First draft of cfe-mariadb port

nollieheel
Showing 7 changed files with 302 additions and 0 deletions
Berksfile
README.md
attributes/default.rb
metadata.rb
recipes/backup2s3.rb
recipes/default.rb
templates/default/backup_db_to_s3.erb
--- a/Berksfile 0 → 100644
View file @3c4b4df
+++ b/Berksfile 0 → 100644
View file @3c4b4df
+source 'https://supermarket.getchef.com'
+
+cookbook 'mariadb', '~> 0.2.12'
+cookbook 'mysql2_chef_gem', '~> 1.0.2'
+cookbook 'database', '~> 4.0.9'
+cookbook 'awscli', '~> 1.0.1'
--- a/README.md 0 → 100644
View file @3c4b4df
+++ b/README.md 0 → 100644
View file @3c4b4df
+The cfe-mariadb Cookbook.
--- a/attributes/default.rb 0 → 100644
View file @3c4b4df
+++ b/attributes/default.rb 0 → 100644
View file @3c4b4df
+#
+# Cookbook Name:: cfe-mariadb
+# Attributes:: default
+#
+# Copyright 2016, Chromedia
+#
+# All rights reserved - Do Not Redistribute
+#
+
+## The 'db_map' should contain this format:
+# default['cfe-mariadb']['db_map'] = {
+#   'example_db_name' => {
+#     :db_user       => 'example_db_username',
+#     :db_pass       => 'example_db_password',
+#     :bak_filename  => 'example_db_name.sql',
+#     :bak_maxcopies => 30
+## Optional:
+#     :char_set => 'latin1',
+#     :collate  => 'latin1_swedish_ci'
+#   }
+# }
+default['cfe-mariadb']['db_map']      = {}
+# Make sure to set replication on only when necessary
+default['cfe-mariadb']['replication'] = false
+
+default['cfe-mariadb']['backup']['s3_region']     = 'us-east-1'
+default['cfe-mariadb']['backup']['s3_bucket']     = 'example-bucket'
+default['cfe-mariadb']['backup']['aws_bin']       = '/use/local/bin/aws',
+default['cfe-mariadb']['backup']['mysqldump_bin'] = '/usr/bin/mysqldump',
+# Path to directory where the backup script should be placed
+default['cfe-mariadb']['backup']['script_dir']    = ::File.join(
+  node['mariadb']['configuration']['path'], 'scripts'
+)
+default['cfe-mariadb']['backup']['cron']['min']    = '0'
+default['cfe-mariadb']['backup']['cron']['hour']   = '0'
+default['cfe-mariadb']['backup']['cron']['day']    = '*'
+default['cfe-mariadb']['backup']['cron']['mon']    = '*'
+default['cfe-mariadb']['backup']['cron']['wday']   = '*'
+default['cfe-mariadb']['backup']['cron']['mailto'] = ''
+
+default['mariadb']['server_root_password']   = 'password'
+default['mariadb']['mysqld']['bind_address'] = '127.0.0.1'
+default['mariadb']['mysqld']['port']         = '3306'
+default['mariadb']['install']['type']        = 'package'
+default['mariadb']['install']['version']     = '5.5'
+default['mariadb']['forbid_remote_root']     = true
+# io_capacity has to be roughly the IO capacity of the EC2 instance.
+# buffer_pool_size can be increased to 75% (0.75) of RAM if dedicated server.
+default['mariadb']['innodb']['io_capacity']      = '600'
+default['mariadb']['innodb']['buffer_pool_size'] =
+  ( %x(free -m).split(' ')[7].to_i * 0.5 ).round.to_s
+
+## Tip:
+## For encrypted attributes like passwords,
+## the following is possible in the attributes file:
+##
+# secret = Chef::EncryptedDataBagItem.load(
+#   node['cfe-gitlab']['data_bag'],
+#   node['cfe-gitlab']['data_bag_item_secret']
+# )
+# default['cfe-gitlab']['some_prop'] = secret['db_pass']
--- a/metadata.rb 0 → 100644
View file @3c4b4df
+++ b/metadata.rb 0 → 100644
View file @3c4b4df
+name             'cfe-mariadb'
+maintainer       'Chromedia'
+maintainer_email 'sysadmin@chromedia.com'
+license          'All rights reserved'
+description      'Simplifies setup of MariaDB in Chromedia.'
