Patch mariadb role

a98d794b · Filippo Panessa · 6e850b5d · a98d794b · a98d794b · a98d794b
Commit a98d794b authored Mar 03, 2017 by Filippo Panessa
Hide whitespace changes
Inline Side-by-side

Showing with 141 additions and 98 deletions

playbooks/roles/mariadb/defaults/main.yml
+64 -62

playbooks/roles/mariadb/tasks/cluster.yml
+17 -13

playbooks/roles/mariadb/tasks/main.yml
+60 -23

No files found.
--- a/playbooks/roles/mariadb/defaults/main.yml
+++ b/playbooks/roles/mariadb/defaults/main.yml
@@ -10,9 +10,11 @@
 ##
 # Defaults for role mariadb
 # 
+MARIADB_APT_KEY_XENIAL_ID: '0xF1656F24C74CD1D8'
 MARIADB_APT_KEY_ID: '0xcbcb082a1bb943db'
+
 # Note: version is determined by repo
-MARIADB_REPO: "deb http://mirrors.syringanetworks.net/mariadb/repo/10.0/ubuntu precise main"
+MARIADB_REPO: "deb http://mirrors.syringanetworks.net/mariadb/repo/10.0/ubuntu {{ ansible_distribution_release }} main"

 MARIADB_CREATE_DBS: yes
 MARIADB_CLUSTERED: no
@@ -29,69 +31,69 @@ MARIADB_HAPROXY_HOSTS:
 MARIADB_LISTEN_ALL: false

 MARIADB_DATABASES:
-  - "{{ EDXAPP_MYSQL_DB_NAME|default('edxapp') }}"
-  - "{{ XQUEUE_MYSQL_DB_NAME|default('xqueue') }}"
-
-MARIADB_ANALYTICS_DATABASES:
-  - "{{ ANALYTICS_API_CONFIG['DATABASES']['default']['NAME']|default('analytics-api') }}"
-  - "{{ ANALYTICS_API_CONFIG['DATABASES']['reports']['NAME']|default('reports') }}"
+  - "{{ ECOMMERCE_DEFAULT_DB_NAME | default(None) }}"
+  - "{{ INSIGHTS_DATABASE_NAME | default(None) }}"
+  - "{{ XQUEUE_MYSQL_DB_NAME | default(None) }}"
+  - "{{ EDXAPP_MYSQL_DB_NAME | default(None) }}"
+  - "{{ EDXAPP_MYSQL_CSMH_DB_NAME | default(None) }}"
+  - "{{ EDX_NOTES_API_MYSQL_DB_NAME | default(None) }}"
+  - "{{ PROGRAMS_DEFAULT_DB_NAME | default(None) }}"
+  - "{{ ANALYTICS_API_DEFAULT_DB_NAME | default(None) }}"
+  - "{{ ANALYTICS_API_REPORTS_DB_NAME | default(None) }}"
+  - "{{ CREDENTIALS_DEFAULT_DB_NAME | default(None) }}"
+  - "{{ DISCOVERY_DEFAULT_DB_NAME | default(None) }}"

