k8s docker support create account

docker/runtime/be/resource/be_entrypoint.sh

@@ -91,12 +91,6 @@ show_backends(){
     fi
 
     echo "$backends"
-
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #   timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e 'SHOW BACKENDS;'
-    #else
-    #   timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e 'SHOW BACKENDS;'
-    #fi
 }
 
 # get all registered fe in cluster, for check the fe have `MASTER`.
@@ -111,11 +105,6 @@ function show_frontends()
     fi
 
     echo "$frontends"
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --batch -e 'show frontends;'
-    #else
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $FE_QUERY_PORT -u$DB_ADMIN_USER --batch -e 'show frontends;'
-    #fi
 }
 
 #parse the `$BE_CONFIG` file, passing the key need resolve as parameter.
@@ -174,18 +163,13 @@ add_self()
         fi
 
         if [[ "x$leader" != "x" ]]; then
+            create_account $leader
             log_stderr "[info] myself ($MY_SELF:$HEARTBEAT_PORT)  not exist in FE and fe have leader register myself into fe."
             add_result=`timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -uroot --skip-column-names --batch -e "ALTER SYSTEM ADD BACKEND \"$MY_SELF:$HEARTBEAT_PORT\";" 2>&1`
             if echo $add_result | grep -w "1045" | grep -q -w "28000" &>/dev/null ; then
                 timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD BACKEND \"$MY_SELF:$HEARTBEAT_PORT\";"
             fi
 
-            #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-            #    timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD BACKEND \"$MY_SELF:$HEARTBEAT_PORT\";"
-            #else
-            #    timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e "ALTER SYSTEM ADD BACKEND \"$MY_SELF:$HEARTBEAT_PORT\";"
-            #fi
-
             let "expire=start+timeout"
             now=`date +%s`
             if [[ $expire -le $now ]] ; then
@@ -199,6 +183,23 @@ add_self()
     done
 }
 
+function create_account()
+{
+    master=$1
+    users=`mysql --connect-timeout 2 -h $master -P $FE_QUERY_PORT -uroot --skip-column-names --batch -e 'SHOW ALL GRANTS;' 2>&1`
+    if echo $users | grep -w "1045" | grep -q -w "28000" &>/dev/null; then
+        log_stderr "the 'root' account have set password! not need auto create management account."
+        return 0
+    fi
+    if echo $users | grep -q -w "$DB_ADMIN_USER" &>/dev/null; then
+       log_stderr "the $DB_ADMIN_USER have exist in doris."
+       return 0
+    fi
+    mysql --connect-timeout 2 -h $master -P$FE_QUERY_PORT -uroot --skip-column-names --batch -e "CREATE USER '$DB_ADMIN_USER' IDENTIFIED BY '$DB_ADMIN_PASSWD';GRANT NODE_PRIV ON *.*.* TO $DB_ADMIN_USER;" 2>&1
+    log_stderr "created new account and grant NODE_PRIV!"
+
+}
+
 # check be exist or not, if exist return 0, or register self in fe cluster. when all fe address failed exit script.
 # `xxx1:port,xxx2:port` as parameter to function.
 function check_and_register()

docker/runtime/broker/resource/broker_entrypoint.sh

@@ -87,12 +87,6 @@ show_brokers(){
         brokers=`timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e 'SHOW BROKER;' 2>&1`
     fi
     echo "$brokers"
-
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e 'SHOW BROKER;'
-    #else
-    #    timeout 15 mysql --connect-timeout 2 -h $svc -P $FE_QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e 'SHOW BROKER;'
-    #fi
 }
 
 
@@ -107,12 +101,6 @@ function show_frontends()
 	frontends=`timeout 15 mysql --connect-timeout 2 -h $addr -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --batch -e 'show frontends;'`
     fi
     echo "$frontends"
-
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $FE_QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e 'show frontends;'
-    #else
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $FE_QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e 'show frontends;'
-    #fi
 }
 
 collect_env_info()

docker/runtime/fe/resource/fe_entrypoint.sh

@@ -125,11 +125,6 @@ function show_frontends()
     fi
    echo "$frontends"
 
