From 34d3b00255ff222115ead032d539252810740351 Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Mon, 13 Mar 2017 14:02:16 +0000 Subject: [PATCH] Add support for the openSUSE Leap distributions Add support for the openSUSE Leap distributions. For openSUSE we use the packages provided by the Open Build Service repository which contains the Galera clustering support. These packages are different compared to the CentOS7 and Ubuntu ones so the way the cluster is being bootstrapped is also different. The systemd service file can't be used for that, so we need to modify the MariaDB configuration file on the boostrap node to initiate the cluster. Moreover, files are installed in different places so we need to modify the distribution files and templates to take that into consideration as well. Change-Id: I1ac31fbc06152da7f93e57911d4a952f0dd83849 --- handlers/main.yml | 43 ++++++++++++++++++++ tasks/galera_bootstrap.yml | 21 ++++++++++ tasks/galera_install.yml | 1 + tasks/galera_install_yum.yml | 28 +------------ tasks/galera_install_zypper.yml | 54 +++++++++++++++++++++++++ tasks/galera_post_install.yml | 16 ++++---- tasks/galera_secure_mysql.yml | 43 ++++++++++++++++++++ tasks/galera_upgrade_check.yml | 1 + tasks/galera_upgrade_check_yum.yml | 8 +++- tasks/galera_upgrade_check_zypper.yml | 1 + tasks/galera_upgrade_pre.yml | 2 + templates/cluster.cnf.j2 | 2 +- templates/my.cnf.j2 | 2 +- tests/galera_server-overrides.yml | 6 +++ vars/redhat-7.yml | 7 ++++ vars/suse-42.yml | 57 +++++++++++++++++++++++++++ vars/ubuntu-16.04.yml | 7 ++++ 17 files changed, 262 insertions(+), 37 deletions(-) create mode 100644 tasks/galera_install_zypper.yml create mode 100644 tasks/galera_secure_mysql.yml create mode 120000 tasks/galera_upgrade_check_zypper.yml create mode 100644 vars/suse-42.yml diff --git a/handlers/main.yml b/handlers/main.yml index 18ece015..f62340c3 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -28,6 +28,7 @@ MYSQLD_STARTUP_TIMEOUT: 180 when: - not galera_running_and_bootstrapped | bool + - ansible_pkg_mgr != "zypper" register: galera_restart until: galera_restart | success retries: 3 @@ -38,6 +39,7 @@ notify: - "Remove stale .sst" - "Restart mysql fall back" + listen: "Restart all mysql" - name: Remove stale .sst file: @@ -56,3 +58,44 @@ until: galera_restart_fall_back | success retries: 3 delay: 5 + +- name: "Set wsrep-new-cluster" + lineinfile: + line: 'wsrep-new-cluster' + insertafter: 'wsrep_cluster_name' + state: present + dest: "{{ galera_etc_include_dir }}/cluster.cnf" + listen: "Restart all mysql" + when: + - not galera_running_and_bootstrapped | bool + - not galera_existing_cluster | bool and inventory_hostname == galera_server_bootstrap_node + - ansible_pkg_mgr == "zypper" + +- name: "Ensure node is not in bootstrap mode" + lineinfile: + line: 'wsrep-new-cluster' + state: absent + dest: "{{ galera_etc_include_dir }}/cluster.cnf" + listen: "Restart all mysql" + when: + - not galera_running_and_bootstrapped | bool + - (not galera_existing_cluster | bool) or (not inventory_hostname == galera_server_bootstrap_node) + - ansible_pkg_mgr == "zypper" + +- name: Restart mysql on SUSE + service: + name: mysql + state: restarted + when: + - not galera_running_and_bootstrapped | bool + - ansible_pkg_mgr == "zypper" + register: galera_restart + until: galera_restart | success + retries: 3 + delay: 5 + # notifies are only fired when status is "changed" + changed_when: galera_restart | failed + failed_when: false + notify: + - "Remove stale .sst" + listen: "Restart all mysql" diff --git a/tasks/galera_bootstrap.yml b/tasks/galera_bootstrap.yml index 9b7d0fd2..32256ff2 100644 --- a/tasks/galera_bootstrap.yml +++ b/tasks/galera_bootstrap.yml @@ -40,6 +40,8 @@ - ansible_service_mgr == 'systemd' - mysql_running.rc != 0 - mysql_started | failed + # galera_new_cluster is not applicable for SUSE + - ansible_pkg_mgr != 'zypper' register: start_cluster failed_when: false tags: @@ -53,9 +55,28 @@ - mysql_started | failed - start_cluster | failed - mysql_running.rc != 0 + - ansible_pkg_mgr != 'zypper' tags: - galera-bootstrap +- block: + - name: "Set wsrep-new-cluster" + lineinfile: + line: 'wsrep-new-cluster' + insertafter: 'wsrep_cluster_name' + state: present + dest: "{{ galera_etc_include_dir }}/cluster.cnf" + - name: "Restaring the mysql service" + service: + name: mysql + state: restarted + register: start_cluster + when: + - mysql_running.rc != 0 + - mysql_started | failed + # galera_new_cluster is not applicable for SUSE + - ansible_pkg_mgr == 'zypper' + - name: Wait for operational state command: mysql --silent --skip-column-names -e 'SHOW STATUS LIKE "wsrep_evs_state"' register: galera_check_wait diff --git a/tasks/galera_install.yml b/tasks/galera_install.yml index 3c7f87ee..0d1525d7 100644 --- a/tasks/galera_install.yml +++ b/tasks/galera_install.yml @@ -21,6 +21,7 @@ tags: - install-apt - install-yum + - install-zypper - name: Install pip packages pip: diff --git a/tasks/galera_install_yum.yml b/tasks/galera_install_yum.yml index a9229a2e..ec3ae5af 100644 --- a/tasks/galera_install_yum.yml +++ b/tasks/galera_install_yum.yml @@ -138,30 +138,4 @@ when: - systemd_mysql_service.stat.exists -# NOTE(cloudnull): This is an idempotent shell task is it will only run once -# provided the "/etc/mysql/rhel_configured" exists. This tasks automates the -# MySQL secure setup which is done automatically in Ubuntu deployments. -- name: "Update root user, connections, and grant options" - shell: | - service mysql start || true - # Reset the root password, at this time there is no password set - mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}" - # Setup the root user for MySQL - mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';" - mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';" - mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');" - mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';" - mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" - mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" - mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" - mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" - mysql -u root -h localhost -e "FLUSH PRIVILEGES;" - # Create a marker file to ensure this script is not run again - touch /etc/mysql/rhel_configured - service mysql stop - args: - creates: /etc/mysql/rhel_configured - tags: - - galera_server-config - - galera-rhel-config - - skip_ansible_lint +- include: galera_secure_mysql.yml mysql_securely_configured='/etc/mysql/rhel_configured' diff --git a/tasks/galera_install_zypper.yml b/tasks/galera_install_zypper.yml new file mode 100644 index 00000000..8459c27d --- /dev/null +++ b/tasks/galera_install_zypper.yml @@ -0,0 +1,54 @@ +--- +# Copyright 2017, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# NOTE(hwoarang): zypper_repository/auto_import_keys added in 2.2 +# so we need to manually refresh the repository and import the keys +# in order to work with older ansible versions. +- name: Add galera repo + zypper_repository: + refresh: yes + name: "{{ item.name }}" + repo: "{{ item.uri }}" + register: zypper_repository_added + with_items: "{{ galera_server_zypper_repo }}" + tags: + - galera-repos + +# NOTE(hwoarang): We need to run this right after we add the repos and +# before we install any packages