1. mysql_user 模块
mysql_user模块用来添加,删除用户以及设置用户权限
创建MySQL数据库的用户与口令(非root@localhost用户),直接通过playbooks中的案例来说明吧。
- name: 创建MySQL数据库用户--user_test mysql_user: # ----- 登陆数据库 login_host: "localhost" login_port: 3306 login_user: root login_password: "{{ root_password }}" ## 添加login_unix_socket,否则报错:FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "msg": "unable to connect to database, check login_user and login_password are correct or /root/.my.cnf has the credentials. Exception message: (2002, \"Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)\ login_unix_socket: "/你sock文件的路径/mysql.sock" # ----- 创建的用户的信息 name: "user_test" host: "%" password: "{{ user_test_password }}" priv: "{{ item }}" # ----- state: present with_items: - "*.*:REPLICATION SLAVE,REPLICATION CLIENT" - "*.*:PROCESS" - "performance_schema.*:select" ### 权限之间不要有空格,否则报错--例如:(item=*.*:REPLICATION SLAVE, REPLICATION CLIENT) => {"ansible_loop_var": "item", "changed": false, "item": "*.*:REPLICATION SLAVE, REPLICATION CLIENT", "msg": "invalid privileges string: Invalid privileges specified: frozenset([' REPLICATION CLIENT'])"}
说明,这个案例中,有提到常见的错误,例如有关login_unix_socket参数不设置,可能导致的错误。
补充:假如各个DB的期望赋予的权限不同,也可以先创建账号,再增加权限,相应的参数为 append_privs: true
例如:
# Modify user Bob to require SSL connections. Note that REQUIRESSL is a special privilege that should only apply to *.* by itself.
- mysql_user: name: bob append_privs: true priv: '*.*:REQUIRESSL' state: present
2.mysql_query
执行查看或DML语句。
查询的案例
- hosts: db_servers tasks: - name: Query MySQL table mysql_query: login_host: localhost login_user: db_user login_password: db_pass db: db_name query: SELECT * FROM table_name WHERE column_name = 'value'; register: result - name: Print query result debug: var: result.stdout_lines
使用 mysql_query 模块执行一个查询,并将结果存储在变量 result 中,并且使用 debug 模块打印出结果。
insert的案例,请移步至:ansible 写入mysql - 老白网络
3.mysql_db
mysql_db模块用于建立、删除、导入和导出数据库.
建立数据库 state="present"
删除数据库 state="absent"
导出数据库 state="dump"
导入数据库 state="import"
具体案例 建议参阅:
https://www.kancloud.cn/hiyang/ansiblebook/306176
4.mysql_replication
功能:搭建主从。
直接看代码,高效+容易上手。
# 从库,执行Change Master # -- 只有是从库的时候,才需要执行这一步 - name: "从库:Change Master" mysql_replication: mode: changemaster # ------------ # 登陆MySQL login_user: root login_password: "{{ mysql_database_user_root_password }}" # ------------ # Change Master master_host: "{{ mysql_replication_master_host }}" master_port: "{{ mysql_replication_master_port }}" master_user: "{{ mysql_replication_user_name }}" master_password: "{{ mysql_replication_user_password }}" master_log_file: "{{ mysql_replication_master_status['File'] }}" master_log_pos: "{{ mysql_replication_master_status['Position'] }}" when: db_role == "slave" # 从库:Start Slave # -- 只有是从库的时候,才需要执行这一步 - name: 从库:Start Slave mysql_replication: mode: startslave # ------------ # 登陆MySQL login_user: root login_password: "{{ mysql_database_user_root_password }}" # ------------ when: db_role == "slave" # 从库:获取从库信息 - name: 从库:获取从库信息 mysql_replication: mode: getslave # ------------ # 登陆MySQL login_user: root login_password: "{{ mysql_database_user_root_password }}" # ------------ register: mysql_replication_slave_status when: db_role == "slave" # 输出从库信息 - name: "从库:Slave Status" debug: msg: "Slave_IO_Running【{{ mysql_replication_slave_status['Slave_IO_Running'] }}】 / Slave_SQL_Running【{{ mysql_replication_slave_status['Slave_SQL_Running'] }}】 / Slave_SQL_Running_State【{{ mysql_replication_slave_status['Slave_SQL_Running_State'] }}】 / Seconds_Behind_Master【{{ mysql_replication_slave_status['Seconds_Behind_Master'] }}】" when: db_role == "slave"
5. service模块
这个是通用的服务管理模块。
# 启动MySQL服务 - name: 启动MySQL服务 service: name: mysqld state: started enabled: yes
6. MySQL初始化后后,修改密码
初始化后,一般修改root的密码的命令如下
mysqladmin -h localhost -u root -p'在path_mysql_error_log中查找的 A temporary password' password '新密码'
这种情况,通过ansibe 操作的命令, 可以参阅:https://gitee.com/leviathan-litan/ansible-mysql-mha/blob/master/playbooks/roles/mysql/tasks/mysql_database_user_password.yml
但是:有些人在初始化的时候,添加了--initialize-insecure参数,此时,初始化不会生出临时密码,或者说生成的临时密码为空。此时再用上面的代码就不可以了。
回到原点:想想这种情况在MySQL控制台是怎么操作的???
嘿嘿..... 是通过以下命令,将root账户的密码更改为“newpassword”的。
mysqladmin -u root password "newpassword"
那么在ansible中,编写的剧本可以如下:
# 通过得到的临时口令,修改数据库的口令为变量文件中设置的口令 - name: 修改MySQL的临时口令 shell: "mysqladmin -h localhost -u root password '{{ new_root_password }}'" ignore_errors: yes
7.其他注意项
还有一点需要补充的是: 运行的的时候,很可能报错,说 mysqladmin不是shell 或 bash 命令之类的错误, 因此建议在写剧本时,mysqladmin 写出完整路径,例如: /usr/local/mysql/bin/mysqladmin。
mysql命令,建议同样操作。
补充学习
(1)https://docs.ansible.com/ansible/devel/modules/mysql_query_module.html
(2)ansible自动化部署mysql主从部署剧本
https://blog.csdn.net/u010282639/article/details/131337036
标签:name,MySQL,replication,Ansible,user,模块,mysql,login,password From: https://blog.csdn.net/hongjian006/article/details/143028313