211 lines
9.1 KiB
YAML
211 lines
9.1 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Set the package install state for distribution packages
|
|
# Options are 'present' and 'latest'
|
|
galera_server_package_state: "latest"
|
|
|
|
galera_cluster_members: "{{ groups['galera_all'] }}"
|
|
galera_server_bootstrap_node: "{{ galera_cluster_members[0] }}"
|
|
galera_ignore_cluster_state: false
|
|
galera_upgrade: false
|
|
galera_force_bootstrap: false
|
|
|
|
galera_wsrep_node_name: "{{ inventory_hostname }}"
|
|
galera_cluster_name: openstack_galera_cluster
|
|
|
|
# The galera server-id should be set on all cluster nodes to ensure
|
|
# that replication is handled correctly and the error
|
|
# "Warning: You should set server-id to a non-0 value if master_host is
|
|
# set; we will force server id to 2, but this MySQL server will not act
|
|
# as a slave." is no longer present.
|
|
# galera_server_id: 0
|
|
|
|
# These are here to stub out the internal ROLE API.
|
|
# if these are used they should be set within the
|
|
# distro specific variable files found in vars/
|
|
galera_debconf_items: []
|
|
galera_server_percona_distro_packages: []
|
|
galera_mariadb_server_package: "{{ _galera_mariadb_server_package }}"
|
|
|
|
# The major version used to select the repo URL path
|
|
galera_major_version: 10.1
|
|
|
|
# Set the URL for the MariaDB repository
|
|
galera_repo_url: "{{ _galera_repo_url }}"
|
|
|
|
# Set the repo information for the MariaDB repository
|
|
galera_repo: "{{ _galera_repo }}"
|
|
|
|
# Set the gpg keys needed to be imported
|
|
galera_gpg_keys: "{{ _galera_gpg_keys | default([]) }}"
|
|
|
|
# Set the URL for the Percona Xtrabackup repository
|
|
galera_percona_xtrabackup_repo_url: "{{ _galera_percona_xtrabackup_repo_url | default('') }}"
|
|
|
|
# Set the rpo information for the Percona Xtrabackup repository
|
|
galera_percona_xtrabackup_repo: "{{ _galera_percona_xtrabackup_repo | default({}) }}"
|
|
|
|
# Enable the use of the upstream percona repo
|
|
use_percona_upstream: "{{ _use_percona_upstream }}"
|
|
|
|
galera_monitoring_user: monitoring
|
|
galera_monitoring_user_password: ""
|
|
# NOTE(cloudnull): Set an interface or CIDR to limit the traffic source when
|
|
# monitoring the galera cluster status by default this is set
|
|
# to the first network in the ansible_interfaces list (usually
|
|
# default). From that information we pull the CIDR. To define
|
|
# this in prod most users will simply need to set the variable
|
|
# "galera_monitoring_default_network" to the interface used for
|
|
# management traffic, IE: "eth1".
|
|
galera_monitoring_default_network: "{{ 'ansible_' + (ansible_interfaces | difference(['lo']))[0] }}"
|
|
galera_monitoring_network: "{{ hostvars[inventory_hostname][galera_monitoring_default_network]['ipv4']['network'] }}"
|
|
galera_monitoring_netmask: "{{ (galera_monitoring_network + '/' + hostvars[inventory_hostname][galera_monitoring_default_network]['ipv4']['netmask']) | ipaddr('prefix') }}"
|
|
galera_monitoring_allowed_source: "{{ galera_monitoring_network }}/{{ galera_monitoring_netmask }}"
|
|
galera_root_user: root
|
|
|
|
# WARNING: This option is deprecated and will be removed in v12.0
|
|
galera_gcache_size: 1024M
|
|
|
|
galera_max_heap_table_size: 32M
|
|
galera_tmp_table_size: 32M
|
|
|
|
galera_file_limits: 65535
|
|
galera_wait_timeout: 3600
|
|
|
|
## innodb options
|
|
galera_innodb_buffer_pool_size: 4096M
|
|
galera_innodb_log_file_size: 1024M
|
|
galera_innodb_log_buffer_size: 128M
|
|
|
|
## wsrep configuration
|
|
galera_wsrep_address: "{{ ansible_host }}"
|
|
galera_wsrep_address_port: "{{ galera_wsrep_address }}:3306"
|
|
galera_wsrep_cluster_address: >-
|
|
{% set _var = [] -%}
|
|
{% for cluster_host in galera_cluster_members -%}
|
|
{% set _addr = hostvars[cluster_host]['galera_wsrep_address']
|
|
| default(hostvars[cluster_host]['ansible_host']) -%}
|
|
{% if _var.append(_addr) %}{% endif -%}
|
|
{% endfor -%}
|
|
{# If only 1 cluster member is present output an empty string so the
|
|
single-node member will re-bootstrap correctly upon restart #}
|
|
{{ _var | join(',') if galera_cluster_members | length > 1 else '' }}
|
|
galera_wsrep_node_incoming_address: "{{ galera_wsrep_address }}"
