-1'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_config 'site config for instance-1' do
|
||||||
|
instance 'instance-1'
|
||||||
|
source 'instance-1.cnf.erb'
|
||||||
|
notifies :restart, 'mysql_service[instance-1]'
|
||||||
|
end
|
||||||
|
|
||||||
|
# instance-2
|
||||||
|
user 'bob' do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory '/mnt/data/mysql/instance-2' do
|
||||||
|
owner 'bob'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
mount '/mnt/data/mysql/instance-2' do
|
||||||
|
device '/dev/sdc1'
|
||||||
|
fstype 'ext3'
|
||||||
|
action [:mount, :enable]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_service 'instance-2' do
|
||||||
|
port '3308'
|
||||||
|
run_user 'bob'
|
||||||
|
data_dir '/mnt/data/mysql/instance-2'
|
||||||
|
action [:create, :start]
|
||||||
|
end
|
||||||
|
|
||||||
|
mysql_config 'site config for instance-2' do
|
||||||
|
instance 'instance-2'
|
||||||
|
source 'instance-2.cnf.erb'
|
||||||
|
notifies :restart, 'mysql_service[instance-2]'
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
### Replication Testing
|
||||||
|
|
||||||
|
Use multiple `mysql_service` instances to test a replication setup. This particular example serves as a smoke test in Test Kitchen because it exercises different resources and requires service restarts.
|
||||||
|
|
||||||
|
<https://github.com/chef-cookbooks/mysql/blob/master/test/fixtures/cookbooks/mysql_replication_test/recipes/default.rb>
|
||||||
|
|
||||||
|
## Frequently Asked Questions
|
||||||
|
|
||||||
|
### How do I run this behind my firewall?
|
||||||
|
|
||||||
|
On Linux, the `mysql_service` resource uses the platform's underlying package manager to install software. For this to work behind firewalls, you'll need to either:
|
||||||
|
|
||||||
|
- Configure the system yum/apt utilities to use a proxy server that
|
||||||
|
- can reach the Internet
|
||||||
|
- Host a package repository on a network that the machine can talk to
|
||||||
|
|
||||||
|
On the RHEL platform_family, applying the `yum::default` recipe will allow you to drive the `yum_globalconfig` resource with attributes to change the global yum proxy settings.
|
||||||
|
|
||||||
|
If hosting repository mirrors, applying one of the following recipes and adjust the settings with node attributes.
|
||||||
|
|
||||||
|
- `recipe[yum-centos::default]` from the Supermarket
|
||||||
|
|
||||||
|
<https://supermarket.chef.io/cookbooks/yum-centos>
|
||||||
|
|
||||||
|
<https://github.com/chef-cookbooks/yum-centos>
|
||||||
|
|
||||||
|
- `recipe[yum-mysql-community::default]` from the Supermarket
|
||||||
|
|
||||||
|
<https://supermarket.chef.io/cookbooks/yum-mysql-community>
|
||||||
|
|
||||||
|
<https://github.com/chef-cookbooks/yum-mysql-community>
|
||||||
|
|
||||||
|
### The mysql command line doesn't work
|
||||||
|
|
||||||
|
If you log into the machine and type `mysql`, you may see an error like this one:
|
||||||
|
|
||||||
|
`Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock'`
|
||||||
|
|
||||||
|
This is because MySQL is hardcoded to read the defined default my.cnf file, typically at /etc/my.cnf, and this LWRP deletes it to prevent overlap among multiple MySQL configurations.
|
||||||
|
|
||||||
|
To connect to the socket from the command line, check the socket in the relevant my.cnf file and use something like this:
|
||||||
|
|
||||||
|
`mysql -S /var/run/mysql-foo/mysqld.sock -Pwhatever`
|
||||||
|
|
||||||
|
Or to connect over the network, use something like this: connect over the network..
|
||||||
|
|
||||||
|
`mysql -h 127.0.0.1 -Pwhatever`
|
||||||
|
|
||||||
|
These network or socket ssettings can also be put in you $HOME/.my.cnf, if preferred.
|
||||||
|
|
||||||
|
### What about MariaDB, Percona, Drizzle, WebScaleSQL, etc.
|
||||||
|
|
||||||
|
MySQL forks are purposefully out of scope for this cookbook. This is mostly to reduce the testing matrix to a manageable size. Cookbooks for these technologies can easily be created by copying and adapting this cookbook. However, there will be differences.
|
||||||
|
|
||||||
|
Package repository locations, package version names, software major version numbers, supported platform matrices, and the availability of software such as XtraDB and Galera are the main reasons that creating multiple cookbooks to make sense.
|
||||||
|
|
||||||
|
## Warnings
|
||||||
|
|
||||||
|
## Hacking / Testing / TODO
|
||||||
|
|
||||||
|
Please refer to the HACKING.md
|
||||||
|
|
||||||
|
## License & Authors
|
||||||
|
|
||||||
|
- Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))
|
||||||
|
- Author:: AJ Christensen ([aj@chef.io](mailto:aj@chef.io))
|
||||||
|
- Author:: Seth Chisamore ([schisamo@chef.io](mailto:schisamo@chef.io))
|
||||||
|
- Author:: Brian Bianco ([brian.bianco@gmail.com](mailto:brian.bianco@gmail.com))
|
||||||
|
- Author:: Jesse Howarth ([him@jessehowarth.com](mailto:him@jessehowarth.com))
|
||||||
|
- Author:: Andrew Crump ([andrew@kotirisoftware.com](mailto:andrew@kotirisoftware.com))
|
||||||
|
- Author:: Christoph Hartmann ([chris@lollyrock.com](mailto:chris@lollyrock.com))
|
||||||
|
- Author:: Sean OMeara ([sean@sean.io](mailto:sean@sean.io))
|
||||||
|
|
||||||
|
```text
|
||||||
|
Copyright:: 2009-2014 Chef Software, Inc
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
```
|
336
chef/cookbooks/mysql/libraries/helpers.rb
Normal file
336
chef/cookbooks/mysql/libraries/helpers.rb
Normal file
|
@ -0,0 +1,336 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
module HelpersBase
|
||||||
|
require 'shellwords'
|
||||||
|
|
||||||
|
def el5?
|
||||||
|
return true if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 5
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def el6?
|
||||||
|
return true if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 6
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def el7?
|
||||||
|
return true if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 7
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def fc23?
|
||||||
|
return true if node['platform'] == 'fedora' && node['platform_version'].to_i == 23
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def fc24?
|
||||||
|
return true if node['platform'] == 'fedora' && node['platform_version'].to_i == 24
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def squeeze?
|
||||||
|
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 6
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def wheezy?
|
||||||
|
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 7
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def jessie?
|
||||||
|
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 8
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def precise?
|
||||||
|
return true if node['platform'] == 'ubuntu' && node['platform_version'] == '12.04'
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def trusty?
|
||||||
|
return true if node['platform'] == 'ubuntu' && node['platform_version'] == '14.04'
|
||||||
|
return true if node['platform'] == 'linuxmint' && node['platform_version'] =~ /^17\.[0-9]$/
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def xenial?
|
||||||
|
return true if node['platform'] == 'ubuntu' && node['platform_version'] == '16.04'
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def amazon?
|
||||||
|
return true if node['platform'] == 'amazon'
|
||||||
|
end
|
||||||
|
|
||||||
|
def opensuse?
|
||||||
|
return true if node['platform'] == 'opensuse'
|
||||||
|
end
|
||||||
|
|
||||||
|
def opensuseleap?
|
||||||
|
return true if node['platform'] == 'opensuseleap'
|
||||||
|
end
|
||||||
|
|
||||||
|
def defaults_file
|
||||||
|
"#{etc_dir}/my.cnf"
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_data_dir
|
||||||
|
return "/opt/local/lib/#{mysql_name}" if node['os'] == 'solaris2'
|
||||||
|
return "/var/lib/#{mysql_name}" if node['os'] == 'linux'
|
||||||
|
return "/var/db/#{mysql_name}" if node['os'] == 'freebsd'
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_error_log
|
||||||
|
"#{log_dir}/error.log"
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_pid_file
|
||||||
|
"#{run_dir}/mysqld.pid"
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_major_version
|
||||||
|
# rhelish
|
||||||
|
return '5.0' if el5?
|
||||||
|
return '5.1' if el6?
|
||||||
|
return '5.6' if el7?
|
||||||
|
return '5.5' if amazon?
|
||||||
|
|
||||||
|
# debian
|
||||||
|
return '5.1' if squeeze?
|
||||||
|
return '5.5' if wheezy?
|
||||||
|
return '5.5' if jessie?
|
||||||
|
|
||||||
|
# ubuntu
|
||||||
|
return '5.5' if precise?
|
||||||
|
return '5.5' if trusty?
|
||||||
|
return '5.7' if xenial?
|
||||||
|
|
||||||
|
# misc
|
||||||
|
return '5.6' if node['platform'] == 'freebsd'
|
||||||
|
return '5.6' if node['platform'] == 'fedora'
|
||||||
|
return '5.6' if node['platform_family'] == 'suse'
|
||||||
|
end
|
||||||
|
|
||||||
|
def major_from_full(v)
|
||||||
|
v.split('.').shift(2).join('.')
