summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Mágr <mmagr@redhat.com>2017-09-29 14:07:46 +0200
committerMartin Mágr <mmagr@redhat.com>2017-10-09 14:20:35 +0200
commit48157625981848fae97e24dc01da213ea7e3fb4a (patch)
tree2ae643208b6258c4d6455be2373d8dda748a975e
parent6fea40f786a466802503c03b2b815d05676e1807 (diff)
Create mysql user for non-ha deployments
Currently health check for mysql container reports unhealthy container because there is no 'mysql' user created. This patch creates the user during mysql_bootstrap without any permission, just to allow health check to connect to DB and run 'select 1'. Change-Id: Iab26da0d30939b219189d4e7beb2a61d456ab7c3 Closes-Bug: #1718944 (cherry picked from commit 3a9cfaa992e92423461d64f84d701336322bdd10)
-rw-r--r--docker/services/database/mysql.yaml26
1 files changed, 21 insertions, 5 deletions
diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml
index 402dc351..2425c74c 100644
--- a/docker/services/database/mysql.yaml
+++ b/docker/services/database/mysql.yaml
@@ -125,11 +125,26 @@ outputs:
command: ['/bin/bash', '-c', 'chown -R mysql:mysql /var/log/mariadb']
step_2:
mysql_bootstrap:
+ start_order: 1
detach: false
image: *mysql_image
net: host
+ user: root
# Kolla bootstraps aren't idempotent, explicitly checking if bootstrap was done
- command: ['bash', '-c', 'test -e /var/lib/mysql/mysql || kolla_start']
+ command:
+ - 'bash'
+ - '-ecx'
+ -
+ list_join:
+ - "\n"
+ - - 'if [ -e /var/lib/mysql/mysql ]; then exit 0; fi'
+ - 'echo -e "\n[mysqld]\nwsrep_provider=none" >> /etc/my.cnf'
+ - 'sudo -u mysql -E kolla_start'
+ - 'mysqld_safe --skip-networking --wsrep-on=OFF &'
+ - 'timeout ${DB_MAX_TIMEOUT} /bin/bash -c ''until mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" ping 2>/dev/null; do sleep 1; done'''
+ - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "CREATE USER ''mysql''@''localhost'';"'
+ - 'mysql -uroot -p"${DB_ROOT_PASSWORD}" -e "REVOKE ALL PRIVILEGES, GRANT OPTION FROM ''mysql''@''localhost'';"'
+ - 'timeout ${DB_MAX_TIMEOUT} mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown'
volumes: &mysql_volumes
list_concat:
-
@@ -141,7 +156,7 @@ outputs:
- /var/log/containers/mysql:/var/log/mariadb
- if:
- internal_tls_enabled
- -
+ -
- list_join:
- ':'
- - {get_param: InternalTLSCAFile}
@@ -149,12 +164,13 @@ outputs:
- 'ro'
- /etc/pki/tls/certs/mysql.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mysql.crt:ro
- /etc/pki/tls/private/mysql.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/mysql.key:ro
- - null
+ - null
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
- KOLLA_BOOTSTRAP=True
# NOTE(mandre) skip wsrep cluster status check
- KOLLA_KUBERNETES=True
+ - DB_MAX_TIMEOUT=60
-
list_join:
- '='
@@ -189,7 +205,7 @@ outputs:
- /var/lib/config-data/mysql/root:/root:ro #provides .my.cnf
- if:
- internal_tls_enabled
- -
+ -
- list_join:
- ':'
- - {get_param: InternalTLSCAFile}
@@ -197,7 +213,7 @@ outputs:
- 'ro'
- /etc/pki/tls/certs/mysql.crt:/var/lib/kolla/config_files/src-tls/etc/pki/tls/certs/mysql.crt:ro
- /etc/pki/tls/private/mysql.key:/var/lib/kolla/config_files/src-tls/etc/pki/tls/private/mysql.key:ro
- - null
+ - null
metadata_settings:
get_attr: [MysqlPuppetBase, role_data, metadata_settings]
host_prep_tasks: