-
Notifications
You must be signed in to change notification settings - Fork 1.4k
Expand file tree
/
Copy pathmysql
More file actions
271 lines (232 loc) · 9.41 KB
/
mysql
File metadata and controls
271 lines (232 loc) · 9.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
#!/bin/bash
#
# lib/databases/mysql
# Functions to control the configuration and operation of the **MySQL** database backend
# Dependencies:
#
# - DATABASE_{HOST,USER,PASSWORD} must be defined
# Save trace setting
_XTRACE_DB_MYSQL=$(set +o | grep xtrace)
set +o xtrace
MYSQL_DRIVER=${MYSQL_DRIVER:-PyMySQL}
INSTALL_DATABASE_SERVER_PACKAGES=$(trueorfalse True INSTALL_DATABASE_SERVER_PACKAGES)
register_database mysql
if [[ -z "$MYSQL_SERVICE_NAME" ]]; then
MYSQL_SERVICE_NAME=mysql
if is_fedora; then
MYSQL_SERVICE_NAME=mariadb
elif [[ "$DISTRO" =~ trixie|bookworm|bullseye ]]; then
MYSQL_SERVICE_NAME=mariadb
fi
fi
# Functions
# ---------
function get_database_type_mysql {
if [[ "$MYSQL_DRIVER" == "PyMySQL" ]]; then
echo mysql+pymysql
else
echo mysql
fi
}
# Get rid of everything enough to cleanly change database backends
function cleanup_database_mysql {
stop_service $MYSQL_SERVICE_NAME
if is_ubuntu; then
# Get ruthless with mysql
apt_get purge -y mysql* mariadb*
sudo rm -rf /var/lib/mysql
sudo rm -rf /etc/mysql
elif is_fedora; then
uninstall_package mariadb-server
sudo rm -rf /var/lib/mysql
fi
}
function recreate_database_mysql {
local db=$1
mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST -e "DROP DATABASE IF EXISTS $db;"
mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST -e "CREATE DATABASE $db CHARACTER SET utf8;"
}
function configure_database_mysql {
local my_conf mysql slow_log my_client_conf
echo_summary "Configuring and starting MySQL"
if is_ubuntu; then
my_conf=/etc/mysql/my.cnf
elif is_fedora; then
my_conf=/etc/my.cnf
local cracklib_conf=/etc/my.cnf.d/cracklib_password_check.cnf
if [ -f "$cracklib_conf" ]; then
inicomment -sudo "$cracklib_conf" "mariadb" "plugin-load-add"
fi
else
exit_distro_not_supported "mysql configuration"
fi
# Set fips mode on
if is_ubuntu; then
if is_fips_enabled; then
my_client_conf=/etc/mysql/mysql.conf.d/mysql.cnf
iniset -sudo $my_client_conf mysql ssl-fips-mode "on"
iniset -sudo $my_conf mysqld ssl-fips-mode "on"
fi
fi
# Change bind-address from localhost (127.0.0.1) to any (::)
iniset -sudo $my_conf mysqld bind-address "$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)"
