Full buster optim (#38)

* Remove Stretch and Percona support
* Delete root password management (On Buster, it uses socket auth)
* Fix sync backups files master -> slave
* Cleanup legacy code on replication slave
* Use modern configuration
* Debian buster configuration style
* Drop logrotate management (useless)
* Add new default values in defaults/main.yml (according with MariaDB doc)
* Travis with Ansible 2.8+
* Drop feature "don't replicate mysql database"
* Fully compatible with python3

tasks/galera/main.yml

@@ -2,8 +2,8 @@
 
 - name: TEMPLATE | Deploy Galera configuration
   template:
-    src: etc/mysql/conf.d/09-galera.cnf.j2
-    dest: /etc/mysql/conf.d/09-galera.cnf
+    src: etc/mysql/mariadb.conf.d/20-galera.cnf.j2
+    dest: /etc/mysql/mariadb.conf.d/20-galera.cnf
   register: galeraconfig
 
 - name: INCLUDE | Bootstrap first node

tasks/install/main.yml

@@ -1,9 +1,5 @@
 ---
 
-- name: INCLUDE | Setup Percona repository
-  import_tasks: 'percona/apt.yml'
-  when: mariadb_use_percona_apt | bool
-
 - name: INCLUDE | Setup MariaDB repository
   import_tasks: 'mariadb/upstream.yml'
   when: mariadb_origin == 'upstream'
@@ -15,8 +11,3 @@
   apt:
     pkg: "{{ mariadb_tools }}"
     install_recommends: no
-
-- name: APT | Install percona-xtrabackup if needed
-  apt:
-    pkg: "{{ mariadb_xtrabackup_package }}"
-  when: mariadb_install_xtrabackup_package | bool

tasks/install/mariadb/default.yml

@@ -1,26 +1,5 @@
 ---
 
-- name: SHELL | Get MariaDB target version
-  shell: "LANG=C apt-cache depends mariadb-server | awk -F '-' '/Depends/ { print $NF }'"
-  register: apt_mariadb_version
-  changed_when: false
-
-- name: DEBCONF | Prepare MariaDB silent installation (root password)
-  debconf:
-    name: 'mariadb-server-{{ apt_mariadb_version.stdout }}'
-    question: 'mysql-server/root_password'
-    vtype: 'password'
-    value: '{{ mariadb_root_password }}'
-  when: not mariadb_exists.stat.exists
-
-- name: DEBCONF | Prepare MariaDB silent installation (root password again)
-  debconf:
-    name: 'mariadb-server-{{ apt_mariadb_version.stdout }}'
-    question: 'mysql-server/root_password_again'
-    vtype: 'password'
-    value: '{{ mariadb_root_password }}'
-  when: not mariadb_exists.stat.exists
-
 - name: APT | Install MariaDB server
   apt:
     pkg: mariadb-server

tasks/install/percona/apt.yml

@@ -1,16 +0,0 @@
----
-
-- name: APT | Install Percona repository
-  apt:
-    deb: https://repo.percona.com/apt/percona-release_latest.generic_all.deb
-
-- name: COMMAND | Enable percona tools repository
-  command: percona-release enable tools release
-  args:
-    creates: /etc/apt/sources.list.d/percona-tools-release.list
-  register: p
-
-- name: APT | Update cache
-  apt:
-    update_cache: yes
-  when: p.changed

tasks/main.yml

@@ -1,13 +1,5 @@
 ---
 
-- block:
-
-    - name: SET_FACT | Bypass https://github.com/ansible/ansible/issues/19874
-      set_fact:
-        ansible_distribution_release: 'buster'
-
-  when: ansible_facts.distribution_major_version == "buster/sid"
-
 - name: INCLUDE_VARS | Related to OS version
   include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
 
