add support for systemd-based status checks, refs #191

Co-Authored-By: PopiBrossard <[email protected]>
Co-Authored-By: cruelsmith <[email protected]>

.fixtures.yml

@@ -8,5 +8,6 @@ fixtures:
     "provision": "https://github.com/puppetlabs/provision.git"
     "puppet_agent": "https://github.com/puppetlabs/puppetlabs-puppet_agent.git"
     "stdlib": "https://github.com/puppetlabs/puppetlabs-stdlib.git"
+    "systemd": "https://github.com/voxpupuli/puppet-systemd.git"
     "xinetd": "https://github.com/puppetlabs/puppetlabs-xinetd.git"
     "yumrepo_core": "https://github.com/puppetlabs/puppetlabs-yumrepo_core.git"

CHANGELOG.md

@@ -4,6 +4,19 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [Unreleased]
+
+### Added
+* Add new parameter `$status_check_type`
+* Add new parameter `$status_systemd_service_name`
+* Add systemd-based status check ([#191])
+* Add support for new operating systems
+
+### Changed
+* Enable systemd-based status check on RHEL 9, Debian 12 and Ubuntu 24.04 ([#191])
+* Add new dependency for systemd-based status check ([#191])
+* Extend unit tests ([#191])
+
 ## [3.2.1] - 2024-03-13
 
 ### Changed
@@ -313,6 +326,7 @@ This is the first release after extensive code refactoring and introduces multip
 [0.7.2]: https://github.com/markt-de/puppet-galera/compare/0.7.1...0.7.2
 [0.7.1]: https://github.com/markt-de/puppet-galera/compare/0.7.0...0.7.1
 [0.7.0]: https://github.com/markt-de/puppet-galera/compare/0.0.6...0.7.0
+[#191]: https://github.com/markt-de/puppet-galera/pull/191
 [#186]: https://github.com/markt-de/puppet-galera/pull/186
 [#185]: https://github.com/markt-de/puppet-galera/pull/185
 [#179]: https://github.com/markt-de/puppet-galera/pull/179

README.md

@@ -36,6 +36,9 @@ It will try to recover from failures by bootstrapping on a node designated as th
 * [puppetlabs/mysql](https://github.com/puppetlabs/puppetlabs-mysql) and other soft dependencies
 * A [supported version](#os-and-cluster-compatibility) of Codership Galera (MySQL), MariaDB or Percona XtraDB Cluster
 * `nmap` is required for the cluster bootstrap functionality
+* [puppetlabs/xinetd](https://github.com/puppetlabs/puppetlabs-xinetd) if `galera::status_type` is set to `xinetd` (default for FreeBSD)
+* [puppet/systemd](https://github.com/voxpupuli/puppet-systemd) if `galera::status_type` is set to `systemd` (default for newer Linux distributions)
+* [puppetlabs/firewall](https://github.com/puppetlabs/puppetlabs-firewall) unless `galera::configure_firewall` is disabled
 
 ## Usage
 

REFERENCE.md

@@ -18,9 +18,7 @@
 * `galera::redhat`: Adds workarounds to solve issues specific to RedHat-based systems.
 * `galera::repo`: Evaluates which repositories should be enabled depending on $vendor_type and $vendor_version.
 * `galera::status`: Configures a user and script that will check the status of the galera cluster.
-* `galera::validate`: Validate that the cluster can accept connections at the point where
-the `mysql::server` resource is marked as complete.
-This is used because after returning success, the service is still not quite ready.
+* `galera::validate`: Validate that the cluster can accept connections.
 
 ### Defined types
 
@@ -82,6 +80,7 @@ The following parameters are available in the `galera` class:
 * [`status_available_when_donor`](#-galera--status_available_when_donor)
 * [`status_available_when_readonly`](#-galera--status_available_when_readonly)
 * [`status_check`](#-galera--status_check)
+* [`status_check_type`](#-galera--status_check_type)
 * [`status_cps`](#-galera--status_cps)
 * [`status_flags`](#-galera--status_flags)
 * [`status_host`](#-galera--status_host)
@@ -98,6 +97,7 @@ The following parameters are available in the `galera` class:
 * [`status_system_group`](#-galera--status_system_group)
 * [`status_system_user`](#-galera--status_system_user)
 * [`status_system_user_config`](#-galera--status_system_user_config)
+* [`status_systemd_service_name`](#-galera--status_systemd_service_name)
 * [`status_user`](#-galera--status_user)
 * [`status_xinetd_service_name`](#-galera--status_xinetd_service_name)
 * [`validate_connection`](#-galera--validate_connection)
@@ -454,6 +454,13 @@ Data type: `Boolean`
 Specifies whether to configure a user and script that will check the status
 of the galera cluster. Default: `true`
 
+##### <a name="-galera--status_check_type"></a>`status_check_type`
+
+Data type: `Enum['systemd', 'xinetd']`
+
+Specifies the type of service to use for status checks. Supported values
+are either `systemd` or `xinetd`, depending on the operating system.
+
 ##### <a name="-galera--status_cps"></a>`status_cps`
 
 Data type: `Optional[String]`
@@ -567,6 +574,12 @@ Data type: `Hash`
 
 The config for the operating system user.
 