 MARIADB_USERS:
-  - name: "{{ EDXAPP_MYSQL_USER|default('edxapp001') }}"
-    pass: "{{ EDXAPP_MYSQL_PASSWORD|default('password') }}"
-    priv: "{{ EDXAPP_MYSQL_DB_NAME|default('edxapp') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ XQUEUE_MYSQL_USER|default('xqueue001') }}"
-    pass: "{{ XQUEUE_MYSQL_PASSWORD|default('password') }}"
-    priv: "{{ XQUEUE_MYSQL_DB_NAME|default('xqueue') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_MIGRATE_USER|default('migrate') }}"
-    pass: "{{ COMMON_MYSQL_MIGRATE_PASSWORD|default('password') }}"
-    priv: "{{ EDXAPP_MYSQL_DB_NAME|default('edxapp') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_MIGRATE_USER|default('migrate') }}"
-    pass: "{{ COMMON_MYSQL_MIGRATE_PASSWORD|default('password') }}"
-    priv: "{{ XQUEUE_MYSQL_DB_NAME|default('xqueue') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_READ_ONLY_USER|default('read_only') }}"
-    pass: "{{ COMMON_MYSQL_READ_ONLY_PASS|default('password') }}"
-    priv: "*.*:SELECT"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_ADMIN_USER|default('admin') }}"
-    pass: "{{ COMMON_MYSQL_ADMIN_PASS|default('password') }}"
-    priv: "*.*:CREATE USER"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ EDX_NOTES_API_MYSQL_DB_USER|default('notes001') }}"
-    pass: "{{ EDX_NOTES_API_MYSQL_DB_PASS|default('secret') }}"
-    priv: "{{ EDX_NOTES_API_MYSQL_DB_NAME|default('edx-notes-api') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-MARIADB_ANALYTICS_USERS:
-  - name: "{{ ANALYTICS_API_CONFIG['DATABASES']['default']['USER']|default('api001') }}"
-    pass: "{{ ANALYTICS_API_CONFIG['DATABASES']['default']['PASSWORD']|default('password') }}"
-    priv: "{{ ANALYTICS_API_CONFIG['DATABASES']['default']['NAME'] }}.*:ALL/reports.*:SELECT"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ ANALYTICS_API_CONFIG['DATABASES']['reports']['USER']|default('reports001') }}"
-    pass: "{{ ANALYTICS_API_CONFIG['DATABASES']['reports']['PASSWORD']|default('password') }}"
-    priv: "{{ ANALYTICS_API_CONFIG['DATABASES']['reports']['NAME'] }}.*:SELECT"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_MIGRATE_USER|default('migrate') }}"
-    pass: "{{ COMMON_MYSQL_MIGRATE_PASSWORD|default('password') }}"
-    priv: "{{ ANALYTICS_API_CONFIG['DATABASES']['default']['NAME']|default('analytics-api') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
-
-  - name: "{{ COMMON_MYSQL_MIGRATE_USER|default('migrate') }}"
-    pass: "{{ COMMON_MYSQL_MIGRATE_PASSWORD|default('password') }}"
-    priv: "{{ ANALYTICS_API_CONFIG['DATABASES']['reports']['NAME']|default('reports') }}.*:ALL"
-    host: "{{ MARIADB_HOST_PRIV }}"
+  - {
+      db: "{{ ECOMMERCE_DEFAULT_DB_NAME | default(None) }}",
+      user: "{{ ECOMMERCE_DATABASE_USER | default(None) }}",
+      pass: "{{ ECOMMERCE_DATABASE_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ INSIGHTS_DATABASE_NAME | default(None) }}",
+      user: "{{ INSIGHTS_MYSQL_USER | default(None) }}",
+      pass: "{{ INSIGHTS_MYSQL_USER | default(None) }}"
+    }
+  - {
+      db: "{{ XQUEUE_MYSQL_DB_NAME | default(None) }}",
+      user: "{{ XQUEUE_MYSQL_USER | default(None) }}",
+      pass: "{{ XQUEUE_MYSQL_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ EDXAPP_MYSQL_DB_NAME | default(None) }}",
+      user: "{{ EDXAPP_MYSQL_USER | default(None) }}",
+      pass: "{{ EDXAPP_MYSQL_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ EDXAPP_MYSQL_CSMH_DB_NAME | default(None) }}",
+      user: "{{ EDXAPP_MYSQL_CSMH_USER | default(None) }}",
+      pass: "{{ EDXAPP_MYSQL_CSMH_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ PROGRAMS_DEFAULT_DB_NAME | default(None) }}",
+      user: "{{ PROGRAMS_DATABASE_USER | default(None) }}",
+      pass: "{{ PROGRAMS_DATABASE_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ ANALYTICS_PIPELINE_OUTPUT_DATABASE_NAME | default(None) }}",
+      user: "{{ ANALYTICS_PIPELINE_OUTPUT_DATABASE_USER | default(None) }}",
+      pass: "{{ ANALYTICS_PIPELINE_OUTPUT_DATABASE_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ HIVE_METASTORE_DATABASE_NAME | default(None) }}",
+      user: "{{ HIVE_METASTORE_DATABASE_USER | default(None) }}",
+      pass: "{{ HIVE_METASTORE_DATABASE_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ CREDENTIALS_DEFAULT_DB_NAME | default(None) }}",
+      user: "{{ CREDENTIALS_MYSQL_USER | default(None) }}",
+      pass: "{{ CREDENTIALS_MYSQL_PASSWORD | default(None) }}"
+    }
+  - {
+      db: "{{ DISCOVERY_DEFAULT_DB_NAME | default(None) }}",
+      user: "{{ DISCOVERY_MYSQL_USER | default(None) }}",
+      pass: "{{ DISCOVERY_MYSQL_PASSWORD | default(None) }}"
+    }

