From 62c88187ff42443b43cea6382cb8b0d5b812417c Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Fri, 13 Feb 2026 17:24:46 +0530 Subject: [PATCH 01/13] MySQL 8.4 support - updated mysql connector compatible with MySQL 8.4 --- Ansible/roles/cloudstack-manager/tasks/debian.yml | 2 +- Ansible/roles/marvin/tasks/install_marvin_prereqs.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Ansible/roles/cloudstack-manager/tasks/debian.yml b/Ansible/roles/cloudstack-manager/tasks/debian.yml index 8945d62600..dcb63c9353 100644 --- a/Ansible/roles/cloudstack-manager/tasks/debian.yml +++ b/Ansible/roles/cloudstack-manager/tasks/debian.yml @@ -80,7 +80,7 @@ update_cache: yes - name: Install python3-mysql.connector DEB package for cloudstack-management as the real package name is mysql-connector-python-py3 - shell: 'wget http://launchpadlibrarian.net/717081070/python3-mysql.connector_8.0.15-4_all.deb -O /tmp/python3-mysql.connector_8.0.15-4_all.deb && DEBIAN_FRONTEND=noninteractive apt install -y /tmp/python3-mysql.connector_8.0.15-4_all.deb' + shell: 'wget http://ftp.debian.org/debian/pool/main/m/mysql-connector-python/python3-mysql.connector_9.5.0-1_all.deb -O /tmp/python3-mysql.connector_9.5.0-1_all.deb && DEBIAN_FRONTEND=noninteractive apt install -y /tmp/python3-mysql.connector_9.5.0-1_all.deb' - name: Ensure CloudStack management-server only is installed (we install usage server later) apt: diff --git a/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml b/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml index 4d6e641c6c..9a6fe91af7 100644 --- a/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml +++ b/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml @@ -100,7 +100,7 @@ - texttable - lxml - pycparser - - mysql-connector-python==8.0.30 + - mysql-connector-python==8.4.0 - netaddr - pyvmomi tags: From 0fd58ae9f983d51846c6e373ed30d195be8f471a Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Fri, 13 Feb 2026 20:33:05 +0530 Subject: [PATCH 02/13] update rpm and config options --- Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml | 2 +- Ansible/roles/cloudstack-manager/tasks/el9-acs.yml | 2 +- Ansible/roles/mysql/templates/mariadb-my.cnf.j2 | 2 ++ Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 | 2 ++ Ansible/roles/mysql/templates/my-centos8.cnf.j2 | 2 ++ Ansible/roles/mysql/templates/my-debian.cnf.j2 | 2 ++ Ansible/roles/mysql/templates/my.cnf.j2 | 2 ++ Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 | 2 ++ 8 files changed, 14 insertions(+), 2 deletions(-) diff --git a/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml b/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml index 8a00fd9006..b9d2b4da23 100644 --- a/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml +++ b/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml @@ -16,7 +16,7 @@ - name: Ensure python pre-req mysql repo is installed dnf: - name: http://repo.mysql.com/mysql80-community-release-el8.rpm + name: https://repo.mysql.com/mysql84-community-release-el8.rpm state: present - name: "Setup Apache Cloudstack Repo file. baseurl={{ baseurl_cloudstack }} " diff --git a/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml b/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml index 216ed7fbe3..43e56ddea8 100644 --- a/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml +++ b/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml @@ -16,7 +16,7 @@ - name: Ensure python pre-req mysql repo is installed for el9 dnf: - name: http://repo.mysql.com/mysql80-community-release-el9.rpm + name: https://repo.mysql.com/mysql84-community-release-el9.rpm state: present - name: "Setup Apache Cloudstack Repo file. baseurl={{ baseurl_cloudstack }} " diff --git a/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 b/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 index 0e5538296f..6674141d13 100644 --- a/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 +++ b/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 @@ -25,6 +25,8 @@ skip_name_resolve max_connections={{ mysql_max_connections }} +mysql_native_password=ON + innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_additional_mem_pool_size=20M diff --git a/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 b/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 index ef5e1c1463..87d31e463a 100644 --- a/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 +++ b/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 @@ -25,6 +25,8 @@ socket=/var/lib/mysql/mysql.sock user=mysql skip_name_resolve +mysql_native_password=ON + max_connections={{ mysql_max_connections }} innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} diff --git a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 index 50a5c6979b..9d9ff08a65 100644 --- a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 +++ b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 @@ -22,6 +22,8 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve +mysql_native_password=ON + {% if ansible_distribution_major_version|int < 10 %} default_authentication_plugin=mysql_native_password {% endif %} diff --git a/Ansible/roles/mysql/templates/my-debian.cnf.j2 b/Ansible/roles/mysql/templates/my-debian.cnf.j2 index 21c70018a3..e9dc5fa2d9 100644 --- a/Ansible/roles/mysql/templates/my-debian.cnf.j2 +++ b/Ansible/roles/mysql/templates/my-debian.cnf.j2 @@ -22,6 +22,8 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve +mysql_native_password=ON + innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_log_buffer_size=16MB diff --git a/Ansible/roles/mysql/templates/my.cnf.j2 b/Ansible/roles/mysql/templates/my.cnf.j2 index e9b7a3e4df..d0c9551980 100644 --- a/Ansible/roles/mysql/templates/my.cnf.j2 +++ b/Ansible/roles/mysql/templates/my.cnf.j2 @@ -22,6 +22,8 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve +mysql_native_password=ON + innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_additional_mem_pool_size=20M diff --git a/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 b/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 index e5a33e3f7b..e00dd2a33b 100644 --- a/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 +++ b/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 @@ -42,6 +42,8 @@ server-id=1 skip_name_resolve +mysql_native_password=ON + innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections={{ mysql_max_connections }} From ae3206fb222be2ebc7d756ed8b16d51c021025cc Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Fri, 13 Feb 2026 20:44:49 +0530 Subject: [PATCH 03/13] use http for download rpm (as earlier) --- Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml | 2 +- Ansible/roles/cloudstack-manager/tasks/el9-acs.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml b/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml index b9d2b4da23..667903b6ae 100644 --- a/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml +++ b/Ansible/roles/cloudstack-manager/tasks/centos8-acs.yml @@ -16,7 +16,7 @@ - name: Ensure python pre-req mysql repo is installed dnf: - name: https://repo.mysql.com/mysql84-community-release-el8.rpm + name: http://repo.mysql.com/mysql84-community-release-el8.rpm state: present - name: "Setup Apache Cloudstack Repo file. baseurl={{ baseurl_cloudstack }} " diff --git a/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml b/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml index 43e56ddea8..f185611c55 100644 --- a/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml +++ b/Ansible/roles/cloudstack-manager/tasks/el9-acs.yml @@ -16,7 +16,7 @@ - name: Ensure python pre-req mysql repo is installed for el9 dnf: - name: https://repo.mysql.com/mysql84-community-release-el9.rpm + name: http://repo.mysql.com/mysql84-community-release-el9.rpm state: present - name: "Setup Apache Cloudstack Repo file. baseurl={{ baseurl_cloudstack }} " From c64d0bee249b27c14eaf38a7ae41079004beebd6 Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Sat, 14 Feb 2026 02:21:31 +0530 Subject: [PATCH 04/13] default auth changes --- Ansible/library/acs_mysql_update | 4 ++-- Ansible/library/env_db_manage | 4 ++-- Ansible/library/get_db_facts | 6 +++--- Ansible/library/reconcile_db | 2 +- Ansible/library/reconciledb_reportonly | 2 +- Ansible/roles/mysql/tasks/centos8.yml | 12 ++++++++++-- Ansible/roles/mysql/tasks/debian.yml | 4 ++-- Ansible/roles/mysql/tasks/el9.yml | 12 ++++++++++-- Ansible/roles/mysql/tasks/suse.yml | 4 ++-- Ansible/roles/mysql/tasks/ubuntu.yml | 4 ++-- 10 files changed, 35 insertions(+), 19 deletions(-) diff --git a/Ansible/library/acs_mysql_update b/Ansible/library/acs_mysql_update index 96ce2386d8..c8f3cf1753 100644 --- a/Ansible/library/acs_mysql_update +++ b/Ansible/library/acs_mysql_update @@ -8,9 +8,9 @@ DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` MYSQL_STATEMENT=`echo $ARGS | sed 's#.