Page MenuHomePhabricator

Puppet resource for creating a postgresql database
Open, HighPublic

Description

There are puppet roles for setting up a postgresql server and adding users, but none for creating a database. (There is postgresql::spatialdb but that seems something very specialized.)

Related Objects

StatusAssignedTask
OpenTgr
ResolvedTgr
ResolvedGilles
Resolvedgreg
OpenNone
StalledTgr
OpenNone
OpenNone
OpenTgr
OpenTgr
ResolvedTgr
Resolvedcsteipp
ResolvedTgr
DeclinedTgr
DeclinedTgr
StalledTgr
ResolvedTgr
StalledTgr
ResolvedTgr
ResolvedTgr
ResolvedTgr
ResolvedAklapper
ResolvedTgr
ResolvedTgr
StalledTgr
DeclinedNone
ResolvedTgr
OpenNone

Event Timeline

Tgr created this task.Apr 14 2015, 5:41 PM
Tgr updated the task description. (Show Details)
Tgr raised the priority of this task from to Needs Triage.
Tgr added a project: Puppet.
Tgr added a subscriber: Tgr.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 14 2015, 5:41 PM

That's because we don't really need one. the postgresql::spatialdb is there more in order to make the database spatially enabled and less to create a database. We don't have puppet roles for creating databases in mysql/mariadb either. DBAs get to create the database manually as managing databases via puppet turns out to be a mess.

That being said, we usually keep the grants (at least for MySQL/MariaDB and we started doing it with Postgres) in an SQL script. For example: https://phabricator.wikimedia.org/diffusion/OPUP/browse/production/templates/maps/grants.sql.erb

akosiaris triaged this task as High priority.Aug 26 2015, 6:07 PM
akosiaris set Security to None.
Tgr added a comment.Aug 26 2015, 7:07 PM

Ideally, you should be able to tick a checkbox when provisioning a Labs instance and get a running application by the time the puppet run ends. It's reasonable to have more complex installation steps for a production service but for Labs things should just work.
(I don't know whether a puppet role is the right way to do that. If a simple exec rule running an SQL script is the preferred solution, feel free to close this.)

Well, that's a worthy goal, but having to execute a command wouldn't exactly destroy it. In any case, it can be made conditional in a variety of ways. The sanest is probably a flag looked up by hiera, defaulting to false and overriden to true in labs. I am not sure what exactly you refer to with a puppet role I 'll try and find time (or someone) to review.

Tgr added a comment.Aug 27 2015, 6:15 PM

I think a role is nicer than a command in that I don't have to google up pgsql syntax and figure out exactly what to put in the unless parameter, but I don't have strong feelings about it. (By puppet role I meant puppet resource type, sorry for the confusion.) I am leaving a note for myself on the patch to add a flag.