Ansible安装MySql 5.7 - 设置Root用户密码

时间:2017-02-16 07:17:05

标签: mysql ansible ubuntu-16.04 mysql-5.7

我最近将我的流浪汉从 ubuntu / trusty-64 升级为 bento / ubuntu-16.04 。随着MySQL被更新为 5.7 。我已对我的剧本进行了多次更新,但在设置root用户密码时我一直陷入困境。

在过去(5.7之前),以下就足够了:

- name: MySQL | Delete anonymous MySQL server user for {{ server_hostname }}
  mysql_user: 
    name="" 
    host="{{ server_hostname }}" 
    state="absent" 
    login_user=root 
    login_password={{ mysql_root_password }}

在我的剧本中,我们会尝试删除匿名用户进行测试。

TASK [mysql : MySQL | Delete anonymous MySQL server user for vagrant] **********
task path: /Users/jonrobinson/vagrant/survey/playbooks/roles/mysql/tasks/mysql.yml:51
fatal: [vagrant]: FAILED! => {"changed": false, "failed": true, "msg": "unable to connect to database, check login_user and login_password are correct or /home/vagrant/.my.cnf has the credentials. Exception message: (1698, \"Access denied for user 'root'@'localhost'\")"}

然而,现在我的剧本在这一步失败了,返回:

  

"用户访问被拒绝' @' localhost'"

mysql_root_password=""

我尝试了几件事:

  1. 为root用户--- - name: MySQL | install mysql packages apt: pkg={{ item }} state=installed become: true with_items: - mysql-client - mysql-common - mysql-server - python-mysqldb - name: MySQL | create MySQL configuration file template: src=my.cnf.j2 dest=/etc/mysql/my.cnf backup=yes owner=root group=root mode=0644 become: true - name: MySQL | create MySQLD configuration file template: src=mysqld.cnf.j2 dest=/etc/mysql/conf.d/mysqld.cnf backup=yes owner=root group=root mode=0644 become: true - name: MySQL | restart mysql service: name=mysql state=restarted become: true - name: MySQL | Set the root password. mysql_user: name=root host=localhost password={{ mysql_root_password }} become: true - name: MySQL | Config for easy access as root user template: src=mysql_root.my.cnf.j2 dest=/root/.my.cnf become: true - name: MySQL | Config for easy access as root user template: src=mysql_root.my.cnf.j2 dest={{ home_dir }}/.my.cnf when: "'{{ user }}' != 'root'" - name: MySQL | Delete anonymous MySQL server user for {{ server_hostname }} mysql_user: name="" host="{{ server_hostname }}" state="absent" login_user=root login_password={{ mysql_root_password }} - name: MySQL | Delete anonymous MySQL server user for localhost mysql_user: name="" state="absent" host=localhost login_user=root login_password={{ mysql_root_password }} - name: MySQL | Secure the MySQL root user for IPV6 localhost (::1) mysql_user: name="root" password="{{ mysql_root_password }}" host="::1" login_user=root login_password={{ mysql_root_password }} - name: MySQL | Secure the MySQL root user for IPV4 localhost (127.0.0.1) mysql_user: name="root" password="{{ mysql_root_password }}" host="127.0.0.1" login_user=root login_password={{ mysql_root_password }} - name: MySQL | Secure the MySQL root user for localhost domain (localhost) mysql_user: name="root" password="{{ mysql_root_password }}" host="localhost" login_user=root login_password={{ mysql_root_password }} - name: MySQL | Secure the MySQL root user for {{ server_hostname }} domain mysql_user: name="root" password="{{ mysql_root_password }}" host="{{ server_hostname }}" login_user=root login_password={{ mysql_root_password }} - name: MySQL | Remove the MySQL test database mysql_db: db=test state=absent login_user=root login_password={{ mysql_root_password }} - name: MySQL | create application database user mysql_user: name={{ dbuser }} password={{ dbpass }} priv=*.*:ALL host='%' state=present login_password={{ mysql_root_password }} login_user=root - name: MySQL | restart mysql service: name=mysql state=restarted become: true
  2. 设置密码为空
  3. 尝试删除root用户,然后使用Ansible重新创建它。我得到同样的错误可能是因为它试图在root用户处理。
  4. 手动更新mysql中的root密码。 - 除非我删除root用户并使用所有权限重新创建root用户,否则这似乎也无法正常工作(密码无法识别)。只是更新root用户密码似乎没有变化。
  5. 我的完整MySQL YAML:

    object_id = > BLAAA1

2 个答案:

答案 0 :(得分:6)

我能够弄清楚。当没有提供密码时,问题的要点与使用auth_socket的root用户的mysql 5.7有关。请参阅以下内容:“That plugin doesn’t care and doesn’t need a password. It just checks if the user is connecting using a UNIX socket and then compares the username.

在这种情况下,您无法使用以下方式更新密码:

SET PASSWORD FOR 'root'@'localhost' = PASSWORD('test');

而必须使用:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password='test';

解决方案1:但是,Ansible,从版本2.0.2开始没有考虑到这一点。我可以通过在安装MySql之前设置密码来解决这个问题

- name: Specify MySQL root password before installing
  debconf: name='mysql-server' question='mysql-server/root_password' value='{{mysql_root_password | quote}}' vtype='password'
  become: true

- name: Confirm MySQL root password before installing
  debconf: name='mysql-server' question='mysql-server/root_password_again' value='{{mysql_root_password | quote}}' vtype='password'
  become: true

- name: MySQL | install mysql packages
  apt: pkg={{ item }} state=installed
  become: true
  with_items:    
   - mysql-client
   - mysql-common
   - mysql-server
   - python-mysqldb
  ...

However, this has also since been addressed by Ansible

解决方案2:最简单的解决方案是将Ansible升级到2.2.1

答案 1 :(得分:0)

根据我的理解,在MySQL中,需要为localhost,服务器的主机名和127.0.0.1更改root密码,并且还需要完全权限。这些内容可能有所帮助(注意:我只在 MariaDB 上测试了这个,而不是 MySQL ):

tasks:
  - name: Set a new root password
    mysql_user: check_implicit_admin=yes
                login_user=root
                login_password={{ mysql_root_password }}
                user=root
                password={{ NEW_mysql_root_password }}
                host={{ item }}
                priv='*.*:ALL,GRANT'
    with_items:
      - localhost
      - 127.0.0.1
      - {{ server_hostname }}
    notify:
        - restart_mariadb

handlers:
  - name: restart_mariadb
    service: name=mariadb
             state=restarted