Add another user to MySQL in Kubernetes

5/16/2018

Here is my MySQL

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: abc-def-my-mysql
  namespace: abc-sk-test
  labels:
    project: abc
    ca: my
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: abc-def-my-mysql
        project: abc
        ca: my
    spec:
      containers:
      - name: mysql
        image: mysql:5.6
        args: ["--default-authentication-plugin=mysql_native_password", "--ignore-db-dir=lost+found"]
        ports:
        - containerPort: 3306
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: "root"
        - name: MYSQL_DATABASE
          value: "my_abc"
        - name: MYSQL_USER
          value: "test_user"
        - name: MYSQL_PASSWORD
          value: "12345"
        volumeMounts:
         - mountPath: /var/lib/mysql
           name: abc-def-my-mysql-storage
      volumes:
      - name: abc-def-my-mysql-storage
        persistentVolumeClaim:
         claimName: abc-def-my-mysql-pvc

I would like to add another user to mysql so real users can connect to it. Instead of using "test_user". how can I add another user, is it like adding any other environment variable to the above config

-- sbolla
kubernetes
mysql

2 Answers

5/16/2018

Depending on user life-cycle, you can create user either at container startup, either through MySQL's docker startup script, mounted at /docker-entrypoint-initdb.d, or you could do it at CLI, after the server has started.

With container startup script, you may have to take care of multiple containers running the same script, e.g. CREATE user if exists.

CLI option may be more suitable if the DB server is long lived, and you will get requests for multiple user creation even after server creation.

-- user6317694
Source: StackOverflow

12/22/2018

Mount a "create user script" into container's /docker-entrypoint-initdb.d directory. it will be executed once, at first pod start.

apiVersion: extensions/v1beta1
kind: Pod
metadata:
  name: mysql
spec:
  containers:
  - name: mysql
    image: mysql
    .....
    env:
    - name: MYSQL_ROOT_PASSWORD
      value: "root"
    .....
    volumeMounts:
      - name: mysql-initdb
        mountPath: /docker-entrypoint-initdb.d
  volumes:
  - name: mysql-initdb
    configMap:
      name: initdb

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: initdb
data:
  initdb.sql: |-
    CREATE USER 'first_user'@'%' IDENTIFIED BY '111' ;
    CREATE USER 'second_user'@'%' IDENTIFIED BY '222' ;

Test:

kubectl exec -it <PODNAME> -- mysql -uroot -p -e 'SELECT user, host FROM mysql.user;'

    +-------------+------+
    | user        | host |
    +-------------+------+
    | first_user  | %    |
    | second_user | %    |
    | root        | %    |
    +-------------+------+

See Initializing a fresh instance Mysql Docker Hub image:

When a container is started for the first time, a new database with the specified name will be created and initialized with the provided configuration variables. Furthermore, it will execute files with extensions .sh, .sql and .sql.gz that are found in /docker-entrypoint-initdb.d. Files will be executed in alphabetical order.

You can easily populate your mysql services by mounting a SQL dump into that directory and provide custom images with contributed data. SQL files will be imported by default to the database specified by the MYSQL_DATABASE variable.

-- Michal Foksa
Source: StackOverflow