diff --git a/README.md b/README.md index a4cd7ef..e601af9 100644 --- a/README.md +++ b/README.md @@ -1,551 +1,615 @@ # mysql #### Table of Contents 1. [Module Description - What the module does and why it is useful](#module-description) 2. [Setup - The basics of getting started with mysql](#setup) * [Beginning with mysql](#beginning-with-mysql) 3. [Usage - Configuration options and additional functionality](#usage) * [Customize server options](#customize-server-options) * [Create a database](#create-a-database) * [Customize configuration](#customize-configuration) * [Work with an existing server](#work-with-an-existing-server) * [Specify passwords](#specify-passwords) * [Install Percona server on CentOS](#install-percona-server-on-centos) * [Install MariaDB on Ubuntu](#install-mariadb-on-ubuntu) * [Install Plugins](#install-plugins) + * [Use Percona XtraBackup](#use-percona-xtrabackup) 4. [Reference - An under-the-hood peek at what the module is doing and how](REFERENCE.md) 5. [Limitations - OS compatibility, etc.](#limitations) 6. [Development - Guide for contributing to the module](#development) ## Module Description The mysql module installs, configures, and manages the MySQL service. This module manages both the installation and configuration of MySQL, as well as extending Puppet to allow management of MySQL resources, such as databases, users, and grants. ## Setup ### Beginning with mysql To install a server with the default options: `include '::mysql::server'`. To customize options, such as the root password or `/etc/my.cnf` settings, you must also pass in an override hash: ```puppet class { '::mysql::server': root_password => 'strongpassword', remove_default_accounts => true, restart => true, override_options => $override_options } ``` Nota bene: Configuration changes will only be applied to the running MySQL server if you pass true as restart to mysql::server. See [**Customize Server Options**](#customize-server-options) below for examples of the hash structure for $override_options. ## Usage All interaction for the server is done via `mysql::server`. To install the client, use `mysql::client`. To install bindings, use `mysql::bindings`. ### Customize server options To define server options, structure a hash structure of overrides in `mysql::server`. This hash resembles a hash in the my.cnf file: ```puppet $override_options = { 'section' => { 'item' => 'thing', } } ``` For options that you would traditionally represent in this format: ``` [section] thing = X ``` Entries can be created as `thing => true`, `thing => value`, or `thing => ""` in the hash. Alternatively, you can pass an array as `thing => ['value', 'value2']` or list each `thing => value` separately on individual lines. You can pass a variable in the hash without setting a value for it; the variable would then use MySQL's default settings. To exclude an option from the `my.cnf` file --- for example, when using `override_options` to revert to a default value --- pass `thing => undef`. If an option needs multiple instances, pass an array. For example, ```puppet $override_options = { 'mysqld' => { 'replicate-do-db' => ['base1', 'base2'], } } ``` produces ```puppet [mysqld] replicate-do-db = base1 replicate-do-db = base2 ``` To implement version specific parameters, specify the version, such as [mysqld-5.5]. This allows one config for different versions of MySQL. If you don’t want to use the default configuration, you can also supply your options to the `$options` parameter instead of `$override_options`. Please note that `$options` and `$override_options` are mutually exclusive, you can only use one of them. ### Create a database To create a database with a user and some assigned privileges: ```puppet mysql::db { 'mydb': user => 'myuser', password => 'mypass', host => 'localhost', grant => ['SELECT', 'UPDATE'], } ``` To use a different resource name with exported resources: ```puppet @@mysql::db { "mydb_${fqdn}": user => 'myuser', password => 'mypass', dbname => 'mydb', host => ${fqdn}, grant => ['SELECT', 'UPDATE'], tag => $domain, } ``` Then you can collect it on the remote DB server: ```puppet Mysql::Db <<| tag == $domain |>> ``` If you set the sql parameter to a file when creating a database, the file is imported into the new database. For large sql files, increase the `import_timeout` parameter, which defaults to 300 seconds. If you have installed the mysql client in a non standard bin/sbin path you can set this with `mysql_exec_path` . ```puppet mysql::db { 'mydb': user => 'myuser', password => 'mypass', host => 'localhost', grant => ['SELECT', 'UPDATE'], sql => '/path/to/sqlfile.gz', import_cat_cmd => 'zcat', import_timeout => 900, mysql_exec_path => '/opt/rh/rh-myql57/root/bin' } ``` ### Customize configuration To add custom MySQL configuration, place additional files into `includedir`. This allows you to override settings or add additional ones, which is helpful if you don't use `override_options` in `mysql::server`. The `includedir` location is by default set to `/etc/mysql/conf.d`. ### Work with an existing server To instantiate databases and users on an existing MySQL server, you need a `.my.cnf` file in `root`'s home directory. This file must specify the remote server address and credentials. For example: ```puppet [client] user=root host=localhost password=secret ``` This module uses the `mysqld_version` fact to discover the server version being used. By default, this is set to the output of `mysqld -V`. If you're working with a remote MySQL server, you may need to set a custom fact for `mysqld_version` to ensure correct behaviour. When working with a remote server, do *not* use the `mysql::server` class in your Puppet manifests. ### Specify passwords In addition to passing passwords as plain text, you can input them as hashes. For example: ```puppet mysql::db { 'mydb': user => 'myuser', password => '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', host => 'localhost', grant => ['SELECT', 'UPDATE'], } ``` If required, the password can also be an empty string to allow connections without an password. ### Install Percona server on CentOS This example shows how to do a minimal installation of a Percona server on a CentOS system. This sets up the Percona server, client, and bindings (including Perl and Python bindings). You can customize this usage and update the version as needed. This usage has been tested on Puppet 4.4, 5.5 and 6.3.0 / CentOS 7 / Percona Server 5.7. **Note:** The installation of the yum repository is not part of this package and is here only to show a full example of how you can install. ```puppet yumrepo { 'percona': descr => 'CentOS $releasever - Percona', baseurl => 'http://repo.percona.com/percona/yum/release/$releasever/RPMS/$basearch', gpgkey => 'https://repo.percona.com/yum/PERCONA-PACKAGING-KEY', enabled => 1, gpgcheck => 1, } class {'mysql::server': package_name => 'Percona-Server-server-57', service_name => 'mysql', config_file => '/etc/my.cnf', includedir => '/etc/my.cnf.d', root_password => 'PutYourOwnPwdHere', override_options => { mysqld => { log-error => '/var/log/mysqld.log', pid-file => '/var/run/mysqld/mysqld.pid', }, mysqld_safe => { log-error => '/var/log/mysqld.log', }, } } # Note: Installing Percona-Server-server-57 also installs Percona-Server-client-57. # This shows how to install the Percona MySQL client on its own class {'mysql::client': package_name => 'Percona-Server-client-57' } # These packages are normally installed along with Percona-Server-server-57 # If you needed to install the bindings, however, you could do so with this code class { 'mysql::bindings': client_dev_package_name => 'Percona-Server-shared-57', client_dev => true, daemon_dev_package_name => 'Percona-Server-devel-57', daemon_dev => true, perl_enable => true, perl_package_name => 'perl-DBD-MySQL', python_enable => true, python_package_name => 'MySQL-python', } # Dependencies definition Yumrepo['percona']-> Class['mysql::server'] Yumrepo['percona']-> Class['mysql::client'] Yumrepo['percona']-> Class['mysql::bindings'] ``` ### Install MariaDB on Ubuntu #### Optional: Install the MariaDB official repo In this example, we'll use the latest stable (currently 10.3) from the official MariaDB repository, not the one from the distro repository. You could instead use the package from the Ubuntu repository. Make sure you use the repository corresponding to the version you want. **Note:** `sfo1.mirrors.digitalocean.com` is one of many mirrors available. You can use any official mirror. ```puppet include apt apt::source { 'mariadb': location => 