The operator, by default, generates the MySQL root password, along with the passwords for the replicator and application user during the creation of the cluster.
You have the option to provide custom passwords using a pre-existing Kubernetes secret during cluster creation, using the following example as a guide.
You can use the provided mysql-passwords.yaml file as a template. Either edit directly
or make a copy to a directory of your choice. You can then edit it, changing the passwords to suit.
An example is shown below:
apiVersion: v1 kind: Secret metadata: name: tungsten-passwords-sample-secret type: Opaque stringData: mysqlRootPassword: rootsecret applicationPassword: appsecret replicatorPassword: replicatorsecret restApiAdminPassword: apisecret
In the above example, apiVersion, kind
and type should be left untouched. The passwords within
the stringData block can be changed to suit, along with
the name in the metadata block.
This name can be used if you have multiple clusters and different password yaml files with different
passwords for each cluster. You could then change the name to help identify which cluster the
passwords are associated with. The value you set here should then be used within the
customPasswordSecret property in the cluster yaml file.
For more details on the cluster yaml files, see Section 3.2.2.3, “Configuring Custom Cluster YAML templates”
To then apply this configuration, issue:
shell> kubectl apply -f mysql-passwords.yamlChanging the passwords after cluster creation is not supported or tested. If passwords need to be changed, they can be first changed in the secret, and manually changed in the MySQL database.