├── ansible ├── roles │ ├── mongo-db │ │ ├── vars │ │ │ └── main.yml │ │ ├── templates │ │ │ ├── mongodb.repo.j2 │ │ │ ├── configurations.json.j2 │ │ │ ├── mongod.conf.j2 │ │ │ └── mongod.service.j2 │ │ ├── handlers │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── mysql-db │ │ ├── vars │ │ └── main.yml │ │ ├── templates │ │ ├── my.cnf.j2 │ │ └── mysqld.service.j2 │ │ └── tasks │ │ └── main.yml └── dbServer.yml ├── inventory.tpl ├── .gitignore ├── main.tf ├── modules └── db-server │ ├── variables.tf │ └── main.tf ├── variables.tf └── README.md /ansible/roles/mongo-db/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ansible/roles/mysql-db/vars/main.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /inventory.tpl: -------------------------------------------------------------------------------- 1 | [db_server] 2 | ${host_ip} ansible_user=pratheep ansible_ssh_common_args='-o StrictHostKeyChecking=no' 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | 11 | # ansible files 12 | **/*.retry 13 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/templates/mongodb.repo.j2: -------------------------------------------------------------------------------- 1 | [mongodb-org-3.6] 2 | name=MongoDB Repository 3 | baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.6/x86_64/ 4 | gpgcheck=1 5 | enabled=1 6 | gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc 7 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/templates/configurations.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "_id" : ObjectId("5b0d16a2e24f202264f0b513"), 3 | "key" : "main_config", 4 | "redis_config" : { 5 | "host" : "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}", 6 | "port" : 6379 7 | }, 8 | "web1_config" : { 9 | "url" : "dev-web1.apeg.com", 10 | "port" : 443 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/templates/mongod.conf.j2: -------------------------------------------------------------------------------- 1 | # mongod.conf 2 | 3 | systemLog: 4 | destination: file 5 | logAppend: true 6 | path: {{ mongodb_logpath }}/mongod.log 7 | 8 | storage: 9 | dbPath: {{ mongodb_dbpath }} 10 | engine: "wiredTiger" 11 | 12 | processManagement: 13 | fork: true 14 | pidFilePath: {{ mongodb_pidFilePath }}/mongod.pid 15 | timeZoneInfo: /usr/share/zoneinfo 16 | 17 | net: 18 | port: {{ mongodb_port }} 19 | bindIp: {{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}, 127.0.0.1 20 | 21 | security: 22 | authorization: enabled 23 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | provider "google" { 2 | project = "${var.project}" 3 | region = "${var.region}" 4 | } 5 | 6 | module "db-server" { 7 | source = "modules/db-server" 8 | 9 | ssh_user = "${var.ssh_user}" 10 | public_key_path = "${var.public_key_path}" 11 | private_key_path = "${var.private_key_path}" 12 | db_server_name = "${var.db_server_name}" 13 | db_server_machine_type = "${var.db_server_machine_type}" 14 | db_server_zone = "${var.db_server_zone}" 15 | db_server_image = "${var.db_server_image}" 16 | db_server_disk_size = "${var.db_server_disk_size}" 17 | } 18 | -------------------------------------------------------------------------------- /modules/db-server/variables.tf: -------------------------------------------------------------------------------- 1 | variable "public_key_path" { 2 | description = "Path to the public SSH key, (this will be copied to instance)." 3 | } 4 | 5 | variable "private_key_path" { 6 | description = "Path to the private SSH key, (this will be used to access the instance)." 7 | } 8 | 9 | variable "ssh_user" { 10 | description = "SSH user name (To connect to your instance)." 