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysql_name
|
||||||
|
"mysql-#{instance}"
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_socket_file
|
||||||
|
"#{run_dir}/mysqld.sock"
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_client_package_name
|
||||||
|
return ['mysql', 'mysql-devel'] if major_version == '5.0' && el5?
|
||||||
|
return ['mysql51-mysql', 'mysql51-mysql-libs'] if major_version == '5.1' && el5?
|
||||||
|
return ['mysql', 'mysql-devel'] if major_version == '5.1' && el6?
|
||||||
|
return ['mysql55-mysql', 'mysql55-mysql-devel'] if major_version == '5.5' && el5?
|
||||||
|
return ['mysql-client-5.5', 'libmysqlclient-dev'] if major_version == '5.5' && node['platform_family'] == 'debian'
|
||||||
|
return ['mysql-client-5.6', 'libmysqlclient-dev'] if major_version == '5.6' && node['platform_family'] == 'debian'
|
||||||
|
return ['mysql-client-5.7', 'libmysqlclient-dev'] if major_version == '5.7' && node['platform_family'] == 'debian'
|
||||||
|
return 'mysql-community-server-client' if major_version == '5.6' && node['platform_family'] == 'suse'
|
||||||
|
['mysql-community-client', 'mysql-community-devel']
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_server_package_name
|
||||||
|
return 'mysql-server' if major_version == '5.0' && el5?
|
||||||
|
return 'mysql51-mysql-server' if major_version == '5.1' && el5?
|
||||||
|
return 'mysql-server' if major_version == '5.1' && el6?
|
||||||
|
return 'mysql55-mysql-server' if major_version == '5.5' && el5?
|
||||||
|
return 'mysql-server-5.5' if major_version == '5.5' && node['platform_family'] == 'debian'
|
||||||
|
return 'mysql-server-5.6' if major_version == '5.6' && node['platform_family'] == 'debian'
|
||||||
|
return 'mysql-server-5.7' if major_version == '5.7' && node['platform_family'] == 'debian'
|
||||||
|
return 'mysql-community-server' if major_version == '5.6' && node['platform_family'] == 'suse'
|
||||||
|
'mysql-community-server'
|
||||||
|
end
|
||||||
|
|
||||||
|
def socket_dir
|
||||||
|
File.dirname(socket)
|
||||||
|
end
|
||||||
|
|
||||||
|
def run_dir
|
||||||
|
return "#{prefix_dir}/var/run/#{mysql_name}" if node['platform_family'] == 'rhel'
|
||||||
|
return "/run/#{mysql_name}" if node['platform_family'] == 'debian'
|
||||||
|
"/var/run/#{mysql_name}"
|
||||||
|
end
|
||||||
|
|
||||||
|
def prefix_dir
|
||||||
|
return "/opt/mysql#{pkg_ver_string}" if node['platform_family'] == 'omnios'
|
||||||
|
return '/opt/local' if node['platform_family'] == 'smartos'
|
||||||
|
return "/opt/rh/#{scl_name}/root" if scl_package?
|
||||||
|
end
|
||||||
|
|
||||||
|
def scl_name
|
||||||
|
return unless node['platform_family'] == 'rhel'
|
||||||
|
return 'mysql51' if version == '5.1' && node['platform_version'].to_i == 5
|
||||||
|
return 'mysql55' if version == '5.5' && node['platform_version'].to_i == 5
|
||||||
|
end
|
||||||
|
|
||||||
|
def scl_package?
|
||||||
|
return unless node['platform_family'] == 'rhel'
|
||||||
|
return true if version == '5.1' && node['platform_version'].to_i == 5
|
||||||
|
return true if version == '5.5' && node['platform_version'].to_i == 5
|
||||||
|
false
|
||||||
|
end
|
||||||
|
|
||||||
|
def etc_dir
|
||||||
|
return "/opt/mysql#{pkg_ver_string}/etc/#{mysql_name}" if node['platform_family'] == 'omnios'
|
||||||
|
return "#{prefix_dir}/etc/#{mysql_name}" if node['platform_family'] == 'smartos'
|
||||||
|
"#{prefix_dir}/etc/#{mysql_name}"
|
||||||
|
end
|
||||||
|
|
||||||
|
def base_dir
|
||||||
|
prefix_dir || '/usr'
|
||||||
|
end
|
||||||
|
|
||||||
|
def system_service_name
|
||||||
|
return 'mysql51-mysqld' if node['platform_family'] == 'rhel' && scl_name == 'mysql51'
|
||||||
|
return 'mysql55-mysqld' if node['platform_family'] == 'rhel' && scl_name == 'mysql55'
|
||||||
|
return 'mysqld' if node['platform_family'] == 'rhel'
|
||||||
|
return 'mysqld' if node['platform_family'] == 'fedora'
|
||||||
|
return 'mysql' if node['platform_family'] == 'debian'
|
||||||
|
return 'mysql' if node['platform_family'] == 'suse'
|
||||||
|
return 'mysql' if node['platform_family'] == 'omnios'
|
||||||
|
return 'mysql' if node['platform_family'] == 'smartos'
|
||||||
|
end
|
||||||
|
|
||||||
|
def v56plus
|
||||||
|
return false if version.split('.')[0].to_i < 5
|
||||||
|
return false if version.split('.')[1].to_i < 6
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def v57plus
|
||||||
|
return false if version.split('.')[0].to_i < 5
|
||||||
|
return false if version.split('.')[1].to_i < 7
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def default_include_dir
|
||||||
|
"#{etc_dir}/conf.d"
|
||||||
|
end
|
||||||
|
|
||||||
|
def log_dir
|
||||||
|
return "/var/adm/log/#{mysql_name}" if node['platform_family'] == 'omnios'
|
||||||
|
"#{prefix_dir}/var/log/#{mysql_name}"
|
||||||
|
end
|
||||||
|
|
||||||
|
def lc_messages_dir
|
||||||
|
end
|
||||||
|
|
||||||
|
def init_records_script
|
||||||
|
# Note: shell-escaping passwords in a SQL file may cause corruption - eg
|
||||||
|
# mysql will read \& as &, but \% as \%. Just escape bare-minimum \ and '
|
||||||
|
sql_escaped_password = root_password.gsub('\\') { '\\\\' }.gsub("'") { '\\\'' }
|
||||||
|
|
||||||
|
<<-EOS
|
||||||
|
set -e
|
||||||
|
rm -rf /tmp/#{mysql_name}
|
||||||
|
mkdir /tmp/#{mysql_name}
|
||||||
|
|
||||||
|
cat > /tmp/#{mysql_name}/my.sql <<-'EOSQL'
|
||||||
|
UPDATE mysql.user SET #{password_column_name}=PASSWORD('#{sql_escaped_password}')#{password_expired} WHERE user = 'root';
|
||||||
|
DELETE FROM mysql.user WHERE USER LIKE '';
|
||||||
|
DELETE FROM mysql.user WHERE user = 'root' and host NOT IN ('127.0.0.1', 'localhost');
|
||||||
|
FLUSH PRIVILEGES;
|
||||||
|
DELETE FROM mysql.db WHERE db LIKE 'test%';
|
||||||
|
DROP DATABASE IF EXISTS test ;
|
||||||
|
EOSQL
|
||||||
|
|
||||||
|
#{db_init}
|
||||||
|
#{record_init}
|
||||||
|
|
||||||
|
while [ ! -f #{pid_file} ] ; do sleep 1 ; done
|
||||||
|
kill `cat #{pid_file}`
|
||||||
|
while [ -f #{pid_file} ] ; do sleep 1 ; done
|
||||||
|
rm -rf /tmp/#{mysql_name}
|
||||||
|
EOS
|
||||||
|
end
|
||||||
|
|
||||||
|
def password_column_name
|
||||||
|
return 'authentication_string' if v57plus
|
||||||
|
'password'
|
||||||
|
end
|
||||||
|
|
||||||
|
def root_password
|
||||||
|
if initial_root_password == ''
|
||||||
|
Chef::Log.info('Root password is empty')
|
||||||
|
return ''
|
||||||
|
end
|
||||||
|
initial_root_password
|
||||||
|
end
|
||||||
|
|
||||||
|
def password_expired
|
||||||
|
return ", password_expired='N'" if v57plus
|
||||||
|
''
|
||||||
|
end
|
||||||
|
|
||||||
|
def db_init
|
||||||
|
return mysqld_initialize_cmd if v57plus
|
||||||
|
mysql_install_db_cmd
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysql_install_db_bin
|
||||||
|
return "#{base_dir}/scripts/mysql_install_db" if node['platform_family'] == 'omnios'
|
||||||
|
return "#{prefix_dir}/bin/mysql_install_db" if node['platform_family'] == 'smartos'
|
||||||
|
'mysql_install_db'
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysql_install_db_cmd
|
||||||
|
cmd = mysql_install_db_bin
|
||||||
|
cmd << " --defaults-file=#{etc_dir}/my.cnf"
|
||||||
|
cmd << " --datadir=#{data_dir}"
|
||||||
|
cmd << ' --explicit_defaults_for_timestamp' if v56plus
|
||||||
|
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
|
||||||
|
cmd
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysqladmin_bin
|
||||||
|
return "#{prefix_dir}/bin/mysqladmin" if node['platform_family'] == 'smartos'
|
||||||
|
return 'mysqladmin' if scl_package?
