X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/c4817c654797638bf16b54f4f9b69ed3715625cb..e847b156af79e857466b8ca0f51d68ef69a6dd01:/cookbooks/mysql/recipes/default.rb diff --git a/cookbooks/mysql/recipes/default.rb b/cookbooks/mysql/recipes/default.rb index 07835e729..aad3a7683 100644 --- a/cookbooks/mysql/recipes/default.rb +++ b/cookbooks/mysql/recipes/default.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: mysql +# Cookbook:: mysql # Recipe:: default # -# Copyright 2013, OpenStreetMap Foundation +# Copyright:: 2013, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,6 +17,9 @@ # limitations under the License. # +include_recipe "munin" +include_recipe "prometheus" + package "mysql-server" package "mysql-client" @@ -25,29 +28,31 @@ service "mysql" do supports :status => true, :restart => true end -file "/etc/mysql/conf.d/chef.cnf" do - action :delete +template "/etc/mysql/mysql.conf.d/zzz-chef.cnf" do + source "my.cnf.erb" + owner "root" + group "root" + mode "644" notifies :restart, "service[mysql]" end -conf_file = if node[:lsb][:release].to_f >= 16.04 - "/etc/mysql/mysql.conf.d/zzz-chef.cnf" - else - "/etc/mysql/conf.d/zzz-chef.cnf" - end +service "apparmor" do + action :nothing +end -template conf_file do - source "my.cnf.erb" +template "/etc/apparmor.d/local/usr.sbin.mysqld" do + source "apparmor.erb" owner "root" group "root" - mode 0o644 - notifies :restart, "service[mysql]" + mode "644" + notifies :restart, "service[apparmor]" + only_if { ::Dir.exist?("/sys/kernel/security/apparmor") } end package "libdbd-mysql-perl" package "libcache-cache-perl" -%w( +%w[ commands connections files handler_read handler_tmp handler_transaction handler_write innodb_bpool innodb_bpool_act innodb_history_list_length innodb_insert_buf innodb_io innodb_io_pend innodb_log innodb_queries @@ -55,16 +60,29 @@ package "libcache-cache-perl" innodb_tnx max_mem mrr myisam_indexes network_traffic performance qcache qcache_mem select_types slow sorts table_definitions table_locks tmp_tables -).each do |stat| +].each do |stat| munin_plugin "mysql_#{stat}" do target "mysql_" end end -%w( +%w[ bin_relay_log files_tables replication -).each do |stat| +].each do |stat| munin_plugin "mysql_#{stat}" do action :delete end end + +mysql_password = persistent_token("mysql", "prometheus", "password") + +mysql_user "prometheus" do + password mysql_password + process true + repl_client true +end + +prometheus_exporter "mysqld" do + port 9104 + environment "DATA_SOURCE_NAME" => "prometheus:#{mysql_password}@(localhost:3306)/" +end