Based on Connectors configuration, all workers shares the same connectors configuration under catalog folder, which means it will use the same connector configuration for any presto cluster user. E.g., Queries from prestosql user1 and user2 will use same jdbc query config. However, the traditional RDBMS ACL is based on username in JDBC configuration to support isolation. E.g., user1 will use jdbc:mysql://user1@host:3306 while user2 will use jdbc:mysql://user2@host:3306.
Question: is there any pointers or directions to support session level connector configuration within the same presto cluster? e.g., when user1 run a query, it will pickup jdbc:mysql://user1@host:3306 when using mysql connector while it can switch to jdbc:mysql://user2@host:3306 when user2 run a query that connects to mysql.
I'm open for any design inputs like using a centralized config management tool like consul or etcd.
You can configure this for the MySQL connector catalog properties file:
user-credential-name=mysql_user
password-credential-name=mysql_password
This allows the user to provide the MySQL username and password as extra credentials that are passed directly to the backend MySQL server when running a Presto query:
presto --extra-credential mysql_user=user1 --extra-credential mysql_password=secret
The credential names mysql_user and mysql_password are arbitrary and give you flexibility on how to configure it. For example, suppose you have two MySQL catalogs pointing at two different MySQL servers. If both of the servers share the same users, then you would configure both catalogs with the same credential names, allowing the same credentials to be used for both. If they are different, then you would name them differently, e.g., mysql1_user and mysql2_user, allowing the user to provide different credentials for each catalog.