openstack/openstack-manuals
Code Issues Proposed changes
Files
7208a23e3d6f1062c97583dea7c089c14fb2ffe1
openstack-manuals/doc/install-guide/section_debconf-dbconfig-common.xml
Thomas Goirand 0e5513f6a3 Documents what debconf does 
After discussing the topic on the doc list, it appears that it
would be nice to document what the debconf screens are configuring.
This patch adds the information, so that it makes it more explicit
to our users what Debian does for them.

This patch only addresses the debconf chapter. There will be other
patches for specific services later on, once this patch is merged.

Change-Id: I60c7ba818e36056ed913582e66bf24c41b2c6807
2014-06-12 23:41:43 +08:00

177 lines
7.4 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<section xml:id="debconf-dbconfig-common"
xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
<title>Configure the database with dbconfig-common</title>
<para>Many of the OpenStack services need to be configured
to access a database. These are configured through a DSN (Database
Source Name) directive as follows:</para>
<programlisting language="ini">[database]
connection = mysql://keystone:0dec658e3f14a7d@localhost/keystonedb</programlisting>
<para>This <literal>connection</literal> directive will be handled by
the <package>dbconfig-common</package> package, which provides a
standard Debian interface. It enables you to configure Debian
database parameters. It includes localized prompts for many
languages and it supports the following database backends:
SQLite, MySQL, and PostgreSQL.</para>
<para>By default, the <package>dbconfig-common</package> package
configures the OpenStack services to use SQLite. So if you use
<package>debconf</package> in non-interactive mode and without
pre-seeding, the OpenStack services that you install will use
SQLite.</para>
<para>By default, <package>dbconfig-common</package> does not
provide access to database servers over a network. If you want the
<package>dbconfig-common</package> package to prompt for remote
database servers that are accessed over a network and not through
a UNIX socket file, reconfigure it, as follows:</para>
<screen><prompt>#</prompt> <userinput>apt-get install dbconfig-common &amp;&amp; dpkg-reconfigure dbconfig-common</userinput></screen>
<para>These screens appear when you re-configure the
<package>dbconfig-common</package> package:</para>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_keep_admin_pass.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_used_for_remote_db.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<para>Unlike other <package>debconf</package> prompts, you cannot
pre-seed the responses for the <package>dbconfig-common</package>
prompts by using <command>debconf-set-selections</command>.
Instead, you must create a file in
<filename>/etc/dbconfig-common</filename>. For example, you
might create a keystone configuration file for
<package>dbconfig-common</package> that is located in
<filename>/etc/dbconfig-common/keystone.conf</filename>, as
follows:</para>
<programlisting language="ini">dbc_install='true'
dbc_upgrade='true'
dbc_remove=''
dbc_dbtype='mysql'
dbc_dbuser='keystone'
dbc_dbpass='PASSWORD'
dbc_dbserver=''
dbc_dbport=''
dbc_dbname='keystonedb'
dbc_dbadmin='root'
dbc_basepath=''
dbc_ssl=''
dbc_authmethod_admin=''
dbc_authmethod_user=''</programlisting>
<para>After you create this file, run this command:</para>
<screen><prompt>#</prompt> <userinput>apt-get install keystone</userinput></screen>
<para>The Identity Service is installed with MySQL as the database
back end, <literal>keystonedb</literal> as database name, and the
localhost socket file. The corresponding DNS will then be:</para>
<programlisting language="ini">[database]
connection = mysql://keystone:PASSWORD@localhost/keystonedb</programlisting>
<para>The <package>dbconfig-common</package> package will configure
MySQL for these access rights, and create the database for you.
Since OpenStack 2014.1.1, all OpenStack packages in Debian are performing
the following MySQL query after database creation (if you decide
to use MySQL as a back-end):</para>
<programlisting language="ini">ALTER DATABASE keystone CHARACTER SET utf8 COLLATE utf8_unicode_ci</programlisting>
<para>So, if using Debian, you wont need to care about database
creation, access rights and character sets. All that is handled
for you by the packages.</para>
<para>As an example, here are screenshots from the
<package>cinder-common</package> package:</para>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_1_configure-with-dbconfig-yes-no.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_2_db-types.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_3_connection_method.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_4_mysql_root_password.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_5_mysql_app_password.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<informalfigure>
<mediaobject>
<imageobject>
<imagedata scale="40"
fileref="figures/debconf-screenshots/dbconfig-common_6_mysql_app_password_confirm.png"
/>
</imageobject>
</mediaobject>
</informalfigure>
<para>By default in Debian, you can access the MySQL server from either
localhost through the socket file or 127.0.0.1. To access it over the
network, you must edit the <filename>/etc/mysql/my.cnf</filename> file,
and the <literal>mysql.user</literal> table. To do so, Debian provides
a helper script in the <package>openstack-deploy</package> package.
To use it, install the package and run:</para>
<screen><prompt>#</prompt> <userinput>/usr/share/openstack-deploy/mysql-remote-root</userinput></screen>
<para>Alternatively, if you do not want to install this package, run
this script to enable remote root access:</para>
<programlisting language="bash">#!/bin/sh
set -e
SQL="mysql --defaults-file=/etc/mysql/debian.cnf -Dmysql -e"
ROOT_PASS=`${SQL} "SELECT Password FROM user WHERE User='root' LIMIT 1;" \
| tail -n 1`
${SQL} "REPLACE INTO user SET host='%', user='root',\
password='${ROOT_PASS}', Select_priv='Y', Insert_priv='Y',\
Update_priv='Y', Delete_priv='Y', Create_priv='Y', Drop_priv='Y',\
Reload_priv='Y', Shutdown_priv='Y', Process_priv='Y', File_priv='Y',\
Grant_priv='Y', References_priv='Y', Index_priv='Y', Alter_priv='Y',\
Super_priv='Y', Show_db_priv='Y', Create_tmp_table_priv='Y',\
Lock_tables_priv='Y', Execute_priv='Y', Repl_slave_priv='Y',\
Repl_client_priv='Y', Create_view_priv='Y', Show_view_priv='Y',\
Create_routine_priv='Y', Alter_routine_priv='Y', Create_user_priv='Y',\
Event_priv='Y', Trigger_priv='Y' "
${SQL} "FLUSH PRIVILEGES"
sed -i 's|^bind-address[ \t]*=.*|bind-address = 0.0.0.0|' /etc/mysql/my.cnf
/etc/init.d/mysql restart</programlisting>
<para>You must enable remote access before you install OpenStack
services on multiple nodes.</para>
</section>
View Git Blame Copy Permalink