'http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu', release => $::lsbdistcodename, repos => 'main', key => { id => '177F4010FE56CA3336300305F1656F24C74CD1D8', server => 'hkp://keyserver.ubuntu.com:80', }, include => { src => false, deb => true, }, } ``` #### Install the MariaDB server This example shows MariaDB server installation on Ubuntu Xenial. Adjust the version and the parameters of `my.cnf` as needed. All parameters of the `my.cnf` can be defined using the `override_options` parameter. The folders `/var/log/mysql` and `/var/run/mysqld` are created automatically, but if you are using other custom folders, they should exist as prerequisites for this code. All the values set here are an example of a working minimal configuration. Specify the version of the package you want with the `package_ensure` parameter. ```puppet class {'::mysql::server': package_name => 'mariadb-server', package_ensure => '1:10.3.21+maria~xenial', service_name => 'mysqld', root_password => 'AVeryStrongPasswordUShouldEncrypt!', override_options => { mysqld => { 'log-error' => '/var/log/mysql/mariadb.log', 'pid-file' => '/var/run/mysqld/mysqld.pid', }, mysqld_safe => { 'log-error' => '/var/log/mysql/mariadb.log', }, } } # Dependency management. Only use that part if you are installing the repository # as shown in the Preliminary step of this example. Apt::Source['mariadb'] ~> Class['apt::update'] -> Class['::mysql::server'] ``` #### Install the MariaDB client This example shows how to install the MariaDB client and all of the bindings at once. You can do this installation separately from the server installation. Specify the version of the package you want with the `package_ensure` parameter. ```puppet class {'::mysql::client': package_name => 'mariadb-client', package_ensure => '1:10.3.21+maria~xenial', bindings_enable => true, } # Dependency management. Only use that part if you are installing the repository as shown in the Preliminary step of this example. Apt::Source['mariadb'] ~> Class['apt::update'] -> Class['::mysql::client'] ``` ### Install MySQL Community server on CentOS You can install MySQL Community Server on CentOS using the mysql module and Hiera. This example was tested with the following versions: * MySQL Community Server 5.6 * Centos 7.3 * Puppet 3.8.7 using Hiera * puppetlabs-mysql module v3.9.0 In Puppet: ```puppet include ::mysql::server create_resources(yumrepo, hiera('yumrepo', {})) Yumrepo['repo.mysql.com'] -> Anchor['mysql::server::start'] Yumrepo['repo.mysql.com'] -> Package['mysql_client'] create_resources(mysql::db, hiera('mysql::server::db', {})) ``` In Hiera: ```yaml --- # Centos 7.3 yumrepo: 'repo.mysql.com': baseurl: "http://repo.mysql.com/yum/mysql-5.6-community/el/%{::operatingsystemmajrelease}/$basearch/" descr: 'repo.mysql.com' enabled: 1 gpgcheck: true gpgkey: 'http://repo.mysql.com/RPM-GPG-KEY-mysql' mysql::client::package_name: "mysql-community-client" # required for proper MySQL installation mysql::server::package_name: "mysql-community-server" # required for proper MySQL installation mysql::server::package_ensure: 'installed' # do not specify version here, unfortunately yum fails with error that package is already installed mysql::server::root_password: "change_me_i_am_insecure" mysql::server::manage_config_file: true mysql::server::service_name: 'mysqld' # required for puppet module mysql::server::override_options: 'mysqld': 'bind-address': '127.0.0.1' 'log-error': '/var/log/mysqld.log' # required for proper MySQL installation 'mysqld_safe': 'log-error': '/var/log/mysqld.log' # required for proper MySQL installation # create database + account with access, passwords are not encrypted mysql::server::db: "dev": user: "dev" password: "devpass" host: "127.0.0.1" grant: - "ALL" ``` ### Install Plugins Plugins can be installed by using the `mysql_plugin` defined type. See `examples/mysql_plugin.pp` for futher examples. + +### Use Percona XtraBackup + +This example shows how to configure MySQL backups with Percona XtraBackup. This sets up a weekly cronjob to perform a full backup and additional daily cronjobs for incremental backups. Each backup will create a new directory. A cleanup job will automatically remove backups that are older than 15 days. + +```puppet +yumrepo { 'percona': + descr => 'CentOS $releasever - Percona', + baseurl => 'http://repo.percona.com/release/$releasever/RPMS/$basearch', + gpgkey => 'https://www.percona.com/downloads/RPM-GPG-KEY-percona https://repo.percona.com/yum/PERCONA-PACKAGING-KEY', + enabled => 1, + gpgcheck => 1, +} + +class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + provider => 'xtrabackup', + rotate => 15, + execpath => '/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin', + time => ['23', '15'], +} +``` + +If the daily or weekly backup was successful, then the empty file `/tmp/mysqlbackup_success` is created, which makes it easy to monitor the status of the database backup. + +After two weeks the backup directory should look similar to the example below. + +``` +/tmp/backups/2019-11-10_full +/tmp/backups/2019-11-11_23-15-01 +/tmp/backups/2019-11-13_23-15-01 +/tmp/backups/2019-11-13_23-15-02 +/tmp/backups/2019-11-14_23-15-01 +/tmp/backups/2019-11-15_23-15-02 +/tmp/backups/2019-11-16_23-15-01 +/tmp/backups/2019-11-17_full +/tmp/backups/2019-11-18_23-15-01 +/tmp/backups/2019-11-19_23-15-01 +/tmp/backups/2019-11-20_23-15-02 +/tmp/backups/2019-11-21_23-15-01 +/tmp/backups/2019-11-22_23-15-02 +/tmp/backups/2019-11-23_23-15-01 +``` + +A drawback of using incremental backups is the need to keep at least 7 days of backups, otherwise the full backups is removed early and consecutive incremental backups will fail. Furthermore an incremental backups becomes obsolete once the required full backup was removed. + +The next example uses XtraBackup with incremental backups disabled. In this case the daily cronjob will always perform a full backup. + +```puppet +class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + provider => 'xtrabackup', + incremental_backups => false, + rotate => 5, + execpath => '/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin', + time => ['23', '15'], +} +``` + ## Reference ### Classes #### Public classes * [`mysql::server`](#mysqlserver): Installs and configures MySQL. * [`mysql::server::monitor`](#mysqlservermonitor): Sets up a monitoring user. * [`mysql::server::mysqltuner`](#mysqlservermysqltuner): Installs MySQL tuner script. * [`mysql::server::backup`](#mysqlserverbackup): Sets up MySQL backups via cron. * [`mysql::bindings`](#mysqlbindings): Installs various MySQL language bindings. * [`mysql::client`](#mysqlclient): Installs MySQL client (for non-servers). #### Private classes * `mysql::server::install`: Installs packages. * `mysql::server::installdb`: Implements setup of mysqld data directory (e.g. /var/lib/mysql) * `mysql::server::config`: Configures MYSQL. * `mysql::server::service`: Manages service. * `mysql::server::account_security`: Deletes default MySQL accounts. * `mysql::server::root_password`: Sets MySQL root password. * `mysql::server::providers`: Creates users, grants, and databases. * `mysql::bindings::client_dev`: Installs MySQL client development package. * `mysql::bindings::daemon_dev`: Installs MySQL daemon development package. * `mysql::bindings::java`: Installs Java bindings. * `mysql::bindings::perl`: Installs Perl bindings. * `mysql::bindings::php`: Installs PHP bindings. * `mysql::bindings::python`: Installs Python bindings. * `mysql::bindings::ruby`: Installs Ruby bindings. * `mysql::client::install`: Installs MySQL client. * `mysql::backup::mysqldump`: Implements mysqldump backups. * `mysql::backup::mysqlbackup`: Implements backups with Oracle MySQL Enterprise Backup. * `mysql::backup::xtrabackup`: Implements backups with XtraBackup from Percona or Mariabackup. ### Parameters #### mysql::server ##### `create_root_user` Whether root user should be created. Valid values are `true`, `false`. Defaults to `true`. This is useful for a cluster setup with Galera. The root user has to be created only once. You can set this parameter true on one node and set it to false on the remaining nodes. ##### `create_root_my_cnf` Whether to create `/root/.my.cnf`. Valid values are `true`, `false`. Defaults to `true`. `create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. ##### `root_password` The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. This is required if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. ##### `old_root_password` This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. ##### `create_root_login_file` Whether