From c2f1ef522a4a449bcf2c84926286ae09124e6ceb Mon Sep 17 00:00:00 2001 From: Steven Wheeler Date: Fri, 6 May 2022 15:49:45 -0500 Subject: [PATCH 1/4] Fix Galera bootstrap issues --- defaults/main.yml | 2 ++ tasks/galera/bootstrap.yml | 10 ++++++++++ tasks/galera/nodes.yml | 7 +++++++ 3 files changed, 19 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index 35b17f7..cd77beb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -122,6 +122,8 @@ mariadb_upstream_version: '10.6' # ------------------------------------- # Galera # ------------------------------------- +mariadb_galera_sst_user: galera +mariadb_galera_sst_password: galera mariadb_galera_resetup: false mariadb_wsrep_node_address: false # Set primary node IP mariadb_galera_members: [] diff --git a/tasks/galera/bootstrap.yml b/tasks/galera/bootstrap.yml index e9bfd2a..28b0858 100644 --- a/tasks/galera/bootstrap.yml +++ b/tasks/galera/bootstrap.yml @@ -30,6 +30,16 @@ register: bootstrap_run when: ansible_service_mgr != 'systemd' + - name: MYSQL_USER | Manage SST user... + community.mysql.mysql_user: + name: "{{ mariadb_galera_sst_user }}" + password: "{{ mariadb_galera_sst_password }}" + priv: "*.*:RELOAD,LOCK TABLES,REPLICATION CLIENT,PROCESS" + host: localhost + state: present + no_log: "{{ not mariadb_debug_role }}" + when: mariadb_galera_sst_user != '' + when: not s.stat.exists or mariadb_galera_resetup - name: COMMAND | Create Bootstrap mark diff --git a/tasks/galera/nodes.yml b/tasks/galera/nodes.yml index c84f697..ae6f7c1 100644 --- a/tasks/galera/nodes.yml +++ b/tasks/galera/nodes.yml @@ -33,3 +33,10 @@ state: started when: debiancnf.stdout != ondc.stdout + +- name: SERVICE | Restart MariaDB if needed + ansible.builtin.service: + name: "{{ mariadb_service_name }}" + state: restarted + when: + galeraconfig and bootstrap_run is defined and bootstrap_run['changed'] From d957d3167865fb4071679b0c72d9447ceffbad0f Mon Sep 17 00:00:00 2001 From: Steven Wheeler Date: Fri, 6 May 2022 16:44:28 -0500 Subject: [PATCH 2/4] Only restart the other nodes when bootstrapping --- tasks/galera/nodes.yml | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/tasks/galera/nodes.yml b/tasks/galera/nodes.yml index ae6f7c1..8607167 100644 --- a/tasks/galera/nodes.yml +++ b/tasks/galera/nodes.yml @@ -1,4 +1,12 @@ --- +- name: SET_FACT | Prepare mark var + ansible.builtin.set_fact: + __mark: "{{ mariadb_datadir }}/.ansible_galera_boostrap" + +- name: STAT | Bootstrap mark + ansible.builtin.stat: + path: "{{ __mark }}" + register: s - name: COMMAND | GET debian.cnf from primary node ansible.builtin.command: cat /etc/mysql/debian.cnf @@ -38,5 +46,10 @@ ansible.builtin.service: name: "{{ mariadb_service_name }}" state: restarted - when: - galeraconfig and bootstrap_run is defined and bootstrap_run['changed'] + throttle: 1 + when: not s.stat.exists or mariadb_galera_resetup + +- name: COMMAND | Create Bootstrap mark + ansible.builtin.command: "touch {{ __mark }}" + args: + creates: "{{ __mark }}" From 357fec1edebc58c3b6193471caa9a950e7b99f70 Mon Sep 17 00:00:00 2001 From: Steven Wheeler Date: Mon, 9 May 2022 16:40:59 -0500 Subject: [PATCH 3/4] Only manage databases and users from primary node --- tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks/main.yml b/tasks/main.yml index 0310ebb..4cb2746 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -66,6 +66,7 @@ state: present login_unix_socket: "{{ mariadb_socket }}" loop: "{{ mariadb_databases }}" + when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node - name: MYSQL_USER | Manages users... community.mysql.mysql_user: @@ -78,3 +79,4 @@ login_unix_socket: "{{ mariadb_socket }}" loop: "{{ mariadb_users }}" no_log: "{{ not mariadb_debug_role }}" + when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node From b8d63bb8c7777d07261e02d32feb6f0805989f8a Mon Sep 17 00:00:00 2001 From: Steven Wheeler Date: Wed, 11 May 2022 16:24:52 -0500 Subject: [PATCH 4/4] Handle custom root passwords --- tasks/galera/bootstrap.yml | 3 +++ tasks/main.yml | 6 ++++++ tasks/secure.yml | 6 ++++++ 3 files changed, 15 insertions(+) diff --git a/tasks/galera/bootstrap.yml b/tasks/galera/bootstrap.yml index 28b0858..b8453cb 100644 --- a/tasks/galera/bootstrap.yml +++ b/tasks/galera/bootstrap.yml @@ -37,6 +37,9 @@ priv: "*.*:RELOAD,LOCK TABLES,REPLICATION CLIENT,PROCESS" host: localhost state: present + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" no_log: "{{ not mariadb_debug_role }}" when: mariadb_galera_sst_user != '' diff --git a/tasks/main.yml b/tasks/main.yml index 4cb2746..15e5534 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -65,6 +65,9 @@ name: "{{ item }}" state: present login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: "{{ mariadb_databases }}" when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node @@ -77,6 +80,9 @@ host_all: "{{ item.host_all | default(omit) }}" state: present login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: "{{ mariadb_users }}" no_log: "{{ not mariadb_debug_role }}" when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node diff --git a/tasks/secure.yml b/tasks/secure.yml index cda139f..98de81a 100644 --- a/tasks/secure.yml +++ b/tasks/secure.yml @@ -6,6 +6,9 @@ host: "{{ item }}" state: absent login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: - "{{ ansible_hostname }}" - 127.0.0.1 @@ -17,3 +20,6 @@ name: test state: absent login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}"