mirror of
https://github.com/apache/cloudstack.git
synced 2025-12-19 20:14:06 +01:00
188 lines
6.9 KiB
XML
188 lines
6.9 KiB
XML
<?xml version='1.0' encoding='utf-8' ?>
|
|
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
|
<!ENTITY % BOOK_ENTITIES SYSTEM "Release_Notes.ent">
|
|
%BOOK_ENTITIES;
|
|
]>
|
|
<section id="management-server-install-db-external" lang="en-US">
|
|
<!-- Licensed to the Apache Software Foundation (ASF) under one
|
|
or more contributor license agreements. See the NOTICE file
|
|
distributed with this work for additional information
|
|
regarding copyright ownership. The ASF licenses this file
|
|
to you under the Apache License, Version 2.0 (the
|
|
"License"); you may not use this file except in compliance
|
|
with the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing,
|
|
software distributed under the License is distributed on an
|
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
KIND, either express or implied. See the License for the
|
|
specific language governing permissions and limitations
|
|
under the License.
|
|
--> <title>Install the Database on a Separate Node</title>
|
|
<para>
|
|
This section describes how to install MySQL on a standalone machine, separate from the Management Server. This technique is intended for a deployment that includes several Management Server nodes. If you have a single-node Management Server deployment, you will typically use the same node for MySQL. See <xref linkend="management-server-install-db-local" />.
|
|
</para>
|
|
<note>
|
|
<para>
|
|
The management server doesn't require a specific distribution for the MySQL node. You can use a distribution or Operating System of your choice. Using the same distribution as the management server is recommended, but not required. See <xref linkend="management-server-system-requirements" />.
|
|
</para>
|
|
|
|
</note>
|
|
<orderedlist>
|
|
<listitem>
|
|
<para>
|
|
Install MySQL from the package repository from your distribution:
|
|
</para>
|
|
<para condition="community">
|
|
On RHEL or CentOS:
|
|
</para>
|
|
|
|
<programlisting language="Bash">yum install mysql-server</programlisting>
|
|
<para condition="community">
|
|
On Ubuntu:
|
|
</para>
|
|
|
|
<programlisting language="Bash">apt-get install mysql-server</programlisting>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and insert the following lines in the [mysqld] section. You can put these lines below the datadir line. The max_connections parameter should be set to 350 multiplied by the number of Management Servers you are deploying. This example assumes two Management Servers.
|
|
</para>
|
|
<note>
|
|
<para>
|
|
On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file.
|
|
</para>
|
|
|
|
</note>
|
|
|
|
<programlisting language="Bash">innodb_rollback_on_timeout=1
|
|
innodb_lock_wait_timeout=600
|
|
max_connections=700
|
|
log-bin=mysql-bin
|
|
binlog-format = 'ROW'
|
|
bind-address = 0.0.0.0</programlisting>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
Start or restart MySQL to put the new configuration into effect.
|
|
</para>
|
|
<para>
|
|
On RHEL/CentOS, MySQL doesn't automatically start after installation. Start it manually.
|
|
</para>
|
|
|
|
<programlisting language="Bash">service mysqld start</programlisting>
|
|
<para>
|
|
On Ubuntu, restart MySQL.
|
|
</para>
|
|
|
|
<programlisting language="Bash">service mysqld restart</programlisting>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
(CentOS and RHEL only; not required on Ubuntu)
|
|
</para>
|
|
<warning>
|
|
<para>
|
|
On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly recommended that you set a root password as a security precaution.
|
|
</para>
|
|
|
|
</warning>
|
|
<para>
|
|
Run the following command to secure your installation. You can answer "Y" to all questions except "Disallow root login remotely?". Remote root login is required to set up the databases.
|
|
</para>
|
|
|
|
<programlisting language="Bash">mysql_secure_installation</programlisting>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
If a firewall is present on the system, open TCP port 3306 so external MySQL connections can be established.
|
|
</para>
|
|
<para>
|
|
On Ubuntu, UFW is the default firewall. Open the port with this command:
|
|
</para>
|
|
|
|
<programlisting language="Bash">ufw allow mysql</programlisting>
|
|
<para>
|
|
On RHEL/CentOS:
|
|
</para>
|
|
<orderedlist numeration="loweralpha">
|
|
<listitem>
|
|
<para>
|
|
Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.
|
|
</para>
|
|
|
|
<programlisting language="Bash">-A INPUT -p tcp --dport 3306 -j ACCEPT</programlisting>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
Now reload the iptables rules.
|
|
</para>
|
|
|
|
<programlisting language="Bash">service iptables restart</programlisting>
|
|
|
|
</listitem>
|
|
|
|
</orderedlist>
|
|
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
Return to the root shell on your first Management Server.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
Set up the database. The following command creates the cloud user on the database.
|
|
</para>
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
(Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
(Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
(Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@<ip address mysql server> \
|
|
--deploy-as=root:<password> \
|
|
-e <encryption_type> \
|
|
-m <management_server_key> \
|
|
-k <database_key></programlisting>
|
|
<para>
|
|
When this script is finished, you should see a message like “Successfully initialized the database.”
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
</orderedlist>
|
|
</section>
|
|
|
|
|