From 95ac9d501c54362b248214914d20e008e196e56c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Tue, 24 Oct 2017 16:56:34 +0300
Subject: [PATCH] MXS-1494: Add replication credentials to mysqlmon

The credentials used for slave servers can now be controlled with the
replication_user and replication_password parameters.
---
 Documentation/Monitors/MySQL-Monitor.md      | 27 +++++++++++++++
 server/modules/monitor/mysqlmon.h            |  2 ++
 server/modules/monitor/mysqlmon/mysql_mon.cc | 35 ++++++++++++++++++++
 3 files changed, 64 insertions(+)

diff --git a/Documentation/Monitors/MySQL-Monitor.md b/Documentation/Monitors/MySQL-Monitor.md
index 910d99adb..98d9fb729 100644
--- a/Documentation/Monitors/MySQL-Monitor.md
+++ b/Documentation/Monitors/MySQL-Monitor.md
@@ -230,6 +230,9 @@ error is logged and the failover functionality is disabled. If this happens, the
 cluster must be fixed manually and the failover needs to be re-enabled via the
 REST API or MaxAdmin.
 
+**Note:** The monitor user must have the SUPER privilege if the failover feature
+  is enabled.
+
 ### `failover_script`
 
 *NOTE* By default, MariaDB MaxScale uses the MariaDB provided failover
@@ -296,6 +299,9 @@ path for making `server4` the new master would be:
 /v1/maxscale/mysqlmon/switchover?Cluster1&server4&server2
 ```
 
+**Note:** The monitor user must have the SUPER privilege if the switchover
+  feature is enabled.
+
 ### `switchover_script`
 
 *NOTE* By default, MariaDB MaxScale uses the MariaDB provided switchover
@@ -331,6 +337,27 @@ If no successful switchover takes place within the configured time period,
 a message is logged and the failover (not switchover) functionality will not
 be enabled, even if it was enabled before the switchover attempt.
 
+### `replication_user`
+
+The username of the replication user. This is given as the value for
+`MASTER_USER` whenever a `CHANGE_MASTER_TO` command is executed.
+
+Both `replication_user` and `replication_password` parameters must be defined if
+a custom replication user is used. If neither of the parameters is defined, the
+`CHANGE MASTER TO` command will use the monitor credentials for the replication
+user.
+
+The credentials used for replication must have the `REPLICATION SLAVE`
+privilege.
+
+### `replication_password`
+
+The password of the replication user. This is given as the value for
+`MASTER_USER` whenever a `CHANGE_MASTER_TO` command is executed.
+
+See `replication_user` parameter documentation for details about the use of this
+parameter.
+
 ## Using the MySQL Monitor With Binlogrouter
 
 Since MaxScale 2.2 it's possible to detect a replication setup
diff --git a/server/modules/monitor/mysqlmon.h b/server/modules/monitor/mysqlmon.h
index 2612bfede..6d951422d 100644
--- a/server/modules/monitor/mysqlmon.h
+++ b/server/modules/monitor/mysqlmon.h
@@ -69,6 +69,8 @@ typedef struct
     bool switchover;               /**< If master switchover is enabled */
     char* switchover_script;       /**< Script to call for performing master switchover */
     uint32_t switchover_timeout;   /**< Timeout in seconds for the master switchover */
+    char* replication_user;        /**< Replication user for failover */
+    char* replication_password;    /**< Replication password for failover*/
     MXS_MONITOR* monitor;
 } MYSQL_MONITOR;
 
diff --git a/server/modules/monitor/mysqlmon/mysql_mon.cc b/server/modules/monitor/mysqlmon/mysql_mon.cc
index 4daa22b82..85991cfab 100644
--- a/server/modules/monitor/mysqlmon/mysql_mon.cc
+++ b/server/modules/monitor/mysqlmon/mysql_mon.cc
@@ -74,6 +74,10 @@ static const char CN_SWITCHOVER[]         = "switchover";
 static const char CN_SWITCHOVER_SCRIPT[]  = "switchover_script";
 static const char CN_SWITCHOVER_TIMEOUT[] = "switchover_timeout";
 
+// Replication credentials parameters for failover
+static const char CN_REPLICATION_USER[]     = "replication_user";
+static const char CN_REPLICATION_PASSWORD[] = "replication_password";
+
 /** Default failover timeout */
 #define DEFAULT_FAILOVER_TIMEOUT "90"
 /** Default switchover timeout */
@@ -630,6 +634,29 @@ bool init_server_info(MYSQL_MONITOR *handle, MXS_MONITORED_SERVER *database)
     return rval;
 }
 
+static bool set_replication_credentials(MYSQL_MONITOR *handle, const MXS_CONFIG_PARAMETER* params)
+{
+    bool rval = false;
+    const char* repl_user = config_get_string(params, CN_REPLICATION_USER);
+    const char* repl_pw = config_get_string(params, CN_REPLICATION_PASSWORD);
+
+    if (!*repl_user && !*repl_pw)
+    {
+        // No replication credentials defined, use monitor credentials
+        repl_user = handle->monitor->user;
+        repl_pw = handle->monitor->password;
+    }
+
+    if (*repl_user && *repl_pw)
+    {
+        handle->replication_user = MXS_STRDUP_A(repl_user);
+        handle->replication_password = decrypt_password(repl_pw);
+        rval = true;
+    }
+
+    return rval;
+}
+
 /*lint +e14 */
 
 /**
@@ -651,6 +678,8 @@ startMonitor(MXS_MONITOR *monitor, const MXS_CONFIG_PARAMETER* params)
         handle->shutdown = 0;
         MXS_FREE(handle->script);
         MXS_FREE(handle->switchover_script);
+        MXS_FREE(handle->replication_user);
+        MXS_FREE(handle->replication_password);
     }
     else
     {
@@ -696,6 +725,12 @@ startMonitor(MXS_MONITOR *monitor, const MXS_CONFIG_PARAMETER* params)
 
     bool error = false;
 
+    if (!set_replication_credentials(handle, params))
+    {
+        MXS_ERROR("Both '%s' and '%s' must be defined", CN_REPLICATION_USER, CN_REPLICATION_PASSWORD);
+        error = true;
+    }
+
     if (!check_monitor_permissions(monitor, "SHOW SLAVE STATUS"))
     {
         MXS_ERROR("Failed to start monitor. See earlier errors for more information.");