openstack/openstack-ansible-galera_server
Code Issues Proposed changes
openstack-ansible-galera_se.../templates/galera_secure_node.j2
Mohammed Naser b5bdd4cfb7 Start MySQL on localhost for galera_secure_node 
When running MySQL on bare metal, it starts up the secure script
before configuring anything which means that it listens on all
interfaces by default.

In scenarios where the load balancer might be colocated with the
database server, it would cause a conflict and it would refuse
to start up (even if the database server is already configured
not to listen on that interface, the configuration only gets
dropped later in the play).

This sets the environment configuration to start it up on localhost
only and then resets it once it is done.  It should not affect
existing deployment but help with bare metal ones.

Change-Id: I883e32678ea3cc2eea09d23db5eecfce35aee6f2
2018-04-06 23:06:44 -04:00

47 lines
2.2 KiB
Django/Jinja
Raw Blame History

#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -ev
STOP_MYSQL=false
if ! systemctl status mysql; then
STOP_MYSQL=true
systemctl set-environment MYSQLD_OPTS="--bind-address=127.0.0.1"
systemctl start mysql
sleep 10
systemctl status mysql
fi
if mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}"; then
mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';"
mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';"
mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');"
mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "FLUSH PRIVILEGES;"
fi
if [ "${STOP_MYSQL}" = true ]; then
systemctl stop mysql
fi
# Create a marker file to ensure this script is not run again
systemctl unset-environment MYSQLD_OPTS
touch "/var/lib/mysql/osa_default_secured"
View Git Blame Copy Permalink