From 032333dbe073fd1d72bd72d8fb20428e803f06dc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 28 Feb 2014 21:31:11 -0600 Subject: [PATCH 001/128] Added README.md. --- README.md | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..7786931 --- /dev/null +++ b/README.md @@ -0,0 +1,47 @@ +# Ansible Role: MySQL + +Installs MySQL server on RedHat Enterprise Linux or CentOS 6.x servers. + +## Requirements + +None. + +## Role Variables + +Available variables are listed below, along with default values (see `vars/main.yml`): + + mysql_enablerepo: "" + +If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. + + mysql_root_password: root + +The MySQL root user account password. + +## Dependencies + +None. + +## Example Playbook + + - hosts: db-servers + vars_files: + - vars/main.yml + roles: + - { role: geerlingguy.mysql } + +*Inside `vars/main.yml`*: + + mysql_root_password: super-secure-password + +## TODO + + - Convert my.cnf configuration to template, and allow for configurable variables. + +## License + +MIT / BSD + +## Author Information + +This role was created in 2014 by Jeff Geerling (@geerlingguy), author of Ansible for DevOps. You can find out more about the book at http://ansiblefordevops.com/, and learn about the author at http://jeffgeerling.com/. From 8082fd69b9d93482b5380bae366a019f63f8a40e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 28 Feb 2014 21:32:17 -0600 Subject: [PATCH 002/128] Add files, handlers, tasks, vars, and meta information. --- files/my.cnf | 38 ++++++++++++++++++++++++++++++++++++++ handlers/main.yml | 3 +++ meta/main.yml | 15 +++++++++++++++ tasks/main.yml | 38 ++++++++++++++++++++++++++++++++++++++ templates/my.cnf.j2 | 3 +++ vars/main.yml | 4 ++++ 6 files changed, 101 insertions(+) create mode 100644 files/my.cnf create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 tasks/main.yml create mode 100644 templates/my.cnf.j2 create mode 100644 vars/main.yml diff --git a/files/my.cnf b/files/my.cnf new file mode 100644 index 0000000..04c0d85 --- /dev/null +++ b/files/my.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock + +# Disabling symbolic-links is recommended to prevent assorted security risks +symbolic-links=0 + +# Settings user and group are ignored when systemd is used (fedora >= 15). +# If you need to run mysqld under a different user or group, +# customize your systemd unit file for mysqld according to the +# instructions in http://fedoraproject.org/wiki/Systemd +user=mysql + +# Semisynchronous Replication +# http://dev.mysql.com/doc/refman/5.5/en/replication-semisync.html +# uncomment next line on MASTER +;plugin-load=rpl_semi_sync_master=semisync_master.so +# uncomment next line on SLAVE +;plugin-load=rpl_semi_sync_slave=semisync_slave.so + +# Others options for Semisynchronous Replication +;rpl_semi_sync_master_enabled=1 +;rpl_semi_sync_master_timeout=10 +;rpl_semi_sync_slave_enabled=1 + +# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html +;performance_schema + +# Customizations for local development. +wait_timeout = 28800 +max_allowed_packet = 64M +innodb_file_per_table = 1 # Allows for recovery of disk space when table are removed +innodb_buffer_pool_size = 128M # Up to 80% of available RAM on a dedicated box +innodb_flush_log_at_trx_commit = 2 # 1 for durability, 0 or 2 for performance + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..e6031ee --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart mysql + command: service mysqld restart diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..752d868 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,15 @@ +--- +dependencies: [] + +galaxy_info: + author: geerlingguy + description: MySQL server for RHEL/CentOS 6.x + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 1.4 + platforms: + - name: EL + versions: + - 6 + categories: + - database diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..7af1272 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,38 @@ +--- +# If this is not done for the version of MySQL in certain extra repositories, +# MySQL installation fails with an error the first time. +- name: Update postfix to the latest version. + yum: name=postfix state=latest enablerepo={{ mysql_enablerepo }} + +- name: Ensure MySQL packages are installed. + yum: name={{ item }} state=installed enablerepo={{ mysql_enablerepo }} + with_items: + - mysql + - mysql-server + - MySQL-python + +- name: Copy my.cnf global MySQL configuration. + copy: src=my.cnf dest=/etc/my.cnf owner=root group=root mode=0644 + +# Set MySQL to run at startup. +- name: Ensure MySQL is started. + service: name=mysqld state=started enabled=yes + +# 'localhost' needs to be the last item for idempotency, see +# http://ansible.cc/docs/modules.html#mysql-user +- name: update mysql root password for all root accounts + mysql_user: name=root host={{ item }} password={{ mysql_root_password }} + with_items: + - 127.0.0.1 + - ::1 + - localhost + +# Has to be after the root password assignment, for idempotency. +- name: Copy .my.cnf file with root password credentials. + template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600 + +- name: Delete anonymous MySQL user for localhost. + mysql_user: name="" state="absent" + +- name: Remove the MySQL test database. + mysql_db: name="test" state="absent" diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 new file mode 100644 index 0000000..b013aa3 --- /dev/null +++ b/templates/my.cnf.j2 @@ -0,0 +1,3 @@ +[client] +user=root +password={{ mysql_root_password }} \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..54cd290 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,4 @@ +--- +# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). +mysql_enablerepo: "" +mysql_root_password: root From fa6a638162d7d7f201e25724762aa2473f5683d8 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 6 Mar 2014 22:34:00 -0600 Subject: [PATCH 003/128] Allow mysql_packages to be configured. --- README.md | 7 +++++++ tasks/main.yml | 5 +---- vars/main.yml | 4 ++++ 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 7786931..e3d56ad 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,13 @@ If you have enabled any additional repositories (might I suggest geerlingguy.rep The MySQL root user account password. + mysql_packages: + - mysql + - mysql-server + - MySQL-python + +Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. + ## Dependencies None. diff --git a/tasks/main.yml b/tasks/main.yml index 7af1272..a36ccae 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,10 +6,7 @@ - name: Ensure MySQL packages are installed. yum: name={{ item }} state=installed enablerepo={{ mysql_enablerepo }} - with_items: - - mysql - - mysql-server - - MySQL-python + with_items: mysql_packages - name: Copy my.cnf global MySQL configuration. copy: src=my.cnf dest=/etc/my.cnf owner=root group=root mode=0644 diff --git a/vars/main.yml b/vars/main.yml index 54cd290..f0cc33c 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -2,3 +2,7 @@ # Pass in a comma-separated list of repos to use (e.g. "remi,epel"). mysql_enablerepo: "" mysql_root_password: root +mysql_packages: + - mysql + - mysql-server + - MySQL-python From 9fc1bbd1ea927cb585bdbc49b1aeaaba6c874c5a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 21 Apr 2014 13:06:38 -0500 Subject: [PATCH 004/128] Updated README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e3d56ad..5c95c9a 100644 --- a/README.md +++ b/README.md @@ -51,4 +51,4 @@ MIT / BSD ## Author Information -This role was created in 2014 by Jeff Geerling (@geerlingguy), author of Ansible for DevOps. You can find out more about the book at http://ansiblefordevops.com/, and learn about the author at http://jeffgeerling.com/. +This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). From a7998b3b9a4eddf6935b0ab2f16546e90987ee68 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 23 Apr 2014 10:09:31 -0500 Subject: [PATCH 005/128] Add support for Debian/Ubuntu. --- README.md | 12 ++++++---- handlers/main.yml | 4 +++- meta/main.yml | 6 +++++ tasks/main.yml | 56 +++++++++++++++++++++++++++++++++++------------ vars/Debian.yml | 5 +++++ vars/RedHat.yml | 6 +++++ vars/main.yml | 11 +++++----- 7 files changed, 75 insertions(+), 25 deletions(-) create mode 100644 vars/Debian.yml create mode 100644 vars/RedHat.yml diff --git a/README.md b/README.md index 5c95c9a..10d8cb4 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Ansible Role: MySQL -Installs MySQL server on RedHat Enterprise Linux or CentOS 6.x servers. +Installs MySQL server on RHEL/CentOS or Debian/Ubuntu servers. ## Requirements @@ -10,9 +10,9 @@ None. Available variables are listed below, along with default values (see `vars/main.yml`): - mysql_enablerepo: "" + mysql_user_home: /root -If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. +The home directory inside which Python MySQL settings will be stored, which Ansible will use when connecting to MySQL. This should be the home directory of the user which runs this Ansible role. mysql_root_password: root @@ -23,7 +23,11 @@ The MySQL root user account password. - mysql-server - MySQL-python -Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. +(OS-specific, RedHat/CentOS defaults listed here) Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. + + mysql_enablerepo: "" + +(RedHat/CentOS only) If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. ## Dependencies diff --git a/handlers/main.yml b/handlers/main.yml index e6031ee..8622c20 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,5 @@ --- - name: restart mysql - command: service mysqld restart + service: > + name={{ mysql_daemon }} + state=restarted diff --git a/meta/main.yml b/meta/main.yml index 752d868..ea6aafd 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -11,5 +11,11 @@ galaxy_info: - name: EL versions: - 6 + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all categories: - database diff --git a/tasks/main.yml b/tasks/main.yml index a36ccae..93bbb38 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,24 +1,45 @@ --- -# If this is not done for the version of MySQL in certain extra repositories, -# MySQL installation fails with an error the first time. -- name: Update postfix to the latest version. - yum: name=postfix state=latest enablerepo={{ mysql_enablerepo }} +- name: Include OS-specific variables. + include_vars: "{{ ansible_os_family }}.yml" -- name: Ensure MySQL packages are installed. - yum: name={{ item }} state=installed enablerepo={{ mysql_enablerepo }} +- name: Update postfix to the latest version (if extra repositories enabled). + yum: > + name=postfix + state=latest + enablerepo={{ mysql_enablerepo }} + when: mysql_enablerepo != "" + +- name: Ensure MySQL packages are installed (RedHat). + yum: > + name={{ item }} + state=installed + enablerepo={{ mysql_enablerepo }} + with_items: mysql_packages + when: ansible_os_family == 'RedHat' + +- name: Ensure MySQL packages are installed (Debian). + apt: > + name={{ item }} + state=installed with_items: mysql_packages + when: ansible_os_family == 'Debian' - name: Copy my.cnf global MySQL configuration. copy: src=my.cnf dest=/etc/my.cnf owner=root group=root mode=0644 -# Set MySQL to run at startup. -- name: Ensure MySQL is started. - service: name=mysqld state=started enabled=yes +- name: Ensure MySQL is started and enabled on boot. + service: > + name={{ mysql_daemon }} + state=started + enabled=yes # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user -- name: update mysql root password for all root accounts - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} +- name: Update MySQL root password for all root accounts. + mysql_user: > + name=root + host={{ item }} + password={{ mysql_root_password }} with_items: - 127.0.0.1 - ::1 @@ -26,10 +47,17 @@ # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. - template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600 + template: > + src=my.cnf.j2 + dest={{ mysql_user_home }}/.my.cnf + owner=root group=root mode=600 - name: Delete anonymous MySQL user for localhost. - mysql_user: name="" state="absent" + mysql_user: > + name="" + state=absent - name: Remove the MySQL test database. - mysql_db: name="test" state="absent" + mysql_db: > + name="test" + state=absent diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..25ad3a0 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,5 @@ +--- +mysql_daemon: mysql +mysql_packages: + - mysql-server + - python-mysqldb \ No newline at end of file diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..da2518f --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,6 @@ +--- +mysql_daemon: mysqld +mysql_packages: + - mysql + - mysql-server + - MySQL-python diff --git a/vars/main.yml b/vars/main.yml index f0cc33c..ae93aa0 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,8 +1,7 @@ --- -# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). -mysql_enablerepo: "" +mysql_user_home: /root mysql_root_password: root -mysql_packages: - - mysql - - mysql-server - - MySQL-python + +# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only +# for RedHat systems (and derivatives). +mysql_enablerepo: "" From dc0eba21913cf6658265a7b4d92bb30b03ba3fb9 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 23 Apr 2014 10:12:54 -0500 Subject: [PATCH 006/128] Add Travis CI test integration. --- .travis.yml | 24 ++++++++++++++++++++++++ README.md | 2 ++ tests/inventory | 1 + tests/test.yml | 8 ++++++++ 4 files changed, 35 insertions(+) create mode 100644 .travis.yml create mode 100644 tests/inventory create mode 100644 tests/test.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..31b7f17 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,24 @@ +--- +language: python +python: "2.7" +env: + - SITE=test.yml +before_install: + - sudo apt-get update -qq +install: + - pip install ansible==1.5.0 +script: + # Check the role/playbook's syntax. + - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" + + # Run the role/playbook with ansible-playbook. + - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" + + # Run the role/playbook again, checking to make sure it's idempotent. + - > + ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo + | grep -q 'changed=0.*failed=0' + && (echo 'Idempotence test: pass' && exit 0) + || (echo 'Idempotence test: fail' && exit 1) + + # TODO - check if mysql is running. \ No newline at end of file diff --git a/README.md b/README.md index 10d8cb4..29009af 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Ansible Role: MySQL +[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-mysql.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-mysql) + Installs MySQL server on RHEL/CentOS or Debian/Ubuntu servers. ## Requirements diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..2fbb50c --- /dev/null +++ b/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..e89cdca --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,8 @@ +--- +- hosts: all + vars_files: + - '../vars/main.yml' + tasks: + - include: '../tasks/main.yml' + handlers: + - include: '../handlers/main.yml' From 22a7a9816c0ec779f79657f8732e2471f978a994 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 23 Apr 2014 10:19:46 -0500 Subject: [PATCH 007/128] Test for MySQL operation in Travis. --- .travis.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 31b7f17..d53d35f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,4 +21,9 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) - # TODO - check if mysql is running. \ No newline at end of file + # Check to make sure we can connect to MySQL. + - > + mysql -u root -proot -e 'show databases;' + | grep -q 'performance_schema' + && (echo 'MySQL running normally' && exit 0) + || (echo 'MySQL not running' && exit 1) From fbb164edca8cdf5a996d753bb231928c2d9ed98b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 23 Apr 2014 13:03:08 -0500 Subject: [PATCH 008/128] Updated travis test integration to use role directly. --- .travis.yml | 8 ++++++++ tests/test.yml | 11 ++++------- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index d53d35f..cdbe8d5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,12 +1,20 @@ --- language: python python: "2.7" + env: - SITE=test.yml + before_install: - sudo apt-get update -qq + install: + # Install Ansible. - pip install ansible==1.5.0 + + # Add ansible.cfg to pick up roles path. + - "printf '[defaults]\nroles_path = ../' > ansible.cfg" + script: # Check the role/playbook's syntax. - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" diff --git a/tests/test.yml b/tests/test.yml index e89cdca..bfe6c6c 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,8 +1,5 @@ --- -- hosts: all - vars_files: - - '../vars/main.yml' - tasks: - - include: '../tasks/main.yml' - handlers: - - include: '../handlers/main.yml' +- hosts: localhost + remote_user: root + roles: + - ansible-role-mysql From 4eaae0e43d0c74a8c71390eb5b52eb77a828311a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 29 Apr 2014 15:19:18 -0500 Subject: [PATCH 009/128] Update MySQL password setting to work a little better. --- tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index 93bbb38..92f68b8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -33,6 +33,10 @@ state=started enabled=yes +- name: Check if .my.cnf file already exists. + stat: "path={{ mysql_user_home }}/.my.cnf" + register: mycnf_file + # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user - name: Update MySQL root password for all root accounts. @@ -44,6 +48,7 @@ - 127.0.0.1 - ::1 - localhost + when: mycnf_file.stat.exists == false # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. From 80d6c797d462db8ad4fa293611ccb4f3c1992495 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 12 May 2014 14:04:35 -0500 Subject: [PATCH 010/128] Allow for much more configuration in my.cnf. --- README.md | 17 +++++++++--- defaults/main.yml | 40 ++++++++++++++++++++++++++++ files/my.cnf | 38 --------------------------- tasks/main.yml | 8 ++++-- templates/my.cnf.j2 | 53 ++++++++++++++++++++++++++++++++++++-- templates/python-my.cnf.j2 | 3 +++ vars/main.yml | 7 ----- 7 files changed, 113 insertions(+), 53 deletions(-) create mode 100644 defaults/main.yml delete mode 100644 files/my.cnf create mode 100644 templates/python-my.cnf.j2 delete mode 100644 vars/main.yml diff --git a/README.md b/README.md index 29009af..1d9a651 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,19 @@ The MySQL root user account password. (RedHat/CentOS only) If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. + mysql_port: "3306" + mysql_datadir: /var/lib/mysql + mysql_socket: /var/lib/mysql/mysql.sock + +Default MySQL connection configuration. + + mysql_key_buffer_size: "256M" + mysql_max_allowed_packet: "1M" + mysql_table_open_cache: "256" + [...] + +The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. + ## Dependencies None. @@ -47,10 +60,6 @@ None. mysql_root_password: super-secure-password -## TODO - - - Convert my.cnf configuration to template, and allow for configurable variables. - ## License MIT / BSD diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..93f7bb5 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,40 @@ +--- +mysql_user_home: /root +mysql_root_password: root + +# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only +# for RedHat systems (and derivatives). +mysql_enablerepo: "" + +# MySQL connection settings. +mysql_port: "3306" +mysql_datadir: /var/lib/mysql +mysql_socket: /var/lib/mysql/mysql.sock + +# Memory settings (default values optimized ~512MB RAM). +mysql_key_buffer_size: "256M" +mysql_max_allowed_packet: "1M" +mysql_table_open_cache: "256" +mysql_sort_buffer_size: "1M" +mysql_read_buffer_size: "1M" +mysql_read_rnd_buffer_size: "4M" +mysql_myisam_sort_buffer_size: "64M" +mysql_thread_cache_size: "8" +mysql_query_cache_size: "16M" + +# Try number of CPU's * 2 for thread_concurrency. +mysql_thread_concurrency: 2 + +# InnoDB settings. +# Set .._buffer_pool_size up to 80% of RAM but beware of setting too high. +mysql_innodb_file_per_table: "1" +mysql_innodb_buffer_pool_size: "256M" +mysql_innodb_additional_mem_pool_size: "20M" +# Set .._log_file_size to 25% of buffer pool size. +mysql_innodb_log_file_size: "64M" +mysql_innodb_log_buffer_size: "8M" +mysql_innodb_flush_log_at_trx_commit: "1" +mysql_innodb_lock_wait_timeout: 50 + +# mysqldump settings +mysql_mysqldump_max_allowed_packet: "64M" diff --git a/files/my.cnf b/files/my.cnf deleted file mode 100644 index 04c0d85..0000000 --- a/files/my.cnf +++ /dev/null @@ -1,38 +0,0 @@ -[mysqld] -datadir=/var/lib/mysql -socket=/var/lib/mysql/mysql.sock - -# Disabling symbolic-links is recommended to prevent assorted security risks -symbolic-links=0 - -# Settings user and group are ignored when systemd is used (fedora >= 15). -# If you need to run mysqld under a different user or group, -# customize your systemd unit file for mysqld according to the -# instructions in http://fedoraproject.org/wiki/Systemd -user=mysql - -# Semisynchronous Replication -# http://dev.mysql.com/doc/refman/5.5/en/replication-semisync.html -# uncomment next line on MASTER -;plugin-load=rpl_semi_sync_master=semisync_master.so -# uncomment next line on SLAVE -;plugin-load=rpl_semi_sync_slave=semisync_slave.so - -# Others options for Semisynchronous Replication -;rpl_semi_sync_master_enabled=1 -;rpl_semi_sync_master_timeout=10 -;rpl_semi_sync_slave_enabled=1 - -# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html -;performance_schema - -# Customizations for local development. -wait_timeout = 28800 -max_allowed_packet = 64M -innodb_file_per_table = 1 # Allows for recovery of disk space when table are removed -innodb_buffer_pool_size = 128M # Up to 80% of available RAM on a dedicated box -innodb_flush_log_at_trx_commit = 2 # 1 for durability, 0 or 2 for performance - -[mysqld_safe] -log-error=/var/log/mysqld.log -pid-file=/var/run/mysqld/mysqld.pid diff --git a/tasks/main.yml b/tasks/main.yml index 92f68b8..8b9850a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -25,7 +25,11 @@ when: ansible_os_family == 'Debian' - name: Copy my.cnf global MySQL configuration. - copy: src=my.cnf dest=/etc/my.cnf owner=root group=root mode=0644 + template: > + src=my.cnf.j2 + dest=/etc/my.cnf + owner=root group=root mode=644 + notify: restart mysql - name: Ensure MySQL is started and enabled on boot. service: > @@ -53,7 +57,7 @@ # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. template: > - src=my.cnf.j2 + src=python-my.cnf.j2 dest={{ mysql_user_home }}/.my.cnf owner=root group=root mode=600 diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index b013aa3..cf13846 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -1,3 +1,52 @@ [client] -user=root -password={{ mysql_root_password }} \ No newline at end of file +#password = your_password +port = 3306 +socket = /var/lib/mysql/mysql.sock + +[mysqld] +port = {{ mysql_port }} +datadir = {{ mysql_datadir }} +socket = {{ mysql_socket }} + +# Disabling symbolic-links is recommended to prevent assorted security risks +symbolic-links = 0 + +# Settings user and group are ignored when systemd is used (fedora >= 15). +# If you need to run mysqld under a different user or group, +# customize your systemd unit file for mysqld according to the +# instructions in http://fedoraproject.org/wiki/Systemd +user = mysql + +# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html +;performance_schema + +# Memory settings. +key_buffer_size = {{ mysql_key_buffer_size }} +max_allowed_packet = {{ mysql_max_allowed_packet }} +table_open_cache = {{ mysql_table_open_cache }} +sort_buffer_size = {{ mysql_sort_buffer_size }} +read_buffer_size = {{ mysql_read_buffer_size }} +read_rnd_buffer_size = {{ mysql_read_rnd_buffer_size }} +myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} +thread_cache_size = {{ mysql_thread_cache_size }} +query_cache_size = {{ mysql_query_cache_size }} + +# Try number of CPU's * 2 for thread_concurrency. +thread_concurrency = {{ mysql_thread_concurrency }} + +# InnoDB settings. +innodb_file_per_table = {{ mysql_innodb_file_per_table }} +innodb_buffer_pool_size = {{ mysql_innodb_buffer_pool_size }} +innodb_additional_mem_pool_size = {{ mysql_innodb_additional_mem_pool_size }} +innodb_log_file_size = {{ mysql_innodb_log_file_size }} +innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} +innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} +innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} + +[mysqldump] +quick +max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} + +[mysqld_safe] +log-error = /var/log/mysqld.log +pid-file = /var/run/mysqld/mysqld.pid diff --git a/templates/python-my.cnf.j2 b/templates/python-my.cnf.j2 new file mode 100644 index 0000000..b013aa3 --- /dev/null +++ b/templates/python-my.cnf.j2 @@ -0,0 +1,3 @@ +[client] +user=root +password={{ mysql_root_password }} \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml deleted file mode 100644 index ae93aa0..0000000 --- a/vars/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -mysql_user_home: /root -mysql_root_password: root - -# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only -# for RedHat systems (and derivatives). -mysql_enablerepo: "" From 41845e7a1700ec9f517c6c095f4e82cb176a598c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:20:23 -0500 Subject: [PATCH 011/128] Use command instead of service module for mysql restart. --- handlers/main.