Skip to content

Commit

Permalink
Merge pull request #5 from virtualdesktopdevops/dev
Browse files Browse the repository at this point in the history
Release v2.0.0-PuppetForge
  • Loading branch information
matt6697 authored Mar 5, 2018
2 parents e3ad520 + 401a154 commit 18bca74
Show file tree
Hide file tree
Showing 16 changed files with 236 additions and 256 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
pkg/
5 changes: 5 additions & 0 deletions .pmtignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
pkg/
tests/
assets/
_config.yml
.fixtures.yml
15 changes: 15 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Changelog - sqlserveralwayson #

## Version 2.0.0
- **BREAKING CHANGE** : Require puppetlabs/dsc compiled with SQLServerDSC >= 10.0.0.0
- **BREAKING CHANGE** : Changed $sqlservicecredential_username and $sqlagentservicecredential_username format. User accounts now required **WITHOUT** Netbios Domain Name prefix.
- **BREAKING CHANGE** : Removed $domainName class parameter. Used facts instead.
- **BREAKING CHANGE** : Removed $domainNetbiosName class parameter. Used custom fact instead.
- Changed database availability mode to SynchronousCommit


## Version 1.1.0
- Module compatible with xSQLServer <= 9.0.0.0

## Version 1.0.0
- Initial release
25 changes: 12 additions & 13 deletions README.markdown
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# sqlserveralwayson #

This modules install a fully working SQL Server AlwaysOn cluster. It has been designed to install both primary replica nodes with the following features :
This modules installs a fully working Microsoft SQL Server AlwaysOn cluster. It has been designed to install both primary replica nodes with the following features :
- SPN creation on sql service account (service account not yet created by this module, schedulded in next release)
- SQL server installation and initial configuration (MaxDop Firewall, Memory, Admin rights, ...)
- Failover cluster creation (primary node) or join (replica node) with File Share witness
Expand All @@ -12,17 +12,19 @@ The default MSSQLSERVER SQL Server instance is created during installation. This

The database failover mecanism integrated in this module is SQL Server AlwaysOn.

The module can be installed on a Standard, Datacenter, or Core version of Windows 2012R2 or Windows 2016.
The module can be installed on a Standard, Datacenter, Core version of Windows 2012R2 or Windows 2016.

**BREAKING CHANGE :** This module requires puppetlabs/dsc compiled with SQLServerDSC >= 10.0.0.0

## Usage
- **setup_svc_username** : (string) Privileged account used by Puppet for installing the software and creating the failover cluster (spn creation, computer registration, local administrator privilèges needed)
- **setup_svc_password** : (string) Password of the privileged account. Should be encrypted with hiera-eyaml.
- **setupdir** : (string) Path of a folder containing the SQL Server installer (unarchive the ISO image in this folder).
- **sa_password** : (string) SQL Server SA password for mixed mode SQL authentication configuration.
- **productkey** : (string)(optionnal) Product key for licensed installations.
- **sqlservicecredential_username** : (String) Service account for the SQL service
- **sqlservicecredential_username** : (String) Domain service account for the SQL service **WITHOUT** Netbios Domain Name prefix. The account will be automatically created in Active Directory by the module. MSSQLSvc/fqdn_of_sql_server_node SPN will be associated with the service account.
- **sqlservicecredential_password** : (String) : Password of the service account for the SQL service. Should be encrypted with hiera-eyaml.
- **sqlagentservicecredential_username** : (String) Service account for the SQL Agent service
- **sqlagentservicecredential_username** : (String) Domain service account for the SQL Agent service **WITHOUT** Netbios Domain Name prefix. The account will be automatically created in Active Directory by the module.
- **sqlagentservicecredential_password** : (String) Password of the service account for the SQL Agent service. Should be encrypted with hiera-eyaml.
- **sqladministratoraccounts** : (String[] Array) : Array of accounts to be made SQL administrators.
- **sqluserdbdir** : (String)(optionnal) Path for SQL database files. Default to 'C:\Program Files\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQL\Data'
Expand All @@ -35,7 +37,6 @@ The module can be installed on a Standard, Datacenter, or Core version of Window
- **fileShareWitness** : (String) Fileshare witness UNC path in the format'\\witness.company.local\witness$'. Needs to be writable by SQL nodes.
- **listenerIP** : (String) The IP address used for the availability group listener, in the format 192.168.10.45/255.255.252.0.
- **role** : (String) Needs to be 'primary' for primary SQL nodes or 'secondary' for SQL replica nodes
- **domainNetbiosName** : (String) Active Directory domain NETBIOS name


