为什么ansible无法连接MySql？

Question

为什么ansible无法连接MySql？

我想使用这些配置部署 MySql 数据库服务器。

\n

这是我部署 MySql 的剧本：

\n

- name: "Inclure le fichier : install_utilitaires_mysql.yaml"\n  include: install_utilitaires_mysql.yaml\n  when: ansible_os_family == "Debian"\n\n- name: "Telechargement d\'un package .deb pour ajouter le repo mysql"\n  get_url:\n    url: https://dev.mysql.com/get/mysql-apt-config_0.8.15-1_all.deb\n    dest: /tmp\n  when: ansible_os_family == "Debian"\n\n- name: "Installation du package .deb"\n  apt:\n    deb: /tmp/mysql-apt-config_0.8.15-1_all.deb\n  when: ansible_os_family == "Debian"\n\n- name: "Mise a jour des sources list : apt update"\n  apt:\n   update_cache: yes\n  when: ansible_os_family == "Debian"\n\n- name: "Installation de MySql"\n  apt:\n    name: mysql-server\n    state: latest\n  when: ansible_os_family == "Debian"\n\n- name: "Demarrer le service MySql"\n  service:\n    name: mysql\n    state: started\n    enabled: yes\n  when: ansible_os_family == "Debian"\n\n- name: "Voir la variable mysql_username"\n  debug:\n    msg: "{{ mysql_username }}"\n  when: ansible_os_family == "Debian"\n\n- name: "Cr\xc3\xa9ation du user : {{ mysql_username }}"\n  mysql_user:\n    name: "{{ mysql_username }}"\n    password: "{{ mysql_password }}"\n    priv: \'*.*:ALL\'\n    state: present\n  when: ansible_os_family == "Debian"\n

Run Code Online (Sandbox Code Playgroud)\n

但是当我使用命令执行此剧本时ansible-playbook -i hosts playbook.yaml --vault-password-file password，我会收到此错误：

\n

TASK [Cr\xc3\xa9ation du user : {{ mysql_username }}] ********************************************************************************************************************************************************************\nskipping: [192.168.1.41]\n[WARNING]: Module did not set no_log for update_password\nfatal: [192.168.1.37]: FAILED! => {"changed": false, "msg": "unable to connect to database, check login_user and login_password are correct or /root/.my.cnf has the credentials. Exception message: (1698, u\\"Access denied for user \'root\'@\'localhost\'\\")"}\n

Run Code Online (Sandbox Code Playgroud)\n

mysql -u root为什么ansible运行正常但无法连接MySQL ？

\n

我找到了这个解决方案，但我不明白它是如何工作的：

\n

- name: Example using login_unix_socket to connect to server\n  mysql_user:\n    name: root\n    password: root\n    login_unix_socket: /var/run/mysqld/mysqld.sock\n  when: ansible_os_family == "Debian"\n

Run Code Online (Sandbox Code Playgroud)\n

首先值得深思

\n

我找到了这段代码

\n

---\n- name: "Inclure le fichier : install_utilitaires_mysql.yaml"\n  include: install_utilitaires_mysql.yaml\n  when: ansible_os_family == "Debian"\n\n- name: "Telechargement d\'un package .deb pour ajouter le repo mysql"\n  get_url:\n    url: https://dev.mysql.com/get/mysql-apt-config_0.8.15-1_all.deb\n    dest: /tmp\n  when: ansible_os_family == "Debian"\n\n- name: "Installation du package .deb"\n  apt:\n    deb: /tmp/mysql-apt-config_0.8.15-1_all.deb\n  when: ansible_os_family == "Debian"\n\n- name: "Mise a jour des sources list : apt update"\n  apt:\n   update_cache: yes\n  when: ansible_os_family == "Debian"\n\n- name: "Installation de MySql"\n  apt:\n    name: mysql-server\n    state: latest\n  when: ansible_os_family == "Debian"\n\n- name: "Demarrer le service MySql"\n  service:\n    name: mysql\n    state: started\n    enabled: yes\n  when: ansible_os_family == "Debian"\n  \n- name: "Envoi du template .my.cnf dans ~"\n  template:\n    src: root_cnf.j2\n    dest: ~/.my.cnf\n    owner: root\n    mode: 0600\n  when: ansible_os_family == "Debian"\n\n- name: "Redemarrer le service MySql"\n  service:\n    name: mysql\n    state: restarted\n    enabled: yes\n  when: ansible_os_family == "Debian"\n\n- name: "Cr\xc3\xa9ation du user : {{ mysql_username }}"\n  mysql_user:\n    login_user: root\n    login_password: root\n    name: "{{ mysql_username }}"\n    password: "{{ mysql_password }}"\n    priv: \'*.*:ALL\'\n    state: present\n  when: ansible_os_family == "Debian"\n

Run Code Online (Sandbox Code Playgroud)\n

但是当我执行这个ansible-playbook -i hosts playbook.yaml --vault-password-file password命令时，我得到这个错误：

\n

TASK [Cr\xc3\xa9ation du user : {{ mysql_username }}] ********************************************************************************************************************************************************************\nskipping: [192.168.43.102]\n[WARNING]: Module did not set no_log for update_password\nfatal: [192.168.43.182]: FAILED! => {"changed": false, "msg": "unable to connect to database, check login_user and login_password are correct or /********/.my.cnf has the credentials. Exception message: (1698, u\\"Access denied for user \'********\'@\'localhost\'\\")"}\n\n

Run Code Online (Sandbox Code Playgroud)\n

问题：为什么运行我的剧本会导致此错误？

\n

知道root_cnf.j2jinja2 文件包含以下配置：

\n

[client]\nuser=root\npassword=root\n

Run Code Online (Sandbox Code Playgroud)\n

Answer 1

toy*_*ian 6

正如您所写，您需要使用login_unix_socket: /var/run/mysqld/mysqld.sock（如有必要，请替换套接字的路径），因为无密码登录只能使用套接字，而不能使用网络。

请参阅dba.stackexchange.com 上的这篇文章。

它基本上是一项安全功能，因此您不会意外地在互联网上公开对数据库的无密码访问。

你想做的事首先

- name: Set password for root user
  mysql_user:
    name: "root"
    password: "{{ mysql_password }}"
    priv: '*.*:ALL,GRANT'
    host: 'localhost'
    login_unix_socket: /var/run/mysqld/mysqld.sock
    state: present

Run Code Online (Sandbox Code Playgroud)

这将为设定密码root。root之后将启用通过网络登录。
之后，您想做这样的事情：

- name: Save root password in .my.cnf
  template:
    src: root_cnf.j2
    dest: /root/.my.cnf
    owner: root
    mode: '0600'

Run Code Online (Sandbox Code Playgroud)

模板是这样的：

[client]
user=root
password={{ mysql_root_password }}

Run Code Online (Sandbox Code Playgroud)

这将输入您的密码/root/.my.cnf，以便您可以mysql在不提供凭据的情况下在计算机上使用（ansible 会选择该凭据）。

然后您可以使用以下命令添加用户：

[client]
user=root
password={{ mysql_root_password }}

Run Code Online (Sandbox Code Playgroud)

我想这就是你想要的。

归档时间：	5 年，2 月前
查看次数：	4211 次
最近记录：	4 年，10 月前