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 8622c20..a3a9606 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,7 @@ --- - name: restart mysql - service: > - name={{ mysql_daemon }} - state=restarted + command: "service {{ mysql_daemon }} restart" +# - name: restart mysql +# service: > +# name={{ mysql_daemon }} +# state=restarted From 747b88d52e7cd19329da8f01e2b9de7c7ae37631 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:29:24 -0500 Subject: [PATCH 012/128] Check mysql daemon status. --- handlers/main.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/handlers/main.yml b/handlers/main.yml index a3a9606..9fa4382 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,6 +1,9 @@ --- - name: restart mysql - command: "service {{ mysql_daemon }} restart" + command: "{{ item }}" + with_items: + - "service {{ mysql_daemon }} status" + - "service {{ mysql_daemon }} restart" # - name: restart mysql # service: > # name={{ mysql_daemon }} From 7c728638681420e726364279058c3c6f91a1ba0c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:32:27 -0500 Subject: [PATCH 013/128] More testing. --- .travis.yml | 2 +- tasks/main.yml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index cdbe8d5..73ced31 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ script: - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" + - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo -vvvv" # Run the role/playbook again, checking to make sure it's idempotent. - > diff --git a/tasks/main.yml b/tasks/main.yml index 8b9850a..3bcefa6 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -70,3 +70,5 @@ mysql_db: > name="test" state=absent + +- debug: var=mysql_daemon From e81207aed16a371351e8dfbb29157b5724aa8501 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:40:37 -0500 Subject: [PATCH 014/128] Another attempted fix to make Travis happy. --- handlers/main.yml | 5 +++-- tasks/main.yml | 2 -- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 9fa4382..ae09986 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,9 +1,10 @@ --- +# For some reason, 'service mysql restart' doesn't work sometimes. - name: restart mysql command: "{{ item }}" with_items: - - "service {{ mysql_daemon }} status" - - "service {{ mysql_daemon }} restart" + - "service {{ mysql_daemon }} stop" + - "service {{ mysql_daemon }} start" # - name: restart mysql # service: > # name={{ mysql_daemon }} diff --git a/tasks/main.yml b/tasks/main.yml index 3bcefa6..8b9850a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -70,5 +70,3 @@ mysql_db: > name="test" state=absent - -- debug: var=mysql_daemon From 4715a6bd60166634a053b449d486bfa3977b45ea Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:44:52 -0500 Subject: [PATCH 015/128] Back to original settings. Something's funny with Travis CI. --- .travis.yml | 2 +- handlers/main.yml | 12 +++--------- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/.travis.yml b/.travis.yml index 73ced31..cdbe8d5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ script: - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo -vvvv" + - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" # Run the role/playbook again, checking to make sure it's idempotent. - > diff --git a/handlers/main.yml b/handlers/main.yml index ae09986..8622c20 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,11 +1,5 @@ --- -# For some reason, 'service mysql restart' doesn't work sometimes. - name: restart mysql - command: "{{ item }}" - with_items: - - "service {{ mysql_daemon }} stop" - - "service {{ mysql_daemon }} start" -# - name: restart mysql -# service: > -# name={{ mysql_daemon }} -# state=restarted + service: > + name={{ mysql_daemon }} + state=restarted From 7b99b6aacc12598c3a1af1bb2488a668db537565 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:47:30 -0500 Subject: [PATCH 016/128] More Travis testing. --- .travis.yml | 3 +++ handlers/main.yml | 8 +++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index cdbe8d5..8e9cf65 100644 --- a/.travis.yml +++ b/.travis.yml @@ -29,6 +29,9 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) + - "sudo service mysql status" + - "sudo service mysql restart" + # Check to make sure we can connect to MySQL. - > mysql -u root -proot -e 'show databases;' diff --git a/handlers/main.yml b/handlers/main.yml index 8622c20..3d0cc4a 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,7 @@ --- - name: restart mysql - service: > - name={{ mysql_daemon }} - state=restarted + debug: msg="Testing..." +# - name: restart mysql +# service: > +# name={{ mysql_daemon }} +# state=restarted From a93b843f2de3e58ee543dbf9eaad8c1354c847d0 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 11:54:46 -0500 Subject: [PATCH 017/128] Better handler name, perhaps. --- handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/handlers/main.yml b/handlers/main.yml index 3d0cc4a..6fdbc90 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,6 +1,6 @@ --- - name: restart mysql - debug: msg="Testing..." + command: date # - name: restart mysql # service: > # name={{ mysql_daemon }} From fb87c336db3caf704d6bb8f6c7689d0e519f8e85 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 12:07:54 -0500 Subject: [PATCH 018/128] More Travis debugging - does it restart? --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index 8e9cf65..64eb5bb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,6 +16,9 @@ install: - "printf '[defaults]\nroles_path = ../' > ansible.cfg" script: + - "sudo service mysql status" + - "sudo service mysql restart" + # Check the role/playbook's syntax. - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" From 23ce5224594e40c1b279ed6c8058c7f9fe1a191a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 12:12:19 -0500 Subject: [PATCH 019/128] Remove MySQL before proceeding. --- .travis.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 64eb5bb..ef8f617 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,6 +7,7 @@ env: before_install: - sudo apt-get update -qq + - sudo apt-get --purge remove mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 -qq install: # Install Ansible. @@ -16,9 +17,6 @@ install: - "printf '[defaults]\nroles_path = ../' > ansible.cfg" script: - - "sudo service mysql status" - - "sudo service mysql restart" - # Check the role/playbook's syntax. - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" From f4de3d0c7772dca58e81c5e17b0dc080bcbcbca7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 12:12:38 -0500 Subject: [PATCH 020/128] Don't hide output of MySQL removal. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index ef8f617..dc5fad8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,7 @@ env: before_install: - sudo apt-get update -qq - - sudo apt-get --purge remove mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 -qq + - sudo apt-get --purge remove mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 install: # Install Ansible. From c5b85c059fc0e51ca5f951f1553f8bd728b33473 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 12:22:13 -0500 Subject: [PATCH 021/128] Back to a working build. --- .travis.yml | 3 --- handlers/main.yml | 8 +++----- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.travis.yml b/.travis.yml index dc5fad8..a5c3185 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,9 +30,6 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) - - "sudo service mysql status" - - "sudo service mysql restart" - # Check to make sure we can connect to MySQL. - > mysql -u root -proot -e 'show databases;' diff --git a/handlers/main.yml b/handlers/main.yml index 6fdbc90..8622c20 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,5 @@ --- - name: restart mysql - command: date -# - name: restart mysql -# service: > -# name={{ mysql_daemon }} -# state=restarted + service: > + name={{ mysql_daemon }} + state=restarted From fe50186e6fc8bf518d336d28699c6d538af8a3a2 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:18:23 -0500 Subject: [PATCH 022/128] More Travis testing - see what's up with MySQL. --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index a5c3185..848b0e5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,6 +30,10 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) + - "ls -lah /var/log" + - "cat /var/log/mysql.err" + - "cat /var/log/mysql.log" + # Check to make sure we can connect to MySQL. - > mysql -u root -proot -e 'show databases;' From 26d70353045bdcd0ae3bd9c8d461dc2429bdd375 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:22:31 -0500 Subject: [PATCH 023/128] Another attempt at debugging MySQL/Travis. --- .travis.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 848b0e5..d727bbc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,8 +31,10 @@ script: || (echo 'Idempotence test: fail' && exit 1) - "ls -lah /var/log" - - "cat /var/log/mysql.err" - - "cat /var/log/mysql.log" + - "ls -lah /var/log/mysql" + - "sudo cat /var/log/mysql.err" + - "sudo cat /var/log/mysql.log" + - "sudo cat /var/log/mysql/error.log" # Check to make sure we can connect to MySQL. - > From 2c31c5b3da1d3b775492c57146d303448e0711a4 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:29:33 -0500 Subject: [PATCH 024/128] Another attempt to debug Travis and MySQL. --- .travis.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index d727bbc..c7e639a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,6 +8,8 @@ env: before_install: - sudo apt-get update -qq - sudo apt-get --purge remove mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 + - sudo ls -lah /var/lib + - sudo rm -rf /var/lib/mysql install: # Install Ansible. @@ -30,8 +32,8 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) - - "ls -lah /var/log" - - "ls -lah /var/log/mysql" + - "sudo ls -lah /var/log" + - "sudo ls -lah /var/log/mysql" - "sudo cat /var/log/mysql.err" - "sudo cat /var/log/mysql.log" - "sudo cat /var/log/mysql/error.log" From e1cdf2a34e9ff6c16c1f1f14332f474e53895389 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:37:40 -0500 Subject: [PATCH 025/128] More MySQL debugging on Travis. --- .travis.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c7e639a..47bebb5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,10 @@ env: before_install: - sudo apt-get update -qq - - sudo apt-get --purge remove mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 + - sudo apt-get remove --purge mysql* + - sudo apt-get autoremove + - sudo apt-get autoclean + - sudo service mysql stop - sudo ls -lah /var/lib - sudo rm -rf /var/lib/mysql From 02cc7cb5180d88eb2bb024a1bf532e9f33488cd2 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:42:51 -0500 Subject: [PATCH 026/128] More MySQL debugging on Travis - getting closer. --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 47bebb5..ea14452 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,7 +10,6 @@ before_install: - sudo apt-get remove --purge mysql* - sudo apt-get autoremove - sudo apt-get autoclean - - sudo service mysql stop - sudo ls -lah /var/lib - sudo rm -rf /var/lib/mysql From 8d2711b6d649d74cf36fb6dd7fbe12a424997775 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:48:57 -0500 Subject: [PATCH 027/128] Update playbook with default file size for MySQL InnoDB log. --- tests/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/test.yml b/tests/test.yml index bfe6c6c..76c9bf7 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,5 +1,8 @@ --- - hosts: localhost remote_user: root + vars: + # Use default log file size so Travis CI VM allows MySQL restart. + - mysql_innodb_log_file_size: "5M" roles: - ansible-role-mysql From d15399ead95b28f79552e7ee7660a3809ee78089 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 13:54:23 -0500 Subject: [PATCH 028/128] Final attempt - tests should finally pass. --- .travis.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index ea14452..307d2fb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,11 +7,13 @@ env: before_install: - sudo apt-get update -qq - - sudo apt-get remove --purge mysql* + + # Remove MySQL. Completely and totally. + - sudo apt-get remove --purge -s 'mysql*' - sudo apt-get autoremove - sudo apt-get autoclean - - sudo ls -lah /var/lib - sudo rm -rf /var/lib/mysql + - sudo rm -rf /var/log/mysql install: # Install Ansible. @@ -34,11 +36,11 @@ script: && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) + # Some MySQL debugging (show all the logs). - "sudo ls -lah /var/log" - "sudo ls -lah /var/log/mysql" - - "sudo cat /var/log/mysql.err" - - "sudo cat /var/log/mysql.log" - "sudo cat /var/log/mysql/error.log" + - "sudo cat /var/log/mysql/slow.log" # Check to make sure we can connect to MySQL. - > From af3a1d154ce04ffbff373b2cdd362a7613f6c89c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 14:00:05 -0500 Subject: [PATCH 029/128] Another attempt at getting good debug output from Travis. --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 307d2fb..e81dc20 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,7 +13,8 @@ before_install: - sudo apt-get autoremove - sudo apt-get autoclean - sudo rm -rf /var/lib/mysql - - sudo rm -rf /var/log/mysql + - sudo truncate -s 0 /var/log/mysql/error.log + - sudo truncate -s 0 /var/log/mysql/slow.log install: # Install Ansible. @@ -38,7 +39,6 @@ script: # Some MySQL debugging (show all the logs). - "sudo ls -lah /var/log" - - "sudo ls -lah /var/log/mysql" - "sudo cat /var/log/mysql/error.log" - "sudo cat /var/log/mysql/slow.log" From e9f332d42a6af02b6c0489bf7a4d945f2ac0e2a7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 23 May 2014 14:07:12 -0500 Subject: [PATCH 030/128] Don't worry about the MySQL slow log when debugging Travis. --- .travis.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index e81dc20..5995cda 100644 --- a/.travis.yml +++ b/.travis.yml @@ -14,7 +14,6 @@ before_install: - sudo apt-get autoclean - sudo rm -rf /var/lib/mysql - sudo truncate -s 0 /var/log/mysql/error.log - - sudo truncate -s 0 /var/log/mysql/slow.log install: # Install Ansible. @@ -40,7 +39,6 @@ script: # Some MySQL debugging (show all the logs). - "sudo ls -lah /var/log" - "sudo cat /var/log/mysql/error.log" - - "sudo cat /var/log/mysql/slow.log" # Check to make sure we can connect to MySQL. - > From 71cf6337bc6b74906bbbff4ec1b20120e7835488 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 3 Jul 2014 08:25:12 -0500 Subject: [PATCH 031/128] Add extra variables wait_timeout and max_allowed_packet. --- defaults/main.yml | 4 ++++ templates/my.cnf.j2 | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 93f7bb5..29c09b9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -22,6 +22,10 @@ mysql_myisam_sort_buffer_size: "64M" mysql_thread_cache_size: "8" mysql_query_cache_size: "16M" +# Other settings. +mysql_wait_timeout: 28800 +mysql_max_allowed_packet: "64M" + # Try number of CPU's * 2 for thread_concurrency. mysql_thread_concurrency: 2 diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index cf13846..13c387d 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -31,6 +31,10 @@ myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} thread_cache_size = {{ mysql_thread_cache_size }} query_cache_size = {{ mysql_query_cache_size }} +# Other settings. +wait_timeout = {{ mysql_wait_timeout }} +max_allowed_packet = {{ mysql_max_allowed_packet }} + # Try number of CPU's * 2 for thread_concurrency. thread_concurrency = {{ mysql_thread_concurrency }} From e9b78d3f1e3d3c49fd80d4281acd8256aadac5b0 Mon Sep 17 00:00:00 2001 From: simonvlc Date: Fri, 11 Jul 2014 15:31:12 +0200 Subject: [PATCH 032/128] Removing 'simulate' flag Hi there, I don't know if it's intended, but the '-s' flag just simulates the purge of the packages. I was having some problems with this trying to install percona. Kind regards, Simon. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5995cda..c817b8d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,7 +9,7 @@ before_install: - sudo apt-get update -qq # Remove MySQL. Completely and totally. - - sudo apt-get remove --purge -s 'mysql*' + - sudo apt-get remove --purge 'mysql*' - sudo apt-get autoremove - sudo apt-get autoclean - sudo rm -rf /var/lib/mysql From d733583be5fa0cf03b35f357095980da0cc5c1fe Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 3 Aug 2014 21:47:53 -0500 Subject: [PATCH 033/128] Install current version of Ansible when testing instead of 1.5.0. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5995cda..6287434 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,7 +17,7 @@ before_install: install: # Install Ansible. - - pip install ansible==1.5.0 + - pip install ansible # Add ansible.cfg to pick up roles path. - "printf '[defaults]\nroles_path = ../' > ansible.cfg" From cbf36a7920786f03897bdfc3cdc126e3da195ac3 Mon Sep 17 00:00:00 2001 From: Sebastian Schwarz Date: Wed, 6 Aug 2014 11:46:54 +0200 Subject: [PATCH 034/128] Mention Debian and Ubuntu as supported platforms --- meta/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/main.yml b/meta/main.yml index ea6aafd..c66da60 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -3,7 +3,7 @@ dependencies: [] galaxy_info: author: geerlingguy - description: MySQL server for RHEL/CentOS 6.x + description: MySQL server for RHEL/CentOS 6.x and Debian/Ubuntu company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" min_ansible_version: 1.4 From 3a15b07608484522a1e72f287c3378d13c54991b Mon Sep 17 00:00:00 2001 From: Sebastian Schwarz Date: Wed, 6 Aug 2014 11:47:59 +0200 Subject: [PATCH 035/128] Allow creation of databases and users Inspired by the Ansibles.mysql role. --- README.md | 17 +++++++++++++++++ defaults/main.yml | 4 ++++ tasks/main.yml | 17 +++++++++++++++++ 3 files changed, 38 insertions(+) diff --git a/README.md b/README.md index 1d9a651..392569f 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,14 @@ The home directory inside which Python MySQL settings will be stored, which Ansi The MySQL root user account password. + mysql_databases: [] + +The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`) and `collation` (defaults to `utf8_general_ci`). The formats of these are the same as in the `mysql_db` module. + + mysql_users: [] + +The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password` and `priv` (defaults to `*.*:USAGE`). The formats of these are the same as in the `mysql_user` module. + mysql_packages: - mysql - mysql-server @@ -59,6 +67,15 @@ None. *Inside `vars/main.yml`*: mysql_root_password: super-secure-password + mysql_databases: + - name: example_db + encoding: latin1 + collation: latin1_general_ci + mysql_users: + - name: example_user + host: "%" + password: similarly-secure-password + priv: "example_db.*:ALL" ## License diff --git a/defaults/main.yml b/defaults/main.yml index 29c09b9..1db9880 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -42,3 +42,7 @@ mysql_innodb_lock_wait_timeout: 50 # mysqldump settings mysql_mysqldump_max_allowed_packet: "64M" + +# databases and users settings +mysql_databases: [] +mysql_users: [] diff --git a/tasks/main.yml b/tasks/main.yml index 8b9850a..c69147a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -70,3 +70,20 @@ mysql_db: > name="test" state=absent + +- name: Ensure MySQL databases are present. + mysql_db: > + name="{{ item.name }}" + collation="{{ item.collation | default('utf8_general_ci') }}" + encoding="{{ item.encoding | default('utf8') }}" + state=present + with_items: mysql_databases + +- name: Ensure MySQL users are present. + mysql_user: > + name="{{ item.name }}" + host="{{ item.host | default('localhost') }}" + password="{{ item.password }}" + priv="{{ item.priv | default('*.