 #
 # OS packages

--- a/playbooks/roles/mariadb/tasks/cluster.yml
+++ b/playbooks/roles/mariadb/tasks/cluster.yml
@@ -15,19 +15,19 @@
  when: not mariadb_bootstrap.stat.exists

 - name: setup bootstrap on primary
-  lineinfile:
-    dest: "/etc/mysql/conf.d/galera.cnf"
-    regexp: "^wsrep_cluster_address=gcomm://{{ hostvars.keys()|sort|join(',') }}$"
-    line: "wsrep_cluster_address=gcomm://"
-  when: ansible_hostname == hostvars[hostvars.keys()[0]].ansible_hostname and not mariadb_bootstrap.stat.exists
+  lineinfile: >
+    dest="/etc/mysql/conf.d/galera.cnf"
+    regexp="^wsrep_cluster_address=gcomm://{{ groups[group_names[0]]|sort|join(',') }}$"
+    line="wsrep_cluster_address=gcomm://"
+  when: inventory_hostname == hostvars[groups[group_names[0]][0]].inventory_hostname and not mariadb_bootstrap.stat.exists

 - name: fetch debian.cnf file so start-stop will work properly
-  fetch:
-    src: /etc/mysql/debian.cnf
-    dest: /tmp/debian.cnf
-    fail_on_missing: yes
-    flat: yes
-  when: ansible_hostname == hostvars[hostvars.keys()[0]].ansible_hostname and not mariadb_bootstrap.stat.exists
+  fetch: >
+    src=/etc/mysql/debian.cnf
+    dest=/tmp/debian.cnf
+    fail_on_missing=yes
+    flat=yes
+  when: inventory_hostname == hostvars[groups[group_names[0]][0]].inventory_hostname and not mariadb_bootstrap.stat.exists
  register: mariadb_new_debian_cnf

 - name: copy fetched file to other cluster members
@@ -53,5 +53,9 @@
 # This is needed for mysql-check in haproxy or other mysql monitor
 # scripts to prevent haproxy checks exceeding `max_connect_errors`.
 - name: create haproxy monitor user
-  command: "mysql -e \"INSERT INTO mysql.user (Host,User) values ('{{ item }}','{{ MARIADB_HAPROXY_USER }}'); FLUSH PRIVILEGES;\""
-  with_items: "{{ MARIADB_HAPROXY_HOSTS }}"
+  mysql_user: >
+    name={{ MARIADB_HAPROXY_USER }}
+    host={{ item }}
+    password=""
+    state=present
+  with_items: MARIADB_HAPROXY_HOSTS
--- a/playbooks/roles/mariadb/tasks/main.yml
+++ b/playbooks/roles/mariadb/tasks/main.yml
@@ -28,7 +28,13 @@
 - name: Add mariadb apt key
  apt_key:
    url: "{{ COMMON_UBUNTU_APT_KEYSERVER }}{{ MARIADB_APT_KEY_ID }}"
-
+  when: ansible_distribution_release != 'xenial'
+      
+- name: Add Xenial mariadb apt key
+  apt_key:
+    url: "{{ COMMON_UBUNTU_APT_KEYSERVER }}{{ MARIADB_APT_KEY_XENIAL_ID }}"
+  when: ansible_distribution_release == 'xenial'
+ 
 - name: add the mariadb repo to the sources list
  apt_repository:
    repo: "{{ MARIADB_REPO }}"
@@ -57,38 +63,69 @@
 - name: start everything
  service: name=mysql state=started

