Initial commit

CHANGELOG.rst

@@ -0,0 +1,6 @@
+mongodb formula
+===============
+
+0.0.1 (2015-08-03)
+
+- Initial formula setup

LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2014-2015 tcp cloud
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

README.rst

@@ -0,0 +1,121 @@
+=======
+MongoDB
+=======
+
+MongoDB (from "humongous") is an open-source document database, and the leading NoSQL database. Written in C++.
+
+Available states
+================
+
+.. contents::
+    :local:
+
+``mongodb.server``
+--------------------
+
+Setup MongoDB server
+
+Available metadata
+==================
+
+.. contents::
+    :local:
+
+``metadata.mongodb.server.single``
+----------------------------------
+
+Single-node MongoDB setup
+
+``metadata.mongodb.server.cluster``
+-----------------------------------
+
+Clustered MongoDB setup
+
+Configuration parameters
+========================
+
+
+Example reclass
+===============
+
+Setup MongoDB with database for ceilometer.
+
+.. code-block:: yaml
+
+     classes:
+     - service.mongodb.server.cluster
+     parameters:
+        _param:
+          mongodb_server_replica_set: ceilometer
+          mongodb_ceilometer_password: cloudlab
+          mongodb_admin_password: cloudlab
+          mongodb_shared_key: xxx
+        mongodb:
+          server:
+            database:
+              ceilometer:
+                enabled: true
+                password: ${_param:mongodb_ceilometer_password}
+                users:
+                -  name: ceilometer
+                   password: ${_param:mongodb_ceilometer_password}
+
+Sample pillars
+==============
+
+Simple single server
+
+.. code-block:: yaml
+
+    mongodb:
+      server:
+        enabled: true
+        bind:
+          address: 0.0.0.0
+          port: 27017
+        admin:
+          username: admin
+          password: magicunicorn
+        database:
+          dbname:
+            enabled: true
+            encoding: 'utf8'
+            users:
+            - name: 'username'
+              password: 'password'
+
+Cluster of 3 nodes
+
+.. code-block:: yaml
+
+    mongodb:
+      server:
+        enabled: true
+        admin:
+          user: admin
+          password: magicunicorn
+        master: mongo01
+        members:
+          - host: 192.168.1.11
+            priority: 2
+          - host: 192.168.1.12
+          - host: 192.168.1.13
+        replica_set: default
+        shared_key: magicunicorn
+
+It's possible that first Salt run on master node won't pass correctly before
+all slave nodes are up and ready.
+Simply run salt again on master node to setup cluster, databases and users.
+
+To check cluster status, execute following:
+
+.. code-block:: bash
+
+    mongo 127.0.0.1:27017/admin -u admin -p magicunicorn --eval "rs.status()"
+
+Read more
+=========
+
+* http://docs.mongodb.org/manual/
+* http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
+* https://www.linode.com/docs/databases/mongodb/creating-a-mongodb-replication-set-on-ubuntu-12-04-precise

VERSION

@@ -0,0 +1 @@
+0.2

debian/changelog

@@ -0,0 +1,11 @@
+salt-formula-mongodb (0.2) trusty; urgency=medium
+
+  * First public release
+
+ -- Filip Pytloun <filip.pytloun@tcpcloud.eu>  Tue, 06 Oct 2015 16:38:47 +0200
+
+salt-formula-mongodb (0.1) trusty; urgency=medium
+
+  * Initial release
+
+ -- Filip Pytloun <filip.pytloun@tcpcloud.eu>  Thu, 13 Aug 2015 23:23:41 +0200

debian/compat

@@ -0,0 +1 @@
+9

debian/control

@@ -0,0 +1,15 @@
+Source: salt-formula-mongodb
+Maintainer: Filip Pytloun <filip.pytloun@tcpcloud.eu>
+Section: admin
+Priority: optional
+Build-Depends: debhelper (>= 9)
+Standards-Version: 3.9.6
+Homepage: http://www.tcpcloud.eu
+Vcs-Browser: https://github.com/tcpcloud/salt-formula-mongodb
+Vcs-Git: https://github.com/tcpcloud/salt-formula-mongodb.git
+
+Package: salt-formula-mongodb
+Architecture: all
+Depends: ${misc:Depends}, salt-master, reclass
+Description: MongoDB Salt formula
+ Install and configure MongoDB server.

