Ansible 幂等 MySQL 安装 Playbook
我想在 AWS 上设置一个 MySQL 服务器,使用 Ansible 进行配置管理.我使用的是 Amazon (ami-3275ee5b) 的默认 AMI,它使用 yum
进行包管理.
I want to setup a MySQL server on AWS, using Ansible for the configuration management.
I am using the default AMI from Amazon (ami-3275ee5b), which uses yum
for package management.
当执行下面的 Playbook 时,一切顺利.但是当我第二次运行它时,任务 Configure the root credentials
失败了,因为 MySQL 的旧密码不再匹配,因为它已在我上次运行此 Playbook 时更新.
When the Playbook below is executed, all goes well. But when I run it for a second time, the task Configure the root credentials
fails, because the old password of MySQL doesn't match anymore, since it has been updated the last time I ran this Playbook.
这使得 Playbook 非幂等,我不喜欢.我希望能够根据需要多次运行 Playbook.
This makes the Playbook non-idempotent, which I don't like. I want to be able to run the Playbook as many times as I want.
- hosts: staging_mysql
user: ec2-user
sudo: yes
tasks:
- name: Install MySQL
action: yum name=$item
with_items:
- MySQL-python
- mysql
- mysql-server
- name: Start the MySQL service
action: service name=mysqld state=started
- name: Configure the root credentials
action: command mysqladmin -u root -p $mysql_root_password
解决这个问题的最佳方法是什么,这意味着使 Playbook 具有幂等性?提前致谢!
What would be the best way to solve this, which means make the Playbook idempotent? Thanks in advance!
推荐答案
用于安全安装 MySQL 的 Ansible 版本.
mysql_secure_installation.yml
- hosts: staging_mysql
user: ec2-user
sudo: yes
tasks:
- name: Install MySQL
action: yum name={{ item }}
with_items:
- MySQL-python
- mysql
- mysql-server
- name: Start the MySQL service
action: service name=mysqld state=started
# 'localhost' needs to be the last item for idempotency, see
# http://ansible.cc/docs/modules.html#mysql-user
- name: update mysql root password for all root accounts
mysql_user: name=root host={{ item }} password={{ mysql_root_password }}
with_items:
- "{{ ansible_hostname }}"
- 127.0.0.1
- ::1
- localhost
- name: copy .my.cnf file with root password credentials
template: src=templates/root/my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
- name: delete anonymous MySQL server user for $server_hostname
action: mysql_user user="" host="{{ server_hostname }}" state="absent"
- name: delete anonymous MySQL server user for localhost
action: mysql_user user="" state="absent"
- name: remove the MySQL test database
action: mysql_db db=test state=absent
templates/root/my.cnf.j2
[client]
user=root
password={{ mysql_root_password }}
参考文献
- Lorin Hochstein 的原始答案
- https://github.com/gaspaio/ansible-devbox/blob/master/roles/mysql/tasks/server.yml
相关文章