openstack/openstack-ansible-galera_server
Code Issues Proposed changes
openstack-ansible-galera_se.../tasks/galera_install_yum.yml
Jesse Pretorius 1da7340a99 Force clean yum metadata when repo config changes 
When changing the repo URL, the metadata does not reliably
update, resulting in the right URL being used, but the
wrong package list. This is why we force the metadata to be
cleaned out whenever the repo config changes.

Change-Id: I9bca9a89b58cd539dd5c224d6b141dc4d844bcc2
2017-03-14 15:25:43 +00:00

136 lines
5.0 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Update the local file system CRUD
file:
src: "{{ item.src|default(omit) }}"
path: "{{ item.path }}"
state: "{{ item.state }}"
force: "{{ item.force|default(omit) }}"
with_items:
- { path: "/etc/mysql", state: "directory" }
- { path: "/etc/mysql/conf.d", state: "directory" }
- { src: "/usr/lib64/galera", path: "/usr/lib/galera", state: "link", force: true }
- { src: "/etc/mysql/conf.d", path: "/etc/my.cnf.d", state: "link", force: true }
- { src: "/etc/mysql/my.cnf", path: "/etc/my.cnf", state: "link", force: true }
- name: Add galera gpg-keys
rpm_key:
state: present
key: "{{ item.keyserver }}/{{ item.key_name }}"
register: add_keys
until: add_keys|success
failed_when: false
retries: 5
delay: 2
with_items: "{{ galera_gpg_keys }}"
tags:
- galera-gpg-keys
- name: Add galera gpg-keys using fallback keyserver
rpm_key:
state: present
key: "{{ item.fallback_keyserver }}/{{ item.key_name }}"
register: add_keys
until: add_keys|success
retries: 5
delay: 2
with_items: "{{ galera_gpg_keys }}"
when: add_keys|failed and (item.fallback_keyserver is defined)
tags:
- galera-gpg-keys
- name: Add galera repo
yum_repository:
name: "{{ galera_repo.name }}"
description: "{{ galera_repo.description }}"
baseurl: "{{ galera_repo.baseurl }}"
gpgkey: "{{ galera_repo.gpgkey }}"
gpgcheck: yes
enabled: yes
register: add_repos
until: add_repos | success
retries: 5
delay: 2
tags:
- galera-repos
# When changing the repo URL, the metadata does
# not reliably update, resulting in the right
# URL being used, but the wrong package list.
# This is why we force the metadata to be
# cleaned out whenever the repo config changes.
- name: Force the expiry of the repo metadata
command: "yum clean metadata"
when: add_repos | changed
tags:
- galera-repos
- skip_ansible_lint
- name: Install percona repo
yum:
pkg: "{{ galera_percona_xtrabackup_repo.repo }}"
state: "{{ galera_percona_xtrabackup_repo.state }}"
register: install_packages
until: install_packages|success
retries: 5
delay: 2
when: use_percona_upstream | bool
tags:
- galera-pre-yum-packages
- name: Install galera_server role remote packages (yum)
yum:
name: "{{ item }}"
state: "{{ galera_server_package_state }}"
with_items:
- "{{ galera_packages_list | selectattr('enabled') | sum(attribute='packages', start=[]) }}"
- name: Enable mysql to start at boot
service:
name: "mysql"
enabled: "yes"
tags:
- galera_server-config
- galera-enable
# NOTE(cloudnull): This is an idempotent shell task is it will only run once
# provided the "/etc/mysql/rhel_configured" exists. This tasks automates the
# MySQL secure setup which is done automatically in Ubuntu deployments.
- name: "Update root user, connections, and grant options"
shell: |
service mysql start || true
# Reset the root password, at this time there is no password set
mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}"
# Setup the root user for MySQL
mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';"
mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';"
mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');"
mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;"
mysql -u root -h localhost -e "FLUSH PRIVILEGES;"
# Create a marker file to ensure this script is not run again
touch /etc/mysql/rhel_configured
service mysql stop
args:
creates: /etc/mysql/rhel_configured
tags:
- galera_server-config
- galera-rhel-config
- skip_ansible_lint
View Git Blame Copy Permalink