debops.mariadb_server default variables¶
Sections
MariaDB Server APT packages¶
-
mariadb_server__flavor
¶
Variable which defines what database engine to use:
mariadb
: default, use MariaDB engine from Debian repositorymariadb_upstream
: use MariaDB engine from upstream repositorymysql
: use MySQL engine from Debian repositorymysql-5.6_galera-3
: use MySQL 5.6 engine with Galera from Codership repositorymysql-5.7_galera-3
: use MySQL 5.7 engine with Galera from Codership repositorypercona-8.0
: use Percona 8.0 from its upstream repository, it includes XtraDB and optionally TokuDB and MyRocks enginespercona-5.7
: use Percona 5.7 from its upstream repository, it includes XtraDB and optionally TokuDB and MyRocks engines
The choice depends on availability of MariaDB packages in a distribution. Percona needs to be selected explicitly.
mariadb_server__flavor: '{{ ansible_local.mariadb.flavor
|d(mariadb_server__flavor_map[ansible_distribution_release] | d("mariadb")) }}'
-
mariadb_server__flavor_map
¶
List of Linux distributions where the default MariaDB packages are not available, and MySQL should be used instead.
mariadb_server__flavor_map:
'wheezy': 'mysql'
'precise': 'mysql'
-
mariadb_server__apt_key
¶
String or list of GPG keys which should be added to the APT key database to authenticate the external repositories.
mariadb_server__apt_key: '{{ mariadb_server__apt_key_map[mariadb_server__flavor] | d() }}'
-
mariadb_server__apt_key_map
¶
A YAML dictionary map which keeps GPG key ids for APT repository keys of different MariaDB/MySQL/Percona APT repositories. These GPG keys will be downloaded if any of the listed flavors is selected.
mariadb_server__apt_key_map:
'mariadb': []
'mariadb_upstream':
- id: '199369E5404BD5FC7D2FE43BCBCB082A1BB943DB'
- id: '177F4010FE56CA3336300305F1656F24C74CD1D8'
- repo: 'deb {{ mariadb_server__upstream_mirror }} {{ ansible_distribution_release }} main'
'mysql-5.6_galera-3':
- id: '44B7345738EBDE52594DAD80D669017EBC19DDBA'
- repo: 'deb http://releases.galeracluster.com/mysql-wsrep-5.6/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main'
- repo: 'deb http://releases.galeracluster.com/galera-3/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main'
'mysql-5.7_galera-3':
- id: '44B7345738EBDE52594DAD80D669017EBC19DDBA'
- repo: 'deb http://releases.galeracluster.com/mysql-wsrep-5.7/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main'
- repo: 'deb http://releases.galeracluster.com/galera-3/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main'
'percona-8.0':
- id: '4D1BB29D63D98E422B2113B19334A25F8507EFA5'
- repo: 'deb http://repo.percona.com/tools/apt {{ ansible_distribution_release }} main'
- repo: 'deb http://repo.percona.com/ps-80/apt {{ ansible_distribution_release }} main'
'percona-5.7':
- id: '4D1BB29D63D98E422B2113B19334A25F8507EFA5'
- repo: 'deb http://repo.percona.com/tools/apt {{ ansible_distribution_release }} main'
- repo: 'deb http://repo.percona.com/ps-57/apt {{ ansible_distribution_release }} main'
-
mariadb_server__upstream_version
¶
Version of the MariaDB upstream.
mariadb_server__upstream_version: '10.1'
-
mariadb_server__upstream_mirror
¶
URL of the MariaDB upstream mirror.
mariadb_server__upstream_mirror: 'http://nyc2.mirrors.digitalocean.com/mariadb/repo/{{ mariadb_server__upstream_version }}/{{ ansible_distribution | lower }}'
-
mariadb_server__base_packages
¶
List of APT packages that should be installed with any database engine selected.
mariadb_server__base_packages: [ 'ssl-cert' ]
-
mariadb_server__packages
¶
List of additional packages to install with the database server.