debian/copyright

@@ -0,0 +1,15 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: salt-formula-mongodb
+Upstream-Contact: Filip Pytloun <filip.pytloun@tcpcloud.eu>
+Source: https://github.com/tcpcloud/salt-formula-mongodb
+
+Files: *
+Copyright: 2014-2015 tcp cloud
+License: Apache-2.0
+  Copyright (C) 2014-2015 tcp cloud
+  .
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  .
+  On a Debian system you can find a copy of this license in
+  /usr/share/common-licenses/Apache-2.0.

debian/docs

@@ -0,0 +1,3 @@
+README.rst
+CHANGELOG.rst
+VERSION

debian/install

@@ -0,0 +1,2 @@
+mongodb/*             /usr/share/salt-formulas/env/mongodb/
+metadata/service/*    /usr/share/salt-formulas/reclass/service/mongodb/

debian/rules

@@ -0,0 +1,5 @@
+#!/usr/bin/make -f
+
+%:
+	dh $@
+

debian/source/format

@@ -0,0 +1 @@
+3.0 (native)

metadata/service/server/cluster.yml

@@ -0,0 +1,19 @@
+applications:
+- mongodb
+parameters:
+  _param:
+    mongodb_server_replica_set: default
+  mongodb:
+    server:
+      enabled: true
+      admin:
+        user: admin
+        password: ${_param:mongodb_admin_password}
+      bind:
+        address: 0.0.0.0
+        port: 27017
+      replica_set: ${_param:mongodb_server_replica_set}
+      shared_key: ${_param:mongodb_shared_key}
+      members: ${_param:mongodb_server_members}
+      master: ${_param:mongodb_master}
+

metadata/service/server/single.yml

@@ -0,0 +1,15 @@
+applications:
+- mongodb
+parameters:
+  mongodb:
+    server:
+      enabled: true
+      admin:
+        user: admin
+        password: ${_param:mongodb_admin_password}
+      bind:
+        address: 0.0.0.0
+        port: 27017
+      shard_service: False
+      config_service: False
+      shared_key: ${_param:mongodb_shared_key}

mongodb/files/cluster.js

@@ -0,0 +1,16 @@
+{%- from "mongodb/map.jinja" import server with context %}
+rs.initiate({
+    "_id": "{{ server.replica_set }}",
+    "members": [
+        {%- for member in server.members %}
+        {
+            "_id": {{ loop.index0 }},
+            {%- if member.priority is defined %}
+            "priority": {{ member.priority }},
+            {%- endif %}
+            "host": "{{ member.host }}"
+        }{% if not loop.last %},{% endif %}
+        {%- endfor %}
+    ]
+});
+rs.conf();

