Allow mysql.create-users to specify password.
Until we have a good way of generating passwords and feeding them back to other services (bug #118436), we will have to push them in to mysql via Metadata. Change-Id: Idfa64bf93b6f018ae08a5c43ba3c73f428c477d6
This commit is contained in:
parent
acd6f161f5
commit
7e22d74e39
|
@ -1,3 +1,31 @@
|
||||||
Sets up a MySQL server install in the image.
|
Set up a MySQL server install in the image.
|
||||||
|
|
||||||
TODO: auto-tune settings based on host resources or metadata service.
|
TODO: auto-tune settings based on host resources or metadata service.
|
||||||
|
|
||||||
|
Configuration
|
||||||
|
-------------
|
||||||
|
|
||||||
|
Users will be created if Heat Metadata is passed in under the
|
||||||
|
'mysql.create-users' section. For example:
|
||||||
|
|
||||||
|
mysql:
|
||||||
|
create-users:
|
||||||
|
- username: dbuser1
|
||||||
|
database: somedb
|
||||||
|
userhandle:
|
||||||
|
Ref: SomeWaitConditionHandle
|
||||||
|
|
||||||
|
This will cause mysql to create the user 'dbuser1' if it does not exist,
|
||||||
|
and grant it all privileges on somedb. It will have a random password
|
||||||
|
generated and passed to the WaitConditionHandle with the key of the
|
||||||
|
username, and password as the data. A password can also be given for
|
||||||
|
the user like this:
|
||||||
|
|
||||||
|
mysql:
|
||||||
|
create-users:
|
||||||
|
- username: dbuser2
|
||||||
|
database: somedb
|
||||||
|
password: abcdefg12345
|
||||||
|
|
||||||
|
If a userhandle is also given with the password, it will be passed to
|
||||||
|
the wait condition handle in the same manner.
|
||||||
|
|
|
@ -65,8 +65,11 @@ to_create = should_exist - existing
|
||||||
|
|
||||||
for createuser in to_create:
|
for createuser in to_create:
|
||||||
dbvalue = by_user[createuser]
|
dbvalue = by_user[createuser]
|
||||||
with open('/dev/urandom', 'rb') as urandom:
|
if 'password' in dbvalue:
|
||||||
password = b64encode(urandom.read(30))
|
password = dbvalue['password']
|
||||||
|
else:
|
||||||
|
password = b64encode(os.urandom(30))
|
||||||
|
|
||||||
cmd = "GRANT ALL PRIVILEGES ON `%s`.* TO `%s`@'%%' IDENTIFIED BY '%s'" % (
|
cmd = "GRANT ALL PRIVILEGES ON `%s`.* TO `%s`@'%%' IDENTIFIED BY '%s'" % (
|
||||||
dbvalue['database'], dbvalue['username'], password)
|
dbvalue['database'], dbvalue['username'], password)
|
||||||
if opts.noop:
|
if opts.noop:
|
||||||
|
|
Loading…
Reference in New Issue