so it can't be a handler unless we +# move everything to pre_tasks +- name: Refresh galera zypper repository + command: zypper --gpg-auto-import-keys ref + when: zypper_repository_added.changed + tags: + - skip_ansible_lint + - galera-repos + +- name: Install galera_server role remote packages (zypper) + zypper: + name: "{{ item }}" + state: "{{ galera_server_package_state }}" + with_items: + - "{{ galera_packages_list | selectattr('enabled') | sum(attribute='packages', start=[]) }}" + +- name: Enable mysql to start at boot + service: + name: "mysql" + enabled: "yes" + tags: + - galera_server-config + - galera-enable + +- include: galera_secure_mysql.yml mysql_securely_configured='/etc/my.cnf.d/suse_configured' diff --git a/tasks/galera_post_install.yml b/tasks/galera_post_install.yml index 5bafec0c..4d36b0e4 100644 --- a/tasks/galera_post_install.yml +++ b/tasks/galera_post_install.yml @@ -47,18 +47,18 @@ config_type: "{{ item.config_type }}" with_items: - src: my.cnf.j2 - dest: /etc/mysql/my.cnf + dest: "{{ galera_etc_conf_file }}" config_overrides: "{{ galera_my_cnf_overrides }}" config_type: "ini" - src: cluster.cnf.j2 - dest: /etc/mysql/conf.d/cluster.cnf + dest: "{{ galera_etc_include_dir }}/cluster.cnf" config_overrides: "{{ galera_cluster_cnf_overrides }}" config_type: "ini" - src: debian.cnf.j2 dest: /etc/mysql/debian.cnf config_overrides: "{{ galera_debian_cnf_overrides }}" config_type: "ini" - notify: Restart mysql + notify: Restart all mysql tags: - galera-config - galera-client-user-config @@ -72,6 +72,7 @@ insertafter: '^export HOME=/etc/mysql/' line: '[ -r /etc/default/mariadb ] && . /etc/default/mariadb' backup: yes + when: ansible_pkg_mgr != 'zypper' tags: - galera-config @@ -80,15 +81,16 @@ src: "mysql_defaults.j2" dest: "/etc/default/mariadb" mode: "0644" + when: ansible_pkg_mgr != 'zypper' notify: - - Restart mysql + - Restart all mysql - Reload the systemd daemon tags: - galera-config - name: Create mariadb systemd service config dir file: - path: "/etc/systemd/system/mariadb.service.d" + path: "/etc/systemd/system/{{ galera_mariadb_service_name }}.service.d" state: "directory" group: "root" owner: "root" @@ -99,7 +101,7 @@ - name: Apply systemd options template: src: "{{ item.src }}" - dest: "/etc/systemd/system/mariadb.service.d/{{ item.dest }}" + dest: "/etc/systemd/system/{{ galera_mariadb_service_name }}.service.d/{{ item.dest }}" mode: "0644" with_items: - { src: "systemd.limits.conf.j2", dest: "limits.conf" } @@ -109,7 +111,7 @@ - ansible_service_mgr == 'systemd' notify: - Reload the systemd daemon - - Restart mysql + - Restart all mysql tags: - galera-config diff --git a/tasks/galera_secure_mysql.yml b/tasks/galera_secure_mysql.yml new file mode 100644 index 00000000..a9273b8e --- /dev/null +++ b/tasks/galera_secure_mysql.yml @@ -0,0 +1,43 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#NOTE(cloudnull): This is an idempotent shell task is it will only run once +# provided the "/etc/mysql/rhel_configured" exists. This tasks automates the +# MySQL secure setup which is done automatically in Ubuntu deployments. +- name: "Update root user, connections, and grant options" + shell: | + service mysql start || true + # Reset the root password, at this time there is no password set + mysqladmin --no-defaults --port=3306 --socket=/var/run/mysqld/mysqld.sock --host=127.0.0.1 --user=root password "{{ galera_root_password }}" + # Setup the root user for MySQL + mysql -u root -h localhost -e "UPDATE mysql.user SET Password=PASSWORD('$rootpass') WHERE User='root';" + mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE user='';" + mysql -u root -h localhost -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('%', 'localhost', '127.0.0.1', '::1');" + mysql -u root -h localhost -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'localhost' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'127.0.0.1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'::1' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "GRANT ALL PRIVILEGES ON *.