forked from mrlesmithjr/ansible-mariadb-galera-cluster
-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.yml
324 lines (255 loc) · 12 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
---
# defaults file for ansible-mariadb-galera-cluster
# MariaDB setting
# Define mariadb version
mariadb_version: "10.11"
# Defines if we should enable the MariaDB repo or use version within OS repos.
galera_enable_mariadb_repo: true
# Defines repository settings for apt
mariadb_debian_repo: "deb [arch=amd64,arm64,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_version }}/{{ ansible_distribution|lower }} {{ ansible_distribution_release|lower }} main"
mariadb_debian_repo_keyserver: "keyserver.ubuntu.com"
mariadb_debian_repo_pin: "nyc2.mirrors.digitalocean.com"
mariadb_debian_repo_pin_priority: 600
# Defines repository settings for rpm
mariadb_redhat_repo: "https://yum.mariadb.org/{{ mariadb_version }}/{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}-amd64"
mariadb_redhat_repo_key: "https://yum.mariadb.org/RPM-GPG-KEY-MariaDB"
# bind address for MariaDB's 3306 port.
# By default takes the value of the galera cluster IP, but can be overriden
# to 0.0.0.0 (for example) to allow MySQL connections to localhost
mariadb_bind_address: "{{ galera_cluster_bind_address }}"
# Defines if root logins should be allowed from any host
galera_allow_root_from_any: false
# Define listen port
mariadb_mysql_port: 3306
# Define mysql root password
# generate using echo password | mkpasswd -s -m sha-512
mariadb_mysql_root_password: "root"
# Define mysql mem multiplier (used to calculate key_buffer_size)
mariadb_mysql_mem_multiplier: .25
mariadb_mysql_settings:
datadir: "/var/lib/mysql"
#Default is 16M
key_buffer_size: "{{ (ansible_memtotal_mb | int * mariadb_mysql_mem_multiplier) | round | int }}M"
max_allowed_packet: "16M"
max_binlog_size: "100M"
query_cache_limit: "1M"
query_cache_size: "16M"
# MariaDB default: https://mariadb.com/kb/en/server-system-variables/#thread_cache_size
thread_cache_size: 256
# Define TLS certs & keys which will be used to encrypt mysql, WSREP, SST connections
# This variable should have defined exactly three items, any other item count is handled like none.
# Items must be named ca_cert, server_key, server_cert. Each item must have defined values name and content.
# Names will be used to create such file at target system. Content can be defined inline like example below,
# or can by linked to variables defined in ansible-vault or other lookup plugins (file, hashicorp vault, etc.)
#
# mariadb_tls_files:
# ca_cert:
# name: "ca.pem"
# content: |
# -- ca-cert content --
# server_key:
# name: "server-key.pem"
# content: |
# -- server-cert content --
# server_cert:
# name: "server-cert.pem"
# content: |
# -- server-cert content --
mariadb_tls_files: []
# Recommended utf8 settings:
# https://mariadb.com/kb/en/setting-character-sets-and-collations/#example-changing-the-default-character-set-to-utf-8
# mariadb_charset_server: utf8mb4
# mariadb_collation_server: utf8mb4_general_ci
# mariadb_charset_client: utf8mb4
# Role default: unset (server defaults: latin1)
mariadb_charset_server: "auto"
mariadb_collation_server: "auto"
# Role default: utf8
mariadb_charset_client: "utf8"
# If this is defined it will create a file with overrides
# mariadb_config_overrides:
# mariadb:
# max_connections: 2048
# Defines if mariadb is already available on the target hosts
# It will compare version between ansible and system and exit early if missmatch
# This prevent unexpected change on role upgrade
mariadb_upgrade: false
# Galera settings
# Defines if the galera cluster should be reconfigured
# it will initiate cluster shutdown and bootstrap
# common mariadb setting doesn't require this option
galera_reconfigure_galera: false
# Define interface in which to bind
# ex. eth0|eth1|enp0s3|enp0s8
galera_cluster_bind_interface: "eth0"
# Define bind address for galera cluster
galera_cluster_bind_address: "{{ hostvars[inventory_hostname]['ansible_' + galera_cluster_bind_interface]['ipv4']['address'] }}"
# Defines wsrep node address
galera_wsrep_node_address: "{{ galera_cluster_bind_address }}:{{ galera_wsrep_node_address_port }}"
# Defines wsrep node port
galera_wsrep_node_address_port: 4567
# Define the number of wsrep_slave_threads:
# - if `auto` we will use "number of vCPUs - 1"
# - else the value define here is used
galera_wsrep_slave_threads: 1
# Define the name of the cluster
galera_cluster_name: "vagrant-test"
# Define Ansible group in which the nodes exist to be part of the cluster
galera_cluster_nodes_group: "galera-cluster-nodes"