mariadb_server__packages: []
-
mariadb_server__packages_map
¶
Dictionary with list of packages that will be installed with a particular database engine.
mariadb_server__packages_map:
'mariadb': [ 'mariadb-server' ]
'mariadb_upstream': [ 'mariadb-server' ]
'mysql': [ 'mysql-server' ]
'mysql-5.6_galera-3': [ 'mysql-wsrep-server-5.6', 'galera-3', 'galera-arbitrator-3' ]
'mysql-5.7_galera-3': [ 'mysql-wsrep-server-5.7', 'galera-3', 'galera-arbitrator-3' ]
'percona-8.0': [ 'percona-server-server' ]
'percona-5.7': [ 'percona-server-server-5.7' ]
Network configuration¶
-
mariadb_server__bind_address
¶
IP address on which MariaDB server listens on for new connections. To allow
connections from remote hosts, you need to change this to 0.0.0.0
for IPv4
only connections, or ::
for IPv4 and IPv6 connections.
When bind address is changed, you need to restart the mysqld daemon to rebind it to new network interfaces, it won't be restarted automatically by Ansible.
mariadb_server__bind_address: 'localhost'
-
mariadb_server__port
¶
Port number on which this MariaDB server listens on.
mariadb_server__port: '3306'
-
mariadb_server__allow
¶
List of IP addresses or CIDR subnets which will be allowed to connect to the MariaDB server in ip(6)tables and TCP wrappers. If it's empty, remote connections are not allowed.
mariadb_server__allow: []
-
mariadb_server__max_connections
¶
Maximum number of allowed connections.
mariadb_server__max_connections: '100'
-
mariadb_server__default_datadir
¶
Default directory to store data
mariadb_server__default_datadir: '/var/lib/mysql'
-
mariadb_server__datadir
¶
Directory to store data
mariadb_server__datadir: '{{ mariadb_server__default_datadir }}'
-
mariadb_server__delegate_to
¶
Hostname of the server to which Ansible roles will delegate tasks. It should point to "this server", using a FQDN hostname known to Ansible.
mariadb_server__delegate_to: '{{ inventory_hostname }}'
Server configuration options¶
The MariaDB/MySQL server configuration is managed in
/etc/mysql/conf.d/mysqld.cnf
configuration file, generated by an Ansible
template. Check mariadb_server__options for more details about the
syntax used to configure the server.
-
mariadb_server__mysqld_performance_options
¶
Configuration options related to database performance and resource utilization.
mariadb_server__mysqld_performance_options:
'innodb_buffer_pool_instances': '{{ ansible_processor_vcpus | d(1) }}'
'innodb_buffer_pool_size': '{{ (ansible_memtotal_mb / 2) | int }}M'
'query_cache_type': '0'
-
mariadb_server__local_infile
¶
Enable or disable LOCAL capability for LOAD DATA INFILE.
mariadb_server__local_infile: False
-
mariadb_server__mysqld_security_options
¶
Configuration options related to the server security.
mariadb_server__mysqld_security_options:
'local_infile': '{{ "1" if mariadb_server__local_infile|bool else "0" }}'
-
mariadb_server__mysqld_charset_options
¶
Configuration options related to charset and string encoding on the server.
mariadb_server__mysqld_charset_options:
'character_set_server': 'utf8mb4'
'collation_server': 'utf8mb4_general_ci'
'init_connect': 'SET NAMES utf8mb4'
-
mariadb_server__mysqld_network_options
¶
Configuration options related to network access and network connections.
mariadb_server__mysqld_network_options:
'bind_address': '{{ mariadb_server__bind_address }}'
'port': '{{ mariadb_server__port }}'
'max_connections': '{{ mariadb_server__max_connections }}'
-
mariadb_server__mysqld_pki_options
¶
Configuration of SSL support in mysqld, managed by debops.pki role.
