Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/oefenweb/ansible-percona-server
Ansible role to set up percona-server server in Debian-like systems
https://github.com/oefenweb/ansible-percona-server
ansible database debian mysql percona-server privileges ssl ubuntu
Last synced: about 14 hours ago
JSON representation
Ansible role to set up percona-server server in Debian-like systems
- Host: GitHub
- URL: https://github.com/oefenweb/ansible-percona-server
- Owner: Oefenweb
- License: mit
- Created: 2015-08-26T12:21:37.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2024-12-03T10:45:58.000Z (23 days ago)
- Last Synced: 2024-12-18T12:09:13.482Z (8 days ago)
- Topics: ansible, database, debian, mysql, percona-server, privileges, ssl, ubuntu
- Language: Jinja
- Size: 227 KB
- Stars: 45
- Watchers: 7
- Forks: 29
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
## percona-server
[](https://github.com/Oefenweb/ansible-percona-server/actions?query=workflow%3ACI)
[](https://galaxy.ansible.com/Oefenweb/percona_server)
Set up a [percona-server](https://www.percona.com/software/mysql-database/percona-server) server in Debian-like systems.
#### Requirements
* `python-mysqldb(2|3)` (will be installed)
* `tee` (will not be installed)
* `software-properties-common` (will be installed)
* `dirmngr` (will be installed)
* `gpg-agent` (will be installed)
* `apt-transport-https` (will be installed)
* `debconf-utils` (will be installed)
#### Variables
##### General
* `percona_server_version`: [default: `5.7`]: Version to install (e.g. `5.6`)
* `percona_server_root_username`: [default: `root`]: Root username
* `percona_server_root_password`: [default: `+eswuw9uthUteFreyAqu`]: Root password **Make sure to change!**
* `percona_server_install`: [`['xtrabackup']`]: Additional packages to install
* `percona_server_etc_my_cnf`: [default: `[]`]: Global configuration declarations
* `percona_server_etc_my_cnf_includedir`: [optional]: Used to include other option files from this directory (e.g. `/etc/mysql/conf.d/`)
* `percona_server_user_root_cnf_manage`: [default: `true`]: Whether or not to manage `~root/.my.cnf`
* `percona_server_user_root_cnf`: [default: `percona_server_user_root_cnf_preset`, see `defaults/main.yml`]: Root user configuration declarations
* `percona_server_use_legacy_auth_method`: [default: `false`]: Use legacy authentication method **_(only Percona Server 8.0)_**
##### SSL
* `percona_server_ssl_map`: [default: `{}`]: SSL declarations
* `percona_server_ssl_map.key`: [required]: The identifier of the file (e.g. `ca-cert`)
* `percona_server_ssl_map.key.src`: [required]: The local path of the file to copy, can be absolute or relative (e.g. `../../../files/percona-server/etc/mysql/ca-cert.pem`)
* `percona_server_ssl_map.key.dest`: [required]: The remote path of the file to copy (e.g. `/etc/mysql/ca-cert.pem`)
* `percona_server_ssl_map.key.owner`: [optional, default `root`]: The name of the user that should own the file
* `percona_server_ssl_map.key.group`: [optional, default `mysql`]:The name of the group that should own the file
* `percona_server_ssl_map.key.mode`: [optional, default `0640`]: The mode of the file
##### Plugins
* `percona_server_plugins_present`: [default: `[]`]: Plugins to `INSTALL`
* `percona_server_plugins_present.{n}.name`: [required]: The name of the plugin (e.g. `QUERY_RESPONSE_TIME_AUDIT`)
* `percona_server_plugins_present.{n}.soname`: [required]: The base name of the shared library file that contains the code that implements the plugin (e.g. `query_response_time.so`)
* `percona_server_plugins_absent`: [default: `[]`]: Plugins to `UNINSTALL`
* `percona_server_plugins_absent.{n}.name`: [required]: The name of the plugin
