WIP: Add maxscale role #106
|
@ -13,6 +13,7 @@ The **patch** part changes incrementally at each release.
|
|||
### Added
|
||||
|
||||
* varnish: variable for jail configuration
|
||||
* maxscale: New role to setup a MariaDB Maxscale server
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
25
maxscale/README.md
Normal file
25
maxscale/README.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
# maxscale
|
||||
|
||||
Install MariaDB MaxScale on a server.
|
||||
|
||||
## Tasks
|
||||
|
||||
Tasks are separated in several files, included in `tasks/main.yml`:
|
||||
|
||||
* `packages_stretch.yml`: repository and packages installation
|
||||
* `mysql_add_user.yml`: An utility task to add the two users used by MaxScale on a MySQL cluster
|
||||
* `config_stretch.yml`: configuration
|
||||
|
||||
## Variables
|
||||
|
||||
* `maxscale_version`: the version of MariaDB MaxScale to install
|
||||
* `maxscale_mysql_user`: the mysql user MaxScale use to get the list of databases/users/tables/… on the MySQL cluster.
|
||||
* `maxscale_mysql_password`: the plaintext password MaxScale use to connect on the cluster with `maxscale_mysql_user`.
|
||||
* `encrypted_maxscale_mysql_password`: the same variable as above but encrypted by maxpasswd on the MaxScale server (currently the plaintext version is still needed if `mysql_add_user.yml` is used).
|
||||
* `maxscale_monitor_user`: the mysql user MaxScale use to check the status of the MySQL servers.
|
||||
* `maxscale_monitor_password`: the plaintext password of `maxscale_monitor_user`.
|
||||
* `encrypted_maxscale_mysql_password`: the same variable as above but encrypted by maxpasswd on the MaxScale server (currently the plaintext version is still needed if `mysql_add_user.yml` is used).
|
||||
* `maxscale_mysql_master`: (optional) the master server ansible will create `maxscale_mysql_user` and `maxscale_monitor_user` on (keeping it `Null` cause `mysql_add_user.yml` to not be included).
|
||||
* `maxscale_mysql_servers`: list of the MySQL servers of the cluster MaxScale should monitor and connect to.
|
||||
* `maxscale_services`: list of services MaxScale will define and the ports they should listen to.
|
||||
|
48
maxscale/defaults/main.yml
Normal file
48
maxscale/defaults/main.yml
Normal file
|
@ -0,0 +1,48 @@
|
|||
---
|
||||
|
||||
maxscale_version: 2.4
|
||||
|
||||
# The passwords needs to be either unencrypted or encrypted with maxpasswd on
|
||||
# the MaxScale server.
|
||||
maxscale_mysql_user: maxscale
|
||||
maxscale_mysql_password: Null
|
||||
encrypted_maxscale_mysql_password: Null
|
||||
maxscale_monitor_user: monitor_user
|
||||
maxscale_monitor_password: Null
|
||||
encrypted_maxscale_monitor_password: Null
|
||||
|
||||
# Define this variable if you want ansible to create the two users on the MySQL server
|
||||
# through delegation
|
||||
maxscale_mysql_master: Null
|
||||
|
||||
maxscale_mysql_servers: []
|
||||
# Example (port is optional and default to 3306):
|
||||
# maxscale_mysql_servers:
|
||||
# - name: db1
|
||||
# address: 192.0.2.102
|
||||
# port: 3306
|
||||
|
||||
maxscale_services:
|
||||
- name: "Splitter"
|
||||
router: "readwritesplit"
|
||||
port: 3306
|
||||
options: []
|
||||
filters: []
|
||||
# Full example:
|
||||
# maxscale_services:
|
||||
# - name: "ExampleServ"
|
||||
# router: "readwritesplit"
|
||||
# port: 3306
|
||||
# filters:
|
||||
# - 'ExampleFilter'
|
||||
# options: []
|
||||
|
||||
maxscale_filters: []
|
||||
# Example:
|
||||
# maxscale_filters:
|
||||
# - name: 'ExampleFilter'
|
||||
# module: 'dbfwfilter'
|
||||
# options:
|
||||
# - name: 'rules'
|
||||
# value: 'examplefilter.txt'
|
||||
|
5
maxscale/handlers/main.yml
Normal file
5
maxscale/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: 'restart maxscale'
|
||||
service:
|
||||
name: maxscale
|
||||
state: restarted
|
20
maxscale/meta/main.yml
Normal file
20
maxscale/meta/main.yml
Normal file
|
@ -0,0 +1,20 @@
|
|||
galaxy_info:
|
||||
author: Evolix
|
||||
description: Install MariaDB Maxscale
|
||||
|
||||
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
||||
|
||||
license: GPLv2
|
||||
|
||||
min_ansible_version: 2.4
|
||||
|
||||
platforms:
|
||||
- name: Debian
|
||||
version:
|
||||
- stretch
|
||||
- buster
|
||||
|
||||
dependencies: []