to create `/root/.mylogin.cnf` when using mysql 5.6.6+. Valid values are `true`, `false`. Defaults to `false`. `create_root_login_file` will put a copy of your existing `.mylogin.cnf` in the `/root/.mylogin.cnf` location. When set to 'true', this option also requires the `login_file` option. The `login_file` option is required when set to true. #### `login_file` Whether to put the `/root/.mylogin.cnf` in place. You need to create the `.mylogin.cnf` file with `mysql_config_editor`, this tool comes with mysql 5.6.6+. The created .mylogin.cnf needs to be put under files in your module, see example below on how to use this. When the `/root/.mylogin.cnf` exists the environment variable `MYSQL_TEST_LOGIN_FILE` will be set. This is required if `create_root_user` and `create_root_login_file` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_login_file` are assumed to be false --- that is, the MySQL root user and `/root/.mylogin.cnf` are not created. ```puppet class { '::mysql::server': root_password => 'password', create_root_my_cnf => false, create_root_login_file => true, login_file => "puppet:///modules/${module_name}/mylogin.cnf", } ``` ##### `override_options` Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: ```puppet class { 'mysql::server': root_password => 'password' } mysql_plugin { 'auth_pam': ensure => present, soname => 'auth_pam.so', } ``` ### Tasks The MySQL module has an example task that allows a user to execute arbitary SQL against a database. Please refer to to the [PE documentation](https://puppet.com/docs/pe/2017.3/orchestrator/running_tasks.html) or [Bolt documentation](https://puppet.com/docs/bolt/latest/bolt.html) on how to execute a task. ## Limitations For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-mysql/blob/master/metadata.json) **Note:** The mysqlbackup.sh does not work and is not supported on MySQL 5.7 and greater. ## Development We are experimenting with a new tool for running acceptance tests. Its name is [puppet_litmus](https://github.com/puppetlabs/puppet_litmus) this replaces beaker as the test runner. To run the acceptance tests follow the instructions from this point [here](https://github.com/puppetlabs/puppet_litmus/wiki/Tutorial:-use-Litmus-to-execute-acceptance-tests-with-a-sample-module-(MoTD)#install-the-necessary-gems-for-the-module). Puppet modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. Check out our the complete [module contribution guide](https://puppet.com/docs/puppet/latest/contributing.html). ### Authors This module is based on work by David Schmitt. The following contributors have contributed to this module (beyond Puppet Labs): * Larry Ludwig * Christian G. Warden * Daniel Black * Justin Ellison * Lowe Schmidt * Matthias Pigulla * William Van Hevelingen * Michael Arnold * Chris Weyl * Daniël van Eeden * Jan-Otto Kröpke * Timothy Sven Nelson diff --git a/manifests/backup/mysqlbackup.pp b/manifests/backup/mysqlbackup.pp index ab0bd17..6e805bc 100644 --- a/manifests/backup/mysqlbackup.pp +++ b/manifests/backup/mysqlbackup.pp @@ -1,125 +1,126 @@ # @summary # Manage the mysqlbackup client. # # @api private # class mysql::backup::mysqlbackup ( $backupuser = '', $backuppassword = '', $maxallowedpacket = '1M', $backupdir = '', $backupdirmode = '0700', $backupdirowner = 'root', $backupdirgroup = $mysql::params::root_group, $backupcompress = true, $backuprotate = 30, $backupmethod = '', $backup_success_file_path = undef, $ignore_events = true, $delete_before_dump = false, $backupdatabases = [], $file_per_database = false, $include_triggers = true, $include_routines = false, $ensure = 'present', $time = ['23', '5'], $prescript = false, $postscript = false, $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $optional_args = [], + $incremental_backups = false, ) inherits mysql::params { mysql_user { "${backupuser}@localhost": ensure => $ensure, password_hash => mysql::password($backuppassword), require => Class['mysql::server::root_password'], } package { 'meb': ensure => $ensure, } # http://dev.mysql.com/doc/mysql-enterprise-backup/3.11/en/mysqlbackup.privileges.html mysql_grant { "${backupuser}@localhost/*.*": ensure => $ensure, user => "${backupuser}@localhost", table => '*.*', privileges => [ 'RELOAD', 'SUPER', 'REPLICATION CLIENT' ], require => Mysql_user["${backupuser}@localhost"], } mysql_grant { "${backupuser}@localhost/mysql.backup_progress": ensure => $ensure, user => "${backupuser}@localhost", table => 'mysql.backup_progress', privileges => [ 'CREATE', 'INSERT', 'DROP', 'UPDATE' ], require => Mysql_user["${backupuser}@localhost"], } mysql_grant { "${backupuser}@localhost/mysql.backup_history": ensure => $ensure, user => "${backupuser}@localhost", table => 'mysql.backup_history', privileges => [ 'CREATE', 'INSERT', 'SELECT', 'DROP', 'UPDATE' ], require => Mysql_user["${backupuser}@localhost"], } if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '5' { package {'crontabs': ensure => present, } } elsif $::osfamily == 'RedHat' { package {'cronie': ensure => present, } } elsif $::osfamily != 'FreeBSD' { package {'cron': ensure => present, } } cron { 'mysqlbackup-weekly': ensure => $ensure, command => 'mysqlbackup backup', user => 'root', hour => $time[0], minute => $time[1], weekday => '0', require => Package['meb'], } cron { 'mysqlbackup-daily': ensure => $ensure, command => 'mysqlbackup --incremental backup', user => 'root', hour => $time[0], minute => $time[1], weekday => '1-6', require => Package['meb'], } $default_options = { 'mysqlbackup' => { 'backup-dir' => $backupdir, 'with-timestamp' => true, 'incremental_base' => 'history:last_backup', 'incremental_backup_dir' => $backupdir, 'user' => $backupuser, 'password' => $backuppassword, } } $options = mysql::normalise_and_deepmerge($default_options, $mysql::server::override_options) file { 'mysqlbackup-config-file': path => '/etc/mysql/conf.d/meb.cnf', content => template('mysql/meb.cnf.erb'), mode => '0600', } file { $backupdir: ensure => 'directory', mode => $backupdirmode, owner => $backupdirowner, group => $backupdirgroup, } } diff --git a/manifests/backup/mysqldump.pp b/manifests/backup/mysqldump.pp index 5115508..0fb07b2 100644 --- a/manifests/backup/mysqldump.pp +++ b/manifests/backup/mysqldump.pp @@ -1,112 +1,113 @@ # @summary # "Provider" for mysqldump # @api private # class mysql::backup::mysqldump ( $backupuser = '', $backuppassword = '', $backupdir = '', $maxallowedpacket = '1M', $backupdirmode = '0700', $backupdirowner = 'root', $backupdirgroup = $mysql::params::root_group, $backupcompress = true, $backuprotate = 30, $backupmethod = 'mysqldump', $backup_success_file_path = undef, $ignore_events = true, $delete_before_dump = false, $backupdatabases = [], $file_per_database = false, $include_triggers = false, $include_routines = false, $ensure = 'present', $time = ['23', '5'], $prescript = false, $postscript = false, $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $optional_args = [], $mysqlbackupdir_ensure = 'directory', $mysqlbackupdir_target = undef, + $incremental_backups = false, ) inherits mysql::params { unless $::osfamily == 'FreeBSD' { if $backupcompress { ensure_packages(['bzip2']) Package['bzip2'] -> File['mysqlbackup.sh'] } } mysql_user { "${backupuser}@localhost": ensure => $ensure, password_hash => mysql::password($backuppassword), require => Class['mysql::server::root_password'], } if $include_triggers { $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ] } else { $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ] } mysql_grant { "${backupuser}@localhost/*.*": ensure => $ensure, user => "${backupuser}@localhost", table => '*.