Name: chef-google-sql
Owner: Google Cloud Platform
Description: null
Created: 2017-06-22 19:52:27.0
Updated: 2018-05-11 00:24:44.0
Pushed: 2018-05-23 23:00:04.0
Homepage: null
Size: 103
Language: Ruby
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This cookbook provides the built-in types and services for Chef to manage Google Cloud Compute resources, as native Chef types.
This cookbook was tested on the following operating systems:
h_credential 'mycred' do
tion :serviceaccount
th ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
opes [
'https://www.googleapis.com/auth/sqlservice.admin'
_instance "sql-test-#{ENV['sql_instance_suffix']}" do
tion :create
oject 'google.com:graphite-playground'
edential 'mycred'
_database 'webstore' do
tion :create
arset 'utf8'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'
All Google Cloud Platform cookbooks use an unified authentication mechanism,
provided by the google-gauth
cookbook. Don't worry, it is automatically
installed when you install this module.
h_credential 'mycred' do
tion :serviceaccount
th ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
opes [
'https://www.googleapis.com/auth/sqlservice.admin'
For complete details of the authentication cookbook, visit the google-gauth cookbook documentation.
gsql_instance
-
Represents a Cloud SQL instance. Cloud SQL instances are SQL databases
hosted in Google's cloud. The Instances resource provides methods for
common configuration and management tasks.gsql_database
-
Represents a SQL database inside the Cloud SQL instance, hosted in
Google's cloud.gsql_user
-
The Users resource represents a database user in a Cloud SQL instance.gsql_ssl_cert
-
Represents an SSL certificate created for a Cloud SQL instance. To use
the
SSL certificate you must have the SSL Client Certificate and the
associated SSL Client Key. The Client Key can be downloaded only when
the
SSL certificate is created with the insert method.gsql_flag
-
Represents a flag that can be configured for a Cloud SQL instance.gsql_tier
-
The Tiers resource represents a service configuration that can be used
to
define a Cloud SQL instance. Each tier has an associated RAM, maximum
storage, and list of regions in which the tier can be used. Available
tiers vary depending on whether you use PostgreSQL, MySQL Second
Generation, or MySQL First Generation instances.Represents a Cloud SQL instance. Cloud SQL instances are SQL databases hosted in Google's cloud. The Instances resource provides methods for common configuration and management tasks.
_instance "sql-test-#{ENV['sql_instance_suffix']}" do
tion :create
tabase_version 'MYSQL_5_7'
ttings({
tier: 'db-n1-standard-1',
ip_configuration: {
authorized_networks: [
# The ACL below is for example only. (do NOT use in production as-is)
{
name: 'google dns server',
value: '8.8.8.8/32'
}
]
}
gion 'us-central1'
oject 'google.com:graphite-playground'
edential 'mycred'
_instance 'id-for-resource' do
ckend_type 'FIRST_GEN', 'SECOND_GEN' or 'EXTERNAL'
nnection_name string
tabase_version 'MYSQL_5_5', 'MYSQL_5_6', 'MYSQL_5_7' or 'POSTGRES_9_6'
ilover_replica {
available boolean,
name string,
stance_type 'CLOUD_SQL_INSTANCE', 'ON_PREMISES_INSTANCE' or 'READ_REPLICA_INSTANCE'
_addresses [
{
ip_address string,
time_to_retire time,
type 'PRIMARY' or 'OUTGOING',
},
...
v6_address string
ster_instance_name string
x_disk_size integer
me string
gion string
plica_configuration {
failover_target boolean,
mysql_replica_configuration {
ca_certificate string,
client_certificate string,
client_key string,
connect_retry_interval integer,
dump_file_path string,
master_heartbeat_period integer,
password string,
ssl_cipher string,
username string,
verify_server_certificate boolean,
},
replica_names [
string,
...
],
service_account_email_address string,
ttings {
ip_configuration {
authorized_networks [
{
expiration_time time,
name string,
value string,
},
...
],
ipv4_enabled boolean,
require_ssl boolean,
},
tier string,
oject string
edential reference to gauth_credential
create
-
Converges the gsql_instance
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_instance
resource is not present.
If the resource already exists Chef will attempt to delete it.backend_type
-
FIRST_GEN: First Generation instance. MySQL only.
SECOND_GEN: Second Generation instance or PostgreSQL instance.
EXTERNAL: A database server that is not managed by Google.
connection_name
-
Connection name of the Cloud SQL instance used in connection strings.
database_version
-
The database engine type and version. For First Generation instances,
can be MYSQL_5_5, or MYSQL_5_6. For Second Generation instances, can
be MYSQL_5_6 or MYSQL_5_7. Defaults to MYSQL_5_6.
PostgreSQL instances: POSTGRES_9_6
The databaseVersion property can not be changed after instance
creation.
failover_replica
-
The name and status of the failover replica. This property is
applicable only to Second Generation instances.
failover_replica/available
Output only. The availability status of the failover replica. A false status
indicates that the failover replica is out of sync. The master
can only failover to the falover replica when the status is true.
failover_replica/name
The name of the failover replica. If specified at instance
creation, a failover replica is created for the instance. The name
doesn't include the project ID. This property is applicable only
to Second Generation instances.
instance_type
-
The instance type. This can be one of the following.