|
||||||
|
"#{prefix_dir}/usr/bin/mysqladmin"
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysqld_bin
|
||||||
|
return "#{prefix_dir}/libexec/mysqld" if node['platform_family'] == 'smartos'
|
||||||
|
return "#{base_dir}/bin/mysqld" if node['platform_family'] == 'omnios'
|
||||||
|
return '/usr/sbin/mysqld' if node['platform_family'] == 'fedora' && v56plus
|
||||||
|
return '/usr/libexec/mysqld' if node['platform_family'] == 'fedora'
|
||||||
|
return 'mysqld' if scl_package?
|
||||||
|
"#{prefix_dir}/usr/sbin/mysqld"
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysqld_initialize_cmd
|
||||||
|
cmd = mysqld_bin
|
||||||
|
cmd << " --defaults-file=#{etc_dir}/my.cnf"
|
||||||
|
cmd << ' --initialize'
|
||||||
|
cmd << ' --explicit_defaults_for_timestamp' if v56plus
|
||||||
|
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
|
||||||
|
cmd
|
||||||
|
end
|
||||||
|
|
||||||
|
def mysqld_safe_bin
|
||||||
|
return "#{prefix_dir}/bin/mysqld_safe" if node['platform_family'] == 'smartos'
|
||||||
|
return "#{base_dir}/bin/mysqld_safe" if node['platform_family'] == 'omnios'
|
||||||
|
return 'mysqld_safe' if scl_package?
|
||||||
|
"#{prefix_dir}/usr/bin/mysqld_safe"
|
||||||
|
end
|
||||||
|
|
||||||
|
def record_init
|
||||||
|
cmd = v56plus ? mysqld_bin : mysqld_safe_bin
|
||||||
|
cmd << " --defaults-file=#{etc_dir}/my.cnf"
|
||||||
|
cmd << " --init-file=/tmp/#{mysql_name}/my.sql"
|
||||||
|
cmd << ' --explicit_defaults_for_timestamp' if v56plus
|
||||||
|
cmd << ' &'
|
||||||
|
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
|
||||||
|
cmd
|
||||||
|
end
|
||||||
|
|
||||||
|
def sensitive_supported?
|
||||||
|
Gem::Version.new(Chef::VERSION) >= Gem::Version.new('11.14.0')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
71
chef/cookbooks/mysql/libraries/matchers.rb
Normal file
71
chef/cookbooks/mysql/libraries/matchers.rb
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
if defined?(ChefSpec)
|
||||||
|
ChefSpec.define_matcher :mysql_config
|
||||||
|
ChefSpec.define_matcher :mysql_service
|
||||||
|
ChefSpec.define_matcher :mysql_client
|
||||||
|
|
||||||
|
# mysql_client_client_installation_package
|
||||||
|
def install_mysql_client_installation_package(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :create, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def remove_mysql_client_installation_package(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :remove, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
# mysql_server_server_installation_package
|
||||||
|
def install_mysql_server_installation_package(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :install, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def remove_mysql_server_installation_package(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :remove, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
#####
|
||||||
|
# old
|
||||||
|
#####
|
||||||
|
|
||||||
|
# client
|
||||||
|
def create_mysql_client(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :create, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_mysql_client(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :delete, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
# mysql_config
|
||||||
|
def create_mysql_config(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_config, :create, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_mysql_config(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_config, :delete, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
# service
|
||||||
|
def create_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :create, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :delete, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def start_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :start, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def stop_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :stop, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def restart_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :restart, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
def reload_mysql_service(resource_name)
|
||||||
|
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :reload, resource_name)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
30
chef/cookbooks/mysql/libraries/mysql_base.rb
Normal file
30
chef/cookbooks/mysql/libraries/mysql_base.rb
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlBase < Chef::Resource
|
||||||
|
require_relative 'helpers'
|
||||||
|
|
||||||
|
# All resources are composites
|
||||||
|
def whyrun_supported?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
################
|
||||||
|
# Type Constants
|
||||||
|
################
|
||||||
|
|
||||||
|
Boolean = property_type(
|
||||||
|
is: [true, false],
|
||||||
|
default: false
|
||||||
|
) unless defined?(Boolean)
|
||||||
|
|
||||||
|
###################
|
||||||
|
# Common Properties
|
||||||
|
###################
|
||||||
|
property :run_group, String, default: 'mysql', desired_state: false
|
||||||
|
property :run_user, String, default: 'mysql', desired_state: false
|
||||||
|
property :version, String, default: lazy { default_major_version }, desired_state: false
|
||||||
|
property :include_dir, String, default: lazy { default_include_dir }, desired_state: false
|
||||||
|
property :major_version, String, default: lazy { major_from_full(version) }, desired_state: false
|
||||||
|
|
||||||
|
declare_action_class
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,31 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlClientInstallationPackage < MysqlBase
|
||||||
|
# helper methods
|
||||||
|
require_relative 'helpers'
|
||||||
|
include MysqlCookbook::HelpersBase
|
||||||
|
|
||||||
|
# Resource properties
|
||||||
|
resource_name :mysql_client_installation_package
|
||||||
|
provides :mysql_client_installation, os: 'linux'
|
||||||
|
provides :mysql_client, os: 'linux'
|
||||||
|
|
||||||
|
property :package_name, [String, Array], default: lazy { default_client_package_name }, desired_state: false
|
||||||
|
property :package_options, [String, nil], desired_state: false
|
||||||
|
property :package_version, [String, nil], default: nil, desired_state: false
|
||||||
|
|
||||||
|
# Actions
|
||||||
|
action :create do
|
||||||
|
package package_name do
|
||||||
|
version package_version if package_version
|
||||||
|
options package_options if package_options
|
||||||
|
action :install
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :delete do
|
||||||
|
package package_name do
|
||||||
|
action :remove
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
56
chef/cookbooks/mysql/libraries/mysql_config.rb
Normal file
56
chef/cookbooks/mysql/libraries/mysql_config.rb
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlConfig < MysqlBase
|
||||||
|
resource_name :mysql_config
|
||||||
|
|
||||||
|
property :config_name, String, name_property: true, desired_state: false
|
||||||
|
property :cookbook, String, desired_state: false
|
||||||
|
property :group, String, default: 'mysql', desired_state: false
|
||||||
|
property :instance, String, default: 'default', desired_state: false
|
||||||
|
property :owner, String, default: 'mysql', desired_state: false
|
||||||
|
property :source, String, desired_state: false
|
||||||
|
property :variables, [Hash], desired_state: false
|
||||||
|
property :version, String, default: lazy { default_major_version }, desired_state: false
|
||||||
|
|
||||||
|
require_relative 'helpers'
|
||||||
|
include MysqlCookbook::HelpersBase
|
||||||
|
|
||||||
|
provides :mysql_config
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
# hax because group property
|
||||||
|
g = Chef::Resource::Group.new(new_resource.group, run_context)
|
||||||
|
g.system true if name == 'mysql'
|
||||||
|
resource_collection.insert g
|
||||||
|
|
||||||
|
user owner do
|
||||||
|
gid owner
|
||||||
|
system true if name == 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory include_dir do
|
||||||
|
owner new_resource.owner
|
||||||
|
group new_resource.group
|
||||||
|
mode '0750'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
template "#{include_dir}/#{config_name}.cnf" do
|
||||||
|
owner new_resource.owner
|
||||||
|
group new_resource.group
|
||||||
|
mode '0640'
|
||||||
|
variables(new_resource.variables)
|
||||||
|
source new_resource.source
|
||||||
|
cookbook cookbook
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :delete do
|
||||||
|
file "#{include_dir}/#{config_name}.cnf" do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,42 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlServerInstallationPackage < MysqlBase
|
||||||
|
# Resource properties
|
||||||
|
resource_name :mysql_server_installation_package
|
||||||
|
provides :mysql_server_installation, os: 'linux'
|
||||||
|
|
||||||
|
property :package_name, String, default: lazy { default_server_package_name }, desired_state: false
|
||||||
|
property :package_options, [String, nil], desired_state: false
|
||||||
|
property :package_version, [String, nil], default: nil, desired_state: false
|
||||||
|
|
||||||
|
# helper methods
|
||||||
|
require_relative 'helpers'
|
||||||
|
include MysqlCookbook::HelpersBase
|
||||||
|
|
||||||
|
# Actions
|
||||||
|
action :install do
|
||||||
|
package package_name do
|
||||||
|
version package_version if package_version
|
||||||
|
options package_options if package_options
|
||||||
|
notifies :install, 'package[perl-Sys-Hostname-Long]', :immediately if platform_family?('suse')
|
||||||
|
notifies :run, 'execute[Initial DB setup script]', :immediately if platform_family?('suse')
|
||||||
|
action :install
|
||||||
|
end
|
||||||
|
|
||||||
|
package 'perl-Sys-Hostname-Long' do
|
||||||
|
action :nothing
|
||||||
|
end
|
||||||
|
|
||||||
|
execute 'Initial DB setup script' do
|
||||||
|
environment 'INSTANCE' => new_resource.name
|
||||||
|
command '/usr/lib/mysql/mysql-systemd-helper install'
|
||||||
|
action :nothing
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :delete do
|
||||||
|
package package_name do
|
||||||
|
action :remove
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
105
chef/cookbooks/mysql/libraries/mysql_service.rb
Normal file
105
chef/cookbooks/mysql/libraries/mysql_service.rb
Normal file
|
@ -0,0 +1,105 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
require_relative 'mysql_service_base'
|
||||||
|
class MysqlService < MysqlServiceBase
|
||||||
|
resource_name :mysql_service
|
||||||
|
|
||||||
|
# installation type and service_manager
|
||||||
|
property :install_method, %w(package auto), default: 'auto', desired_state: false
|
||||||
|
property :service_manager, %w(sysvinit upstart systemd auto), default: 'auto', desired_state: false
|
||||||
|
|
||||||
|
# mysql_server_installation
|
||||||
|
property :version, String, default: lazy { default_major_version }, desired_state: false
|
||||||
|
property :major_version, String, default: lazy { major_from_full(version) }, desired_state: false
|
||||||
|
property :package_name, String, default: lazy { default_package_name }, desired_state: false
|
||||||
|
property :package_options, [String, nil], desired_state: false
|
||||||
|
property :package_version, [String, nil], default: nil, desired_state: false
|
||||||
|
|
||||||
|
################
|
||||||
|
# Helper Methods
|
||||||
|
################
|
||||||
|
|
||||||
|
def copy_properties_to(to, *properties)
|
||||||
|
properties = self.class.properties.keys if properties.empty?
|
||||||
|
properties.each do |p|
|
||||||
|
# If the property is set on from, and exists on to, set the
|
||||||
|
# property on to
|
||||||
|
if to.class.properties.include?(p) && property_is_set?(p)
|
||||||
|
to.send(p, send(p))
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action_class.class_eval do
|
||||||
|
def installation(&block)
|
||||||
|
case install_method
|
||||||
|
when 'auto'
|
||||||
|
install = mysql_server_installation(name, &block)
|
||||||
|
when 'package'
|
||||||
|
install = mysql_server_installation_package(name, &block)
|
||||||
|
when 'none'
|
||||||
|
Chef::Log.info('Skipping Mysql installation. Assuming it was handled previously.')
|
||||||
|
return
|
||||||
|
end
|
||||||
|
copy_properties_to(install)
|
||||||
|
install
|
||||||
|
end
|
||||||
|
|
||||||
|
def svc_manager(&block)
|
||||||
|
case service_manager
|
||||||
|
when 'auto'
|
||||||
|
svc = mysql_service_manager(name, &block)
|
||||||
|
when 'sysvinit'
|
||||||
|
svc = mysql_service_manager_sysvinit(name, &block)
|
||||||
|
when 'upstart'
|
||||||
|
svc = mysql_service_manager_upstart(name, &block)
|
||||||
|
when 'systemd'
|
||||||
|
svc = mysql_service_manager_systemd(name, &block)
|
||||||
|
end
|
||||||
|
copy_properties_to(svc)
|
||||||
|
svc
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
#########
|
||||||
|
# Actions
|
||||||
|
#########
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
installation do
|
||||||
|
action :install
|
||||||
|
end
|
||||||
|
|
||||||
|
svc_manager do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :start do
|
||||||
|
svc_manager do
|
||||||
|
action :start
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :delete do
|
||||||
|
svc_manager do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
|
||||||
|
installation do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :restart do
|
||||||
|
svc_manager do
|
||||||
|
action :restart
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :stop do
|
||||||
|
svc_manager do
|
||||||
|
action :stop
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
205
chef/cookbooks/mysql/libraries/mysql_service_base.rb
Normal file
205
chef/cookbooks/mysql/libraries/mysql_service_base.rb
Normal file
|
@ -0,0 +1,205 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlServiceBase < MysqlBase
|
||||||
|
property :bind_address, String, desired_state: false
|
||||||
|
property :charset, String, default: 'utf8', desired_state: false
|
||||||
|
property :data_dir, String, default: lazy { default_data_dir }, desired_state: false
|
||||||
|
property :error_log, String, default: lazy { default_error_log }, desired_state: false
|
||||||
|
property :initial_root_password, String, default: 'ilikerandompasswords', desired_state: false
|
||||||
|
property :instance, String, name_property: true, desired_state: false
|
||||||
|
property :mysqld_options, Hash, default: {}, desired_state: false
|
||||||
|
property :pid_file, String, default: lazy { default_pid_file }, desired_state: false
|
||||||
|
property :port, [String, Integer], default: '3306', desired_state: false
|
||||||
|
property :socket, String, default: lazy { default_socket_file }, desired_state: false
|
||||||
|
property :tmp_dir, String, desired_state: false
|
||||||
|
|
||||||
|
alias socket_file socket
|
||||||
|
|
||||||
|
require_relative 'helpers'
|
||||||
|
include MysqlCookbook::HelpersBase
|
||||||
|
|
||||||
|
# FIXME: comment about what this does
|
||||||
|
declare_action_class.class_eval do
|
||||||
|
def create_system_user
|
||||||
|
group 'mysql' do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
user 'mysql' do
|
||||||
|
gid 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def create_config
|
||||||
|
# require 'pry' ; binding.pry
|
||||||
|
|
||||||
|
# Yak shaving secion. Account for random errata.
|
||||||
|
#
|
||||||
|
# Turns out that mysqld is hard coded to try and read
|
||||||
|
# /etc/mysql/my.cnf, and its presence causes problems when
|
||||||
|
# setting up multiple services.
|
||||||
|
file "#{prefix_dir}/etc/mysql/my.cnf" do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
|
||||||
|
file "#{prefix_dir}/etc/my.cnf" do
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
|
||||||
|
# mysql_install_db is broken on 5.6.13
|
||||||
|
link "#{prefix_dir}/usr/share/my-default.cnf" do
|
||||||
|
to "#{etc_dir}/my.cnf"
|
||||||
|
not_if { ::File.exist? "#{prefix_dir}/usr/share/my-default.cnf" } # FIXME: Chef bug?
