Help using puppetlabs-mysql

[treydock]

I'm working to begin managing MySQL with the puppetlabs-mysql provided
module, but am not able to get very far with the README documentation.

So far, simply trying to add the server module and define the
root_password is failing like so,


err: Could not retrieve catalog from remote server: Error 400 on
SERVER: Invalid parameter root_password at /etc/puppet/manifests/
nodes.pp:882 on node puppetnode1.tld

The definition looks like this,


node 'puppetnode1.tld' {

class { 'mysql::server':
root_password => 'test'
}

database_user { 'treydock@localhost':
password_hash => mysql_password('pass')
}
database_grant { 'treydock@localhost/*':
privileges => ['ALL'],
}

mysql::db { 'zabbix':
user => 'zabbix',
password => 'zabbix',
host => 'localhost',
grant => ['ALL'],
}

}

The database_user and _grant thus far haven't actually done anything.
I'm assuming it's because mysql::server isn't working or being
applied.

There's likely something very obvious I'm missing. This is also my
first time using parameterized classes.

Thanks
- Trey

[Dan Bode]

you are running into a documentation issue. All of the configuration was moved to a new parameter called: config_hash. I can submit a patch

On Mon, Oct 31, 2011 at 10:01 AM, treydock <trey...@gmail.com> wrote:

I'm working to begin managing MySQL with the puppetlabs-mysql provided
module, but am not able to get very far with the README documentation.

So far, simply trying to add the server module and define the
root_password is failing like so,


err: Could not retrieve catalog from remote server: Error 400 on
SERVER: Invalid parameter root_password at /etc/puppet/manifests/
nodes.pp:882 on node puppetnode1.tld

The definition looks like this,


node 'puppetnode1.tld' {

   class { 'mysql::server':
       root_password   => 'test'
   }

should be changed to:

 class { 'mysql::server':

       config_hash => { root_password   => 'test'}
   }

 

   database_user { 'treydock@localhost':
       password_hash   => mysql_password('pass')
   } 

   database_grant { 'treydock@localhost/*':
       privileges  => ['ALL'],
   }

   mysql::db { 'zabbix':
       user        => 'zabbix',
       password    => 'zabbix',
       host        => 'localhost',
       grant       => ['ALL'],
   }

}

The database_user and _grant thus far haven't actually done anything.
I'm assuming it's because mysql::server isn't working or being
applied.

There's likely something very obvious I'm missing.  This is also my
first time using parameterized classes.

Thanks
- Trey

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

[treydock]

Ah that was it! Thanks.

Is there a way to similuate or run the equivilant of
"mysql_secure_installation" within this module? I tried an initial
attempt with the following...but once it's added to the mysql::server
class it never seems to get called...


class mysql::server::secure {

database_user {
"''":
ensure => absent,
require => Service['mysqld'];

"root@${fqdn}":
ensure => absent,
require => Service['mysqld'];
}

database {
"test":
ensure => absent,
require => Service['mysqld'];
}

}

Would the easier route be to just modify the mysql_secure_installation
script to be more puppet friendly?

Thanks
- Trey

[Dan Bode]

what failed? How did you add it to the mysql::server class?

 

class mysql::server::secure {

   database_user {
       "''":
           ensure        => absent,
           require       => Service['mysqld'];

       "root@${fqdn}":
           ensure        => absent,
           require       => Service['mysqld'];
   }

   database {
       "test":
           ensure  => absent,
           require => Service['mysqld'];
   }

}

Would the easier route be to just modify the mysql_secure_installation
script to be more puppet friendly?

Thanks
- Trey

[treydock]

On Oct 31, 1:05 pm, Dan Bode <d...@puppetlabs.com> wrote:

It didn't fail, it just simply did nothing.

This is it's inclusion in mysql::server


class mysql::server(
$service_name = $mysql::params::service_name,
$config_hash = {},
$package_name = 'mysql-server'
) inherits mysql::params {

include mysql::server::secure

# automatically create a class to deal with
# configuration
$hash = {
"mysql::config" => $config_hash
}


I am doing it via Exec now anyways. Though I'd prefer to do it with
the new type and provider

- Trey

[treydock]

Slightly different question...is there a way to pass / store the hash
for the root password rather than the plain text password? Similar to
how the puppet user resource works?

Thanks
- Trey

[Dan Bode]

I am not quite sure if mysql supports that. Could you open a ticket here: http://projects.puppetlabs.com/projects/modules and explain what the implementation would look like?

thanks

[treydock]

On Oct 31, 3:09 pm, Dan Bode <d...@puppetlabs.com> wrote:

> I am not quite sure if mysql supports that. Could you open a ticket here:http://projects.puppetlabs.com/projects/modulesand explain what the

> implementation would look like?
>
> thanks
>
>
>
>
>
>
>
> > Thanks
> > - Trey
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/puppet-users?hl=en.

I'll put that in once I can think of a way to implement it.

I've run into some strange behavior where every run seems to result in
some changes to the rights on a database user.

I've run "puppetd --test --debug -v " dozens of times and the results
are never the same, anywhere between 1 to 3 of the grants I've defined
will get alerted.

Here's my test case (messing with phpMyAdmin)...

mysql::db { 'phpmyadmin':
user => 'pma_ctrl_user',
password => '****',
host => 'localhost',
grant => [ 'select_priv', 'insert_priv', 'delete_priv',
'alter_priv' ],
charset => 'utf8',
}

database_grant { 'pma_ctrl_user@localhost/mysql.db':
privileges => ['select_priv'],
}
database_grant { 'pma_ctrl_user@localhost/mysql.host':
privileges => ['select_priv'],
}
database_grant { 'pma_ctrl_user@localhost/mysql.tables_priv':
privileges => ['select_priv'],
}

And this is an example of what looks like a successful execution of
the command...

Using pastebin cause it's impossible to read if pasted here.

One run - http://pastebin.com/Ey8qt08T

A run about 10 minutes later - http://pastebin.com/JNX0daVt

Each time the changes differ. Also is the "Executing .. " debug
output from puppet not verbatim? I've tried pasting that into the
terminal which does not work.

Thanks
- Trey

[treydock]

> > I am not quite sure if mysql supports that. Could you open a ticket here:http://projects.puppetlabs.com/projects/modulesandexplain what the

> One run -http://pastebin.com/Ey8qt08T
>
> A run about 10 minutes later -http://pastebin.com/JNX0daVt

>
> Each time the changes differ.  Also is the "Executing .. " debug
> output from puppet not verbatim?  I've tried pasting that into the
> terminal which does not work.
>
> Thanks
> - Trey

Well I think I found out why this could be happening, unfortunately
I'm not very good with regex and can't offer much help as far as a
solution.

It seems the regex "^([^@]*)@([^\/]*)(\/(.*))?$" doesn't understand
the "." between the database name and table name. When I use a regex
tester it shows this
-----------
$1 - pma_ctrl_user
$2 - localhost
$3 - /mysql.db
$4 - mysql.db


That makes me think it was intended to split the database and table
name, but I can't for the life of me get the regex to do that. Is
that an accurate conclusion of this problem?

Thanks
- Trey