+##### <a name="-galera--status_systemd_service_name"></a>`status_systemd_service_name`
+
+Data type: `String`
+
+The name of the systemd status service.
+
 ##### <a name="-galera--status_user"></a>`status_user`
 
 Data type: `String`
@@ -578,7 +591,7 @@ Default: `clustercheck`
 
 Data type: `String`
 
-The name of the xinetd service.
+The name of the xinetd status service.
 
 ##### <a name="-galera--validate_connection"></a>`validate_connection`
 

data/Debian-10.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/Debian-11.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/Debian-8.yaml

@@ -3,3 +3,5 @@ galera::repo::mariadb::apt:
   key:
     id: '199369E5404BD5FC7D2FE43BCBCB082A1BB943DB'
     server: 'keyserver.ubuntu.com'
+
+galera::status_check_type: 'xinetd'

data/Debian-9.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/FreeBSD-family.yaml

@@ -3,6 +3,8 @@
 galera::configure_firewall: false
 galera::configure_repo: false
 
+galera::status_check_type: 'xinetd'
+
 #
 # Codership - version-specific settings
 #

data/RedHat-6-family.yaml

@@ -10,3 +10,5 @@ galera::percona::55::bootstrap_command: '/etc/init.d/mysql bootstrap-pxc'
 galera::percona::56::bootstrap_command: '/etc/init.d/mysql bootstrap-pxc'
 galera::percona::57::bootstrap_command: '/etc/init.d/mysql bootstrap-pxc'
 galera::percona::bootstrap_command: '/etc/init.d/mysql bootstrap-pxc'
+
+galera::status_check_type: 'xinetd'

data/RedHat-7-family.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/RedHat-8-family.yaml

@@ -20,3 +20,5 @@ galera::repo::percona::yum:
 galera::repo::percona_tools::yum:
   priority: 1
   module_hotfixes: 1
+
+galera::status_check_type: 'xinetd'

data/Ubuntu-18.04.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/Ubuntu-20.04.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/Ubuntu-22.04.yaml

@@ -0,0 +1,2 @@
+---
+galera::status_check_type: 'xinetd'

data/common.yaml

@@ -56,6 +56,7 @@ galera::status_allow: '%'
 galera::status_available_when_donor: 0
 galera::status_available_when_readonly: -1
 galera::status_check: true
+galera::status_check_type: 'systemd'
 galera::status_flags: 'REUSE'
 galera::status_host: 'localhost'
 galera::status_log_on_success: ''
@@ -69,6 +70,7 @@ galera::status_system_user_config:
   home: '/var/empty'
   shell: '/bin/false'
 galera::status_user: 'clustercheck'
+galera::status_systemd_service_name: 'mysqlchk'
 galera::status_xinetd_service_name: 'mysqlchk'
 galera::validate::action: 'select count(1);'
 galera::validate::catch: 'ERROR'

manifests/init.pp

@@ -183,6 +183,10 @@
 #   Specifies whether to configure a user and script that will check the status
 #   of the galera cluster. Default: `true`
 #
+# @param status_check_type
+#   Specifies the type of service to use for status checks. Supported values
+#   are either `systemd` or `xinetd`, depending on the operating system.
+#
 # @param status_cps
 #   Rate limit config for the xinetd status service.
 #
@@ -232,12 +236,15 @@
 # @param status_system_user_config
 #   The config for the operating system user.
 #
+# @param status_systemd_service_name
+#   The name of the systemd status service.
+#
 # @param status_user
 #   Specifies the name of the user to use for status checks.
 #   Default: `clustercheck`
 #
 # @param status_xinetd_service_name
-#   The name of the xinetd service.
+#   The name of the xinetd status service.
 #
 # @param validate_connection
 #   Specifies whether the module should ensure that the cluster can accept
@@ -307,6 +314,7 @@
   Integer $status_available_when_donor,
   Integer $status_available_when_readonly,
   Boolean $status_check,
+  Enum['systemd', 'xinetd'] $status_check_type,
   Stdlib::Absolutepath $status_script,
   String $status_host,
   String $status_log_on_success_operator,
@@ -315,6 +323,7 @@
   String $status_system_group,
   String $status_system_user,
   Hash $status_system_user_config,
+  String $status_systemd_service_name,
   String $status_user,
   String $status_xinetd_service_name,
   Boolean $validate_connection,

