From 65a711d38719672d7b37e6d2059323a51c3d390a Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Tue, 3 Mar 2020 18:41:27 +0100 Subject: [PATCH] mysql: Fixes to make it work with the new python module and with mysql 5.7. --- library/roles/mysql/defaults/main.yml | 5 ++++- library/roles/mysql/tasks/configure_root_access.yml | 10 +++++----- library/roles/mysql/tasks/main.yml | 8 ++++---- library/roles/mysql/tasks/manage_my_db.yml | 6 +++--- library/roles/mysql/templates/server.cnf.j2 | 4 +++- 5 files changed, 19 insertions(+), 14 deletions(-) diff --git a/library/roles/mysql/defaults/main.yml b/library/roles/mysql/defaults/main.yml index 53c186c..9044453 100644 --- a/library/roles/mysql/defaults/main.yml +++ b/library/roles/mysql/defaults/main.yml @@ -2,7 +2,7 @@ mysql_enabled: True mysql_pkg_state: present mysql_conf_dir: /etc/mysql/conf.d -mysql_socket: /var/run/mysqld/mysqld.sock +mysql_socket: /run/mysqld/mysqld.sock mysql_data_dir: /var/lib/mysql mysql_log_dir: /var/log/mysql @@ -12,11 +12,14 @@ mysql_packages_list: - mysql-client - mytop - python-mysqldb + - python-pymysql mysql_db_name: db_name mysql_db_user: db_user mysql_db_pwd: "We cannot save the password into the repository. Use another variable and change pgpass.j2 accordingly. Encrypt the file that contains the variable with ansible-vault" +mysql_binary_logging: True +mysql_server_id: 1 # Alternatives: utf8 mysql_default_encoding: utf8mb4 # Alternatives: utf8_unicode_ci utf8_bin diff --git a/library/roles/mysql/tasks/configure_root_access.yml b/library/roles/mysql/tasks/configure_root_access.yml index b0404ef..360c50c 100644 --- a/library/roles/mysql/tasks/configure_root_access.yml +++ b/library/roles/mysql/tasks/configure_root_access.yml @@ -1,7 +1,7 @@ --- # 'localhost' needs to be the last item for idempotency, the mysql_user docs - name: Secure the mysql root user with a password - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} + mysql_user: name=root host={{ item }} password={{ mysql_root_password }} login_unix_socket={{ mysql_socket }} when: mysql_root_password is defined with_items: - '{{ ansible_hostname }}' @@ -12,7 +12,7 @@ tags: [ 'mysql', 'mysql_root' ] - name: Secure the mysql root user when no password has been defined - mysql_user: name=root host={{ item }} password="" + mysql_user: name=root host={{ item }} password="" login_unix_socket={{ mysql_socket }} when: mysql_root_password is not defined with_items: - '{{ ansible_hostname }}' @@ -28,13 +28,13 @@ tags: [ 'mysql', 'mysql_root' ] - name: delete anonymous MySQL server user for the server hostname - mysql_user: user="" host="{{ ansible_hostname }}" state="absent" + mysql_user: user="" host="{{ ansible_hostname }}" state="absent" login_unix_socket={{ mysql_socket }} tags: [ 'mysql', 'mysql_root' ] - name: delete anonymous MySQL server user for localhost - mysql_user: user="" state="absent" + mysql_user: user="" state="absent" login_unix_socket={{ mysql_socket }} tags: mysql - name: remove the MySQL test database - mysql_db: db=test state=absent + mysql_db: db=test state=absent login_unix_socket={{ mysql_socket }} tags: mysql diff --git a/library/roles/mysql/tasks/main.yml b/library/roles/mysql/tasks/main.yml index d3734d9..3a0aaa5 100644 --- a/library/roles/mysql/tasks/main.yml +++ b/library/roles/mysql/tasks/main.yml @@ -1,12 +1,12 @@ --- - import_tasks: packages.yml - import_tasks: mysql-conf.yml - when: mysql_enabled + when: mysql_enabled | bool - import_tasks: manage-mysql-service.yml - import_tasks: configure_root_access.yml - when: mysql_enabled + when: mysql_enabled | bool - import_tasks: manage_my_db.yml - when: mysql_enabled + when: mysql_enabled | bool - import_tasks: mysql-backup.yml - when: mysql_enabled + when: mysql_enabled | bool diff --git a/library/roles/mysql/tasks/manage_my_db.yml b/library/roles/mysql/tasks/manage_my_db.yml index fe4de4a..851c6cc 100644 --- a/library/roles/mysql/tasks/manage_my_db.yml +++ b/library/roles/mysql/tasks/manage_my_db.yml @@ -1,12 +1,12 @@ --- - name: Add databases to mysql, if any - mysql_db: name={{ item.name }} collation={{ item.collation }} encoding={{ item.encoding }} state=present + mysql_db: name={{ item.name }} collation={{ item.collation }} encoding={{ item.encoding }} state=present login_unix_socket={{ mysql_socket }} with_items: '{{ mysql_db_data | default([]) }}' when: item.name is defined tags: [ 'mysql', 'mysql_db' ] - name: Add a user for the databases - mysql_user: name={{ item.0.user }} password={{ item.0.pwd }} host={{ item.1 }} priv="{{ item.0.name }}.*:{{ item.0.user_grant }}" state=present + mysql_user: name={{ item.0.user }} password={{ item.0.pwd }} host={{ item.1 }} priv="{{ item.0.name }}.*:{{ item.0.user_grant }}" state=present login_unix_socket={{ mysql_socket }} with_subelements: - '{{ mysql_db_data | default([]) }}' - allowed_hosts @@ -14,7 +14,7 @@ tags: [ 'mysql', 'mysql_db', 'mysql_user' ] - name: Additional user privileges, if defined - mysql_user: name={{ item.0.user }} append_privs=yes priv="{{ item.0.name }}.*:{{ item.0.additional_privs }}" state=present + mysql_user: name={{ item.0.user }} append_privs=yes priv="{{ item.0.name }}.*:{{ item.0.additional_privs }}" state=present login_unix_socket={{ mysql_socket }} with_subelements: - '{{ mysql_db_data | default([]) }}' - allowed_hosts diff --git a/library/roles/mysql/templates/server.cnf.j2 b/library/roles/mysql/templates/server.cnf.j2 index 6606ab0..07311ec 100644 --- a/library/roles/mysql/templates/server.cnf.j2 +++ b/library/roles/mysql/templates/server.cnf.j2 @@ -42,6 +42,8 @@ bind-address = 0.0.0.0 bind-address = 127.0.0.1 {% endif %} +{% if mysql_binary_logging %} +server-id={{ mysql_server_id }} # Enable binary logging. This is required for acting as a MASTER in a # replication configuration. You also need the binary log if you need # the ability to do point in time recovery from your latest backup. @@ -49,6 +51,7 @@ log-bin=mysql-bin # binary logging format - mixed recommended binlog_format=mixed +{% endif %} # Uncomment the following if you are using InnoDB tables innodb_data_home_dir = {{ mysql_data_dir }} @@ -57,7 +60,6 @@ innodb_log_group_home_dir = {{ mysql_data_dir }} # You can set .._buffer_pool_size up to 50 - 80 % # of RAM but beware of setting memory usage too high innodb_buffer_pool_size = {{ mysql_db_innodb_buffer_pool_size }} -innodb_additional_mem_pool_size = {{ mysql_db_innodb_additional_mem_pool_size }} # Set .._log_file_size to 25 % of buffer pool size innodb_log_file_size = {{ mysql_db_innodb_log_file_size }} innodb_log_buffer_size = {{ mysql_db_innodb_log_buffer_size }}