Linux-ansible-roles部署mysql-8.0.28
ansible-playbook实现MySQL的二进制部署
环境centos7.9
创建角色目录
[root@centos7-liyj /data/ansible]#mkdir -p /data/ansible/roles/mysql/{files,tasks,vars} [root@centos7-liyj /data/ansible]#ls roles [root@centos7-liyj /data/ansible]#tree /ro roles/ root/ [root@centos7-liyj /data/ansible]#tree roles/ roles/ └── mysql ├── files ├── tasks └── vars 4 directories, 0 files [root@centos7-liyj /data/ansible]#pwd /data/ansible
创建数据库配置文件
[root@centos7-liyj /data/ansible]#vim roles/mysql/files/my.cnf [root@centos7-liyj /data/ansible]#cat roles/mysql/files/my.cnf [mysqld] datadir=/data/mysql socket=/data/mysql/mysql.sock log-error=/data/mysql/mysql.log pid-file=/data/mysql/mysql.pid [client] socket=/data/mysql/mysql.sock
定义变量 var/
[root@centos7-liyj /data/ansible]#vim /data/ansible/roles/mysql/vars/main.yml [root@centos7-liyj /data/ansible]#cat /data/ansible/roles/mysql/vars/main.yml mysql_version: 8.0.28 mysql_file: mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.xz mysql_root_password: 123456
定义元素执行顺序
[root@centos7-liyj /data/ansible]#vim /data/ansible/roles/mysql/tasks/main.yml [root@centos7-liyj /data/ansible]#cat /data/ansible/roles/mysql/tasks/main.yml - include: install.yml - include: group.yml - include: user.yml - include: unarchive.yml - include: linkfile.yml - include: path.yml - include: config.yml - include: data.yml - include: script.yml - include: service.yml - include: secure.yml
编译元素内容
1、安装依赖关系
vim roles/mysql/tasks/install.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/install.yml - name: install packages yum: name: - libaio - numactl-libs
2、创建用户组
vim roles/mysql/tasks/group.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/group.yml - name: create mysql group group: name=mysql gid=306
3、创建用户
vim roles/mysql/tasks/user.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/user.yml - name: create mysql user user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
4、解压二进制安装包
vim roles/mysql/tasks/unarchive.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/unarchive.yml - name: copy tar to remote host and file mode unarchive: src={{mysql_file}} dest=/usr/local/ owner=root group=root
5、解压目录,创建 软连接
vim roles/mysql/tasks/linkfile.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/linkfile.yml - name: create linkfile /usr/local/mysql file: src=/usr/local/mysql-{{ mysql_version }}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
6、设置 命令 环境变量
vim roles/mysql/tasks/path.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
7、复制配置文件至 /etc/my.cnf
vim roles/mysql/tasks/config.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/config.yml
- name: config my.conf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
8、生成数据库文件且密码为空
vim roles/mysql/tasks/data.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/data.yml - name: data dir shell: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/data/mysql tags: data
9、复制 数据库服务启动文件 至 /etc/init.d/mysqld 开机启动
vim roles/mysql/tasks/script.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/script.yml - name: service script shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
10、启动数据库服务
vim roles/mysql/tasks/service.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/service.yml - name: enable service shell: chkconfig --add mysqld;/etc/init.d/mysqld start tags: service
11、修改数据库密码
vim roles/mysql/tasks/secure.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/secure.yml - name: change password shell: /usr/local/mysql/bin/mysqladmin -uroot password {{mysql_root_password}}
12、执行角色文件,root身份执行mysql目录下元素
vim roles/mysql/tasks/role_mysql.yml
[root@centos7-liyj /data/ansible]#cat roles/mysql/tasks/role_mysql.yml --- - hosts: dbsrvs remote_user: root gather_facts: no roles: - mysql
居于key验证远程登录
[root@centos7-liyj ~]#ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:rfDVnr3YaCsLYLdQ3YYqCRni53iDD09Wsj113OeJZx0 root@centos7-liyj The key's randomart image is: +---[RSA 2048]----+ | . . | | . . o o + | | . = . o = + .E | | = * + + o + o.| | + B X S o o = .| | B o O + . = | | o = o . | | .. .+ . | | .++.o | +----[SHA256]-----+ [root@centos7-liyj ~]#ll .ssh/ total 12 -rw------- 1 root root 1675 May 21 15:35 id_rsa -rw-r--r-- 1 root root 399 May 21 15:35 id_rsa.pub -rw-r--r-- 1 root root 171 May 21 15:30 known_hosts [root@centos7-liyj ~]#ssh-copy-id root@10.0.0.77 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '10.0.0.77 (10.0.0.77)' can't be established. ECDSA key fingerprint is SHA256:a8HZZS4TTvzQbF1/XJKDZvry1Lwa+9/jYIYXRPwqfIk. ECDSA key fingerprint is MD5:41:d8:d4:69:09:2c:35:d3:0a:91:79:cd:0e:e5:10:14. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@10.0.0.77's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@10.0.0.77'" and check to make sure that only the key(s) you wanted were added. [root@centos7-liyj ~]#ssh-copy-id root@10.0.0.37 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@10.0.0.37's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@10.0.0.37'" and check to make sure that only the key(s) you wanted were added.
添加远程操控主机列表
[root@centos7-liyj /data/ansible]#vim /etc/ansible/hosts [dbsrvs] #于role_mysql.yml内容 host 一致 10.0.0.17 10.0.0.27
[root@centos7-liyj /data/ansible]#ansible-playbook role_mysql.yml PLAY [dbsrvs] ********************************************************************************************************* TASK [mysql : install packages] *************************************************************************************** changed: [10.0.0.27] changed: [10.0.0.17] TASK [mysql : create mysql group] ************************************************************************************* changed: [10.0.0.27] changed: [10.0.0.17] TASK [mysql : create mysql user] ************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : copy tar to remote host and file mode] ****************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : create linkfile /usr/local/mysql] *********************************************************************** changed: [10.0.0.27] changed: [10.0.0.17] TASK [mysql : PATH variable] ****************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : config my.conf] ***************************************************************************************** changed: [10.0.0.27] changed: [10.0.0.17] TASK [mysql : data dir] *********************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : service script] ***************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : enable service] ***************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] TASK [mysql : change password] **************************************************************************************** changed: [10.0.0.17] changed: [10.0.0.27] PLAY RECAP ************************************************************************************************************ 10.0.0.17 : ok=11 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 10.0.0.27 : ok=11 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
远程主机登录
27号机器
17号机器
. /etc/profile.d/mysql.sh