@@ -20,35 +12,27 @@
 - name: INCLUDE | Install
   import_tasks: install/main.yml
 
-- name: TEMPLATE | Deploy configuration
+- name: TEMPLATE | Deploy config files
   template:
-    src: "{{ mariadb_config_template }}"
-    dest: /etc/mysql/my.cnf
+    src: "{{ item }}"
+    dest: "/{{ item | replace('.j2', '') }}"
+  loop:
+    - etc/mysql/my.cnf
+    - etc/mysql/conf.d/mysqldump.cnf.j2
+    - etc/mysql/mariadb.conf.d/10-extra.cnf.j2
+    - etc/mysql/mariadb.conf.d/50-client.cnf.j2
+    - etc/mysql/mariadb.conf.d/50-mysqld_safe.cnf.j2
+    - etc/mysql/mariadb.conf.d/50-server.cnf.j2
   register: config
 
-- name: TEMPLATE | Deploy extra configuration
-  template:
-    src: etc/mysql/conf.d/10-extra.cnf.j2
-    dest: /etc/mysql/conf.d/10-extra.cnf
-  register: extraconfig
-
 - name: SERVICE | Restart now (prevent bugs)
   service:
     name: mysql
     state: restarted
   when:
-    (config.changed or extraconfig.changed) and
+    config.changed and
     not mariadb_galera_resetup
 
-- name: TEMPLATE Create .my.cnf for root
-  template:
-    src: root/my.cnf
-    dest: /root/.my.cnf
-    owner: root
-    group: root
-    mode: 0600
-    backup: yes
-
 - name: INCLUDE | Galera
   import_tasks: galera/main.yml
   when: mariadb_use_galera
@@ -80,9 +64,3 @@
     host_all: "{{ item.host_all | default(omit) }}"
     state: present
   loop: "{{ mariadb_users }}"
-
-- name: TEMPLATE | Deploy logrotate configuration
-  template:
-    src: "etc/logrotate.d/mysql-server.j2"
-    dest: "/etc/logrotate.d/mysql-server"
-  when: mariadb_manage_logrotate | bool

tasks/replication/master.yml

@@ -2,6 +2,6 @@
 
 - name: TEMPLATE | Deploy master configuration
   template:
-    src: etc/mysql/conf.d/50-master.cnf.j2
-    dest: /etc/mysql/conf.d/50-master.cnf
+    src: etc/mysql/mariadb.conf.d/40-master.cnf.j2
+    dest: /etc/mysql/mariadb.conf.d/40-master.cnf
   notify: restart mariadb

tasks/replication/slave.yml

@@ -8,8 +8,8 @@
 
 - name: TEMPLATE | Deploy slave configuration
   template:
-    src: etc/mysql/conf.d/51-slave.cnf.j2
-    dest: /etc/mysql/conf.d/51-slave.cnf
+    src: etc/mysql/mariadb.conf.d/40-slave.cnf.j2
+    dest: /etc/mysql/mariadb.conf.d/40-slave.cnf
   notify: restart mariadb
 
 - name: MYSQL_REPLICATION | Get slave status
@@ -18,27 +18,16 @@
   ignore_errors: yes
   register: slave_status
 
-- name: INCLUDE | Transfert /etc/mysql/debian.cnf from master
-  import_tasks: slave/ssh.yml
-  when: mariadb_slave_replicate_mysqldb or ((slave_status.failed is defined or not slave_status.Is_Slave) and mariadb_slave_import_data)
-
 - name: INCLUDE | Import data
   import_tasks: slave/import_data.yml
-  when: (slave_status.failed is defined or not slave_status.Is_Slave) and mariadb_slave_import_data
+  when: (slave_status.failed or not slave_status.Is_Slave) and mariadb_slave_import_data
 
-- name: INCLUDE | Configure replication
-  import_tasks: slave/replication.yml
-  when: (slave_status.failed is defined or not slave_status.Is_Slave) or mariadb_slave_force_setup
-
-- name: INCLUDE | Transfert /etc/mysql/debian.cnf from master
-  import_tasks: slave/debiancnf.yml
-  when: mariadb_slave_replicate_mysqldb
+- name: Configure GTID Recplication
+  import_tasks: slave/gtid.yml
+  when: slave_status.failed or not slave_status.Is_Slave or mariadb_slave_force_setup
 