mariadb_server__mysqld_pki_options:
name: 'pki-options'
comment: 'Support for SSL connections'
state: '{{ "present" if mariadb_server__pki|bool else "absent" }}'
options:
'ssl':
'ssl_ca': '{{ mariadb_server__pki_path + "/" + mariadb_server__pki_realm + "/" + mariadb_server__pki_ca }}'
'ssl_cert': '{{ mariadb_server__pki_path + "/" + mariadb_server__pki_realm + "/" + mariadb_server__pki_crt }}'
'ssl_key': '{{ mariadb_server__pki_path + "/" + mariadb_server__pki_realm + "/" + mariadb_server__pki_key }}'
'ssl_cipher': '{{ mariadb_server__pki_cipher }}'
-
mariadb_server__mysqld_cluster_options
¶
Configuration options for mysqld required to operate in a MariaDB/MySQL cluster.
mariadb_server__mysqld_cluster_options:
name: 'cluster-options'
comment: 'Required for cluster operation'
state: '{{ "present" if mariadb_server__flavor in [ "mysql-5.6_galera-3", "percona", "percona-5.7" ] else "absent" }}'
options:
'binlog_format': 'ROW'
'default_storage_engine': 'InnoDB'
'innodb_autoinc_lock_mode': '2'
-
mariadb_server__mysqld_directory_options
¶
Configuration options related to directory (e.g. datadir)
mariadb_server__mysqld_directory_options:
'datadir': '{{ mariadb_server__datadir }}'
-
mariadb_server__mysqld_options
¶
Configuration options set in /etc/mysql/conf.d/mysqld.cnf
file. This is
a "master variable" for the rest of the configuration variables.
mariadb_server__mysqld_options:
- section: 'mysqld'
options:
- '{{ mariadb_server__mysqld_performance_options }}'
- '{{ mariadb_server__mysqld_charset_options }}'
- '{{ mariadb_server__mysqld_security_options }}'
- '{{ mariadb_server__mysqld_network_options }}'
- '{{ mariadb_server__mysqld_pki_options }}'
- '{{ mariadb_server__mysqld_cluster_options }}'
- '{{ mariadb_server__mysqld_directory_options }}'
- '{{ mariadb_server__options }}'
-
mariadb_server__client_options
¶
Configuration set in /etc/mysql/conf.d/client.cnf
at the installation
time. Afterwards you should use the debops.mariadb role to manage it.
mariadb_server__client_options:
- section: 'client'
options:
'default_character_set': 'utf8mb4'
-
mariadb_server__options
¶
Dictionary or list with custom mysqld options.
mariadb_server__options: {}
-
mariadb_server__client_cnf_file
¶
Absolute path for the client configuration file managed by the
debops.mariadb_server
Ansible role.
mariadb_server__client_cnf_file: '{{ "/etc/mysql/mariadb.conf.d/90-client.cnf"
if (mariadb_server__register_confd.stat.exists|bool)
else "/etc/mysql/conf.d/zz-client.cnf" }}'
-
mariadb_server__mysqld_cnf_file
¶
Absolute path for the server configuration file managed by the
debops.mariadb_server
Ansible role.
mariadb_server__mysqld_cnf_file: '{{ "/etc/mysql/mariadb.conf.d/90-mysqld.cnf"
if (mariadb_server__register_confd.stat.exists|bool)
else "/etc/mysql/conf.d/zz-mysqld.cnf" }}'
SSL configuration¶
-
mariadb_server__append_groups
¶
List of additional system groups to append to the MariaDB system user.
ssl-cert
group is required for access to certificate private keys.
mariadb_server__append_groups: [ 'ssl-cert' ]
-
mariadb_server__pki
¶
Enable or disable support for SSL in MariaDB (using debops.pki).
mariadb_server__pki: '{{ (True
if (ansible_local.pki.enabled|d() and
mariadb_server__pki_realm in ansible_local.pki.known_realms)
else False) | bool }}'
-
mariadb_server__pki_path
¶
Base path for PKI directory.
mariadb_server__pki_path: '{{ ansible_local.pki.base_path|d("/etc/pki") }}'
-
mariadb_server__pki_realm
¶
Default PKI realm used by MariaDB server.