# (Re)Start mysql-server
if is_fedora; then
# service is not started by default
start_service $MYSQL_SERVICE_NAME
elif is_ubuntu; then
# required since bind-address could have changed above
restart_service $MYSQL_SERVICE_NAME
fi
# MariaDB 10.4+ on modern Debian/Ubuntu uses unix_socket auth by default
# See https://mariadb.org/authentication-in-mariadb-10-4/
local use_mariadb_socket_auth=False
if is_ubuntu && [ "$MYSQL_SERVICE_NAME" == "mariadb" ]; then
if [[ ! "$DISTRO" =~ bookworm|bullseye ]]; then
use_mariadb_socket_auth=True
fi
fi
# Set the root password - only works the first time. For Ubuntu, we already
# did that with debconf before installing the package, but we still try,
# because the package might have been installed already. We don't do this
# for MariaDB with socket auth because the root password is managed differently.
if [[ "$use_mariadb_socket_auth" != "True" ]]; then
sudo mysqladmin -u root password $DATABASE_PASSWORD || true
fi
# In case of Mariadb, giving hostname in arguments causes permission
# problems as it expects connection through socket
if is_ubuntu && [ "$MYSQL_SERVICE_NAME" == "mariadb" ]; then
local cmd_args="-uroot -p$DATABASE_PASSWORD "
else
local cmd_args="-uroot -p$DATABASE_PASSWORD -h$SERVICE_LOCAL_HOST "
fi
# Workaround for mariadb > 11.6.2,
# see https://bugs.launchpad.net/nova/+bug/2116186/comments/3
min_db_ver="11.6.2"
db_version=$(sudo mysql ${cmd_args} -e "select version();" -sN | cut -d '-' -f 1)
max_db_ver=$(printf '%s\n' ${min_db_ver} ${db_version} | sort -V | tail -n 1)
if [[ "${min_db_ver}" != "${max_db_ver}" ]]; then
iniset -sudo $my_conf mysqld innodb_snapshot_isolation OFF
restart_service $MYSQL_SERVICE_NAME
fi
# Configure database user authentication
if [[ "$use_mariadb_socket_auth" == "True" ]]; then
# Allow both unix_socket (for sudo mysql) and password auth
# Using OR allows restacking without needing to reset auth in unstack
sudo mysql -e "ALTER USER $DATABASE_USER@localhost IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$DATABASE_PASSWORD');"
fi
# Create remote access user and grant privileges (needed for all distros)
if [[ "$use_mariadb_socket_auth" == "True" ]]; then
# Use sudo mysql since we have socket auth
sudo mysql -e "CREATE USER IF NOT EXISTS '$DATABASE_USER'@'%' identified by '$DATABASE_PASSWORD';"
sudo mysql -e "GRANT ALL PRIVILEGES ON *.* TO '$DATABASE_USER'@'%';"
else
sudo mysql $cmd_args -e "CREATE USER IF NOT EXISTS '$DATABASE_USER'@'%' identified by '$DATABASE_PASSWORD';"
sudo mysql $cmd_args -e "GRANT ALL PRIVILEGES ON *.* TO '$DATABASE_USER'@'%';"
fi
# Now update ``my.cnf`` for some local needs and restart the mysql service
# Set default db type to InnoDB
iniset -sudo $my_conf mysqld sql_mode TRADITIONAL
iniset -sudo $my_conf mysqld default-storage-engine InnoDB
iniset -sudo $my_conf mysqld max_connections 2048
if [[ "$DATABASE_QUERY_LOGGING" == "True" ]]; then
echo_summary "Enabling MySQL query logging"
if is_fedora; then
slow_log=/var/log/mariadb/mariadb-slow.log
else
slow_log=/var/log/mysql/mysql-slow.log
fi
sudo sed -e '/log.slow.queries/d' \
-e '/long.query.time/d' \
-e '/log.queries.not.using.indexes/d' \
-i $my_conf
# Turn on slow query log, log all queries (any query taking longer than
# 0 seconds) and log all non-indexed queries
iniset -sudo $my_conf mysqld slow-query-log 1
iniset -sudo $my_conf mysqld slow-query-log-file $slow_log
iniset -sudo $my_conf mysqld long-query-time 0
iniset -sudo $my_conf mysqld log-queries-not-using-indexes 1
fi
if [[ "$MYSQL_GATHER_PERFORMANCE" == "True" ]]; then
echo "enabling MySQL performance counting"
# Install our sqlalchemy plugin
pip_install ${TOP_DIR}/tools/dbcounter
# Create our stats database for accounting
recreate_database stats
mysql -u $DATABASE_USER -p$DATABASE_PASSWORD -h $MYSQL_HOST -e \
"CREATE TABLE queries (db VARCHAR(32), op VARCHAR(32),
count INT, PRIMARY KEY (db, op)) ENGINE MEMORY" stats
fi
if [[ "$MYSQL_REDUCE_MEMORY" == "True" ]]; then
iniset -sudo $my_conf mysqld read_buffer_size 64K
iniset -sudo $my_conf mysqld innodb_buffer_pool_size 16M
iniset -sudo $my_conf mysqld thread_stack 192K
iniset -sudo $my_conf mysqld thread_cache_size 8
iniset -sudo $my_conf mysqld tmp_table_size 8M
iniset -sudo $my_conf mysqld sort_buffer_size 8M
iniset -sudo $my_conf mysqld max_allowed_packet 8M
fi
restart_service $MYSQL_SERVICE_NAME
}
function install_database_mysql {
if is_ubuntu; then
# Seed configuration with mysql password so that apt-get install doesn't
# prompt us for a password upon install.
sudo debconf-set-selections <<MYSQL_PRESEED
mysql-server mysql-server/root_password password $DATABASE_PASSWORD
mysql-server mysql-server/root_password_again password $DATABASE_PASSWORD
mysql-server mysql-server/start_on_boot boolean true
MYSQL_PRESEED
fi
# while ``.my.cnf`` is not needed for OpenStack to function, it is useful
# as it allows you to access the mysql databases via ``mysql nova`` instead
# of having to specify the username/password each time.
if [[ ! -e $HOME/.my.cnf ]]; then
cat <<EOF >$HOME/.my.cnf
[client]
user=$DATABASE_USER
password=$DATABASE_PASSWORD
EOF
if ! is_ubuntu || [ "$MYSQL_SERVICE_NAME" != "mariadb" ]; then
echo "host=$MYSQL_HOST" >> $HOME/.my.cnf
fi
chmod 0600 $HOME/.my.cnf
fi
# Install mysql-server
if [[ "$INSTALL_DATABASE_SERVER_PACKAGES" == "True" ]]; then
if is_fedora; then
install_package mariadb-server mariadb-devel mariadb
sudo systemctl enable $MYSQL_SERVICE_NAME
elif is_ubuntu; then
install_package $MYSQL_SERVICE_NAME-server
else
exit_distro_not_supported "mysql installation"
fi
fi
}
function install_database_python_mysql {
# Install Python client module
pip_install_gr $MYSQL_DRIVER
if [[ "$MYSQL_DRIVER" == "MySQL-python" ]]; then
ADDITIONAL_VENV_PACKAGES+=",MySQL-python"
elif [[ "$MYSQL_DRIVER" == "PyMySQL" ]]; then
ADDITIONAL_VENV_PACKAGES+=",PyMySQL"
fi
}
function database_connection_url_mysql {
local db=$1
local plugin
# NOTE(danms): We don't enable perf on subnodes yet because the
# plugin is not installed there
if [[ "$MYSQL_GATHER_PERFORMANCE" == "True" ]]; then
if is_service_enabled mysql; then
plugin="&plugin=dbcounter"
fi
fi
echo "$BASE_SQL_CONN/$db?charset=utf8$plugin"
}
# Restore xtrace
$_XTRACE_DB_MYSQL
# Local variables:
# mode: shell-script
# End: