Ansible idempotent MySQL installation Playbook

Question

asked Jul 5, 2019 in AWS by yuvraj (19.1k points)

I want to set up a MySQL server on AWS, using Ansible for the configuration management. I am using the default AMI from Amazon (ami-3275ee5b), which uses yum for package management.

When the Playbook below is executed, all goes well. But when I run it for a second time, the task Configure the root credentials fails, because the old password of MySQL doesn't match anymore, since it has been updated the last time I ran this Playbook.

This makes the Playbook non-idempotent, which I don't like. I want to be able to run the Playbook as many times as I want.

- hosts: staging_mysql
  user: ec2-user
  sudo: yes
  tasks:
    - name: Install MySQL
      action: yum name=$item
      with_items:
        - MySQL-python
        - mysql
        - mysql-server
    - name: Start the MySQL service
      action: service name=mysqld state=started
    - name: Configure the root credentials
      action: command mysqladmin -u root -p $mysql_root_password

What would be the best way to solve this, which means make the Playbook idempotent?

1 Answer

Related questions

0 votes

1 answer

Error in syntax of playbook in ansible

asked Apr 2, 2020 in DevOps and Agile by chandra (29.3k points)

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

+1 vote

1 answer

Fatal: Unable to run ansible playbook

asked Feb 6, 2020 in DevOps and Agile by chandra (29.3k points)

0 votes

1 answer

Ansible playbook to wget a file

asked Aug 1, 2019 in DevOps and Agile by Sammy (47.6k points)

+5 votes

1 answer

Create directories and download files in Ansible using Ansible playbook I am new at using ansible.

asked May 25, 2019 in DevOps and Agile by Shreya (1.1k points)

0 votes

1 answer

Continuous deployment & AWS autoscaling using Ansible (+Docker ?)

asked Jul 12, 2019 in AWS by yuvraj (19.1k points)

kodee · Answer 1 · 2019-07-05T09:43:44+0000

The trick to doing it idempotently is knowing that the mysql_user module can load a ~/.my.cnf file if it finds one.

I first change the password, then copy a .my.cnf file with the password credentials. When you try to run it a second time, the myqsl_user ansible module will find the .my.cnf and use the new password.

- hosts: staging_mysql
user: ec2-user
sudo: yes
tasks:
- name: Install MySQL
action: yum name=}
with_items:
- MySQL-python
- mysql
- mysql-server
- name: Start the MySQL service
action: service name=mysqld state=started
# 'localhost' must be the last item for idempotency, see
# http://ansible.cc/docs/modules.html#mysql-user
- name: this will update mysql root password for all root accounts
mysql_user: name=root host=} password=} priv=*.*:ALL,GRANT
with_items:
- "}"
- 127.0.0.1
- ::1
- localhost
- name: this will copy .my.cnf file with root password credentials
template: src=templates/root/.my.cnf dest=/root/.my.cnf owner=root mode=0600

The .my.cnf template looks like this:

[client]
user=root
password=}

Ansible idempotent MySQL installation Playbook

1 Answer

Related questions

Browse Categories