*:USAGE') }}" + state=present + with_items: mysql_users From 64e337194c7e2efc9dc80ba67ee75a824d650caa Mon Sep 17 00:00:00 2001 From: Sebastian Schwarz Date: Thu, 7 Aug 2014 12:41:33 +0200 Subject: [PATCH 036/128] Make MySQL root username configurable While this doesn't seem to make sense on first glance it is useful for systems which were screwed with Parallels Plesk, which renames the MySQL root user to "admin". This change allowes this role to be used while the server is transitioning from Plesk to Ansible. --- defaults/main.yml | 1 + templates/python-my.cnf.j2 | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 1db9880..7f20304 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,6 @@ --- mysql_user_home: /root +mysql_root_username: root mysql_root_password: root # Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only diff --git a/templates/python-my.cnf.j2 b/templates/python-my.cnf.j2 index b013aa3..43de06a 100644 --- a/templates/python-my.cnf.j2 +++ b/templates/python-my.cnf.j2 @@ -1,3 +1,3 @@ [client] -user=root -password={{ mysql_root_password }} \ No newline at end of file +user={{ mysql_root_username }} +password={{ mysql_root_password }} From c8368995363950374601e54e34be8e88b51ee86b Mon Sep 17 00:00:00 2001 From: Sebastian Schwarz Date: Thu, 7 Aug 2014 12:50:14 +0200 Subject: [PATCH 037/128] Make error logging configurable --- README.md | 5 +++++ defaults/main.yml | 4 ++++ templates/my.cnf.j2 | 8 +++++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 392569f..212ab71 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,11 @@ The MySQL users and their privileges. A user has the values `name`, `host` (defa Default MySQL connection configuration. + mysql_log_error: /var/log/mysqld.log + mysql_syslog_tag: mysqld + +MySQL logging configuration. Setting `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. + mysql_key_buffer_size: "256M" mysql_max_allowed_packet: "1M" mysql_table_open_cache: "256" diff --git a/defaults/main.yml b/defaults/main.yml index 7f20304..d8a19e6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -44,6 +44,10 @@ mysql_innodb_lock_wait_timeout: 50 # mysqldump settings mysql_mysqldump_max_allowed_packet: "64M" +# mysqld_safe setting +mysql_log_error: /var/log/mysqld.log +mysql_syslog_tag: mysqld + # databases and users settings mysql_databases: [] mysql_users: [] diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 13c387d..245cbc5 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -52,5 +52,11 @@ quick max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} [mysqld_safe] -log-error = /var/log/mysqld.log +{% if mysql_log_error == 'syslog' %} +syslog +syslog-tag = {{ mysql_syslog_tag }} +{% else %} +skip-syslog +log-error = {{ mysql_log_error }} +{% endif %} pid-file = /var/run/mysqld/mysqld.pid From ff924e6f19a186f290cd03f6a35cb2d498466ed7 Mon Sep 17 00:00:00 2001 From: Sebastian Schwarz Date: Thu, 7 Aug 2014 12:55:56 +0200 Subject: [PATCH 038/128] Also adjust port and socket of the MySQL client --- templates/my.cnf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 245cbc5..ee0ac85 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -1,7 +1,7 @@ [client] #password = your_password -port = 3306 -socket = /var/lib/mysql/mysql.sock +port = {{ mysql_port }} +socket = {{ mysql_socket }} [mysqld] port = {{ mysql_port }} From f52d3d44ba987bccb2b78c33e5e575c3d9409d2a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 26 Aug 2014 08:23:48 -0500 Subject: [PATCH 039/128] Split setup tasks into distro-specific files and update apt_cache for first run. --- tasks/main.yml | 13 ++----------- tasks/setup-Debian.yml | 14 ++++++++++++++ tasks/setup-RedHat.yml | 7 +++++++ 3 files changed, 23 insertions(+), 11 deletions(-) create mode 100644 tasks/setup-Debian.yml create mode 100644 tasks/setup-RedHat.yml diff --git a/tasks/main.yml b/tasks/main.yml index c69147a..1624aa0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -9,19 +9,10 @@ enablerepo={{ mysql_enablerepo }} when: mysql_enablerepo != "" -- name: Ensure MySQL packages are installed (RedHat). - yum: > - name={{ item }} - state=installed - enablerepo={{ mysql_enablerepo }} - with_items: mysql_packages +- include: setup-RedHat.yml when: ansible_os_family == 'RedHat' -- name: Ensure MySQL packages are installed (Debian). - apt: > - name={{ item }} - state=installed - with_items: mysql_packages +- include: setup-Debian.yml when: ansible_os_family == 'Debian' - name: Copy my.cnf global MySQL configuration. diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml new file mode 100644 index 0000000..425bc17 --- /dev/null +++ b/tasks/setup-Debian.yml @@ -0,0 +1,14 @@ +--- +- name: Check if MySQL is already installed. + stat: path=/etc/init.d/mysql + register: mysql_installed + +- name: Update apt cache if MySQL is not yet installed. + apt: update_cache=yes + when: mysql_installed.stat.exists == false + +- name: Ensure MySQL packages are installed. + apt: > + name={{ item }} + state=installed + with_items: mysql_packages diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml new file mode 100644 index 0000000..6265326 --- /dev/null +++ b/tasks/setup-RedHat.yml @@ -0,0 +1,7 @@ +--- +- name: Ensure MySQL packages are installed. + yum: > + name={{ item }} + state=installed + enablerepo={{ mysql_enablerepo }} + with_items: mysql_packages From 484c6277451c23a01f07bf9f4acc242a5f8eba5f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 14 Oct 2014 22:59:05 -0400 Subject: [PATCH 040/128] Update default mysql_max_allowed_packet variable. --- README.md | 2 +- defaults/main.yml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 212ab71..9fc2ef1 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,7 @@ Default MySQL connection configuration. MySQL logging configuration. Setting `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. mysql_key_buffer_size: "256M" - mysql_max_allowed_packet: "1M" + mysql_max_allowed_packet: "64M" mysql_table_open_cache: "256" [...] diff --git a/defaults/main.yml b/defaults/main.yml index d8a19e6..5f1a530 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -14,7 +14,7 @@ mysql_socket: /var/lib/mysql/mysql.sock # Memory settings (default values optimized ~512MB RAM). mysql_key_buffer_size: "256M" -mysql_max_allowed_packet: "1M" +mysql_max_allowed_packet: "64M" mysql_table_open_cache: "256" mysql_sort_buffer_size: "1M" mysql_read_buffer_size: "1M" @@ -25,7 +25,6 @@ mysql_query_cache_size: "16M" # Other settings. mysql_wait_timeout: 28800 -mysql_max_allowed_packet: "64M" # Try number of CPU's * 2 for thread_concurrency. mysql_thread_concurrency: 2 From a85ecf03be3611947e964e88760440bf9c4fed6b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 8 Nov 2014 14:36:01 -0600 Subject: [PATCH 041/128] Update test. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index aac5102..694e819 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ install: - pip install ansible # Add ansible.cfg to pick up roles path. - - "printf '[defaults]\nroles_path = ../' > ansible.cfg" + - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" script: # Check the role/playbook's syntax. From 181aef980669dbf316236c85c29886b76f99744c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 8 Nov 2014 15:10:49 -0600 Subject: [PATCH 042/128] Stylistic cleanup and reorganization. --- handlers/main.yml | 4 +- meta/main.yml | 1 + tasks/configure.yml | 12 ++++++ tasks/databases-users.yml | 17 ++++++++ tasks/main.yml | 73 ++--------------------------------- tasks/secure-installation.yml | 32 +++++++++++++++ tasks/setup-Debian.yml | 4 +- tasks/setup-RedHat.yml | 9 +++-- 8 files changed, 72 insertions(+), 80 deletions(-) create mode 100644 tasks/configure.yml create mode 100644 tasks/databases-users.yml create mode 100644 tasks/secure-installation.yml diff --git a/handlers/main.yml b/handlers/main.yml index 8622c20..24b351d 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,3 @@ --- - name: restart mysql - service: > - name={{ mysql_daemon }} - state=restarted + service: "name={{ mysql_daemon }} state=restarted" diff --git a/meta/main.yml b/meta/main.yml index c66da60..6436e07 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -11,6 +11,7 @@ galaxy_info: - name: EL versions: - 6 + - 7 - name: Ubuntu versions: - all diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..008a354 --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,12 @@ +--- +- name: Copy my.cnf global MySQL configuration. + template: + src: my.cnf.j2 + dest: /etc/my.cnf + owner: root + group: root + mode: 0644 + notify: restart mysql + +- name: Ensure MySQL is started and enabled on boot. + service: "name={{ mysql_daemon }} state=started enabled=yes" diff --git a/tasks/databases-users.yml b/tasks/databases-users.yml new file mode 100644 index 0000000..23b013a --- /dev/null +++ b/tasks/databases-users.yml @@ -0,0 +1,17 @@ +--- +- name: Ensure MySQL databases are present. + mysql_db: + name: "{{ item.name }}" + collation: "{{ item.collation | default('utf8_general_ci') }}" + encoding: "{{ item.encoding | default('utf8') }}" + state: present + with_items: mysql_databases + +- name: Ensure MySQL users are present. + mysql_user: + name: "{{ item.name }}" + host: "{{ item.host | default('localhost') }}" + password: "{{ item.password }}" + priv: "{{ item.priv | default('*.*:USAGE') }}" + state: present + with_items: mysql_users diff --git a/tasks/main.yml b/tasks/main.yml index 1624aa0..5dc2614 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,79 +2,12 @@ - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" -- name: Update postfix to the latest version (if extra repositories enabled). - yum: > - name=postfix - state=latest - enablerepo={{ mysql_enablerepo }} - when: mysql_enablerepo != "" - - include: setup-RedHat.yml when: ansible_os_family == 'RedHat' - include: setup-Debian.yml when: ansible_os_family == 'Debian' -- name: Copy my.cnf global MySQL configuration. - template: > - src=my.cnf.j2 - dest=/etc/my.cnf - owner=root group=root mode=644 - notify: restart mysql - -- name: Ensure MySQL is started and enabled on boot. - service: > - name={{ mysql_daemon }} - state=started - enabled=yes - -- name: Check if .my.cnf file already exists. - stat: "path={{ mysql_user_home }}/.my.cnf" - register: mycnf_file - -# 'localhost' needs to be the last item for idempotency, see -# http://ansible.cc/docs/modules.html#mysql-user -- name: Update MySQL root password for all root accounts. - mysql_user: > - name=root - host={{ item }} - password={{ mysql_root_password }} - with_items: - - 127.0.0.1 - - ::1 - - localhost - when: mycnf_file.stat.exists == false - -# Has to be after the root password assignment, for idempotency. -- name: Copy .my.cnf file with root password credentials. - template: > - src=python-my.cnf.j2 - dest={{ mysql_user_home }}/.my.cnf - owner=root group=root mode=600 - -- name: Delete anonymous MySQL user for localhost. - mysql_user: > - name="" - state=absent - -- name: Remove the MySQL test database. - mysql_db: > - name="test" - state=absent - -- name: Ensure MySQL databases are present. - mysql_db: > - name="{{ item.name }}" - collation="{{ item.collation | default('utf8_general_ci') }}" - encoding="{{ item.encoding | default('utf8') }}" - state=present - with_items: mysql_databases - -- name: Ensure MySQL users are present. - mysql_user: > - name="{{ item.name }}" - host="{{ item.host | default('localhost') }}" - password="{{ item.password }}" - priv="{{ item.priv | default('*.*:USAGE') }}" - state=present - with_items: mysql_users +- include: configure.yml +- include: secure-installation.yml +- include: databases-users.yml diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml new file mode 100644 index 0000000..db44d50 --- /dev/null +++ b/tasks/secure-installation.yml @@ -0,0 +1,32 @@ +--- +- name: Check if .my.cnf file already exists. + stat: "path={{ mysql_user_home }}/.my.cnf" + register: mycnf_file + +# 'localhost' needs to be the last item for idempotency, see +# http://ansible.cc/docs/modules.html#mysql-user +- name: Update MySQL root password for all root accounts. + mysql_user: + name: "root" + host: "{{ item }}" + password: "{{ mysql_root_password }}" + with_items: + - 127.0.0.1 + - ::1 + - localhost + when: mycnf_file.stat.exists == false + +# Has to be after the root password assignment, for idempotency. +- name: Copy .my.cnf file with root password credentials. + template: + src: "python-my.cnf.j2" + dest: "{{ mysql_user_home }}/.my.cnf" + owner: root + group: root + mode: 0600 + +- name: Remove anonymous MySQL user. + mysql_user: "name='' state=absent" + +- name: Remove MySQL test database. + mysql_db: "name='test' state=absent" \ No newline at end of file diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 425bc17..3cfe518 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -8,7 +8,5 @@ when: mysql_installed.stat.exists == false - name: Ensure MySQL packages are installed. - apt: > - name={{ item }} - state=installed + apt: "name={{ item }} state=installed" with_items: mysql_packages diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 6265326..dc71e2f 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,7 +1,8 @@ --- +- name: Update postfix to the latest version (if extra repositories enabled). + yum: "name=postfix state=latest enablerepo={{ mysql_enablerepo }}" + when: mysql_enablerepo != "" + - name: Ensure MySQL packages are installed. - yum: > - name={{ item }} - state=installed - enablerepo={{ mysql_enablerepo }} + yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages From 6967874c08ae32175195e1a8dd190c812626883e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 8 Nov 2014 21:43:31 -0600 Subject: [PATCH 043/128] Issue #6: Add replication configuration. --- defaults/main.yml | 22 ++++++++-- tasks/databases.yml | 8 ++++ tasks/main.yml | 4 +- tasks/replication.yml | 51 ++++++++++++++++++++++++ tasks/{databases-users.yml => users.yml} | 8 ---- templates/my.cnf.j2 | 29 ++++++++++++-- 6 files changed, 106 insertions(+), 16 deletions(-) create mode 100644 tasks/databases.yml create mode 100644 tasks/replication.yml rename tasks/{databases-users.yml => users.yml} (51%) diff --git a/defaults/main.yml b/defaults/main.yml index 5f1a530..21abd5c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -40,13 +40,29 @@ mysql_innodb_log_buffer_size: "8M" mysql_innodb_flush_log_at_trx_commit: "1" mysql_innodb_lock_wait_timeout: 50 -# mysqldump settings +# mysqldump settings. mysql_mysqldump_max_allowed_packet: "64M" -# mysqld_safe setting +# Logging settings. mysql_log_error: /var/log/mysqld.log mysql_syslog_tag: mysqld -# databases and users settings +# Databases. mysql_databases: [] +# Full example: +# mysql_databases: +# - { name: example, collation: utf8_general_ci, encoding: utf8, replicate: 1 } + +# Users mysql_users: [] +# Full Example: +# mysql_users: +# - { name: example, host: 127.0.0.1, password: secret, priv: *.*:USAGE } + +# Replication settings (replication is only enabled if master/user have values). +mysql_server_id: "1" +mysql_max_binlog_size: "100M" +mysql_replication_role: master +mysql_replication_master: '' +# Same keys as `mysql_users` above. +mysql_replication_user: [] diff --git a/tasks/databases.yml b/tasks/databases.yml new file mode 100644 index 0000000..39ee42f --- /dev/null +++ b/tasks/databases.yml @@ -0,0 +1,8 @@ +--- +- name: Ensure MySQL databases are present. + mysql_db: + name: "{{ item.name }}" + collation: "{{ item.collation | default('utf8_general_ci') }}" + encoding: "{{ item.encoding | default('utf8') }}" + state: present + with_items: mysql_databases diff --git a/tasks/main.yml b/tasks/main.yml index 5dc2614..775df11 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -10,4 +10,6 @@ - include: configure.yml - include: secure-installation.yml -- include: databases-users.yml +- include: databases.yml +- include: users.yml +- include: replication.yml diff --git a/tasks/replication.yml b/tasks/replication.yml new file mode 100644 index 0000000..ec56dfc --- /dev/null +++ b/tasks/replication.yml @@ -0,0 +1,51 @@ +--- +- name: Ensure replication user exists on master. + mysql_user: + name: "{{ mysql_replication_user.name }}" + host: "{{ mysql_replication_user.host | default('%') }}" + password: "{{ mysql_replication_user.password }}" + priv: "{{ mysql_replication_user.priv | default('*.*:REPLICATION SLAVE') }}" + state: present + when: > + (mysql_replication_role == 'master') + and mysql_replication_user + and (mysql_replication_master != '') + +- name: Check slave replication status. + mysql_replication: mode=getslave + ignore_errors: true + register: slave + when: > + mysql_replication_role == 'slave' + and (mysql_replication_master != '') + +- name: Check master replication status. + mysql_replication: mode=getmaster + delegate_to: "{{ mysql_replication_master }}" + register: master + when: > + slave|failed + and (mysql_replication_role == 'slave') + and (mysql_replication_master != '') + +- name: Configure replication on the slave. + mysql_replication: + mode: changemaster + master_host: "{{ mysql_replication_master }}" + master_user: "{{ mysql_replication_user.name }}" + master_password: "{{ mysql_replication_user.password }}" + master_log_file: "{{ master.File }}" + master_log_pos: "{{ master.Position }}" + ignore_errors: True + when: > + slave|failed + and (mysql_replication_role == 'slave') + and (mysql_replication_master != '') + and mysql_replication_user + +- name: Start replication. + mysql_replication: mode=startslave + when: > + slave|failed + and (mysql_replication_role == 'slave') + and (mysql_replication_master != '') diff --git a/tasks/databases-users.yml b/tasks/users.yml similarity index 51% rename from tasks/databases-users.yml rename to tasks/users.yml index 23b013a..b44d649 100644 --- a/tasks/databases-users.yml +++ b/tasks/users.yml @@ -1,12 +1,4 @@ --- -- name: Ensure MySQL databases are present. - mysql_db: - name: "{{ item.name }}" - collation: "{{ item.collation | default('utf8_general_ci') }}" - encoding: "{{ item.encoding | default('utf8') }}" - state: present - with_items: mysql_databases - - name: Ensure MySQL users are present. mysql_user: name: "{{ item.name }}" diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index ee0ac85..b88b1ed 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -8,13 +8,34 @@ port = {{ mysql_port }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} +# Replication +server-id = {{ mysql_server_id }} + +{% if mysql_replication_role == 'master' %} +log_bin = mysql-bin +log-bin-index = mysql-bin.index +expire_logs_days = 10 +max_binlog_size = {{ mysql_max_binlog_size }} + +{% for db in mysql_databases %} +{% if db.replicate|default(1) %} +binlog_do_db = {{ db.name }} +{% else %} +binlog_ignore_db = {{ db.name }} +{% endif %} +{% endfor %} +{% endif %} + +{% if mysql_replication_role == 'slave' %} +read_only +relay-log = relay-bin +relay-log-index = relay-bin.index +{% endif %} + # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links = 0 -# Settings user and group are ignored when systemd is used (fedora >= 15). -# If you need to run mysqld under a different user or group, -# customize your systemd unit file for mysqld according to the -# instructions in http://fedoraproject.org/wiki/Systemd +# User is ignored when systemd is used (fedora <= 15). user = mysql # http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html From 08e75e249b152be0698471430c3260c2dc7efafa Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 8 Nov 2014 21:48:34 -0600 Subject: [PATCH 044/128] Add replication options to README. --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9fc2ef1..c10f119 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ The MySQL root user account password. mysql_databases: [] -The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`) and `collation` (defaults to `utf8_general_ci`). The formats of these are the same as in the `mysql_db` module. +The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. mysql_users: [] @@ -57,6 +57,14 @@ MySQL logging configuration. Setting `mysql_log_error` to `syslog` will make MyS The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. + mysql_server_id: "1" + mysql_max_binlog_size: "100M" + mysql_replication_role: master + mysql_replication_master: '' + mysql_replication_user: [] + +Replication settings. Set `mysql_server_id` and `mysql_replication_role` by server (e.g. the master would be ID `1`, with the `mysql_replication_role` of `master`, and the slave would be ID `2`, with the `mysql_replication_role` of `slave`). The `mysql_replication_user` uses the same keys as `mysql_users`, and is created on master servers, and used to replicate on all the slaves. + ## Dependencies None. From 0b72ec9fbb8e174a3c1e20e2de10a0ee5f400878 Mon Sep 17 00:00:00 2001 From: Vadym Petrychenko Date: Sat, 15 Nov 2014 19:23:19 +0100 Subject: [PATCH 045/128] add mysql_bind_address to configuration --- README.md | 1 + defaults/main.yml | 1 + templates/my.cnf.j2 | 1 + 3 files changed, 3 insertions(+) diff --git a/README.md b/README.md index c10f119..3e7bad4 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ The MySQL users and their privileges. A user has the values `name`, `host` (defa (RedHat/CentOS only) If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. mysql_port: "3306" + mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql mysql_socket: /var/lib/mysql/mysql.sock diff --git a/defaults/main.yml b/defaults/main.yml index 21abd5c..89cf286 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,6 +9,7 @@ mysql_enablerepo: "" # MySQL connection settings. mysql_port: "3306" +mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql mysql_socket: /var/lib/mysql/mysql.sock diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index b88b1ed..1e77525 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -5,6 +5,7 @@ socket = {{ mysql_socket }} [mysqld] port = {{ mysql_port }} +bind-address = {{ mysql_bind_address }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} From 64e4ed6e08fddc6c253c69d241b442763f22c3c8 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 7 Jan 2015 10:16:36 -0600 Subject: [PATCH 046/128] Add mysql_state and mysql_enabled_on_startup options. --- README.md | 5 +++++ defaults/main.yml | 3 +++ tasks/configure.yml | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3e7bad4..6283dcf 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,11 @@ The home directory inside which Python MySQL settings will be stored, which Ansi The MySQL root user account password. + mysql_state: started + mysql_enabled_on_startup: yes + +MySQL's state (`started`, `stopped`, `restarted`, `reloaded`), and whether to enable MySQL on startup. + mysql_databases: [] The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. diff --git a/defaults/main.yml b/defaults/main.yml index 89cf286..97f6c62 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,9 @@ mysql_user_home: /root mysql_root_username: root mysql_root_password: root +mysql_state: started +mysql_enabled_on_startup: yes + # Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only # for RedHat systems (and derivatives). mysql_enablerepo: "" diff --git a/tasks/configure.yml b/tasks/configure.yml index 008a354..f22a923 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -9,4 +9,4 @@ notify: restart mysql - name: Ensure MySQL is started and enabled on boot. - service: "name={{ mysql_daemon }} state=started enabled=yes" + service: "name={{ mysql_daemon }} state={{ mysql_state }} enabled={{ mysql_enabled_on_startup }}" From 420894477e7c2ac08a0d5568ae71aaa5c8d8938e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 7 Jan 2015 10:28:09 -0600 Subject: [PATCH 047/128] Remove mysql_state variable, since it doesn't work as expected. --- README.md | 3 +-- defaults/main.yml | 1 - tasks/configure.yml | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 6283dcf..7007985 100644 --- a/README.md +++ b/README.md @@ -20,10 +20,9 @@ The home directory inside which Python MySQL settings will be stored, which Ansi The MySQL root user account password. - mysql_state: started mysql_enabled_on_startup: yes -MySQL's state (`started`, `stopped`, `restarted`, `reloaded`), and whether to enable MySQL on startup. +Whether MySQL should be enabled on startup. mysql_databases: [] diff --git a/defaults/main.yml b/defaults/main.yml index 97f6c62..3c93c8c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,7 +3,6 @@ mysql_user_home: /root mysql_root_username: root mysql_root_password: root -mysql_state: started mysql_enabled_on_startup: yes # Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only diff --git a/tasks/configure.yml b/tasks/configure.yml index f22a923..405a50f 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -9,4 +9,4 @@ notify: restart mysql - name: Ensure MySQL is started and enabled on boot. - service: "name={{ mysql_daemon }} state={{ mysql_state }} enabled={{ mysql_enabled_on_startup }}" + service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" From 2c5843f16454810573a306691a087c22bcd5ed4a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 7 Jan 2015 10:41:58 -0600 Subject: [PATCH 048/128] Only add replication config if replication is setup. --- templates/my.cnf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 1e77525..ac05e40 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -9,6 +9,7 @@ bind-address = {{ mysql_bind_address }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} +{% if mysql_replication_master %} # Replication server-id = {{ mysql_server_id }} @@ -32,6 +33,7 @@ read_only relay-log = relay-bin relay-log-index = relay-bin.index {% endif %} +{% endif %} # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links = 0 From 6dd24c2d249235ee79ed85604589525b97b9dbfb Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 8 Jan 2015 17:20:30 -0600 Subject: [PATCH 049/128] Add new mysql_config_file variable so Ubuntu my.cnf file paths are correct. --- tasks/configure.yml | 2 +- vars/Debian.yml | 4 +++- vars/RedHat.yml | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index 405a50f..a0e8b18 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -2,7 +2,7 @@ - name: Copy my.cnf global MySQL configuration. template: src: my.cnf.j2 - dest: /etc/my.cnf + dest: "{{ mysql_config_file }}" owner: root group: root mode: 0644 diff --git a/vars/Debian.yml b/vars/Debian.yml index 25ad3a0..ccc9c07 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,5 +1,7 @@ --- mysql_daemon: mysql +mysql_config_file: /etc/mysql/my.cnf mysql_packages: + - mysql-common - mysql-server - - python-mysqldb \ No newline at end of file + - python-mysqldb diff --git a/vars/RedHat.yml b/vars/RedHat.yml index da2518f..9ccbf55 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,5 +1,6 @@ --- mysql_daemon: mysqld +mysql_config_file: /etc/my.cnf mysql_packages: - mysql - mysql-server From 710c52c67112c2d5131747357fab84c33f513157 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 8 Jan 2015 17:30:00 -0600 Subject: [PATCH 050/128] Test connecting through TCP. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 694e819..99aabf2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -42,7 +42,7 @@ script: # Check to make sure we can connect to MySQL. - > - mysql -u root -proot -e 'show databases;' + mysql -u root -proot -h 127.0.0.1 -e 'show databases;' | grep -q 'performance_schema' && (echo 'MySQL running normally' && exit 0) || (echo 'MySQL not running' && exit 1) From 8299775d5260f10aeccf50e8528d3b9b931baccd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 8 Jan 2015 18:04:16 -0600 Subject: [PATCH 051/128] Make sure socket connections work correctly on Ubuntu. --- .travis.yml | 9 ++++++++- tasks/configure.yml | 9 +++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 99aabf2..f794fb4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -40,7 +40,14 @@ script: - "sudo ls -lah /var/log" - "sudo cat /var/log/mysql/error.log" - # Check to make sure we can connect to MySQL. + # Check to make sure we can connect to MySQL via Unix socket. + - > + mysql -u root -proot -e 'show databases;' + | grep -q 'performance_schema' + && (echo 'MySQL running normally' && exit 0) + || (echo 'MySQL not running' && exit 1) + + # Check to make sure we can connect to MySQL via TCP. - > mysql -u root -proot -h 127.0.0.1 -e 'show databases;' | grep -q 'performance_schema' diff --git a/tasks/configure.yml b/tasks/configure.yml index a0e8b18..ac7ca70 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -10,3 +10,12 @@ - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" + +- name: Ensure MySQL socket file has correct permissions. + file: + path: "{{ item }}" + mode: 0755 + notify: restart mysql + with_items: + - "{{ mysql_datadir }}" + - "{{ mysql_socket }}" From 9899916b4a56dbd81266e07eb0123d07781f61ae Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 8 Jan 2015 18:12:30 -0600 Subject: [PATCH 052/128] Use correct MySQL socket file for Ubuntu. --- README.md | 1 - defaults/main.yml | 1 - tasks/configure.yml | 9 --------- vars/Debian.yml | 1 + vars/RedHat.yml | 1 + 5 files changed, 2 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 7007985..9bbd537 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,6 @@ The MySQL users and their privileges. A user has the values `name`, `host` (defa mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql - mysql_socket: /var/lib/mysql/mysql.sock Default MySQL connection configuration. diff --git a/defaults/main.yml b/defaults/main.yml index 3c93c8c..4a7a9cb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -13,7 +13,6 @@ mysql_enablerepo: "" mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql -mysql_socket: /var/lib/mysql/mysql.sock # Memory settings (default values optimized ~512MB RAM). mysql_key_buffer_size: "256M" diff --git a/tasks/configure.yml b/tasks/configure.yml index ac7ca70..a0e8b18 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -10,12 +10,3 @@ - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" - -- name: Ensure MySQL socket file has correct permissions. - file: - path: "{{ item }}" - mode: 0755 - notify: restart mysql - with_items: - - "{{ mysql_datadir }}" - - "{{ mysql_socket }}" diff --git a/vars/Debian.yml b/vars/Debian.yml index ccc9c07..db19a43 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -5,3 +5,4 @@ mysql_packages: - mysql-common - mysql-server - python-mysqldb +mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 9ccbf55..aeb31cf 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -5,3 +5,4 @@ mysql_packages: - mysql - mysql-server - MySQL-python +mysql_socket: /var/lib/mysql/mysql.sock From 5ff8709f6b90ec944c1382141560c27cb8831387 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 13 Jan 2015 09:18:27 -0600 Subject: [PATCH 053/128] Issue #14: InnoDB log size is 5MB even though 64MB is specified (Ubuntu). --- tasks/setup-Debian.yml | 10 ++++++++++ tests/test.yml | 3 --- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 3cfe518..8b07af9 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -10,3 +10,13 @@ - name: Ensure MySQL packages are installed. apt: "name={{ item }} state=installed" with_items: mysql_packages + +# Because Ubuntu starts MySQL as part of the install process, we need to stop +# mysql and remove the logfiles in case the user set a custom log file size. +- name: Ensure MySQL is stopped after initial install. + service: name=mysql state=stopped + when: mysql_installed.stat.exists == false + +- name: Delete innodb log files created by apt package after initial install. + shell: "rm -f {{ mysql_datadir }}/ib_logfile[01]" + when: mysql_installed.stat.exists == false diff --git a/tests/test.yml b/tests/test.yml index 76c9bf7..bfe6c6c 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,8 +1,5 @@ --- - hosts: localhost remote_user: root - vars: - # Use default log file size so Travis CI VM allows MySQL restart. - - mysql_innodb_log_file_size: "5M" roles: - ansible-role-mysql From 361126b8b0747e1fa8320f186fff726acbbb982c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 13 Jan 2015 09:23:33 -0600 Subject: [PATCH 054/128] Issue #9: Allow mysql_packages to be overridden. --- defaults/main.yml | 7 +++++++ tasks/main.yml | 8 ++++++++ vars/Debian.yml | 2 +- vars/RedHat.yml | 2 +- 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 4a7a9cb..f06535c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,6 +9,13 @@ mysql_enabled_on_startup: yes # for RedHat systems (and derivatives). mysql_enablerepo: "" +# Define a custom list of packages to install; if none provided, the default +# package list from vars/[OS-family].yml will be used. +# mysql_packages: +# - mysql +# - mysql-server +# - MySQL-python + # MySQL connection settings. mysql_port: "3306" mysql_bind_address: '0.0.0.0' diff --git a/tasks/main.yml b/tasks/main.yml index 775df11..271393a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,13 +1,21 @@ --- +# Include variables and define needed variables. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" +- name: Define mysql_packages. + set_fact: + mysql_packages: "{{ __mysql_packages | list }}" + when: mysql_packages is not defined + +# Setup/install tasks. - include: setup-RedHat.yml when: ansible_os_family == 'RedHat' - include: setup-Debian.yml when: ansible_os_family == 'Debian' +# Configure MySQL. - include: configure.yml - include: secure-installation.yml - include: databases.yml diff --git a/vars/Debian.yml b/vars/Debian.yml index db19a43..0a04ce0 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,7 +1,7 @@ --- mysql_daemon: mysql mysql_config_file: /etc/mysql/my.cnf -mysql_packages: +__mysql_packages: - mysql-common - mysql-server - python-mysqldb diff --git a/vars/RedHat.yml b/vars/RedHat.yml index aeb31cf..055839c 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,7 +1,7 @@ --- mysql_daemon: mysqld mysql_config_file: /etc/my.cnf -mysql_packages: +__mysql_packages: - mysql - mysql-server - MySQL-python From 53e27f8fd53abcf187f7686f203232f83721660f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 28 Feb 2015 22:00:26 -0600 Subject: [PATCH 055/128] Fixes #20: Allow configuration of expire-logs-days. --- README.md | 1 + defaults/main.yml | 1 + templates/my.cnf.j2 | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9bbd537..0c51cb7 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,7 @@ The rest of the settings in `defaults/main.yml` control MySQL's memory usage. Th mysql_server_id: "1" mysql_max_binlog_size: "100M" + mysql_expire_logs_days: "10" mysql_replication_role: master mysql_replication_master: '' mysql_replication_user: [] diff --git a/defaults/main.yml b/defaults/main.yml index f06535c..f8bb9dd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -71,6 +71,7 @@ mysql_users: [] # Replication settings (replication is only enabled if master/user have values). mysql_server_id: "1" mysql_max_binlog_size: "100M" +mysql_expire_logs_days: "10" mysql_replication_role: master mysql_replication_master: '' # Same keys as `mysql_users` above. diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index ac05e40..4adb695 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -16,7 +16,7 @@ server-id = {{ mysql_server_id }} {% if mysql_replication_role == 'master' %} log_bin = mysql-bin log-bin-index = mysql-bin.index -expire_logs_days = 10 +expire_logs_days = {{ mysql_expire_logs_days }} max_binlog_size = {{ mysql_max_binlog_size }} {% for db in mysql_databases %} From 4b686f53afe8569e988e9beb9e458bb10abb1345 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 10 Mar 2015 08:46:21 -0500 Subject: [PATCH 056/128] Don't set replication role to 'master' by default, saves binlogs. --- README.md | 2 +- defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0c51cb7..f257512 100644 --- a/README.md +++ b/README.md @@ -64,7 +64,7 @@ The rest of the settings in `defaults/main.yml` control MySQL's memory usage. Th mysql_server_id: "1" mysql_max_binlog_size: "100M" mysql_expire_logs_days: "10" - mysql_replication_role: master + mysql_replication_role: '' mysql_replication_master: '' mysql_replication_user: [] diff --git a/defaults/main.yml b/defaults/main.yml index f8bb9dd..993f3a3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -72,7 +72,7 @@ mysql_users: [] mysql_server_id: "1" mysql_max_binlog_size: "100M" mysql_expire_logs_days: "10" -mysql_replication_role: master +mysql_replication_role: '' mysql_replication_master: '' # Same keys as `mysql_users` above. mysql_replication_user: [] From 3d0762b7dd2ffb83cde56f56647f9e11aa53a9df Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 9 Apr 2015 11:18:58 -0500 Subject: [PATCH 057/128] Fixes #22: Make MySQL root user password settings more reliable. --- tasks/secure-installation.yml | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index db44d50..a3a4f90 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -1,20 +1,15 @@ --- -- name: Check if .my.cnf file already exists. - stat: "path={{ mysql_user_home }}/.my.cnf" - register: mycnf_file - -# 'localhost' needs to be the last item for idempotency, see -# http://ansible.cc/docs/modules.html#mysql-user -- name: Update MySQL root password for all root accounts. +# 'localhost' needs to be last for idempotency. +- name: Update MySQL root password for localhost root account. mysql_user: name: "root" host: "{{ item }}" password: "{{ mysql_root_password }}" with_items: + - "{{ ansible_hostname }}" - 127.0.0.1 - ::1 - localhost - when: mycnf_file.stat.exists == false # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. From f9d367cb80c238af2cb182052aa0823ec9349c98 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Fri, 10 Apr 2015 09:20:00 -0400 Subject: [PATCH 058/128] optional-mycnf-force --- README.md | 4 ++++ defaults/main.yml | 3 +++ tasks/configure.yml | 1 + 3 files changed, 8 insertions(+) diff --git a/README.md b/README.md index f257512..fbb3ece 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,10 @@ The MySQL root user account password. Whether MySQL should be enabled on startup. + overwrite_global_mycnf: yes + +Whether the global my.cnf should be overwritten each time ansible runs. "no" will only create the file if it doesn't exist. + mysql_databases: [] The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. diff --git a/defaults/main.yml b/defaults/main.yml index 993f3a3..d373ff6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,6 +5,9 @@ mysql_root_password: root mysql_enabled_on_startup: yes +# update my.cnf. each time role is run? yes | no +overwrite_global_mycnf: yes + # Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only # for RedHat systems (and derivatives). mysql_enablerepo: "" diff --git a/tasks/configure.yml b/tasks/configure.yml index a0e8b18..f2bb5a6 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -6,6 +6,7 @@ owner: root group: root mode: 0644 + force: "{{ overwrite_global_mycnf }}" notify: restart mysql - name: Ensure MySQL is started and enabled on boot. From 0fbf3fa4d868034a804b30cfc4716f52cefdd263 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Fri, 10 Apr 2015 09:26:24 -0400 Subject: [PATCH 059/128] Support for setting root password when running as local_action --- tasks/secure-installation.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index a3a4f90..acbd3ff 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -1,15 +1,16 @@ --- +- name: Get list of hosts for root user + command: mysql -NBe 'SELECT Host from mysql.user WHERE User = "root" order by (Host="localhost") ASC' + register: mysql_root_hosts + changed_when: false + # 'localhost' needs to be last for idempotency. - name: Update MySQL root password for localhost root account. mysql_user: name: "root" host: "{{ item }}" password: "{{ mysql_root_password }}" - with_items: - - "{{ ansible_hostname }}" - - 127.0.0.1 - - ::1 - - localhost + with_items: mysql_root_hosts.stdout_lines # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. From 75cf220549b38cc59fe25f268a4e06e712cfbe22 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Fri, 10 Apr 2015 09:29:52 -0400 Subject: [PATCH 060/128] Fixes #26 to remove all anonymous users, particularly the one with the host as the hostname --- tasks/secure-installation.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index a3a4f90..0e4d368 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -20,8 +20,17 @@ group: root mode: 0600 +- name: Get list of hosts for anonymous user + command: mysql -NBe 'SELECT Host from mysql.user WHERE User = ""' + register: mysql_anonymous_hosts + changed_when: false + - name: Remove anonymous MySQL user. - mysql_user: "name='' state=absent" + mysql_user: + name: "" + host: "{{ item }}" + state: absent + with_items: mysql_anonymous_hosts.stdout_lines - name: Remove MySQL test database. mysql_db: "name='test' state=absent" \ No newline at end of file From fc0d2006cf3260e19e9035102d141b60edb77a3e Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Fri, 10 Apr 2015 09:36:01 -0400 Subject: [PATCH 061/128] Renamed python-my.cnf.j2 to user-my.cnf.j2 - has nothing to do with python --- tasks/secure-installation.yml | 2 +- templates/{python-my.cnf.j2 => user-my.cnf.j2} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename templates/{python-my.cnf.j2 => user-my.cnf.j2} (100%) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index a3a4f90..d47989e 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -14,7 +14,7 @@ # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. template: - src: "python-my.cnf.j2" + src: "user-my.cnf.j2" dest: "{{ mysql_user_home }}/.my.cnf" owner: root group: root diff --git a/templates/python-my.cnf.j2 b/templates/user-my.cnf.j2 similarity index 100% rename from templates/python-my.cnf.j2 rename to templates/user-my.cnf.j2 From e8575a76c3a08a1c4de86e0f74880c8c9d6a6985 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 10 Apr 2015 15:43:06 -0500 Subject: [PATCH 062/128] Syntax adjustment for #28. --- tasks/secure-installation.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index acbd3ff..39b850b 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -1,6 +1,6 @@ --- -- name: Get list of hosts for root user - command: mysql -NBe 'SELECT Host from mysql.user WHERE User = "root" order by (Host="localhost") ASC' +- name: Get list of hosts for the root user. + command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' register: mysql_root_hosts changed_when: false From 0885558bb8ba2b90e944aa5ca2d937049e47ba0d Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 10 Apr 2015 15:51:22 -0500 Subject: [PATCH 063/128] Syntax adjustment for #29. --- tasks/secure-installation.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 5ea5a60..a72125c 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -21,12 +21,12 @@ group: root mode: 0600 -- name: Get list of hosts for anonymous user - command: mysql -NBe 'SELECT Host from mysql.user WHERE User = ""' +- name: Get list of hosts for the anonymous user. + command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' register: mysql_anonymous_hosts changed_when: false -- name: Remove anonymous MySQL user. +- name: Remove anonymous MySQL users. mysql_user: name: "" host: "{{ item }}" From 07e7e188acdcc533ef921815af2c11e7f1dfa55f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 20 Apr 2015 13:53:27 -0500 Subject: [PATCH 064/128] Fixes #33: Add sleep=5 to MySQL restart task. --- handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/handlers/main.yml b/handlers/main.yml index 24b351d..429abe3 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,3 +1,3 @@ --- - name: restart mysql - service: "name={{ mysql_daemon }} state=restarted" + service: "name={{ mysql_daemon }} state=restarted sleep=5" From fad419b63e6344ff22b962d26680aaa3fb97eaa7 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 20 Apr 2015 13:58:37 -0500 Subject: [PATCH 065/128] Clarify README for PR #27. