121 lines
5.5 KiB
Plaintext
121 lines
5.5 KiB
Plaintext
#!/bin/bash
|
|
|
|
if [[ -z ${INFLUX_ADMIN_PASSWORD} ]]
|
|
then
|
|
echo "INFLUX_ADMIN_PASSWORD must be set in env"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ -z ${DB_USER_PASSWORD} ]]
|
|
then
|
|
echo "DB_USER_PASSWORD must be set in env"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ -z ${DB_READ_ONLY_USER_PASSWORD} ]]
|
|
then
|
|
echo "DB_READ_ONLY_USER_PASSWORD must be set in env"
|
|
exit 1
|
|
fi
|
|
|
|
CONFIG_FILE="/etc/opt/influxdb/influxdb.conf"
|
|
INFLUX_HOST="<%= @influxdb_host %>:<%= @influxdb_port %>"
|
|
INFLUX_ADMIN="<%= @influxdb_user %>"
|
|
MONASCA_DB="mon"
|
|
MONASCA_USERS="mon_api mon_persister"
|
|
MONASCA_READ_ONLY_USERS="mon_ro"
|
|
DEFAULT_RETENTION_POLICY_NAME="<%= @influxdb_def_ret_pol_name %>"
|
|
DEFAULT_RETENTION_POLICY_DURATION="<%= @influxdb_def_ret_pol_duration %>"
|
|
TMP_RETENTION_POLICY_NAME="<%= @influxdb_tmp_ret_pol_name %>"
|
|
TMP_RETENTION_POLICY_DURATION="<%= @influxdb_tmp_ret_pol_duration %>"
|
|
RETENTION_POLICY_REPLICATION_FACTOR="<%= @influxdb_retention_replication %>"
|
|
|
|
wait_for_influx()
|
|
{
|
|
HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null`
|
|
PING_RC=$?
|
|
ATTEMPTS=1
|
|
|
|
until [ $PING_RC -eq "0" ] && [ $HTTP_CODE -eq "204" ]
|
|
do
|
|
HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null`
|
|
PING_RC=$?
|
|
ATTEMPTS=$((ATTEMPTS+1))
|
|
if [ $ATTEMPTS -eq 30 ]
|
|
then
|
|
echo "InfluxDB not up after $ATTEMPTS seconds!"
|
|
echo "HTTP CODE: $HTTP_CODE"
|
|
echo "CURL RETURN CODE: $PING_RC"
|
|
exit 1
|
|
fi
|
|
sleep 1
|
|
done
|
|
}
|
|
|
|
wait_for_influx
|
|
|
|
USERS=`curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"`
|
|
# check to see if we've created the root user yet
|
|
if ! grep -q root <<<$USERS
|
|
then
|
|
# Nope, need to restart in insecure mode the first time
|
|
# to create the admin user.
|
|
echo "Restarting influxdb in insecure mode to create first user"
|
|
sed -i -e '/\[authentication\]/{n;s/.*/enabled = false/}' $CONFIG_FILE
|
|
service influxdb restart
|
|
wait_for_influx
|
|
q="CREATE USER $INFLUX_ADMIN WITH PASSWORD '$INFLUX_ADMIN_PASSWORD' WITH ALL PRIVILEGES"
|
|
curl -s -G -w "%{http_code} CREATE USER $INFLUX_ADMIN\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" -o /dev/null
|
|
echo "Restarting influxdb in secure mode"
|
|
sed -i -e '/\[authentication\]/{n;s/.*/enabled = true/}' $CONFIG_FILE
|
|
service influxdb restart
|
|
wait_for_influx
|
|
fi
|
|
|
|
# create the database
|
|
q="CREATE DATABASE $MONASCA_DB"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
|
|
# create the default retention policy
|
|
q="CREATE RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
# alter it in case we've change replication or duration
|
|
q="ALTER RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
|
|
# create the tmp retention policy
|
|
q="CREATE RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
# alter it in case we've change replication or duration
|
|
q="ALTER RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
|
|
# create the monasca users as admins
|
|
for u in $MONASCA_USERS
|
|
do
|
|
q="CREATE USER $u WITH PASSWORD '$DB_USER_PASSWORD' WITH ALL PRIVILEGES"
|
|
curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
done
|
|
|
|
# create the read only users
|
|
for u in $MONASCA_READ_ONLY_USERS
|
|
do
|
|
# create
|
|
q="CREATE USER $u WITH PASSWORD '$DB_READ_ONLY_USER_PASSWORD'"
|
|
curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
|
|
# grant read access to the monasca db
|
|
q="GRANT read ON $MONASCA_DB TO $u"
|
|
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
|
|
done
|
|
|
|
echo "Done creating entities"
|
|
|
|
echo "\nDatabases:"
|
|
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW DATABASES" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
|
|
echo "\n\nRetention policies:"
|
|
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW RETENTION POLICIES $MONASCA_DB" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
|
|
echo "\n\nUsers:"
|
|
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
|
|
echo ""
|