|
|
## Cap the maximum number of threads / workers when a user value is unspecified.
|
|
galera_wsrep_slave_threads_max: 16
|
|
galera_wsrep_slave_threads: "{{ [[ansible_processor_vcpus|default(2), 2] | max, galera_wsrep_slave_threads_max] | min }}"
|
|
galera_wsrep_retry_autocommit: 3
|
|
galera_wsrep_debug: 0
|
|
galera_wsrep_sst_method: xtrabackup-v2
|
|
galera_wsrep_provider_options:
|
|
- { option: "gcache.size", value: "{{ galera_gcache_size }}" }
|
|
galera_wsrep_sst_auth_user: "root"
|
|
galera_wsrep_sst_auth_password: "{{ galera_root_password }}"
|
|
|
|
# Enable compression of backups
|
|
galera_xtrabackup_compression: true
|
|
# xtrabackup parallel/compression/sync threads
|
|
galera_xtrabackup_threads: 4
|
|
|
|
galera_pip_packages:
|
|
- MySQL-python
|
|
- pycrypto
|
|
|
|
galera_pip_package_state: "latest"
|
|
|
|
# Galera slow/unindexed query logging
|
|
galera_slow_query_logging: 0
|
|
galera_unindexed_query_logging: 0
|
|
|
|
## Tunable overrides
|
|
galera_my_cnf_overrides: {}
|
|
galera_cluster_cnf_overrides: {}
|
|
galera_debian_cnf_overrides: {}
|
|
|
|
# Set the max connections value for galera. Set this value to override the
|
|
# computed value which is (100 x vCPUs) with a cap of 1600. If computed, the
|
|
# lowest value throughout the cluster will be used which is something to note
|
|
# if deploying galera on different hardware.
|
|
# galera_max_connections: 500
|
|
|
|
# Settings for percona and qpress
|
|
# The [percona|qpress]_arch_[url|sha256] hashes can be found in the distro vars files.
|
|
galera_package_arch: "{{ hostvars[inventory_hostname]['ansible_architecture'] }}"
|
|
|
|
# Validate SSL certificates when downloading the galera deb above
|
|
# May be set to "no" when proxy server is intercepting the certificates.
|
|
percona_package_download_validate_certs: yes
|
|
percona_package_url: "{{ percona_arch_url.get( galera_package_arch | lower ) }}"
|
|
percona_package_fallback_url: "{{ percona_arch_fallback_url.get( galera_package_arch | lower ) }}"
|
|
percona_package_sha256: "{{ percona_arch_sha256.get( galera_package_arch | lower ) }}"
|
|
percona_package_path: "/opt/{{ percona_package_url | basename }}"
|
|
|
|
qpress_package_download_validate_certs: yes
|
|
qpress_package_url: "{{ qpress_arch_url.get( galera_package_arch | lower ) }}"
|
|
qpress_package_fallback_url: "{{ qpress_arch_fallback_url.get( galera_package_arch | lower ) }}"
|
|
qpress_package_sha256: "{{ qpress_arch_sha256.get( galera_package_arch | lower ) }}"
|
|
qpress_package_path: "/opt/{{ qpress_package_url | basename }}"
|
|
|
|
# This is only applied if the ansible_pkg_mgr is 'apt'
|
|
galera_server_distro_package_pins:
|
|
- package: '*'
|
|
release: MariaDB
|
|
priority: 1001
|
|
# Blacklist 10.1.27 release due to https://jira.mariadb.org/browse/MDEV-13908
|
|
# which causes MariaDB to segfault with galera enabled.
|
|
- package: mariadb-server
|
|
version: 10.1.27+maria-1~xenial
|
|
priority: -1
|
|
|
|
# Galera Server SSL functionality.
|
|
|
|
galera_use_ssl: false
|
|
galera_ssl_cert: /etc/mysql/ssl/galera.pem
|
|
galera_ssl_key: /etc/mysql/ssl/galera.key
|
|
galera_ssl_ca_cert: /etc/mysql/ssl/galera-ca.pem
|
|
## These options should be specified in user_variables if necessary, otherwise self-signed certs are used.
|
|
# galera_user_ssl_cert: /etc/openstack_deploy/self_signed_certs/galera.pem
|
|
# galera_user_ssl_key: /etc/openstack_deploy/self_signed_certs/galera.key
|
|
# galera_user_ssl_ca_cert: /etc/openstack_deploy/self_signed_certs/galera-ca.pem
|
|
|
|
## Set galera_ssl_self_signed_regen to true if you want to generate a new
|
|
# SSL certificate for Galera when this playbook runs. You can also change
|
|
# the subject of the self-signed certificate here if you prefer.
|
|
galera_ssl_self_signed_regen: false
|
|
galera_ssl_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT/CN={{ galera_ssl_address }}"
|
|
galera_ssl_ca_self_signed_subject: "/C=US/ST=Texas/L=San Antonio/O=IT"
|
|
# This option is used for creating the CA and overriding the Galera address on the clients side.
|
|
# Should be set to either public VIP of VIP FQDN, depending on what is currently used in the env.
|
|
galera_ssl_address: "{{ ansible_host }}"
|
|
|
|
# MariaDB 10.1+ ships with 'PrivateDevices=True' in the systemd unit file. This
|
|
# provides some additional security, but it causes problems with systemd 219.
|
|
# While the security enhancements are helpful on bare metal hosts with multiple
|
|
# services running, they are not as helpful when MariaDB is running in a
|
|
# container with its own isolated namespaces.
|
|
#
|
|
# Related bugs:
|
|
# https://bugs.launchpad.net/openstack-ansible/+bug/1697531
|
|
# https://github.com/lxc/lxc/issues/1623
|
|
# https://github.com/systemd/systemd/issues/6121
|
|
#
|
|
# Setting the following variable to 'yes' will disable the PrivateDevices
|
|
galera_disable_privatedevices: "{{ _galera_disable_privatedevices }}"
|
|
|
|
## Set default mirror for openSUSE repositories
|
|
# NOTE(hwoarang): Ensure that the full path to the 'opensuse' directory is used.
|
|
#galera_server_opensuse_mirror_obs_url: "http://widehat.opensuse.org"
|