11 | } 12 | 13 | variable "db_server_name" { 14 | 15 | } 16 | 17 | variable "db_server_machine_type" { 18 | 19 | } 20 | 21 | variable "db_server_zone" { 22 | 23 | } 24 | 25 | variable "db_server_image" { 26 | 27 | } 28 | 29 | variable "db_server_disk_size" { 30 | 31 | } 32 | -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | variable "project" { 2 | } 3 | 4 | variable "region" { 5 | } 6 | 7 | variable "public_key_path" { 8 | description = "Path to the public SSH key, (this will be copied to instance)." 9 | } 10 | 11 | variable "private_key_path" { 12 | description = "Path to the private SSH key, (this will be used to access the instance)." 13 | } 14 | 15 | variable "ssh_user" { 16 | description = "SSH user name (To connect to your instance)." 17 | } 18 | 19 | variable "db_server_name" { 20 | 21 | } 22 | 23 | variable "db_server_machine_type" { 24 | 25 | } 26 | 27 | variable "db_server_zone" { 28 | 29 | } 30 | 31 | variable "db_server_image" { 32 | 33 | } 34 | 35 | variable "db_server_disk_size" { 36 | 37 | } 38 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/handlers/main.yml: -------------------------------------------------------------------------------- 1 | #- name: restore k-db-mongo mongoDB from source 2 | # command: mongorestore --host 127.0.0.1:{{ mongodb_port }} -u {{ mongodb_user_name }} -p{{ mongodb_user_password }} --authenticationDatabase {{ mongodb_db_name }} /opt/backups/mongo_dump_20190304 3 | 4 | - name: remove configurations collection 5 | command: mongo -u {{ mongodb_user_name }} -p{{ mongodb_user_password }} --host 127.0.0.1:{{ mongodb_port }} --authenticationDatabase {{ mongodb_db_name }} {{ mongodb_db_name }} --eval 'db.configurations.remove({});' 6 | 7 | - name: import configrations data 8 | command: mongoimport --host 127.0.0.1:{{ mongodb_port }} -u {{ mongodb_user_name }} -p{{ mongodb_user_password }} --db {{ mongodb_db_name }} --collection configurations --file /opt/backups/configurations.json 9 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/templates/mongod.service.j2: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=High-performance, schema-free document-oriented database 3 | After=network.target 4 | Documentation=https://docs.mongodb.org/manual 5 | 6 | [Service] 7 | User=mongod 8 | Group=mongod 9 | Environment="OPTIONS=-f /etc/{{ mongodb_conf_name }}" 10 | ExecStart=/usr/bin/mongod $OPTIONS 11 | ExecStartPre=/usr/bin/mkdir -p {{ mongodb_pidFilePath }} 12 | ExecStartPre=/usr/bin/chown mongod:mongod {{ mongodb_pidFilePath }} 13 | ExecStartPre=/usr/bin/chmod 0755 {{ mongodb_pidFilePath }} 14 | PermissionsStartOnly=true 15 | PIDFile={{ mongodb_pidFilePath }}/mongod.pid 16 | Type=forking 17 | # file size 18 | LimitFSIZE=infinity 19 | # cpu time 20 | LimitCPU=infinity 21 | # virtual memory size 22 | LimitAS=infinity 23 | # open files 24 | LimitNOFILE=64000 25 | # processes/threads 26 | LimitNPROC=64000 27 | # locked memory 28 | LimitMEMLOCK=infinity 29 | # total threads (user+kernel) 30 | TasksMax=infinity 31 | TasksAccounting=false 32 | # Recommended limits for for mongod as specified in 33 | # http://docs.mongodb.org/manual/reference/ulimit/#recommended-settings 34 | 35 | [Install] 36 | WantedBy=multi-user.target 37 | -------------------------------------------------------------------------------- /ansible/roles/mysql-db/templates/my.cnf.j2: -------------------------------------------------------------------------------- 1 | # For advice on how to change settings please see 2 | # http://dev.mysql.com/doc/refman/5.6/en/server-configuration-defaults.html 3 | 4 | [mysqld] 5 | # 6 | # Remove leading # and set to the amount of RAM for the most important data 7 | # cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%. 