CD2H gitForager

GoogleCloudPlatform/chef-google-sql

Name: chef-google-sql

Owner: Google Cloud Platform

Description: null

Created: 2017-06-22 19:52:27.0

Updated: 2018-05-11 00:24:44.0

Pushed: 2018-05-23 23:00:04.0

Homepage: null

Size: 103

Language: Ruby

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

Google Cloud SQL Chef Cookbook

This cookbook provides the built-in types and services for Chef to manage Google Cloud Compute resources, as native Chef types.

Requirements

Platforms

Supported Operating Systems

This cookbook was tested on the following operating systems:

RedHat 6, 7
CentOS 6, 7
Debian 7, 8
Ubuntu 12.04, 14.04, 16.04, 16.10
SLES 11-sp4, 12-sp2
openSUSE 13
Windows Server 2008 R2, 2012 R2, 2012 R2 Core, 2016 R2, 2016 R2 Core

Example

h_credential 'mycred' do
tion :serviceaccount
th ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
opes [
'https://www.googleapis.com/auth/sqlservice.admin'



_instance  "sql-test-#{ENV['sql_instance_suffix']}" do
tion :create
oject 'google.com:graphite-playground'
edential 'mycred'


_database 'webstore' do
tion :create
arset 'utf8'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'

Credentials

All Google Cloud Platform cookbooks use an unified authentication mechanism, provided by the google-gauth cookbook. Don't worry, it is automatically installed when you install this module.

Example

h_credential 'mycred' do
tion :serviceaccount
th ENV['CRED_PATH'] # e.g. '/path/to/my_account.json'
opes [
'https://www.googleapis.com/auth/sqlservice.admin'

For complete details of the authentication cookbook, visit the google-gauth cookbook documentation.

Resources

gsql_instance - Represents a Cloud SQL instance. Cloud SQL instances are SQL databases hosted in Google's cloud. The Instances resource provides methods for common configuration and management tasks.
gsql_database - Represents a SQL database inside the Cloud SQL instance, hosted in Google's cloud.
gsql_user - The Users resource represents a database user in a Cloud SQL instance.
gsql_ssl_cert - Represents an SSL certificate created for a Cloud SQL instance. To use the SSL certificate you must have the SSL Client Certificate and the associated SSL Client Key. The Client Key can be downloaded only when the SSL certificate is created with the insert method.
gsql_flag - Represents a flag that can be configured for a Cloud SQL instance.
gsql_tier - The Tiers resource represents a service configuration that can be used to define a Cloud SQL instance. Each tier has an associated RAM, maximum storage, and list of regions in which the tier can be used. Available tiers vary depending on whether you use PostgreSQL, MySQL Second Generation, or MySQL First Generation instances.

gsql_instance

Represents a Cloud SQL instance. Cloud SQL instances are SQL databases hosted in Google's cloud. The Instances resource provides methods for common configuration and management tasks.

Example

_instance "sql-test-#{ENV['sql_instance_suffix']}" do
tion :create
tabase_version 'MYSQL_5_7'
ttings({
tier: 'db-n1-standard-1',
ip_configuration:  {
  authorized_networks: [
    # The ACL below is for example only. (do NOT use in production as-is)
    {
      name: 'google dns server',
      value: '8.8.8.8/32'
    }
  ]
}

gion 'us-central1'
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_instance 'id-for-resource' do
ckend_type          'FIRST_GEN', 'SECOND_GEN' or 'EXTERNAL'
nnection_name       string
tabase_version      'MYSQL_5_5', 'MYSQL_5_6', 'MYSQL_5_7' or 'POSTGRES_9_6'
ilover_replica      {
available boolean,
name      string,

stance_type         'CLOUD_SQL_INSTANCE', 'ON_PREMISES_INSTANCE' or 'READ_REPLICA_INSTANCE'
_addresses          [
{
  ip_address     string,
  time_to_retire time,
  type           'PRIMARY' or 'OUTGOING',
},
...

v6_address          string
ster_instance_name  string
x_disk_size         integer
me                  string
gion                string
plica_configuration {
failover_target               boolean,
mysql_replica_configuration   {
  ca_certificate            string,
  client_certificate        string,
  client_key                string,
  connect_retry_interval    integer,
  dump_file_path            string,
  master_heartbeat_period   integer,
  password                  string,
  ssl_cipher                string,
  username                  string,
  verify_server_certificate boolean,
},
replica_names                 [
  string,
  ...
],
service_account_email_address string,

ttings              {
ip_configuration {
  authorized_networks [
    {
      expiration_time time,
      name            string,
      value           string,
    },
    ...
  ],
  ipv4_enabled        boolean,
  require_ssl         boolean,
},
tier             string,

oject               string
edential            reference to gauth_credential

Actions

create - Converges the gsql_instance resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_instance resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

