Create role to install MariaDB MaxScale

This role have to add the official MariaDB MaxScale repository as
maxscale isn't in the Debian repositories. Moreover as maxscale need two
mysql users to works, the role can also create these users if requested
and ansible has access to a master server.

maxscale/README.md

@@ -0,0 +1,3 @@
+# maxscale
+
+Install MariaDB maxscale on a server.

maxscale/defaults/main.yml

@@ -0,0 +1,29 @@
+---
+
+maxscale_version: 2.4
+
+# The passwords needs to be either unencrypted or encrypted with maxpasswd on
+# the MaxScale server.
+maxscale_mysql_user: maxscale
+maxscale_mysql_password: Null
+encrypted_maxscale_mysql_password: Null
+maxscale_monitor_user: monitor_user
+maxscale_monitor_password: Null
+encrypted_maxscale_monitor_password: Null
+
+# Define this variable if you want ansible to create the two users on the MySQL server
+# through delegation
+maxscale_mysql_master: Null
+
+maxscale_mysql_servers: []
+# Example (port is optional and default to 3306):
+# maxscale_mysql_servers:
+#   - name: db1
+#     address: 192.0.2.102
+#     port: 3306
+
+maxscale_services:
+  - name: "Splitter"
+    router: "readwritesplit"
+    port: 3306
+

maxscale/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: 'restart maxscale'
+  service:
+    name: maxscale
+    state: restarted

maxscale/meta/main.yml

@@ -0,0 +1,20 @@
+galaxy_info:
+  author: Evolix
+  description: Install MariaDB Maxscale
+
+  issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
+
+  license: GPLv2
+
+  min_ansible_version: 2.4
+
+  platforms:
+    - name: Debian
+      version:
+        - stretch
+        - buster
+
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above, if you add dependencies
+  # to this list.

maxscale/tasks/config_stretch.yml

@@ -0,0 +1,26 @@
+- name: "Create key for password encryption"
+  command:
+    cmd: "/usr/bin/maxkeys"
+    creates: "/var/lib/maxscale/.secrets"
+
+- name: "Encrypt mysql password for saving in configuration"
+  command:
+    cmd: "/usr/bin/maxpasswd {{ maxscale_mysql_password|quote }}"
+  register: encrypt_maxscale_mysql_password_result
+  when: encrypted_maxscale_mysql_password is none
+
+- name: "Encrypt monitor password for saving in configuration"
+  command:
+    cmd: "/usr/bin/maxpasswd {{ maxscale_monitor_password|quote }}"
+  register: encrypt_maxscale_monitor_password_result
+  when: encrypted_maxscale_monitor_password is none
+
+- name: "Copy the configuration"
+  template:
+    src: "maxscale.cnf.j2"
+    dest: "/etc/maxscale.cnf"
+    owner: 'root'
+    group: 'root'
+    mode: '0644'
+  notify: 'restart maxscale'
+

maxscale/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+
+- include: packages_stretch.yml
+
+- include: mysql_add_user.yml
+  when: maxscale_mysql_master is string
+
+- include: config_stretch.yml
+

maxscale/tasks/mysql_add_user.yml

@@ -0,0 +1,20 @@
+- name: "Create maxscale user on MySQL master"
+  mysql_user:
+    name: "{{ maxscale_mysql_user }}"
+    password: "{{ maxscale_mysql_password }}"
+    host: "{{ item }}"
+    priv: 'mysql.user:SELECT/mysql.db:SELECT/mysql.tables_priv:SELECT/mysql.roles_mapping:SELECT/*.*:SHOW DATABASES'
+    state: present
+  delegate_to: "{{ maxscale_mysql_master }}"
+  loop: "{{ ansible_facts['all_ipv4_addresses'] }}"
+
+- name: "Create monitor user on MySQL master"
+  mysql_user:
+    name: "{{ maxscale_monitor_user }}"
+    password: "{{ maxscale_monitor_password }}"
+    host: "{{ item }}"
+    priv: '*.*:REPLICATION CLIENT'
+    state: present
+  delegate_to: "{{ maxscale_mysql_master }}"
+  loop: "{{ ansible_facts['all_ipv4_addresses'] }}"
+

maxscale/tasks/packages_stretch.yml

@@ -0,0 +1,22 @@
+- name: "Install MariaDB keys"
+  apt_key:
+    keyserver: keyserver.ubuntu.com
+    id: "{{ item }}"
+  loop:
+    - "0x13cfde6dd9ee9784f41af0f670e4618a8167ee24"
+    - "0x4c470fffefc4d3dc59778655ce1a3dd5e3c94f49"
+    - "0x199369e5404bd5fc7d2fe43bcbcb082a1bb943db"
+    - "0x177f4010fe56ca3336300305f1656f24c74cd1d8"
+    - "0x7b963f525ad3ae6259058d30135659e928c12247"
+
+- name: "Add MariaDB MaxScale repository"
+  apt_repository:
+    repo: "deb https://downloads.mariadb.com/MaxScale/{{ maxscale_version }}/debian {{ ansible_distribution_release }} main"
+    state: present
+    filename: mariadb-maxscale
+
+- name: "Install MariaDB MaxScale"
+  apt:
+    name: maxscale
+    state: present
+

maxscale/templates/maxscale.cnf.j2

@@ -0,0 +1,43 @@
+[maxscale]
+threads=auto
+
+{% for server in maxscale_mysql_servers %}
+[{{ server['name'] }}]
+type=server
+address={{ server['address'] }}
+port={{ server['port']|default(3306) }}
+protocol=MariaDBBackend
+
+{% endfor %}
+[MariaDB-Monitor]
+type=monitor
+module=mariadbmon
+servers={% for server in maxscale_mysql_servers %}{{ server['name'] }}{% if not loop.last %}, {% endif %}{% endfor %}
+
+user={{ maxscale_monitor_user }}
+{% if encrypted_maxscale_monitor_password is none %}
+password={{ encrypt_maxscale_monitor_password_result['stdout'] }}
+{% else %}
+password={{ encrypted_maxscale_monitor_password }}
+{% endif %}
+monitor_interval=2000
+
+{% for service in maxscale_services %}
+[{{ service['name'] }}-Service]
+type=service
+router={{ service['router'] }}
+cluster=MariaDB-Monitor
+user={{ maxscale_mysql_user }}
+{% if encrypted_maxscale_mysql_password is none %}
+password={{ encrypt_maxscale_mysql_password_result['stdout'] }}
+{% else %}
+password={{ encrypted_maxscale_mysql_password }}
+{% endif %}
+
+[{{ service['name'] }}-Listener]
+type=listener
+service={{ service['name'] }}-Service
+protocol=MariaDBClient
+port={{ service['port'] }}
+{% endfor %}
+

maxscale/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

maxscale/tests/test.yml

@@ -0,0 +1,9 @@
+---
+- hosts: test-kitchen
+  vars:
+    maxscale_mysql_password: maxscale-pwd
+    maxscale_monitor_password: mypwd
+    maxscale_mysql_servers:
+      - 127.0.0.1 # Need at least one server
+  roles:
+    - maxscale

maxscale/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for maxscale