mysql: fix root password update for containerized mysql
Since the mysql service has been containerized, we lost the ability to update the root password during a stack update. When the mysql root password in hiera differs from the one currently set in the mysql DB, connect to the DB with password from .my.cnf and update credentials of the root user before the puppet mysql module tries to access the database. Also update other root DB users. Change-Id: I8fe9a640ba36288a1f9cb18563b363159d4731c0 Depends-On: I5bdbc89897a6dcd5bd57f2132e2acf99702b28ea Closes-Bug: #1792416
This commit is contained in:
parent
279e34223e
commit
467c6879d6
|
@ -417,10 +417,27 @@ MYSQL_HOST=localhost\n",
|
|||
}
|
||||
File['/etc/sysconfig/clustercheck'] -> Exec['galera-ready']
|
||||
|
||||
# If the root password is to be updated:
|
||||
# . hiera contains the new password
|
||||
# . .my.cnf still contains the current root credentials
|
||||
# so changing the root password can only happen before
|
||||
# .my.cnf is re-generated by puppet
|
||||
mysql_user { 'root@localhost':
|
||||
ensure => present,
|
||||
password_hash => mysql_password($mysql_root_password),
|
||||
}
|
||||
Mysql_user['root@localhost'] -> File['/root/.my.cnf']
|
||||
|
||||
# make sure to update all root users in the mysql DB
|
||||
mysql_user { 'root@%':
|
||||
ensure => present,
|
||||
password_hash => mysql_password($mysql_root_password),
|
||||
}
|
||||
|
||||
# We create databases and users for services at step 2 as well. This ensures
|
||||
# Galera is up and ready before those get created
|
||||
File['/root/.my.cnf'] -> Mysql_database<||>
|
||||
File['/root/.my.cnf'] -> Mysql_user<||>
|
||||
File['/root/.my.cnf'] -> Mysql_user<|title!='root@localhost'|>
|
||||
File['/root/.my.cnf'] -> Mysql_grant<||>
|
||||
Exec['galera-ready'] -> Mysql_database<||>
|
||||
Exec['galera-ready'] -> Mysql_user<||>
|
||||
|
|
Loading…
Reference in New Issue