summaryrefslogtreecommitdiffstats
path: root/tools
diff options
context:
space:
mode:
authorDamien Ciabrini <dciabrin@redhat.com>2017-07-07 10:44:26 -0400
committerDamien Ciabrini <dciabrin@redhat.com>2017-07-27 13:41:13 -0400
commit0cb45d65c607cf4eb9a4096c7cc3f1c8a5ca58b4 (patch)
treecfff06cb08dd04a36e4c008cd9edddb29e2fa3fb /tools
parent017f8b9b478e6e8a72cfb88cba54ce90b77e6532 (diff)
Generate MySQL client config if service requires database
Services that access database have to read an extra MySQL configuration file /etc/my.cnf.d/tripleo.cnf which holds client-only settings, like client bind address and SSL configuration. The configuration file is thus used by containerized services, but also by non-containerized services that still run on the host. In order to generate that client configuration file appropriately both on the host and for containers, 1) the MySQLClient service must be included by the role; 2) every containerized service which uses the database must include the mysql::client profile in the docker-puppet config generation step. By including the mysql::client profile in each containerized service, we ensure that any change in configuration file will be reflected in the service's /var/lib/config-data/{service}, and that paunch will restart the service's container automatically. We now only rely on MySQLClient from puppet/services, to make it possible to generate /etc/my.cnf.d/tripleo.cnf on the host, and to set the hiera keys that drive the generation of that config file in containers via docker-puppet. We include a new YAML validation step to ensure that any service which depends on MySQL will initialize the mysql::client profile during the docker-puppet step. Change-Id: I0dab1dc9caef1e749f1c42cfefeba179caebc8d7
Diffstat (limited to 'tools')
-rwxr-xr-xtools/yaml-validate.py94
1 files changed, 79 insertions, 15 deletions
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py
index 374cd6e3..3a2691d8 100755
--- a/tools/yaml-validate.py
+++ b/tools/yaml-validate.py
@@ -207,6 +207,22 @@ def validate_hci_computehci_role(hci_role_filename, hci_role_tpl):
return 0
+def search(item, check_item, check_key):
+ if check_item(item):
+ return True
+ elif isinstance(item, list):
+ for i in item:
+ if search(i, check_item, check_key):
+ return True
+ elif isinstance(item, dict):
+ for k in item.keys():
+ if check_key(k, item[k]):
+ return True
+ elif search(item[k], check_item, check_key):
+ return True
+ return False
+
+
def validate_mysql_connection(settings):
no_op = lambda *args: False
error_status = [0]
@@ -228,25 +244,69 @@ def validate_mysql_connection(settings):
error_status[0] = 1
return False
- def search(item, check_item, check_key):
- if check_item(item):
- return True
- elif isinstance(item, list):
- for i in item:
- if search(i, check_item, check_key):
- return True
- elif isinstance(item, dict):
- for k in item.keys():
- if check_key(k, item[k]):
- return True
- elif search(item[k], check_item, check_key):
- return True
- return False
-
search(settings, no_op, validate_mysql_uri)
return error_status[0]
+def validate_docker_service_mysql_usage(filename, tpl):
+ no_op = lambda *args: False
+ included_res = []
+
+ def match_included_res(item):
+ is_config_setting = isinstance(item, list) and len(item) > 1 and \
+ item[1:] == ['role_data', 'config_settings']
+ if is_config_setting:
+ included_res.append(item[0])
+ return is_config_setting
+
+ def match_use_mysql_protocol(items):
+ return items == ['EndpointMap', 'MysqlInternal', 'protocol']
+
+ all_content = []
+
+ def read_all(incfile, inctpl):
+ # search for included content
+ content = inctpl['outputs']['role_data']['value'].get('config_settings',{})
+ all_content.append(content)
+ included_res[:] = []
+ if search(content, match_included_res, no_op):
+ files = [inctpl['resources'][x]['type'] for x in included_res]
+ # parse included content
+ for r, f in zip(included_res, files):
+ # disregard class names, only consider file names
+ if 'OS::' in f:
+ continue
+ newfile = os.path.normpath(os.path.dirname(incfile)+'/'+f)
+ newtmp = yaml.load(open(newfile).read())
+ read_all(newfile, newtmp)
+
+ read_all(filename, tpl)
+ if search(all_content, match_use_mysql_protocol, no_op):
+ # ensure this service includes the mysqlclient service
+ resources = tpl['resources']
+ mysqlclient = [x for x in resources
+ if resources[x]['type'].endswith('mysql-client.yaml')]
+ if len(mysqlclient) == 0:
+ print("ERROR: containerized service %s uses mysql but "
+ "resource mysql-client.yaml is not used"
+ % filename)
+ return 1
+
+ # and that mysql::client puppet module is included in puppet-config
+ match_mysqlclient = \
+ lambda x: x == [mysqlclient[0], 'role_data', 'step_config']
+ role_data = tpl['outputs']['role_data']
+ puppet_config = role_data['value']['puppet_config']['step_config']
+ if not search(puppet_config, match_mysqlclient, no_op):
+ print("ERROR: containerized service %s uses mysql but "
+ "puppet_config section does not include "
+ "::tripleo::profile::base::database::mysql::client"
+ % filename)
+ return 1
+
+ return 0
+
+
def validate_docker_service(filename, tpl):
if 'outputs' in tpl and 'role_data' in tpl['outputs']:
if 'value' not in tpl['outputs']['role_data']:
@@ -275,6 +335,10 @@ def validate_docker_service(filename, tpl):
return 1
if 'puppet_config' in role_data:
+ if validate_docker_service_mysql_usage(filename, tpl):
+ print('ERROR: could not validate use of mysql service for %s.'
+ % filename)
+ return 1
puppet_config = role_data['puppet_config']
for key in puppet_config:
if key in REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS: