diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2015-06-10 15:35:13 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-10 18:37:19 +0200 |
| commit | b408390ae9311b7d703ce57c25a78dce23c31b16 (patch) | |
| tree | d9b1c795c0ef8b75dbaef709aa8622863d636942 /roles/common-SQL/tasks | |
| parent | a82e3759627a0612592d853796f2a1137f9189f5 (diff) | |
Configure munin nodes & master.
Interhost communications are protected by stunnel4. The graphs are only
visible on the master itself, and content is generated by Fast CGI.
Diffstat (limited to 'roles/common-SQL/tasks')
| -rw-r--r-- | roles/common-SQL/tasks/main.yml | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/roles/common-SQL/tasks/main.yml b/roles/common-SQL/tasks/main.yml index b5c6773..9541be8 100644 --- a/roles/common-SQL/tasks/main.yml +++ b/roles/common-SQL/tasks/main.yml @@ -1,45 +1,80 @@ # XXX If #742046 gets fixed, we should preseed mysql-server to use # auth_socket as auth_plugin once the fix enters stable. - name: Install MySQL apt: pkg={{ item }} with_items: # XXX: In non-interactive mode apt-get doesn't put a password on # MySQL's root user; we fix that on the next task, but an intruder # could exploit the race condition and for instance create dummy # users. - mysql-common - mysql-server - python-mysqldb + # for the 'mysql_' munin plugin + - libcache-cache-perl - name: Copy MySQL's configuration copy: src=etc/mysql/my.cnf dest=/etc/mysql/my.cnf owner=root group=root mode=0644 register: r notify: - Restart MySQL # We need to restart now and load the relevant authplugin before we # connect to the database. - meta: flush_handlers # XXX Dirty fix for #742046 - name: Force root to use UNIX permissions mysql_user: name=root password= auth_plugin=auth_socket state=present - name: Disallow anonymous and TCP/IP root login mysql_user: name={{ item.name|default('') }} host={{ item.host }} state=absent with_items: - { host: '{{ inventory_hostname_short }}' } - { host: 'localhost' } - { host: '127.0.0.1'} - { host: '::1'} - { name: root, host: '{{ inventory_hostname_short }}' } - { name: root, host: '127.0.0.1'} - { name: root, host: '::1'} - name: Start MySQL service: name=mysql state=started + + +- name: Install 'mysql_' Munin wildcard plugin + file: src=/usr/share/munin/plugins/mysql_ + dest=/etc/munin/plugins/mysql_{{ item }} + owner=root group=root + state=link force=yes + with_items: + # sudo /usr/share/munin/plugins/mysql_ suggest + - bin_relay_log + - commands + - connections + - files_tables + - innodb_bpool + - innodb_bpool_act + - innodb_io + - innodb_log + - innodb_rows + - innodb_semaphores + - innodb_tnx + - myisam_indexes + - qcache + - qcache_mem + - select_types + - slow + - sorts + - table_locks + - tmp_tables + tags: + - munin + - munin-node + notify: + - Restart munin-node |