8 | # innodb_buffer_pool_size = 128M 9 | # 10 | # Remove leading # to turn on a very important data integrity option: logging 11 | # changes to the binary log between backups. 12 | # log_bin 13 | # 14 | # Remove leading # to set options mainly useful for reporting servers. 15 | # The server defaults are faster for transactions and fast SELECTs. 16 | # Adjust sizes as needed, experiment to find the optimal values. 17 | # join_buffer_size = 128M 18 | # sort_buffer_size = 2M 19 | # read_rnd_buffer_size = 2M 20 | datadir={{ mysqldb_data_dir }} 21 | socket=/var/lib/mysql/{{ mysqldb_name }}.sock 22 | 23 | port={{ mysqldb_port }} 24 | 25 | # Disabling symbolic-links is recommended to prevent assorted security risks 26 | symbolic-links=0 27 | 28 | # Recommended in standard MySQL setup 29 | sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES 30 | 31 | [mysqld_safe] 32 | log-error=/var/log/{{ mysqldb_name }}/{{ mysqldb_name }}.log 33 | pid-file=/var/run/mysqld/{{ mysqldb_name }}.pid 34 | -------------------------------------------------------------------------------- /ansible/roles/mysql-db/templates/mysqld.service.j2: -------------------------------------------------------------------------------- 1 | # 2 | # Simple MySQL systemd service file 3 | # 4 | # systemd supports lots of fancy features, look here (and linked docs) for a full list: 5 | # http://www.freedesktop.org/software/systemd/man/systemd.exec.html 6 | # 7 | # Note: this file ( /usr/lib/systemd/system/mysql.service ) 8 | # will be overwritten on package upgrade, please copy the file to 9 | # 10 | # /etc/systemd/system/mysql.service 11 | # 12 | # to make needed changes. 13 | # 14 | # systemd-delta can be used to check differences between the two mysql.service files. 15 | # 16 | 17 | [Unit] 18 | Description=MySQL Community Server 19 | After=network.target 20 | After=syslog.target 21 | 22 | [Install] 23 | WantedBy=multi-user.target 24 | Alias=mysql.service 25 | 26 | [Service] 27 | User=mysql 28 | Group=mysql 29 | 30 | # Execute pre and post scripts as root 31 | PermissionsStartOnly=true 32 | 33 | # Needed to create system tables etc. 34 | ExecStartPre= 35 | #ExecStartPre=/usr/bin/mysql-systemd-start pre 36 | 37 | # Start main service 38 | #ExecStart=/usr/bin/mysqld_safe --defaults-file=/etc/{{ mysqldb_name }}.cnf --basedir=/usr --datadir={{ mysqldb_data_dir }} --socket=/var/lib/mysql/mysql.sock 39 | ExecStart= 40 | ExecStart=/usr/bin/mysqld_safe --defaults-file=/etc/{{ mysqldb_name }}.cnf --datadir={{ mysqldb_data_dir }} --socket=/var/lib/mysql/{{ mysqldb_name }}.sock 41 | 42 | # Don't signal startup success before a ping works 43 | ExecStartPost= 44 | #ExecStartPost=/usr/bin/mysql-systemd-start post 45 | 46 | # Give up if ping don't get an answer 47 | TimeoutSec=600 48 | 49 | Restart=always 50 | PrivateTmp=false 51 | -------------------------------------------------------------------------------- /modules/db-server/main.tf: -------------------------------------------------------------------------------- 1 | resource "google_compute_instance" "db_server" { 2 | name = "${var.db_server_name}" 3 | machine_type = "${var.db_server_machine_type}" 4 | zone = "${var.db_server_zone}" 5 | 6 | tags = [ "devdb" ] 7 | 8 | boot_disk { 9 | initialize_params { 10 | image = "${var.db_server_image}" 11 | size = "${var.db_server_disk_size}" 12 | } 13 | } 14 | 15 | network_interface { 16 | network = "default" 17 | 18 | access_config { 19 | // Ephemeral IP 20 | } 21 | } 22 | 23 | metadata { 24 | Name = "Dev DB Server" 25 | ssh-keys = "${var.ssh_user}:${file("${var.public_key_path}")}" 26 | } 27 | 28 | provisioner "remote-exec" { 29 | inline = ["echo 'Setting up dev DB server!'"] 