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index fbb3ece..3d942c8 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Whether MySQL should be enabled on startup. overwrite_global_mycnf: yes -Whether the global my.cnf should be overwritten each time ansible runs. "no" will only create the file if it doesn't exist. +Whether the global my.cnf should be overwritten each time this role is run. Setting this to `no` tells Ansible to only create the `my.cnf` file if it doesn't exist. This should be left at its default value (`yes`) if you'd like to use this role's variables to configure MySQL. mysql_databases: [] From 2d178fe83a66e326465f56f14ef840d7b1577d7b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 24 Apr 2015 12:20:27 -0500 Subject: [PATCH 066/128] Fixes #17: Allow configuration of mysql slow query log. --- README.md | 9 ++++++++- defaults/main.yml | 10 ++++++++-- tasks/configure.yml | 13 +++++++++++++ templates/my.cnf.j2 | 29 ++++++++++++++++++++--------- 4 files changed, 49 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 3d942c8..dfa8814 100644 --- a/README.md +++ b/README.md @@ -53,10 +53,17 @@ The MySQL users and their privileges. A user has the values `name`, `host` (defa Default MySQL connection configuration. + mysql_log: "" mysql_log_error: /var/log/mysqld.log mysql_syslog_tag: mysqld -MySQL logging configuration. Setting `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. +MySQL logging configuration. Setting `mysql_log` (the general query log) or `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. + + mysql_slow_query_log_enabled: no + mysql_slow_query_log_file: /var/log/mysql-slow.log + mysql_slow_query_time: 2 + +Slow query log settings. Note that the log file will be created by this role, but if you're running on a server with SELinux or AppArmor, you may need to add this path to the allowed paths for MySQL, or disable the mysql profile. For example, on Debian/Ubuntu, you can run `sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/usr.sbin.mysqld && sudo service apparmor restart`. mysql_key_buffer_size: "256M" mysql_max_allowed_packet: "64M" diff --git a/defaults/main.yml b/defaults/main.yml index d373ff6..cf31060 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -24,6 +24,11 @@ mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql +# Slow query log settings. +mysql_slow_query_log_enabled: no +mysql_slow_query_log_file: /var/log/mysql-slow.log +mysql_slow_query_time: 2 + # Memory settings (default values optimized ~512MB RAM). mysql_key_buffer_size: "256M" mysql_max_allowed_packet: "64M" @@ -56,8 +61,9 @@ mysql_innodb_lock_wait_timeout: 50 mysql_mysqldump_max_allowed_packet: "64M" # Logging settings. -mysql_log_error: /var/log/mysqld.log -mysql_syslog_tag: mysqld +mysql_log: "" +mysql_log_error: /var/log/mysql.err +mysql_syslog_tag: mysql # Databases. mysql_databases: [] diff --git a/tasks/configure.yml b/tasks/configure.yml index f2bb5a6..01206a5 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -9,5 +9,18 @@ force: "{{ overwrite_global_mycnf }}" notify: restart mysql +- name: Create slow query log file (if configured). + shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" + when: mysql_slow_query_log_enabled + +- name: Set ownership on slow query log file (if configured). + file: + path: "{{ mysql_slow_query_log_file }}" + state: file + owner: mysql + group: mysql + mode: 0644 + when: mysql_slow_query_log_enabled + - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 4adb695..476e6e5 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -9,6 +9,25 @@ bind-address = {{ mysql_bind_address }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} +# Logging configuration. +{% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} +syslog +syslog-tag = {{ mysql_syslog_tag }} +{% else %} +{% if mysql_log %} +log = {{ mysql_log }} +{% endif %} +log-error = {{ mysql_log_error }} +{% endif %} + +{% if mysql_slow_query_log_enabled %} +# Slow query log configuration. +log_slow_queries = 1 +slow_query_log = 1 +slow_query_log_file = {{ mysql_slow_query_log_file }} +long_query_time = {{ mysql_slow_query_time }} +{% endif %} + {% if mysql_replication_master %} # Replication server-id = {{ mysql_server_id }} @@ -38,7 +57,7 @@ relay-log-index = relay-bin.index # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links = 0 -# User is ignored when systemd is used (fedora <= 15). +# User is ignored when systemd is used (fedora >= 15). user = mysql # http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html @@ -57,7 +76,6 @@ query_cache_size = {{ mysql_query_cache_size }} # Other settings. wait_timeout = {{ mysql_wait_timeout }} -max_allowed_packet = {{ mysql_max_allowed_packet }} # Try number of CPU's * 2 for thread_concurrency. thread_concurrency = {{ mysql_thread_concurrency }} @@ -76,11 +94,4 @@ quick max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} [mysqld_safe] -{% if mysql_log_error == 'syslog' %} -syslog -syslog-tag = {{ mysql_syslog_tag }} -{% else %} -skip-syslog -log-error = {{ mysql_log_error }} -{% endif %} pid-file = /var/run/mysqld/mysqld.pid From 3c88b9e8db773be90ec0e92c29fc4baa543c0617 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Bold=C3=BA?= Date: Tue, 2 Jun 2015 15:29:58 +0200 Subject: [PATCH 067/128] MariaDB support --- defaults/main.yml | 1 + templates/my.cnf.j2 | 2 +- vars/Debian.yml | 2 +- vars/RedHat.yml | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index cf31060..caedf25 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -23,6 +23,7 @@ mysql_enablerepo: "" mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql +__mysql_pid_file: /var/run/mysqld/mysqld.pid # Slow query log settings. mysql_slow_query_log_enabled: no diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 476e6e5..12c1564 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -94,4 +94,4 @@ quick max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} [mysqld_safe] -pid-file = /var/run/mysqld/mysqld.pid +pid-file = {{ mysql_pid_file }} diff --git a/vars/Debian.yml b/vars/Debian.yml index 0a04ce0..4b4eddc 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,5 +1,5 @@ --- -mysql_daemon: mysql +__mysql_daemon: mysql mysql_config_file: /etc/mysql/my.cnf __mysql_packages: - mysql-common diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 055839c..e6a346e 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,5 +1,5 @@ --- -mysql_daemon: mysqld +__mysql_daemon: mysqld mysql_config_file: /etc/my.cnf __mysql_packages: - mysql From a8c5c3b6725085556366b54830f904053ad3bf2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Bold=C3=BA?= Date: Tue, 2 Jun 2015 15:53:37 +0200 Subject: [PATCH 068/128] remove pidfile shortcut --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index caedf25..c966bcb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -23,7 +23,7 @@ mysql_enablerepo: "" mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql -__mysql_pid_file: /var/run/mysqld/mysqld.pid +mysql_pid_file: /var/run/mysqld/mysqld.pid # Slow query log settings. mysql_slow_query_log_enabled: no From 1b1a131dc659ca5e6c0b522640016c81ac1ebb8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Bold=C3=BA?= Date: Tue, 2 Jun 2015 16:25:23 +0200 Subject: [PATCH 069/128] mysql_daemon fact, README example --- README.md | 15 +++++++++++++++ tasks/main.yml | 5 +++++ 2 files changed, 20 insertions(+) diff --git a/README.md b/README.md index dfa8814..ba71f9e 100644 --- a/README.md +++ b/README.md @@ -106,6 +106,21 @@ None. password: similarly-secure-password priv: "example_db.*:ALL" + +## Mariadb usage + + mysql_packages: + - mariadb + - mariadb-server + - mariadb-libs + - MySQL-python + - perl-DBD-MySQL + mysql_daemon: mariadb + mysql_socket: /var/lib/mysql/mysql.sock + mysql_log_error: /var/log/mariadb/mariadb.log + mysql_syslog_tag: mariadb + mysql_pid_file: /var/run/mariadb/mariadb.pid + ## License MIT / BSD diff --git a/tasks/main.yml b/tasks/main.yml index 271393a..d8ad3a8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -8,6 +8,11 @@ mysql_packages: "{{ __mysql_packages | list }}" when: mysql_packages is not defined +- name: Define mysql_daemon. + set_fact: + mysql_daemon: "{{ __mysql_daemon }} " + when: mysql_daemon is not defined + # Setup/install tasks. - include: setup-RedHat.yml when: ansible_os_family == 'RedHat' From 07afd0753d0ef532804b72cff6a9d86d468819b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Bold=C3=BA?= Date: Thu, 18 Jun 2015 18:12:53 +0200 Subject: [PATCH 070/128] Ubuntu14 example --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index ba71f9e..321d3b9 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,8 @@ None. ## Mariadb usage +For CentOS 7: + mysql_packages: - mariadb - mariadb-server @@ -121,6 +123,13 @@ None. mysql_syslog_tag: mariadb mysql_pid_file: /var/run/mariadb/mariadb.pid +For Ubuntu 14.04 : + + mysql_packages: + - mariadb-client + - mariadb-server + - python-mysqldb + ## License MIT / BSD From 733badadfcb511180d6286449e5e8b1a78298f35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Bold=C3=BA?= Date: Thu, 18 Jun 2015 18:14:08 +0200 Subject: [PATCH 071/128] some typos --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 321d3b9..95360ca 100644 --- a/README.md +++ b/README.md @@ -123,12 +123,12 @@ For CentOS 7: mysql_syslog_tag: mariadb mysql_pid_file: /var/run/mariadb/mariadb.pid -For Ubuntu 14.04 : +For Ubuntu 14.04: mysql_packages: - mariadb-client - mariadb-server - - python-mysqldb + - python-mysqldb ## License From 7e31249970a4e982867e2fc5c290f5f21e292804 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 26 Jun 2015 21:45:38 -0500 Subject: [PATCH 072/128] PR #38 cleanup - change order and update README. --- README.md | 54 ++++++++++++++++++++++++++----------------------- meta/main.yml | 2 +- vars/Debian.yml | 2 +- vars/RedHat.yml | 2 +- 4 files changed, 32 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 95360ca..17b9f91 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![Build Status](https://travis-ci.org/geerlingguy/ansible-role-mysql.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-mysql) -Installs MySQL server on RHEL/CentOS or Debian/Ubuntu servers. +Installs and configures MySQL or MariaDB server on RHEL/CentOS or Debian/Ubuntu servers. ## Requirements @@ -81,6 +81,34 @@ The rest of the settings in `defaults/main.yml` control MySQL's memory usage. Th Replication settings. Set `mysql_server_id` and `mysql_replication_role` by server (e.g. the master would be ID `1`, with the `mysql_replication_role` of `master`, and the slave would be ID `2`, with the `mysql_replication_role` of `slave`). The `mysql_replication_user` uses the same keys as `mysql_users`, and is created on master servers, and used to replicate on all the slaves. +### MariaDB usage + +This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package, so you should override the `mysql_packages` variable with the below configuration to make sure MariaDB is installed correctly. + +#### RHEL/CentOS 7 MariaDB configuration + +Set the following variables (at a minimum): + + mysql_packages: + - mariadb + - mariadb-server + - mariadb-libs + - MySQL-python + - perl-DBD-MySQL + mysql_daemon: mariadb + mysql_log_error: /var/log/mariadb/mariadb.log + mysql_syslog_tag: mariadb + mysql_pid_file: /var/run/mariadb/mariadb.pid + +#### Ubuntu 14.04 MariaDB configuration + +Set the following variables (at a minimum): + + mysql_packages: + - mariadb-client + - mariadb-server + - python-mysqldb + ## Dependencies None. @@ -106,30 +134,6 @@ None. password: similarly-secure-password priv: "example_db.*:ALL" - -## Mariadb usage - -For CentOS 7: - - mysql_packages: - - mariadb - - mariadb-server - - mariadb-libs - - MySQL-python - - perl-DBD-MySQL - mysql_daemon: mariadb - mysql_socket: /var/lib/mysql/mysql.sock - mysql_log_error: /var/log/mariadb/mariadb.log - mysql_syslog_tag: mariadb - mysql_pid_file: /var/run/mariadb/mariadb.pid - -For Ubuntu 14.04: - - mysql_packages: - - mariadb-client - - mariadb-server - - python-mysqldb - ## License MIT / BSD diff --git a/meta/main.yml b/meta/main.yml index 6436e07..3690a17 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -3,7 +3,7 @@ dependencies: [] galaxy_info: author: geerlingguy - description: MySQL server for RHEL/CentOS 6.x and Debian/Ubuntu + description: MySQL server for RHEL/CentOS and Debian/Ubuntu company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" min_ansible_version: 1.4 diff --git a/vars/Debian.yml b/vars/Debian.yml index 4b4eddc..292d71a 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,8 +1,8 @@ --- __mysql_daemon: mysql -mysql_config_file: /etc/mysql/my.cnf __mysql_packages: - mysql-common - mysql-server - python-mysqldb +mysql_config_file: /etc/mysql/my.cnf mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/vars/RedHat.yml b/vars/RedHat.yml index e6a346e..088ca4f 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,8 +1,8 @@ --- __mysql_daemon: mysqld -mysql_config_file: /etc/my.cnf __mysql_packages: - mysql - mysql-server - MySQL-python +mysql_config_file: /etc/my.cnf mysql_socket: /var/lib/mysql/mysql.sock From 2171c5995441e3cd1042c16211201e30ae11ab70 Mon Sep 17 00:00:00 2001 From: Jason Peak Date: Thu, 20 Aug 2015 10:54:52 -0500 Subject: [PATCH 073/128] eliminates extra whitespace in the variable value --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index d8ad3a8..711ec51 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -10,7 +10,7 @@ - name: Define mysql_daemon. set_fact: - mysql_daemon: "{{ __mysql_daemon }} " + mysql_daemon: "{{ __mysql_daemon }}" when: mysql_daemon is not defined # Setup/install tasks. From 93b1fb5df9dd6b7c541c5323a06412554725231f Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 27 Aug 2015 14:52:32 -0500 Subject: [PATCH 074/128] Fixes #53: Don't manage postfix in MySQL role. --- tasks/setup-RedHat.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index dc71e2f..c847b77 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,8 +1,4 @@ --- -- name: Update postfix to the latest version (if extra repositories enabled). - yum: "name=postfix state=latest enablerepo={{ mysql_enablerepo }}" - when: mysql_enablerepo != "" - - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages From 20b6be71c7236ba88b5edb0caa520e43b3402c9e Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 31 Aug 2015 10:13:45 -0500 Subject: [PATCH 075/128] Fixes #58: Provide better OS-specific slow query log file paths. --- tasks/main.yml | 5 +++++ vars/Debian.yml | 1 + vars/RedHat.yml | 1 + 3 files changed, 7 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index 711ec51..c5352c0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -13,6 +13,11 @@ mysql_daemon: "{{ __mysql_daemon }}" when: mysql_daemon is not defined +- name: Define mysql_slow_query_log_file. + set_fact: + mysql_slow_query_log_file: "{{ __mysql_slow_query_log_file }}" + when: mysql_slow_query_log_file is not defined + # Setup/install tasks. - include: setup-RedHat.yml when: ansible_os_family == 'RedHat' diff --git a/vars/Debian.yml b/vars/Debian.yml index 292d71a..f106049 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -4,5 +4,6 @@ __mysql_packages: - mysql-common - mysql-server - python-mysqldb +__mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log mysql_config_file: /etc/mysql/my.cnf mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 088ca4f..dbf9db6 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -4,5 +4,6 @@ __mysql_packages: - mysql - mysql-server - MySQL-python +__mysql_slow_query_log_file: /var/log/mysql-slow.log mysql_config_file: /etc/my.cnf mysql_socket: /var/lib/mysql/mysql.sock From b3cd4f36295fca04b0c28dc19497f82ea2ed19f3 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 31 Aug 2015 10:22:54 -0500 Subject: [PATCH 076/128] Fixes #54: Remove Python MySQL from package list. --- tasks/setup-Debian.yml | 3 +++ tasks/setup-RedHat.yml | 3 +++ vars/Debian.yml | 1 - vars/RedHat.yml | 1 - 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 8b07af9..f5ae47f 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -7,6 +7,9 @@ apt: update_cache=yes when: mysql_installed.stat.exists == false +- name: Ensure MySQL Python libraries are installed. + apt: "name=python-mysqldb state=installed" + - name: Ensure MySQL packages are installed. apt: "name={{ item }} state=installed" with_items: mysql_packages diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index c847b77..0d08201 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,4 +1,7 @@ --- +- name: Ensure MySQL Python libraries are installed. + yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" + - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages diff --git a/vars/Debian.yml b/vars/Debian.yml index f106049..55c88e8 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -3,7 +3,6 @@ __mysql_daemon: mysql __mysql_packages: - mysql-common - mysql-server - - python-mysqldb __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log mysql_config_file: /etc/mysql/my.cnf mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/vars/RedHat.yml b/vars/RedHat.yml index dbf9db6..cc483d1 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -3,7 +3,6 @@ __mysql_daemon: mysqld __mysql_packages: - mysql - mysql-server - - MySQL-python __mysql_slow_query_log_file: /var/log/mysql-slow.log mysql_config_file: /etc/my.cnf mysql_socket: /var/lib/mysql/mysql.sock From 7f8cd51746013acb30ea23315e1e0756ad28421c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Mon, 31 Aug 2015 10:23:22 -0500 Subject: [PATCH 077/128] Issue #54: Updates README to reflect mysql_packages change. --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 17b9f91..cd61999 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,6 @@ The MySQL users and their privileges. A user has the values `name`, `host` (defa mysql_packages: - mysql - mysql-server - - MySQL-python (OS-specific, RedHat/CentOS defaults listed here) Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. From e6969ef0f7de5347b09d96e4cae0ed7b69d1f656 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 30 Sep 2015 22:41:17 -0500 Subject: [PATCH 078/128] Issue #60: 'Get list of hosts for the root user' fails to run. --- README.md | 3 ++- defaults/main.yml | 1 + tasks/secure-installation.yml | 2 ++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cd61999..5536ce6 100644 --- a/README.md +++ b/README.md @@ -12,9 +12,10 @@ None. Available variables are listed below, along with default values (see `vars/main.yml`): + mysql_user_provisioning: root mysql_user_home: /root -The home directory inside which Python MySQL settings will be stored, which Ansible will use when connecting to MySQL. This should be the home directory of the user which runs this Ansible role. +The user this role will use, along with the home directory inside which Python MySQL settings will be stored, when Ansible connects to MySQL for administrative purposes. mysql_root_password: root diff --git a/defaults/main.yml b/defaults/main.yml index c966bcb..6cff654 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,4 +1,5 @@ --- +mysql_user_provisioning: root mysql_user_home: /root mysql_root_username: root mysql_root_password: root diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index f02af77..863e3c9 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -3,6 +3,8 @@ command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' register: mysql_root_hosts changed_when: false + sudo: yes + sudo_user: "{{ mysql_user_provisioning }}" # 'localhost' needs to be last for idempotency. - name: Update MySQL root password for localhost root account. From b022e2699f64319cbfe8ee44472723efe24c5b94 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 30 Sep 2015 22:49:46 -0500 Subject: [PATCH 079/128] Revert previous commit for Issue #60 - it didn't help. --- README.md | 3 +-- defaults/main.yml | 1 - tasks/secure-installation.yml | 3 --- 3 files changed, 1 insertion(+), 6 deletions(-) diff --git a/README.md b/README.md index 5536ce6..cd61999 100644 --- a/README.md +++ b/README.md @@ -12,10 +12,9 @@ None. Available variables are listed below, along with default values (see `vars/main.yml`): - mysql_user_provisioning: root mysql_user_home: /root -The user this role will use, along with the home directory inside which Python MySQL settings will be stored, when Ansible connects to MySQL for administrative purposes. +The home directory inside which Python MySQL settings will be stored, which Ansible will use when connecting to MySQL. This should be the home directory of the user which runs this Ansible role. mysql_root_password: root diff --git a/defaults/main.yml b/defaults/main.yml index 6cff654..c966bcb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,4 @@ --- -mysql_user_provisioning: root mysql_user_home: /root mysql_root_username: root mysql_root_password: root diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 863e3c9..80eadf1 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -3,10 +3,7 @@ command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' register: mysql_root_hosts changed_when: false - sudo: yes - sudo_user: "{{ mysql_user_provisioning }}" -# 'localhost' needs to be last for idempotency. - name: Update MySQL root password for localhost root account. mysql_user: name: "root" From f542bcfe73d8539662669e7be926fe72eb642986 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 1 Oct 2015 22:27:59 -0500 Subject: [PATCH 080/128] Issue #60: Fix task that sets the new root user password. --- tasks/secure-installation.