|
||||
# List your role dependencies here, one per line.
|
||||
# Be sure to remove the '[]' above, if you add dependencies
|
||||
# to this list.
|
30
maxscale/tasks/config_stretch.yml
Normal file
30
maxscale/tasks/config_stretch.yml
Normal file
|
@ -0,0 +1,30 @@
|
|||
- name: "Create key for password encryption"
|
||||
command:
|
||||
cmd: "/usr/bin/maxkeys"
|
||||
creates: "/var/lib/maxscale/.secrets"
|
||||
tags: maxscale
|
||||
|
||||
- name: "Encrypt mysql password for saving in configuration"
|
||||
command:
|
||||
cmd: "/usr/bin/maxpasswd {{ maxscale_mysql_password|quote }}"
|
||||
register: encrypt_maxscale_mysql_password_result
|
||||
when: encrypted_maxscale_mysql_password is none
|
||||
tags: maxscale
|
||||
|
||||
- name: "Encrypt monitor password for saving in configuration"
|
||||
command:
|
||||
cmd: "/usr/bin/maxpasswd {{ maxscale_monitor_password|quote }}"
|
||||
register: encrypt_maxscale_monitor_password_result
|
||||
when: encrypted_maxscale_monitor_password is none
|
||||
tags: maxscale
|
||||
|
||||
- name: "Copy the configuration"
|
||||
template:
|
||||
src: "maxscale.cnf.j2"
|
||||
dest: "/etc/maxscale.cnf"
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
notify: 'restart maxscale'
|
||||
tags: maxscale
|
||||
|
9
maxscale/tasks/main.yml
Normal file
9
maxscale/tasks/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
|
||||
- include: packages_stretch.yml
|
||||
|
||||
- include: mysql_add_user.yml
|
||||
when: maxscale_mysql_master is string
|
||||
|
||||
- include: config_stretch.yml
|
||||
|
22
maxscale/tasks/mysql_add_user.yml
Normal file
22
maxscale/tasks/mysql_add_user.yml
Normal file
|
@ -0,0 +1,22 @@
|
|||
- name: "Create maxscale user on MySQL master"
|
||||
mysql_user:
|
||||
name: "{{ maxscale_mysql_user }}"
|
||||
password: "{{ maxscale_mysql_password }}"
|
||||
host: "{{ item }}"
|
||||
priv: 'mysql.user:SELECT/mysql.db:SELECT/mysql.tables_priv:SELECT/mysql.roles_mapping:SELECT/*.*:SHOW DATABASES'
|
||||
state: present
|
||||
delegate_to: "{{ maxscale_mysql_master }}"
|
||||
loop: "{{ ansible_facts['all_ipv4_addresses'] }}"
|
||||
tags: maxscale
|
||||
|
||||
- name: "Create monitor user on MySQL master"
|
||||
mysql_user:
|
||||
name: "{{ maxscale_monitor_user }}"
|
||||
password: "{{ maxscale_monitor_password }}"
|
||||
host: "{{ item }}"
|
||||
priv: '*.*:REPLICATION CLIENT'
|
||||
state: present
|
||||
delegate_to: "{{ maxscale_mysql_master }}"
|
||||
loop: "{{ ansible_facts['all_ipv4_addresses'] }}"
|
||||
tags: maxscale
|
||||
|
25
maxscale/tasks/packages_stretch.yml
Normal file
25
maxscale/tasks/packages_stretch.yml
Normal file
|
@ -0,0 +1,25 @@
|
|||
- name: "Install MariaDB keys"
|
||||
apt_key:
|
||||
keyserver: keyserver.ubuntu.com
|
||||
id: "{{ item }}"
|
||||
loop:
|
||||
- "0x13cfde6dd9ee9784f41af0f670e4618a8167ee24"
|
||||
- "0x4c470fffefc4d3dc59778655ce1a3dd5e3c94f49"
|
||||
- "0x199369e5404bd5fc7d2fe43bcbcb082a1bb943db"
|
||||
- "0x177f4010fe56ca3336300305f1656f24c74cd1d8"
|
||||
- "0x7b963f525ad3ae6259058d30135659e928c12247"
|
||||
tags: maxscale
|
||||
|
||||
- name: "Add MariaDB MaxScale repository"
|
||||
apt_repository:
|
||||