30 | 31 | connection { 32 | type = "ssh" 33 | user = "${var.ssh_user}" 34 | private_key = "${file("${var.private_key_path}")}" 35 | } 36 | } 37 | } 38 | 39 | data "template_file" "inventory" { 40 | template = "${file("inventory.tpl")}" 41 | depends_on = [ "google_compute_instance.db_server" ] 42 | 43 | vars { 44 | host_ip = "${google_compute_instance.db_server.network_interface.0.access_config.0.nat_ip}" 45 | } 46 | 47 | depends_on = ["google_compute_instance.db_server"] 48 | } 49 | 50 | resource "local_file" "inventory" { 51 | content = "${data.template_file.inventory.rendered}" 52 | filename = "./ansible/inventory.yml" 53 | } 54 | 55 | resource "null_resource" "inventory" { 56 | triggers { 57 | template = "${data.template_file.inventory.rendered}" 58 | } 59 | 60 | provisioner "local-exec" { 61 | command = "ansible-playbook -i ./ansible/inventory.yml --private-key ${var.private_key_path} ./ansible/dbServer.yml" 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Migrating Databases using Ansible and Terraform 2 | 3 | ## Required tools set: 4 | - Ansible 5 | - Terraform 6 | - GCP Project 7 | 8 | ## Execution steps: 9 | - git clone https://github.com/apkan/dev-db-setup.git 10 | - define variables in terraform.tfvars 11 | - define variables in ansible/dbServer.yml 12 | - export GCP variables (Service account location & GCP storage keys) 13 | ``` 14 | export GOOGLE_APPLICATION_CREDENTIALS=/etc/*****************.json 15 | export GS_ACCESS_KEY_ID=GO**********HM 16 | export GS_SECRET_ACCESS_KEY=sS************************aP 17 | ``` 18 | - terraform plan 19 | - terraform apply 20 | 21 | ## Output: 22 | Terraform will execute Ansible playbook with a set of tasks. 23 | 24 | ## Directory structure 25 | ``` sh 26 | ./ 27 | ├── ansible 28 | │   ├── dbServer.yml 29 | │   └── roles 30 | │   ├── mongo-db 31 | │   │   ├── files 32 | │   │   ├── handlers 33 | │   │   │   └── main.yml 34 | │   │   ├── tasks 35 | │   │   │   └── main.yml 36 | │   │   ├── templates 37 | │   │   │   ├── configurations.json.j2 38 | │   │   │   ├── mongodb.repo.j2 39 | │   │   │   ├── mongod.conf.j2 40 | │   │   │   └── mongod.service.j2 41 | │   │   └── vars 42 | │   │   └── main.yml 43 | │   └── mysql-db 44 | │   ├── tasks 45 | │   │   └── main.yml 46 | │   ├── templates 47 | │   │   ├── my.cnf.j2 48 | │   │   └── mysqld.service.j2 49 | │   └── vars 50 | │   └── main.yml 51 | ├── inventory.tpl 52 | ├── main.tf 53 | ├── modules 54 | │   └── db-server 55 | │   ├── main.tf 56 | │   └── variables.tf 57 | ├── README.md 58 | ├── terraform.tfstate 59 | ├── terraform.tfstate.backup 60 | ├── terraform.tfvars 61 | └── variables.tf 62 | ``` 63 | 64 | Blog Post : 65 | -------------------------------------------------------------------------------- /ansible/dbServer.yml: -------------------------------------------------------------------------------- 1 | --- # AP Evergreen DEV DB Server setup 2 | - hosts: db_server 3 | become: yes 4 | become_user: root 5 | connection: ssh 6 | gather_facts: yes 7 | vars: 8 | backup_bucket_name: apeg-prod-data-dumps 9 | backup_date: 2019-04-15 10 | roles: 11 | - role: mongo-db 12 | vars: 13 | mongodb_db_name: accounts 14 | mongodb_conf_name: accounts-mongo.conf 15 | mongodb_dbpath: /data/accounts-mongo 16 | mongodb_logpath: /var/log/accounts-mongo 17 | mongodb_pidFilePath: /var/run/accounts-mongo 