manifests/status.pp

@@ -51,33 +51,75 @@
     mode    => '0500',
   }
 
-  xinetd::service { $galera::status_xinetd_service_name:
-    cps                     => $galera::status_cps,
-    flags                   => $galera::status_flags,
-    instances               => $galera::status_instances,
-    log_on_failure          => $galera::status_log_on_failure,
-    log_on_failure_operator => $galera::status_log_on_failure_operator,
-    log_on_success          => $galera::status_log_on_success,
-    log_on_success_operator => $galera::status_log_on_success_operator,
-    log_type                => $galera::status_log_type,
-    port                    => $galera::status_port,
-    server                  => $galera::status_script,
-    service_type            => $galera::status_service_type,
-    user                    => $galera::status_system_user,
-    require                 => [
-      File[$galera::status_script],
-      User[$galera::status_system_user]
-    ],
-  }
+  case $galera::status_check_type {
+    'xinetd': {
+      xinetd::service { $galera::status_xinetd_service_name:
+        cps                     => $galera::status_cps,
+        flags                   => $galera::status_flags,
+        instances               => $galera::status_instances,
+        log_on_failure          => $galera::status_log_on_failure,
+        log_on_failure_operator => $galera::status_log_on_failure_operator,
+        log_on_success          => $galera::status_log_on_success,
+        log_on_success_operator => $galera::status_log_on_success_operator,
+        log_type                => $galera::status_log_type,
+        port                    => $galera::status_port,
+        server                  => $galera::status_script,
+        service_type            => $galera::status_service_type,
+        user                    => $galera::status_system_user,
+        require                 => [
+          File[$galera::status_script],
+          User[$galera::status_system_user]
+        ],
+      }
 
-  # Postpone the xinetd stuff. This is necessary in order to avoid package
-  # conflicts. On some platforms xinetd depends on MySQL libs. If installed
-  # too early it will install the wrong MySQL libs. This may cause the
-  # installation of the Galera packages to fail.
-  # This has been first observed on Debian 9 with Codership Galera 5.7 where
-  # the package installation just ended with a conflict instead of replacing
-  # the wrong MySQL libs. The root cause is likely a packaging bug in the
-  # Codership distribution, since this issue could not be reproduced for
-  # Percona.
-  Exec<| title == 'bootstrap_galera_cluster' |> -> Class['xinetd']
+      # Postpone the xinetd stuff. This is necessary in order to avoid package
+      # conflicts. On some platforms xinetd depends on MySQL libs. If installed
+      # too early it will install the wrong MySQL libs. This may cause the
+      # installation of the Galera packages to fail.
+      # This has been first observed on Debian 9 with Codership Galera 5.7 where
+      # the package installation just ended with a conflict instead of replacing
+      # the wrong MySQL libs. The root cause is likely a packaging bug in the
+      # Codership distribution, since this issue could not be reproduced for
+      # Percona.
+      Exec<| title == 'bootstrap_galera_cluster' |> -> Class['xinetd']
+    }
+    'systemd': {
+      # Generate a socket and service (xinetd style).
+      systemd::manage_unit { "${galera::status_systemd_service_name}@.service":
+        unit_entry    => {
+          'Description' => "${galera::status_systemd_service_name} service",
+          'After'       => ['network.target', 'network-online.target'],
+          'Wants'       => ['network-online.target'],
+        },
+        service_entry => {
+          'User'          => $galera::status_system_user,
+          'Group'         => $galera::status_system_group,
+          'StandardInput' => 'socket',
+          'ExecStart'     => $galera::status_script,
+        },
+        require       => File[$galera::status_script],
+      }
+      -> systemd::manage_unit { "${galera::status_systemd_service_name}.socket":
+        enable        => true,
+        active        => true,
+        unit_entry    => {
+          'Description' => "${galera::status_systemd_service_name} socket",
+        },
+        socket_entry  => {
+          'ListenStream' => $galera::status_port,
+          'Accept'       => true,
+        },
+        install_entry => {
+          'WantedBy' => 'sockets.target',
+        },
+      }
+      # Migration path - remove xinetd service
+      file { "/etc/xinetd.d/${galera::status_xinetd_service_name}":
+        ensure => 'absent',
+      }
+    }
+    default: {
+      fail('unkown type of `galera::status_check_type` defined')
+    }
+  }
 }

manifests/validate.pp

@@ -1,6 +1,8 @@
-# @summary Validate that the cluster can accept connections at the point where
-#   the `mysql::server` resource is marked as complete.
-#   This is used because after returning success, the service is still not quite ready.
+# @summary Validate that the cluster can accept connections.
+#
+# This validation is done at the point where the `mysql::server` resource is
+# marked as complete. This is used because after returning success, the
+# service is still not quite ready.
 #
 # @api private
 #

metadata.json

@@ -32,6 +32,10 @@
       "name": "puppetlabs/yumrepo_core",
       "version_requirement": ">= 2.0.0 < 3.0.0"
     },
+    {
+      "name": "puppet/systemd",
+      "version_requirement": ">= 5.2.0 < 8.0.0"
+    },
     {
       "name": "puppet/epel",
       "version_requirement": ">= 5.0.0 < 6.0.0"
@@ -61,26 +65,30 @@
       "operatingsystem": "RedHat",
       "operatingsystemrelease": [
         "7",
-        "8"
+        "8",
+        "9"
       ]
     },
     {
       "operatingsystem": "CentOS",
       "operatingsystemrelease": [
         "7",
-        "8"
+        "8",
+        "9"
       ]
     },
     {
       "operatingsystem": "Rocky",
       "operatingsystemrelease": [
-        "8"
+        "8",
+        "9"
       ]
     },
     {
       "operatingsystem": "FreeBSD",
       "operatingsystemrelease": [
-        "13"
+        "13",
+        "14"
       ]
     }
   ],