repo: "deb https://downloads.mariadb.com/MaxScale/{{ maxscale_version }}/debian {{ ansible_distribution_release }} main"
|
||||
state: present
|
||||
filename: mariadb-maxscale
|
||||
tags: maxscale
|
||||
|
||||
- name: "Install MariaDB MaxScale"
|
||||
apt:
|
||||
name: maxscale
|
||||
state: present
|
||||
tags: maxscale
|
||||
|
60
maxscale/templates/maxscale.cnf.j2
Normal file
60
maxscale/templates/maxscale.cnf.j2
Normal file
|
@ -0,0 +1,60 @@
|
|||
[maxscale]
|
||||
threads = auto
|
||||
|
||||
{% for server in maxscale_mysql_servers %}
|
||||
[{{ server['name'] }}]
|
||||
type = server
|
||||
address = {{ server['address'] }}
|
||||
port = {{ server['port']|default(3306) }}
|
||||
protocol = MariaDBBackend
|
||||
|
||||
{% endfor %}
|
||||
[MariaDB-Monitor]
|
||||
type = monitor
|
||||
module = mariadbmon
|
||||
servers = {% for server in maxscale_mysql_servers %}{{ server['name'] }}{% if not loop.last %}, {% endif %}{% endfor %}
|
||||
|
||||
user = {{ maxscale_monitor_user }}
|
||||
{% if encrypted_maxscale_monitor_password is none %}
|
||||
password = {{ encrypt_maxscale_monitor_password_result['stdout'] }}
|
||||
{% else %}
|
||||
password = {{ encrypted_maxscale_monitor_password }}
|
||||
{% endif %}
|
||||
monitor_interval = 2000
|
||||
|
||||
{% for service in maxscale_services %}
|
||||
[{{ service['name'] }}-Service]
|
||||
type = service
|
||||
router = {{ service['router'] }}
|
||||
cluster = MariaDB-Monitor
|
||||
user = {{ maxscale_mysql_user }}
|
||||
{% if encrypted_maxscale_mysql_password is none %}
|
||||
password = {{ encrypt_maxscale_mysql_password_result['stdout'] }}
|
||||
{% else %}
|
||||
password = {{ encrypted_maxscale_mysql_password }}
|
||||
{% endif %}
|
||||
{% if service['filters'] is defined and service['filters'] %}
|
||||
filters = {% for _filter in service['filters'] %}{{ _filter }}{% if not loop.last %} | {% endif %}{% endfor %}
|
||||
{% endif %}
|
||||
{% if service['options'] is defined %}
|
||||
{% for option in service['options'] %}
|
||||
{{ option['name'] }} = {{ option['value'] }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
[{{ service['name'] }}-Listener]
|
||||
type = listener
|
||||
service = {{ service['name'] }}-Service
|
||||
protocol = MariaDBClient
|
||||
port = {{ service['port'] }}
|
||||
{% endfor %}
|
||||
|
||||
{% for _filter in maxscale_filters %}
|
||||
[{{ _filter['name'] }}]
|
||||
type = filter
|
||||
module = {{ _filter['module'] }}
|
||||
{% for option in _filter['options'] %}
|
||||
{{ option['name'] }} = {{ option['value'] }}
|
||||
{% endfor %}
|
||||
{% endfor %}
|
||||
|
2
maxscale/tests/inventory
Normal file
2
maxscale/tests/inventory
Normal file
|
@ -0,0 +1,2 @@
|
|||
localhost
|
||||
|
9
maxscale/tests/test.yml
Normal file
9
maxscale/tests/test.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- hosts: test-kitchen
|
||||
vars:
|
||||
maxscale_mysql_password: maxscale-pwd
|
||||
maxscale_monitor_password: mypwd
|
||||
maxscale_mysql_servers:
|
||||
- 127.0.0.1 # Need at least one server
|
||||
roles:
|
||||
- maxscale
|
2
maxscale/vars/main.yml
Normal file
2
maxscale/vars/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
# vars file for maxscale
|
Loading…
Reference in a new issue