环境说一下
192.168.30.21 ansible
192.168.30.25 client1
192.168.30.26 client2
这里我的ansible环境已经部署好了,所以没有重复写到这里,如果不知道怎么部署ansible的小伙伴可以看我上篇随笔(这里不演示了 )
1.被管理端都需要配置yum源
配置本地yum仓库就可以
2.配置数据库角色
[root@ansible ~]# mkdir -pv /etc/ansible/roles/mariadb/{files,tasks,handlers}
mkdir: 已创建目录 "/etc/ansible/roles/mariadb"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/files"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/tasks"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/handlers"
[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# vim /etc/ansible/mariadb.yml
- hosts: cloud
remote_user: root
roles:
- mariadb
[root@ansible ansible]# cd /etc/ansible/roles/mariadb/
[root@ansible mariadb]# ls
files handlers tasks
[root@ansible mariadb]# cd tasks/
[root@ansible tasks]# vim main.yml
- name: install mariadb
yum: name=mariadb-server state=present
- name: move config file
shell: "[ -e /etc/my.cnf ] && mv /etc/my.cnf /etc/my.cnf.bak"
- name: provide a new config file
copy: src=my.cnf dest=/etc/my.cnf
- name: reload mariadb
shell: systemctl restart mariadb
- name: create database testdb
shell: mysql -u root -e "create database aaa;grant all privileges on aaa.* to 'cloud'@'192.168.30.%' identified by 'test123';flush privileges;"
notify:
- restart mariadb
[root@ansible tasks]# cd ../
[root@ansible mariadb]# ls
files handlers tasks
[root@ansible mariadb]# cd handlers/
[root@ansible handlers]# vim main.yml
- name: restart mariadb
service: name=mariadb state=restarted
[root@ansible handlers]# cd ../files/
[root@ansible files]# cp /etc/my.cnf /etc/ansible/roles/mariadb/files/
[root@ansible files]# ls
my.cnf
[root@ansible files]# cd /etc/ansible/
[root@ansible ansible]# ls
ansible.cfg hosts mariadb.yml nginx.retry nginx.yaml roles zabbix-agent.yml
[root@ansible ansible]# cd
预执行;查看有没有报错
[root@ansible ~]# ansible-playbook -C /etc/ansible/mariadb.yml
[root@ansible ~]# ansible-playbook /etc/ansible/mariadb.yml
PLAY [cloud] **********************************************************************************************
TASK [Gathering Facts] ************************************************************************************
ok: [192.168.30.26]
ok: [192.168.30.25]
TASK [mariadb : install mariadb] **************************************************************************
ok: [192.168.30.25]
ok: [192.168.30.26]
TASK [mariadb : move config file] *************************************************************************
changed: [192.168.30.25]
changed: [192.168.30.26]
TASK [mariadb : provide a new config file] ****************************************************************
changed: [192.168.30.25]
changed: [192.168.30.26]
TASK [mariadb : reload mariadb] ***************************************************************************
changed: [192.168.30.26]
changed: [192.168.30.25]
TASK [mariadb : create database testdb] *******************************************************************
changed: [192.168.30.25]
changed: [192.168.30.26]
RUNNING HANDLER [mariadb : restart mariadb] ***************************************************************
changed: [192.168.30.25]
changed: [192.168.30.26]
PLAY RECAP ************************************************************************************************
192.168.30.25 : ok=7 changed=5 unreachable=0 failed=0
192.168.30.26 : ok=7 changed=5 unreachable=0 failed=0
- ansible端验证
[root@ansible ~]# ansible cloud -m shell -a 'mysql -u root -e "show databases;"'
192.168.30.26 | SUCCESS | rc=0 >>
Database
information_schema
aaa
mysql
performance_schema
192.168.30.25 | SUCCESS | rc=0 >>
Database
information_schema
aaa
mysql
performance_schema
client端验证
[root@client1 ~]# mysql
MariaDB [(none)]> show grants for cloud@'192.168.30.%';
+-----------------------------------------------------------------------------------------------------------------+
| Grants for [email protected].% |
+-----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'cloud'@'192.168.30.%' IDENTIFIED BY PASSWORD '*676243218923905CF94CB52A3C9D3EB30CE8E20D' |
| GRANT ALL PRIVILEGES ON `aaa`.* TO 'cloud'@'192.168.30.%' |
+-----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
修改mariadb的密码(脚本完成之后没有设置密码,这里我是单独设置的密码)
[root@client1 ~]# mysql
MariaDB [(none)]> use mysql;
MariaDB [mysql]> update user set password=password('123456789') where user='root';
MariaDB [mysql]> flush privileges;
MariaDB [mysql]> \q
[root@client1 ~]# mysql -u root -p123456789
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 5.5.56-MariaDB MariaDB Server
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>