# https://mariadb.com/kb/en/mariadb/wsrep_provider_options/
galera_extra_wsrep_provider_options: {}
# evs.auto_evict: 1
# evs.delayed_margin: 'PT5S'
# evs.delayed_keep_period: 'PT45S'
# Define which network segment this node is in.
# value is an integer from 0 to 255
# By default all nodes are placed in the same segment (0)
# http://galeracluster.com/documentation-webpages/galeraparameters.html#gmcast-segment
#
# Set to true to add `gmcast.segment` in each node,
# On each node you must define `galera_gmcast_segment` variable
galera_use_gmcast_segment: false
# Address to listen on for Incremental State Transfer.
# By default this is the <address>:<port+1> from wsrep_node_address.
galera_ist_recv_addr: "{{ galera_cluster_bind_address }}"
galera_ist_recv_addr_port: "{{ galera_wsrep_node_address_port|int + 1 }}"
# This option defines the address to which the node will bind in order to
# receive Incremental State Transfers. When this option is not set, it takes
# its value from ist.recv_addr or, in the event that that is also not set,
# from wsrep_node_address. You may find it useful when the node runs behind a
# NAT or in similar cases where the public and private addresses differ.
galera_ist_recv_bind: "{{ galera_cluster_bind_address }}"
# This option enables configuration TLS encryption for WSREP (disabled by default).
# To enable encryption mariadb_tls_files must be configured also.
galera_wsrep_tls_enabled: false
# This option enables configuration TLS encryption for SST (disabled by default).
# To enable encryption mariadb_tls_files must be configured also.
galera_sst_tls_enabled: false
# If you enable galera_sst_tls_enabled mariabackup need to authenticate locally on donor node.
# Credentials bellow are appended to other user defined mariadb_mysql_users.
# By default unix_socket auth plugin is used, for more info see documentaion
# https://mariadb.com/kb/en/mariabackup-sst-method/#passwordless-authentication-unix-socket.
# In MariaDB 10.4.3 and later unix_socket is instaleld by default, for later version see
# https://mariadb.com/kb/en/authentication-plugin-unix-socket.
# If you need to use password auth change set mariadb_sst_user.plugin to mysql_native_password
# and set mariadb_sst_password.
mariadb_sst_user_plugin: "unix_socket"
mariadb_sst_username: "mysql"
mariadb_sst_password: ""
# This option defines the wsrep_sst_method that should be used by the cluster.
# Possible options:
# - mariabackup - recommended for MariaDB - default if TLS is enabled via galera_sst_tls_enabled,
# - xtrabackup-v2 - not recommended, not implemented by this role, see limitations at https://mariadb.com/kb/en/xtrabackup-v2-sst-method/
# - rsync - default
galera_sst_method: "{{ (mariadb_tls_files and mariadb_tls_files|length == 3 and galera_sst_tls_enabled) | ternary('mariabackup', 'rsync') }}"
# MariaDB system tunning
# Tune system swappiness. Default value "auto" means don't tune.
# Recommended value based on:
# https://mariadb.com/kb/en/mariadb-memory-allocation/#swappiness
# mariadb_swappiness: 1
mariadb_swappiness: "auto"