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# Support directories
|
||||||
|
directory etc_dir do
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0750'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory include_dir do
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0750'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory run_dir do
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0755'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory log_dir do
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0750'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
directory data_dir do
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0750'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# Main configuration file
|
||||||
|
template "#{etc_dir}/my.cnf" do
|
||||||
|
source 'my.cnf.erb'
|
||||||
|
cookbook 'mysql'
|
||||||
|
owner run_user
|
||||||
|
group run_group
|
||||||
|
mode '0600'
|
||||||
|
variables(config: new_resource)
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def initialize_database
|
||||||
|
# initialize database and create initial records
|
||||||
|
bash "#{name} initial records" do
|
||||||
|
code init_records_script
|
||||||
|
umask '022'
|
||||||
|
returns [0, 1, 2] # facepalm
|
||||||
|
not_if "/usr/bin/test -f #{data_dir}/mysql/user.frm"
|
||||||
|
action :run
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_support_directories
|
||||||
|
# Stop the service before removing support directories
|
||||||
|
delete_stop_service
|
||||||
|
|
||||||
|
directory etc_dir do
|
||||||
|
recursive true
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
|
||||||
|
directory run_dir do
|
||||||
|
recursive true
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
|
||||||
|
directory log_dir do
|
||||||
|
recursive true
|
||||||
|
action :delete
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Platform specific bits
|
||||||
|
#
|
||||||
|
def configure_apparmor
|
||||||
|
# Do not add these resource if inside a container
|
||||||
|
# Only valid on Ubuntu
|
||||||
|
|
||||||
|
unless ::File.exist?('/.dockerenv') || ::File.exist?('/.dockerinit')
|
||||||
|
if node['platform'] == 'ubuntu'
|
||||||
|
# Apparmor
|
||||||
|
package 'apparmor' do
|
||||||
|
action :install
|
||||||
|
end
|
||||||
|
|
||||||
|
directory '/etc/apparmor.d/local/mysql' do
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0755'
|
||||||
|
recursive true
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
template '/etc/apparmor.d/local/usr.sbin.mysqld' do
|
||||||
|
cookbook 'mysql'
|
||||||
|
source 'apparmor/usr.sbin.mysqld-local.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
action :create
|
||||||
|
notifies :restart, "service[#{instance} apparmor]", :immediately
|
||||||
|
end
|
||||||
|
|
||||||
|
template '/etc/apparmor.d/usr.sbin.mysqld' do
|
||||||
|
cookbook 'mysql'
|
||||||
|
source 'apparmor/usr.sbin.mysqld.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
action :create
|
||||||
|
notifies :restart, "service[#{instance} apparmor]", :immediately
|
||||||
|
end
|
||||||
|
|
||||||
|
template "/etc/apparmor.d/local/mysql/#{instance}" do
|
||||||
|
cookbook 'mysql'
|
||||||
|
source 'apparmor/usr.sbin.mysqld-instance.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
variables(
|
||||||
|
config: new_resource,
|
||||||
|
mysql_name: mysql_name
|
||||||
|
)
|
||||||
|
action :create
|
||||||
|
notifies :restart, "service[#{instance} apparmor]", :immediately
|
||||||
|
end
|
||||||
|
|
||||||
|
service "#{instance} apparmor" do
|
||||||
|
service_name 'apparmor'
|
||||||
|
action :nothing
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
160
chef/cookbooks/mysql/libraries/mysql_service_manager_systemd.rb
Normal file
160
chef/cookbooks/mysql/libraries/mysql_service_manager_systemd.rb
Normal file
|
@ -0,0 +1,160 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlServiceManagerSystemd < MysqlServiceBase
|
||||||
|
resource_name :mysql_service_manager_systemd
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'fedora'
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: %w(redhat centos scientific) do |node| # ~FC005
|
||||||
|
node['platform_version'].to_f >= 7.0
|
||||||
|
end
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'debian' do |node|
|
||||||
|
node['platform_version'].to_f >= 8.0
|
||||||
|
end
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'ubuntu' do |node|
|
||||||
|
node['platform_version'].to_f >= 15.04
|
||||||
|
end
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'opensuse' do |node|
|
||||||
|
node['platform_version'].to_f >= 13.0
|
||||||
|
end
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'opensuseleap' do |node|
|
||||||
|
node['platform_version'].to_f >= 42.0
|
||||||
|
end
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
# from base
|
||||||
|
create_system_user
|
||||||
|
stop_system_service
|
||||||
|
create_config
|
||||||
|
configure_apparmor
|
||||||
|
initialize_database
|
||||||
|
end
|
||||||
|
|
||||||
|
action :start do
|
||||||
|
# Needed for Debian / Ubuntu
|
||||||
|
directory '/usr/libexec' do
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0755'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# this script is called by the main systemd unit file, and
|
||||||
|
# spins around until the service is actually up and running.
|
||||||
|
template "/usr/libexec/#{mysql_name}-wait-ready" do
|
||||||
|
path "/usr/libexec/#{mysql_name}-wait-ready"
|
||||||
|
source 'systemd/mysqld-wait-ready.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0755'
|
||||||
|
variables(socket_file: socket_file)
|
||||||
|
cookbook 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# this is the main systemd unit file
|
||||||
|
template "/etc/systemd/system/#{mysql_name}.service" do
|
||||||
|
path "/etc/systemd/system/#{mysql_name}.service"
|
||||||
|
source 'systemd/mysqld.service.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
variables(
|
||||||
|
config: new_resource,
|
||||||
|
etc_dir: etc_dir,
|
||||||
|
base_dir: base_dir,
|
||||||
|
mysqld_bin: mysqld_bin
|
||||||
|
)
|
||||||
|
cookbook 'mysql'
|
||||||
|
notifies :run, "execute[#{instance} systemctl daemon-reload]", :immediately
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# avoid 'Unit file changed on disk' warning
|
||||||
|
execute "#{instance} systemctl daemon-reload" do
|
||||||
|
command '/bin/systemctl daemon-reload'
|
||||||
|
action :nothing
|
||||||
|
end
|
||||||
|
|
||||||
|
# tmpfiles.d config so the service survives reboot
|
||||||
|
template "/usr/lib/tmpfiles.d/#{mysql_name}.conf" do
|
||||||
|
path "/usr/lib/tmpfiles.d/#{mysql_name}.conf"
|
||||||
|
source 'tmpfiles.d.conf.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
variables(
|
||||||
|
run_dir: run_dir,
|
||||||
|
run_user: run_user,
|
||||||
|
run_group: run_group
|
||||||
|
)
|
||||||
|
cookbook 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
# service management resource
|
||||||
|
service mysql_name.to_s do
|
||||||
|
service_name mysql_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
supports restart: true, status: true
|
||||||
|
action [:enable, :start]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :stop do
|
||||||
|
# service management resource
|
||||||
|
service mysql_name.to_s do
|
||||||
|
service_name mysql_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
supports status: true
|
||||||
|
action [:disable, :stop]
