snippetsqlMinor
How to easily bring 80 MySQL users into ProxySQL?
Viewed 0 times
bringintoproxysqlmysqlhowuserseasily
Problem
I am setting up ProxySQL in front of a Percona MySQL server with 88 user accounts. I don't even know most of their passwords. Passwords are stored in MySQL as hashes but are stored in ProxySQL in plain text. How can I easily bring in all 88 accounts into ProxySQL at once? Or is there a pass-through authentication switch I can turn on?
Solution
Since you're using ProxySQL with Percona, there's a nifty tool made by the good people at Percona that does exactly what you're looking for (sync's mysql users to proxysql).
If you install ProxySQL using the Percona RPM, it comes with a nifty script that helps with managing your ProxySQL instance called "proxysql-admin". That script has the option to "--syncusers". Here's an excerpt of the help info for the script:
Notice the "--syncusers" option down there at the bottom. That's what you're looking for, yes? ... and it's made and distributed by Percona. :)
Hope this helps!
If you install ProxySQL using the Percona RPM, it comes with a nifty script that helps with managing your ProxySQL instance called "proxysql-admin". That script has the option to "--syncusers". Here's an excerpt of the help info for the script:
[root@localhost ~]# /usr/bin/proxysql-admin
Usage: [ options ]
Options:
--config-file= Read login credentials from a configuration file (overrides any login credentials specified on the command line)
--quick-demo Setup a quick demo with no authentication
--proxysql-datadir= Specify proxysql data directory location
--proxysql-username=user_name Username for connecting to the ProxySQL service
--proxysql-password[=password] Password for connecting to the ProxySQL service
--proxysql-port=port_num Port Nr. for connecting to the ProxySQL service
--proxysql-hostname=host_name Hostname for connecting to the ProxySQL service
--cluster-username=user_name Username for connecting to the Percona XtraDB Cluster node
--cluster-password[=password] Password for connecting to the Percona XtraDB Cluster node
--cluster-port=port_num Port Nr. for connecting to the Percona XtraDB Cluster node
--cluster-hostname=host_name Hostname for connecting to the Percona XtraDB Cluster node
--cluster-app-username=user_name Application username for connecting to the Percona XtraDB Cluster node
--cluster-app-password[=password] Application password for connecting to the Percona XtraDB Cluster node
--without-cluster-app-user Configure Percona XtraDB Cluster without application user
--monitor-username=user_name Username for monitoring Percona XtraDB Cluster nodes through ProxySQL
--monitor-password[=password] Password for monitoring Percona XtraDB Cluster nodes through ProxySQL
--without-check-monitor-user Configure ProxySQL without checking/attempting to create monitor user
--enable, -e Auto-configure Percona XtraDB Cluster nodes into ProxySQL
--disable, -d Remove any Percona XtraDB Cluster configurations from ProxySQL
--node-check-interval=3000 Interval for monitoring node checker script (in milliseconds)
--mode=[loadbal|singlewrite] ProxySQL read/write configuration mode, currently supporting: 'loadbal' and 'singlewrite' (the default) modes
--write-node=host_name:port Writer node to accept write statments. This option is supported only when using --mode=singlewrite
Can accept comma delimited list with the first listed being the highest priority.
--include-slaves=host_name:port Add specified slave node(s) to ProxySQL, these nodes will go into the reader hostgroup and will only be put into
the writer hostgroup if all cluster nodes are down. Slaves must be read only. Can accept comma delimited list.
If this is used make sure 'read_only=1' is in the slave's my.cnf
--adduser Adds the Percona XtraDB Cluster application user to the ProxySQL database
--syncusers Sync user accounts currently configured in MySQL to ProxySQL (deletes ProxySQL users not in MySQL)
--version, -v Print version info
[root@localhost ~]#Notice the "--syncusers" option down there at the bottom. That's what you're looking for, yes? ... and it's made and distributed by Percona. :)
Hope this helps!
Code Snippets
[root@localhost ~]# /usr/bin/proxysql-admin
Usage: [ options ]
Options:
--config-file=<config-file> Read login credentials from a configuration file (overrides any login credentials specified on the command line)
--quick-demo Setup a quick demo with no authentication
--proxysql-datadir=<datadir> Specify proxysql data directory location
--proxysql-username=user_name Username for connecting to the ProxySQL service
--proxysql-password[=password] Password for connecting to the ProxySQL service
--proxysql-port=port_num Port Nr. for connecting to the ProxySQL service
--proxysql-hostname=host_name Hostname for connecting to the ProxySQL service
--cluster-username=user_name Username for connecting to the Percona XtraDB Cluster node
--cluster-password[=password] Password for connecting to the Percona XtraDB Cluster node
--cluster-port=port_num Port Nr. for connecting to the Percona XtraDB Cluster node
--cluster-hostname=host_name Hostname for connecting to the Percona XtraDB Cluster node
--cluster-app-username=user_name Application username for connecting to the Percona XtraDB Cluster node
--cluster-app-password[=password] Application password for connecting to the Percona XtraDB Cluster node
--without-cluster-app-user Configure Percona XtraDB Cluster without application user
--monitor-username=user_name Username for monitoring Percona XtraDB Cluster nodes through ProxySQL
--monitor-password[=password] Password for monitoring Percona XtraDB Cluster nodes through ProxySQL
--without-check-monitor-user Configure ProxySQL without checking/attempting to create monitor user
--enable, -e Auto-configure Percona XtraDB Cluster nodes into ProxySQL
--disable, -d Remove any Percona XtraDB Cluster configurations from ProxySQL
--node-check-interval=3000 Interval for monitoring node checker script (in milliseconds)
--mode=[loadbal|singlewrite] ProxySQL read/write configuration mode, currently supporting: 'loadbal' and 'singlewrite' (the default) modes
--write-node=host_name:port Writer node to accept write statments. This option is supported only when using --mode=singlewrite
Can accept comma delimited list with the first listed being the highest priority.
--include-slaves=host_name:port Add specified slave node(s) to ProxySQL, these nodes will go into the reader hostgroup and will only be put into
the writer hostgroup if all cluster nodes are down. Slaves must be read only. Can accept comma delimited list.
If this is used make sure 'read_only=1' is in the slave's my.cnf
--adduser Adds the Percona XtraDB Cluster application user to the ProxySQL database
--syncusers Sync user accounts Context
StackExchange Database Administrators Q#164705, answer score: 5
Revisions (0)
No revisions yet.