puppet-monasca/templates/bootstrap-influxdb.sh.erb

#!/bin/bash

if [[ -z ${INFLUX_ADMIN_PASSWORD} ]]
then
    echo "INFLUX_ADMIN_PASSWORD must be set in env"
    exit 1
fi

if [[ -z ${DB_USER_PASSWORD} ]]
then
    echo "DB_USER_PASSWORD must be set in env"
    exit 1
fi

if [[ -z ${DB_READ_ONLY_USER_PASSWORD} ]]
then
    echo "DB_READ_ONLY_USER_PASSWORD must be set in env"
    exit 1
fi

CONFIG_FILE="/etc/opt/influxdb/influxdb.conf"
INFLUX_HOST="<%= @influxdb_host %>:<%= @influxdb_port %>"
INFLUX_ADMIN="<%= @influxdb_user %>"
MONASCA_DB="mon"
MONASCA_USERS="mon_api mon_persister"
MONASCA_READ_ONLY_USERS="mon_ro"
DEFAULT_RETENTION_POLICY_NAME="<%= @influxdb_def_ret_pol_name %>"
DEFAULT_RETENTION_POLICY_DURATION="<%= @influxdb_def_ret_pol_duration %>"
TMP_RETENTION_POLICY_NAME="<%= @influxdb_tmp_ret_pol_name %>"
TMP_RETENTION_POLICY_DURATION="<%= @influxdb_tmp_ret_pol_duration %>"
RETENTION_POLICY_REPLICATION_FACTOR="<%= @influxdb_retention_replication %>"

wait_for_influx()
{
    HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null`
    PING_RC=$?
    ATTEMPTS=1

    until [ $PING_RC -eq "0" ] && [ $HTTP_CODE -eq "204" ]
    do
        HTTP_CODE=`curl -s -w "%{http_code}" "http://$INFLUX_HOST/ping" -o /dev/null`
        PING_RC=$?
        ATTEMPTS=$((ATTEMPTS+1))
        if [ $ATTEMPTS -eq 30 ]
        then
            echo "InfluxDB not up after $ATTEMPTS seconds!"
            echo "HTTP CODE: $HTTP_CODE"
            echo "CURL RETURN CODE: $PING_RC"
            exit 1
        fi
        sleep 1
    done
}

wait_for_influx

USERS=`curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"`
# check to see if we've created the root user yet
if ! grep -q root <<<$USERS
then
    # Nope, need to restart in insecure mode the first time
    # to create the admin user.
    echo "Restarting influxdb in insecure mode to create first user"
    sed -i -e '/\[authentication\]/{n;s/.*/enabled = false/}' $CONFIG_FILE
    service influxdb restart
    wait_for_influx
    q="CREATE USER $INFLUX_ADMIN WITH PASSWORD '$INFLUX_ADMIN_PASSWORD' WITH ALL PRIVILEGES"
    curl -s -G -w "%{http_code} CREATE USER $INFLUX_ADMIN\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" -o /dev/null
    echo "Restarting influxdb in secure mode"
    sed -i -e '/\[authentication\]/{n;s/.*/enabled = true/}' $CONFIG_FILE
    service influxdb restart
    wait_for_influx
fi

# create the database
q="CREATE DATABASE $MONASCA_DB"
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null

# create the default retention policy
q="CREATE RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT"
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
# alter it in case we've change replication or duration
q="ALTER RETENTION POLICY $DEFAULT_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $DEFAULT_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR DEFAULT"
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null

# create the tmp retention policy
q="CREATE RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR"
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
# alter it in case we've change replication or duration
q="ALTER RETENTION POLICY $TMP_RETENTION_POLICY_NAME ON $MONASCA_DB DURATION $TMP_RETENTION_POLICY_DURATION REPLICATION $RETENTION_POLICY_REPLICATION_FACTOR"
curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q" --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null

# create the monasca users as admins
for u in $MONASCA_USERS
do
  q="CREATE USER $u WITH PASSWORD '$DB_USER_PASSWORD' WITH ALL PRIVILEGES"
  curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
done

# create the read only users
for u in $MONASCA_READ_ONLY_USERS
do
  # create
  q="CREATE USER $u WITH PASSWORD '$DB_READ_ONLY_USER_PASSWORD'"
  curl -s -G -w "%{http_code} CREATE USER $u\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null

  # grant read access to the monasca db
  q="GRANT read ON $MONASCA_DB TO $u"
  curl -s -G -w "%{http_code} $q\\n" http://$INFLUX_HOST/query --data-urlencode "q=$q"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" -o /dev/null
done

echo "Done creating entities"

echo "\nDatabases:"
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW DATABASES"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
echo "\n\nRetention policies:"
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW RETENTION POLICIES $MONASCA_DB"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
echo "\n\nUsers:"
curl -s -G http://$INFLUX_HOST/query --data-urlencode "q=SHOW USERS"  --data "u=$INFLUX_ADMIN" --data "p=$INFLUX_ADMIN_PASSWORD" --data "pretty=true"
echo ""