*', privileges => $privs, require => Mysql_user["${backupuser}@localhost"], } if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '5' { package {'crontabs': ensure => present, } } elsif $::osfamily == 'RedHat' { package {'cronie': ensure => present, } } elsif $::osfamily != 'FreeBSD' { package {'cron': ensure => present, } } cron { 'mysql-backup': ensure => $ensure, command => '/usr/local/sbin/mysqlbackup.sh', user => 'root', hour => $time[0], minute => $time[1], monthday => $time[2], month => $time[3], weekday => $time[4], require => File['mysqlbackup.sh'], } file { 'mysqlbackup.sh': ensure => $ensure, path => '/usr/local/sbin/mysqlbackup.sh', mode => '0700', owner => 'root', group => $mysql::params::root_group, content => template('mysql/mysqlbackup.sh.erb'), } if $mysqlbackupdir_target { file { $backupdir: ensure => $mysqlbackupdir_ensure, target => $mysqlbackupdir_target, mode => $backupdirmode, owner => $backupdirowner, group => $backupdirgroup, } } else { file { $backupdir: ensure => $mysqlbackupdir_ensure, mode => $backupdirmode, owner => $backupdirowner, group => $backupdirgroup, } } } diff --git a/manifests/backup/xtrabackup.pp b/manifests/backup/xtrabackup.pp index 1f8234e..305e891 100644 --- a/manifests/backup/xtrabackup.pp +++ b/manifests/backup/xtrabackup.pp @@ -1,101 +1,120 @@ # @summary # "Provider" for Percona XtraBackup/MariaBackup # @api private # class mysql::backup::xtrabackup ( $xtrabackup_package_name = $mysql::params::xtrabackup_package_name, $backupuser = undef, $backuppassword = undef, $backupdir = '', $maxallowedpacket = '1M', $backupmethod = 'xtrabackup', $backupdirmode = '0700', $backupdirowner = 'root', $backupdirgroup = $mysql::params::root_group, $backupcompress = true, $backuprotate = 30, $backupscript_template = 'mysql/xtrabackup.sh.erb', $backup_success_file_path = undef, $ignore_events = true, $delete_before_dump = false, $backupdatabases = [], $file_per_database = false, $include_triggers = true, $include_routines = false, $ensure = 'present', $time = ['23', '5'], $prescript = false, $postscript = false, $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $optional_args = [], $additional_cron_args = '--backup', $incremental_backups = true ) inherits mysql::params { ensure_packages($xtrabackup_package_name) if $backupuser and $backuppassword { mysql_user { "${backupuser}@localhost": ensure => $ensure, password_hash => mysql::password($backuppassword), require => Class['mysql::server::root_password'], } mysql_grant { "${backupuser}@localhost/*.*": ensure => $ensure, user => "${backupuser}@localhost", table => '*.*', privileges => [ 'RELOAD', 'PROCESS', 'LOCK TABLES', 'REPLICATION CLIENT' ], require => Mysql_user["${backupuser}@localhost"], } } if $incremental_backups { + # Warn if old backups are removed too soon. Incremental backups will fail + # if the full backup is no longer available. + if ($backuprotate.convert_to(Integer) < 7) { + warning(translate('The value for `backuprotate` is too low, it must be set to at least 7 days when using incremental backups.')) + } + + # The --target-dir uses a more predictable value for the full backup so + # that it can easily be calculated and used in incremental backup jobs. + # Besides that it allows to have multiple full backups. cron { 'xtrabackup-weekly': ensure => $ensure, - command => "/usr/local/sbin/xtrabackup.sh --target-dir=${backupdir} ${additional_cron_args}", + command => "/usr/local/sbin/xtrabackup.sh --target-dir=${backupdir}/$(date +\\%F)_full ${additional_cron_args}", user => 'root', hour => $time[0], minute => $time[1], weekday => '0', require => Package[$xtrabackup_package_name], } } + # Wether to use GNU or BSD date format. + case $::osfamily { + 'FreeBSD','OpenBSD': { + $dateformat = '$(date -v-sun +\\%F)_full' + } + default: { + $dateformat = '$(date -d "last sunday" +\\%F)_full' + } + } + $daily_cron_data = ($incremental_backups) ? { true => { - 'directories' => "--incremental-basedir=${backupdir} --target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", + 'directories' => "--incremental-basedir=${backupdir}/${dateformat} --target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", 'weekday' => '1-6', }, false => { - 'directories' => "--target-dir=${backupdir}", + 'directories' => "--target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", 'weekday' => '*', }, } cron { 'xtrabackup-daily': ensure => $ensure, command => "/usr/local/sbin/xtrabackup.sh ${daily_cron_data['directories']} ${additional_cron_args}", user => 'root', hour => $time[0], minute => $time[1], weekday => $daily_cron_data['weekday'], require => Package[$xtrabackup_package_name], } file { $backupdir: ensure => 'directory', mode => $backupdirmode, owner => $backupdirowner, group => $backupdirgroup, } file { 'xtrabackup.sh': ensure => $ensure, path => '/usr/local/sbin/xtrabackup.sh', mode => '0700', owner => 'root', group => $mysql::params::root_group, content => template($backupscript_template), } } diff --git a/manifests/params.pp b/manifests/params.pp index 4092882..eb47521 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,555 +1,570 @@ # @summary # Params class. # # @api private # class mysql::params { $manage_config_file = true $config_file_mode = '0644' $purge_conf_dir = false $restart = false $root_password = 'UNSET' $install_secret_file = '/.mysql_secret' $server_package_ensure = 'present' $server_package_manage = true $server_service_manage = true $server_service_enabled = true $client_package_ensure = 'present' $client_package_manage = true $create_root_user = true $create_root_my_cnf = true $create_root_login_file = false $login_file = undef $exec_path = '' # mysql::bindings $bindings_enable = false $java_package_ensure = 'present' $java_package_provider = undef $perl_package_ensure = 'present' $perl_package_provider = undef $php_package_ensure = 'present' $php_package_provider = undef $python_package_ensure = 'present' $python_package_provider = undef $ruby_package_ensure = 'present' $ruby_package_provider = undef $client_dev_package_ensure = 'present' $client_dev_package_provider = undef $daemon_dev_package_ensure = 'present' $daemon_dev_package_provider = undef - $xtrabackup_package_name = 'percona-xtrabackup' + $xtrabackup_package_name_default = 'percona-xtrabackup' case $::osfamily { 'RedHat': { case $::operatingsystem { 'Fedora': { if versioncmp($::operatingsystemrelease, '19') >= 0 or $::operatingsystemrelease == 'Rawhide' { $provider = 'mariadb' } else { $provider = 'mysql' } $python_package_name = 'MySQL-python' } /^(RedHat|CentOS|Scientific|OracleLinux)$/: { if versioncmp($::operatingsystemmajrelease, '7') >= 0 { $provider = 'mariadb' + if versioncmp($::operatingsystemmajrelease, '8') >= 0 { + $xtrabackup_package_name_override = 'percona-xtrabackup-24' + } } else { $provider = 'mysql' + $xtrabackup_package_name_override = 'percona-xtrabackup-20' } if versioncmp($::operatingsystemmajrelease, '8') >= 0 { $java_package_name = 'mariadb-java-client' $python_package_name = 'python3-PyMySQL' } else { $java_package_name = 'mysql-connector-java' $python_package_name = 'MySQL-python' } } default: { $provider = 'mysql' } } if $provider == 'mariadb' { $client_package_name = 'mariadb' $server_package_name = 'mariadb-server' $server_service_name = 'mariadb' $log_error = '/var/log/mariadb/mariadb.log' $config_file = '/etc/my.cnf.d/server.cnf' # mariadb package by default has !includedir set in my.cnf to /etc/my.cnf.d $includedir = undef $pidfile = '/var/run/mariadb/mariadb.pid' $daemon_dev_package_name = 'mariadb-devel' } else { $client_package_name = 'mysql' $server_package_name = 'mysql-server' $server_service_name = 'mysqld' $log_error = '/var/log/mysqld.log' $config_file = '/etc/my.cnf' $includedir = '/etc/my.cnf.d' $pidfile = '/var/run/mysqld/mysqld.pid' $daemon_dev_package_name = 'mysql-devel' } $basedir = '/usr' $datadir = '/var/lib/mysql' $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $perl_package_name = 'perl-DBD-MySQL' $php_package_name = 'php-mysql' $ruby_package_name = 'ruby-mysql' $client_dev_package_name = undef } 'Suse': { case $::operatingsystem { 'OpenSuSE': { if versioncmp( $::operatingsystemmajrelease, '12' ) >= 0 { $client_package_name = 'mariadb-client' $server_package_name = 'mariadb' # First service start fails if this is set. Runs fine without # it being set, in any case. Leaving it as-is for the mysql. $basedir = undef } else { $client_package_name = 'mysql-community-server-client' $server_package_name = 'mysql-community-server' $basedir = '/usr' } } 'SLES','SLED': { if versioncmp($::operatingsystemrelease, '12') >= 0 { $client_package_name = 'mariadb-client' $server_package_name = 'mariadb' $basedir = undef } else { $client_package_name = 'mysql-client' $server_package_name = 'mysql' $basedir = '/usr' } } default: { fail(translate('Unsupported platform: puppetlabs-%{module_name} currently doesn\'t support %{os}.', {'module_name' => $module_name, 'os' => $::operatingsystem })) } } $config_file = '/etc/my.cnf' $includedir = '/etc/my.cnf.d' $datadir = '/var/lib/mysql' $log_error = $::operatingsystem ? { /OpenSuSE/ => '/var/log/mysql/mysqld.log', /(SLES|SLED)/ => '/var/log/mysqld.log', } $pidfile = $::operatingsystem ? { /OpenSuSE/ => '/var/run/mysql/mysqld.pid', /(SLES|SLED)/ => '/var/lib/mysql/mysqld.pid', } $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysql' + $xtrabackup_package_name_override = 'xtrabackup' if $::operatingsystem =~ /(SLES|SLED)/ { if versioncmp( $::operatingsystemmajrelease, '12' ) >= 0 { $socket = '/run/mysql/mysql.sock' } else { $socket = '/var/lib/mysql/mysql.sock' } } else { $socket = '/var/run/mysql/mysql.sock' } $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-DBD-mysql' $php_package_name = 'apache2-mod_php53' $python_package_name = 'python-mysql' $ruby_package_name = $::operatingsystem ? { /OpenSuSE/ => 'rubygem-mysql', /(SLES|SLED)/ => 'ruby-mysql', } $client_dev_package_name = 'libmysqlclient-devel' $daemon_dev_package_name = 'mysql-devel' } 'Debian': { if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '9') >= 0 { $provider = 'mariadb' } else { $provider = 'mysql' } if $provider == 'mariadb' { $client_package_name = 'mariadb-client' $server_package_name = 'mariadb-server' $server_service_name = 'mariadb' $client_dev_package_name = 'libmariadbclient-dev' $daemon_dev_package_name = 'libmariadbd-dev' } else { $client_package_name = 'mysql-client' $server_package_name = 'mysql-server' $server_service_name = 'mysql' $client_dev_package_name = 'libmysqlclient-dev' $daemon_dev_package_name = 'libmysqld-dev' } $basedir = '/usr' $config_file = '/etc/mysql/my.cnf' $includedir = '/etc/mysql/conf.d' $datadir = '/var/lib/mysql' $log_error = '/var/log/mysql/error.log' $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'adm' $mycnf_owner = undef $mycnf_group = undef $socket = '/var/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = ['tmpdir','basedir','datadir','innodb_data_home_dir','innodb_log_group_home_dir','innodb_undo_directory','innodb_tmpdir'] # mysql::bindings if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '10') >= 0 { $java_package_name = 'libmariadb-java' } else { $java_package_name = 'libmysql-java' } $perl_package_name = 'libdbd-mysql-perl' if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '16.04') >= 0) or ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '9') >= 0) { $php_package_name = 'php-mysql' } else { $php_package_name = 'php5-mysql' } + if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '16.04') < 0) or + ($::operatingsystem == 'Debian') { + $xtrabackup_package_name_override = 'percona-xtrabackup-24' + } $python_package_name = 'python-mysqldb' $ruby_package_name = $::lsbdistcodename ? { 'jessie' => 'ruby-mysql', 'stretch' => 'ruby-mysql2', 'buster' => 'ruby-mysql2', 'trusty' => 'ruby-mysql', 'xenial' => 'ruby-mysql', 'bionic' => 'ruby-mysql2', default => 'libmysql-ruby', } } 'Archlinux': { $daemon_dev_package_name = undef $client_dev_package_name = undef $includedir = undef $client_package_name = 'mariadb-clients' $server_package_name = 'mariadb' $basedir = '/usr' $config_file = '/etc/mysql/my.cnf' $datadir = '/var/lib/mysql' $log_error = '/var/log/mysqld.log' $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-dbd-mysql' $php_package_name = undef $python_package_name = 'mysql-python' $ruby_package_name = 'mysql-ruby' } 'Gentoo': { $client_package_name = 'virtual/mysql' $includedir = undef $server_package_name = 'virtual/mysql' $basedir = '/usr' $config_file = '/etc/mysql/my.cnf' $datadir = '/var/lib/mysql' $log_error = '/var/log/mysql/mysqld.err' $pidfile = '/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysql' $socket = '/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = 'dev-java/jdbc-mysql' $perl_package_name = 'dev-perl/DBD-mysql' $php_package_name = undef $python_package_name = 'dev-python/mysql-python' $ruby_package_name = 'dev-ruby/mysql-ruby' } 'FreeBSD': { $client_package_name = 'databases/mysql56-client' $server_package_name = 'databases/mysql56-server' $basedir = '/usr/local' $config_file = '/usr/local/etc/my.cnf' $includedir = '/usr/local/etc/my.cnf.d' $datadir = '/var/db/mysql' $log_error = '/var/log/mysqld.log' $pidfile = '/var/run/mysql.pid' $root_group = 'wheel' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysql-server' $socket = '/var/db/mysql/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = 'databases/mysql-connector-java' $perl_package_name = 'p5-DBD-mysql' $php_package_name = 'php5-mysql' $python_package_name = 'databases/py-MySQLdb' $ruby_package_name = 'databases/ruby-mysql' # The libraries installed by these packages are included in client and server packages, no installation required. $client_dev_package_name = undef $daemon_dev_package_name = undef } 'OpenBSD': { $client_package_name = 'mariadb-client' $server_package_name = 'mariadb-server' $basedir = '/usr/local' $config_file = '/etc/my.cnf' $includedir = undef $datadir = '/var/mysql' $log_error = "/var/mysql/${::hostname}.err" $pidfile = '/var/mysql/mysql.pid' $root_group = 'wheel' $mysql_group = '_mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/run/mysql/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = undef $perl_package_name = 'p5-DBD-mysql' $php_package_name = 'php-mysql' $python_package_name = 'py-mysql' $ruby_package_name = 'ruby-mysql' # The libraries installed by these packages are included in client and server packages, no installation required. $client_dev_package_name = undef $daemon_dev_package_name = undef } 'Solaris': { $client_package_name = 'database/mysql-55/client' $server_package_name = 'database/mysql-55' $basedir = undef $config_file = '/etc/mysql/5.5/my.cnf' $datadir = '/var/mysql/5.5/data' $log_error = "/var/mysql/5.5/data/${::hostname}.err" $pidfile = "/var/mysql/5.5/data/${::hostname}.pid" $root_group = 'bin' $server_service_name = 'application/database/mysql:version_55' $socket = '/tmp/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = undef $perl_package_name = undef $php_package_name = 'web/php-53/extension/php-mysql' $python_package_name = 'library/python/python-mysql' $ruby_package_name = undef # The libraries installed by these packages are included in client and server packages, no installation required. $client_dev_package_name = undef $daemon_dev_package_name = undef } default: { case $::operatingsystem { 'Alpine': { $client_package_name = 'mariadb-client' $server_package_name = 'mariadb' $basedir = '/usr' $config_file = '/etc/mysql/my.cnf' $datadir = '/var/lib/mysql' $log_error = '/var/log/mysqld.log' $pidfile = '/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mariadb' $socket = '/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef $java_package_name = undef $perl_package_name = 'perl-dbd-mysql' $php_package_name = 'php7-mysqlnd' $python_package_name = 'py-mysqldb' $ruby_package_name = undef $client_dev_package_name = undef $daemon_dev_package_name = undef } 'Amazon': { $client_package_name = 'mysql' $server_package_name = 'mysql-server' $basedir = '/usr' $config_file = '/etc/my.cnf' $includedir = '/etc/my.cnf.d' $datadir = '/var/lib/mysql' $log_error = '/var/log/mysqld.log' $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' $mycnf_owner = undef $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-DBD-MySQL' $php_package_name = 'php-mysql' $python_package_name = 'MySQL-python' $ruby_package_name = 'ruby-mysql' # The libraries installed by these packages are included in client and server packages, no installation required. $client_dev_package_name = undef $daemon_dev_package_name = undef } default: { fail(translate('Unsupported platform: puppetlabs-%{module_name} currently doesn\'t support %{osfamily} or %{os}.', {'module_name' => $module_name, 'os' => $::operatingsystem, 'osfamily' => $::osfamily})) } } } } case $::operatingsystem { 'Ubuntu': { # lint:ignore:only_variable_string if versioncmp("${::operatingsystemmajrelease}", '14.10') > 0 { # lint:endignore $server_service_provider = 'systemd' } else { $server_service_provider = 'upstart' } } 'Alpine': { $server_service_provider = 'rc-service' } default: { $server_service_provider = undef } } $default_options = { 'client' => { 'port' => '3306', 'socket' => $mysql::params::socket, }, 'mysqld_safe' => { 'nice' => '0', 'log-error' => $mysql::params::log_error, 'socket' => $mysql::params::socket, }, 'mysqld-5.0' => { 'myisam-recover' => 'BACKUP', }, 'mysqld-5.1' => { 'myisam-recover' => 'BACKUP', }, 'mysqld-5.5' => { 'myisam-recover' => 'BACKUP', 'query_cache_limit' => '1M', 'query_cache_size' => '16M', }, 'mysqld-5.6' => { 'myisam-recover-options' => 'BACKUP', 'query_cache_limit' => '1M', 'query_cache_size' => '16M', }, 'mysqld-5.7' => { 'myisam-recover-options' => 'BACKUP', 'query_cache_limit' => '1M', 'query_cache_size' => '16M', }, 'mysqld' => { 'basedir' => $mysql::params::basedir, 'bind-address' => '127.0.0.1', 'datadir' => $mysql::params::datadir, 'expire_logs_days' => '10', 'key_buffer_size' => '16M', 'log-error' => $mysql::params::log_error, 'max_allowed_packet' => '16M', 'max_binlog_size' => '100M', 'max_connections' => '151', 'pid-file' => $mysql::params::pidfile, 'port' => '3306', 'skip-external-locking' => true, 