18
17

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

CentOS7.2にAnsible2でMySQL5.7をインストールします

Last updated at Posted at 2017-03-27

見よう見まね。Ansible で MySQL を導入してみました。
課題多いです。忘れないようにメモメモ。

環境

Vagrant 1.9.2
ansible 2.2.1.0
MySQL 5.7
CentOS 7.2

playbook

  • MariaDBの影響を受けたくなかったので、削除しました。
  • ansibleには、mysql-pythonが必要でした。
  • MySQL5.6から?、temporary passwordが自動設定されちゃいます。
    • 自分で設定したいrootパスワードを再設定しました。
mysql.yml
---
- name: mysql install
  hosts: all
  become: true
  tasks:
    - name: remove mariadb-libs
      yum:
        state: absent
        name: mariadb-libs

    - name: install mysql repository
      yum:
        state: present
        name: http://dev.mysql.com/get/mysql57-community-release-el6-7.noarch.rpm
        validate_certs: yes

    - name: install yum-utils, mysql-python, mysql-community-server
      yum:
        state: present
        name: "{{ item }}"
      with_items:
        - yum-utils
        - MySQL-python
        - mysql-community-server

    - name: running and enabled mysqld
      service:
        name: mysqld
        state: started
        enabled: yes

    - name: check .my.cnf exists
      stat:
        path: /root/.my.cnf
      register: mycnf_file

    - name: get temporary password
      shell: cat /var/log/mysqld.log | grep "temporary password" | awk '{print $11}'
      register: mysql_default_password
      when: not mycnf_file.stat.exists

    - name: deploy init .my.cnf
      template:
        src: templates/init_my.cnf.j2
        dest: /root/.my.cnf
        owner: root
        group: root
        mode: 0644
      when: not mycnf_file.stat.exists

    - name: change password validation to the easy way
      shell: |
        mysql -u root -p'{{ mysql_default_password.stdout }}' --connect-expired-password -e "SET GLOBAL validate_password_length=4;"
        mysql -u root -p'{{ mysql_default_password.stdout }}' --connect-expired-password -e "SET GLOBAL validate_password_policy=LOW;"
      when: not mycnf_file.stat.exists

    - name: change root user password
      shell: |
        mysql -u root -p'{{ mysql_default_password.stdout }}' --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'root';"
      when: not mycnf_file.stat.exists

    - name: deploy changed .my.cnf
      template:
        src: templates/my.cnf.j2
        dest: /root/.my.cnf
        owner: root
        group: root
        mode: 0644

    - name: deploy changed .my.cnf
      template:
        src: templates/my.cnf.j2
        dest: /etc/my.cnf

    - name: remove all anonymous user
      mysql_user:
        name: ''
        state: absent
        host: localhost

    - name: create database
      mysql_db:
        name: ansible_test
        state: present
        encoding: utf8mb4

    - name: create user
      mysql_user:
        name: vagrant
        password: vagrant
        priv: '*.*:ALL,GRANT'
        state: present

    - name: restart mysqld
      service:
        name: mysqld
        state: restarted

★ 参考にさせて頂きました
Shansible
https://github.com/Project-ShangriLa/shansible

MySQL 5.6 を CentOS 7 に yum インストールする手順
http://weblabo.oscasierra.net/installing-mysql56-centos7-yum/

Vagrantfile抜粋

SOURCE = "./provision"
TARGET = "/vagrant"

- 省略 -

  config.vm.synced_folder SOURCE, TARGET
  config.vm.provision "ansible_local" do |ansible|
    ansible.limit = "all"
    ansible.playbook = "#{TARGET}/main.yml"
    ansible.inventory_path = "#{TARGET}/hosts"
  end

ansible-localを使うと実行ログが見やすいです。

★ 参考にさせて頂きました
Vagrant + Ansible で開発環境を作るなら ansible_local プロビジョナがいい!
http://blog.shin1x1.com/entry/ansible_local-provisioner-in-vagrant

課題

  • 要件次第ですが、インストールするitemで「コレは入れとかないとね」っていうものがもっとあるんだと思う
  • rootのパスワードがべた書きなので、変数化しましょう
  • /root/.my.cnf と /etc/my.cnfが同じファイルを使っているので使い分ける
18
17
2

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
18
17

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?