Configuring MariaDB

Installing MariaDB

If you need to have it installed prior to installing HCL Detect, please refer to MariaDB's online installation instructions to become acquainted with both the installation and configuration process. The actual installation is done via apt-get or yum, depending on whether you are installing it on Ubuntu or RedHat.

MariaDB is executed as a service on both Ubuntu as well as on RedHat and its behavior is controlled by a configuration file (usually located in /etc/my.cnf.d/server.cnf on RedHat or /etc/mysql/my.cnf on Ubuntu). In this file, specifically in the mysqld section of the configuration, the following entry must be commented out or removed:

bind-address = 127.0.0.1

This change will ensure that other hosts in the cluster can interact with the MariaDB server.

If the version for the MariaDB server is older than 10.3.1, the InnoDB engine must also be appropriately configured with the following settings in the [mysqld] section:

innodb_file_format=Barracuda
innodb_file_per_table=ON
innodb_large_prefix=ON

The configuration modifications only become active after a server restart, which requires restarting the specific operating system service as follows. On RedHat:

$ sudo systemctl restart mariadb

And on Ubuntu:

$ sudo systemctl restart mysql

Finally, ensure that the MariaDB server is automatically started at boot time by appropriately configuring init, systemd, cron or whatever mechanism is in place for automating the startup of services.

Securing MariaDB

Once the installation is performed, it's also recommended that MariaDB's installation and configuration be hardened:

$ sudo mysql_secure_installation

The simplest way to make the MariaDB server (mysqld) available to HCL Detect is to install it on the same host where HCL Detect is going to be placed. It is also necessary to ensure that the server is using its default port (3306):

$ netstat -lptn | grep 3306
tcp   0   0 0.0.0.0:3306   0.0.0.0:*   LISTEN   11430/mysqld

Note that placing the MariaDB server on another host as well as using a different port number can be done, but both of these options require additional configuration.

Populating the MariaDB timezone tables

Several tables in the MariaDB system database exist to store time zone information.

The MariaDB installation procedure creates the time zone tables, but does not load them.

To do so manually, as root run the following command (MariaDB's root password will be requested):

$ mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql -D mysql

There will be one or two warnings similar to:

Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.

which you can ignore.

When such changes occur, applications that use the old rules become out of date and you may find it necessary to reload the time zone tables (using the instructions above) to keep the information used by the MariaDB server current. Please refer to the MariaDB documentation for more information.

Setting up a MariaDB user

Once MariaDB is properly installed, it must be configured with a user and password to be used by HCL Detect when establishing connections with the database server. By default, both the user and password are set to drive.

To create a MariaDB user called drive with the password drive, start MariaDB's interactive shell using MariaDB's root user:

$ mysql -u root -p

And issue the following command:

MariaDB [(none)]> CREATE USER '<user>'@'%' IDENTIFIED BY '<password>';

Replacing <user> and <password>, with drive, specifically:

MariaDB [(none)]> CREATE USER 'drive'@'%' IDENTIFIED BY 'drive';

Once the user is created, it must be given privileges to create the HCL Drive databases:

MariaDB [(none)]> GRANT ALL PRIVILEGES ON `drive_%` . * TO 'drive'@'%';
MariaDB [(none)]> FLUSH PRIVILEGES;

You can now close the MariaDB interactive shell by pressing CTRL-D (the Control and the D key, together) or by using the exit command.

At this point you should be able to login to MariaDB using the user drive and authenticate using the initial, default, password you just configured:

$ mysql -u drive -p

If the new user has been properly configured, you will once again be greeted by the MariaDB interactive shell:

$ mysql -u drive -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 39
...
MariaDB [(none)]>

Using a non-default MariaDB configuration

The use of MariaDB on a different host as well as the use of a different user name and/or password requires updating the HCL Detect configuration file HCL/etc/drive.json.

This JSON file can be edited using a regular text editor.

To change the password used by the HCL Detect database server user, it's necessary to first encrypt the new password so it's not stored in clear text in the configuration file. HCL Detect includes a tool that can be used to perform this operation:

$ $HCL_HOME/bin/password_encryptor -p <new_password>

Once you have the newly encrypted password, modify the drive|database|{userName,userPassword}, and, if necessary, the solution|database|{userName,userPassword} entries in the configuration file with the new password as well as a new user name.

As mentioned, some HCL Detect installations have optional features (i.e., a solution) that also make use of a relational database.

Note that the configuration file is nested, so the notation used in the prior sentence means, e.g., the entry userName as well as the entry userPassword are under the entry database, which is under the solution entry.

Note that if you are changing one or both of these settings, MariaDB itself must be updated with this new user/password information.

To change the host and port the MariaDB server uses, locate and update one or more of the following entries: drive|database|address and, if necessary, the solution|database|{userName,userPassword}. The address is a tuple with the following format: hostname:port, e.g., foo.HCL.com:3306.