Ansible设置mysql root密码
你们中的任何人都有想法为mysql更新root密码和授予权限构建一个yml吗?我已经创建了我的剧本,并且在新安装中它按预期工作,完全没有问题。但是当我再次进行vagrant配置时,它现在无法设置root密码而我收到错误。以下是我的代码
mysql.yml
---
- name: Install the MySQL packages
apt: name={{ item }} state=installed update_cache=yes
with_items:
- mysql-server
- mysql-client
- python-mysqldb
- libmysqlclient-dev
- name: drop database {{ dbname }}
mysql_db:
name: "{{ dbname }}"
login_user: "{{ dbuser }}"
login_password: "{{ dbpass }}"
state: absent
delegate_to: "{{ dbhost }}"
run_once: true
- name: create database {{ dbname }}
mysql_db:
name: "{{ dbname }}"
login_user: "{{ dbuser }}"
login_password: "{{ dbpass }}"
state: present
delegate_to: "{{ dbhost }}"
run_once: true
- name: ensure mysql is running and starts on boot
service: name=mysql state=started enabled=true
- name: copy .my.cnf file with root password credentials
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
- name: update mysql root password for all root accounts "{{ dbpass }}"
mysql_user: name={{ dbuser }} host={{ item }} password="{{ dbpass }}" priv="{{ dbname }}.*:ALL,GRANT"
with_items:
- localhost
- 127.0.0.1
- name: grant privilege on "{{ dbname }}" to "{{ dbuser }}"
mysql_user:
name: "{{ item.user }}"
host: "{{ item.host }}"
password: "{{ dbpass }}"
login_user: "{{ dbuser }}"
login_password: "{{ dbpass }}"
priv: "{{ dbname }}.*:ALL"
state: present
with_items:
- { user: "{{ dbuser }}" , host: localhost }
- { user: "{{ dbuser }}" , host: 127.0.0.1 }
delegate_to: "{{ dbhost }}"
run_once: true
- name: ensure anonymous users are not in the database
mysql_user: name='' host={{ item }} state=absent
with_items:
- 127.0.0.1
- localhost
- name: remove the test database
mysql_db: name=test state=absent
my.cnf.j2
[client]
user=root
password={{ dbpass }}
默认/ main.yml
---
dbhost: localhost
dbname: mydb
dbuser: root
dbpass: root
如果全新安装我能做的一切都很好但是第二次运行它会给我下面的错误
3 个答案:
答案 0 :(得分:3)
似乎您在尝试使用下一个任务更改密码之前,使用新密码更新.my.cnf。
您可能希望在更新密码时使用host_all选项,因为with_items运行模块多次,并且可能出现相同的错误:更改第一项上的密码但无法连接在第二项。
答案 1 :(得分:2)
已经找到了正确答案。所以,我将添加我的答案,仅为那些与我有同样麻烦的人提供参考
=============================================== ============================
---
# Install the needed package of mysql
- name: Install MySQL packages
apt: pkg={{ item }} state=installed
with_items:
- bundler
- mysql-server
- mysql-client
- libmysqlclient-dev
- python-mysqldb
- build-essential
# Update the root password immediately. This should come first as ordering
# is very important
- name: Update mysql root password for all root accounts "{{ dbpass }}"
mysql_user: name=root password="{{ dbpass }}" priv="*.*:ALL,GRANT"
# After we update the root password we are going to use this everytime
# we do an update or create something on mysql
# we will create a copy in /root/.my.cnf as this will be use to check
# the login or root credential. Meaning this should contain the latest
# password of the root (right after we update the root password)
- name: copy .my.cnf file with root password credentials
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
notify: Restart the MySQL service
# Remove the unnecessary db for now
- name: Remove the test database
mysql_db: name=test state=absent
# Make sure no anonymous user in the db
- name: ensure anonymous users are not in the database
mysql_user: name='' host={{ item }} state=absent
with_items:
- 127.0.0.1
- localhost
# Delete the user if its existing so that we can create the user again
- name: Delete deploy DB user
mysql_user: name={{ dbuser }} password={{ dbpass }} state=absent
notify: Restart the MySQL service
# Create our own user aside from the root password
# here our root password and new user created will have the same password
- name: Add deploy DB user
mysql_user: name={{ dbuser }} password={{ dbpass }} priv=*.*:ALL,GRANT state=present