|
||||||
|
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :restart do
|
||||||
|
# service management resource
|
||||||
|
service mysql_name.to_s do
|
||||||
|
service_name mysql_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
supports restart: true
|
||||||
|
action :restart
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :reload do
|
||||||
|
# service management resource
|
||||||
|
service mysql_name.to_s do
|
||||||
|
service_name mysql_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
action :reload
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
declare_action_class.class_eval do
|
||||||
|
def stop_system_service
|
||||||
|
# service management resource
|
||||||
|
service 'mysql' do
|
||||||
|
service_name system_service_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
supports status: true
|
||||||
|
action [:stop, :disable]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_stop_service
|
||||||
|
# service management resource
|
||||||
|
service mysql_name.to_s do
|
||||||
|
service_name mysql_name
|
||||||
|
provider Chef::Provider::Service::Systemd
|
||||||
|
supports status: true
|
||||||
|
action [:disable, :stop]
|
||||||
|
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,96 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlServiceManagerSysvinit < MysqlServiceBase
|
||||||
|
resource_name :mysql_service_manager_sysvinit
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: %w(redhat centos scientific oracle) do |node| # ~FC005
|
||||||
|
node['platform_version'].to_f <= 7.0
|
||||||
|
end
|
||||||
|
|
||||||
|
provides :mysql_service_manager, platform: 'suse'
|
||||||
|
provides :mysql_service_manager, platform: 'debian'
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
# from base
|
||||||
|
create_system_user
|
||||||
|
stop_system_service
|
||||||
|
create_config
|
||||||
|
initialize_database
|
||||||
|
configure_apparmor
|
||||||
|
end
|
||||||
|
|
||||||
|
action :start do
|
||||||
|
template "/etc/init.d/#{mysql_name}" do
|
||||||
|
source 'sysvinit/mysqld.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0755'
|
||||||
|
variables(
|
||||||
|
config: new_resource,
|
||||||
|
defaults_file: defaults_file,
|
||||||
|
error_log: error_log,
|
||||||
|
mysql_name: mysql_name,
|
||||||
|
mysqladmin_bin: mysqladmin_bin,
|
||||||
|
mysqld_safe_bin: mysqld_safe_bin,
|
||||||
|
pid_file: pid_file,
|
||||||
|
scl_name: scl_name
|
||||||
|
)
|
||||||
|
cookbook 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
supports restart: true, status: true
|
||||||
|
action [:enable, :start]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :stop do
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
supports restart: true, status: true
|
||||||
|
action [:stop]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :restart do
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
supports restart: true
|
||||||
|
action :restart
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :reload do
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
action :reload
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
declare_action_class.class_eval do
|
||||||
|
def stop_system_service
|
||||||
|
service system_service_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
supports status: true
|
||||||
|
action [:stop, :disable]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_stop_service
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
|
||||||
|
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
|
||||||
|
supports status: true
|
||||||
|
action [:disable, :stop]
|
||||||
|
only_if { ::File.exist?("#{etc_dir}/init.d/#{mysql_name}") }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
107
chef/cookbooks/mysql/libraries/mysql_service_manager_upstart.rb
Normal file
107
chef/cookbooks/mysql/libraries/mysql_service_manager_upstart.rb
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
module MysqlCookbook
|
||||||
|
class MysqlServiceManagerUpstart < MysqlServiceBase
|
||||||
|
resource_name :mysql_service_manager_upstart
|
||||||
|
provides :mysql_service_manager, platform: 'ubuntu'
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
# from base
|
||||||
|
create_system_user
|
||||||
|
stop_system_service
|
||||||
|
create_config
|
||||||
|
configure_apparmor
|
||||||
|
initialize_database
|
||||||
|
end
|
||||||
|
|
||||||
|
action :start do
|
||||||
|
template "/usr/sbin/#{mysql_name}-wait-ready" do
|
||||||
|
source 'upstart/mysqld-wait-ready.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0755'
|
||||||
|
variables(socket_file: socket_file)
|
||||||
|
cookbook 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
template "/etc/init/#{mysql_name}.conf" do
|
||||||
|
source 'upstart/mysqld.erb'
|
||||||
|
owner 'root'
|
||||||
|
group 'root'
|
||||||
|
mode '0644'
|
||||||
|
variables(
|
||||||
|
defaults_file: defaults_file,
|
||||||
|
mysql_name: mysql_name,
|
||||||
|
run_group: run_group,
|
||||||
|
run_user: run_user,
|
||||||
|
socket_dir: socket_dir
|
||||||
|
)
|
||||||
|
cookbook 'mysql'
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
supports status: true
|
||||||
|
action [:start]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :stop do
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
supports restart: true, status: true
|
||||||
|
action [:stop]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :restart do
|
||||||
|
# With Upstart, restarting the service doesn't behave "as expected".
|
||||||
|
# We want the post-start stanzas, which wait until the
|
||||||
|
# service is available before returning
|
||||||
|
#
|
||||||
|
# http://upstart.ubuntu.com/cookbook/#restart
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
action :stop
|
||||||
|
end
|
||||||
|
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
action :start
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
action :reload do
|
||||||
|
# With Upstart, reload just sends a HUP signal to the process.
|
||||||
|
# As far as I can tell, this doesn't work the way it's
|
||||||
|
# supposed to, so we need to actually restart the service.
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
action :stop
|
||||||
|
end
|
||||||
|
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
action :start
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
declare_action_class.class_eval do
|
||||||
|
def stop_system_service
|
||||||
|
service system_service_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
supports status: true
|
||||||
|
action [:stop, :disable]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def delete_stop_service
|
||||||
|
service mysql_name do
|
||||||
|
provider Chef::Provider::Service::Upstart
|
||||||
|
action [:disable, :stop]
|
||||||
|
only_if { ::File.exist?("#{etc_dir}/init/#{mysql_name}") }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
1
chef/cookbooks/mysql/metadata.json
Normal file
1
chef/cookbooks/mysql/metadata.json
Normal file
|
@ -0,0 +1 @@
|
||||||
|
{"name":"mysql","version":"8.2.0","description":"Provides mysql_service, mysql_config, and mysql_client resources","long_description":"","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"amazon":">= 0.0.0","redhat":">= 0.0.0","centos":">= 0.0.0","scientific":">= 0.0.0","oracle":">= 0.0.0","fedora":">= 0.0.0","debian":">= 0.0.0","ubuntu":">= 0.0.0","suse":">= 0.0.0","opensuse":">= 0.0.0","opensuseleap":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}}
