Merge pull request 'feat: puppetdb sql updates' (#5) from neoloc/puppetdb_sql into develop

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/5
This commit was merged in pull request #5.
This commit is contained in:
2024-06-01 14:36:27 +10:00
6 changed files with 71 additions and 12 deletions
+9 -8
View File
@@ -36,14 +36,15 @@ class profiles::consul::client (
# deploy the consul agent
class { 'consul':
config_hash => {
'data_dir' => $data_dir,
'datacenter' => $consul_cluster,
'log_level' => 'INFO',
'node_name' => $facts['networking']['fqdn'],
'retry_join' => $servers_array,
'bind_addr' => $::facts['networking']['ip'],
'advertise_addr' => $::facts['networking']['ip'],
'acl' => {
'data_dir' => $data_dir,
'datacenter' => $consul_cluster,
'log_level' => 'INFO',
'node_name' => $facts['networking']['fqdn'],
'retry_join' => $servers_array,
'bind_addr' => $::facts['networking']['ip'],
'advertise_addr' => $::facts['networking']['ip'],
'enable_script_checks' => true,
'acl' => {
tokens => {
default => fqdn_uuid("${facts['networking']['fqdn']}-${secret_id_salt}")
}
+21 -3
View File
@@ -2,6 +2,7 @@
class profiles::puppet::puppetdb_sql (
String $puppetdb_host = lookup('puppetdbsql'),
String $listen_address = $facts['networking']['ip'],
String $consul_test_db_pass = '',
) {
# disable the postgresql dnf module for el8+
@@ -17,9 +18,11 @@ class profiles::puppet::puppetdb_sql (
# Install and configure PostgreSQL for PuppetDB
class { 'puppetdb::database::postgresql':
listen_addresses => $listen_address,
postgres_version => '15',
puppetdb_server => $puppetdb_host,
listen_addresses => $listen_address,
postgres_version => '15',
puppetdb_server => $puppetdb_host,
manage_package_repo => false,
require => [ Yumrepo['postgresql-15'],Yumrepo['postgresql-common'] ],
}
contain ::puppetdb::database::postgresql
@@ -32,4 +35,19 @@ class profiles::puppet::puppetdb_sql (
value => $value,
}
}
# create consul database + user to test the host is responsive
postgresql::server::db { 'consul_test_db':
user => 'consul_test_user',
password => postgresql::postgresql_password('consul_test_user', Sensitive($consul_test_db_pass) ),
}
file { '/usr/local/bin/check_consul_postgresql':
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0755',
content => template('profiles/puppetdb/check_consul_postgresql.erb'),
before => Class['profiles::consul::client'],
}
}
@@ -0,0 +1,2 @@
#!/usr/bin/bash
PGPASSWORD=<%= @consul_test_db_pass %> /usr/bin/psql -U consul_test_user -d consul_test_db -h <%= @facts['networking']['ip'] %> -p 5432 -c "SELECT 1"
+3 -1
View File
@@ -6,6 +6,8 @@ class roles::infra::puppetdb::sql {
}else{
include profiles::defaults
include profiles::base
include profiles::puppet::puppetdb_sql
if $facts['enc_role'] == 'roles::infra::puppetdb::sql' {
include profiles::puppet::puppetdb_sql
}
}
}