Allow mysql.create-users to specify password.
Until we have a good way of generating passwords and feeding them back to other services (bug #118436), we will have to push them in to mysql via Metadata. Change-Id: Idfa64bf93b6f018ae08a5c43ba3c73f428c477d6
This commit is contained in:
parent
acd6f161f5
commit
7e22d74e39
@ -1,3 +1,31 @@
|
||||
Sets up a MySQL server install in the image.
|
||||
Set up a MySQL server install in the image.
|
||||
|
||||
TODO: auto-tune settings based on host resources or metadata service.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
||||
Users will be created if Heat Metadata is passed in under the
|
||||
'mysql.create-users' section. For example:
|
||||
|
||||
mysql:
|
||||
create-users:
|
||||
- username: dbuser1
|
||||
database: somedb
|
||||
userhandle:
|
||||
Ref: SomeWaitConditionHandle
|
||||
|
||||
This will cause mysql to create the user 'dbuser1' if it does not exist,
|
||||
and grant it all privileges on somedb. It will have a random password
|
||||
generated and passed to the WaitConditionHandle with the key of the
|
||||
username, and password as the data. A password can also be given for
|
||||
the user like this:
|
||||
|
||||
mysql:
|
||||
create-users:
|
||||
- username: dbuser2
|
||||
database: somedb
|
||||
password: abcdefg12345
|
||||
|
||||
If a userhandle is also given with the password, it will be passed to
|
||||
the wait condition handle in the same manner.
|
||||
|
@ -65,8 +65,11 @@ to_create = should_exist - existing
|
||||
|
||||
for createuser in to_create:
|
||||
dbvalue = by_user[createuser]
|
||||
with open('/dev/urandom', 'rb') as urandom:
|
||||
password = b64encode(urandom.read(30))
|
||||
if 'password' in dbvalue:
|
||||
password = dbvalue['password']
|
||||
else:
|
||||
password = b64encode(os.urandom(30))
|
||||
|
||||
cmd = "GRANT ALL PRIVILEGES ON `%s`.* TO `%s`@'%%' IDENTIFIED BY '%s'" % (
|
||||
dbvalue['database'], dbvalue['username'], password)
|
||||
if opts.noop:
|
||||
|
Loading…
Reference in New Issue
Block a user