Switch mysql-proxy to simpleproxy

Mysql-proxy turns out too unreliable and unstable for use in
production. The packaged version on Ubuntu suffers from a critical DOS
by using telnet. This patch switches from mysql-proxy to simpleproxy,
which is just a tcp proxy to forward incoming port 3306 connections to
the subunit2sql db.

@ -17,24 +17,21 @@
class mysql_proxy { class mysql_proxy {
package { 'mysql-proxy': package { 'mysql-proxy':
ensure => present, ensure => absent,
} }
file { '/etc/mysql-proxy': file { '/etc/mysql-proxy':
ensure => directory, ensure => absent,
owner => 'root', recurse => true,
group => 'root', force => true,
mode => '0644',
require => Package['mysql-proxy'],
} }
file { '/etc/default/mysql-proxy': file { '/etc/default/mysql-proxy':
owner => 'root', ensure => absent,
group => 'root', }
mode => '0644',
source => 'puppet:///modules/mysql_proxy/mysql-proxy', package { 'simpleproxy':
require => Package['mysql-proxy'], ensure => latest,
} }
} }

@ -17,25 +17,24 @@
class mysql_proxy::server ( class mysql_proxy::server (
$db_host, $db_host,
$db_port='3306', $db_port='3306',
$lua_script = '/usr/share/mysql-proxy/rw-splitting.lua',
$admin_username = 'admin',
) { ) {
file { '/etc/mysql-proxy/mysql-proxy.conf': file { '/etc/mysql-proxy/mysql-proxy.conf':
ensure => file, ensure => absent,
owner => 'root',
group => 'root',
mode => '0600',
content => template("mysql_proxy/mysql-proxy.conf.erb"),
require => File['/etc/mysql-proxy']
} }
service{ 'mysql-proxy': file { "/etc/init.d/simpleproxy-mysql":
ensure => running, ensure => present,
subscribe => [ owner => 'root',
Package['mysql-proxy'], group => 'root',
File['/etc/mysql-proxy/mysql-proxy.conf'], mode => '0555',
], content => template('mysql_proxy/simpleproxy-mysql.init.erb'),
require => Package['simpleproxy']
service{ 'simpleproxy-mysql':
enable => true,
hasrestart => true,
require => File["/etc/init.d/simpleproxy-mysql"],
} }
} }

@ -1,8 +0,0 @@
log-file = /var/log/mysql-proxy.log
log-level = message
proxy-read-only-backend-addresses = <%= @db_host %>:<%= @db_port %>
proxy-lua-script = <%= @lua_script %>
admin-username = <%= @admin_username %>
admin-password = <%= @admin_pass %>
admin-lua-script = /usr/share/mysql-proxy/admin.lua

@ -0,0 +1,158 @@
#! /bin/sh
# Provides: simpleproxy-mysql
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Simpleproxy for MySQL
# Description: TCP proxy to forward incoming MySQL connections
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
DESC="Simpleproxy for MySQL"
DAEMON_ARGS="-L<%= @db_port %> -R <%= @db_host %>:<%= @db_port %> -d"
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# Function that starts the daemon/service
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
mkdir -p /var/run/$NAME
chown $USER /var/run/$NAME
start-stop-daemon --start --quiet -c $USER --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet -c $USER --exec $DAEMON -- \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
# Function that stops the daemon/service
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --signal 9
[ "$RETVAL" = 2 ] && return 2
rm -f /var/run/$NAME/*
return "$RETVAL"
# Function that stops the daemon/service
# PID=`cat $PIDFILE`
# kill -USR1 $PID
# # wait until really stopped
# if [ -n "${PID:-}" ]; then
# i=0
# while kill -0 "${PID:-}" 2> /dev/null; do
# if [ $i -eq '0' ]; then
# echo -n " ... waiting "
# else
# echo -n "."
# fi
# i=$(($i+1))
# sleep 1
# done
# fi
# rm -f /var/run/$NAME/*
# Function that sends a SIGHUP to the daemon/service
#do_reload() {
# #
# # If the daemon can reload its configuration without
# # restarting (for example, when it is sent a SIGHUP),
# # then implement that here.
# #
# start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name zuul- server
# return 0
case "$1" in
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
# reload)
# #
# # If do_reload() is not implemented then leave this commented out
# # and leave 'force-reload' as an alias for 'restart'.
# #
# log_daemon_msg "Reloading $DESC" "$NAME"
# do_reload
# log_end_msg $?
# ;;
# If the "reload" option is implemented then remove the
# 'force-reload' alias
log_daemon_msg "Restarting $DESC" "$NAME"
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3