##### Databases
* `percona_server_databases_present`: [default: `[]`]: Databases to `CREATE`
* `percona_server_databases_present.{n}.name`: [required]: The name of the database
* `percona_server_databases_present.{n}.collation`: [optional, default: `utf8_general_ci`]: The collation of the database
* `percona_server_databases_present.{n}.encoding`: [optional, default: `utf8`]: The character set of the database
* `percona_server_databases_absent`: [default: `[{name: test}]`]: Databases to `DROP`
* `percona_server_databases_absent.{n}.name`: [required]: The name of the database
##### Users
* `percona_server_users_present`: [default: `[]`]: Users to `CREATE`
* `percona_server_users_present.{n}.name`: [required]: The name of the user
* `percona_server_users_present.{n}.password`: [required]: The password of the user
* `percona_server_users_present.{n}.privs`: [required]: Privileges (e.g. `'test.*:ALL'`)
* `percona_server_users_present.{n}.hosts`: [optional, default: `percona_server_users_present_hosts`]: Hosts to `CREATE` privileges for (e.g. `%`)
* `percona_server_users_present_hosts`: [default: `[localhost]`]: Hosts to `CREATE` privileges for
* `percona_server_users_absent`: [default: `[{name: ''}]`]: Users to `DROP`
* `percona_server_users_absent.{n}.name`: [required]: The name of the user
* `percona_server_users_absent.{n}.hosts`: [optional, default: `percona_server_users_absent_hosts`]: Hosts to `DROP` privileges for (e.g. `%`)
* `percona_server_users_absent_hosts`: [default: `[{{ ansible_hostname }}, 127.0.0.1, localhost, ::1, %]`]: Hosts to `DROP` privileges for
##### Queries
* `percona_server_queries`: [default: `[]`]: Query declarations
* `percona_server_queries.{n}.database`: [required]: Name of the database to execute queries on
* `percona_server_queries.{n}.queries`: [default: `[]`]: A list of queries to execute
##### Timezone info
* `percona_server_zoneinfo_manage`: [default: `false`]: Whether or not to load time zone tables
* `percona_server_zoneinfo_tz_dir`: [default: `/usr/share/zoneinfo`]: The zoneinfo directory path name
* `percona_server_zoneinfo_tz_file`: [default: `''`]: The path of a single time zone file (e.g. `/usr/share/zoneinfo/Europe/Amsterdam`)
* `percona_server_zoneinfo_tz_name`: [default: `''`]: A time zone name (e.g. `Europe/Amsterdam`)
* `percona_server_zoneinfo_command`: [default: `mysql_tzinfo_to_sql {{ percona_server_zoneinfo_tz_dir }}`]: The zoneinfo command to generate SQL (e.g. `mysql_tzinfo_to_sql {{ percona_server_zoneinfo_tz_file }} {{ percona_server_zoneinfo_tz_name }}`, `mysql_tzinfo_to_sql --leap {{ {{ percona_server_zoneinfo_tz_file }} }}`)
##### Toolkit UDFs
* `percona_server_toolkit_udfs_manage`: [default: `true`]: Whether or not to install recommended hash functions ([see](https://www.percona.com/doc/percona-server/LATEST/management/udf_percona_toolkit.html))
## Dependencies
None
## Recommended
* `percona-client` ([see](https://github.com/Oefenweb/ansible-percona-client), when `percona_server_manage_root_my_cnf` is `false`)
* `percona-server-tools` ([see](https://github.com/Oefenweb/ansible-percona-server-tools))
* `percona-toolkit` ([see](https://github.com/Oefenweb/ansible-percona-toolkit))
* `limits` ([see](https://github.com/Oefenweb/ansible-limits))
#### Example(s)
##### Simple
```yaml
---
- hosts: all
roles:
- oefenweb.percona-server
```
##### Configure databases and users
```yaml
---
- hosts: all
roles:
- oefenweb.percona-server
vars:
percona_server_databases_present:
- name: ipsum
- name: dolor
percona_server_databases_absent:
- name: sit
- name: amet
percona_server_users_present_hosts:
- 'localhost'
- '%'
percona_server_users_present:
- name: consectetur
password: 'elit'
privs:
- 'ipsum.*:ALL'
- 'dolor.*:ALL'
- name: adipiscing
password: 'lacus'
