Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-20769

Creation and management of DB users not tied to a MariaDBDatabase CR

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • rhos-18.0.10 FR 3
    • mariadb-operator
    • None
    • Improve management and lifecycle of system database users
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • Proposed
    • Proposed
    • To Do
    • RHOSSTRAT-1047 - Password rotation for system level database users
    • Proposed
    • rhos-ops-platform-services-pidone
    • Proposed
    • 0% To Do, 100% In Progress, 0% Done

      Goal:

      • Provide a means to declare CR objects for system users like root or clustercheck, that don't have any associated database in mariadb.
      • Lifecycle management: define a password rotation mechanism for those CR objects, that doesn't cause service disruption.
      • Allow those system object to be used as credentials for database healthcheck.  

      Acceptance Criteria:

      • current healthcheck scripts modified to rely on system user CRs.
      • password rotation mechanism testable in chainsaw unit tests.
      • new mechanism used by default in deployment of controlplane CR.

      Open questions:

      • Which component creates the system CR objects.
      • Switching to system CR objects after a minor update. 

              rhn-engineering-mbayer Michael Bayer
              rhn-engineering-dciabrin Damien Ciabrini
              rhos-dfg-pidone
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: