cf-charmers team mailing list archive

Thread
Date
Re: cf-mysql-broker charm

To: Manuel Garcia <manuel.garcia@xxxxxxxxxxx>
From: Kapil Thangavelu <kapil.thangavelu@xxxxxxxxxxxxx>
Date: Wed, 21 May 2014 10:57:28 -0400
Cc: "cf-charmers@xxxxxxxxxxxxxxxxxxx" <cf-charmers@xxxxxxxxxxxxxxxxxxx>, Prismakov Alexander <alexander.prismakov@xxxxxxxxxxx>, "kirkland@xxxxxxxxxxxxx" <kirkland@xxxxxxxxxxxxx>
In-reply-to: <BB1F8416-6909-4344-9A56-12DFE7770274@altoros.com>
On Tue, May 20, 2014 at 9:04 AM, Manuel Garcia <manuel.garcia@xxxxxxxxxxx>wrote:

> Hi guys,
>
> I don’t know why but I am not receiving emails to my gmail account
> registered in the list :(
>

afaics your subscribed to the mailing list, you can verify your deliver
options here
https://launchpad.net/~mgarciap/+editemails

also i noticed there's a separate google group
cf-juju-charms@xxxxxxxxxxxxxxxx floating around although it appears to be
private.


cheers,
Kapil



>
> Really cool what Alex found. I hope we don’t need any additional step as I
> would initially expected.
>
> Inline..
> On May 20, 2014, at 9:37 AM, Prismakov Alexander <
> alexander.prismakov@xxxxxxxxxxx> wrote:
>
>  + Manuel, Dustin
> I have found that we may use db-admin relation instead of db. Rewriting
> the mysql broker charm with it.
>
>
>  On May 20, 2014, at 12:29, Alexander Prismakov <
> alexander.prismakov@xxxxxxxxxxx> wrote:
>
>  Hi guys,
>
> I've committed 1st release of cf-mysql-broker charm to launchpad.
>
> This release requires some additional steps after deployment so we need
> discuss how to make it more smart.
>
> Now the broker charm assumes using regular mysql charm. But we have an
> issue here:
> Regular mysql charm provides database and credentials of a user. The user
> have privileges limited to the database.
> But cf-mysql-brokers require a user with more privileges (it creates
> databases).
>
> So currently after settings all relations we need login to mysql instance:
> juju ssh mysql/0
> then login to mysql server:
> mysql -u root -p`sudo cat /var/lib/mysql/mysql.passwd`
>
> find created user and password hash:
> SELECT User, password FROM mysql.user;
> select values of user like 'imooseixohchaeb'
> and perform statements:
> GRANT ALL ON *.* TO 'imooseixohchaeb'@'%' IDENTIFIED BY PASSWORD
> '*21FBF884D237569FF447B75E7C18E2AEE6F24AEC' WITH GRANT OPTION;
> FLUSH PRIVILEGES;
>
> Then we need restart cf-mysql-broker.
> So go to the broker instance:
> juju ssh broker/0
> and restart broker daemon:
> sudo restart cf-mysql-broker
>
>
> Please change the name ‘broker’ to explicit ‘mysql-service-broker'
>
>
> Now we have two different escenarios: CF admin user and developers
> With any new CF managed service available, the CF administrator have to
> register it in order to make it available for developers.
>
>
> At this point mysql broker ALMOST ready for use in CF.
>
> For real use in an application we need perform commands using CF CLI.
> Register the broker in CF:
> cf api http://api.{router-ip-address}.xip.io
> cf login -u admin -p admin
> cf create-space my-space
> cf target -o myorg -s myspace.
>
> At this point you don’t need any org nor space, it does not matter.
>
>  cf create-service-broker mysql cc secret http://{broker-ip-adress}.xip.io
> Make service plan "public" (cf cli hasn't command for it):
>
> cf curl /v2/service_plans -X 'GET'
> in output select plan's GUID to use it in second command:
> cf curl /v2/service_plans/46baa0cf-ab7d-4f41-bbe7-0199c42b97d7 -X 'PUT' -d
> '{"public":true}'
>
> Sadly this is require to make it visible in every space/org
>
>
> Now we use the developer hat. This has nothing to do with the bundle nor
> specific CF configuration. This is plain usage of a service in CF.
> http://docs.cloudfoundry.org/devguide/services/adding-a-service.html
>
> The only thing we can do here is to add ‘example’ steps to the Charm
> documentation
>
> Then finally we need create the service:
> cf create-service p-mysql-local 5mb mysql
> To provide the service to an application we need push the app:
>
> cf push example-application
>
>  bind service to it:
> cf bind-service example-application mysql
> then push the application again:
> cf push example-application
>
>
> As you see now it requires many steps before we get service available for
> an application in CF.
>
> We have several options here:
>
> 1. To avoid logging to mysql instance we may modify regular mysql charm
> (to provide user with all needed privileges). Cons - we need maintain one
> more charm - “cf-mysql" (or a patch for regular charm).
>
> No, lets try never. I hope the db-admin relation helps
>
>  2. Automate all needed steps by a script which may be used AFTER
> deployment of CF bundle.
>
> Only the managed service registration
>
>  3. Perform all needed steps from the broker charm (requires using
> modified mysql charm).
>
>  Please share your thought about using the broker charm.
>
>  -Alexander Prismakov | Altoros
>
>  PS:
> The broker charm TODOs:
> - implement quota enforcer
> - start the broker as vcap user
>
>
>
> As far as we see, the MySQL Service Broker will have the following
> relationships:
> - Nats (required by broker.
> https://github.com/cloudfoundry/cf-mysql-broker/blob/master/config/settings.yml#L11
> )
> - Router: to get system domain (
> https://github.com/cloudfoundry/cf-mysql-broker/blob/master/config/settings.yml#L13
> )
> - MySQL charm
> - UAA: we need username and password of the CF admin user in order to
> register the service broker into CF (cf login *-u admin -p admin* && cf
> create-service-broker mysql cc secret http://{broker-ip-adress}.xip.io)
>
> Canonical guys, if you foresee any issue or anything we might not be
> seeing (such as the db-admin relation) please let us know.
>
> Thank you,
> Manuel
>
>
>