經過 ansible 部署二進制 mysql 8mysql
#安裝ansible並配置
[root@ansible ~]#yum -y install ansible
[root@ansible ~]#vim /etc/ansible/hosts
[dbservers]
10.0.0.18
[root@ansible ~]#ansible dbservers --list-hosts
hosts (1):
10.0.0.18
[root@ansible ~]#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LqM4c9HgY483iuh1Qrvit92VT9c17QuRh96phKjLKmk root@ansible
The key's randomart image is:
+---[RSA 3072]----+
| |
| |
| |
| . o .|
| o o S + oo|
| . * .. o o =.+|
| =.*o .+ o = +.|
| o+EB.*oo o o o .|
|+o**==.*. . . . |
+----[SHA256]-----+
[root@ansible ~]#
[root@ansible ~]#ssh-copy-id 10.0.0.18:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.18's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.18'"
and check to make sure that only the key(s) you wanted were added.
#建立二進制安裝所需的文件
[root@ansible ~]#mkdir -p /data/ansible/files
[root@ansible ~]#ll /data/ansible/files/
total 473708
-rw-r--r-- 1 root root 485074552 Jul 30 16:48 mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz
[root@ansible ~]#vim /data/ansible/files/my.cnf
[mysqld]
datadir=/data/mysql
skip_name_resolve=1
socket=/tmp/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
vim /data/ansible/files/secure_mysql.sh
#!/bin/bash
#!/bin/bash
passwd=`grep "temporary password" /data/mysql/mysql.log|sed -nr 's/^.*\: (.*)$/\1/p'`
mysqladmin -uroot -p`echo $passwd` password magedu
expect <<EOF
spawn /usr/local/mysql/bin/mysql_secure_installation
expect {
"Enter password for user root:" {send magedu\n;exp_continue}
"Press y|Y for Yes, any other key for No:" {send n\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
}
expect eof
EOF
[root@ansible ~]#tree /data/ansible/files/
/data/ansible/files/
├── my.cnf
├── mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz
└── secure_mysql.sh
0 directories, 3 files
[root@ansible ~]#vim /data/ansible/install_mysql.yml
---
#insatll mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz
- hosts: dbservers
remote_user: root
gather_facts: no
tasks:
- name: istall packages
yum: name=mysql,libaio,perl-Data-Dumper,perl-Getopt-Long,expect,ncurses-compat-libs
- name: create mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
- name: copy tar to remote host and file mode
unarchive: src=/data/ansible/files/mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-8.0.19-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: PATH variable
shell: echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh;source /etc/profile.d/mysql.sh
- name: config my.cnf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
- name: data dir
shell: mysqld --initialize --user=mysql --datadir=/data/mysql
tags: data
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
tags: service
- name: secure script
script: /data/ansible/files/secure_mysql.sh
tags: script
#執行mysql.yml
[root@ansible ~]#ansible-playbook /data/ansible/install_mysql.yml
PLAY [dbservers] ***************************************************************************
TASK [istall packages] *********************************************************************
changed: [10.0.0.18]
TASK [create mysql group] ******************************************************************
changed: [10.0.0.18]
TASK [create mysql user] *******************************************************************
changed: [10.0.0.18]
TASK [copy tar to remote host and file mode] ***********************************************
changed: [10.0.0.18]
TASK [create linkfile /usr/local/mysql] ****************************************************
changed: [10.0.0.18]
TASK [PATH variable] ***********************************************************************
changed: [10.0.0.18]
TASK [config my.cnf] ***********************************************************************
changed: [10.0.0.18]
TASK [data dir] ****************************************************************************
changed: [10.0.0.18]
TASK [service script] **********************************************************************
changed: [10.0.0.18]
TASK [enable service] **********************************************************************
changed: [10.0.0.18]
TASK [secure script] ***********************************************************************
changed: [10.0.0.18]
PLAY RECAP *********************************************************************************
10.0.0.18 : ok=11 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#驗證被管理端結果
[root@dbserver ~]#mysql -uroot -pmagedu
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 8.0.19 MySQL Community Server - GPL
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>