Hi community,
we had a role for ansible to automate the process for install percona mysql master and slave
so a time ago this role works fine until now with fresh versions using percona 8.x as master/slave is starting to get this new behavior.
Our setting for server slave is using “read_only=true” in the configuration file, in that way with any reboot from server we always guarantee the slave can’t be touched or modified
and when the engine initialize in older version 8.x the first time we used this workaround.
(master and slave)
1- using mysql client with variable connect-expired-password
2- to not break the replica from configuration file in the same line with mysql client we use set global super_read_only=OFF
3- then set the password for root
4- set global super_read_only=ON
the issue now is:
we still connecting using temporary password but now the recently version can’t accept other query until not change the password expired as first step, is like a mandatory otherwise can’t do anything.
so the step 2 can’t do it now in automate process because in the master server I can remove the step 2 and avoid the second time to set the initial root password but on slave starting from configuration as read_only = true is blocked
mysql> set global super_read_only=OFF;
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
the main goal is maintain the slave always read only but if before i can use expired password for change the root password I used global variables now I can’t with this restriction… exist other way to use global variables from mysql cli to can change the password as first step without break the replica on session time and not using configuration ?