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 80eadf1..571253d 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -4,13 +4,22 @@ register: mysql_root_hosts changed_when: false +# TODO: This is currently not idempotent. - name: Update MySQL root password for localhost root account. - mysql_user: - name: "root" - host: "{{ item }}" - password: "{{ mysql_root_password }}" + shell: > + mysql -u root -NBe + 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' with_items: mysql_root_hosts.stdout_lines +# The below task doesn't work in some instances for some users, at least with +# certain versions of Ansible. +# - name: Update MySQL root password for localhost root account. +# mysql_user: +# name: "{{ mysql_root_username }}" +# host: "{{ item }}" +# password: "{{ mysql_root_password }}" +# with_items: mysql_root_hosts.stdout_lines + # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. template: From 074b9de092f5522a1502c13b212d3e170edec059 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 1 Oct 2015 22:35:39 -0500 Subject: [PATCH 081/128] Issue #60: Restore idempotence. --- defaults/main.yml | 3 +++ tasks/configure.yml | 1 + tasks/secure-installation.yml | 13 +++---------- 3 files changed, 7 insertions(+), 10 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index c966bcb..5dcd9d5 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,9 @@ mysql_user_home: /root mysql_root_username: root mysql_root_password: root +# Set this to true to forcibly update the root password. +mysql_root_password_update: false + mysql_enabled_on_startup: yes # update my.cnf. each time role is run? yes | no diff --git a/tasks/configure.yml b/tasks/configure.yml index 01206a5..a913f3a 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -24,3 +24,4 @@ - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" + register: mysql_service_configuration diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 571253d..2825522 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -4,21 +4,14 @@ register: mysql_root_hosts changed_when: false -# TODO: This is currently not idempotent. +# Note: We do not use mysql_user for this operation, as it doesn't always update +# the root password correctly. See: https://goo.gl/MSOejW - name: Update MySQL root password for localhost root account. shell: > mysql -u root -NBe 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' with_items: mysql_root_hosts.stdout_lines - -# The below task doesn't work in some instances for some users, at least with -# certain versions of Ansible. -# - name: Update MySQL root password for localhost root account. -# mysql_user: -# name: "{{ mysql_root_username }}" -# host: "{{ item }}" -# password: "{{ mysql_root_password }}" -# with_items: mysql_root_hosts.stdout_lines + when: mysql_service_configuration.changed or mysql_root_password_update # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. From fc6609cd672822843bcf4838a54b5af5b3605b30 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 1 Oct 2015 22:41:02 -0500 Subject: [PATCH 082/128] Issue #60: Document new mysql_root_password_update option. --- README.md | 4 ++++ defaults/main.yml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cd61999..14bf792 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,10 @@ The home directory inside which Python MySQL settings will be stored, which Ansi The MySQL root user account password. + mysql_root_password_update: no + +Whether to force update the MySQL root user's password. By default, this role will only change the root user's password when MySQL is first configured. You can force an update by setting this to `yes`. + mysql_enabled_on_startup: yes Whether MySQL should be enabled on startup. diff --git a/defaults/main.yml b/defaults/main.yml index 5dcd9d5..c905089 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,8 +3,8 @@ mysql_user_home: /root mysql_root_username: root mysql_root_password: root -# Set this to true to forcibly update the root password. -mysql_root_password_update: false +# Set this to `yes` to forcibly update the root password. +mysql_root_password_update: no mysql_enabled_on_startup: yes From 9e5e424d6cb7299546eb32dcb9319254329f24d1 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 1 Oct 2015 22:53:05 -0500 Subject: [PATCH 083/128] Fixes #60: Better detection of whether MySQL was installed. --- tasks/secure-installation.yml | 2 +- tasks/setup-Debian.yml | 1 + tasks/setup-RedHat.yml | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 2825522..b8a786a 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -11,7 +11,7 @@ mysql -u root -NBe 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' with_items: mysql_root_hosts.stdout_lines - when: mysql_service_configuration.changed or mysql_root_password_update + when: mysql_install_packages.changed or mysql_root_password_update # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index f5ae47f..bf13a30 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -13,6 +13,7 @@ - name: Ensure MySQL packages are installed. apt: "name={{ item }} state=installed" with_items: mysql_packages + register: mysql_install_packages # Because Ubuntu starts MySQL as part of the install process, we need to stop # mysql and remove the logfiles in case the user set a custom log file size. diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 0d08201..b4ee1a9 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -5,3 +5,4 @@ - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages + register: mysql_install_packages From 5c26e06957db84064e5ed653d95a445b820c07c4 Mon Sep 17 00:00:00 2001 From: Stuart Williams Date: Sun, 4 Oct 2015 04:21:51 -0400 Subject: [PATCH 084/128] Issue #61: Ensure package change flag can be set by either Debian or RHEL. --- tasks/main.yml | 4 ++++ tasks/secure-installation.yml | 4 ++-- tasks/setup-Debian.yml | 2 +- tasks/setup-RedHat.yml | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index c5352c0..f33c286 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -25,6 +25,10 @@ - include: setup-Debian.yml when: ansible_os_family == 'Debian' +- name: Check if MySQL packages were installed. + set_fact: + mysql_install_packages: "{{ rh_mysql_install_packages.changed or deb_mysql_install_packages.changed }}" + # Configure MySQL. - include: configure.yml - include: secure-installation.yml diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index b8a786a..0fa98d9 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -11,7 +11,7 @@ mysql -u root -NBe 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' with_items: mysql_root_hosts.stdout_lines - when: mysql_install_packages.changed or mysql_root_password_update + when: mysql_install_packages or mysql_root_password_update # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. @@ -35,4 +35,4 @@ with_items: mysql_anonymous_hosts.stdout_lines - name: Remove MySQL test database. - mysql_db: "name='test' state=absent" \ No newline at end of file + mysql_db: "name='test' state=absent" diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index bf13a30..fb050ed 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -13,7 +13,7 @@ - name: Ensure MySQL packages are installed. apt: "name={{ item }} state=installed" with_items: mysql_packages - register: mysql_install_packages + register: deb_mysql_install_packages # Because Ubuntu starts MySQL as part of the install process, we need to stop # mysql and remove the logfiles in case the user set a custom log file size. diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index b4ee1a9..5125ce2 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -5,4 +5,4 @@ - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages - register: mysql_install_packages + register: rh_mysql_install_packages From d527fdc3be978232e2b5111550854b97191c9b1d Mon Sep 17 00:00:00 2001 From: Stuart Williams Date: Sun, 4 Oct 2015 04:58:48 -0400 Subject: [PATCH 085/128] Issue #61: Fix idempotence issue. --- tasks/secure-installation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 0fa98d9..05113fe 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -11,7 +11,7 @@ mysql -u root -NBe 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' with_items: mysql_root_hosts.stdout_lines - when: mysql_install_packages or mysql_root_password_update + when: mysql_install_packages | bool or mysql_root_password_update # Has to be after the root password assignment, for idempotency. - name: Copy .my.cnf file with root password credentials. From bb4019683429dd0fe88b142e7954f67537f37bbb Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 6 Oct 2015 23:13:30 -0400 Subject: [PATCH 086/128] Small fix for previous MySQL PR merge on Ansible 2. --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index f33c286..cc33cb3 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -27,7 +27,7 @@ - name: Check if MySQL packages were installed. set_fact: - mysql_install_packages: "{{ rh_mysql_install_packages.changed or deb_mysql_install_packages.changed }}" + mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) }}" # Configure MySQL. - include: configure.yml From 3d5668fb043c882bfeeba299e8080fdfe576f02d Mon Sep 17 00:00:00 2001 From: Raul Ferriz Date: Wed, 21 Oct 2015 13:43:53 +0200 Subject: [PATCH 087/128] Allow append privileges I need one user to access two different databases, with this change I can handle it. --- tasks/users.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/users.yml b/tasks/users.yml index b44d649..dfbad1c 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -6,4 +6,5 @@ password: "{{ item.password }}" priv: "{{ item.priv | default('*.*:USAGE') }}" state: present + append_priv: "{{ item.append_priv | default('no') }}" with_items: mysql_users From 80a2bfd205d508351b719f14e79d5c5f16c191d1 Mon Sep 17 00:00:00 2001 From: Raul Ferriz Date: Fri, 23 Oct 2015 19:01:58 +0200 Subject: [PATCH 088/128] Update users.yml --- tasks/users.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/users.yml b/tasks/users.yml index dfbad1c..0869439 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -6,5 +6,5 @@ password: "{{ item.password }}" priv: "{{ item.priv | default('*.*:USAGE') }}" state: present - append_priv: "{{ item.append_priv | default('no') }}" + append_privs: "{{ item.append_privs | default('no') }}" with_items: mysql_users From 74965f67aef1383e8be4f1c54e28574b5a00cc92 Mon Sep 17 00:00:00 2001 From: Ilia Kondrashov Date: Thu, 12 Nov 2015 21:23:44 +0100 Subject: [PATCH 089/128] make connection count adjustable --- defaults/main.yml | 1 + templates/my.cnf.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index c905089..5f5742b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -43,6 +43,7 @@ mysql_read_rnd_buffer_size: "4M" mysql_myisam_sort_buffer_size: "64M" mysql_thread_cache_size: "8" mysql_query_cache_size: "16M" +mysql_max_connections: 151 # Other settings. mysql_wait_timeout: 28800 diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 12c1564..99c4e8d 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -73,6 +73,7 @@ read_rnd_buffer_size = {{ mysql_read_rnd_buffer_size }} myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} thread_cache_size = {{ mysql_thread_cache_size }} query_cache_size = {{ mysql_query_cache_size }} +max_connections = {{ mysql_max_connections }} # Other settings. wait_timeout = {{ mysql_wait_timeout }} From 196030538186db8b878630c881cacb5885f9e269 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Thu, 10 Dec 2015 19:45:24 -0500 Subject: [PATCH 090/128] reversed order of mysql-python install --- tasks/setup-RedHat.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 5125ce2..85241b1 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,8 +1,8 @@ --- -- name: Ensure MySQL Python libraries are installed. - yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" - - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" with_items: mysql_packages register: rh_mysql_install_packages + +- name: Ensure MySQL Python libraries are installed. + yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" From 140026c7f14bbdf06eb104bc7e6e6db7e8eee4b5 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Tue, 15 Dec 2015 15:14:53 -0500 Subject: [PATCH 091/128] Disallow root login remotely --- tasks/secure-installation.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index 05113fe..a193a62 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -1,4 +1,10 @@ --- +- name: Disallow root login remotely + command: 'mysql -NBe "{{ item }}"' + with_items: + - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') + changed_when: False + - name: Get list of hosts for the root user. command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' register: mysql_root_hosts From 9de3121b26199bd8a9798452db444f8bde5163eb Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Tue, 15 Dec 2015 16:13:49 -0500 Subject: [PATCH 092/128] Allow configuration of variables not currently supported --- README.md | 7 +++++++ defaults/main.yml | 4 ++++ templates/my.cnf.j2 | 7 +++++++ 3 files changed, 18 insertions(+) diff --git a/README.md b/README.md index 14bf792..bbcce21 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,13 @@ Slow query log settings. Note that the log file will be created by this role, bu The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. + mysqld_performance_settings: + - { name: key_buffer_size, value: "256M" } + mysql_dump_settings: [] + - { name: mysqldump_max_allowed_packet, value: "64M" } + +Any additional performance settings you would like to add beyond the defaults. + mysql_server_id: "1" mysql_max_binlog_size: "100M" mysql_expire_logs_days: "10" diff --git a/defaults/main.yml b/defaults/main.yml index 5f5742b..8c886fe 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,6 +28,8 @@ mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql mysql_pid_file: /var/run/mysqld/mysqld.pid +mysqld_performance_settings: [] + # Slow query log settings. mysql_slow_query_log_enabled: no mysql_slow_query_log_file: /var/log/mysql-slow.log @@ -65,6 +67,8 @@ mysql_innodb_lock_wait_timeout: 50 # mysqldump settings. mysql_mysqldump_max_allowed_packet: "64M" +mysql_dump_settings: [] + # Logging settings. mysql_log: "" mysql_log_error: /var/log/mysql.err diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 99c4e8d..26f4c92 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -90,9 +90,16 @@ innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} +{% for setting in mysqld_performance_settings %} +{{ setting.name }} = {{ setting.value }} +{% endfor %} + [mysqldump] quick max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} +{% for setting in mysql_dump_settings %} +{{ setting.name }} = {{ setting.value }} +{% endfor %} [mysqld_safe] pid-file = {{ mysql_pid_file }} From 2a8b19fe11ae5f5eb3aad69e98261ff9d2d7ee27 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Wed, 16 Dec 2015 13:50:16 -0500 Subject: [PATCH 093/128] Support mariadb and other mysql implementations that have a mysql include directory for my.cnf overrides --- README.md | 11 ++++------- defaults/main.yml | 11 +++++++---- tasks/configure.yml | 20 ++++++++++++++++++++ templates/my.cnf.j2 | 14 +++++++------- vars/Debian.yml | 1 + vars/RedHat.yml | 1 + 6 files changed, 40 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index bbcce21..6b6a716 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,10 @@ Whether MySQL should be enabled on startup. Whether the global my.cnf should be overwritten each time this role is run. Setting this to `no` tells Ansible to only create the `my.cnf` file if it doesn't exist. This should be left at its default value (`yes`) if you'd like to use this role's variables to configure MySQL. + mysql_config_include_files: [] + +A list of files that should override the default global my.cnf. Each item in the array requires a "src" parameter which is a path to a file. An optional "force" parameter can force the file to be updated each time ansible runs. + mysql_databases: [] The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. @@ -75,13 +79,6 @@ Slow query log settings. Note that the log file will be created by this role, bu The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. - mysqld_performance_settings: - - { name: key_buffer_size, value: "256M" } - mysql_dump_settings: [] - - { name: mysqldump_max_allowed_packet, value: "64M" } - -Any additional performance settings you would like to add beyond the defaults. - mysql_server_id: "1" mysql_max_binlog_size: "100M" mysql_expire_logs_days: "10" diff --git a/defaults/main.yml b/defaults/main.yml index 8c886fe..69bb143 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -28,8 +28,6 @@ mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql mysql_pid_file: /var/run/mysqld/mysqld.pid -mysqld_performance_settings: [] - # Slow query log settings. mysql_slow_query_log_enabled: no mysql_slow_query_log_file: /var/log/mysql-slow.log @@ -67,13 +65,18 @@ mysql_innodb_lock_wait_timeout: 50 # mysqldump settings. mysql_mysqldump_max_allowed_packet: "64M" -mysql_dump_settings: [] - # Logging settings. mysql_log: "" mysql_log_error: /var/log/mysql.err mysql_syslog_tag: mysql +mysql_config_include_files: [] +# Full example: +# mysql_config_include_files: +# - src: path/relative/to/playbook/file.cnf +# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } + + # Databases. mysql_databases: [] # Full example: diff --git a/tasks/configure.yml b/tasks/configure.yml index a913f3a..c0ccd5b 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -9,6 +9,26 @@ force: "{{ overwrite_global_mycnf }}" notify: restart mysql +- name: Verify mysql include directory exists. + file: + path: "{{ mysql_config_include_dir }}" + state: directory + owner: root + group: root + mode: 0755 + when: mysql_config_include_files|length + +- name: Copy my.cnf override files into include directory. + template: + src: "{{ item.src }}" + dest: "{{ mysql_config_include_dir }}/{{ item.src | basename }}" + owner: root + group: root + mode: 0644 + force: "{{ item.force|default(False) }}" + with_items: mysql_config_include_files + notify: restart mysql + - name: Create slow query log file (if configured). shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" when: mysql_slow_query_log_enabled diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 26f4c92..c16c5ab 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -90,16 +90,16 @@ innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} -{% for setting in mysqld_performance_settings %} -{{ setting.name }} = {{ setting.value }} -{% endfor %} - [mysqldump] quick max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} -{% for setting in mysql_dump_settings %} -{{ setting.name }} = {{ setting.value }} -{% endfor %} [mysqld_safe] pid-file = {{ mysql_pid_file }} + +{% if mysql_config_include_files|length %} +# * IMPORTANT: Additional settings that can override those from this file! +# The files must end with '.cnf', otherwise they'll be ignored. +# +!includedir {{ mysql_config_include_dir }} +{% endif %} \ No newline at end of file diff --git a/vars/Debian.yml b/vars/Debian.yml index 55c88e8..4156d55 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -5,4 +5,5 @@ __mysql_packages: - mysql-server __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log mysql_config_file: /etc/mysql/my.cnf +mysql_config_include_dir: /etc/mysql/conf.d/ mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/vars/RedHat.yml b/vars/RedHat.yml index cc483d1..71117a2 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -5,4 +5,5 @@ __mysql_packages: - mysql-server __mysql_slow_query_log_file: /var/log/mysql-slow.log mysql_config_file: /etc/my.cnf +mysql_config_include_dir: /etc/my.cnf.d mysql_socket: /var/lib/mysql/mysql.sock From 0556899ab4c924d5038be88fbb4ec9e8a986cda3 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Wed, 16 Dec 2015 13:51:43 -0500 Subject: [PATCH 094/128] Support mariadb and other mysql implementations that have a mysql include directory for my.cnf overrides --- vars/Debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/Debian.yml b/vars/Debian.yml index 4156d55..097be99 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -5,5 +5,5 @@ __mysql_packages: - mysql-server __mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log mysql_config_file: /etc/mysql/my.cnf -mysql_config_include_dir: /etc/mysql/conf.d/ +mysql_config_include_dir: /etc/mysql/conf.d mysql_socket: /var/run/mysqld/mysqld.sock From 0c1026d2d76d45b585b0e9e0ada1e0e7f98c7e75 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 16 Dec 2015 14:11:04 -0600 Subject: [PATCH 095/128] PR #65: Document addition of append_privs option for mysql_users. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 14bf792..6d88f75 100644 --- a/README.md +++ b/README.md @@ -38,7 +38,7 @@ The MySQL databases to create. A database has the values `name`, `encoding` (def mysql_users: [] -The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password` and `priv` (defaults to `*.*:USAGE`). The formats of these are the same as in the `mysql_user` module. +The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password`, `priv` (defaults to `*.*:USAGE`), and `append_privs` (defaults to `no`). The formats of these are the same as in the `mysql_user` module. mysql_packages: - mysql From 1b1e11b68956577020bd5a47540a9f8a671f85fb Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Wed, 16 Dec 2015 16:12:02 -0500 Subject: [PATCH 096/128] Fixed spacing --- README.md | 2 +- defaults/main.yml | 6 ++---- tasks/configure.yml | 4 ++-- templates/my.cnf.j2 | 5 +++-- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 6b6a716..20f959d 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Whether the global my.cnf should be overwritten each time this role is run. Sett mysql_config_include_files: [] -A list of files that should override the default global my.cnf. Each item in the array requires a "src" parameter which is a path to a file. An optional "force" parameter can force the file to be updated each time ansible runs. +A list of files that should override the default global my.cnf. Each item in the array requires a "src" parameter which is a path to a file. An optional "force" parameter can force the file to be updated each time ansible runs. mysql_databases: [] diff --git a/defaults/main.yml b/defaults/main.yml index 69bb143..5987d8e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -71,10 +71,8 @@ mysql_log_error: /var/log/mysql.err mysql_syslog_tag: mysql mysql_config_include_files: [] -# Full example: -# mysql_config_include_files: -# - src: path/relative/to/playbook/file.cnf -# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } +# - src: path/relative/to/playbook/file.cnf +# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } # Databases. diff --git a/tasks/configure.yml b/tasks/configure.yml index c0ccd5b..493152a 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -16,7 +16,7 @@ owner: root group: root mode: 0755 - when: mysql_config_include_files|length + when: mysql_config_include_files | length - name: Copy my.cnf override files into include directory. template: @@ -25,7 +25,7 @@ owner: root group: root mode: 0644 - force: "{{ item.force|default(False) }}" + force: "{{ item.force | default(False) }}" with_items: mysql_config_include_files notify: restart mysql diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index c16c5ab..ed9c766 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -97,9 +97,10 @@ max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} [mysqld_safe] pid-file = {{ mysql_pid_file }} -{% if mysql_config_include_files|length %} +{% if mysql_config_include_files | length %} # * IMPORTANT: Additional settings that can override those from this file! # The files must end with '.cnf', otherwise they'll be ignored. # !includedir {{ mysql_config_include_dir }} -{% endif %} \ No newline at end of file +{% endif %} + From 0c224d8e9d6ebd8ae4129177c913fbfa3319497c Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 16 Dec 2015 16:04:55 -0600 Subject: [PATCH 097/128] PR #76 follow-up: Clean up defaults examples. --- defaults/main.