backend_type -
FIRST_GEN: First Generation instance. MySQL only.
SECOND_GEN: Second Generation instance or PostgreSQL instance.
EXTERNAL: A database server that is not managed by Google.
connection_name - Connection name of the Cloud SQL instance used in connection strings.
database_version - The database engine type and version. For First Generation instances, can be MYSQL_5_5, or MYSQL_5_6. For Second Generation instances, can be MYSQL_5_6 or MYSQL_5_7. Defaults to MYSQL_5_6. PostgreSQL instances: POSTGRES_9_6 The databaseVersion property can not be changed after instance creation.
failover_replica - The name and status of the failover replica. This property is applicable only to Second Generation instances.
failover_replica/available Output only. The availability status of the failover replica. A false status indicates that the failover replica is out of sync. The master can only failover to the falover replica when the status is true.
failover_replica/name The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID. This property is applicable only to Second Generation instances.
instance_type - The instance type. This can be one of the following.
CLOUD_SQL_INSTANCE: A Cloud SQL instance that is not replicating from a master.
ON_PREMISES_INSTANCE: An instance running on the customer's premises.
READ_REPLICA_INSTANCE: A Cloud SQL instance configured as a read-replica.
ip_addresses - Output only. The assigned IP addresses for the instance.
ip_addresses[]/ip_address The IP address assigned.
ip_addresses[]/time_to_retire The due time for this IP to be retired in RFC 3339 format, for example 2012-11-15T16:19:00.094Z. This field is only available when the IP is scheduled to be retired.
ip_addresses[]/type The type of this IP address. A PRIMARY address is an address that can accept incoming connections. An OUTGOING address is the source address of connections originating from the instance, if supported.
ipv6_address - The IPv6 address assigned to the instance. This property is applicable only to First Generation instances.
master_instance_name - The name of the instance which will act as master in the replication setup.
max_disk_size - The maximum disk size of the instance in bytes.
name - Required. Name of the Cloud SQL instance. This does not include the project ID.
region - The geographical region. Defaults to us-central or us-central1 depending on the instance type (First Generation or Second Generation/PostgreSQL).
replica_configuration - Configuration specific to failover replicas and read replicas.
replica_configuration/failover_target Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. In case the master instance fails, the replica instance will be promoted as the new master instance. Only one replica can be specified as failover target, and the replica has to be in different zone with the master instance.
replica_configuration/mysql_replica_configuration MySQL specific configuration when replicating from a MySQL on-premises master. Replication configuration information such as the username, password, certificates, and keys are not stored in the instance metadata. The configuration information is used only to set up the replication connection and is stored by MySQL in a file named master.info in the data directory.
replica_configuration/mysql_replica_configuration/ca_certificate PEM representation of the trusted CA's x509 certificate.
replica_configuration/mysql_replica_configuration/client_certificate PEM representation of the slave's x509 certificate
replica_configuration/mysql_replica_configuration/client_key PEM representation of the slave's private key. The corresponsing public key is encoded in the client's asf asd certificate.
replica_configuration/mysql_replica_configuration/connect_retry_interval Seconds to wait between connect retries. MySQL's default is 60 seconds.
replica_configuration/mysql_replica_configuration/dump_file_path Path to a SQL dump file in Google Cloud Storage from which the slave instance is to be created. The URI is in the form gs://bucketName/fileName. Compressed gzip files (.gz) are also supported. Dumps should have the binlog co-ordinates from which replication should begin. This can be accomplished by setting –master-data to 1 when using mysqldump.
replica_configuration/mysql_replica_configuration/master_heartbeat_period Interval in milliseconds between replication heartbeats.
replica_configuration/mysql_replica_configuration/password The password for the replication connection.
replica_configuration/mysql_replica_configuration/ssl_cipher A list of permissible ciphers to use for SSL encryption.
replica_configuration/mysql_replica_configuration/username The username for the replication connection.
replica_configuration/mysql_replica_configuration/verify_server_certificate Whether or not to check the master's Common Name value in the certificate that it sends during the SSL handshake.
replica_configuration/replica_names The replicas of the instance.
replica_configuration/service_account_email_address The service account email address assigned to the instance. This property is applicable only to Second Generation instances.
settings - The user settings.
settings/ip_configuration The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
settings/ip_configuration/ipv4_enabled Whether the instance should be assigned an IP address or not.
settings/ip_configuration/authorized_networks The list of external networks that are allowed to connect to the instance using the IP. In CIDR notation, also known as 'slash' notation (e.g. 192.168.100.0/24).
settings/ip_configuration/authorized_networks[]/expiration_time The time when this access control entry expires in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.
settings/ip_configuration/authorized_networks[]/name An optional label to identify this entry.
settings/ip_configuration/authorized_networks[]/value The whitelisted value for the access control list. For example, to grant access to a client from an external IP (IPv4 or IPv6) address or subnet, use that address or subnet here.
settings/ip_configuration/require_ssl Whether the mysqld should default to 'REQUIRE X509' for users connecting over IP.
settings/tier The tier or machine type for this instance, for example db-n1-standard-1. For MySQL instances, this field determines whether the instance is Second Generation (recommended) or First Generation.

