1. mysql_user 模块
mysql_user模块用来添加,删除用户以及设置用户权限
创建MySQL数据库的用户与口令(非root@localhost用户),直接通过playbooks中的案例来说明吧。
- name: 创建MySQL数据库用户--user_test
mysql_user:
# ----- 登陆数据库
login_host: "localhost"
login_port: 3306
login_user: root
login_password: "{{ root_password }}"
## 添加login_unix_socket,否则报错:FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "msg": "unable to connect to database, check login_user and login_password are correct or /root/.my.cnf has the credentials. Exception message: (2002, \"Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)\
login_unix_socket: "/你sock文件的路径/mysql.sock"
# ----- 创建的用户的信息
name: "user_test"
host: "%"
password: "{{ user_test_password }}"
priv: "{{ item }}"
# -----
state: present
with_items:
- "*.*:REPLICATION SLAVE,REPLICATION CLIENT"
- "*.*:PROCESS"
- "performance_schema.*:select"
### 权限之间不要有空格,否则报错--例如:(item=*.*:REPLICATION SLAVE, REPLICATION CLIENT) => {"ansible_loop_var": "item", "changed": false, "item": "*.*:REPLICATION SLAVE, REPLICATION CLIENT", "msg": "invalid privileges string: Invalid privileges specified: frozenset([' REPLICATION CLIENT'])"}
说明,这个案例中,有提到常见的错误,例如有关login_unix_socket参数不设置,可能导致的错误。
补充:假如各个DB的期望赋予的权限不同,也可以先创建账号,再增加权限,相应的参数为 append_privs: true
例如:
# Modify user Bob to require SSL connections. Note that REQUIRESSL is a special privilege that should only apply to *.* by itself.
- mysql_user:
name: bob
append_privs: true
priv: '*.*:REQUIRESSL'
state: present
2.mysql_query
执行查看或DML语句。
查询的案例
- hosts: db_servers tasks: - name: Query MySQL table mysql_query: login_host: localhost login_user: db_user login_password: db_pass db: db_name query: SELECT * FROM table_name WHERE column_name = 'value'; register: result - name: Print query result debug: var: result.stdout_lines
使用 mysql_query 模块执行一个查询,并将结果存储在变量 result 中,并且使用 debug 模块打印出结果。
insert的案例,请移步至:ansible 写入mysql - 老白网络
3.mysql_db
mysql_db模块用于建立、删除、导入和导出数据库.
建立数据库 state="present"
删除数据库 state="absent"
导出数据库 state="dump"
导入数据库 state="import"
具体案例 建议参阅:
https://www.kancloud.cn/hiyang/ansiblebook/306176
4.mysql_replication
功能:搭建主从。
直接看代码,高效+容易上手。
# 从库,执行Change Master
# -- 只有是从库的时候,才需要执行这一步
- name: "从库:Change Master"
mysql_replication:
mode: changemaster
# ------------
# 登陆MySQL
login_user: root
login_password: "{{ mysql_database_user_root_password }}"
# ------------
# Change Master
master_host: "{{ mysql_replication_master_host }}"
master_port: "{{ mysql_replication_master_port }}"
master_user: "{{ mysql_replication_user_name }}"
master_password: "{{ mysql_replication_user_password }}"
master_log_file: "{{ mysql_replication_master_status['File'] }}"
master_log_pos: "{{ mysql_replication_master_status['Position'] }}"
when: db_role == "slave"
# 从库:Start Slave
# -- 只有是从库的时候,才需要执行这一步
- name: 从库:Start Slave
mysql_replication:
mode: startslave
# ------------
# 登陆MySQL
login_user: root
login_password: "{{ mysql_database_user_root_password }}"
# ------------
when: db_role == "slave"
# 从库:获取从库信息
- name: 从库:获取从库信息
mysql_replication:
mode: getslave
# ------------
# 登陆MySQL
login_user: root
login_password: "{{ mysql_database_user_root_password }}"
# ------------
register: mysql_replication_slave_status
when: db_role == "slave"
# 输出从库信息
- name: "从库:Slave Status"
debug:
msg: "Slave_IO_Running【{{ mysql_replication_slave_status['Slave_IO_Running'] }}】 / Slave_SQL_Running【{{ mysql_replication_slave_status['Slave_SQL_Running'] }}】 / Slave_SQL_Running_State【{{ mysql_replication_slave_status['Slave_SQL_Running_State'] }}】 / Seconds_Behind_Master【{{ mysql_replication_slave_status['Seconds_Behind_Master'] }}】"
when: db_role == "slave"
5. service模块
这个是通用的服务管理模块。
# 启动MySQL服务
- name: 启动MySQL服务
service:
name: mysqld
state: started
enabled: yes
6. MySQL初始化后后,修改密码
初始化后,一般修改root的密码的命令如下
mysqladmin -h localhost -u root -p'在path_mysql_error_log中查找的 A temporary password' password '新密码'
这种情况,通过ansibe 操作的命令, 可以参阅:https://gitee.com/leviathan-litan/ansible-mysql-mha/blob/master/playbooks/roles/mysql/tasks/mysql_database_user_password.yml
但是:有些人在初始化的时候,添加了--initialize-insecure参数,此时,初始化不会生出临时密码,或者说生成的临时密码为空。此时再用上面的代码就不可以了。
回到原点:想想这种情况在MySQL控制台是怎么操作的???
嘿嘿..... 是通过以下命令,将root账户的密码更改为“newpassword”的。
mysqladmin -u root password "newpassword"
那么在ansible中,编写的剧本可以如下:
# 通过得到的临时口令,修改数据库的口令为变量文件中设置的口令
- name: 修改MySQL的临时口令
shell: "mysqladmin -h localhost -u root password '{{ new_root_password }}'"
ignore_errors: yes
7.其他注意项
还有一点需要补充的是: 运行的的时候,很可能报错,说 mysqladmin不是shell 或 bash 命令之类的错误, 因此建议在写剧本时,mysqladmin 写出完整路径,例如: /usr/local/mysql/bin/mysqladmin。
mysql命令,建议同样操作。
补充学习
(1)https://docs.ansible.com/ansible/devel/modules/mysql_query_module.html
(2)ansible自动化部署mysql主从部署剧本
https://blog.csdn.net/u010282639/article/details/131337036
标签:name,MySQL,replication,Ansible,user,模块,mysql,login,password From: https://blog.csdn.net/hongjian006/article/details/143028313