mongodb/files/mongodb.conf

@@ -0,0 +1,113 @@
+{%- from "mongodb/map.jinja" import server with context %}
+
+# mongodb.conf
+
+# Where to store the data.
+dbpath=/var/lib/mongodb
+
+#where to log
+logpath=/var/log/mongodb/mongodb.log
+
+logappend=true
+
+bind_ip = {{ server.bind.address }}
+#port = 27017
+
+# Enable journaling, http://www.mongodb.org/display/DOCS/Journaling
+journal=true
+
+# Enables periodic logging of CPU utilization and I/O wait
+#cpu = true
+
+keyFile = /etc/mongodb.key
+
+{%- if server.replica_set is defined %}
+replSet = {{ server.replica_set }}
+{%- endif %}
+
+# Turn on/off security.  Off is currently the default
+#noauth = true
+auth = true
+
+# Verbose logging output.
+verbose = true
+
+# Inspect all client data for validity on receipt (useful for
+# developing drivers)
+#objcheck = true
+
+# Enable db quota management
+#quota = true
+
+setParameter = logLevel=1
+
+#OpenStack guide for Juno
+smallfiles = true
+
+# Set oplogging level where n is
+#   0=off (default)
+#   1=W
+#   2=R
+#   3=both
+#   7=W+some reads
+#oplog = 0
+
+# Diagnostic/debugging option
+#nocursors = true
+
+# Ignore query hints
+#nohints = true
+
+# Disable the HTTP interface (Defaults to localhost:27018).
+#nohttpinterface = true
+
+# Turns off server-side scripting.  This will result in greatly limited
+# functionality
+#noscripting = true
+
+# Turns off table scans.  Any query that would do a table scan fails.
+#notablescan = true
+
+# Disable data file preallocation.
+#noprealloc = true
+
+# Specify .ns file size for new databases.
+# nssize = <size>
+
+# Accout token for Mongo monitoring server.
+#mms-token = <token>
+
+# Server name for Mongo monitoring server.
+#mms-name = <server-name>
+
+# Ping interval for Mongo monitoring server.
+#mms-interval = <seconds>
+
+# Replication Options
+
+# in replicated mongo databases, specify here whether this is a slave or master
+#slave = true
+#source = master.example.com
+# Slave only: specify a single database to replicate
+#only = master.example.com
+# or
+#master = true
+#source = slave.example.com
+
+# Address of a server to pair with.
+#pairwith = <server:port>
+# Address of arbiter server.
+#arbiter = <server:port>
+# Automatically resync if slave data is stale
+#autoresync
+# Custom size for replication operation log.
+#oplogSize = <MB>
+# Size limit for in-memory storage of op ids.
+#opIdMem = <bytes>
+
+# SSL options
+# Enable SSL on normal ports
+#sslOnNormalPorts = true
+# SSL Key file and password
+#sslPEMKeyFile = /etc/ssl/mongodb.pem
+#sslPEMKeyPassword = pass

mongodb/files/user.js

@@ -0,0 +1,3 @@
+{%- from "mongodb/map.jinja" import server with context -%}
+db.addUser("admin","{{ server.admin.password }}")
+db.auth("admin","{{ server.admin.password }}")

mongodb/files/user_role.js

@@ -0,0 +1,3 @@
+{%- from "mongodb/map.jinja" import server with context -%}
+db = db.getSiblingDB("{{ database_name }}");
+db.addUser({user: "{{ database_name }}", pwd: "{{ pillar.ceilometer.server.database.password }}",roles: [ "readWrite", "dbAdmin" ]});

mongodb/init.sls

@@ -0,0 +1,4 @@
+{%- if pillar.mongodb is defined %}
+include:
+  - mongodb.server
+{%- endif %}

mongodb/map.jinja

@@ -0,0 +1,30 @@
+{% set server = salt['grains.filter_by']({
+    'Debian': {
+        'pkgs': ['mongodb-server', 'mongodb', 'python-pymongo', 'mongodb-clients'],
+        'service': 'mongodb',
+        'lock_dir': "/var/lock/mongodb",
+        'bind': {
+          'address': '0.0.0.0',
+          'port': 27017
+        },
+        'config_service': False,
+        'shard_service': True,
+        'admin': {
+          'username': 'root'
+        }
+    },
+    'RedHat': {
+        'pkgs': ['mongodb-server', 'mongodb', 'python-pymongo', 'mongodb-clients'],
+        'service': 'mongod',
+        'lock_dir': "/var/lock/mongodb",
+        'bind': {
+          'address': '0.0.0.0',
+          'port': 27017
+        },
+        'config_service': False,
+        'shard_service': True,
+        'admin': {
+          'username': 'root'
+        }
+    },
+}, merge=salt['pillar.get']('mongodb:server')) %}