CLOUD_SQL_INSTANCE: A Cloud SQL instance that is not replicating from a master.
ON_PREMISES_INSTANCE: An instance running on the customer's premises.
READ_REPLICA_INSTANCE: A Cloud SQL instance configured as a read-replica.
ip_addresses
-
Output only. The assigned IP addresses for the instance.
ip_addresses[]/ip_address
The IP address assigned.
ip_addresses[]/time_to_retire
The due time for this IP to be retired in RFC 3339 format, for
example 2012-11-15T16:19:00.094Z. This field is only available
when the IP is scheduled to be retired.
ip_addresses[]/type
The type of this IP address. A PRIMARY address is an address
that can accept incoming connections. An OUTGOING address is the
source address of connections originating from the instance, if
supported.
ipv6_address
-
The IPv6 address assigned to the instance. This property is applicable
only to First Generation instances.
master_instance_name
-
The name of the instance which will act as master in the replication
setup.
max_disk_size
-
The maximum disk size of the instance in bytes.
name
-
Required. Name of the Cloud SQL instance. This does not include the project
ID.
region
-
The geographical region. Defaults to us-central or us-central1
depending on the instance type (First Generation or Second
Generation/PostgreSQL).
replica_configuration
-
Configuration specific to failover replicas and read replicas.
replica_configuration/failover_target
Specifies if the replica is the failover target. If the field is
set to true the replica will be designated as a failover replica.
In case the master instance fails, the replica instance will be
promoted as the new master instance.
Only one replica can be specified as failover target, and the
replica has to be in different zone with the master instance.
replica_configuration/mysql_replica_configuration
MySQL specific configuration when replicating from a MySQL
on-premises master. Replication configuration information such as
the username, password, certificates, and keys are not stored in
the instance metadata. The configuration information is used
only to set up the replication connection and is stored by MySQL
in a file named master.info in the data directory.
replica_configuration/mysql_replica_configuration/ca_certificate
PEM representation of the trusted CA's x509 certificate.
replica_configuration/mysql_replica_configuration/client_certificate
PEM representation of the slave's x509 certificate
replica_configuration/mysql_replica_configuration/client_key
PEM representation of the slave's private key. The
corresponsing public key is encoded in the client's asf asd
certificate.
replica_configuration/mysql_replica_configuration/connect_retry_interval
Seconds to wait between connect retries. MySQL's default is 60
seconds.
replica_configuration/mysql_replica_configuration/dump_file_path
Path to a SQL dump file in Google Cloud Storage from which the
slave instance is to be created. The URI is in the form
gs://bucketName/fileName. Compressed gzip files (.gz) are
also supported. Dumps should have the binlog co-ordinates from
which replication should begin. This can be accomplished by
setting –master-data to 1 when using mysqldump.
replica_configuration/mysql_replica_configuration/master_heartbeat_period
Interval in milliseconds between replication heartbeats.
replica_configuration/mysql_replica_configuration/password
The password for the replication connection.
replica_configuration/mysql_replica_configuration/ssl_cipher
A list of permissible ciphers to use for SSL encryption.
replica_configuration/mysql_replica_configuration/username
The username for the replication connection.
replica_configuration/mysql_replica_configuration/verify_server_certificate
Whether or not to check the master's Common Name value in the
certificate that it sends during the SSL handshake.
replica_configuration/replica_names
The replicas of the instance.
replica_configuration/service_account_email_address
The service account email address assigned to the instance. This
property is applicable only to Second Generation instances.
settings
-
The user settings.
settings/ip_configuration
The settings for IP Management. This allows to enable or disable
the instance IP and manage which external networks can connect to
the instance. The IPv4 address cannot be disabled for Second
Generation instances.
settings/ip_configuration/ipv4_enabled
Whether the instance should be assigned an IP address or not.
settings/ip_configuration/authorized_networks
The list of external networks that are allowed to connect to
the instance using the IP. In CIDR notation, also known as
'slash' notation (e.g. 192.168.100.0/24).
settings/ip_configuration/authorized_networks[]/expiration_time
The time when this access control entry expires in RFC
3339 format, for example 2012-11-15T16:19:00.094Z.
settings/ip_configuration/authorized_networks[]/name
An optional label to identify this entry.
settings/ip_configuration/authorized_networks[]/value
The whitelisted value for the access control list. For
example, to grant access to a client from an external IP
(IPv4 or IPv6) address or subnet, use that address or
subnet here.
settings/ip_configuration/require_ssl
Whether the mysqld should default to 'REQUIRE X509' for
users connecting over IP.
settings/tier
The tier or machine type for this instance, for
example db-n1-standard-1. For MySQL instances, this field
determines whether the instance is Second Generation (recommended)
or First Generation.
Set the i_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”
Represents a SQL database inside the Cloud SQL instance, hosted in Google's cloud.
p: Remember to define gsql_instance to match the 'instance' property.