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version          '0.1.0'
+
+{
+  'mariadb'         => '0.2.12',
+  'mysql2_chef_gem' => '1.0.2',
+  'database'        => '4.0.9',
+  'awscli'          => '1.0.1'
+}.each { |cb, ver| depends cb, '~> ' + ver }
+
+supports 'ubuntu', '>= 14.04'
--- a/recipes/backup2s3.rb 0 → 100644
View file @3c4b4df
+++ b/recipes/backup2s3.rb 0 → 100644
View file @3c4b4df
+#
+# Cookbook Name:: cfe-mariadb
+# Recipe:: backup2s3
+#
+# Copyright 2016, Chromedia
+#
+# All rights reserved - Do Not Redistribute
+#
+
+# Sets up the shell script that backs up the databases
+# and uploads them to a S3 bucket.
+# Also sets up the cron job to regularly run this script.
+
+# TODO: set up logrotate
+include_recipe 'awscli'
+
+md   = node['cfe-mariadb']
+mdb  = md['backup']
+mdbc = mdb['cron']
+
+template "#{scr_dir}/backup_db_to_s3" do
+  only_if "test -d #{mdb['script_dir']} || mkdir -p #{mdb['script_dir']}"
+  variables(
+    :db_map        => md['db_map'],
+    :db_ip         => node['mariadb']['mysqld']['bind_address'],
+    :db_port       => node['mariadb']['mysqld']['port'],
+    :s3_region     => mdb['s3_region'],
+    :s3_bucket     => mdb['s3_bucket'],
+    :aws_bin       => mdb['aws_bin'],
+    :mysqldump_bin => mdb['mysqldump_bin']
+  )
+end
+
+cron 'backup_db_to_s3' do
+  command "bash #{scr_dir}/backup_db_to_s3"
+  minute  mdbc['min']
+  hour    mdbc['hour']
+  day     mdbc['day']
+  month   mdbc['mon']
+  weekday mdbc['wday']
+  mailto  mdbc['mailto']
+  path    '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
+end
--- a/recipes/default.rb 0 → 100644
View file @3c4b4df
+++ b/recipes/default.rb 0 → 100644
View file @3c4b4df
+#
+# Cookbook Name:: cfe-mariadb
+# Recipe:: default
+#
+# Copyright 2016, Chromedia
+#
+# All rights reserved - Do Not Redistribute
+#
+
+# Some notes:
+#   If the DB server is dedicated, it might be a good idea to 
+#   add 'noatime' to the / disk's mount options.
+
+chef_gem 'chef-rewind' do
+  compile_time true if respond_to?(:compile_time)
+end
+require 'chef/rewind'
+
+mysql2_chef_gem 'default' do
+  action :install
+end
+
+include_recipe 'mariadb'
+
+# It looks like the service is sometimes not being restarted
+# correctly. This rewind will make sure the right provider is used.
+rewind 'service[mysql]' do
+  supports :status => true, :restart => true
+end
+
+# If we are not replicating. 
+# Binary logging actually causes an issue with some CiviCRM installations
+# when using remote database servers.
+if not node['cfe-mariadb']['replication']
+  rewind 'mariadb_configuration[replication]' do
+    action :remove
+  end
+end
+
+# Prepare the needed databases and users.
+con = {
+  :port     => node['mariadb']['mysqld']['port'],
+  :username => 'root',
+  :password => node['mariadb']['server_root_password']
+}
+node.default['cfe-mariadb']['db_map'].each do |dbx_name, dbx|
+
+  mysql_database dbx_name do
+    connection con
+    action     :create
+    if dbx.has_key?(:char_set)
+      encoding dbx[:char_set]
+    end
+    if dbx.has_key?(:collate)
+      collation dbx[:collate]
+    end
+  end
+
+  mysql_database_user dbx[:db_user] do
+    connection    con
+    password      dbx[:db_pass]
+    database_name dbx_name
+    host          '%'
+    privileges    [:all]
+    action        :grant
+  end
+end
--- a/templates/default/backup_db_to_s3.erb 0 → 100644
View file @3c4b4df
+++ b/templates/default/backup_db_to_s3.erb 0 → 100644
View file @3c4b4df
+#!/bin/bash
+# Generated by Chef.