notify: Restart the MySQL service
# Delete databases. This should not be included in production.
# this is only on local so its fine.
- name: Drop databases
mysql_db:
name: "{{ item }}"
login_user: "{{ dbuser }}"
login_password: "{{ dbpass }}"
state: absent
with_items:
- db1
- db2
- "{{ dbname }}"
run_once: true
# Recreate the databases
- name: Create databases
mysql_db:
name: "{{ item }}"
login_user: "{{ dbuser }}"
login_password: "{{ dbpass }}"
state: present
with_items:
- db1
- db2
- "{{ dbname }}"
run_once: true
# Grant the privilege for the newly created user
- name: grant privilege on "{{ dbname }}" to "{{ dbuser }}"
mysql_user:
name: "{{ item.user }}"
host: "{{ item.host }}"
password: "{{ dbpass }}"
priv: "*.*:ALL"
state: present
with_items:
- { user: "{{ dbuser }}" , host: localhost }
- { user: "{{ dbuser }}" , host: 127.0.0.1 }
答案 2 :(得分:0)
我为此苦了一段时间。最终对我有帮助的是
-
意识到在我的ubuntu版本(18.04)上,mysql是针对套接字
/var/run/mysqld/mysqld.sock运行的
-
最后阅读mysql_user ansible module上的精美图片。它准确地描述了解决方法
MySQL服务器安装时,默认的login_user为“ root”,没有密码。为了确保该用户作为幂等性手册的一部分,您必须创建至少两个任务:第一个任务必须更改root用户的密码,而不提供任何login_user / login_password详细信息。第二个必须删除包含新的根凭据的〜/ .my.cnf文件。然后,通过从文件中读取新凭据,可以成功运行剧本。
结合这两件事,这终于对我有用:
vars/main.yml
---
mysql_port: 3306
mysql_socket: /var/run/mysqld/mysqld.sock
mysql_superuser: root
mysql_superuser_home: "{% if mysql_superuser == 'root' %}/root{% else %}/home/{{ mysql_superuser }}{% endif %}"
mysql_superuser_password: youllNeverGuessMyPasswordMuahaha
tasks/main.yml
---
- name: Install mysql
apt:
name: ['mysql-server', 'mysql-client', 'python2.7-mysqldb']
state: present
update_cache: yes
# Allows python to create and manipulate mysql config
- name: Ensure pymysql is present
pip:
name: pymysql
state: present
- name: Update mysql password for superuser `{{ mysql_superuser }}`
mysql_user:
# Update the superuser to have all grants and a password
name: "{{ mysql_superuser }}"
host: localhost
password: "{{ mysql_superuser_password }}"
priv: "*.*:ALL,GRANT"
# Login *as root* to perform this change, even though you might
# be altering the root user itself
login_user: root
login_password: ""
login_port: "{{ mysql_port }}"
login_host: localhost
login_unix_socket: "{{ mysql_socket }}"
# As a good measure,have ansible check whether an implicit login
# is possible first
check_implicit_admin: yes
- name: Create system-wide mysql configuration file
template:
src: system_wide_mysql.cnf.j2
dest: /etc/my.cnf
- name: Create mysql configuration file for `{{ mysql_superuser }}`
template:
src: superuser_mysql.cnf.j2
dest: "{{ mysql_superuser_home }}/.my.cnf"
notify:
- Restart Mysql
模板
系统范围的my.cnf
[mysqld]
datadir=/var/lib/mysql
socket={{ mysql_socket }}
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
port={{ mysql_port }}
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
超级用户.my.cnf
[client]
user={{ mysql_superuser }}
password={{ mysql_superuser_password }}
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?