mariadb_server__pki_realm: '{{ ansible_local.pki.realm|d("domain") }}'
-
mariadb_server__pki_ca
¶
Root CA certificate used by MariaDB, relative to mariadb_server__pki_realm
.
mariadb_server__pki_ca: 'CA.crt'
-
mariadb_server__pki_crt
¶
Host certificate used by MariaDB, relative to mariadb_server__pki_realm
.
mariadb_server__pki_crt: 'default.crt'
-
mariadb_server__pki_key
¶
Host private key used by MariaDB, relative to mariadb_server__pki_realm
.
mariadb_server__pki_key: 'default.key'
-
mariadb_server__pki_cipher
¶
Cipher suite used for encrypted connections.
mariadb_server__pki_cipher: 'DHE-RSA-AES256-SHA'
AutoMySQLBackup configuration¶
-
mariadb_server__backup
¶
Enable or disable support for daily, weekly and monthly snapshots of the database using automysqlbackup.
mariadb_server__backup: True
-
mariadb_server__backup_mailaddr
¶
Mail address to send messages to (account or alias name will be properly routed by the Postfix SMTP server).
mariadb_server__backup_mailaddr: 'backup'
-
mariadb_server__backup_create_database
¶
If the backup should contain a CREATE DATABASE statement or not.
mariadb_server__backup_create_database: True
-
mariadb_server__backup_exclude_databases
¶
List of database names to exclude (you can use regular expressions) Example: ['^.*_cache$']
mariadb_server__backup_exclude_databases: []
-
mariadb_server__backup_doweekly
¶
Specify the day of the week to create weekly backups (1 - Monday, 7 - Sunday).
mariadb_server__backup_doweekly: '6'
-
mariadb_server__backup_latest
¶
Don't keep copies of most recent backups by default.
mariadb_server__backup_latest: 'no'
-
mariadb_server__backup_directory
¶
Base directory where automysqlbackup stores the database backups. The directory will be created automatically by automysqlbackup, if it does not exist.
mariadb_server__backup_directory: '/var/lib/automysqlbackup'
-
mariadb_server__backup_max_allowed_packet
¶
Max allowed packet for backup.
mariadb_server__backup_max_allowed_packet: ''
Configuration for other Ansible roles¶
-
mariadb_server__keyring__dependent_apt_keys
¶
Configuration for the debops.keyring Ansible role.
mariadb_server__keyring__dependent_apt_keys:
- '{{ mariadb_server__apt_key }}'
-
mariadb_server__etc_services__dependent_rules
¶
Configuration for debops.etc_services Ansible role.
mariadb_server__etc_services__dependent_rules:
- name: 'galera-cluster-rep'
port: '4567'
protocols: [ 'tcp', 'udp' ]
comment: 'Galera Cluster Replication'
- name: 'galera-ist'
port: '4568'
protocols: [ 'tcp' ]
comment: 'Galera Incremental State Transfer'
- name: 'galera-sst'
port: '4444'
protocols: [ 'tcp' ]
comment: 'Galera State Snapshot Transfer'
-
mariadb_server__ferm__dependent_rules
¶
Configuration for debops.ferm Ansible role.
mariadb_server__ferm__dependent_rules:
- type: 'accept'
dport: [ 'mysql' ]
saddr: '{{ mariadb_server__allow }}'
accept_any: False
weight: '50'
role: 'mariadb_server'
-
mariadb_server__tcpwrappers__dependent_allow
¶
Configuration for debops.tcpwrappers Ansible role.
mariadb_server__tcpwrappers__dependent_allow:
- daemon: 'mysqld'
client: '{{ mariadb_server__allow }}'
accept_any: False
weight: '50'
filename: 'mariadb_server_allow'
comment: 'Allow remote connections to MariaDB / MySQL server'
-
mariadb_server__python__dependent_packages3
¶
Configuration for the debops.python Ansible role.
mariadb_server__python__dependent_packages3:
- 'python3-mysqldb'
-
mariadb_server__python__dependent_packages2
¶
Configuration for the debops.python Ansible role.
mariadb_server__python__dependent_packages2:
- 'python-mysqldb'