_database 'webstore' do
tion :create
arset 'utf8'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'
_database 'id-for-resource' do
arset string
llation string
stance reference to gsql_instance
me string
oject string
edential reference to gauth_credential
create
-
Converges the gsql_database
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_database
resource is not present.
If the resource already exists Chef will attempt to delete it.charset
-
The MySQL charset value.
collation
-
The MySQL collation value.
name
-
The name of the database in the Cloud SQL instance.
This does not include the project ID or instance name.
instance
-
Required. A reference to Instance resource
Set the d_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”
The Users resource represents a database user in a Cloud SQL instance.
p: Remember to define gsql_instance to match the 'instance' property.
_user 'john.doe' do
tion :create
ssword 'secret-password'
st '10.1.2.3'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'
_user 'id-for-resource' do
st string
stance reference to gsql_instance
me string
ssword string
oject string
edential reference to gauth_credential
create
-
Converges the gsql_user
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_user
resource is not present.
If the resource already exists Chef will attempt to delete it.host
-
Required. The host name from which the user can connect. For insert
operations,
host defaults to an empty string. For update operations, host is
specified as part of the request URL. The host name cannot be updated
after insertion.
name
-
Required. The name of the user in the Cloud SQL instance.
instance
-
Required. A reference to Instance resource
password
-
The password for the user.
Set the u_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”
Represents an SSL certificate created for a Cloud SQL instance. To use the SSL certificate you must have the SSL Client Certificate and the associated SSL Client Key. The Client Key can be downloaded only when the SSL certificate is created with the insert method.
p: Remember to define gsql_instance to match the 'instance' property.
_ssl_cert 'server-certificate' do
rt_serial_number '729335786'
mmon_name 'CN=www.mydb.com,O=Acme'
a1_fingerprint '8fc295bf77a002db5182e04d92c48258cbc1117a'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'
_ssl_cert 'id-for-resource' do
rt string
rt_serial_number string
mmon_name string
eate_time time
piration_time time
stance reference to gsql_instance
a1_fingerprint string
oject string
edential reference to gauth_credential
create
-
Converges the gsql_ssl_cert
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_ssl_cert
resource is not present.
If the resource already exists Chef will attempt to delete it.cert
-
PEM representation of the X.509 certificate.
cert_serial_number
-
Serial number, as extracted from the certificate.
common_name
-
User supplied name. Constrained to [a-zA-Z.-_ ]+.
create_time
-
The time when the certificate was created in RFC 3339 format, for
example 2012-11-15T16:19:00.094Z.
expiration_time
-
The time when the certificate expires in RFC 3339 format, for example
2012-11-15T16:19:00.094Z.
instance
-
Required. A reference to Instance resource
sha1_fingerprint
-
Required. The SHA-1 of the certificate.
Set the sc_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”
Represents a flag that can be configured for a Cloud SQL instance.
_flag 'group_concat_max_len' do
n_value 4
x_value 4294967295
oject 'google.com:graphite-playground'
edential 'mycred'
_flag 'id-for-resource' do
lowed_string_values [
string,
...
plies_to [
string,
...
x_value integer
n_value integer
me string
quires_restart boolean
pe string
oject string
edential reference to gauth_credential
create
-
Converges the gsql_flag
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_flag
resource is not present.
If the resource already exists Chef will attempt to delete it.allowed_string_values
-
Output only. For STRING flags, List of strings that the value can be set
to.
applies_to
-
Output only. The database versions this flag is supported for.
max_value
-
Output only. For INTEGER flags, the maximum allowed value.
min_value
-
Output only. For INTEGER flags, the minimum allowed value.
name
-
This is the name of the flag. Flag names always use underscores, not
hyphens, e.g. max_allowed_packet
requires_restart
-
Output only. Indicates whether changing this flag will trigger a database
restart.
Only applicable to Second Generation instances.
type
-
Output only. The type of the flag. Flags are typed to being BOOLEAN,
STRING,
INTEGER or NONE. NONE is used for flags which do not take a value,
such as skip_grant_tables.
Set the f_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”
The Tiers resource represents a service configuration that can be used to define a Cloud SQL instance. Each tier has an associated RAM, maximum storage, and list of regions in which the tier can be used. Available tiers vary depending on whether you use PostgreSQL, MySQL Second Generation, or MySQL First Generation instances.
_tier 'D0' do
m 134217728 # we'll confirm that tier has enough RAM for us
oject 'google.com:graphite-playground'
edential 'mycred'
_tier 'id-for-resource' do
sk_quota integer
m integer
gion [
string,
...
er string
oject string
edential reference to gauth_credential
create
-
Converges the gsql_tier
resource into the final
state described within the block. If the resource does not exist, Chef will
attempt to create it.delete
-
Ensures the gsql_tier
resource is not present.
If the resource already exists Chef will attempt to delete it.disk_quota
-
Output only. The maximum disk size of this tier in bytes.
ram
-
Output only. The maximum RAM usage of this tier in bytes.
region
-
Output only. The applicable regions for this tier.
tier
-
Required. An identifier for the service tier or machine type, for example,
db-n1-standard-1. For related information.
Set the t_label
property when attempting to set primary key
of this object. The primary key will always be referred to by the initials of
the resource followed by “_label”