diff --git a/roles/galera/tasks/configure.yml b/roles/galera/tasks/configure.yml index 5b538c2..7ad980c 100644 --- a/roles/galera/tasks/configure.yml +++ b/roles/galera/tasks/configure.yml @@ -1,86 +1,119 @@ --- -# Configure MySQL with Galera +# Configure MariaDB - stat: path=/var/local/mysql_reset register: mysql_reset - name: Copy phabricator stop words copy: src=stopwords.txt dest=/srv/stopwords.txt - name: Copy minimal mysql config template: src=my-mini.cnf dest=/etc/my.cnf when: not mysql_reset.stat.exists notify: stop mysql - name: Reset MySQL root password shell: /etc/init.d/mysql start --skip-grant-tables; mysql -u root -e 'flush privileges; SET PASSWORD FOR 'root'@'localhost' = PASSWORD("");'; touch /var/local/mysql_reset; service mysql stop when: not mysql_reset.stat.exists args: creates: /var/local/mysql_reset - name: Copy mysql config template: src=my.cnf dest=/etc/my.cnf -- name: Check Galera status - shell: mysql -e "SHOW STATUS LIKE 'wsrep_evs_state';" -s | awk '{print $2}' - register: galera_status +- name: Start mysql server + service: name=mysql state=started enabled=true -- name: Bootstrap MySQL Galera cluster - shell: service mysql stop; /etc/init.d/mysql bootstrap - when: "'{{ inventory_hostname }}' == '{{ groups.dbs[0] }}' and galera_status.stdout != 'OPERATIONAL'" +# Configure replication +- name: Create database replication user + mysql_user: + state=present + user={{ mysql_repl_user }} + password={{ mysql_repl_pass }} + priv=*.*:REPLICATION_SLAVE + host='%' + run_once: yes -- service: name=mysql state=started enabled=false +- name: Check slave replication status + mysql_replication: mode=getslave + ignore_errors: true + register: slave when: "'{{ inventory_hostname }}' != '{{ groups.dbs[0] }}'" +- name: Check master replication status + mysql_replication: mode=getmaster + delegate_to: "{{ mysql_replication_master }}" + register: master + when: "'{{ inventory_hostname }}' == '{{ groups.dbs[0] }}'" + +- name: Configure replication on the slave + mysql_replication: + mode: changemaster + master_host: "{{ groups.dbs[0] }}" + master_user: "{{ mysql_repl_user }}" + master_password: "{{ mysql_repl_pass }}" + master_log_file: "{{ master.File }}" + master_log_pos: "{{ master.Position }}" + ignore_errors: True + when: > + inventory_hostname != groups.dbs[0] + and slave|failed + +- name: Start replication + mysql_replication: mode=startslave + when: > + inventory_hostname != groups.dbs[0] + and slave|failed + # Users - name: Create database app user mysql_user: state=present user={{ mysql_app_user }} password={{ mysql_app_pass }} priv=*.*:ALL host={{ mysql_host }} run_once: yes - name: Create haproxy user mysql_user: state=present user={{ mysql_lbs_user }} password="" priv=*.*:ALL host={{ internal_ip }} run_once: yes - name: Create Shibboleth user mysql_user: state=present user={{ mysql_shib_user }} password={{ mysql_shib_pass }} priv={{ mysql_shib_db }}.*:ALL host={{ mysql_host }} run_once: yes - name: Copy Shibboleth db schema copy: src: "install_shib.sql" dest: "/tmp/install_shib.sql" run_once: yes - name: Create Shibboleth db mysql_db: name: "{{ mysql_shib_db }}" run_once: yes - name: Check if Shibboleth tables exist shell: "mysql {{ mysql_shib_db }} -e 'show tables' | grep strings" register: tablestatus ignore_errors: yes run_once: yes - name: Populate Shibboleth db mysql_db: name: "{{ mysql_shib_db }}" target: /tmp/install_shib.sql state: import when: "'{{ inventory_hostname }}' == '{{ groups.dbs[0] }}' and tablestatus.rc != 0" diff --git a/roles/galera/tasks/install.yml b/roles/galera/tasks/install.yml index 1ae1cca..fa02531 100644 --- a/roles/galera/tasks/install.yml +++ b/roles/galera/tasks/install.yml @@ -1,17 +1,9 @@ --- -# Install MySQL and Galera - -- name: Copy Galera yum config - copy: src="{{ yum_repo }}" dest=/etc/yum.repos.d/galera.repo - -- name: Shared MySQL lib - shell: yum upgrade -y mysql-wsrep-shared-5.5 -x mysql-wsrep-shared-5.6 +# Install MariaDB - yum: name="{{ item }}" state=latest update_cache=yes with_items: - - MySQL-python - - mysql-wsrep-5.6 - - galera-3 + - mariadb-server diff --git a/roles/galera/templates/my.cnf b/roles/galera/templates/my.cnf index 79e2b1a..9dccf90 100644 --- a/roles/galera/templates/my.cnf +++ b/roles/galera/templates/my.cnf @@ -1,29 +1,23 @@ [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock symbolic-links=0 sql_mode=STRICT_ALL_TABLES max_allowed_packet=33554432 ft_stopword_file=/srv/stopwords.txt ft_min_word_len=3 ft_boolean_syntax=' |-><()~*:""&^' innodb_buffer_pool_size=1600M -#wsrep_provider=/usr/lib64/galera-3/libgalera_smm.so -#wsrep_cluster_address="gcomm://{{ groups['dbs']|join(',') }}" -binlog_format=row -#max_binlog_files=30 +binlog_format=MIXED default_storage_engine=InnoDB innodb_autoinc_lock_mode=2 -innodb_flush_log_at_trx_commit=2 +innodb_flush_log_at_trx_commit=1 bind-address=0.0.0.0 -#wsrep_cluster_name="{{ mysql_cluster_name }}" -#wsrep_sst_method=rsync -#wsrep_node_address="{{ ansible_eth0.ipv4.address }}" -#wsrep_node_name="{{ ansible_eth0.ipv4.address }}" -#wsrep_provider_options="gcs.fc_limit = 256; gcs.fc_factor = 0.99; gcs.fc_master_slave = yes" log-bin="{{ mysql_cluster_name }}" log-slave-updates +sync_binlog=1 +server_id={{ ansible_hostname|[-1:]|int+1 }} [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid diff --git a/vars/main.yml.example b/vars/main.yml.example index 35f6911..50857ff 100644 --- a/vars/main.yml.example +++ b/vars/main.yml.example @@ -1,108 +1,110 @@ --- env: prod project_name: "c4science" ansible_ssh_user: "centos" proxy: no http_proxy: "" no_proxy: "localhost" proxy_url: "{{ http_proxy }}" user_pwd_root: "" user_pwd_centos: "" # OpenStack keypair_name: "" image_id: "" image_id_coreos: "" public_net: "" private_net: "" flavor_id_small: "" flavor_id_medium: "" flavor_id_large: "" flavor_id_small_backup: "" private_net_backup: "" image_id_backup: "" region_main: "" region_back: "" # Storage s3_access_key: "" s3_secret_key: "" s3_endpoint: "" s3_bucket: "" s3_region: "" # Lbs internal_ip: 0.0.0.0 external_ip: 0.0.0.0 backup_ip: 0.0.0.0 ip_range: "10.0.0.0/16" jenkins_port: 8080 stats_port: 8082 monit_port: 8081 monit_user: admin monit_pass: rolling_reboot_proxy_host: "{{ external_ip }}" rolling_reboot_pause: 30 rolling_reboot_wait_delay: 20 # App developer_mode: false http_scheme: 'http://' domain: example.com file_domain: "{{ http_scheme }}static.{{ domain }}/" phabricator_path: /srv/www/facebook/ repositories_path: /var/repo/ phd_user: phabricator www_user: apache vcs_user: git vcs_port: 2222 jenkins_admin_user: admin jenkins_admin_pass: jenkins_phab_url: "{{ http_scheme }}{{ domain }}/" jenkins_phab_id: "PHID-" jenkins_phab_secret: "" jenkins_url: "{{ http_scheme }}jenkins.{{ domain }}/" shib_metadata_file: "metadata.xml" shib_metadata_provider: "http://example.com/{{ shib_metadata_file }}" phabricator_domains: - "{{ domain }}" - 'example.com' google_webmaster_file: "googleXYZ.html" # Dbs +mysql_repl_user: "repl" +mysql_repl_pass: "" mysql_app_user: "" mysql_app_pass: "" mysql_shib_user: "" mysql_shib_pass: "" mysql_shib_db: "shibboleth" mysql_lbs_user: "haproxy" mysql_cluster_name: "" mysql_host: "10.0.0.0/255.255.0.0" # SSH ssh_keys: - "ssh-rsa mysuperkey1" - "ssh-rsa mysuperkey2" # Swap swap_path: "/swapfile" dd_bs_size_mb: 32 swap_count: 128 swappiness: 10 vfs_cache_pressure: 50 # Email configure_postfix: true enable_postfix_domain_rewrite: true enable_postfix_relayhost: true postfix_relayhost: "[{{ internal_ip }}]" postfix_rewrite_domain: "{{ domain }}" email_alias_phabricator: "" email_alias_postmaster: "" email_alias_admin: "" email_monitoring: ""