cloudfoundry / pxc-release

BOSH release of Percona Xtradb Cluster

Apache License 2.0

30 stars 22 forks source link

Missing 'LOCK TABLES' privilege to database user #11

Closed aqan213 closed 1 year ago

aqan213 commented 4 years ago

Feature Request Info

Problem you are trying to solve

I'm trying to use the pxc-release in app-autoscaler-release, I added a database 'autoscaler' and username is 'autoscaler',

seeded_databases:
    - name: autoscaler
      password: ((database_password))
      username: autoscaler

but the user has no 'LOCK TABLES' privilege and it failed to deploy the app-autoscaler release. Is it possible to add the 'LOCK TABLES' privilege to the database users or is there a user having the 'LOCK TABLES' privilege?

cf-gitbot commented 4 years ago

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/171177794

The labels on this github issue will be updated when the story is started.

abg commented 1 year ago

In the seeded_databases implementation, pxc-release intentionally leave off the "LOCK TABLES" privilege to discourage users from relying on potentially broken behavior. Locks are not distributed in a Galera cluster and relying on table-level locks can lead to buggy application behavior in the event of a failover / switchover.

In Percona XtraDB Cluster 8.0 (used in pxc-release v1.0+), pxc-strict-mode defaults to "ENFORCING" which also disables lock tables for similar reasons.