Why OpenStack Needs a Database??
The database stores configuration information. this is a prerequisite for installing services on the Controller nodes as it stores configuration information. Each OpenStack component needs a stateful area to store runtime configuration data and most Openstack Deployments use a MariaDB database as the data store. OpenStack Platform supports any database supported in SQLAlchemy, which is a Python SQL toolkit and object-relational mapper that gives application developers the full power and flexibility of SQL.
You must deploy the database service before deploying a full Red Hat OpenStack Platform environment or installing any OpenStack component.
MariaDB Installation.
1- The first thing you need to do is install the packages required for MariaDB and the Python drivers. This is done using the yum command shown and is usually performed on the Controller nodes.
2- After installing the packages, you need to configure MariaDB on the Controller node. Start by backing up the current database configuration files.
# cp /etc/my.cnf /etc/my.cnf.orig
3- Then edit the database configuration.
To enable access by other nodes via management network, in [mysqld] section of /etc/my.cnf, set bind-address key to the management IP address of Controller:
[mysqld]
..
bind-address = <Management IP address of Controller node>
To enable options and UTF-8 character set, in [mysqld] section, set the following keys:
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
Add the [mysqld_safe] section is the recommended way to start a mysqld server on Linux. It adds safety features such as restarting a server when an error occurs and logging runtime information to the error log file.
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
!includedir /etc/my.cnf.d.
Finally, enable and start the database
# systemctl enable mariadb.service
# systemctl start mariadb.service
In some cases, you need to access the database directly using MySQL commands. Be careful when you do this. Any mistake can damage your environment.
Database Security
Use the mysql_secure_installation utility to secure the database service, which includes choosing a suitable password for the root account. You are presented with questions about how to secure the database and information that explains in detail how each answer affects database security.
After securing the database, configure iptables to allow access to the database. To do that, add the rule shown to iptables.