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 5987d8e..7e6afcd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -74,18 +74,19 @@ mysql_config_include_files: [] # - src: path/relative/to/playbook/file.cnf # - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } - # Databases. mysql_databases: [] -# Full example: -# mysql_databases: -# - { name: example, collation: utf8_general_ci, encoding: utf8, replicate: 1 } +# - name: example +# collation: utf8_general_ci +# encoding: utf8 +# replicate: 1 -# Users +# Users. mysql_users: [] -# Full Example: -# mysql_users: -# - { name: example, host: 127.0.0.1, password: secret, priv: *.*:USAGE } +# - name: example +# host: 127.0.0.1 +# password: secret +# priv: *.*:USAGE # Replication settings (replication is only enabled if master/user have values). mysql_server_id: "1" From 984473e13867dca67a0ed297126cdd558f1c8764 Mon Sep 17 00:00:00 2001 From: Caspar Krieger Date: Thu, 17 Dec 2015 23:32:58 +1100 Subject: [PATCH 098/128] Set pidfile even when not running via mysqld_safe For example, Ubuntu 14.04 /etc/init.d/mysql does not use mysqld_safe and parses the pidfile out of `mysqld --print-defaults` instead. --- templates/my.cnf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index ed9c766..6005658 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -8,6 +8,7 @@ port = {{ mysql_port }} bind-address = {{ mysql_bind_address }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} +pid-file = {{ mysql_pid_file }} # Logging configuration. {% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} From 9495e1d9f96bf095f0b6ca5f3508e46e473f6b6d Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 17 Dec 2015 14:31:40 -0600 Subject: [PATCH 099/128] Fixes #52: Remove deprecated log_slow_queries variable from template. --- templates/my.cnf.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 6005658..054f958 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -23,7 +23,6 @@ log-error = {{ mysql_log_error }} {% if mysql_slow_query_log_enabled %} # Slow query log configuration. -log_slow_queries = 1 slow_query_log = 1 slow_query_log_file = {{ mysql_slow_query_log_file }} long_query_time = {{ mysql_slow_query_time }} From bb39bf563298dcc047928c05bd796f5167340c96 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 12 Jan 2016 09:25:59 -0600 Subject: [PATCH 100/128] Fixes #59: Ansible 2.x role cleanup. --- tasks/configure.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index 493152a..ac4acd2 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -30,7 +30,7 @@ notify: restart mysql - name: Create slow query log file (if configured). - shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" + file: "path={{ mysql_slow_query_log_file }} state=touch" when: mysql_slow_query_log_enabled - name: Set ownership on slow query log file (if configured). From e393119ed8af3085624ce4035b9d24260450ff79 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 28 Feb 2016 23:37:00 -0600 Subject: [PATCH 101/128] Fix Ansible 2.x deprecation warnings. --- tasks/configure.yml | 2 +- tasks/databases.yml | 2 +- tasks/secure-installation.yml | 4 ++-- tasks/setup-Debian.yml | 2 +- tasks/setup-RedHat.yml | 2 +- tasks/users.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index ac4acd2..65ebcc1 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -26,7 +26,7 @@ group: root mode: 0644 force: "{{ item.force | default(False) }}" - with_items: mysql_config_include_files + with_items: "{{ mysql_config_include_files }}" notify: restart mysql - name: Create slow query log file (if configured). diff --git a/tasks/databases.yml b/tasks/databases.yml index 39ee42f..681e515 100644 --- a/tasks/databases.yml +++ b/tasks/databases.yml @@ -5,4 +5,4 @@ collation: "{{ item.collation | default('utf8_general_ci') }}" encoding: "{{ item.encoding | default('utf8') }}" state: present - with_items: mysql_databases + with_items: "{{ mysql_databases }}" diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml index a193a62..200dfeb 100644 --- a/tasks/secure-installation.yml +++ b/tasks/secure-installation.yml @@ -16,7 +16,7 @@ shell: > mysql -u root -NBe 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' - with_items: mysql_root_hosts.stdout_lines + with_items: "{{ mysql_root_hosts.stdout_lines }}" when: mysql_install_packages | bool or mysql_root_password_update # Has to be after the root password assignment, for idempotency. @@ -38,7 +38,7 @@ name: "" host: "{{ item }}" state: absent - with_items: mysql_anonymous_hosts.stdout_lines + with_items: "{{ mysql_anonymous_hosts.stdout_lines }}" - name: Remove MySQL test database. mysql_db: "name='test' state=absent" diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index fb050ed..1158456 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -12,7 +12,7 @@ - name: Ensure MySQL packages are installed. apt: "name={{ item }} state=installed" - with_items: mysql_packages + with_items: "{{ mysql_packages }}" register: deb_mysql_install_packages # Because Ubuntu starts MySQL as part of the install process, we need to stop diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 85241b1..fc05bee 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,7 +1,7 @@ --- - name: Ensure MySQL packages are installed. yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" - with_items: mysql_packages + with_items: "{{ mysql_packages }}" register: rh_mysql_install_packages - name: Ensure MySQL Python libraries are installed. diff --git a/tasks/users.yml b/tasks/users.yml index 0869439..06d769c 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -7,4 +7,4 @@ priv: "{{ item.priv | default('*.*:USAGE') }}" state: present append_privs: "{{ item.append_privs | default('no') }}" - with_items: mysql_users + with_items: "{{ mysql_users }}" From 693ad377ffb60d845d0e923c9870d8253b2b0783 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sun, 28 Feb 2016 23:37:28 -0600 Subject: [PATCH 102/128] Ansible version bump. --- meta/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/main.yml b/meta/main.yml index 3690a17..87d2ca2 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,7 +6,7 @@ galaxy_info: description: MySQL server for RHEL/CentOS and Debian/Ubuntu company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" - min_ansible_version: 1.4 + min_ansible_version: 1.9 platforms: - name: EL versions: From d190734e84b47568baf418941149a27cc2b6110e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Wed, 3 Feb 2016 14:48:05 -0500 Subject: [PATCH 103/128] Add initial docker setup --- .travis.yml | 73 +++++++++++++++++++++-------------- tasks/setup-Debian.yml | 2 +- tests/Dockerfile.centos-6 | 15 +++++++ tests/Dockerfile.centos-7 | 27 +++++++++++++ tests/Dockerfile.ubuntu-12.04 | 11 ++++++ tests/Dockerfile.ubuntu-14.04 | 11 ++++++ tests/test.yml | 5 +-- 7 files changed, 112 insertions(+), 32 deletions(-) create mode 100644 tests/Dockerfile.centos-6 create mode 100644 tests/Dockerfile.centos-7 create mode 100644 tests/Dockerfile.ubuntu-12.04 create mode 100644 tests/Dockerfile.ubuntu-14.04 diff --git a/.travis.yml b/.travis.yml index f794fb4..ba4db13 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,55 +1,72 @@ --- -language: python -python: "2.7" +sudo: required env: - - SITE=test.yml + matrix: + - distribution: centos + version: 6 + init: /sbin/init + run_opts: "" + - distribution: centos + version: 7 + init: /usr/lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + - distribution: ubuntu + version: 14.04 + init: /sbin/init + run_opts: "" + - distribution: ubuntu + version: 12.04 + init: /sbin/init + run_opts: "" + global: + - testfile: test.yml -before_install: - - sudo apt-get update -qq - - # Remove MySQL. Completely and totally. - - sudo apt-get remove --purge 'mysql*' - - sudo apt-get autoremove - - sudo apt-get autoclean - - sudo rm -rf /var/lib/mysql - - sudo truncate -s 0 /var/log/mysql/error.log - -install: - # Install Ansible. - - pip install ansible +services: + - docker - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" +before_install: + # Pull container + - 'sudo docker pull ${distribution}:${version}' + # Customize container + - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" + - container_id=$(mktemp) + # Run container in detached state + - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' + + # Ansible syntax check. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite} --syntax-check' - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" + # Test role. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite}' - # Run the role/playbook again, checking to make sure it's idempotent. + # Test role idempotence. - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo + sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite} | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) # Some MySQL debugging (show all the logs). - - "sudo ls -lah /var/log" - - "sudo cat /var/log/mysql/error.log" + - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ls -lah /var/log + - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql/error.log || true + - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql.err || true # Check to make sure we can connect to MySQL via Unix socket. - > - mysql -u root -proot -e 'show databases;' + sudo docker exec "$(cat ${container_id})" mysql -u root -proot -e 'show databases;' | grep -q 'performance_schema' && (echo 'MySQL running normally' && exit 0) || (echo 'MySQL not running' && exit 1) # Check to make sure we can connect to MySQL via TCP. - > - mysql -u root -proot -h 127.0.0.1 -e 'show databases;' + sudo docker exec "$(cat ${container_id})" mysql -u root -proot -h 127.0.0.1 -e 'show databases;' | grep -q 'performance_schema' && (echo 'MySQL running normally' && exit 0) || (echo 'MySQL not running' && exit 1) + + # Clean up + - 'sudo docker stop "$(cat ${container_id})"' diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 1158456..4ead891 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -18,7 +18,7 @@ # Because Ubuntu starts MySQL as part of the install process, we need to stop # mysql and remove the logfiles in case the user set a custom log file size. - name: Ensure MySQL is stopped after initial install. - service: name=mysql state=stopped + service: "name={{ mysql_daemon }} state=stopped" when: mysql_installed.stat.exists == false - name: Delete innodb log files created by apt package after initial install. diff --git a/tests/Dockerfile.centos-6 b/tests/Dockerfile.centos-6 new file mode 100644 index 0000000..4a4e7b8 --- /dev/null +++ b/tests/Dockerfile.centos-6 @@ -0,0 +1,15 @@ +FROM centos:6 + +# Install Ansible +RUN yum -y update; yum clean all; +RUN yum -y install epel-release +RUN yum -y install git ansible sudo +RUN yum clean all + +# Disable requiretty +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +# Install Ansible inventory file +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +CMD ["/usr/sbin/init"] diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 new file mode 100644 index 0000000..8aa0654 --- /dev/null +++ b/tests/Dockerfile.centos-7 @@ -0,0 +1,27 @@ +FROM centos:7 + +# Install systemd -- See https://hub.docker.com/_/centos/ +RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs +RUN yum -y update; yum clean all; \ +(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ +rm -f /lib/systemd/system/multi-user.target.wants/*; \ +rm -f /etc/systemd/system/*.wants/*; \ +rm -f /lib/systemd/system/local-fs.target.wants/*; \ +rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ +rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ +rm -f /lib/systemd/system/basic.target.wants/*; \ +rm -f /lib/systemd/system/anaconda.target.wants/*; + +# Install Ansible +RUN yum -y install epel-release +RUN yum -y install git ansible sudo +RUN yum clean all + +# Disable requiretty +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +# Install Ansible inventory file +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +VOLUME ["/sys/fs/cgroup"] +CMD ["/usr/sbin/init"] diff --git a/tests/Dockerfile.ubuntu-12.04 b/tests/Dockerfile.ubuntu-12.04 new file mode 100644 index 0000000..d0c130c --- /dev/null +++ b/tests/Dockerfile.ubuntu-12.04 @@ -0,0 +1,11 @@ +FROM ubuntu:12.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common python-software-properties git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/Dockerfile.ubuntu-14.04 b/tests/Dockerfile.ubuntu-14.04 new file mode 100644 index 0000000..ca33287 --- /dev/null +++ b/tests/Dockerfile.ubuntu-14.04 @@ -0,0 +1,11 @@ +FROM ubuntu:14.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/test.yml b/tests/test.yml index bfe6c6c..0ed0b43 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,5 +1,4 @@ --- -- hosts: localhost - remote_user: root +- hosts: all roles: - - ansible-role-mysql + - role_under_test From 88409e2079a2343b4d7bc71639803e82be8c5567 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Wed, 3 Feb 2016 17:41:01 -0500 Subject: [PATCH 104/128] add separate test playbook for centos7 --- .travis.yml | 45 +++++++++++++++++++++-------------------- tests/centos-7-test.yml | 15 ++++++++++++++ 2 files changed, 38 insertions(+), 22 deletions(-) create mode 100644 tests/centos-7-test.yml diff --git a/.travis.yml b/.travis.yml index ba4db13..09fee78 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,25 +2,26 @@ sudo: required env: - matrix: - - distribution: centos - version: 6 - init: /sbin/init - run_opts: "" - - distribution: centos - version: 7 - init: /usr/lib/systemd/systemd - run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - - distribution: ubuntu - version: 12.04 - init: /sbin/init - run_opts: "" - global: - - testfile: test.yml + - distribution: centos + version: 6 + init: /sbin/init + run_opts: "" + playbook: test.yml + - distribution: centos + version: 7 + init: /usr/lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + playbook: centos-7-test.yml + - distribution: ubuntu + version: 14.04 + init: /sbin/init + run_opts: "" + playbook: test.yml + - distribution: ubuntu + version: 12.04 + init: /sbin/init + run_opts: "" + playbook: test.yml services: - docker @@ -37,14 +38,14 @@ script: - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' # Ansible syntax check. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite} --syntax-check' + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} --syntax-check' # Test role. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite}' + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' # Test role idempotence. - > - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${testsite} + sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) diff --git a/tests/centos-7-test.yml b/tests/centos-7-test.yml new file mode 100644 index 0000000..57a6171 --- /dev/null +++ b/tests/centos-7-test.yml @@ -0,0 +1,15 @@ +--- +- hosts: all + vars: + mysql_packages: + - mariadb + - mariadb-server + - mariadb-libs + - MySQL-python + - perl-DBD-MySQL + mysql_daemon: mariadb + mysql_log_error: /var/log/mariadb/mariadb.log + mysql_syslog_tag: mariadb + mysql_pid_file: /var/run/mariadb/mariadb.pid + roles: + - role_under_test From 7038d6ed6103e957a4c6e7c23d2a1043114702e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Thu, 4 Feb 2016 13:18:50 -0500 Subject: [PATCH 105/128] fix connection tests failing on centos6 as performance_schema db does not exist --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 09fee78..2d7eed5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -58,14 +58,14 @@ script: # Check to make sure we can connect to MySQL via Unix socket. - > sudo docker exec "$(cat ${container_id})" mysql -u root -proot -e 'show databases;' - | grep -q 'performance_schema' + | grep -q 'information_schema' && (echo 'MySQL running normally' && exit 0) || (echo 'MySQL not running' && exit 1) # Check to make sure we can connect to MySQL via TCP. - > sudo docker exec "$(cat ${container_id})" mysql -u root -proot -h 127.0.0.1 -e 'show databases;' - | grep -q 'performance_schema' + | grep -q 'information_schema' && (echo 'MySQL running normally' && exit 0) || (echo 'MySQL not running' && exit 1) From 6e9b80c1939fd778d020372bc95cfc8897c6dc47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Thu, 4 Feb 2016 12:57:55 -0500 Subject: [PATCH 106/128] Add a custom initctl script to fix Ubuntu 14.04. Disable 12.04 --- .travis.yml | 12 ++++++------ tests/Dockerfile.ubuntu-12.04 | 3 +++ tests/Dockerfile.ubuntu-14.04 | 3 +++ tests/initctl_faker | 23 +++++++++++++++++++++++ 4 files changed, 35 insertions(+), 6 deletions(-) create mode 100644 tests/initctl_faker diff --git a/.travis.yml b/.travis.yml index 2d7eed5..e8e064c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,11 +17,11 @@ env: init: /sbin/init run_opts: "" playbook: test.yml - - distribution: ubuntu - version: 12.04 - init: /sbin/init - run_opts: "" - playbook: test.yml + # - distribution: ubuntu + # version: 12.04 + # init: /sbin/init + # run_opts: "" + # playbook: test.yml services: - docker @@ -70,4 +70,4 @@ script: || (echo 'MySQL not running' && exit 1) # Clean up - - 'sudo docker stop "$(cat ${container_id})"' + - sudo docker stop "$(cat ${container_id})" diff --git a/tests/Dockerfile.ubuntu-12.04 b/tests/Dockerfile.ubuntu-12.04 index d0c130c..8aebd65 100644 --- a/tests/Dockerfile.ubuntu-12.04 +++ b/tests/Dockerfile.ubuntu-12.04 @@ -7,5 +7,8 @@ RUN apt-add-repository -y ppa:ansible/ansible RUN apt-get update RUN apt-get install -y ansible +COPY initctl_faker . +RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl + # Install Ansible inventory file RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/Dockerfile.ubuntu-14.04 b/tests/Dockerfile.ubuntu-14.04 index ca33287..f81cabe 100644 --- a/tests/Dockerfile.ubuntu-14.04 +++ b/tests/Dockerfile.ubuntu-14.04 @@ -7,5 +7,8 @@ RUN apt-add-repository -y ppa:ansible/ansible RUN apt-get update RUN apt-get install -y ansible +COPY initctl_faker . +RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl + # Install Ansible inventory file RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/initctl_faker b/tests/initctl_faker new file mode 100644 index 0000000..a2267f3 --- /dev/null +++ b/tests/initctl_faker @@ -0,0 +1,23 @@ +#!/bin/sh +ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" + +case "$ALIAS_CMD" in + start|stop|restart|reload|status) + exec service $1 $ALIAS_CMD + ;; +esac + +case "$1" in + list ) + exec service --status-all + ;; + reload-configuration ) + exec service $2 restart + ;; + start|stop|restart|reload|status) + exec service $2 $1 + ;; + \?) + exit 0 + ;; +esac From acd14ea309c0b03772de95cd250d603d33ddbd8b Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 5 Mar 2016 21:42:01 -0600 Subject: [PATCH 107/128] Ansible Galaxy 2.0 updates. --- .travis.yml | 3 +++ meta/main.yml | 24 ++++++++++++------------ 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/.travis.yml b/.travis.yml index e8e064c..22cbfa4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -71,3 +71,6 @@ script: # Clean up - sudo docker stop "$(cat ${container_id})" + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/meta/main.yml b/meta/main.yml index 87d2ca2..0432274 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -3,20 +3,20 @@ dependencies: [] galaxy_info: author: geerlingguy - description: MySQL server for RHEL/CentOS and Debian/Ubuntu + description: MySQL server for RHEL/CentOS and Debian/Ubuntu. company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" min_ansible_version: 1.9 platforms: - - name: EL - versions: - - 6 - - 7 - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all - categories: + - name: EL + versions: + - 6 + - 7 + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all + galaxy_tags: - database From 94b0b17921649b964d26f01cd4f1bb91edc6debd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Tue, 8 Mar 2016 22:25:35 -0600 Subject: [PATCH 108/128] Update README. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3cb5f16..3003f9f 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ None. ## Role Variables -Available variables are listed below, along with default values (see `vars/main.yml`): +Available variables are listed below, along with default values (see `defaults/main.yml`): mysql_user_home: /root From dab3e1e62c5cd3323940663beaf181f38590f8a8 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Sat, 26 Mar 2016 21:49:16 -0500 Subject: [PATCH 109/128] Fixes #90, #89, #68, #34: Add note for root password issues and document sudo requirement. --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3003f9f..1ae338a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,12 @@ Installs and configures MySQL or MariaDB server on RHEL/CentOS or Debian/Ubuntu ## Requirements -None. +No special requirements; note that this role requires root access, so either run it in a playbook with a global `become: yes`, or invoke the role in your playbook like: + + - hosts: database + roles: + - role: geerlingguy.mysql + become: yes ## Role Variables @@ -24,6 +29,8 @@ The MySQL root user account password. Whether to force update the MySQL root user's password. By default, this role will only change the root user's password when MySQL is first configured. You can force an update by setting this to `yes`. +> Note: If you get an error like `ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)` after a failed or interrupted playbook run, this usually means the root password wasn't originally updated to begin with. Try either removing the `.my.cnf` file inside the configured `mysql_user_home` or updating it and setting `password=''` (the insecure default password). Run the playbook again, with `mysql_root_password_update` set to `yes`, and the setup should complete. + mysql_enabled_on_startup: yes Whether MySQL should be enabled on startup. @@ -123,6 +130,7 @@ None. ## Example Playbook - hosts: db-servers + become: yes vars_files: - vars/main.yml roles: From 8ee93d8d3d5f3aca8751dc2022c5168e5b30fa51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Droz?