18 | mongodb_port: 45601 19 | mongodb_admin_user: admin 20 | mongodb_admin_password: adminpass 21 | mongodb_user_name: apeguser 22 | mongodb_user_password: apegpass 23 | 24 | - role: mongo-db 25 | vars: 26 | mongodb_db_name: order-history 27 | mongodb_conf_name: order-history-mongo.conf 28 | mongodb_dbpath: /data/order-history-mongo 29 | mongodb_logpath: /var/log/order-history-mongo 30 | mongodb_pidFilePath: /var/run/order-history-mongo 31 | mongodb_port: 45602 32 | mongodb_admin_user: admin 33 | mongodb_admin_password: adminpass 34 | mongodb_user_name: apeguser 35 | mongodb_user_password: apegpass 36 | 37 | - role: mysql-db 38 | vars: 39 | mysqldb_name: balance 40 | mysqldb_port: 35600 41 | mysqldb_data_dir: /data/balance-mysql 42 | mysqldb_root_password: rootpass 43 | mysqldb_user_name: apeguser 44 | mysqldb_user_password: apegpass 45 | 46 | - role: mysql-db 47 | vars: 48 | mysqldb_name: reporting 49 | mysqldb_port: 35700 50 | mysqldb_data_dir: /data/reporting-mysql 51 | mysqldb_root_password: rootpass 52 | mysqldb_user_name: apeguser 53 | mysqldb_user_password: apegpass 54 | 55 | -------------------------------------------------------------------------------- /ansible/roles/mongo-db/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Create mongodb repo file 2 | template: src=mongodb.repo.j2 dest=/etc/yum.repos.d/mongodb-org-3.6.repo owner=root group=root mode=644 3 | 4 | - name: Install mongodb 5 | yum: name=mongodb-org state=present 6 | 7 | - name: Configure mongodb 8 | template: src=mongod.conf.j2 dest=/etc/{{ mongodb_conf_name }} owner=root group=root mode=644 9 | 10 | - name: create mongodb data directory 11 | file: 12 | path: "{{ item }}" 13 | state: directory 14 | owner: mongod 15 | group: mongod 16 | mode: 0755 17 | with_items: 18 | - "{{ mongodb_dbpath }}" 19 | - "{{ mongodb_logpath }}" 20 | - "{{ mongodb_pidFilePath }}" 21 | - /opt/backups 22 | 23 | - name: configure mongod service 24 | template: src=mongod.service.j2 dest=/usr/lib/systemd/system/{{ mongodb_db_name }}.service owner=root group=root mode=644 25 | 26 | - name: copy configurations json 27 | template: src=configurations.json.j2 dest=/opt/backups/configurations.json owner=root group=root mode=644 28 | 29 | - name: allow mongod to modify files in data directory 30 | sefcontext: target='{{ mongodb_dbpath }}.*' setype=mongod_var_lib_t state=present 31 | 32 | - name: changing security context 33 | command: chcon -Rv -u system_u -t mongod_var_lib_t '{{ mongodb_dbpath }}' 34 | 35 | - name: reload secontext 36 | command: restorecon -R -v '{{ mongodb_dbpath }}' 37 | 38 | - name: install pip 39 | yum: name=python-pip state=present 40 | 41 | - name: install pymongo 42 | pip: name=pymongo 43 | 44 | - name: Start mongodb process 45 | service: name={{ mongodb_db_name }} state=started enabled=yes 46 | 47 | - stat: 48 | path: /opt/{{ mongodb_db_name }}.installed 49 | register: installation_status 50 | 51 | - name: create mongodb admin user 52 | mongodb_user: 53 | login_port: "{{ mongodb_port }}" 54 | database: "admin" 55 | name: "{{ mongodb_admin_user }}" 56 | password: "{{ mongodb_admin_password }}" 57 | roles: "root" 58 | when: installation_status.stat.exists == False 59 | 60 | - name: create user and assign roles 61 | mongodb_user: 62 | login_port: "{{ mongodb_port }}" 63 | login_user: "{{ mongodb_admin_user }}" 64 | login_password: "{{ mongodb_admin_password }}" 65 | database: "{{ mongodb_db_name }}" 66 | name: "{{ mongodb_user_name }}" 67 | password: "{{ mongodb_user_password }}" 68 | roles: 69 | - { db: "{{ mongodb_db_name }}", role: "readWrite" } 70 | when: installation_status.stat.exists == False 71 | 72 | - name: create file if all above installation steps succeeded 73 | file: 74 | path: /opt/{{ mongodb_db_name }}.installed 75 | state: touch 76 | 77 | - name: download file from gcp storage 78 | gc_storage: 79 | bucket: "{{ backup_bucket_name }}" 80 | object: "{{ mongodb_db_name }}/{{ mongodb_db_name }}-{{ backup_date }}.csv.gz" 81 | dest: "/opt/backups/{{ mongodb_db_name }}-{{ backup_date }}.csv.gz" 82 | mode: get 83 | gs_access_key: "{{ lookup('env', 'GS_ACCESS_KEY_ID') }}" 84 | gs_secret_key: "{{ lookup('env', 'GS_SECRET_ACCESS_KEY') }}" 85 | 86 | 87 | - name: extract tge data dump 88 | command: gunzip "/opt/backups/{{ mongodb_db_name }}-{{ backup_date }}.csv.gz" 89 | args: 90 | creates: "/opt/backups/{{ mongodb_db_name }}-{{ backup_date }}.csv" 91 | 92 | - name: load CSV data into mongo DB 93 | command: mongoimport --host 127.0.0.1:{{ mongodb_port }} -u {{ mongodb_user_name }} -p{{ mongodb_user_password }} --db {{ mongodb_db_name }} --collection apegtest --type csv --file "/opt/backups/{{ mongodb_db_name }}-{{ backup_date }}.csv" --headerline 94 | notify: 95 | - remove configurations collection 96 | - import configrations data 97 | 98 | 99 | #- name: copy the dump file into server 100 | # unarchive: 101 | # src: mongo_dump_20190304.tar.gz 102 | # dest: /opt/backups/ 103 | # notify: 104 | # - restore k-db-mongo mongoDB from source 105 | # - remove configurations collection 106 | # - import configrations data 107 | -------------------------------------------------------------------------------- /ansible/roles/mysql-db/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Download MySQL Community Repo 2 | get_url: 3 | url: http://repo.mysql.com/mysql-community-release-el7-7.noarch.rpm 4 | dest: /tmp 5 | 6 | - name: install mysql 7 | yum: 8 | name: /tmp/mysql-community-release-el7-7.noarch.rpm 9 | state: present 10 | 11 | - name: Install MySQL Server 12 | yum: 13 | name: mysql-server 14 | state: present 15 | 16 | - name: install-mysql 17 | yum: 18 | name: MySQL-python 19 | state: present 20 | 21 | - name: configure mysql parameters in my.cnf 22 | template: 23 | src: my.cnf.j2 24 | dest: "/etc/{{ mysqldb_name }}.cnf" 25 | owner: root 26 | group: root 27 | mode: 644 28 | 29 | - name: addd mysql startup script 30 | template: 31 | src: mysqld.service.j2 32 | dest: "/usr/lib/systemd/system/mysql-{{ mysqldb_name }}.service" 33 | owner: root 34 | group: root 35 | mode: 644 36 | 37 | - name: create mysql-db data directory 38 | file: 39 | path: "{{item}}" 40 | state: directory 41 | owner: mysql 42 | group: mysql 43 | mode: 0755 44 | with_items: 45 | - "{{ mysqldb_data_dir }}" 46 | - "/var/log/{{ mysqldb_name }}" 47 | 48 | - stat: 49 | path: /opt/{{ mysqldb_name }}.installed 50 | register: installation_status 51 | 52 | - name: setup mysql db 53 | command: mysql_install_db --user=mysql --datadir={{ mysqldb_data_dir }} 54 | when: installation_status.stat.exists == False 55 | 56 | - name: selinux settings for mysql datadir 57 | command: semanage fcontext -a -t mysqld_db_t '{{ mysqldb_data_dir }}(/.*)?' 58 | when: installation_status.stat.exists == False 59 | 60 | - name: restorecon command 61 | command: restorecon -Rv '{{ mysqldb_data_dir }}' 62 | when: installation_status.stat.exists == False 63 | 64 | - name: Start MySQL Server and enable it 65 | service: 66 | name: "mysql-{{ mysqldb_name }}" 67 | state: started 68 | daemon_reload: yes 69 | #enabled: yes 70 | 71 | - stat: 72 | path: /opt/{{ mysqldb_name }}.installed 73 | register: installation_status 74 | 75 | - name: Remove Test database if it exist. 