## Installing a Microsoft SQL Server AlwaysOn cluster
Expand All @@ -61,17 +62,16 @@ node 'SQL01' {
setupdir=>'\\fileserver.local\SQLServer2012.en',
sa_password=>'P@ssw0rd',
productkey => 'key-key-key',
sqlservicecredential_username => 'DOMAIN-TEST\svc-sql-puppet',
sqlservicecredential_username => 'svc-sql-puppet',
sqlservicecredential_password=>'P@ssw0rd',
sqlagentservicecredential_username => 'DOMAIN-TEST\svc-sql-puppet',
sqlagentservicecredential_username => 'svc-sql-puppet',
sqlagentservicecredential_password => 'P@ssw0rd',
sqladministratoraccounts => [ 'DOMAIN-TEST\svc-puppet', 'DOMAIN-TEST\Administrator' ],
clusterName => 'CLDB01',
clusterIP => '192.168.1.60',
fileShareWitness=> '\\192.168.1.10\quorum',
listenerIP => '192.168.1.61/255.255.255.0',
role => 'primary',
domainNetbiosName => 'DOMAIN-TEST'
role => 'primary'
}
}
Expand All @@ -83,17 +83,16 @@ node 'SQL02' {
setupdir=>'\\fileserver.local\SQLServer2012.en',
sa_password=>'P@ssw0rd',
productkey => 'key-key-key',
sqlservicecredential_username => 'DOMAIN-TEST\svc-sql-puppet',
sqlservicecredential_username => 'svc-sql-puppet',
sqlservicecredential_password=>'P@ssw0rd',
sqlagentservicecredential_username => 'DOMAIN-TEST\svc-sql-puppet',
sqlagentservicecredential_username => 'svc-sql-puppet',
sqlagentservicecredential_password => 'P@ssw0rd',
sqladministratoraccounts => [ 'DOMAIN-TEST\svc-puppet', 'DOMAIN-TEST\Administrator' ],
clusterName => 'CLDB01',
clusterIP => '192.168.1.60',
fileShareWitness=> '\\192.168.1.10\quorum',
listenerIP => '192.168.1.61/255.255.255.0',
role => 'secondary',
domainNetbiosName => 'DOMAIN-TEST'
role => 'secondary'
}
}
Expand Down
9 changes: 0 additions & 9 deletions files/checkspn.ps1

This file was deleted.

6 changes: 0 additions & 6 deletions files/setspn.ps1

This file was deleted.

15 changes: 15 additions & 0 deletions lib/facter/domainnetbiosname.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
#https://puppet.com/blog/starting-out-writing-custom-facts-windows
Facter.add('domainnetbiosname') do
confine :osfamily => :windows
setcode do
begin
require 'win32ole'
dnsforestname = Facter.value(:domain)
wmi = WIN32OLE.connect("winmgmts:\\\\.\\root\\cimv2")
win32ntdomain = wmi.ExecQuery("SELECT * FROM Win32_NTDomain WHERE DnsForestName='#{dnsforestname}'").each.first
win32ntdomain.DomainName
rescue
nil
end
end
end
71 changes: 36 additions & 35 deletions manifests/alwaysonconfig.pp
Original file line number Diff line number Diff line change
@@ -1,90 +1,91 @@
class sqlserveralwayson::alwaysonconfig inherits sqlserveralwayson {

#Enable AlwaysOn on MSSQL service
dsc_xsqlserveralwaysonservice{'EnableAlwaysOn':
dsc_sqlalwaysonservice{'EnableAlwaysOn':
dsc_ensure => 'Present',
dsc_sqlserver => $hostname,
dsc_sqlinstancename => 'MSSQLSERVER',
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_restarttimeout => 15,
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}->

# Adding the required service account to allow the cluster to log into SQL
dsc_xsqlserverlogin{'AddNTServiceClusSvc':
dsc_sqlserverlogin{'AddNTServiceClusSvc':
dsc_ensure => 'Present',
dsc_name => 'NT SERVICE\ClusSvc',
dsc_logintype => 'WindowsUser',
dsc_sqlserver => $hostname,
dsc_sqlinstancename => 'MSSQLSERVER',
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}->

# Add the required permissions to the cluster service login
dsc_xsqlserverpermission{'AddNTServiceClusSvcPermissions':
dsc_sqlserverpermission{'AddNTServiceClusSvcPermissions':
dsc_ensure => 'Present',
dsc_nodename => $hostname,
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_principal => 'NT SERVICE\ClusSvc',
dsc_permission => ['AlterAnyAvailabilityGroup', 'ViewServerState'],
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}->

dsc_xsqlserverendpoint{'SQLServerEndpoint':
dsc_sqlserverendpoint{'SQLServerEndpoint':
dsc_endpointname => 'HADR',
dsc_ensure => 'Present',
dsc_port => '5022',
dsc_sqlserver => $fqdn,
dsc_sqlinstancename => 'MSSQLSERVER',
dsc_servername => $fqdn,
dsc_instancename => 'MSSQLSERVER',
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}
dsc_xsqlserverendpointpermission{'SQLConfigureEndpointPermission':
}->

dsc_sqlserverendpointpermission{'SQLConfigureEndpointPermission':
dsc_ensure => 'Present',
dsc_nodename => $hostname,
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_name => 'HADR',
dsc_principal => $sqlservicecredential_username,
dsc_principal => "${domainnetbiosname}\\$sqlservicecredential_username",
dsc_permission => 'CONNECT',
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}