|
|
@ -0,0 +1,14 @@
|
||||||
|
/etc/<%= @mysql_name %>/*.pem r,
|
||||||
|
/etc/<%= @mysql_name %>/conf.d/ r,
|
||||||
|
/etc/<%= @mysql_name %>/conf.d/* r,
|
||||||
|
/etc/<%= @mysql_name %>/my.cnf r,
|
||||||
|
<%= @config.log_dir %>/ r,
|
||||||
|
<%= @config.log_dir %>/* rw,
|
||||||
|
<%= @config.data_dir %>/ r,
|
||||||
|
<%= @config.data_dir %>/** rwk,
|
||||||
|
<%= @config.run_dir %>/** rw,
|
||||||
|
<%= @config.pid_file %> rw,
|
||||||
|
<%= @config.socket_file %> rw,
|
||||||
|
/tmp/<%= @mysql_name %>/ r,
|
||||||
|
/tmp/<%= @mysql_name %>/my.sql r,
|
||||||
|
<%= @config.tmp_dir %>/* rw,
|
|
@ -0,0 +1 @@
|
||||||
|
#include <local/mysql>
|
|
@ -0,0 +1,47 @@
|
||||||
|
# vim:syntax=apparmor
|
||||||
|
# Last Modified: Tue Jun 19 17:37:30 2007
|
||||||
|
#include <tunables/global>
|
||||||
|
|
||||||
|
/usr/sbin/mysqld {
|
||||||
|
#include <abstractions/base>
|
||||||
|
#include <abstractions/nameservice>
|
||||||
|
#include <abstractions/user-tmp>
|
||||||
|
#include <abstractions/mysql>
|
||||||
|
#include <abstractions/winbind>
|
||||||
|
|
||||||
|
capability dac_override,
|
||||||
|
capability sys_resource,
|
||||||
|
capability setgid,
|
||||||
|
capability setuid,
|
||||||
|
|
||||||
|
network tcp,
|
||||||
|
|
||||||
|
/etc/hosts.allow r,
|
||||||
|
/etc/hosts.deny r,
|
||||||
|
|
||||||
|
/etc/mysql/*.pem r,
|
||||||
|
/etc/mysql/conf.d/ r,
|
||||||
|
/etc/mysql/conf.d/* r,
|
||||||
|
/etc/mysql/*.cnf r,
|
||||||
|
/usr/lib/mysql/plugin/ r,
|
||||||
|
/usr/lib/mysql/plugin/*.so* mr,
|
||||||
|
/usr/sbin/mysqld mr,
|
||||||
|
/usr/share/mysql/** r,
|
||||||
|
/var/log/mysql.log rw,
|
||||||
|
/var/log/mysql.err rw,
|
||||||
|
/var/lib/mysql/ r,
|
||||||
|
/var/lib/mysql/** rwk,
|
||||||
|
/var/log/mysql/ r,
|
||||||
|
/var/log/mysql/* rw,
|
||||||
|
/var/run/mysqld/mysqld.pid rw,
|
||||||
|
/var/run/mysqld/mysqld.sock w,
|
||||||
|
/var/run/mysqld/mysqld.sock.lock rw,
|
||||||
|
/run/mysqld/mysqld.pid rw,
|
||||||
|
/run/mysqld/mysqld.sock w,
|
||||||
|
/run/mysqld/mysqld.sock.lock rw,
|
||||||
|
|
||||||
|
/sys/devices/system/cpu/ r,
|
||||||
|
|
||||||
|
# Site-specific additions and overrides. See local/README for details.
|
||||||
|
#include <local/usr.sbin.mysqld>
|
||||||
|
}
|
57
chef/cookbooks/mysql/templates/default/my.cnf.erb
Normal file
57
chef/cookbooks/mysql/templates/default/my.cnf.erb
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
# Chef generated my.cnf for instance mysql-<%= @config.name %>
|
||||||
|
|
||||||
|
[client]
|
||||||
|
<% if @config.charset %>
|
||||||
|
default-character-set = <%= @config.charset %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.port %>
|
||||||
|
port = <%= @config.port %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.socket_file %>
|
||||||
|
socket = <%= @config.socket_file %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
[mysql]
|
||||||
|
<% if @config.charset %>
|
||||||
|
default-character-set = <%= @config.charset %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
[mysqld]
|
||||||
|
<% if @config.run_user %>
|
||||||
|
user = <%= @config.run_user %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.pid_file %>
|
||||||
|
pid-file = <%= @config.pid_file %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.socket_file %>
|
||||||
|
socket = <%= @config.socket_file %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.bind_address %>
|
||||||
|
bind-address = <%= @config.bind_address %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.port %>
|
||||||
|
port = <%= @config.port %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.data_dir %>
|
||||||
|
datadir = <%= @config.data_dir %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.tmp_dir %>
|
||||||
|
tmpdir = <%= @config.tmp_dir %>
|
||||||
|
<% end %>
|
||||||
|
<% @config.mysqld_options.each do |option,value| %>
|
||||||
|
<%= option %> = <%= value %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.lc_messages_dir %>
|
||||||
|
lc-messages-dir = <%= @config.lc_messages_dir %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.error_log %>
|
||||||
|
log-error = <%= @config.error_log %>
|
||||||
|
<% end %>
|
||||||
|
<% if @config.include_dir %>
|
||||||
|
!includedir <%= @config.include_dir %>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
[mysqld_safe]
|
||||||
|
<% if @config.socket_file %>
|
||||||
|
socket = <%= @config.socket_file %>
|
||||||
|
<% end %>
|
|
@ -0,0 +1,28 @@
|
||||||
|
#!/sbin/sh
|
||||||
|
#
|
||||||
|
# Generated by Chef
|
||||||
|
#
|
||||||
|
|
||||||
|
. /lib/svc/share/smf_include.sh
|
||||||
|
|
||||||
|
ulimit -n 10240
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
<%= @mysqld_bin %> \
|
||||||
|
--defaults-file=<%= @defaults_file %> \
|
||||||
|
--basedir=<%= @base_dir %> \
|
||||||
|
--datadir=<%= @data_dir %> \
|
||||||
|
--pid-file=<%= @pid_file %> \
|
||||||
|
--log-error=<%= @error_log %> &
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
[ -f <%= @pid_file %> ] && kill `/usr/bin/head -1 <%= @pid_file %>`
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Usage: $0 {start|stop}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
exit $SMF_EXIT_OK
|
|
@ -0,0 +1,30 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
daemon_pid="$1"
|
||||||
|
|
||||||
|
# Wait for the server to come up or for the mysqld process to disappear
|
||||||
|
ret=0
|
||||||
|
while /bin/true; do
|
||||||
|
RESPONSE=`/usr/bin/mysqladmin --no-defaults --socket="<%= @socket_file %>" --user=UNKNOWN_MYSQL_USER ping 2>&1`
|
||||||
|
mret=$?
|
||||||
|
if [ $mret -eq 0 ]; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
# exit codes 1, 11 (EXIT_CANNOT_CONNECT_TO_SERVICE) are expected,
|
||||||
|
# anything else suggests a configuration error
|
||||||
|
if [ $mret -ne 1 -a $mret -ne 11 ]; then
|
||||||
|
ret=1
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
# "Access denied" also means the server is alive
|
||||||
|
echo "$RESPONSE" | grep -q "Access denied for user" && break
|
||||||
|
|
||||||
|
# Check process still exists
|
||||||
|
if ! /bin/kill -0 $daemon_pid 2>/dev/null; then
|
||||||
|
ret=1
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
exit $ret
|
|
@ -0,0 +1,16 @@
|
||||||
|
[Unit]
|
||||||
|
Description=mysql_service[mysql-<%= @config.instance %>]
|
||||||
|
After=syslog.target
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User=<%= @config.run_user %>
|
||||||
|
Group=<%= @config.run_group %>
|
||||||
|
ExecStart=<%= @mysqld_bin %> --defaults-file=<%= @etc_dir %>/my.cnf --basedir=<%= @base_dir %>
|
||||||
|
ExecStartPost=/usr/libexec/mysql-<%= @config.instance %>-wait-ready $MAINPID
|
||||||
|
TimeoutSec=300
|
||||||
|
PrivateTmp=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
279
chef/cookbooks/mysql/templates/default/sysvinit/mysqld.erb
Normal file
279
chef/cookbooks/mysql/templates/default/sysvinit/mysqld.erb
Normal file
|
@ -0,0 +1,279 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
### BEGIN INIT INFO
|
||||||
|
# Provides: <%= @mysql_name %>
|
||||||
|
# Required-Start: $remote_fs $syslog
|
||||||
|
# Required-Stop: $remote_fs $syslog
|
||||||
|
# Should-Start: $network $time
|
||||||
|
# Should-Stop: $network $time
|
||||||
|
# Default-Start: 2 3 4 5
|
||||||
|
# Default-Stop: 0 1 6
|
||||||
|
# Short-Description: Start and stop the mysql database server daemon
|
||||||
|
# Description: Controls the main MySQL database server daemon "mysqld"
|
||||||
|
# and its wrapper script "mysqld_safe".
|
||||||
|
### END INIT INFO
|
||||||
|
|
||||||
|
# set -e
|
||||||
|
# set -u
|
||||||
|
|
||||||
|
### Exit code reference
|
||||||
|
# http://fedoraproject.org/wiki/Packaging:SysVInitScript
|
||||||
|
# http://refspecs.linuxbase.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
|
||||||
|
|
||||||
|
# Source functions
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
# Source RHEL function library.
|
||||||
|
. /etc/rc.d/init.d/functions
|
||||||
|
<% end %>
|
||||||
|
|
||||||
|
####
|
||||||
|
# Variables
|
||||||
|
####
|
||||||
|
|
||||||
|
STARTTIMEOUT=900
|
||||||
|
STOPTIMEOUT=900
|
||||||
|
PID_DELAY=60
|
||||||
|
|
||||||
|
####
|
||||||
|
# Helper functions
|
||||||
|
###
|
||||||
|
|
||||||
|
# Boolean function to see if MYSQL_PID exists and is a number
|
||||||
|
pid_exists() {
|
||||||
|
PID_EXISTS=1
|
||||||
|
if [ -f <%= @pid_file %> ]; then
|
||||||
|
MYSQLD_PID=`cat <%= @pid_file %> 2>/dev/null`
|
||||||
|
if [ -n "$MYSQLD_PID" ] && [ -d "/proc/$MYSQLD_PID" ] ; then
|
||||||
|
PID_EXISTS=0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
return $PID_EXISTS
|
||||||
|
}
|
||||||
|
|
||||||
|
# Use mysqladmin to ping the service as an invalid user over a socket
|
||||||
|
running() {
|
||||||
|
RUNNING=1
|
||||||
|
RESPONSE=`<%= @mysqladmin_bin %> --defaults-file=<%= @defaults_file %> --user=UNKNOWN_MYSQL_USER ping 2>&1`
|
||||||
|
local mret=$?
|
||||||
|
if pid_exists \
|
||||||
|
&& [ $mret -eq 0 ] \
|
||||||
|
|| [ `echo $RESPONSE | grep -q "Access denied for user"` ]; then
|
||||||
|
RUNNING=0
|
||||||
|
fi
|
||||||
|
return $RUNNING
|
||||||
|
}
|
||||||
|
|
||||||
|
writable_error_log() {
|
||||||
|
WRITABLE_ERROR_LOG=1
|
||||||
|
touch "<%= @error_log %>" 2>/dev/null
|
||||||
|
touchret=$?
