Configuring MariaDB
HCL Detect requires a relational database to store configuration as well as runtime data used by the applications as it runs.
Currently, the only supported database is MariaDB.
Installing MariaDB
If you need to have it installed prior to installing HCL Detect, please
refer to MariaDB's online
installation instructions to become acquainted with both the installation
and configuration process. The actual installation is done via
apt-get
or yum
, depending on whether you are
installing it on Ubuntu or RedHat.
MariaDB is executed as a service on both Ubuntu as well as on RedHat and its behavior
is controlled by a configuration file (usually located in
/etc/my.cnf.d/server.cnf
on RedHat or
/etc/mysql/my.cnf
on Ubuntu). In this file, specifically in the
mysqld
section of the configuration, the following entry
must be commented out or removed:
bind-address = 127.0.0.1
This change will ensure that other hosts in the cluster can interact with the MariaDB server.
If the version for the MariaDB server is older than 10.3.1, the InnoDB engine must also be appropriately configured with the following settings in the [mysqld] section:
innodb_file_format=Barracuda
innodb_file_per_table=ON
innodb_large_prefix=ON
The configuration modifications only become active after a server restart, which requires restarting the specific operating system service as follows. On RedHat:
$ sudo systemctl restart mariadb
And on Ubuntu:
$ sudo systemctl restart mysql
Finally, ensure that the MariaDB server is automatically started at boot time by
appropriately configuring init
, systemd
,
cron
or whatever mechanism is in place for automating the
startup of services.
Securing MariaDB
Once the installation is performed, it's also recommended that MariaDB's installation and configuration be hardened:
$ sudo mysql_secure_installation
The simplest way to make the MariaDB server (mysqld
) available to
HCL
Detect is to install it on
the same host where HCL
Detect is going to be
placed. It is also necessary to ensure that the server is using its default port
(3306):
$ netstat -lptn | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 11430/mysqld
Note that placing the MariaDB server on another host as well as using a different port number can be done, but both of these options require additional configuration.
Populating the MariaDB timezone tables
Several tables in the MariaDB system database exist to store time zone information.
The MariaDB installation procedure creates the time zone tables, but does not load them.
To do so manually, as root
run the following command (MariaDB's
root
password will be requested):
$ mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql -D mysql
There will be one or two warnings similar to:
Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
which you can ignore.
Loading the time zone information is not necessarily a one-time operation because the information changes occasionally.
When such changes occur, applications that use the old rules become out of date and you may find it necessary to reload the time zone tables (using the instructions above) to keep the information used by the MariaDB server current. Please refer to the MariaDB documentation for more information.
Setting up a MariaDB user
Once MariaDB is properly installed, it must be configured with a user and password to
be used by HCL Detect when establishing connections with the database
server. By default, both the user and password are set to
drive
.
To create a MariaDB user called drive
with the password
drive
, start MariaDB's interactive shell using MariaDB's
root
user:
$ mysql -u root -p
And issue the following command:
MariaDB [(none)]> CREATE USER '<user>'@'%' IDENTIFIED BY '<password>';
Replacing <user>
and <password>
, with
drive
, specifically:
MariaDB [(none)]> CREATE USER 'drive'@'%' IDENTIFIED BY 'drive';
Once the user is created, it must be given privileges to create the HCL Drive databases:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON `drive_%` . * TO 'drive'@'%';
MariaDB [(none)]> FLUSH PRIVILEGES;
You can now close the MariaDB interactive shell by pressing CTRL-D (the
Control
and the D
key, together) or by using
the exit
command.
At this point you should be able to login to MariaDB using the user
drive
and authenticate using the initial, default, password you
just configured:
$ mysql -u drive -p
If the new user has been properly configured, you will once again be greeted by the MariaDB interactive shell:
$ mysql -u drive -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 39
...
MariaDB [(none)]>
Using a non-default MariaDB configuration
The use of MariaDB on a different host as well as the use of a different user name
and/or password requires updating the HCL Detect configuration file
HCL/etc/drive.json
.
This JSON file can be edited using a regular text editor.
To change the password used by the HCL Detect database server user, it's necessary to first encrypt the new password so it's not stored in clear text in the configuration file. HCL Detect includes a tool that can be used to perform this operation:
$ $HCL_HOME/bin/password_encryptor -p <new_password>
Once you have the newly encrypted password, modify the
drive|database|{userName,userPassword}
, and, if necessary, the
solution|database|{userName,userPassword}
entries in the
configuration file with the new password as well as a new user name.
As mentioned, some HCL Detect installations have optional features (i.e., a solution) that also make use of a relational database.
Note that the configuration file is nested, so the notation used in the prior
sentence means, e.g., the entry userName
as well as the entry
userPassword
are under the entry database
,
which is under the solution
entry.
Note that if you are changing one or both of these settings, MariaDB itself must be updated with this new user/password information.
To change the host and port the MariaDB server uses, locate and update one or more of
the following entries: drive|database|address
and, if necessary,
the solution|database|{userName,userPassword}
. The address is a
tuple with the following format: hostname:port
, e.g.,
foo.HCL.com:3306
.