# Add the posibility to adjust the OOM score (only works for SystemD)
mariadb_oom_score_adjust: 0
# Add the posibility to adjust the LimitNOFILE (only works for SystemD)
# default: 0 does not tamper LimitNOFILE
# notice for SystemD: 0 does not mean 'unlimited', use 'infinity' for unlimited
mariadb_max_open_files: 0
# Add the posibility to adjust timeout for starting service (only works for SystemD)
mariadb_timeout_start_sec: 0
# InnoDB tuning
# Amount of memory to use for InnoDB row cache.
# Set to a specific amount in bytes or to "auto" for server defaults.
mariadb_innodb_buffer_pool_size: "auto"
# Automatic pool size tuning example:
# What percentage of system memory to use for InnoDB row cache
# 0.5 means 50%
mariadb_innodb_mem_multiplier: 0.5
# Calculate the amount of memory based on the above percentage, in bytes
# mariadb_innodb_buffer_pool_size: >-
# {{ (ansible_memtotal_mb|int * mariadb_innodb_mem_multiplier * 1024 * 1024)
# | round | int }}
# Maximum allowed concurrent connections. MySQL default is 151
mariadb_max_connections: "auto"
# The length of time in seconds an InnoDB transaction waits for a row lock before giving up.
mariadb_innodb_lock_wait_timeout: "50"
# Queries that take more time than 'mariadb_long_query_time' to complete are
# considered as slow. Values in seconds or 'auto' for the MySQL default (10)
# phpmyadmin recommends this value to be set to "5" or less.
mariadb_long_query_time: "auto"
# Enable logging of slow queries
mariadb_slow_query_log_enabled: false
# MariaDB default: 4
# https://mariadb.com/kb/en/innodb-system-variables/#innodb_read_io_threads
mariadb_innodb_read_io_threads: "auto"
# MariaDB default: 4
# https://mariadb.com/kb/en/innodb-system-variables/#innodb_write_io_threads
mariadb_innodb_write_io_threads: "auto"
# Automatic I/O thread tuning for systems with more than 8 CPU cores
# The calculation below only counts real CPU cores, not SMT ones which MariaDB
# rightfully does not like.
mariadb_real_cpus: "{{ ansible_processor_count * ansible_processor_cores }}"
# mariadb_innodb_read_io_threads: >-
# {% if mariadb_real_cpus|int > 8
# %}{{ mariadb_real_cpus|int / 2 | abs | int }}{%
# else %}4{% endif %}
# mariadb_innodb_write_io_threads: >-
# {% if mariadb_real_cpus|int > 8
# %}{{ mariadb_real_cpus|int / 2 | abs | int }}{%
# else %}4{% endif %}
# Define databases & users to be created
# Create these MariaDB databases during installation
# Example:
# mariadb_databases:
# - name: keystone
# - name: mydb
# init_script: files/init_mydb.sql
mariadb_databases: []
# Define additional MySQL users
mariadb_mysql_users: []
# - name: example
# hosts:
# - "%"
# - "127.0.0.1"
# - "::1"
# - "localhost"
# password: secret
# encrypted: no (default)
# priv: *.*:USAGE (default}
# state: present (default)
# append_privs: no (default)
# Monitoring settings
# Defines if galera monitoring script should be installes
galera_enable_galera_monitoring_script: false
# Define galera monitoring script path & name
galera_monitor_script_name: "galeranotify.py{{ ansible_python.version.major|int }}"
galera_monitor_script_path: "/etc/mysql"
# Defines the which node should be considered the first in the cluster
# Used to bootstrap cluster
galera_mysql_first_node: "{{ groups[galera_cluster_nodes_group][0] }}"
# Define the primary domain name of your environment
mariadb_pri_domain_name: "example.org"
# Define smtp domain for email
mariadb_smtp_domain_name: "{{ mariadb_pri_domain_name }}"
# Define smtp server to send email through
mariadb_smtp_server: "smtp.{{ mariadb_pri_domain_name }}"
# Defines email address to receive notifications
galera_email_notifications: "notifications@{{ mariadb_smtp_domain_name }}"
# Define email address that cluster notifications will be sent from
galera_notify_mail_from: "galeranotify@{{ mariadb_smtp_domain_name }}"
# Define email address that cluster notification will be sent to
galera_notify_mail_to: "{{ galera_email_notifications }}"
# Define smtp server to send notifications through
galera_notify_smtp_server: "{{ mariadb_smtp_server }}"
galera_notify_smtp_auth: "False"
galera_notify_smtp_username: ""
galera_notify_smtp_password: ""
galera_notify_smtp_port: 25
# Set to True if you need SMTP over SSL
galera_notify_smtp_ssl: False
# Set to True if you need SMTP over STARTTLS
galera_notify_smtp_starttls: False
# Defines if cacti monitoring should be enabled for mysql - If used. May remove later.
galera_enable_cacti_monitoring: false
# Define the cacti user info for cacti db monitoring - If used. May remove later.
cacti_db_password: "cactiuser"
cacti_db_user: "cactiuser"