|
||||||
|
if [ $touchret -eq 0 ]; then
|
||||||
|
chown <%= @config.run_user %>:<%= @config.run_group %> <%= @error_log %>
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return $WRITABLE_ERROR_LOG
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
print_start_success() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Starting <%= @mysql_name %>: " /bin/true
|
||||||
|
<% else %>
|
||||||
|
echo "Staring MySQL instance <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
print_start_failure() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Starting <%= @mysql_name %>: " /bin/false
|
||||||
|
<% else %>
|
||||||
|
echo "Could not start MySQL instance <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
print_reload_success() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Reloading <%= @mysql_name %>" /bin/true
|
||||||
|
<% else %>
|
||||||
|
echo "Reload success for <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
print_reload_failure() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Reloading <%= @mysql_name %>" /bin/false
|
||||||
|
<% else %>
|
||||||
|
echo "Reload failed for <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
print_stop_success() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Stopping <%= @mysql_name %>: " /bin/true
|
||||||
|
<% else %>
|
||||||
|
echo "Stopping MySQL instance <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
print_stop_failure() {
|
||||||
|
<% if node['platform_family'] == 'rhel' %>
|
||||||
|
action $"Stopping <%= @mysql_name %>: " /bin/false
|
||||||
|
<% else %>
|
||||||
|
echo "Could not stop MySQL instance <%= @mysql_name %>"
|
||||||
|
<% end %>
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
start_command() {
|
||||||
|
# Attempt to start <%= @mysql_name %>
|
||||||
|
echo "Starting MySQL instance <%= @mysql_name %>"
|
||||||
|
|
||||||
|
local scl_name="<%= @scl_name %>"
|
||||||
|
|
||||||
|
if [ -z $scl_name ]; then
|
||||||
|
<%= @mysqld_safe_bin %> \
|
||||||
|
--defaults-file=<%= @defaults_file %> \
|
||||||
|
>/dev/null 2>&1 &
|
||||||
|
local pid=$!
|
||||||
|
else
|
||||||
|
scl enable $scl_name "<%= @mysqld_safe_bin %> \
|
||||||
|
--defaults-file=<%= @defaults_file %> \
|
||||||
|
>/dev/null 2>&1 &"
|
||||||
|
local pid=$!
|
||||||
|
fi
|
||||||
|
|
||||||
|
return $pid
|
||||||
|
}
|
||||||
|
|
||||||
|
####
|
||||||
|
# Init script actions
|
||||||
|
###
|
||||||
|
|
||||||
|
# Start <%= @mysql_name %>
|
||||||
|
start() {
|
||||||
|
# exit 0 if already running.
|
||||||
|
if running; then
|
||||||
|
print_start_success
|
||||||
|
return 0;
|
||||||
|
fi
|
||||||
|
|
||||||
|
# exit 4 if we can't write to error_log
|
||||||
|
if ! writable_error_log; then
|
||||||
|
print_start_failure
|
||||||
|
return 4
|
||||||
|
fi
|
||||||
|
|
||||||
|
# run program
|
||||||
|
start_command;
|
||||||
|
start_pid=$?
|
||||||
|
|
||||||
|
# Timeout loop
|
||||||
|
local TIMEOUT=$STARTTIMEOUT
|
||||||
|
while [ $TIMEOUT -gt 0 ]; do
|
||||||
|
if running; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
|
||||||
|
let CURRENT_DELAY=${STARTTIMEOUT}-${TIMEOUT}
|
||||||
|
if [ $CURRENT_DELAY -gt $PID_DELAY ] \
|
||||||
|
&& ! pid_exists; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
|
||||||
|
sleep 1
|
||||||
|
let TIMEOUT=${TIMEOUT}-1
|
||||||
|
done
|
||||||
|
|
||||||
|
if running; then
|
||||||
|
# successbaby.gif
|
||||||
|
print_start_success
|
||||||
|
return 0
|
||||||
|
elif ! pid_exists; then
|
||||||
|
# Handle startup failure
|
||||||
|
print_start_failure
|
||||||
|
return 3
|
||||||
|
elif [ $TIMEOUT -eq 0 ]; then
|
||||||
|
# Handle timeout
|
||||||
|
print_start_failure
|
||||||
|
# clean up
|
||||||
|
kill $start_pid 2>/dev/null
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Reload <%= @mysql_name %>
|
||||||
|
reload() {
|
||||||
|
<%= @mysqladmin_bin %> reload
|
||||||
|
local ret=$?
|
||||||
|
if [ $ret -eq 0 ]; then
|
||||||
|
print_reload_success;
|
||||||
|
else
|
||||||
|
print_reload_failure;
|
||||||
|
fi
|
||||||
|
return $ret
|
||||||
|
}
|
||||||
|
|
||||||
|
# Status of <%= @mysql_name %>
|
||||||
|
status() {
|
||||||
|
if running; then
|
||||||
|
echo "<%= @mysql_name %> is running"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
echo "<%= @mysql_name %> is not running"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Stop <%= @mysql_name %>
|
||||||
|
stop() {
|
||||||
|
if running; then
|
||||||
|
echo "Stopping MySQL instance <%= @mysql_name %>"
|
||||||
|
if [ -f <%= @pid_file %> ]; then
|
||||||
|
/bin/kill `cat <%= @pid_file %> 2>/dev/null`
|
||||||
|
kstat=$?
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Timeout loop
|
||||||
|
local TIMEOUT=$STARTTIMEOUT
|
||||||
|
while [ $TIMEOUT -gt 0 ]; do
|
||||||
|
if [ -e <%= @pid_file %> ]; then
|
||||||
|
sleep 1
|
||||||
|
fi
|
||||||
|
let TIMEOUT=${TIMEOUT}-1
|
||||||
|
done
|
||||||
|
|
||||||
|
return $kstat
|
||||||
|
else
|
||||||
|
echo "MySQL instance <%= @mysql_name %> Stopped."
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# main()
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
start
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
stop
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
status
|
||||||
|
;;
|
||||||
|
restart)
|
||||||
|
stop ; start
|
||||||
|
;;
|
||||||
|
reload)
|
||||||
|
reload
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo $"Usage: $0 {start|stop|status|restart|reload}"
|
||||||
|
exit 2
|
||||||
|
esac
|
||||||
|
|
||||||
|
exit $?
|
|
@ -0,0 +1 @@
|
||||||
|
d <%= @run_dir %> 0755 <%= @run_user %> <%= @run_group %> -
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Wait for the server to come up
|
||||||
|
ret=0
|
||||||
|
while /bin/true; do
|
||||||
|
RESPONSE=`/usr/bin/mysqladmin --no-defaults --socket="<%= @socket_file %>" --user=UNKNOWN_MYSQL_USER ping 2>&1`
|
||||||
|
mret=$?
|
||||||
|
if [ $mret -eq 0 ]; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
# exit codes 1, 11 (EXIT_CANNOT_CONNECT_TO_SERVICE) are expected,
|
||||||
|
# anything else suggests a configuration error
|
||||||
|
if [ $mret -ne 1 -a $mret -ne 11 ]; then
|
||||||
|
ret=1
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
# "Access denied" also means the server is alive
|
||||||
|
echo "$RESPONSE" | grep -q "Access denied for user" && break
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
exit $ret
|
26
chef/cookbooks/mysql/templates/default/upstart/mysqld.erb
Normal file
26
chef/cookbooks/mysql/templates/default/upstart/mysqld.erb
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# <%= @mysql_name %> Service
|
||||||
|
|
||||||
|
description "MySQL service <%= @mysql_name %>"
|
||||||
|
author "chef-client"
|
||||||
|
|
||||||
|
start on runlevel [2345]
|
||||||
|
stop on starting rc RUNLEVEL=[016]
|
||||||
|
|
||||||
|
respawn
|
||||||
|
respawn limit 2 5
|
||||||
|
|
||||||
|
env HOME=/etc/<%= @mysql_name %>
|
||||||
|
umask 007
|
||||||
|
|
||||||
|
kill timeout 300
|
||||||
|
|
||||||
|
pre-start script
|
||||||
|
[ -d /run/<%= @mysql_name %> ] || install -m 755 -o <%= @run_user %> -g <%= @run_group %> -d /run/<%= @mysql_name %>
|
||||||
|
[ -d <%= @socket_dir %> ] || install -m 755 -o <%= @run_user %> -g <%= @run_group %> -d <%= @socket_dir %>
|
||||||
|
end script
|
||||||
|
|
||||||
|
exec /usr/sbin/mysqld --defaults-file=<%= @defaults_file %>
|
||||||
|
|
||||||
|
post-start script
|
||||||
|
/usr/sbin/<%= @mysql_name %>-wait-ready
|
||||||
|
end script
|
Loading…
Reference in New Issue
Block a user