ansible-proxysql
ansible-proxysql copied to clipboard
Published
20 hours ago •
timorunge
timorunge
Force initilization after changing admin password
Hi,
I want to deploy proxysql and change the admin password.
It is my understanding that it's currently impossible without stopping and running service proxysql initial manually before launching the playbook again.
Otherwise, the next steps fail with
task path: proxysql/tasks/config/proxysql_global_variables.yml:5
failed: [vm-ubuntu-01] (item={'key': u'admin-mysql_ifaces', 'value': u'127.0.0.1:6032'}) => {"changed": false, "item": {"key": "admin-mysql_ifaces", "value": "127.0.0.1:6032"}, "msg": "unable to connect to ProxySQL A
dmin Module.. (1045, \"ProxySQL Error: Access denied for user 'admin'@'' (using password: YES)\")"}
failed: [vm-ubuntu-01] (item={'key': u'admin-admin_credentials', 'value': u'admin:*****'}) => {"changed": false, "item": {"key": "admin-admin_credentials", "value": "admin:****"}, "msg": "unable to connect to Pr
oxySQL Admin Module.. (1045, \"ProxySQL Error: Access denied for user 'admin'@'' (using password: YES)\")"}
The only workarounds I could find were:
- inserting that in the tasks/config.yml playbook:
template:
dest: /etc/proxysql.cnf
group: root
mode: 0400
owner: root
src: "{{ proxysql_proxysql_cnf_template }}"
tags:
- skip_ansible_lint
- name: Ensure that ProxySQL is stopped before initializing
service:
name: proxysql
state: stopped
- name: Ensure that ProxySQL is initialized
command: service proxysql initial
- name: Ensure that ProxySQL is running
service:
enabled: "{{ proxysql_service_enabled_state | default('yes') }}"
name: proxysql
state: "{{ proxysql_service_state | default('started') }}"
- inserting this kind of file (during the playbook play) to prevent the service being started after installation: cat /usr/sbin/policy-rc.d
# This return code prevent systemctl from starting service when
# dpkg calls invoke-rc.d
exit 101
Do you have any other idea?
Cheers, Arnaud
Hey Arnaud,
I've tested this behaviour before and I can confirm that the following is working fine:
- Bring up a new VM / Docker container without any previous installation of ProxySQL.
- Before the first run of Ansible ensure that you're setting
proxysql_login_admin_userandproxysql_login_admin_passwordto the desired values.
I've re-tested the same with different admin credentials, this is the diff against the current master:
diff --git a/tests/docker/docker-entrypoint.sh b/tests/docker/docker-entrypoint.sh
index 76a62aa..7774015 100755
--- a/tests/docker/docker-entrypoint.sh
+++ b/tests/docker/docker-entrypoint.sh
@@ -2,7 +2,7 @@
set -e
printf "[defaults]\nroles_path=/etc/ansible/roles\n" > /ansible/ansible.cfg
-printf "[client]\nhost=127.0.0.1\npassword=admin\nport=6032\nuser=admin\n" > /ansible/.my.cnf
+printf "[client]\nhost=127.0.0.1\npassword=admin-Woo7OhRe\nport=6032\nuser=admin-aexo8Aig\n" > /ansible/.my.cnf
test -z ${proxysql_use_official_repo} && \
echo "Missing environment variable: proxysql_use_official_repo" && exit 1
diff --git a/tests/docker_test_runner.travis.yml b/tests/docker_test_runner.travis.yml
index 2d8d814..6c12357 100644
--- a/tests/docker_test_runner.travis.yml
+++ b/tests/docker_test_runner.travis.yml
@@ -31,6 +31,9 @@ docker_container_environments:
"1_4_12":
proxysql_use_official_repo: False
proxysql_version: 1.4.12
+ "1_4_13":
+ proxysql_use_official_repo: False
+ proxysql_version: 1.4.13
docker_container_volumes:
"__PATH__":
diff --git a/tests/docker_test_runner.yml b/tests/docker_test_runner.yml
index 4974bb6..bc1275d 100644
--- a/tests/docker_test_runner.yml
+++ b/tests/docker_test_runner.yml
@@ -34,6 +34,9 @@ docker_container_environments:
"1_4_12":
proxysql_use_official_repo: False
proxysql_version: 1.4.12
+ "1_4_13":
+ proxysql_use_official_repo: False
+ proxysql_version: 1.4.13
docker_container_volumes:
"__PATH__":
diff --git a/tests/test.yml b/tests/test.yml
index 06c7dd2..192db3f 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -7,9 +7,9 @@
proxysql_service_enabled: True
proxysql_use_official_repo: True
proxysql_login_admin_host: 127.0.0.1
- proxysql_login_admin_password: admin
+ proxysql_login_admin_password: admin-Woo7OhRe
proxysql_login_admin_port: 6032
- proxysql_login_admin_user: admin
+ proxysql_login_admin_user: admin-aexo8Aig
proxysql_global_variables:
login_host: "{{ proxysql_login_admin_host }}"
login_password: "{{ proxysql_login_admin_password }}"
And can confirm that this is working on ProxySQL 1.4.12 and 1.4.13.
What's happening in the background (in a nutshell):
- The module is installing ProxySQL.
- The module is generating
/etc/proxysql.cnf. - The module is starting ProxySQL.
- Since ProxySQL was not up and running before it will use the values from the pre-generated configuration file and use them for the initialisation.