* TO '{{ galera_root_user }}'@'%' IDENTIFIED BY '{{ galera_root_password }}' WITH GRANT OPTION;" + mysql -u root -h localhost -e "FLUSH PRIVILEGES;" + # Create a marker file to ensure this script is not run again + touch "{{ mysql_securely_configured }}" + service mysql stop + args: + creates: "{{ mysql_securely_configured }}" + tags: + - galera_server-config + - galera-rhel-config + - galera-suse-config + - skip_ansible_lint diff --git a/tasks/galera_upgrade_check.yml b/tasks/galera_upgrade_check.yml index e122ac4c..7677a2b6 100644 --- a/tasks/galera_upgrade_check.yml +++ b/tasks/galera_upgrade_check.yml @@ -17,6 +17,7 @@ tags: - install-apt - install-yum + - install-zypper - include: galera_upgrade_pre.yml static: no diff --git a/tasks/galera_upgrade_check_yum.yml b/tasks/galera_upgrade_check_yum.yml index f6eed534..88f9fa7a 100644 --- a/tasks/galera_upgrade_check_yum.yml +++ b/tasks/galera_upgrade_check_yum.yml @@ -22,12 +22,16 @@ tags: - galera-package-rpm - galera-yum-packages + - galera-zypper-packages - galera-upgrade - skip_ansible_lint - name: Check for any galera install version + # NOTE(hwoarang): We may have many packages starting with + # {{ galera_mariadb_server_package }} so make sure we actually look + # for exact matches. shell: | - rpm -qa | grep -i "{{ galera_mariadb_server_package }}" + rpm -qa --qf '%{NAME}\n'| grep -i "{{ galera_mariadb_server_package }}"$ failed_when: false register: installed_galera_any when: @@ -36,6 +40,7 @@ tags: - galera-package-rpm - galera-yum-packages + - galera-zypper-packages - galera-upgrade - skip_ansible_lint @@ -48,4 +53,5 @@ tags: - galera-package-rpm - galera-yum-packages + - galera-zypper-packages - galera-upgrade diff --git a/tasks/galera_upgrade_check_zypper.yml b/tasks/galera_upgrade_check_zypper.yml new file mode 120000 index 00000000..4fe70d87 --- /dev/null +++ b/tasks/galera_upgrade_check_zypper.yml @@ -0,0 +1 @@ +galera_upgrade_check_yum.yml \ No newline at end of file diff --git a/tasks/galera_upgrade_pre.yml b/tasks/galera_upgrade_pre.yml index 48b55ba2..1a05ff06 100644 --- a/tasks/galera_upgrade_pre.yml +++ b/tasks/galera_upgrade_pre.yml @@ -35,6 +35,8 @@ - name: Stop mysql command: /etc/init.d/mysql stop changed_when: false + # SUSE always uses the systemd service + when: ansible_pkg_mgr != "zypper" tags: - galera-upgrade diff --git a/templates/cluster.cnf.j2 b/templates/cluster.cnf.j2 index 5cbe29f6..57eee347 100644 --- a/templates/cluster.cnf.j2 +++ b/templates/cluster.cnf.j2 @@ -4,7 +4,7 @@ wsrep_on = ON # Path to Galera library -wsrep_provider = /usr/lib/galera/libgalera_smm.so +wsrep_provider = {{ galera_wsrep_provider }} {% if galera_wsrep_provider_options is defined %} wsrep_provider_options = " {%- for item in galera_wsrep_provider_options -%} diff --git a/templates/my.cnf.j2 b/templates/my.cnf.j2 index dadbb849..18dc1f84 100644 --- a/templates/my.cnf.j2 +++ b/templates/my.cnf.j2 @@ -101,4 +101,4 @@ quote-names max_allowed_packet = 16M -!includedir /etc/mysql/conf.d/ +!includedir {{ galera_etc_include_dir }}/ diff --git a/tests/galera_server-overrides.yml b/tests/galera_server-overrides.yml index ac3e1902..58632e36 100644 --- a/tests/galera_server-overrides.yml +++ b/tests/galera_server-overrides.yml @@ -20,3 +20,9 @@ galera_server_old_package: