From a513c9272475ad2504e818893798fc831dc56863 Mon Sep 17 00:00:00 2001 From: Adam Brokes Date: Mon, 13 Jul 2020 16:33:43 +1000 Subject: [PATCH] Add initial MySQL support --- group_vars/aws_node_local.yml | 7 ++- roles/database_init/tasks/main.yml | 75 +------------------------- roles/database_init/tasks/mysql.yml | 62 +++++++++++++++++++++ roles/database_init/tasks/postgres.yml | 75 ++++++++++++++++++++++++++ 4 files changed, 145 insertions(+), 74 deletions(-) create mode 100644 roles/database_init/tasks/mysql.yml create mode 100644 roles/database_init/tasks/postgres.yml diff --git a/group_vars/aws_node_local.yml b/group_vars/aws_node_local.yml index 56fb19d..b21f7e2 100644 --- a/group_vars/aws_node_local.yml +++ b/group_vars/aws_node_local.yml @@ -98,6 +98,7 @@ atl_db_testonborrow: "{{ lookup('env', 'ATL_DB_TESTONBORROW') or 'false' }}" atl_db_engine_to_db_type_map: aurora_postgres: "postgresaurora96" rds_postgres: "postgres72" + rds_mysql: "mysql57" atl_db_type: "{{ atl_db_engine_to_db_type_map[atl_db_engine] | default('postgres72') }}" atl_jdbc_db_name: "{{ lookup('env', 'ATL_JDBC_DB_NAME') }}" @@ -109,7 +110,11 @@ atl_jdbc_ctype: "{{ lookup('env', 'ATL_JDBC_CTYPE') or 'en_US.UTF-8' }}" atl_jdbc_template: "{{ lookup('env', 'ATL_JDBC_TEMPLATE') or 'template1' }}" atl_jdbc_query_params_for_engine: aurora_postgres: "?targetServerType=master" -atl_jdbc_url: "jdbc:postgresql://{{ atl_db_host }}:{{ atl_db_port }}/{{ atl_jdbc_db_name }}{{ atl_jdbc_query_params_for_engine[atl_db_engine]| default('') }}" +atl_jdbc_engine_map: + aurora_postgres: "postgres" + rds_postgres: "postgres" + rds_mysql: "mysql" +atl_jdbc_url: "jdbc:{{ atl_jdbc_engine_map[atl_db_engine] }}://{{ atl_db_host }}:{{ atl_db_port }}/{{ atl_jdbc_db_name }}{{ atl_jdbc_query_params_for_engine[atl_db_engine]| default('') }}" atl_jvm_heap: "{{ lookup('env', 'ATL_JVM_HEAP') or '2048m' }}" atl_jvm_opts: "{{ lookup('env', 'ATL_JVM_OPTS') or '' }}" diff --git a/roles/database_init/tasks/main.yml b/roles/database_init/tasks/main.yml index e065a0a..9d900a3 100644 --- a/roles/database_init/tasks/main.yml +++ b/roles/database_init/tasks/main.yml @@ -1,75 +1,4 @@ --- -- name: Create application DB user - postgresql_user: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - port: "{{ atl_db_port }}" - name: "{{ atl_jdbc_user }}" - password: "{{ atl_jdbc_password }}" - expires: 'infinity' - -- name: Collect dbcluster db_names - postgresql_query: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - db: "{{ atl_db_root_db_name }}" - query: "SELECT datname FROM pg_database;" - register: dbcluster_db_names - -- block: - - - name: Update root privs for new user - postgresql_privs: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - database: postgres - roles: "{{ atl_db_root_user }}" - objs: "{{ atl_jdbc_user }}" - type: group - -# RDS does not allow changing the collation on an existing DB, it only allows collation change on creation of db. If the db already exists, we need the “create new application database” task to be skipped, idempotence can not be relied upon as we cant be certain the collation of the existing db - - name: Create new application database - postgresql_db: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - port: "{{ atl_db_port }}" - name: "{{ atl_jdbc_db_name }}" - owner: "{{ atl_jdbc_user }}" - encoding: "{{ atl_jdbc_encoding }}" - lc_collate: "{{ atl_jdbc_collation }}" - lc_ctype: "{{ atl_jdbc_ctype }}" - template: "{{ atl_jdbc_template }}" - register: db_created - when: "atl_jdbc_db_name not in (dbcluster_db_names.query_result | map(attribute='datname') )" - - tags: - - new_only - -- name: Assert ownership of public schema - postgresql_query: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - db: "{{ atl_jdbc_db_name }}" - query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};" - -- name: Grant privs to root user on public schema - postgresql_query: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - db: "{{ atl_jdbc_db_name }}" - query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};" - -- name: Grant privs to application user on public schema - postgresql_query: - login_host: "{{ atl_db_host }}" - login_user: "{{ atl_db_root_user }}" - login_password: "{{ atl_db_root_password }}" - db: "{{ atl_jdbc_db_name }}" - query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};" +- name: Initialise database + include_tasks: "{{ atl_db_engine|lower }}.yml" diff --git a/roles/database_init/tasks/mysql.yml b/roles/database_init/tasks/mysql.yml new file mode 