#!/bin/bash if [[ -z ${INFLUX_ADMIN_PASSWORD} ]] then echo "INFLUX_ADMIN_PASSWORD must be set in env" exit 1 fi if [[ -z ${DB_USER_PASSWORD} ]] then echo "DB_USER_PASSWORD must be set in env" exit 1 fi if [[ -z ${DB_READ_ONLY_USER_PASSWORD} ]] then echo "DB_READ_ONLY_USER_PASSWORD must be set in env" exit 1 fi CONFIG_FILE="/etc/opt/influxdb/influxdb.conf" INFLUX_HOST="<%= @influxdb_host %>:<%= @influxdb_port %>" INFLUX_ADMIN="<%= @influxdb_user %>" MONASCA_DB="mon" MONASCA_USERS="mon_api mon_persister" MONASCA_READ_ONLY_USERS="mon_ro" DEFAULT_RETENTION_POLICY_NAME="<%= @influxdb_def_ret_pol_name %>" DEFAULT_RETENTION_POLICY_DURATION="<%= @influxdb_def_ret_pol_duration %>" TMP_RETENTION_POLICY_NAME="<%= @influxdb_tmp_ret_pol_name %>" TMP_RETENTION_POLICY_DURATION="<%= @influxdb_tmp_ret_pol_duration %>" RETENTION_POLICY_REPLICATION_FACTOR="<%= @influxdb_retention_replication %>" wait_for_influx() { HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null` PING_RC=$? ATTEMPTS=1 until [ $PING_RC -eq "0" ] && [ $HTTP_CODE -eq "204" ] do HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null` PING_RC=$? ATTEMPTS=$((ATTEMPTS+1)) if [ $ATTEMPTS -eq 30 ] then echo "InfluxDB not up after $ATTEMPTS seconds!" echo "HTTP CODE: $HTTP_CODE" echo "CURL RETURN CODE: $PING_RC" exit 1 fi sleep 1 done } wait_for_influx USERS=`curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"` # check to see if we've created the root user yet if ! grep -q root <<<$USERS then # Nope, need to restart in insecure mode the first time # to create the admin user. echo "Restarting influxdb in insecure mode to create first user" sed -i -e '/\[authentication\]/{n;s/.*/enabled = false/}' $CONFIG_FILE service influxdb restart wait_for_influx q="CREATE USER $INFLUX_ADMIN WITH PASSWORD '$INFLUX_ADMIN_PASSWORD' WITH ALL PRIVILEGES" curl -s -G -w "%{http_code} CREATE USER $INFLUX_ADMIN\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" -o /dev/null echo "Restarting influxdb in secure mode" sed -i -e '/\[authentication\]/{n;s/.*/enabled = true/}' $CONFIG_FILE service influxdb restart wait_for_influx fi # create the database q="CREATE DATABASE $MONASCA_DB" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # create the default retention policy q="CREATE RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # alter it in case we've change replication or duration q="ALTER RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # create the tmp retention policy q="CREATE RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # alter it in case we've change replication or duration q="ALTER RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # create the monasca users as admins for u in $MONASCA_USERS do q="CREATE USER $u WITH PASSWORD '$DB_USER_PASSWORD' WITH ALL PRIVILEGES" curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null done # create the read only users for u in $MONASCA_READ_ONLY_USERS do # create q="CREATE USER $u WITH PASSWORD '$DB_READ_ONLY_USER_PASSWORD'" curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null # grant read access to the monasca db q="GRANT read ON $MONASCA_DB TO $u" curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null done echo "Done creating entities" echo "\nDatabases:" curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW DATABASES" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true" echo "\n\nRetention policies:" curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW RETENTION POLICIES $MONASCA_DB" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true" echo "\n\nUsers:" curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true" echo ""