= Date: Sun, 3 Apr 2016 00:25:27 -0300 Subject: [PATCH 110/128] add no_log to operation on confidential data Without no_log, password would appear in node's syslog. It's probably unwanted when it comes to password --- tasks/users.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/tasks/users.yml b/tasks/users.yml index 06d769c..b94deef 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -8,3 +8,4 @@ state: present append_privs: "{{ item.append_privs | default('no') }}" with_items: "{{ mysql_users }}" + no_log: true From 01abbcaca324fbaf2c858aaa9ccae81fd3265157 Mon Sep 17 00:00:00 2001 From: David Glaser Date: Wed, 6 Apr 2016 09:34:28 -0400 Subject: [PATCH 111/128] Adapted for RHEL 7: Separated RedHat.yml files into RedHat 6 and RedHat 7 files Adapted main.yml to point to the correct file --- tasks/main.yml | 11 +++++++++++ vars/{RedHat.yml => RedHat-6.yml} | 0 vars/RedHat-7.yml | 15 +++++++++++++++ 3 files changed, 26 insertions(+) rename vars/{RedHat.yml => RedHat-6.yml} (100%) create mode 100644 vars/RedHat-7.yml diff --git a/tasks/main.yml b/tasks/main.yml index cc33cb3..beb6cc6 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,6 +2,17 @@ # Include variables and define needed variables. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" + when: ansible_os_family != "RedHat" + +# Include RedHat 6 variables (mysql) +- name: Include OS-specific variables. + include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" + when: ansible_lsb.major_release < "7" + +# Include RedHat 7 variables (mariadb) +- name: Include OS-specific variables. + include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" + when: ansible_os_family >= "7" - name: Define mysql_packages. set_fact: diff --git a/vars/RedHat.yml b/vars/RedHat-6.yml similarity index 100% rename from vars/RedHat.yml rename to vars/RedHat-6.yml diff --git a/vars/RedHat-7.yml b/vars/RedHat-7.yml new file mode 100644 index 0000000..0cf3922 --- /dev/null +++ b/vars/RedHat-7.yml @@ -0,0 +1,15 @@ +--- +__mysql_daemon: mariadb +__mysql_packages: + - mariadb + - mariadb-server + - mariadb-libs + - MySQL-python + - perl-DBD-MySQL +__mysql_slow_query_log_file: /var/log/mysql-slow.log +mysql_log_error: /var/log/mariadb/mariadb.log +mysql_syslog_tag: mariadb +mysql_pid_file: /var/run/mariadb/mariadb.pid +mysql_config_file: /etc/my.cnf +mysql_config_include_dir: /etc/my.cnf.d +mysql_socket: /var/lib/mysql/mysql.sock From 64a7b7357a94f061df54bee6346b060d09c7ed99 Mon Sep 17 00:00:00 2001 From: David Glaser Date: Wed, 6 Apr 2016 09:38:18 -0400 Subject: [PATCH 112/128] Updated README for RHEL 7 --- README.md | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 1ae338a..838ae8f 100644 --- a/README.md +++ b/README.md @@ -97,25 +97,13 @@ Replication settings. Set `mysql_server_id` and `mysql_replication_role` by serv ### MariaDB usage -This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package, so you should override the `mysql_packages` variable with the below configuration to make sure MariaDB is installed correctly. +This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package. No modifications are necessary though all of the variables still reference 'mysql' instead of mariadb. -#### RHEL/CentOS 7 MariaDB configuration - -Set the following variables (at a minimum): - - mysql_packages: - - mariadb - - mariadb-server - - mariadb-libs - - MySQL-python - - perl-DBD-MySQL - mysql_daemon: mariadb - mysql_log_error: /var/log/mariadb/mariadb.log - mysql_syslog_tag: mariadb - mysql_pid_file: /var/run/mariadb/mariadb.pid #### Ubuntu 14.04 MariaDB configuration +On Ubuntu, the package names are named differently, so the `mysql_package` variabl needs to be altered + Set the following variables (at a minimum): mysql_packages: From 1e75c2f3e3274ba8b457a1eda90dfaec109cc723 Mon Sep 17 00:00:00 2001 From: David Glaser Date: Wed, 6 Apr 2016 10:45:04 -0400 Subject: [PATCH 113/128] Verify that datadir has been created and selinux context set. Currently selinux context set separately because I'm not sure that Ubuntu has it installed in all cases. --- tasks/configure.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tasks/configure.yml b/tasks/configure.yml index 65ebcc1..ad5ec4c 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -33,6 +33,19 @@ file: "path={{ mysql_slow_query_log_file }} state=touch" when: mysql_slow_query_log_enabled +- name: Create datadir if it does not exist + file: + path: "{{ mysql_datadir }}" + state: directory + owner: mysql + group: mysql + mode: 0755 + +- name: Set selinux context on datadir + file: + path: "{{ mysql_datadir }}" + setype: mysqld_db_t + - name: Set ownership on slow query log file (if configured). file: path: "{{ mysql_slow_query_log_file }}" From 571f8e4bf4f5d6c2634829444ee2fcb2db06f945 Mon Sep 17 00:00:00 2001 From: Solomon Gifford Date: Fri, 15 Apr 2016 11:06:22 -0400 Subject: [PATCH 114/128] ansible doesn't have a create-if-not-exists - but we shouldn't be changing the date each time this is run --- tasks/configure.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index 65ebcc1..bef598a 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -30,7 +30,7 @@ notify: restart mysql - name: Create slow query log file (if configured). - file: "path={{ mysql_slow_query_log_file }} state=touch" + shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" when: mysql_slow_query_log_enabled - name: Set ownership on slow query log file (if configured). From ab21fa133f6814b0a2ef2db2c3b7634de253efbc Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 22 Apr 2016 13:38:19 -0500 Subject: [PATCH 115/128] Fixes #63: Running role on Ubuntu 15/16.04 fails. --- defaults/main.yml | 4 ---- tasks/configure.yml | 13 +++++++++++++ templates/my.cnf.j2 | 4 ---- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 7e6afcd..47415d4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -48,14 +48,10 @@ mysql_max_connections: 151 # Other settings. mysql_wait_timeout: 28800 -# Try number of CPU's * 2 for thread_concurrency. -mysql_thread_concurrency: 2 - # InnoDB settings. # Set .._buffer_pool_size up to 80% of RAM but beware of setting too high. mysql_innodb_file_per_table: "1" mysql_innodb_buffer_pool_size: "256M" -mysql_innodb_additional_mem_pool_size: "20M" # Set .._log_file_size to 25% of buffer pool size. mysql_innodb_log_file_size: "64M" mysql_innodb_log_buffer_size: "8M" diff --git a/tasks/configure.yml b/tasks/configure.yml index bef598a..aa5018d 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -42,6 +42,19 @@ mode: 0644 when: mysql_slow_query_log_enabled +- name: Create error log file (if configured). + shell: "touch {{ mysql_log_error }} creates={{ mysql_log_error }}" + when: mysql_log == "" and mysql_log_error != "" + +- name: Set ownership on error log file (if configured). + file: + path: "{{ mysql_log_error }}" + state: file + owner: mysql + group: mysql + mode: 0644 + when: mysql_slow_query_log_enabled + - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" register: mysql_service_configuration diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index 054f958..b13c3cb 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -78,13 +78,9 @@ max_connections = {{ mysql_max_connections }} # Other settings. wait_timeout = {{ mysql_wait_timeout }} -# Try number of CPU's * 2 for thread_concurrency. -thread_concurrency = {{ mysql_thread_concurrency }} - # InnoDB settings. innodb_file_per_table = {{ mysql_innodb_file_per_table }} innodb_buffer_pool_size = {{ mysql_innodb_buffer_pool_size }} -innodb_additional_mem_pool_size = {{ mysql_innodb_additional_mem_pool_size }} innodb_log_file_size = {{ mysql_innodb_log_file_size }} innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} From 08f2b86a9a1c5cba952a40710cfd11bcf5b9ef4b Mon Sep 17 00:00:00 2001 From: Jon Pugh Date: Thu, 28 Apr 2016 12:33:21 -0400 Subject: [PATCH 116/128] Fix "when" statement for mysql error log file permissions. --- tasks/configure.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/configure.yml b/tasks/configure.yml index aa5018d..9cbbbae 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -53,7 +53,7 @@ owner: mysql group: mysql mode: 0644 - when: mysql_slow_query_log_enabled + when: mysql_log == "" and mysql_log_error != "" - name: Ensure MySQL is started and enabled on boot. service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" From c87ce1f6727e0ce8b81d3658b6af2fe23aa1144c Mon Sep 17 00:00:00 2001 From: Jon Pugh Date: Thu, 28 Apr 2016 13:38:58 -0400 Subject: [PATCH 117/128] Adding a "test role again" --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index 22cbfa4..caaed81 100644 --- a/.travis.yml +++ b/.travis.yml @@ -43,6 +43,9 @@ script: # Test role. - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' + # Test role again. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' + # Test role idempotence. - > sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} From 63064eab7f19aa50c136b0631fb6c89ee62eb520 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Thu, 28 Apr 2016 17:00:24 -0400 Subject: [PATCH 118/128] Remove second idempotence test, fix follow-up to #115. --- .travis.yml | 3 --- tasks/configure.yml | 4 ++-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index caaed81..22cbfa4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -43,9 +43,6 @@ script: # Test role. - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' - # Test role again. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' - # Test role idempotence. - > sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} diff --git a/tasks/configure.yml b/tasks/configure.yml index 9cbbbae..92bcea5 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -39,7 +39,7 @@ state: file owner: mysql group: mysql - mode: 0644 + mode: 0640 when: mysql_slow_query_log_enabled - name: Create error log file (if configured). @@ -52,7 +52,7 @@ state: file owner: mysql group: mysql - mode: 0644 + mode: 0640 when: mysql_log == "" and mysql_log_error != "" - name: Ensure MySQL is started and enabled on boot. From a7cdfefb55a95ee621232242ef9ac3a961c5c7d6 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 29 Apr 2016 13:44:59 -0400 Subject: [PATCH 119/128] Fix problems with new CentOS 7 MariaDB fixes. --- README.md | 7 ++----- tasks/configure.yml | 4 ---- tasks/main.yml | 13 ++++--------- 3 files changed, 6 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 838ae8f..fc061a2 100644 --- a/README.md +++ b/README.md @@ -99,12 +99,9 @@ Replication settings. Set `mysql_server_id` and `mysql_replication_role` by serv This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package. No modifications are necessary though all of the variables still reference 'mysql' instead of mariadb. +#### Ubuntu 14.04 and 16.04 MariaDB configuration -#### Ubuntu 14.04 MariaDB configuration - -On Ubuntu, the package names are named differently, so the `mysql_package` variabl needs to be altered - -Set the following variables (at a minimum): +On Ubuntu, the package names are named differently, so the `mysql_package` variable needs to be altered. Set the following variables (at a minimum): mysql_packages: - mariadb-client diff --git a/tasks/configure.yml b/tasks/configure.yml index fdcf098..d8a4585 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -40,10 +40,6 @@ owner: mysql group: mysql mode: 0755 - -- name: Set selinux context on datadir - file: - path: "{{ mysql_datadir }}" setype: mysqld_db_t - name: Set ownership on slow query log file (if configured). diff --git a/tasks/main.yml b/tasks/main.yml index beb6cc6..7e6a137 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,17 +2,12 @@ # Include variables and define needed variables. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" - when: ansible_os_family != "RedHat" + when: ansible_os_family != "RedHat" -# Include RedHat 6 variables (mysql) -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" - when: ansible_lsb.major_release < "7" - -# Include RedHat 7 variables (mariadb) -- name: Include OS-specific variables. +# Include version-specific variables for RedHat. +- name: Include OS-specific variables (RedHat). include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" - when: ansible_os_family >= "7" + when: ansible_os_family == "RedHat" - name: Define mysql_packages. set_fact: From 72d6da3922b4feb46917f9d59734a2010391ea4d Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 29 Apr 2016 13:54:15 -0400 Subject: [PATCH 120/128] Another attempt to get tests passing for RHEL. --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 7e6a137..3068053 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,7 +6,7 @@ # Include version-specific variables for RedHat. - name: Include OS-specific variables (RedHat). - include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" + include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_version|slice(1) }}.yml" when: ansible_os_family == "RedHat" - name: Define mysql_packages. From 71d6a0b328f5478cbe8f18f1c2ef61ce20a9a922 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 29 Apr 2016 14:41:29 -0400 Subject: [PATCH 121/128] Fix test build for CentOS 7. --- tasks/main.yml | 2 +- tests/Dockerfile.centos-7 | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 3068053..7e6a137 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -6,7 +6,7 @@ # Include version-specific variables for RedHat. - name: Include OS-specific variables (RedHat). - include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_version|slice(1) }}.yml" + include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" when: ansible_os_family == "RedHat" - name: Define mysql_packages. diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 index 8aa0654..fb37a6f 100644 --- a/tests/Dockerfile.centos-7 +++ b/tests/Dockerfile.centos-7 @@ -12,6 +12,8 @@ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*; \ rm -f /lib/systemd/system/anaconda.target.wants/*; +RUN yum -y install redhat-lsb-core + # Install Ansible RUN yum -y install epel-release RUN yum -y install git ansible sudo From 91c3b9c3eb4a2829c8c83815e0809ca6acbc25cd Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 29 Apr 2016 15:36:39 -0400 Subject: [PATCH 122/128] Ensure redhat-lsb-core is installed. --- tasks/main.yml | 6 ++++-- tests/Dockerfile.centos-7 | 2 -- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 7e6a137..f99dd38 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,10 +1,12 @@ --- -# Include variables and define needed variables. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" when: ansible_os_family != "RedHat" -# Include version-specific variables for RedHat. +- name: Ensure required dependency is installed (RedHat). + yum: name=redhat-lsb-core state=installed + when: ansible_os_family == "RedHat" + - name: Include OS-specific variables (RedHat). include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" when: ansible_os_family == "RedHat" diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 index fb37a6f..8aa0654 100644 --- a/tests/Dockerfile.centos-7 +++ b/tests/Dockerfile.centos-7 @@ -12,8 +12,6 @@ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*; \ rm -f /lib/systemd/system/anaconda.target.wants/*; -RUN yum -y install redhat-lsb-core - # Install Ansible RUN yum -y install epel-release RUN yum -y install git ansible sudo From 3acd799991b6c10e15f2ea32b80ad2335f62270a Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Fri, 29 Apr 2016 15:42:47 -0400 Subject: [PATCH 123/128] Install redhat-lsb-core prior to test. --- tasks/main.yml | 5 +---- tests/Dockerfile.centos-6 | 2 ++ tests/Dockerfile.centos-7 | 2 ++ 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index f99dd38..ee2aa4f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,12 +1,9 @@ --- +# Variable configuration. - name: Include OS-specific variables. include_vars: "{{ ansible_os_family }}.yml" when: ansible_os_family != "RedHat" -- name: Ensure required dependency is installed (RedHat). - yum: name=redhat-lsb-core state=installed - when: ansible_os_family == "RedHat" - - name: Include OS-specific variables (RedHat). include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" when: ansible_os_family == "RedHat" diff --git a/tests/Dockerfile.centos-6 b/tests/Dockerfile.centos-6 index 4a4e7b8..27ff215 100644 --- a/tests/Dockerfile.centos-6 +++ b/tests/Dockerfile.centos-6 @@ -1,5 +1,7 @@ FROM centos:6 +RUN yum -y install redhat-lsb-core + # Install Ansible RUN yum -y update; yum clean all; RUN yum -y install epel-release diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 index 8aa0654..fb37a6f 100644 --- a/tests/Dockerfile.centos-7 +++ b/tests/Dockerfile.centos-7 @@ -12,6 +12,8 @@ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*; \ rm -f /lib/systemd/system/anaconda.target.wants/*; +RUN yum -y install redhat-lsb-core + # Install Ansible RUN yum -y install epel-release RUN yum -y install git ansible sudo From 290d9f05a6e25077140521d98b49f043bbbdac6a Mon Sep 17 00:00:00 2001 From: curantes Date: Wed, 4 May 2016 10:22:23 +0200 Subject: [PATCH 124/128] remove requirement of redhat-lsb-core I would suggest to use {{ ansible_distribution_major_version }} instead of the {{ ansible_lsb.major_version }} since that will require the package redhat-lsb-core installed which is not always installed. You will get the same result if you use the other way without the requirement of redhat-lsb-core package. --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index ee2aa4f..627d917 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,7 +5,7 @@ when: ansible_os_family != "RedHat" - name: Include OS-specific variables (RedHat). - include_vars: "{{ ansible_os_family }}-{{ ansible_lsb.major_release }}.yml" + include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" when: ansible_os_family == "RedHat" - name: Define mysql_packages. From 48ef3413b3a62fc2f4aea67e57206ce25e643605 Mon Sep 17 00:00:00 2001 From: Jeff Geerling Date: Wed, 4 May 2016 11:09:42 -0500 Subject: [PATCH 125/128] PR #119 follow-up: Remove redhat-lsb-core install from test containers. --- tests/Dockerfile.centos-6 | 2 -- tests/Dockerfile.centos-7 | 2 -- 2 files changed, 4 deletions(-) diff --git a/tests/Dockerfile.centos-6 b/tests/Dockerfile.centos-6 index 27ff215..4a4e7b8 100644 --- a/tests/Dockerfile.centos-6 +++ b/tests/Dockerfile.centos-6 @@ -1,7 +1,5 @@ FROM centos:6 -RUN yum -y install redhat-lsb-core - # Install Ansible RUN yum -y update; yum clean all; RUN yum -y install epel-release diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 index fb37a6f..8aa0654 100644 --- a/tests/Dockerfile.centos-7 +++ b/tests/Dockerfile.centos-7 @@ -12,8 +12,6 @@ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*; \ rm -f /lib/systemd/system/anaconda.target.wants/*; -RUN yum -y install redhat-lsb-core - # Install Ansible RUN yum -y install epel-release RUN yum -y install git ansible sudo From 5e7edb858037b7c26954ee2ee654b7d5fff49296 Mon Sep 17 00:00:00 2001 From: nerzhul Date: Thu, 28 Apr 2016 16:40:16 +0200 Subject: [PATCH 126/128] Add mysql_skip_name_resolve parameter This prevent MySQL DNS name resolution. Default: no --- defaults/main.yml | 1 + templates/my.cnf.j2 | 3 +++ 2 files changed, 4 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 47415d4..0c7807d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -27,6 +27,7 @@ mysql_port: "3306" mysql_bind_address: '0.0.0.0' mysql_datadir: /var/lib/mysql mysql_pid_file: /var/run/mysqld/mysqld.pid +mysql_skip_name_resolve: no # Slow query log settings. mysql_slow_query_log_enabled: no diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index b13c3cb..3923720 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -9,6 +9,9 @@ bind-address = {{ mysql_bind_address }} datadir = {{ mysql_datadir }} socket = {{ mysql_socket }} pid-file = {{ mysql_pid_file }} +{% if mysql_skip_name_resolve %} +skip-name-resolve +{% endif %} # Logging configuration. {% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} From 67d5548e6d0a10909c2184bb92bfe1528b41b047 Mon Sep 17 00:00:00 2001 From: nerzhul Date: Thu, 12 May 2016 14:29:35 +0200 Subject: [PATCH 127/128] Permit to remove user, not only create them --- README.md | 2 +- tasks/users.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index fc061a2..2740c36 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ The MySQL databases to create. A database has the values `name`, `encoding` (def mysql_users: [] -The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password`, `priv` (defaults to `*.*:USAGE`), and `append_privs` (defaults to `no`). The formats of these are the same as in the `mysql_user` module. +The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password`, `priv` (defaults to `*.*:USAGE`), `append_privs` (defaults to `no`), `state` (defaults to `present`). The formats of these are the same as in the `mysql_user` module. mysql_packages: - mysql diff --git a/tasks/users.yml b/tasks/users.yml index b94deef..6c41ce7 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -5,7 +5,7 @@ host: "{{ item.host | default('localhost') }}" password: "{{ item.password }}" priv: "{{ item.priv | default('*.*:USAGE') }}" - state: present + state: "{{ item.state | default('present') }}" append_privs: "{{ item.append_privs | default('no') }}" with_items: "{{ mysql_users }}" no_log: true From 3fb815e5dc43224f0e1787f1e81c81c826d6890a Mon Sep 17 00:00:00 2001 From: flackend Date: Tue, 31 May 2016 18:47:49 -0400 Subject: [PATCH 128/128] Fix for complex passwords in .my.cnf Adds quotes around password value. --- templates/user-my.cnf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/user-my.cnf.j2 b/templates/user-my.cnf.j2 index 43de06a..95cae66 100644 --- a/templates/user-my.cnf.j2 +++ b/templates/user-my.cnf.j2 @@ -1,3 +1,3 @@ [client] user={{ mysql_root_username }} -password={{ mysql_root_password }} +password="{{ mysql_root_password }}"