privs:
- 'ipsum.*:SELECT'
- 'dolor.*:INSERT,UPDATE'
hosts:
- '%'
percona_server_users_absent:
- name: urna
- name: vehicula
hosts:
- '%'
```
##### Configure SSL
```yaml
- hosts: all
roles:
- oefenweb.percona-server
vars:
percona_server_ssl_map:
ca-cert:
src: ../../../files/percona-server/etc/mysql/ca-cert.pem
dest: /etc/mysql/ca-cert.pem
client-cert:
src: ../../../files/percona-server/etc/mysql/client-cert.pem
dest: /etc/mysql/client-cert.pem
client-key:
src: ../../../files/percona-server/etc/mysql/client-key.pem
dest: /etc/mysql/client-key.pem
server-cert:
src: ../../../files/percona-server/etc/mysql/server-cert.pem
dest: /etc/mysql/server-cert.pem
server-key:
src: ../../../files/percona-server/etc/mysql/server-key.pem
dest: /etc/mysql/server-key.pem
percona_server_etc_my_cnf:
- section: client
options:
- name: ssl_cert
value: "{{ percona_server_ssl_map['client-cert']['dest'] }}"
- name: ssl_key
value: "{{ percona_server_ssl_map['client-key']['dest'] }}"
- section: mysqld
options:
- name: ssl_ca
value: "{{ percona_server_ssl_map['ca-cert']['dest'] }}"
- name: ssl_cert
value: "{{ percona_server_ssl_map['server-cert']['dest'] }}"
- name: ssl_key
value: "{{ percona_server_ssl_map['server-key']['dest'] }}"
```
##### Configure replication
###### Master-slave
```yaml
- hosts: master
roles:
- oefenweb.percona-server
vars:
percona_server_users_present:
- name: replicator
password: 'replicator'
privs:
- '*.*:REPLICATION SLAVE'
hosts:
- '%'
percona_server_etc_my_cnf:
- section: mysqld
options:
- name: server_id
value: 1
- name: log_bin
value: mysql-bin
- name: log_bin_index
value: mysql-bin.index
- name: sync_binlog
value: 1
- name: report_host
value: "{{ inventory_hostname }}"
- hosts: slave
roles:
- oefenweb.percona-server
vars:
percona_server_users_present:
- name: replicator
password: 'replicator'
privs:
- '*.*:REPLICATION SLAVE'
hosts:
- '%'
percona_server_etc_my_cnf:
- section: mysqld
options:
- name: server_id
value: 2
- name: relay_log
value: mysql-relay
- name: relay_log_index
value: mysql-relay.index
- name: sync_relay_log
value: 1
- name: report_host
value: "{{ inventory_hostname }}"
- name: read_only
value: 1
- name: skip_slave_start
value: 1
```
###### Master-master
```yaml
- hosts: master1
roles:
- oefenweb.percona-server
vars:
percona_server_users_present:
- name: replicator
password: 'replicator'
privs:
- '*.*:REPLICATION SLAVE'
hosts:
- '%'
percona_server_etc_my_cnf:
- section: mysqld
options:
- name: server_id
value: 1
- name: log_bin
value: mysql-bin
- name: log_bin_index
value: mysql-bin.index
- name: sync_binlog
value: 1
- name: relay_log
value: mysql-relay
- name: relay_log_index
value: mysql-relay.index
- name: sync_relay_log
value: 1
- name: report_host
value: "{{ inventory_hostname }}"
- name: skip_slave_start
value: 1
- hosts: master2
roles:
- oefenweb.percona-server
vars:
percona_server_users_present:
- name: replicator
password: 'replicator'
privs:
- '*.*:REPLICATION SLAVE'
hosts:
- '%'
percona_server_etc_my_cnf:
- section: mysqld
options:
- name: server_id
value: 2
- name: log_bin
value: mysql-bin
- name: log_bin_index
value: mysql-bin.index
- name: sync_binlog
value: 1
- name: relay_log
value: mysql-relay
- name: relay_log_index
value: mysql-relay.index
- name: sync_relay_log
value: 1
- name: report_host
value: "{{ inventory_hostname }}"
- name: skip_slave_start
value: 1
```
#### License
MIT
#### Author Information
Mischa ter Smitten (based on work of [overdrive3000](https://github.com/overdrive3000/ansible-percona), [geerlingguy](https://github.com/geerlingguy/ansible-role-mysql) and [silviud](https://gist.github.com/silviud/6382400))
#### Feedback, bug-reports, requests, ...
Are [welcome](https://github.com/Oefenweb/ansible-percona-server/issues)!