Goodday, OpenStack DBaaS users/contributors. I'd like to start topic related to network access to Trove instances. Basicaly this topic related to security groups inside which are provisioned inside Trove. Not so long ago, Trove began support Redis DB, supported core API and extensions mentioned at [1]. And while provisioning Trove creates Nova security group with only one rule in it:
| TCP | 3306 | 3306 | 0.0.0.0/0 | As you can see this is not acceptable for Redis, since it doesn't listen income connections at port 3306, examples of Redis Server configuration can be seen at [2]. Same schame is not acceptable for any other integrated databases. I'd like to suggest next way to resolve this issue. Since each instance comes with it's own datastore version, which has attribute - datastore manager (this attribute is very significant to whole process of provisioning), it allows to define several Oslo config groups [3] per datastore. Example of Oslo OptGroup for MySQL datastore mysql_group = cfg.OptGroup('mysql', title='MySQL options') mysql_opts = [ cfg.ListOpt('tcp_ports', default=["3306"], help='List of single ports and port ranges, ' 'format: ["A", "A-B"]'), cfg.ListOpt('upd_ports', default=[], help='List of single ports and port ranges, ' 'format: ["A", "A-B"]'), ] As you can see, mysql_opts contain two options (type: list): tcp_ports, upd_ports. This values defining a list of ports or port ranges per transport protocol (tcp, udp). Suggested format for configuration file: tcp_ports = A, B, C-D, E (same for upd ports and ranges) You can see proposed implementation here [4]. [1] https://wiki.openstack.org/wiki/Trove/DatastoreCompatibilityMatrix [2] http://redis.io/topics/config [3] https://wiki.openstack.org/wiki/Oslo/Config [4] https://review.openstack.org/#/c/50944/ <https://review.openstack.org/#/c/50944/> Best regards, Denis Makogon Mirantis, Inc. Kharkov, Ukraine www.mirantis.com www.mirantis.ru dmako...@mirantis.com
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev