Red Hat Summit2.2. Install the Database Server
Each OpenStack component requires a running MariaDB database service. You must deploy the database service before deploying a full Red Hat OpenStack Platform environment or installing any single OpenStack component.
2.2.1. Install the MariaDB Database Packages
Copy linkLink copied to clipboard!
The following packages are required by the MariaDB database service:
- mariadb-galera-server
- Provides the MariaDB database service.
- mariadb-galera-common
- Provides the MariaDB service shared files. This package is installed as a dependency of the mariadb-galera-server package.
- galera
- Installs the Galera wsrep (Write Set REPlication) provider. This package is installed as a dependency of the mariadb-galera-server package.
Install the packages:
yum install mariadb-galera-server
# yum install mariadb-galera-server2.2.2. Configure the Firewall to Allow Database Traffic
Copy linkLink copied to clipboard!
All components in the OpenStack environment use the database server, and must be able to access it. The firewall on the server hosting the database service must be configured to allow network traffic on the required port. All steps in this procedure must be performed on the server hosting the database service, while logged in as the
root user.
Procedure 2.3. Configuring the Firewall to Allow Database Traffic
- Open the
/etc/sysconfig/iptablesfile in a text editor. - Add an INPUT rule allowing TCP traffic on port
3306to the file. The new rule must appear before any INPUT rules that REJECT traffic:-A INPUT -p tcp -m multiport --dports 3306 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306 -j ACCEPTCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Save the changes to the
/etc/sysconfig/iptablesfile. - Restart the
iptablesservice to ensure that the change takes effect:systemctl restart iptables.service
# systemctl restart iptables.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow
2.2.3. Start the Database Service
Copy linkLink copied to clipboard!
All steps in this procedure must be performed on the server hosting the database service, while logged in as the
root user.
Procedure 2.4. Starting the Database Service
- Start the
mariadbservice:systemctl start mariadb.service
# systemctl start mariadb.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Configure the
mariadbservice to start at boot time:systemctl enable mariadb.service
# systemctl enable mariadb.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow
2.2.4. Configure the Database Administrator Account
Copy linkLink copied to clipboard!
By default, MariaDB creates a database user account named
root that provides access to the MariaDB service from the machine on which the MariaDB service was installed. You must set a password for this account to secure access to the server hosting the MariaDB service. You must also enable access to the MariaDB service from machines other than the machine on which the MariaDB server is installed. It is also recommended that you remove the anonymous user and test database that are created during installation.
Procedure 2.5. Configuring the Database Administrator Account
- Log in to the machine on which the MariaDB service is installed.
- Use the
mysql_secure_installationto set therootpassword, allow remote root login, and remove the anonymous user account and test database:mysql_secure_installation
# mysql_secure_installationCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Note
Change the password of a database user, if required. In the following example, replace OLDPASS with the existing password of the user and NEWPASS with a new password, leaving no space between
-p and the old password:
mysqladmin -u root -pOLDPASS password NEWPASS
# mysqladmin -u root -pOLDPASS password NEWPASS2.2.5. Test Connectivity
Copy linkLink copied to clipboard!
To ensure that a database user account has been correctly configured, test the connectivity of that user account with the MariaDB database service from the machine on which the MariaDB service is installed (local connectivity), and from a machine other than the machine on which the MariaDB service is installed (remote connectivity).
2.2.5.1. Test Local Connectivity
Copy linkLink copied to clipboard!
Test whether you can connect to the server hosting the database service from the machine on which the MariaDB service is installed.
Procedure 2.6. Testing Local Connectivity
- Connect to the database service, replacing
USERwith the user name with which to connect:mysql -u USER -p
# mysql -u USER -pCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Enter the password of the database user when prompted.
Enter password:
Enter password:Copy to Clipboard Copied! Toggle word wrap Toggle overflow
If the permissions for the database user are correctly configured, the connection succeeds and the MariaDB welcome screen and prompt are displayed. If the permissions for the database user are not correctly configured, an error message is displayed that explains that the database user is not allowed to connect to the database service.
2.2.5.2. Test Remote Connectivity
Copy linkLink copied to clipboard!
Test whether you can connect to the database service from a machine other than the machine on which the MariaDB service is installed.
Procedure 2.7. Testing Remote Connectivity
- Install the MySQL client tools:
yum install mysql
# yum install mysqlCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Connect to the database service, replacing USER with the database user name and HOST with the IP address or host name of the server hosting the database service:
mysql -u USER -h HOST -p
# mysql -u USER -h HOST -pCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Enter the password of the database user when prompted:
Enter password:
Enter password:Copy to Clipboard Copied! Toggle word wrap Toggle overflow
If the permissions for the database user are correctly configured, the connection succeeds and the MariaDB welcome screen and prompt are displayed. If the permissions for the database user are not correctly configured, an error message is displayed that explains that the database user is not allowed to connect to the database service.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}