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --batch -e 'show frontends;'
-    #else
-    #    timeout 15 mysql --connect-timeout 2 -h $addr -P $QUERY_PORT -u$DB_ADMIN_USER --batch -e 'show frontends;'
-    #fi
 }
 
 # add myself in cluster for FOLLOWER.
@@ -142,11 +137,6 @@ function add_self_follower()
         mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD FOLLOWER \"$MYSELF:$EDIT_LOG_PORT\";"
     fi
 
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD FOLLOWER \"$MYSELF:$EDIT_LOG_PORT\";"
-    #else
-    #    mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e "ALTER SYSTEM ADD FOLLOWER \"$MYSELF:$EDIT_LOG_PORT\";"
-    #fi
 }
 
 # add myself in cluster for OBSERVER.
@@ -159,11 +149,6 @@ function add_self_observer()
         mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD OBSERVER \"$MYSELF:$EDIT_LOG_PORT\";"
     fi
 
-    #if [[ "x$DB_ADMIN_PASSWD" != "x" ]]; then
-    #    mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER -p$DB_ADMIN_PASSWD --skip-column-names --batch -e "ALTER SYSTEM ADD OBSERVER \"$MYSELF:$EDIT_LOG_PORT\";"
-    #else
-    #    mysql --connect-timeout 2 -h $FE_MASTER -P $QUERY_PORT -u$DB_ADMIN_USER --skip-column-names --batch -e "ALTER SYSTEM ADD OBSERVER \"$MYSELF:$EDIT_LOG_PORT\";"
-    #fi
 }
 
 # `dori-meta/image` not exist start as first time.
@@ -362,6 +347,7 @@ start_fe_with_meta()
     $DORIS_HOME/bin/start_fe.sh  $opts
 }
 
+# print the least 10 records of 'VLSN'. When fe failed to restart, user can select the fe of VLSN is the bigest to force restart.
 print_vlsn()
 {
     local doirs_meta_path=`parse_confval_from_fe_conf "meta_dir"`
@@ -373,6 +359,33 @@ print_vlsn()
     echo "$vlsns"
 }
 
+#fist start create account and grant 'NODE_PRIV'
+create_account()
+{
+    if [[ "x$FE_MASTER" == "x" ]]; then
+		return 0
+	fi
+
+    # if not set password, the account not config.
+    if [[ "x$DB_ADMIN_PASSWD" == "x" ]]; then
+        return 0
+    fi
+
+    users=`timeout 15 mysql --connect-timeout 2 -h $FE_MASTER -P$QUERY_PORT -uroot --skip-column-names --batch -e 'SHOW ALL GRANTS;' 2>&1`
+    if echo $users | grep -w "1045" | grep -q -w "28000" &>/dev/null; then
+        log_stderr "the 'root' account have set paasword! not need auto create management account."
+        return 0
+    fi
+
+    if echo $users | grep -q -w "$DB_ADMIN_USER" &>/dev/null; then
+       log_stderr "the $DB_ADMIN_USER have exit in doris."
+       return 0
+    fi
+
+    `mysql --connect-timeout 2 -h $FE_MASTER -P$QUERY_PORT -uroot --skip-column-names --batch -e "CREATE USER '$DB_ADMIN_USER' IDENTIFIED BY '$DB_ADMIN_PASSWD';GRANT NODE_PRIV ON *.*.* TO $DB_ADMIN_USER;" 2>&1`
+    log_stderr "created new account and grant NODE_PRIV!"
+}
+
 fe_addrs=$1
 if [[ "x$fe_addrs" == "x" ]]; then
     echo "need fe address as parameter!"
@@ -391,5 +404,7 @@ else
     log_stderr "first start fe with meta not exist."
     collect_env_info
     probe_master $fe_addrs
+    #create account about node management
+    create_account
     start_fe_no_meta
 fi