redhat: galera_mariadb_server_package: "MariaDB-Galera-server" galera_repo_url: "http://yum.mariadb.org/10.0/centos/7/x86_64" + # NOTE(hwoarang): On SUSE we only have one version in the + # repos so this will not actually test the upgrade path. As such + # the following dictionary is mostly a NOOP just to keep the tests happy. + suse: + galera_mariadb_server_package: "mariadb" + galera_repo_url: "http://download.opensuse.org/repositories/server:/database/openSUSE_Leap_{{ ansible_distribution_version }}" diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml index 760c4707..8f1826a0 100644 --- a/vars/redhat-7.yml +++ b/vars/redhat-7.yml @@ -28,6 +28,9 @@ galera_server_required_distro_packages: - MariaDB-client - MariaDB-devel +galera_etc_conf_file: "/etc/mysql/my.cnf" +galera_etc_include_dir: "/etc/mysql/conf.d" + _galera_mariadb_server_package: "MariaDB-server" galera_server_mariadb_distro_packages: @@ -44,6 +47,8 @@ galera_server_upgrade_packages_remove: - MariaDB-Galera-server - MariaDB-server +galera_mariadb_service_name: "mariadb" + _galera_repo_url: "http://yum.mariadb.org/10.1/centos/7/x86_64" galera_repo: name: MariaDB @@ -73,4 +78,6 @@ qpress_arch_fallback_url: qpress_arch_sha256: x86_64: "d6b6b7ca3a5ad4baea34975743106ac54ac746b3e6497d59bce55765d604b697" +galera_wsrep_provider: "/usr/lib/galera/libgalera_smm.so" + use_percona_upstream: yes diff --git a/vars/suse-42.yml b/vars/suse-42.yml new file mode 100644 index 00000000..0e05643b --- /dev/null +++ b/vars/suse-42.yml @@ -0,0 +1,57 @@ +--- +# Copyright 2017, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +galera_server_zypper_repo: + - name: "OBS:server_database" + uri: "http://download.opensuse.org/repositories/server:/database/openSUSE_Leap_{{ ansible_distribution_version }}" + +galera_server_required_distro_packages: + - galera-3 + - gpg2 + - libaio-devel + - libstdc++-devel + - libgcc_s1 + - libgcrypt-devel + - libmysqlclient-devel + - mariadb-client + - qpress + +galera_etc_conf_file: "/etc/my.cnf" +galera_etc_include_dir: "/etc/my.cnf.d" + +_galera_mariadb_server_package: "mariadb" + +galera_server_upgrade_packages_remove: + - "{{ galera_mariadb_server_package }}" + - galera-3 + +galera_mariadb_service_name: "mysql" + +galera_server_mariadb_distro_packages: + - which + - "{{ galera_mariadb_server_package }}" + - percona-toolkit + - xtrabackup + - rsync + - socat + +galera_wsrep_provider: "/usr/lib64/galera-3/libgalera_smm.so" + +use_percona_upstream: true +# NOTE(hwoarang): The default one provided in vars/main.yml depends on +# variables defined in defaults/main.yml. However such defaults do not make +# sense for SUSE distributions and as such we provide an empty list here since +# we grab everything from the distro repositories. +percona_packages_list: [] diff --git a/vars/ubuntu-16.04.yml b/vars/ubuntu-16.04.yml index 120ee1ba..d8cec2c3 100644 --- a/vars/ubuntu-16.04.yml +++ b/vars/ubuntu-16.04.yml @@ -41,6 +41,9 @@ galera_server_required_distro_packages: - python-software-properties - software-properties-common +galera_etc_conf_file: "/etc/mysql/my.cnf" +galera_etc_include_dir: "/etc/mysql/conf.d" + # The package name for mariaDB is set as a variable # so that it can be used in debconf later in the # "galera_common" role. @@ -63,6 +66,8 @@ galera_server_upgrade_packages_remove: - mariadb-server - mysql-common +galera_mariadb_service_name: "mariadb" + galera_debconf_items: - question: "mysql-server/root_password" name: "{{ galera_mariadb_server_package }}" @@ -108,4 +113,6 @@ galera_repo: state: "present" filename: "MariaDB" +galera_wsrep_provider: "/usr/lib/galera/libgalera_smm.so" + use_percona_upstream: no