'socket' => $mysql::params::socket, 'ssl' => false, 'ssl-ca' => $mysql::params::ssl_ca, 'ssl-cert' => $mysql::params::ssl_cert, 'ssl-key' => $mysql::params::ssl_key, 'ssl-disable' => false, 'thread_cache_size' => '8', 'thread_stack' => '256K', 'tmpdir' => $mysql::params::tmpdir, 'user' => 'mysql', }, 'mysqldump' => { 'max_allowed_packet' => '16M', 'quick' => true, 'quote-names' => true, }, 'isamchk' => { 'key_buffer_size' => '16M', }, } + if defined('$xtrabackup_package_name_override') { + $xtrabackup_package_name = pick($xtrabackup_package_name_override, $xtrabackup_package_name_default) + } else { + $xtrabackup_package_name = $xtrabackup_package_name_default + } + ## Additional graceful failures if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '4' and $::operatingsystem != 'Amazon' { fail(translate('Unsupported platform: puppetlabs-%{module_name} only supports RedHat 5.0 and beyond.', {'module_name' => $module_name})) } } diff --git a/manifests/server/backup.pp b/manifests/server/backup.pp index 07345f0..5cc780f 100644 --- a/manifests/server/backup.pp +++ b/manifests/server/backup.pp @@ -1,125 +1,129 @@ # @summary # Create and manage a MySQL backup. # # @example Create a basic MySQL backup: # class { 'mysql::server': # root_password => 'password' # } # class { 'mysql::server::backup': # backupuser => 'myuser', # backuppassword => 'mypassword', # backupdir => '/tmp/backups', # } # class { 'mysql::server::backup': # backupmethod => 'mariabackup', # provider => 'xtrabackup', # backupdir => '/tmp/backups', # } # # @param backupuser # MySQL user with backup administrator privileges. # @param backuppassword # Password for `backupuser`. # @param backupdir # Directory to store backup. # @param backupdirmode # Permissions applied to the backup directory. This parameter is passed directly to the file resource. # @param backupdirowner # Owner for the backup directory. This parameter is passed directly to the file resource. # @param backupdirgroup # Group owner for the backup directory. This parameter is passed directly to the file resource. # @param backupcompress # Whether or not to compress the backup (when using the mysqldump or xtrabackup provider) # @param backupmethod # The execution binary for backing up. ex. mysqldump, xtrabackup, mariabackup # @param backup_success_file_path # Specify a path where upon successfull backup a file should be created for checking purposes. # @param backuprotate # Backup rotation interval in 24 hour periods. # @param ignore_events # Ignore the mysql.event table. # @param delete_before_dump # Whether to delete old .sql files before backing up. Setting to true deletes old files before backing up, while setting to false deletes them after backup. # @param backupdatabases # Databases to backup (required if using xtrabackup provider). By default `[]` will back up all databases. # @param file_per_database # Use file per database mode creating one file per database backup. # @param include_routines # Dump stored routines (procedures and functions) from dumped databases when doing a `file_per_database` backup. # @param include_triggers # Dump triggers for each dumped table when doing a `file_per_database` backup. +# @param incremental_backups +# A flag to activate/deactivate incremental backups. Currently only supported by the xtrabackup provider. # @param ensure # @param time # An array of two elements to set the backup time. Allows ['23', '5'] (i.e., 23:05) or ['3', '45'] (i.e., 03:45) for HH:MM times. # @param prescript # A script that is executed before the backup begins. # @param postscript # A script that is executed when the backup is finished. This could be used to sync the backup to a central store. This script can be either a single line that is directly executed or a number of lines supplied as an array. It could also be one or more externally managed (executable) files. # @param execpath # Allows you to set a custom PATH should your MySQL installation be non-standard places. Defaults to `/usr/bin:/usr/sbin:/bin:/sbin`. # @param provider # Sets the server backup implementation. Valid values are: # @param maxallowedpacket # Defines the maximum SQL statement size for the backup dump script. The default value is 1MB, as this is the default MySQL Server value. # @param optional_args # Specifies an array of optional arguments which should be passed through to the backup tool. (Supported by the xtrabackup and mysqldump providers.) class mysql::server::backup ( $backupuser = undef, $backuppassword = undef, $backupdir = undef, $backupdirmode = '0700', $backupdirowner = 'root', $backupdirgroup = $mysql::params::root_group, $backupcompress = true, $backuprotate = 30, $backupmethod = undef, $backup_success_file_path = '/tmp/mysqlbackup_success', $ignore_events = true, $delete_before_dump = false, $backupdatabases = [], $file_per_database = false, $include_routines = false, $include_triggers = false, $ensure = 'present', $time = ['23', '5'], $prescript = false, $postscript = false, $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $provider = 'mysqldump', $maxallowedpacket = '1M', $optional_args = [], + $incremental_backups = true, ) inherits mysql::params { if $prescript and $provider =~ /(mysqldump|mysqlbackup)/ { warning(translate("The 'prescript' option is not currently implemented for the %{provider} backup provider.", {'provider' => $provider})) } create_resources('class', { "mysql::backup::${provider}" => { 'backupuser' => $backupuser, 'backuppassword' => $backuppassword, 'backupdir' => $backupdir, 'backupdirmode' => $backupdirmode, 'backupdirowner' => $backupdirowner, 'backupdirgroup' => $backupdirgroup, 'backupcompress' => $backupcompress, 'backuprotate' => $backuprotate, 'backupmethod' => $backupmethod, 'backup_success_file_path' => $backup_success_file_path, 'ignore_events' => $ignore_events, 'delete_before_dump' => $delete_before_dump, 'backupdatabases' => $backupdatabases, 'file_per_database' => $file_per_database, 'include_routines' => $include_routines, 'include_triggers' => $include_triggers, 'ensure' => $ensure, 'time' => $time, 'prescript' => $prescript, 'postscript' => $postscript, 'execpath' => $execpath, 'maxallowedpacket' => $maxallowedpacket, 'optional_args' => $optional_args, + 'incremental_backups' => $incremental_backups, } }) } diff --git a/spec/acceptance/mysql_backup_spec.rb b/spec/acceptance/mysql_backup_spec.rb index 057a340..34080bd 100644 --- a/spec/acceptance/mysql_backup_spec.rb +++ b/spec/acceptance/mysql_backup_spec.rb @@ -1,136 +1,353 @@ require 'spec_helper_acceptance' describe 'mysql::server::backup class' do context 'should work with no errors' do pp = <<-MANIFEST class { 'mysql::server': root_password => 'password' } mysql::db { [ 'backup1', 'backup2' ]: user => 'backup', password => 'secret', } class { 'mysql::server::backup': backupuser => 'myuser', backuppassword => 'mypassword', backupdir => '/tmp/backups', backupcompress => true, postscript => [ 'rm -rf /var/tmp/mysqlbackups', 'rm -f /var/tmp/mysqlbackups.done', 'cp -r /tmp/backups /var/tmp/mysqlbackups', 'touch /var/tmp/mysqlbackups.done', ], execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', } MANIFEST it 'when configuring mysql backups' do idempotent_apply(pp) end end describe 'mysqlbackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') do before(:all) do pre_run end it 'runs mysqlbackup.sh with no errors' do run_shell('/usr/local/sbin/mysqlbackup.sh') do |r| expect(r.stderr).to eq('') end end it 'dumps all databases to single file' do run_shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| expect(r.stdout).to match(%r{1}) expect(r.exit_code).to be_zero end end context 'should create one file per database per run' do it 'executes mysqlbackup.sh a second time' do run_shell('sleep 1') run_shell('/usr/local/sbin/mysqlbackup.sh') end it 'creates at least one backup tarball' do run_shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| expect(r.stdout).to match(%r{2}) expect(r.exit_code).to be_zero end end end end # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength end context 'with one file per database' do context 'should work with no errors' do pp = <<-MANIFEST class { 'mysql::server': root_password => 'password' } mysql::db { [ 'backup1', 'backup2' ]: user => 'backup', password => 'secret', } class { 'mysql::server::backup': backupuser => 'myuser', backuppassword => 'mypassword', backupdir => '/tmp/backups', backupcompress => true, file_per_database => true, postscript => [ 'rm -rf /var/tmp/mysqlbackups', 'rm -f /var/tmp/mysqlbackups.done', 'cp -r /tmp/backups /var/tmp/mysqlbackups', 'touch /var/tmp/mysqlbackups.done', ], execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', } MANIFEST it 'when configuring mysql backups' do idempotent_apply(pp) end end describe 'mysqlbackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') do before(:all) do pre_run end it 'runs mysqlbackup.sh with no errors without root credentials' do run_shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') do |r| expect(r.stderr).to eq('') end end it 'creates one file per database' do ['backup1', 'backup2'].each do |database| run_shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| expect(r.stdout).to match(%r{1}) expect(r.exit_code).to be_zero end end end it 'executes mysqlbackup.sh a second time' do run_shell('sleep 1') run_shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') end it 'has one file per database per run' do ['backup1', 'backup2'].each do |database| run_shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| expect(r.stdout).to match(%r{2}) expect(r.exit_code).to be_zero end end end # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength end end + +context 'with xtrabackup enabled' do + context 'should work with no errors', if: ((os[:family] == 'debian' && os[:release].to_i >= 8) || (os[:family] == 'ubuntu' && os[:release] =~ %r{^16\.04|^18\.04}) || (os[:family] == 'redhat' && os[:release].to_i > 6)) do # rubocop:disable Metrics/LineLength + pp = <<-MANIFEST + class { 'mysql::server': root_password => 'password' } + mysql::db { [ + 'backup1', + 'backup2' + ]: + user => 'backup', + password => 'secret', + } + case $facts['os']['family'] { + /Debian/: { + file { '/tmp/percona-release_latest.deb': + ensure => present, + source => "http://repo.percona.com/apt/percona-release_latest.${facts['os']['distro']['codename']}_all.deb", + } + ensure_packages('gnupg') + ensure_packages('gnupg2') + ensure_packages('percona-release',{ + ensure => present, + provider => 'dpkg', + source => '/tmp/percona-release_latest.deb', + notify => Exec['apt-get update'], + }) + exec { 'apt-get update': + path => '/usr/bin:/usr/sbin:/bin:/sbin', + refreshonly => true, + } + } + /RedHat/: { + # RHEL/CentOS 5 is no longer supported by Percona, but older versions + # of the repository are still available. + if versioncmp($::operatingsystemmajrelease, '6') >= 0 { + $percona_url = 'http://repo.percona.com/yum/percona-release-latest.noarch.rpm' + $epel_url = "https://download.fedoraproject.org/pub/epel/epel-release-latest-${facts['os']['release']['major']}.noarch.rpm" + } else { + $percona_url = 'http://repo.percona.com/yum/release/5/os/noarch/percona-release-0.1-3.noarch.rpm' + $epel_url = 'https://archives.fedoraproject.org/pub/archive/epel/epel-release-latest-5.noarch.rpm' + } + ensure_packages('percona-release',{ + ensure => present, + provider => 'rpm', + source => $percona_url, + }) + ensure_packages('epel-release',{ + ensure => present, + provider => 'rpm', + source => $epel_url, + }) + if ($facts['os']['name'] == 'Scientific') { + # $releasever resolves to '6.10' instead of '6' which breaks Percona repos + file { '/etc/yum/vars/releasever': + ensure => present, + content => '6', + } + } + } + default: { } + } + class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/xtrabackups', + provider => 'xtrabackup', + execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + } + MANIFEST + it 'when configuring mysql backup' do + idempotent_apply(pp) + end + end + + describe 'xtrabackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') && ((os[:family] == 'debian' && os[:release].to_i >= 8) || (os[:family] == 'ubuntu' && os[:release] =~ %r{^16\.04|^18\.04}) || (os[:family] == 'redhat' && os[:release].to_i > 6)) do # rubocop:disable Metrics/LineLength + before(:all) do + pre_run + end + + it 'runs xtrabackup.sh full backup with no errors' do + run_shell('/usr/local/sbin/xtrabackup.sh --target-dir=/tmp/xtrabackups/$(date +%F)_full --backup 2>&1 | tee /tmp/xtrabackup_full.log') do |r| + expect(r.exit_code).to be_zero + end + end + + it 'xtrabackup reports success for the full backup' do + # NOTE: Once support for CentOS 6 is dropped, we should check for "completed OK" instead. + run_shell('grep "xtrabackup: Transaction log of lsn" /tmp/xtrabackup_full.log') do |r| + expect(r.exit_code).to be_zero + end + end + + it 'creates a subdirectory for the full backup' do + run_shell('find /tmp/xtrabackups -mindepth 1 -maxdepth 1 -type d -name $(date +%Y)\*full | wc -l') do |r| + expect(r.stdout).to match(%r{1}) + expect(r.exit_code).to be_zero + end + end + + it 'runs xtrabackup.sh incremental backup with no errors' do + run_shell('sleep 1') + run_shell('/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp/xtrabackups/$(date +%F)_full --target-dir=/tmp/xtrabackups/$(date +%F_%H-%M-%S) --backup 2>&1 | tee /tmp/xtrabackup_inc.log') do |r| # rubocop:disable Metrics/LineLength + expect(r.exit_code).to be_zero + end + end + + it 'xtrabackup reports success for the incremental backup' do + # NOTE: Once support for CentOS 6 is dropped, we should check for "completed OK" instead. + run_shell('grep "xtrabackup: Transaction log of lsn" /tmp/xtrabackup_inc.log') do |r| + expect(r.exit_code).to be_zero + end + end + + it 'creates a new subdirectory for each backup' do + run_shell('find /tmp/xtrabackups -mindepth 1 -maxdepth 1 -type d -name $(date +%Y)\* | wc -l') do |r| + expect(r.stdout).to match(%r{2}) + expect(r.exit_code).to be_zero + end + end + end + # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength +end + +context 'with xtrabackup enabled and incremental backups disabled' do + context 'should work with no errors', if: ((os[:family] == 'debian' && os[:release].to_i >= 8) || (os[:family] == 'ubuntu' && os[:release] =~ %r{^16\.04|^18\.04}) || (os[:family] == 'redhat' && os[:release].to_i > 6)) do # rubocop:disable Metrics/LineLength + pp = <<-MANIFEST + class { 'mysql::server': root_password => 'password' } + mysql::db { [ + 'backup1', + 'backup2' + ]: + user => 'backup', + password => 'secret', + } + case $facts['os']['family'] { + /Debian/: { + file { '/tmp/percona-release_latest.deb': + ensure => present, + source => "http://repo.percona.com/apt/percona-release_latest.${facts['os']['distro']['codename']}_all.deb", + } + ensure_packages('gnupg') + ensure_packages('gnupg2') + ensure_packages('percona-release',{ + ensure => present, + provider => 'dpkg', + source => '/tmp/percona-release_latest.deb', + notify => Exec['apt-get update'], + }) + exec { 'apt-get update': + path => '/usr/bin:/usr/sbin:/bin:/sbin', + refreshonly => true, + } + } + /RedHat/: { + # RHEL/CentOS 5 is no longer supported by Percona, but older versions + # of the repository are still available. + if versioncmp($::operatingsystemmajrelease, '6') >= 0 { + $percona_url = 'http://repo.percona.com/yum/percona-release-latest.noarch.rpm' + $epel_url = "https://download.fedoraproject.org/pub/epel/epel-release-latest-${facts['os']['release']['major']}.noarch.rpm" + } else { + $percona_url = 'http://repo.percona.com/yum/release/5/os/noarch/percona-release-0.1-3.noarch.rpm' + $epel_url = 'https://archives.fedoraproject.org/pub/archive/epel/epel-release-latest-5.noarch.rpm' + } + ensure_packages('percona-release',{ + ensure => present, + provider => 'rpm', + source => $percona_url, + }) + ensure_packages('epel-release',{ + ensure => present, + provider => 'rpm', + source => $epel_url, + }) + if ($facts['os']['name'] == 'Scientific') { + # $releasever resolves to '6.10' instead of '6' which breaks Percona repos + file { '/etc/yum/vars/releasever': + ensure => present, + content => '6', + } + } + } + default: { } + } + class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/xtrabackups', + provider => 'xtrabackup', + incremental_backups => false, + execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + } + MANIFEST + it 'when configuring mysql backup' do + idempotent_apply(pp) + end + end + + describe 'xtrabackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') && ((os[:family] == 'debian' && os[:release].to_i >= 8) || (os[:family] == 'ubuntu' && os[:release] =~ %r{^16\.04|^18\.04}) || (os[:family] == 'redhat' && os[:release].to_i > 6)) do # rubocop:disable Metrics/LineLength + before(:all) do + pre_run + end + + it 'runs xtrabackup.sh with no errors' do + run_shell('/usr/local/sbin/xtrabackup.sh --target-dir=/tmp/xtrabackups/$(date +%F_%H-%M-%S) --backup 2>&1 | tee /tmp/xtrabackup.log') do |r| + expect(r.exit_code).to be_zero + end + end + + it 'xtrabackup reports success for the backup' do + # NOTE: Once support for CentOS 6 is dropped, we should check for "completed OK" instead. + run_shell('grep "xtrabackup: Transaction log of lsn" /tmp/xtrabackup.log') do |r| + expect(r.exit_code).to be_zero + end + end + end + # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength +end diff --git a/spec/classes/mysql_backup_xtrabackup_spec.rb b/spec/classes/mysql_backup_xtrabackup_spec.rb index c1e779a..a4daa2f 100644 --- a/spec/classes/mysql_backup_xtrabackup_spec.rb +++ b/spec/classes/mysql_backup_xtrabackup_spec.rb @@ -1,175 +1,232 @@ require 'spec_helper' describe 'mysql::backup::xtrabackup' do on_supported_os.each do |os, facts| context "on #{os}" do let(:pre_condition) do <<-EOF class { 'mysql::server': } EOF end let(:facts) do facts.merge(root_home: '/root') end let(:default_params) do { 'backupdir' => '/tmp' } end context 'with defaults' do let(:params) do default_params end it 'contains the wrapper script' do is_expected.to contain_file('xtrabackup.sh').with_content( %r{(\n*^xtrabackup\s+.*\$@)}, ) end + package = if facts[:osfamily] == 'RedHat' + if Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '8') >= 0 + 'percona-xtrabackup-24' + elsif Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '7') >= 0 + 'percona-xtrabackup' + else + 'percona-xtrabackup-20' + end + elsif facts[:operatingsystem] == 'Debian' + 'percona-xtrabackup-24' + elsif facts[:operatingsystem] == 'Ubuntu' + if Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '16') >= 0 + 'percona-xtrabackup' + else + 'percona-xtrabackup-24' + end + elsif facts[:osfamily] == 'Suse' + 'xtrabackup' + else + 'percona-xtrabackup' + end + it 'contains the weekly cronjob' do is_expected.to contain_cron('xtrabackup-weekly') .with( ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup', + command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp/$(date +\%F)_full --backup', user: 'root', hour: '23', minute: '5', weekday: '0', ) - .that_requires('Package[percona-xtrabackup]') + .that_requires("Package[#{package}]") end it 'contains the daily cronjob for weekdays 1-6' do + dateformat = case facts[:osfamily] + when 'FreeBSD', 'OpenBSD' + '$(date -v-sun +\%F)_full' + else + '$(date -d "last sunday" +\%F)_full' + end is_expected.to contain_cron('xtrabackup-daily') .with( ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp --target-dir=/tmp/$(date +\%F_\%H-\%M-\%S) --backup', + command: "/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp/#{dateformat} --target-dir=/tmp/$(date +\\\%F_\\\%H-\\\%M-\\\%S) --backup", user: 'root', hour: '23', minute: '5', weekday: '1-6', ) - .that_requires('Package[percona-xtrabackup]') + .that_requires("Package[#{package}]") end end context 'with backupuser and backuppassword' do let(:params) do { backupuser: 'backupuser', backuppassword: 'backuppassword' }.merge(default_params) end it 'contains the defined mysql user' do is_expected.to contain_mysql_user('backupuser@localhost') .with( ensure: 'present', password_hash: '*4110E08DF51E70A4BA1D4E33A84205E38CF3FE58', ) .that_requires('Class[mysql::server::root_password]') is_expected.to contain_mysql_grant('backupuser@localhost/*.*') .with( ensure: 'present', user: 'backupuser@localhost', table: '*.*', privileges: ['RELOAD', 'PROCESS', 'LOCK TABLES', 'REPLICATION CLIENT'], ) .that_requires('Mysql_user[backupuser@localhost]') end end context 'with additional cron args' do let(:params) do { additional_cron_args: '--backup --skip-ssl' }.merge(default_params) end + package = if facts[:osfamily] == 'RedHat' + if Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '8') >= 0 + 'percona-xtrabackup-24' + elsif Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '7') >= 0 + 'percona-xtrabackup' + else + 'percona-xtrabackup-20' + end + elsif facts[:operatingsystem] == 'Debian' + 'percona-xtrabackup-24' + elsif facts[:operatingsystem] == 'Ubuntu' + if Puppet::Util::Package.versioncmp(facts[:operatingsystemmajrelease], '16') >= 0 + 'percona-xtrabackup' + else + 'percona-xtrabackup-24' + end + elsif facts[:osfamily] == 'Suse' + 'xtrabackup' + else + 'percona-xtrabackup' + end + + dateformat = case facts[:osfamily] + when 'FreeBSD', 'OpenBSD' + '$(date -v-sun +\%F)_full' + else + '$(date -d "last sunday" +\%F)_full' + end + it 'contains the weekly cronjob' do is_expected.to contain_cron('xtrabackup-weekly') .with( ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup --skip-ssl', + command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp/$(date +\%F)_full --backup --skip-ssl', user: 'root', hour: '23', minute: '5', weekday: '0', ) - .that_requires('Package[percona-xtrabackup]') + .that_requires("Package[#{package}]") end it 'contains the daily cronjob for weekdays 1-6' do is_expected.to contain_cron('xtrabackup-daily') .with( ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp --target-dir=/tmp/$(date +\%F_\%H-\%M-\%S) --backup --skip-ssl', + command: "/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp/#{dateformat} --target-dir=/tmp/$(date +\\\%F_\\\%H-\\\%M-\\\%S) --backup --skip-ssl", user: 'root', hour: '23', minute: '5', weekday: '1-6', ) - .that_requires('Package[percona-xtrabackup]') + .that_requires("Package[#{package}]") end end context 'with deactivated incremental backups' do let(:params) do { incremental_backups: false }.merge(default_params) end it 'not contains the weekly cronjob' do is_expected.not_to contain_cron('xtrabackup-weekly') end it 'contains the daily cronjob with all weekdays' do is_expected.to contain_cron('xtrabackup-daily').with( ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup', + command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp/$(date +\%F_\%H-\%M-\%S) --backup', user: 'root', hour: '23', minute: '5', weekday: '*', ) end end context 'with prescript defined' do let(:params) do { prescript: ['rsync -a /tmp backup01.local-lan:', 'rsync -a /tmp backup02.local-lan:'] }.merge(default_params) end it 'contains the prescript' do is_expected.to contain_file('xtrabackup.sh').with_content( %r{.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*}, ) end end context 'with postscript defined' do let(:params) do { postscript: ['rsync -a /tmp backup01.local-lan:', 'rsync -a /tmp backup02.local-lan:'] }.merge(default_params) end it 'contains the prostscript' do is_expected.to contain_file('xtrabackup.sh').with_content( %r{.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*}, ) end end context 'with mariabackup' do let(:params) do { backupmethod: 'mariabackup' }.merge(default_params) end it 'contain the mariabackup executor' do is_expected.to contain_file('xtrabackup.sh').with_content( %r{(\n*^mariabackup\s+.*\$@)}, ) end end end end # rubocop:enable RSpec/NestedGroups end diff --git a/templates/xtrabackup.sh.erb b/templates/xtrabackup.sh.erb index c12cd07..0f7a98c 100644 --- a/templates/xtrabackup.sh.erb +++ b/templates/xtrabackup.sh.erb @@ -1,75 +1,75 @@ <%- if @kernel == 'Linux' -%> #!/bin/bash <%- else -%> #!/bin/sh <%- end -%> # # A wrapper for Xtrabackup ROTATE=<%= [ Integer(@backuprotate) - 1, 0 ].max %> DIR=<%= @backupdir %> # Ensure backup directory exist. mkdir -p $DIR <%- if @kernel == 'Linux' -%> set -o pipefail <%- end -%> <% if @prescript -%> <%- [@prescript].flatten.compact.each do |script| %> <%= script %> <%- end -%> <% end -%> cleanup() { <%- if @kernel == 'SunOS' -%> - gfind "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | gxargs -0 -r rm -f + gfind "${DIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | gxargs -0 -r rm -rf <%- else -%> - find "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | xargs -0 -r rm -f + find "${DIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | xargs -0 -r rm -rf <%- end -%> } <% if @delete_before_dump -%> cleanup <% end -%> <%- _innobackupex_args = '' -%> <%- if @backupuser and @backuppassword -%> <%- _innobackupex_args = '--user="' + @backupuser + '" --password="' + @backuppassword + '"' -%> <%- end -%> <%- if @backupcompress -%> <%- _innobackupex_args = _innobackupex_args + ' --compress' -%> <%- end -%> <%- if @backupdatabases and @backupdatabases.is_a?(Array) and !@backupdatabases.empty? -%> <%- _innobackupex_args = _innobackupex_args + ' --databases="' + @backupdatabases.join(' ') + '"' -%> <%- end -%> <%- if @optional_args and @optional_args.is_a?(Array) -%> <%- @optional_args.each do |arg| -%> <%- _innobackupex_args = _innobackupex_args + ' ' + arg -%> <%- end -%> <%- end -%> <%= @backupmethod -%> <%= _innobackupex_args %> $@ <% unless @delete_before_dump -%> if [ $? -eq 0 ] ; then cleanup touch <%= @backup_success_file_path %> fi <% end -%> <% if @postscript -%> <%- [@postscript].flatten.compact.each do |script| %> <%= script %> <%- end -%> <% end -%>