 - name: MYSQL_REPLICATION | Get slave status
   mysql_replication:
     mode: getslave
   ignore_errors: yes
   register: slave_status
-
-- name: Configure GTID
-  import_tasks: slave/gtid.yml

tasks/replication/slave/debiancnf.yml

@@ -1,25 +0,0 @@
----
-
-- name: FETCH | Get /etc/mysql/debian.cnf on master
-  fetch:
-    src: /etc/mysql/debian.cnf
-    dest: /tmp/{{ mariadb_slave_import_from }}/debian.cnf
-    flat: yes
-  changed_when: false
-  delegate_to: "{{ mariadb_slave_import_from }}"
-
-- name: LOCAL_ACTION FILE | Secure fetched file
-  local_action:
-    module: file
-    path: "/tmp/{{ mariadb_slave_import_from }}/debian.cnf"
-    mode: 0600
-  become: no
-
-- name: COPY | Fetched file to /etc/mysql/debian.cnf
-  copy:
-    src: "/tmp/{{ mariadb_slave_import_from }}/debian.cnf"
-    dest: /etc/mysql/debian.cnf
-    owner: root
-    group: root
-    mode: 0600
-  notify: restart mariadb

tasks/replication/slave/gtid.yml

@@ -1,15 +1,25 @@
 ---
 
-# Need this hack before:
-# - https://github.com/ansible/ansible/issues/29214
-# - https://mariadb.com/kb/en/mariadb/global-transaction-id/#switching-an-existing-old-style-slave-to-use-gtid
-
 - name: MYSQL_REPLICATION | Stop slave
   mysql_replication:
     mode: stopslave
 
-- name: COMMAND | Migrate to MariaDB GTID
+- name: MYSQL_REPLICATION | Configure master host
+  mysql_replication:
+    mode: changemaster
+    master_host: "{{ mariadb_replication_host }}"
+    master_port: "{{ mariadb_replication_port }}"
+    master_user: "{{ mariadb_replication_user }}"
+    master_password: "{{ mariadb_replication_password }}"
+
+# -- Wait this PR in Ansible released version (https://github.com/ansible/ansible/pull/62648)
+# name: MYSQL_REPLICATION | Setup replication with GTID
+# mysql_replication:
+#   master_use_gtid: current_pos
+
+- name: COMMAND | Configure GTID
   command: mariadb -e "CHANGE MASTER TO master_use_gtid=current_pos";
+  changed_when: true
 
 - name: MYSQL_REPLICATION | Start slave
   mysql_replication:

tasks/replication/slave/import_data.yml

@@ -1,39 +1,51 @@
 ---
 
-# Doc: https://www.percona.com/doc/percona-xtrabackup/2.1/howtos/recipes_ibkx_gtid.html
-- name: WAIT_FOR | source data (prevent rsync bug) - TODO find another hack
-  wait_for:
-    host: "{{ mariadb_slave_import_from }}"
-    port: 22
-
-- name: COMMAND | Prepare backup another server
-  command: innobackupex --no-timestamp {{ mariadb_backup_dir }}
-  args:
-    creates: "{{ mariadb_backup_dir }}"
-  delegate_to: "{{ mariadb_slave_import_from }}"
-  register: backup
-
-- name: SHELL | Dump
-  shell: "innobackupex --apply-log {{ mariadb_backup_dir }}"
-  delegate_to: "{{ mariadb_slave_import_from }}"
-  when: backup.changed
-
-- name: FILE | Remove mysql db from backup
+- name: FILE | Create SSH client dir
   file:
-    path: "{{ mariadb_backup_dir }}/mysql"
-    state: absent
+    path: "{{ ansible_env.HOME }}/.ssh"
+    state: directory
+    mode: 0700
+
+- name: OPENSSH_KEYPAIR | Create SSH key
+  openssh_keypair:
+    path: "{{ ansible_env.HOME }}/.ssh/id_rsa"
+  register: gen_ssh
+
+- block:
+
+  - name: AUTHORIZED_KEY | Auth slave to backup host
+    authorized_key:
+      user: "{{ mariadb_backup_user }}"
+      state: present
+      key: "{{ gen_ssh.public_key }}"
+
+  - name: FILE | Create backup directory
+    file:
+      path: "{{ mariadb_backup_dir }}"
+      state: directory
+
+  - name: COMMAND | Prepare backup another server
+    command: "mariabackup --backup -u root --target-dir={{ mariadb_backup_dir }}"
+    args:
+      creates: "{{ mariadb_backup_dir }}/xtrabackup_info"
+    register: backup
+
+  - name: SHELL | Dump
+    shell: "mariabackup --prepare --target-dir={{ mariadb_backup_dir }}"
+    when: backup.changed
+    register: prep
+    changed_when: "'This target seems to be not prepared yet' in prep.stderr"
+
   delegate_to: "{{ mariadb_slave_import_from }}"
-  when: backup.changed and not mariadb_slave_replicate_mysqldb
 
