MySQL Router Charm

The documented miniumum grants for bootstrap are insufficient

Bug #1861234 reported by David Ames
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Charm Helpers
Fix Released
Critical
David Ames
MySQL InnoDB Cluster Charm
Fix Released
Critical
David Ames
MySQL Router Charm
Invalid
Undecided
Unassigned

Bug Description

The documented [0] minimum grants for bootstrap are insufficient

GRANT CREATE USER ON *.* TO 'bootstrapuser'@'%' WITH GRANT OPTION;
GRANT SELECT, INSERT, UPDATE, DELETE ON mysql_innodb_cluster_metadata.* TO 'bootstrapuser'@'%';
GRANT SELECT ON mysql.user TO 'bootstrapuser'@'%';
GRANT SELECT ON performance_schema.replication_group_members TO 'bootstrapuser'@'%';
GRANT SELECT ON performance_schema.replication_group_member_stats TO 'bootstrapuser'@'%';

Leads to the following error during bootstrap:

# Bootstrapping MySQL Router instance at '/var/lib/mysql/mysqlrouter'...

- Creating account(s) (only those that are needed, if any)
Error: Error creating MySQL account for router (GRANTs stage): Error executing MySQL query "GRANT SELECT, EXECUTE ON mysql_innodb_cluster_metadata.* TO 'mysql_router1_q6s4xhiu9ija'@'%'": Access denied for user 'bootstrapuser'@'10.5.0.18' to database 'mysql_innodb_cluster_metadata' (1044)

Since 8.0.19. This worked with 8.0.18.

[0] https://dev.mysql.com/doc/mysql-router/8.0/en/mysqlrouter.html#option_mysqlrouter_bootstrap

TRIAGE: Determine the missing grants

See original description
David Ames (thedac)
description: updated
description: updated
Revision history for this message
David Ames (thedac) wrote :

The missing grant is EXECUTE on mysql_innodb_cluster_metadata

The line should be:
GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE ON mysql_innodb_cluster_metadata.* TO 'mysqlrouteruser'@'10.5.0.23';

This is updated in charm helpers.

Changed in charm-helpers:
status: New → Triaged
importance: Undecided → Critical
assignee: nobody → David Ames (thedac)
Changed in charm-mysql-innodb-cluster:
status: New → Invalid
Changed in charm-mysql-router:
status: New → Invalid
David Ames (thedac)
Changed in charm-mysql-innodb-cluster:
status: Invalid → Triaged
importance: Undecided → Critical
assignee: nobody → David Ames (thedac)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-mysql-innodb-cluster (master)

Fix proposed to branch: master
Review: https://review.opendev.org/704715

Changed in charm-mysql-innodb-cluster:
status: Triaged → In Progress
Revision history for this message
David Ames (thedac) wrote :

Charm helpers PR: https://github.com/juju/charm-helpers/pull/424

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-mysql-innodb-cluster (master)

Reviewed: https://review.opendev.org/704715
Committed: https://git.openstack.org/cgit/openstack/charm-mysql-innodb-cluster/commit/?id=40e41ad1528880937402014dd099ad5fe31d2f9d
Submitter: Zuul
Branch: master

commit 40e41ad1528880937402014dd099ad5fe31d2f9d
Author: David Ames <email address hidden>
Date: Tue Jan 28 16:15:19 2020 -0800

    Rebuild and cleanup

    Rebiuld for charmhelpers.
    Remove wheelhouse overrides in tox.

    Please review and land charm-helpers:
    https://github.com/juju/charm-helpers/pull/424

    Change-Id: I7faf3abc19564d715adb99ea0962c013751cef04
    Partial-Bug: #1861234

David Ames (thedac)
Changed in charm-helpers:
status: Triaged → Fix Committed
Changed in charm-mysql-innodb-cluster:
status: In Progress → Fix Committed
David Ames (thedac)
Changed in charm-helpers:
status: Fix Committed → Fix Released
Changed in charm-mysql-innodb-cluster:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.