100644 index 0000000..625b467 --- /dev/null +++ b/roles/database_init/tasks/mysql.yml @@ -0,0 +1,62 @@ +--- + +- name: Create application DB user + mysql_user: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + login_port: "{{ atl_db_port }}" + name: "{{ atl_jdbc_user }}" + password: "{{ atl_jdbc_password }}" + +- block: + + - name: Update root privs for new user + postgresql_privs: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + database: postgres + roles: "{{ atl_db_root_user }}" + objs: "{{ atl_jdbc_user }}" + type: group + +# RDS does not allow changing the collation on an existing DB, it only allows collation change on creation of db. If the db already exists, we need the “create new application database” task to be skipped, idempotence can not be relied upon as we cant be certain the collation of the existing db + - name: Create new application database + mysql_db: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + login_port: "{{ atl_db_port }}" + name: "{{ atl_jdbc_db_name }}" + encoding: "{{ atl_jdbc_encoding }}" + collation: "{{ atl_jdbc_collation }}" + register: db_created + when: "atl_jdbc_db_name not in (dbcluster_db_names.query_result | map(attribute='datname') )" + + tags: + - new_only + +# - name: Assert ownership of public schema +# postgresql_query: +# login_host: "{{ atl_db_host }}" +# login_user: "{{ atl_db_root_user }}" +# login_password: "{{ atl_db_root_password }}" +# db: "{{ atl_jdbc_db_name }}" +# query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};" + +# - name: Grant privs to root user on public schema +# postgresql_query: +# login_host: "{{ atl_db_host }}" +# login_user: "{{ atl_db_root_user }}" +# login_password: "{{ atl_db_root_password }}" +# db: "{{ atl_jdbc_db_name }}" +# query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};" + +# - name: Grant privs to application user on public schema +# postgresql_query: +# login_host: "{{ atl_db_host }}" +# login_user: "{{ atl_db_root_user }}" +# login_password: "{{ atl_db_root_password }}" +# db: "{{ atl_jdbc_db_name }}" +# query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};" diff --git a/roles/database_init/tasks/postgres.yml b/roles/database_init/tasks/postgres.yml new file mode 100644 index 0000000..e065a0a --- /dev/null +++ b/roles/database_init/tasks/postgres.yml @@ -0,0 +1,75 @@ +--- + +- name: Create application DB user + postgresql_user: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + port: "{{ atl_db_port }}" + name: "{{ atl_jdbc_user }}" + password: "{{ atl_jdbc_password }}" + expires: 'infinity' + +- name: Collect dbcluster db_names + postgresql_query: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + db: "{{ atl_db_root_db_name }}" + query: "SELECT datname FROM pg_database;" + register: dbcluster_db_names + +- block: + + - name: Update root privs for new user + postgresql_privs: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + database: postgres + roles: "{{ atl_db_root_user }}" + objs: "{{ atl_jdbc_user }}" + type: group + +# RDS does not allow changing the collation on an existing DB, it only allows collation change on creation of db. If the db already exists, we need the “create new application database” task to be skipped, idempotence can not be relied upon as we cant be certain the collation of the existing db + - name: Create new application database + postgresql_db: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + port: "{{ atl_db_port }}" + name: "{{ atl_jdbc_db_name }}" + owner: "{{ atl_jdbc_user }}" + encoding: "{{ atl_jdbc_encoding }}" + lc_collate: "{{ atl_jdbc_collation }}" + lc_ctype: "{{ atl_jdbc_ctype }}" + template: "{{ atl_jdbc_template }}" + register: db_created + when: "atl_jdbc_db_name not in (dbcluster_db_names.query_result | map(attribute='datname') )" + + tags: + - new_only + +- name: Assert ownership of public schema + postgresql_query: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + db: "{{ atl_jdbc_db_name }}" + query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};" + +- name: Grant privs to root user on public schema + postgresql_query: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + db: "{{ atl_jdbc_db_name }}" + query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};" + +- name: Grant privs to application user on public schema + postgresql_query: + login_host: "{{ atl_db_host }}" + login_user: "{{ atl_db_root_user }}" + login_password: "{{ atl_db_root_password }}" + db: "{{ atl_jdbc_db_name }}" + query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};"