Label

Set the i_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

gsql_database

Represents a SQL database inside the Cloud SQL instance, hosted in Google's cloud.

Example

p: Remember to define gsql_instance to match the 'instance' property.
_database 'webstore' do
tion :create
arset 'utf8'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_database 'id-for-resource' do
arset    string
llation  string
stance   reference to gsql_instance
me       string
oject    string
edential reference to gauth_credential

Actions

create - Converges the gsql_database resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_database resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

charset - The MySQL charset value.
collation - The MySQL collation value.
name - The name of the database in the Cloud SQL instance. This does not include the project ID or instance name.
instance - Required. A reference to Instance resource

Label

Set the d_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

gsql_user

The Users resource represents a database user in a Cloud SQL instance.

Example

p: Remember to define gsql_instance to match the 'instance' property.
_user 'john.doe' do
tion :create
ssword 'secret-password'
st '10.1.2.3'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_user 'id-for-resource' do
st       string
stance   reference to gsql_instance
me       string
ssword   string
oject    string
edential reference to gauth_credential

Actions

create - Converges the gsql_user resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_user resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

host - Required. The host name from which the user can connect. For insert operations, host defaults to an empty string. For update operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
name - Required. The name of the user in the Cloud SQL instance.
instance - Required. A reference to Instance resource
password - The password for the user.

Label

Set the u_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

gsql_ssl_cert

Represents an SSL certificate created for a Cloud SQL instance. To use the SSL certificate you must have the SSL Client Certificate and the associated SSL Client Key. The Client Key can be downloaded only when the SSL certificate is created with the insert method.

Example

p: Remember to define gsql_instance to match the 'instance' property.
_ssl_cert 'server-certificate' do
rt_serial_number '729335786'
mmon_name 'CN=www.mydb.com,O=Acme'
a1_fingerprint '8fc295bf77a002db5182e04d92c48258cbc1117a'
stance "sql-test-#{ENV['sql_instance_suffix']}"
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_ssl_cert 'id-for-resource' do
rt               string
rt_serial_number string
mmon_name        string
eate_time        time
piration_time    time
stance           reference to gsql_instance
a1_fingerprint   string
oject            string
edential         reference to gauth_credential

Actions

create - Converges the gsql_ssl_cert resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_ssl_cert resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

cert - PEM representation of the X.509 certificate.
cert_serial_number - Serial number, as extracted from the certificate.
common_name - User supplied name. Constrained to [a-zA-Z.-_ ]+.
create_time - The time when the certificate was created in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.
expiration_time - The time when the certificate expires in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.
instance - Required. A reference to Instance resource
sha1_fingerprint - Required. The SHA-1 of the certificate.

Label

Set the sc_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

gsql_flag

Represents a flag that can be configured for a Cloud SQL instance.

Example

_flag 'group_concat_max_len' do
n_value 4
x_value 4294967295
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_flag 'id-for-resource' do
lowed_string_values [
string,
...

plies_to            [
string,
...

x_value             integer
n_value             integer
me                  string
quires_restart      boolean
pe                  string
oject               string
edential            reference to gauth_credential

Actions

create - Converges the gsql_flag resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_flag resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

allowed_string_values - Output only. For STRING flags, List of strings that the value can be set to.
applies_to - Output only. The database versions this flag is supported for.
max_value - Output only. For INTEGER flags, the maximum allowed value.
min_value - Output only. For INTEGER flags, the minimum allowed value.
name - This is the name of the flag. Flag names always use underscores, not hyphens, e.g. max_allowed_packet
requires_restart - Output only. Indicates whether changing this flag will trigger a database restart. Only applicable to Second Generation instances.
type - Output only. The type of the flag. Flags are typed to being BOOLEAN, STRING, INTEGER or NONE. NONE is used for flags which do not take a value, such as skip_grant_tables.

Label

Set the f_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

gsql_tier

The Tiers resource represents a service configuration that can be used to define a Cloud SQL instance. Each tier has an associated RAM, maximum storage, and list of regions in which the tier can be used. Available tiers vary depending on whether you use PostgreSQL, MySQL Second Generation, or MySQL First Generation instances.

Example

_tier 'D0' do
m 134217728 # we'll confirm that tier has enough RAM for us
oject 'google.com:graphite-playground'
edential 'mycred'

Reference

_tier 'id-for-resource' do
sk_quota integer
m        integer
gion     [
string,
...

er       string
oject    string
edential reference to gauth_credential

Actions

create - Converges the gsql_tier resource into the final state described within the block. If the resource does not exist, Chef will attempt to create it.
delete - Ensures the gsql_tier resource is not present. If the resource already exists Chef will attempt to delete it.

Properties

disk_quota - Output only. The maximum disk size of this tier in bytes.
ram - Output only. The maximum RAM usage of this tier in bytes.
region - Output only. The applicable regions for this tier.
tier - Required. An identifier for the service tier or machine type, for example, db-n1-standard-1. For related information.

Label

Set the t_label property when attempting to set primary key of this object. The primary key will always be referred to by the initials of the resource followed by “_label”

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.