+#
+# Perform mysqldump on databases and upload the 
+# resulting backup files into an S3 bucket.
+
+set -e
+
+<% bak_dir = "#{Chef::Config[:file_cache_path]}/backup_db_to_s3" -%>
+bak_dir=<%= bak_dir %>
+db_host=<%= @db_ip %>
+db_port=<%= @db_port %>
+bucket=<%= @s3_bucket %>
+region=<%= @s3_region %>
+
+aws_bin=<%= @aws_bin %>
+mysqldump_bin=<%= @mysqldump_bin %>
+
+log_dir=/var/log/backup_db_to_s3
+if [[ ! -d "$log_dir" ]] ; then
+    mkdir -p "$log_dir"
+fi
+
+exec 3>&1 4>&2
+trap 'exec 2>&4 1>&3' 0 1 2 3
+exec 1>>"${log_dir}/backup_db_to_s3.log" 2>&1
+
+if [[ ! -d "$bak_dir" ]] ; then
+    echo "$(date) : Create backup directory."
+    mkdir -p "$bak_dir"
+fi
+
+# Perform mysqldump on a database.
+# Args:
+#   $1 = db name
+#   $2 = db user
+#   $3 = db password
+#   $4 = dump file filename, e.g. 'mydb.sql'
+export_db() {
+    echo "$(date) : Export database ${1}."
+    "$mysqldump_bin" -h "$db_host" -P "$db_port" -C --opt \
+                     --no-create-db --single-transaction --lock-tables \
+                     -u "$2" -p"$3" "$1" > "${bak_dir}/${4}"
+}
+
+# Compress the backup file with gzip.
+# Args:
+#   $1 = dump file filename, e.g. 'mydb.sql'
+compress_backup_file() {
+    echo "$(date) : Gzip file ${1}."
+    gzip "${bak_dir}/${1}"
+}
+
+# Rotate the current backups in S3.
+# Args:
+#   $1 = dump file filename, e.g. 'mydb.sql'
+#   $2 = max number of backup files to store at a time
+increment_backup_names() {
+    bak_keyname="${1}.gz"
+    max_backups=$2
+
+    baks=$( "$aws_bin" --output text --region "$region" \
+                       s3api list-objects --bucket "$bucket" \
+            | grep '^CONTENTS' | cut -f3 | grep "^${bak_keyname}" || echo "" )
+
+    echo "$(date) : Backup rotation for ${bak_keyname}."
+    start=$((max_backups - 1))
+
+    for (( x=start ; x > 0 ; x-- )) ; do
+        if echo "$baks" | grep "^${bak_keyname}\\.${x}\$" ; then
+            newx=$((x + 1))
+            if [[ $newx -lt $max_backups ]] ; then
+                "$aws_bin" --region "$region" \
+                           s3 cp "s3://${bucket}/${bak_keyname}.${x}" \
+                                 "s3://${bucket}/${bak_keyname}.${newx}"
+            fi
+        fi
+    done
+
+    if echo "$baks" | grep "^${bak_keyname}\$" ; then
+        "$aws_bin" --region "$region" \
+                   s3 cp "s3://${bucket}/${bak_keyname}" \
+                         "s3://${bucket}/${bak_keyname}.1"
+    fi
+}
+
+# Upload the compressed db backup file.
+# Args:
+#   $1 = dump file filename, e.g. 'mydb.sql'
+upload_to_s3() {
+    echo "$(date) : Upload ${1}.gz to S3 bucket ${bucket}."
+    "$aws_bin" --region "$region" \
+               s3 mv "${bak_dir}/${1}.gz" "s3://${bucket}/${1}.gz"
+}
+
+# First, perform mysqldump on each database.
+<% @db_map.each do |db_name, db| -%>
+export_db <%= db_name %> <%= db[:db_user] %> '<%= db[:db_pass] %>' <%= db[:bak_filename] %>
+<% end -%>
+
+# Then compress and upload the backup files one by one.
+<% @db_map.each do |db_name, db| -%>
+compress_backup_file <%= db[:bak_filename] %>
+increment_backup_names <%= db[:bak_filename] %> <%= db[:bak_maxcopies] %>
+upload_to_s3 <%= db[:bak_filename] %>
+
+<% end -%>
+echo "$(date) : Done."