 - name: MYSQL_VARIABLES | Get datadir
   mysql_variables:
     variable: datadir
   register: datadir
 
-- name: SET_FACT | related to mysql datadir
+- name: SET_FACT | Get MariaDB datadir
   set_fact:
     mariadb_datadir: "{{ datadir.msg }}"
-    mariadb_binlog_info: "{{ datadir.msg }}/xtrabackup_binlog_info"
 
 - name: SERVICE | Stop MariaDB before importing data
   service:
@@ -53,29 +65,17 @@
     group: mysql
     recurse: yes
 
+- name: SHELL | Remove InnoDB redo logs
+  shell: "rm -f {{ mariadb_datadir }}/ib_logfile*"
+  args:
+    removes: "{{ mariadb_datadir }}/ib_logfile0"
+    warn: false
+
 - name: SERVICE | Start MariaDB
   service:
     name: mysql
     state: started
 
-- name: SHELL | Get master_log_file
-  command: "awk '{ print $1 }' {{ mariadb_binlog_info }}"
-  register: master_log_file
-
-- name: SHELL | Get master_log_pos
-  command: "awk '{ print $2 }' {{ mariadb_binlog_info }}"
-  register: master_log_pos
-
-- name: SHELL | Get master GTID
-  command: "awk '{ print $3 }' {{ mariadb_binlog_info }}"
-  register: master_gtid
-
-- name: SET_FACT | master_log_file
-  set_fact:
-    mariadb_master_log_file: "{{ master_log_file.stdout }}"
-    mariadb_master_log_pos: "{{ master_log_pos.stdout }}"
-    mariadb_master_gtid: "{{ master_gtid.stdout }}"
-
 - name: FILE | Delete dump
   file:
     path: "{{ mariadb_backup_dir }}"

tasks/replication/slave/ssh.yml

@@ -1,19 +0,0 @@
----
-
-- name: SHELL | Create SSH key if needed on slave
-  shell: "ssh-keygen -b 2048 -t rsa -f {{ ansible_env.HOME }}/.ssh/id_rsa -q -N ''"
-  args:
-    creates: "{{ ansible_env.HOME }}/.ssh/id_rsa"
-
-- name: COMMAND | Get pub key
-  command: cat {{ ansible_env.HOME }}/.ssh/id_rsa.pub
-  register: pub_key
-  changed_when: false
-
-- name: AUTHORIZED_KEY | Auth slave to backup host
-  authorized_key:
-    user: "{{ mariadb_backup_user }}"
-    state: present
-    key: "{{ pub_key.stdout }}"
-  delegate_to: "{{ mariadb_slave_import_from }}"
-  become: yes

tasks/secure.yml

@@ -1,16 +1,5 @@
 ---
 
-- name: MYSQL_USER | Update mysql root password for all root accounts
-  mysql_user:
-    name: root
-    host: "{{ item }}"
-    password: "{{ mariadb_root_password }}"
-  loop:
-    - "{{ ansible_hostname }}"
-    - 127.0.0.1
-    - ::1
-    - localhost
-
 - name: MYSQL_USER | Remove all anonymous users
   mysql_user:
     name: ''