76 | mysql_db: 77 | name: test 78 | state: absent 79 | login_host: 127.0.0.1 80 | login_port: "{{ mysqldb_port }}" 81 | when: installation_status.stat.exists == False 82 | 83 | - name: Remove All Anonymous User Accounts 84 | mysql_user: 85 | name: '' 86 | host_all: yes 87 | login_host: 127.0.0.1 88 | login_port: "{{ mysqldb_port }}" 89 | state: absent 90 | when: installation_status.stat.exists == False 91 | 92 | - name: Change root password 93 | mysql_user: 94 | name: root 95 | host: "{{item}}" 96 | password: "{{ mysqldb_root_password }}" 97 | login_host: 127.0.0.1 98 | login_port: "{{ mysqldb_port }}" 99 | with_items: 100 | - "{{ansible_hostname}}" 101 | - 127.0.0.1 102 | - ::1 103 | - localhost 104 | when: installation_status.stat.exists == False 105 | 106 | - name: create database 107 | mysql_db: 108 | name: "{{ mysqldb_name }}" 109 | login_user: root 110 | login_password: "{{ mysqldb_root_password }}" 111 | login_host: 127.0.0.1 112 | login_port: "{{ mysqldb_port }}" 113 | state: present 114 | when: installation_status.stat.exists == False 115 | 116 | - name: add mysql user and assign permission 117 | mysql_user: 118 | name: "{{ mysqldb_user_name }}" 119 | password: "{{ mysqldb_user_password }}" 120 | login_user: root 121 | login_password: "{{ mysqldb_root_password }}" 122 | login_host: 127.0.0.1 123 | login_port: "{{ mysqldb_port }}" 124 | priv: "{{ mysqldb_name }}.*:ALL" 125 | state: present 126 | when: installation_status.stat.exists == False 127 | 128 | - name: create file if all above installation steps succeeded 129 | file: 130 | path: "/opt/{{ mysqldb_name }}.installed" 131 | state: touch 132 | 133 | - name: create backup directory if not exists 134 | file: 135 | path: /opt/backups/ 136 | state: directory 137 | 138 | - name: download file from gcp storage 139 | gc_storage: 140 | bucket: "{{ backup_bucket_name }}" 141 | object: "{{ mysqldb_name }}/{{ mysqldb_name }}-{{ backup_date }}.sql.gz" 142 | dest: "/opt/backups/{{ mysqldb_name }}-{{ backup_date }}.sql.gz" 143 | mode: get 144 | gs_access_key: "{{ lookup('env', 'GS_ACCESS_KEY_ID') }}" 145 | gs_secret_key: "{{ lookup('env', 'GS_SECRET_ACCESS_KEY') }}" 146 | 147 | - name: extract tge data dump 148 | command: gunzip "/opt/backups/{{ mysqldb_name }}-{{ backup_date }}.sql.gz" 149 | args: 150 | creates: "/opt/backups/{{ mysqldb_name }}-{{ backup_date }}.sql" 151 | 152 | - name: source mysql database 153 | mysql_db: 154 | name: "{{ mysqldb_name }}" 155 | login_user: "{{ mysqldb_user_name }}" 156 | login_password: "{{ mysqldb_user_password }}" 157 | login_host: 127.0.0.1 158 | login_port: "{{ mysqldb_port }}" 159 | state: import 160 | target: "/opt/backups/{{ mysqldb_name }}-{{ backup_date }}.sql" 161 | 162 | #- name: copy message db dump into server 163 | # copy: 164 | # src: dump_messagedb.sql 165 | # dest: /opt/backups 166 | 167 | #- name: source messagedb 168 | # mysql_db: 169 | # name: "{{ msg_db_name }}" 170 | # login_user: "{{ msg_user_name }}" 171 | # login_password: "{{ msg_user_password }}" 172 | # state: import 173 | # target: /opt/backups/dump_messagedb.sql 174 | 175 | #- name: copy balance db dump into server 176 | # copy: 177 | # src: uat_kryptonobalancedb.sql 178 | # dest: /opt/backups 179 | 180 | #- name: source balance db 181 | # mysql_db: 182 | # name: "{{ balance_db_name }}" 183 | # login_user: "{{ balance_user_name }}" 184 | # login_password: "{{ balance_user_password }}" 185 | # state: import 186 | # target: /opt/backups/uat_kryptonobalancedb.sql 187 | --------------------------------------------------------------------------------