mongodb/server.sls

@@ -0,0 +1,116 @@
+{%- from "mongodb/map.jinja" import server with context %}
+{%- if server.enabled %}
+
+mongodb_packages:
+  pkg.installed:
+  - names: {{ server.pkgs }}
+
+/etc/mongodb.conf:
+  file.managed:
+  - source: salt://mongodb/files/mongodb.conf
+  - template: jinja
+  - require:
+    - pkg: mongodb_packages
+
+{%- if server.shared_key is defined %}
+
+/etc/mongodb.key:
+  file.managed:
+  - contents_pillar: mongodb:server:shared_key
+  - mode: 600
+  - user: mongodb
+  - require:
+    - pkg: mongodb_packages
+  - watch_in:
+    - service: mongodb_service
+
+{%- endif %}
+
+{{ server.lock_dir }}:
+  file.directory:
+    - makedirs: true
+
+mongodb_service:
+  service.running:
+  - name: {{ server.service }}
+  - enable: true
+  - require:
+    - file: {{ server.lock_dir }}
+    - pkg: mongodb_packages
+  - watch:
+    - file: /etc/mongodb.conf
+
+{%- if server.members is not defined  or server.master == pillar.linux.system.name %}
+{# We are not a cluster or we are master #}
+
+/var/tmp/mongodb_user.js:
+  file.managed:
+  - source: salt://mongodb/files/user.js
+  - template: jinja
+  - mode: 600
+  - user: root
+
+mongodb_change_root_password:
+  cmd.run:
+  - name: 'mongo localhost:27017/admin /var/tmp/mongodb_user.js && touch {{ server.lock_dir }}/mongodb_password_changed'
+  - require:
+    - file: /var/tmp/mongodb_user.js
+    - service: mongodb_service
+  - creates: {{ server.lock_dir }}/mongodb_password_changed
+
+{%- for database_name, database in server.get('database', {}).iteritems() %}
+
+mongodb_database_{{ database_name }}:
+  mongodb_user.present:
+  - name: {{ database_name }}
+  - passwd: {{ database.password }}
+  {%- if server.members is defined %}
+  require:
+    - cmd: mongodb_setup_cluster
+  {%- endif %}
+
+/var/tmp/mongodb_user_{{ database_name }}.js:
+  file.managed:
+  - source: salt://mongodb/files/user_role.js
+  - template: jinja
+  - mode: 600
+  - user: root
+  - require:
+    - mongodb_user: {{ database_name }}
+  - defaults:
+      database_name: {{ database_name }}
+
+mongodb_{{ database_name }}_fix_role:
+  cmd.run:
+  - name: 'mongo localhost:27017/admin -u admin -p {{ server.admin.password }} /var/tmp/mongodb_user_{{ database_name }}.js && touch {{ server.lock_dir }}/mongodb_user_{{ database_name }}_created'
+  - require:
+    - file: /var/tmp/mongodb_user_{{ database_name }}.js
+    - service: mongodb_service
+  - creates: {{ server.lock_dir }}/mongodb_user_{{ database_name }}_created
+
+{%- endfor %}
+
+{%- if server.members is defined %}
+
+/var/tmp/mongodb_cluster.js:
+  file.managed:
+  - source: salt://mongodb/files/cluster.js
+  - template: jinja
+  - mode: 600
+  - user: root
+
+mongodb_setup_cluster:
+  cmd.run:
+  - name: 'mongo localhost:27017/admin /var/tmp/mongodb_cluster.js && mongo localhost:27017/admin --quiet --eval "rs.conf()" | grep object -q'
+  - unless: 'mongo localhost:27017/admin -u admin -p {{ server.admin.password }} --quiet --eval "rs.conf()" | grep object -q'
+  - require:
+    - service: mongodb_service
+    - file: /var/tmp/mongodb_cluster.js
+  - require_in:
+    - cmd: mongodb_change_root_password
+
+{%- endif %}
+
+{%- endif %}
+
+{%- endif %}