if ( $role == 'primary' ) {
# Create the availability group on the instance tagged as the primary replica
dsc_xsqlserveralwaysonavailabilitygroup{'CreateSQLAvailabilityGroup':
dsc_sqlag{'CreateSQLAvailabilityGroup':
dsc_ensure => 'Present',
dsc_name => $clusterName,
dsc_sqlserver => $hostname,
dsc_sqlinstancename => 'MSSQLSERVER',
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_availabilitymode => 'SynchronousCommit',
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password},
require => [ Dsc_xsqlserveralwaysonservice['EnableAlwaysOn'] , Dsc_xsqlserverendpoint['SQLServerEndpoint'] ]
require => [ Dsc_sqlalwaysonservice['EnableAlwaysOn'] , Dsc_sqlserverendpoint['SQLServerEndpoint'] ]
}
dsc_xsqlserveravailabilitygrouplistener{'AvailabilityGroupListener':

dsc_sqlaglistener{'AvailabilityGroupListener':
dsc_ensure => 'Present',
dsc_nodename => $fqdn,
dsc_servername => $fqdn,
dsc_instancename => 'MSSQLSERVER',
dsc_availabilitygroup => $clusterName,
dsc_name => "${clusterName}LI",
dsc_ipaddress => $listenerIP,
dsc_port => 1433,
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password},
require => [ Dsc_xsqlserveralwaysonavailabilitygroup['CreateSQLAvailabilityGroup'] ]
require => [ Dsc_sqlag['CreateSQLAvailabilityGroup'] ]
}

}
else {
dsc_xsqlserveralwaysonavailabilitygroupreplica{'SQLAvailabilityGroupAddReplica':

dsc_sqlagreplica{'SQLAvailabilityGroupAddReplica':
dsc_ensure => 'Present',
dsc_name => $hostname,
dsc_availabilitygroupname => $clusterName,
dsc_sqlserver => $hostname,
dsc_sqlinstancename => 'MSSQLSERVER',
dsc_primaryreplicasqlserver => $clusterName,
dsc_primaryreplicasqlinstancename => 'MSSQLSERVER',
dsc_servername => $hostname,
dsc_instancename => 'MSSQLSERVER',
dsc_primaryreplicaservername => $clusterName,
dsc_primaryreplicainstancename => 'MSSQLSERVER',
dsc_endpointhostname => $hostname,
dsc_psdscrunascredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password},
require => [ Dsc_xsqlserveralwaysonservice['EnableAlwaysOn'] , Dsc_xsqlserverendpoint['SQLServerEndpoint'] ]
require => [ Dsc_sqlalwaysonservice['EnableAlwaysOn'] , Dsc_sqlserverendpoint['SQLServerEndpoint'] ]
}
}
}
56 changes: 28 additions & 28 deletions manifests/clusterconfig.pp
Original file line number Diff line number Diff line change
@@ -1,35 +1,35 @@
class sqlserveralwayson::clusterconfig inherits sqlserveralwayson {

if ( $role == 'primary' ) {
#Failover cluster creation
dsc_xcluster{'CreateFailoverCluster':
dsc_name => $clusterName,
dsc_staticipaddress => $clusterIP,
dsc_domainadministratorcredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}
#File share whitness configuration
#Warning, bug https://github.com/PowerShell/xFailOverCluster/issues/35 on Windows 2016
dsc_xclusterquorum{'SetQuorumToNodeAndDiskMajority':
dsc_issingleinstance => 'Yes',
dsc_type => 'NodeAndFileShareMajority',
dsc_resource => $fileShareWitness,
require => Dsc_xcluster['CreateFailoverCluster']
}
}
else {
dsc_xwaitforcluster{'SecondaryReplicaWaitForCluster':
dsc_name => $clusterName,
dsc_retryintervalsec => 10,
#Failover cluster creation
dsc_xcluster{'CreateFailoverCluster':
dsc_name => $clusterName,
dsc_staticipaddress => $clusterIP,
dsc_domainadministratorcredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password}
}

#File share whitness configuration
#Warning, bug https://github.com/PowerShell/xFailOverCluster/issues/35 on Windows 2016
dsc_xclusterquorum{'SetQuorumToNodeAndDiskMajority':
dsc_issingleinstance => 'Yes',
dsc_type => 'NodeAndFileShareMajority',
dsc_resource => $fileShareWitness,
require => Dsc_xcluster['CreateFailoverCluster']
}

}
else {
dsc_xwaitforcluster{'SecondaryReplicaWaitForCluster':
dsc_name => $clusterName,
dsc_retryintervalsec => 10,
dsc_retrycount => 6
}
dsc_xcluster{'JoinCluster':
dsc_name => $clusterName,
}

dsc_xcluster{'JoinCluster':
dsc_name => $clusterName,
dsc_staticipaddress => $clusterIP,
dsc_domainadministratorcredential => {'user' => $setup_svc_username, 'password' => $setup_svc_password},
require => Dsc_xwaitforcluster['SecondaryReplicaWaitForCluster']
}
}
}
}
}
Loading

0 comments on commit 18bca74

Please sign in to comment.