- name: create all databases
+- name: create databases
  mysql_db:
    db: "{{ item }}"
    state: present
    encoding: utf8
+  when: item != None and item != ''
  with_items: "{{ MARIADB_DATABASES }}"
-  when: MARIADB_CREATE_DBS|bool

- name: create all analytics dbs
-  mysql_db:
-    db: "{{ item }}"
-    state: present
-    encoding: utf8
-  with_items: "{{ MARIADB_ANALYTICS_DATABASES }}"
-  when: MARIADB_CREATE_DBS|bool and ANALYTICS_API_CONFIG is defined
-
- name: create all users/privs
+- name: create database users
  mysql_user:
-    name: "{{ item.name }}"
+    name: "{{ item.user }}"
    password: "{{ item.pass }}"
-    priv: "{{ item.priv }}"
-    host: "{{ item.host }}"
+    priv: "{{ item.db }}.*:ALL"
    append_privs: yes
+  when: item.db != None and item.db != ''
  with_items: "{{ MARIADB_USERS }}"
-  when: MARIADB_CREATE_DBS|bool

- name: create all analytics users/privs
+- name: setup the migration db user
  mysql_user:
-    name: "{{ item.name }}"
-    password: "{{ item.pass }}"
-    priv: "{{ item.priv }}"
-    host: "{{ item.host }}"
+    name: "{{ COMMON_MYSQL_MIGRATE_USER }}"
+    password: "{{ COMMON_MYSQL_MIGRATE_PASS }}"
+    priv: "{{ item }}.*:ALL"
    append_privs: yes
-  with_items: "{{ MARIADB_ANALYTICS_USERS }}"
-  when: MARIADB_CREATE_DBS|bool and ANALYTICS_API_CONFIG is defined
+  when: item != None and item != ''
+  with_items: "{{ MARIADB_DATABASES }}"
+
+- name: create api user for the analytics api
+  mysql_user:
+    name: "api001"
+    password: "{{ ANALYTICS_API_DATABASES.default.PASSWORD }}"
+    priv: '{{ ANALYTICS_API_DATABASES.default.NAME }}.*:ALL/reports.*:SELECT'
+  when: ANALYTICS_API_SERVICE_CONFIG is defined
+
+- name: create read-only reports user for the analytics-api
+  mysql_user:
+    name: reports001
+    password: "{{ ANALYTICS_API_DATABASES.reports.PASSWORD }}"
+    priv: '{{ ANALYTICS_API_DATABASES.reports.NAME }}.*:SELECT'
+  when: ANALYTICS_API_SERVICE_CONFIG is defined
+
+- name: create a database for the hive metastore
+  mysql_db:
+    db: "{{ HIVE_METASTORE_DATABASE.name }}"
+    state: "present"
+    encoding: "latin1"
+  when: HIVE_METASTORE_DATABASE is defined
+
+- name: setup the edx-notes-api db user
+  mysql_user:
+    name: "{{ EDX_NOTES_API_MYSQL_DB_USER }}"
+    password: "{{ EDX_NOTES_API_MYSQL_DB_PASS }}"
+    priv: "{{ EDX_NOTES_API_MYSQL_DB_NAME }}.*:SELECT,INSERT,UPDATE,DELETE"
+  when: EDX_NOTES_API_MYSQL_DB_USER is defined
+
+- name: setup the read-only db user
+  mysql_user:
+    name: "{{ COMMON_MYSQL_READ_ONLY_USER }}"
+    password: "{{ COMMON_MYSQL_READ_ONLY_PASS }}"
+    priv: "*.*:ALL"
+
+- name: setup the admin db user
+  mysql_user:
+    name: "{{ COMMON_MYSQL_ADMIN_USER }}"
+    password: "{{ COMMON_MYSQL_ADMIN_PASS }}"
+    priv: "*.*:CREATE USER"
+