What is - indeed - problematic is a change of the admin credentials after the initial setup.
I confirm it's working with proxysql_use_official_repo: False
I forgot to mention, i edited your role to install proxysql from percona repo (the same way you do it for the official repo)
So I believe there is a difference between installing the package with the URL or with a repo.
With a repo (at least pecona, I haven't tested the official yet), proxysql is started just after its installation - hence the need for the workaround.
It's also working with the installation from the official repositories (repo.proxysql.com).
It might be worth to adopt the Ansible code also to be able to install from a different- non official repository. If you can share the code for the installation from the Precona repository I can take a look at it. :)
Here is my code:
diff --git a/defaults/main.yml b/defaults/main.yml
index 60b9d9f..e07117d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -14,12 +14,17 @@ proxysql_restart_on_static_variables_change: True
# Use the official ProxySQL repository. If set to `False` the module will
# automatically download the defined version as a package.
# Type: Bool
-proxysql_use_official_repo: True
+proxysql_use_official_repo: False
+
+# Use the Percona repository. If set to `False` the module will
+# automatically download the defined version as a package.
+# Type: Bool
+proxysql_use_percona_repo: True
# The ProxySQL version which should be installed if not using the ProxySQL
# repository.
# Type: Int
-proxysql_version: 1.4.12
+proxysql_version: 1.4.13
# Configuration
diff --git a/tasks/config.yml b/tasks/config.yml
index ec4051f..c08b234 100644
--- a/tasks/config.yml
+++ b/tasks/config.yml
@@ -10,6 +10,14 @@
tags:
- skip_ansible_lint
+- name: Ensure that ProxySQL is stopped before initializing
+ service:
+ name: proxysql
+ state: stopped
+
+- name: Ensure that ProxySQL is initialized
+ command: service proxysql initial
+
- name: Ensure that ProxySQL is running
service:
enabled: "{{ proxysql_service_enabled_state | default('yes') }}"
diff --git a/tasks/install.yml b/tasks/install.yml
index 3f5404f..2dec1bf 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -21,7 +21,7 @@
until: result is succeeded
when: proxysql_pip_dependency_pkgs
-- name: Install ProxySQL from repository
+- name: Install ProxySQL from official repository
package:
name: "{{ proxysql_pkgs }}"
state: present
@@ -32,6 +32,17 @@
until: result is succeeded
when: proxysql_use_official_repo
+- name: Install ProxySQL from Percona repository
+ package:
+ name: "{{ proxysql_pkgs }}"
+ state: present
+ update_cache: "{{ omit if ((ansible_pkg_mgr == 'dnf') and (ansible_version is version('2.7', '<'))) else 'yes' }}"
+ delay: 10
+ register: result
+ retries: 3
+ until: result is succeeded
+ when: proxysql_use_percona_repo
+
- name: Install ProxySQL from DEB package
apt:
deb: "{{ proxysql_pkg_url }}"
@@ -42,6 +53,7 @@
until: result is succeeded
when: >
(not proxysql_use_official_repo) and
+ (not proxysql_use_percona_repo) and
(ansible_os_family == "Debian")
- name: Install ProxySQL from YUM package
@@ -54,4 +66,5 @@
until: result is succeeded
when: >
(not proxysql_use_official_repo) and
+ (not proxysql_use_percona_repo) and
(ansible_os_family == "RedHat")
diff --git a/tasks/main.yml b/tasks/main.yml
index ff7cf34..c5bc2e6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -18,6 +18,8 @@
- include_tasks: proxysql-official-repo.yml
+- include_tasks: percona-repo.yml
+
- include_tasks: install.yml
- include_tasks: config.yml
diff --git a/tasks/percona-repo.yml b/tasks/percona-repo.yml
new file mode 100644
index 0000000..57f1956
--- /dev/null
+++ b/tasks/percona-repo.yml
@@ -0,0 +1,16 @@
+---
+- name: Install Percona repo from deb package
+ apt:
+ deb: 'https://repo.percona.com/apt/percona-release_latest.{{ ansible_distribution_release | lower }}_all.deb'
+ state: present
+ when: >
+ (proxysql_use_percona_repo) and
+ (ansible_os_family == "Debian")
+
+- name: Install Percona repo from rpm package
+ yum:
+ name: 'https://www.percona.com/redir/downloads/percona-release/redhat/latest/percona-release-{{ __percona_repo_version }}.noarch.rpm'
+ state: present
+ when: >
+ (proxysql_use_percona_repo) and
+ (ansible_os_family == "RedHat")
diff --git a/templates/proxysql.cnf.j2 b/templates/proxysql.cnf.j2
index 92066d5..e7ebc70 100644
--- a/templates/proxysql.cnf.j2
+++ b/templates/proxysql.cnf.j2
@@ -1,3 +1,4 @@
+#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
# file proxysql.cfg
# proxysql.cfg in GitHub: https://github.com/sysown/proxysql/blob/master/etc/proxysql.cnf
diff --git a/vars/RedHat.yml b/vars/RedHat.yml
index b1a41e3..cec4091 100644
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@@ -1,4 +1,5 @@
---
+__percona_repo_version: 0.1-6
# Type: Str
proxysql_distribution: "{{ ansible_distribution | lower }}"
Based on your code I've done some bigger changes which are released now in the 0.3.0 release.
It should basically cover everything what you've been facing. It would be appreciated if you can take a look. :)