openstack/openstack-manuals
Code Issues Proposed changes
44c29ece34
openstack-manuals/doc/install-guide/section_compute-database-mysql.xml
Diane Fleming 64b6c9261e Folder rename, file rename, flattening of directories 
Current folder name	New folder name	        Book title
----------------------------------------------------------
basic-install 	        DELETE
cli-guide	        DELETE
common	                common
NEW	                admin-guide-cloud	Cloud Administrators Guide
docbkx-example	        DELETE
openstack-block-storage-admin 	DELETE
openstack-compute-admin 	DELETE
openstack-config 	config-reference	OpenStack Configuration Reference
openstack-ha 	        high-availability-guide	OpenStack High Availabilty Guide
openstack-image	        image-guide	OpenStack Virtual Machine Image Guide
openstack-install 	install-guide	OpenStack Installation Guide
openstack-network-connectivity-admin 	admin-guide-network 	OpenStack Networking Administration Guide
openstack-object-storage-admin 	DELETE
openstack-security 	security-guide	OpenStack Security Guide
openstack-training 	training-guide	OpenStack Training Guide
openstack-user 	        user-guide	OpenStack End User Guide
openstack-user-admin 	user-guide-admin	OpenStack Admin User Guide
glossary	        NEW        	OpenStack Glossary

bug: #1220407

Change-Id: Id5ffc774b966ba7b9a591743a877aa10ab3094c7
author: diane fleming
2013-09-08 15:15:50 -07:00

60 lines
3.4 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<section xml:id="setting-up-sql-database-mysql"
xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
<title>Configuring the SQL Database (MySQL) on the Cloud Controller</title>
<para>Start the mysql command line client by running:</para>
<para>
<screen><userinput>mysql -u root -p</userinput></screen></para>
<para>Enter the mysql root user's password when prompted.</para>
<para>To configure the MySQL database, create the nova database.</para>
<para>
<screen><prompt>mysql></prompt> <userinput>CREATE DATABASE nova;</userinput></screen></para>
<para>Create a MySQL user and password for the newly-created nova database that has full control
of the database.</para>
<screen><prompt>mysql></prompt> <userinput>GRANT ALL ON nova.* TO 'nova'@'%' IDENTIFIED BY '<replaceable>[YOUR_NOVADB_PASSWORD]</replaceable>';</userinput>
<prompt>mysql></prompt> <userinput>GRANT ALL ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '<replaceable>[YOUR_NOVADB_PASSWORD]</replaceable>';</userinput></screen>
<note>
<para>In the above commands, even though the <literal>'nova'@'%'</literal> also matches
<literal>'nova'@'localhost'</literal>, you must explicitly specify the
<literal>'nova'@'localhost'</literal> entry.</para>
<para>By default, MySQL will create entries in the user table with
<literal>User=''</literal> and <literal>Host='localhost'</literal>. The
<literal>User=''</literal> acts as a wildcard, matching all users. If you do not
have the <literal>'nova'@'localhost'</literal> account, and you try to log in as the
nova user, the precedence rules of MySQL will match against the <literal>User=''
Host='localhost'</literal> account before it matches against the
<literal>User='nova' Host='%'</literal> account. This will result in an error
message that looks like:</para>
<para>
<screen><computeroutput>ERROR 1045 (28000): Access denied for user 'nova'@'localhost' (using password: YES)</computeroutput></screen>
</para>
<para>Thus, we create a separate <literal>User='nova' Host='localhost'</literal> entry that
will match with higher precedence.</para>
<para>See the <link xlink:href="http://dev.mysql.com/doc/refman/5.5/en/connection-access.html"
>MySQL documentation on connection verification</link> for more details on how MySQL
determines which row in the user table it uses when authenticating connections.</para>
</note>
<para>Enter quit at the mysql> prompt to exit MySQL.</para>
<para>
<screen><userinput>mysql> quit</userinput></screen></para>
<para>The command to populate the database is described later in the
documentation, in the Section entitled <link
linkend="compute-db-sync">Configuring the Database for Compute</link>.
</para>
<note><title>Securing MySQL</title>
<para>
Additional steps are required to configure MySQL for production mode.
In particular, anonymous accounts should be removed. On several distributions,
these accounts can be removed by running the following script
after installing mysql:
<command>/usr/bin/mysql_secure_installation</command>
</para>
</note>
</section>
View Git Blame Copy Permalink