cfe-mariadb-cookbook
This installs MariaDB 10.0 by default and initiates databases and users. It can also install a script that performs a backup of all those databases into a designated S3 bucket.
The server is assumed to be using an IAM role with S3 bucket read/write access, instead of a physical credentials file.
When encryption is enabled for DB backups, the private and public keys are shared across all databases in the db_map attribute. Encryption is enabled separately for each individual database (see Usage below).
Note that enabling encryption can cause the backup process to take a very long time depending on how large the database is. That said, it is still very much recommended to do so.
Supported Platforms
Ubuntu 14.04
Attributes
| Key | Type | Description | Default |
|---|---|---|---|
| ['cfe-mariadb']['db_map'] | Hash | A hash/array of hashes that enumerate the DB names, users, passwords, etc. of all databases to be set up. Please see the default attributes file for examples. | {} |
| ['cfe-mariadb']['replication'] | Boolean | Whether replication is enabled or not | false |
| ['cfe-mariadb']['s3_region'] | String | AWS S3 region | 'us-east-1' |
| ['cfe-mariadb']['s3_bucket'] | String | AWS S3 bucket name | 'example-bucket' |
| ['cfe-mariadb']['backup']['cron']['sched'] | String | The backup cronjob schedule value in crontab syntax. | '0 0 * * *' |
| ['cfe-mariadb']['reload']['aws_access_key_id'] | String | If not using EC2 roles, enter AWS creds here | nil |
| ['cfe-mariadb']['reload']['aws_secret_access_key'] | String | If not using EC2 roles, enter AWS creds here | nil |
| ['cfe-mariadb']['reload']['false'] | Boolean | If the recipe 'reload_from_s3' is run, reload the databases even if it has already been done by a previous run of this recipe. | false |
| ['cfe-mariadb']['encrypt']['priv_key'] | String | Contents of the private key file used by recipe `reload_from_s3` if encrypted backups are used. | nil |
| ['cfe-mariadb']['encrypt']['pub_key'] | String | Contents of the public key file used by the backup script to encrypt files before uploading to the S3 bucket. | nil |
Usage
node['cfe-mariadb']['db_map']
Example config of a single database:
{
'example_db_name' => {
:db_user => 'example_db_username',
:db_pass => 'supersecret_pass',
:bak_filename => 'example_db_name.sql',
:bak_maxcopies => 30
:bak_encrypted => false,
:char_set => 'utf8',
:collate => 'utf8_general_ci'
}
}The properties :bak_encrypted, :char_set, and :collate are all optional and their default values are as shown above.
cfe-mariadb::default
Include cfe-mariadb in your node's run_list:
{
"run_list": [
"recipe[cfe-mariadb]"
]
}cfe-mariadb::backup2s3
This will install the backup script and also enable a cronjob to regularly run that script.
{
"run_list": [
"recipe[cfe-mariadb]",
"recipe[cfe-mariadb::backup2s3]"
]
}cfe-mariadb::reload_from_s3
Kind of the reverse of backup2s3. Download a gzip of a MySQL dump file from an S3 bucket, then load it up into a database. Do this for every database given in node['cfe-mariadb']['db_map'].
This recipe assumes the node is using an EC2 role that can access the given S3 bucket. Otherwise, enter the AWS credentials in node.default['cfe-mariadb']['reload']['aws_access_key_id'] and node.default['cfe-mariadb']['reload']['aws_secret_access_key'].
License and Authors
Author:: Earth U. ()