*MYSQL_STATEMENT=\(\)#\1#' | tr -d ')'| sed "s/'\"'\"'/'/g"| tr -d '"' | sed "s/^'//" | sed -e 's/[[:space:]]*$//' | sed s'/.$//'` echo $MYSQL_STATEMENT > /tmp/mysql -mysql -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ "$MYSQL_STATEMENT" +mysql --default-auth=mysql_native_password -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ "$MYSQL_STATEMENT" -echo "mysql -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ \"$MYSQL_STATEMENT\"" > /tmp/theargs +echo "mysql --default-auth=mysql_native_password -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ \"$MYSQL_STATEMENT\"" > /tmp/theargs echo '{ "ansible_facts": { diff --git a/Ansible/library/env_db_manage b/Ansible/library/env_db_manage index 903649427f..518374fe42 100644 --- a/Ansible/library/env_db_manage +++ b/Ansible/library/env_db_manage @@ -46,10 +46,10 @@ if [[ "$MYSQL_VER_STR" == "8" ]];then password=${DBPASS} " > $TMPLOGINFILE - MYSQLCOMMAND="mysql --defaults-extra-file=$TMPLOGINFILE -h${DBHOST} -u${DBUSER} -s -N -e"; + MYSQLCOMMAND="mysql --default-auth=mysql_native_password --defaults-extra-file=$TMPLOGINFILE -h${DBHOST} -u${DBUSER} -s -N -e"; else - MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; + MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; fi ENVTBL="environments"; diff --git a/Ansible/library/get_db_facts b/Ansible/library/get_db_facts index 79b423912f..c08ffeb859 100644 --- a/Ansible/library/get_db_facts +++ b/Ansible/library/get_db_facts @@ -18,12 +18,12 @@ DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASSWORD"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` -master_status=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "show master status;"` +master_status=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "show master status;"` master_file=`echo $master_status | awk -F ' ' '{print $5}'` master_pos=`echo $master_status | awk -F ' ' '{print $6}'` -clouddb_test=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = 'cloud';"` +clouddb_test=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = 'cloud';"` if [[ -n $clouddb_test ]]; then - registered_mgmt_servers=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT service_ip FROM cloud.mshost where removed is null;" | grep -vE service_ip` + registered_mgmt_servers=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT service_ip FROM cloud.mshost where removed is null;" | grep -vE service_ip` else registered_mgmt_servers="" fi diff --git a/Ansible/library/reconcile_db b/Ansible/library/reconcile_db index f8d4daa3ff..11baaa5060 100644 --- a/Ansible/library/reconcile_db +++ b/Ansible/library/reconcile_db @@ -14,7 +14,7 @@ $projectnames" #DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` -MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; +MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; active_ids="" for project in $projectnames; do diff --git a/Ansible/library/reconciledb_reportonly b/Ansible/library/reconciledb_reportonly index 4bf3002418..c365889167 100644 --- a/Ansible/library/reconciledb_reportonly +++ b/Ansible/library/reconciledb_reportonly @@ -14,7 +14,7 @@ $projectnames" #DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` -MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; +MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; active_ids="" for project in $projectnames; do diff --git a/Ansible/roles/mysql/tasks/centos8.yml b/Ansible/roles/mysql/tasks/centos8.yml index a3183f539a..eaa145ea97 100644 --- a/Ansible/roles/mysql/tasks/centos8.yml +++ b/Ansible/roles/mysql/tasks/centos8.yml @@ -52,6 +52,14 @@ - mysql - mysqlconf +- name: Ensure mysql repo is installed + dnf: + name: http://repo.mysql.com/mysql84-community-release-el8.rpm + state: present + tags: + - mysql + - mysqlconf + - name: Ensure mysql server is installed dnf: name: mysql-server @@ -120,14 +128,14 @@ - name: set root password - shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/debian.yml b/Ansible/roles/mysql/tasks/debian.yml index 2ee805d674..49ee34fb24 100644 --- a/Ansible/roles/mysql/tasks/debian.yml +++ b/Ansible/roles/mysql/tasks/debian.yml @@ -83,14 +83,14 @@ # bypass ansible mysql8 connection/library issues. - name: set root password - shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: ansible_distribution_major_version|int >= 12 and mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: ansible_distribution_major_version|int >= 12 and mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/el9.yml b/Ansible/roles/mysql/tasks/el9.yml index 52c89c5cec..bbead76360 100644 --- a/Ansible/roles/mysql/tasks/el9.yml +++ b/Ansible/roles/mysql/tasks/el9.yml @@ -60,6 +60,14 @@ - mysql - mysqlconf +- name: Ensure mysql repo is installed for el9 + dnf: + name: http://repo.mysql.com/mysql84-community-release-el9.rpm + state: present + tags: + - mysql + - mysqlconf + - name: Ensure mysql server is installed dnf: name: mysql*-server @@ -125,14 +133,14 @@ - name: set root password - shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/suse.yml b/Ansible/roles/mysql/tasks/suse.yml index fe05665a8e..3a5e8a5dd7 100644 --- a/Ansible/roles/mysql/tasks/suse.yml +++ b/Ansible/roles/mysql/tasks/suse.yml @@ -97,14 +97,14 @@ # shell: rm -rf /var/lib/mysql/* - name: set root password - shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/ubuntu.yml b/Ansible/roles/mysql/tasks/ubuntu.yml index 810ffb27fa..d26e82411b 100644 --- a/Ansible/roles/mysql/tasks/ubuntu.yml +++ b/Ansible/roles/mysql/tasks/ubuntu.yml @@ -121,14 +121,14 @@ # bypass ansible mysql8 connection/library issues. - name: set root password - shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: ansible_distribution_major_version|int >= 20 and mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: ansible_distribution_major_version|int >= 20 and mysqlinstalled.changed tags: From d2a399c98d2b36b73fca804eaaf1d7c803fd988c Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Mon, 16 Feb 2026 14:34:58 +0530 Subject: [PATCH 05/13] Apply suggestions from code review --- Ansible/library/env_db_manage | 4 ++-- Ansible/library/reconcile_db | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Ansible/library/env_db_manage b/Ansible/library/env_db_manage index 518374fe42..903649427f 100644 --- a/Ansible/library/env_db_manage +++ b/Ansible/library/env_db_manage @@ -46,10 +46,10 @@ if [[ "$MYSQL_VER_STR" == "8" ]];then password=${DBPASS} " > $TMPLOGINFILE - MYSQLCOMMAND="mysql --default-auth=mysql_native_password --defaults-extra-file=$TMPLOGINFILE -h${DBHOST} -u${DBUSER} -s -N -e"; + MYSQLCOMMAND="mysql --defaults-extra-file=$TMPLOGINFILE -h${DBHOST} -u${DBUSER} -s -N -e"; else - MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; + MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; fi ENVTBL="environments"; diff --git a/Ansible/library/reconcile_db b/Ansible/library/reconcile_db index 11baaa5060..f8d4daa3ff 100644 --- a/Ansible/library/reconcile_db +++ b/Ansible/library/reconcile_db @@ -14,7 +14,7 @@ $projectnames" #DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` -MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; +MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; active_ids="" for project in $projectnames; do From 4942969e0ffa62d30911bd8838a3c58c839a0a2f Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Mon, 16 Feb 2026 14:36:03 +0530 Subject: [PATCH 06/13] Apply suggestions from code review --- Ansible/library/reconciledb_reportonly | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Ansible/library/reconciledb_reportonly b/Ansible/library/reconciledb_reportonly index c365889167..4bf3002418 100644 --- a/Ansible/library/reconciledb_reportonly +++ b/Ansible/library/reconciledb_reportonly @@ -14,7 +14,7 @@ $projectnames" #DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` #DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` -MYSQLCOMMAND="mysql --default-auth=mysql_native_password -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; +MYSQLCOMMAND="mysql -h${DBHOST} -u${DBUSER} -p${DBPASS} -s -N -e"; active_ids="" for project in $projectnames; do From d683d80526918e91f5acb9006d21774b30d019cd Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Mon, 16 Feb 2026 15:23:15 +0530 Subject: [PATCH 07/13] mysql repo changes --- Ansible/roles/mysql/tasks/centos8.yml | 38 +++++++++++++++---- .../roles/mysql/templates/my-centos8.cnf.j2 | 2 +- 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/Ansible/roles/mysql/tasks/centos8.yml b/Ansible/roles/mysql/tasks/centos8.yml index eaa145ea97..84b2221562 100644 --- a/Ansible/roles/mysql/tasks/centos8.yml +++ b/Ansible/roles/mysql/tasks/centos8.yml @@ -52,7 +52,24 @@ - mysql - mysqlconf -- name: Ensure mysql repo is installed +- name: Disable OS MySQL module + command: dnf module disable mysql -y + tags: + - mysql + - mysqlconf + +- name: Remove old MySQL packages + dnf: + name: + - mysql + - mysql-server + - mariadb + state: absent + tags: + - mysql + - mysqlconf + +- name: Install MySQL 8.4 repo dnf: name: http://repo.mysql.com/mysql84-community-release-el8.rpm state: present @@ -60,9 +77,14 @@ - mysql - mysqlconf +- name: Enable MySQL 8.4 module + command: dnf module enable mysql:8.4 -y + args: + warn: false + - name: Ensure mysql server is installed dnf: - name: mysql-server + name: mysql-community-server state: present register: mysqlinstalled tags: @@ -78,12 +100,12 @@ - mysql - mysqlconf -- name: Initialise MySQL - shell: mysqld --initialize-insecure --user=mysql - when: mysqlinstalled.changed - tags: - - mysql - - mysqlconf +# - name: Initialise MySQL +# shell: mysqld --initialize-insecure --user=mysql +# when: mysqlinstalled.changed +# tags: +# - mysql +# - mysqlconf - name: Ridiculous fix for mysql permissions file: diff --git a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 index 9d9ff08a65..cbf08bf1e9 100644 --- a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 +++ b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 @@ -25,7 +25,7 @@ skip_name_resolve mysql_native_password=ON {% if ansible_distribution_major_version|int < 10 %} -default_authentication_plugin=mysql_native_password +authentication_policy=mysql_native_password {% endif %} innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} From 30a99ca2a7bbaf60182acbda3f57371cd2181f1a Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Mon, 16 Feb 2026 16:55:51 +0530 Subject: [PATCH 08/13] mysql server pks change --- Ansible/roles/mysql/tasks/centos8.yml | 49 ++++++++++++++------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/Ansible/roles/mysql/tasks/centos8.yml b/Ansible/roles/mysql/tasks/centos8.yml index 84b2221562..22d2c36a8f 100644 --- a/Ansible/roles/mysql/tasks/centos8.yml +++ b/Ansible/roles/mysql/tasks/centos8.yml @@ -58,17 +58,6 @@ - mysql - mysqlconf -- name: Remove old MySQL packages - dnf: - name: - - mysql - - mysql-server - - mariadb - state: absent - tags: - - mysql - - mysqlconf - - name: Install MySQL 8.4 repo dnf: name: http://repo.mysql.com/mysql84-community-release-el8.rpm @@ -83,13 +72,25 @@ warn: false - name: Ensure mysql server is installed - dnf: - name: mysql-community-server - state: present - register: mysqlinstalled - tags: - - mysql - - mysqlconf + block: + - name: Install mysql-community-server + dnf: + name: mysql-community-server + state: present + register: mysqlinstalled + tags: + - mysql + - mysqlconf + + rescue: + - name: Fallback to OS mysql-server + dnf: + name: mysql-server + state: present + register: mysqlinstalled + tags: + - mysql + - mysqlconf - name: replace MySQL my.cnf using Template template: @@ -100,12 +101,12 @@ - mysql - mysqlconf -# - name: Initialise MySQL -# shell: mysqld --initialize-insecure --user=mysql -# when: mysqlinstalled.changed -# tags: -# - mysql -# - mysqlconf +- name: Initialise MySQL + shell: mysqld --initialize-insecure --user=mysql + when: mysqlinstalled.changed + tags: + - mysql + - mysqlconf - name: Ridiculous fix for mysql permissions file: From c4bbf4a8727d6f3252b9142fcbf3c4a6db23c50e Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Mon, 16 Feb 2026 18:37:02 +0530 Subject: [PATCH 09/13] Master & Slave updated to Binary Log & Replica respectively --- Ansible/library/get_db_facts | 10 +++++----- Ansible/roles/mysql/tasks/mysql_replication.yml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Ansible/library/get_db_facts b/Ansible/library/get_db_facts index c08ffeb859..f8de199c45 100644 --- a/Ansible/library/get_db_facts +++ b/Ansible/library/get_db_facts @@ -18,12 +18,12 @@ DBHOST=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBHOST"{print $2}'| tr -d '"' | DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASSWORD"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//'` -master_status=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "show master status;"` -master_file=`echo $master_status | awk -F ' ' '{print $5}'` -master_pos=`echo $master_status | awk -F ' ' '{print $6}'` -clouddb_test=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = 'cloud';"` +master_status=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SHOW BINARY LOG STATUS;"` +master_file=`echo $master_status | awk -F ' ' '{print $6}'` +master_pos=`echo $master_status | awk -F ' ' '{print $7}'` +clouddb_test=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = 'cloud';"` if [[ -n $clouddb_test ]]; then - registered_mgmt_servers=`mysql --default-auth=mysql_native_password -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT service_ip FROM cloud.mshost where removed is null;" | grep -vE service_ip` + registered_mgmt_servers=`mysql -h $DBHOST -u $DBUSER -p$DBPASS -e \ "SELECT service_ip FROM cloud.mshost where removed is null;" | grep -vE service_ip` else registered_mgmt_servers="" fi diff --git a/Ansible/roles/mysql/tasks/mysql_replication.yml b/Ansible/roles/mysql/tasks/mysql_replication.yml index cb56afc94f..d16528a8ee 100644 --- a/Ansible/roles/mysql/tasks/mysql_replication.yml +++ b/Ansible/roles/mysql/tasks/mysql_replication.yml @@ -46,18 +46,18 @@ mysql_replication: mode=changemaster master_host={{ hostvars[groups['mysql_master_host'][0]]['ansible_ssh_host'] }} master_log_file={{ master_file }} master_log_pos={{ master_pos }} master_user=replication_user master_password={{ mysql_replication_password }} login_user=root login_password={{ mysql_root_password }} when: ("mysql_slave_hosts" in group_names) and ("{{ cloudbd_exists }}" == "no") -- name: Start Slave +- name: Start Replica mysql_replication: mode=startslave login_user=root login_password={{ mysql_root_password }} when: ("mysql_slave_hosts" in group_names) and ("{{ cloudbd_exists }}" == "no") -- name: Show Master Status +- name: Show Binary Log Status mysql_replication: mode=getmaster login_user=root login_password={{ mysql_root_password }} when: ("mysql_master_host" in group_names) and ("{{ cloudbd_exists }}" == "no") register: masterstatus - debug: msg="Master status is {{ masterstatus }}" -- name: Show Slave Status +- name: Show Replica Status mysql_replication: mode=getslave login_user=root login_password={{ mysql_root_password }} when: ("mysql_slave_hosts" in group_names) and ("{{ cloudbd_exists }}" == "no") register: slavestatus From c35b2f123d54982d19b42274ca7f3245f732487e Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Tue, 17 Feb 2026 00:07:17 +0530 Subject: [PATCH 10/13] update el9 --- Ansible/roles/mysql/tasks/centos8.yml | 33 +++++++++------------------ Ansible/roles/mysql/tasks/el9.yml | 14 +++++++++++- 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/Ansible/roles/mysql/tasks/centos8.yml b/Ansible/roles/mysql/tasks/centos8.yml index 22d2c36a8f..8cff22d70c 100644 --- a/Ansible/roles/mysql/tasks/centos8.yml +++ b/Ansible/roles/mysql/tasks/centos8.yml @@ -58,7 +58,7 @@ - mysql - mysqlconf -- name: Install MySQL 8.4 repo +- name: Install MySQL 8.4 repo for el8 dnf: name: http://repo.mysql.com/mysql84-community-release-el8.rpm state: present @@ -68,29 +68,18 @@ - name: Enable MySQL 8.4 module command: dnf module enable mysql:8.4 -y - args: - warn: false + tags: + - mysql + - mysqlconf - name: Ensure mysql server is installed - block: - - name: Install mysql-community-server - dnf: - name: mysql-community-server - state: present - register: mysqlinstalled - tags: - - mysql - - mysqlconf - - rescue: - - name: Fallback to OS mysql-server - dnf: - name: mysql-server - state: present - register: mysqlinstalled - tags: - - mysql - - mysqlconf + dnf: + name: mysql*-server + state: present + register: mysqlinstalled + tags: + - mysql + - mysqlconf - name: replace MySQL my.cnf using Template template: diff --git a/Ansible/roles/mysql/tasks/el9.yml b/Ansible/roles/mysql/tasks/el9.yml index bbead76360..172fc6c538 100644 --- a/Ansible/roles/mysql/tasks/el9.yml +++ b/Ansible/roles/mysql/tasks/el9.yml @@ -60,7 +60,13 @@ - mysql - mysqlconf -- name: Ensure mysql repo is installed for el9 +- name: Disable OS MySQL module + command: dnf module disable mysql -y + tags: + - mysql + - mysqlconf + +- name: Install MySQL 8.4 repo for el9 dnf: name: http://repo.mysql.com/mysql84-community-release-el9.rpm state: present @@ -68,6 +74,12 @@ - mysql - mysqlconf +- name: Enable MySQL 8.4 module + command: dnf module enable mysql:8.4 -y + tags: + - mysql + - mysqlconf + - name: Ensure mysql server is installed dnf: name: mysql*-server From 89d6fc29a65acf42ff2289e214b4402365376971 Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Tue, 17 Feb 2026 01:13:40 +0530 Subject: [PATCH 11/13] update mysql-connector-python version (8.4.0 requires python >= 3.8) --- Ansible/roles/marvin/tasks/install_marvin_prereqs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml b/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml index 9a6fe91af7..82753c0b46 100644 --- a/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml +++ b/Ansible/roles/marvin/tasks/install_marvin_prereqs.yml @@ -100,7 +100,7 @@ - texttable - lxml - pycparser - - mysql-connector-python==8.4.0 + - mysql-connector-python==8.0.31 - netaddr - pyvmomi tags: From dca579935263ede0d679afbafa8c69189cde0e01 Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Thu, 5 Mar 2026 13:23:12 +0530 Subject: [PATCH 12/13] revert default-auth mysql_native_password from mysql cmd --- Ansible/library/acs_mysql_update | 4 ++-- Ansible/roles/mysql/tasks/centos8.yml | 4 ++-- Ansible/roles/mysql/tasks/debian.yml | 4 ++-- Ansible/roles/mysql/tasks/el9.yml | 4 ++-- Ansible/roles/mysql/tasks/suse.yml | 4 ++-- Ansible/roles/mysql/tasks/ubuntu.yml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/Ansible/library/acs_mysql_update b/Ansible/library/acs_mysql_update index c8f3cf1753..96ce2386d8 100644 --- a/Ansible/library/acs_mysql_update +++ b/Ansible/library/acs_mysql_update @@ -8,9 +8,9 @@ DBUSER=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBUSER"{print $2}'| tr -d '"' | DBPASS=`echo $ARGS | tr " " "\n"| awk -F= '$1=="DBPASS"{print $2}'| tr -d '"' | sed -e 's/[[:space:]]*$//' | tr -d "'"` MYSQL_STATEMENT=`echo $ARGS | sed 's#.*MYSQL_STATEMENT=\(\)#\1#' | tr -d ')'| sed "s/'\"'\"'/'/g"| tr -d '"' | sed "s/^'//" | sed -e 's/[[:space:]]*$//' | sed s'/.$//'` echo $MYSQL_STATEMENT > /tmp/mysql -mysql --default-auth=mysql_native_password -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ "$MYSQL_STATEMENT" +mysql -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ "$MYSQL_STATEMENT" -echo "mysql --default-auth=mysql_native_password -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ \"$MYSQL_STATEMENT\"" > /tmp/theargs +echo "mysql -h ${DBHOST} -u ${DBUSER} -p${DBPASS} -e \ \"$MYSQL_STATEMENT\"" > /tmp/theargs echo '{ "ansible_facts": { diff --git a/Ansible/roles/mysql/tasks/centos8.yml b/Ansible/roles/mysql/tasks/centos8.yml index 8cff22d70c..9d2830fd8e 100644 --- a/Ansible/roles/mysql/tasks/centos8.yml +++ b/Ansible/roles/mysql/tasks/centos8.yml @@ -140,14 +140,14 @@ - name: set root password - shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/debian.yml b/Ansible/roles/mysql/tasks/debian.yml index 49ee34fb24..2ee805d674 100644 --- a/Ansible/roles/mysql/tasks/debian.yml +++ b/Ansible/roles/mysql/tasks/debian.yml @@ -83,14 +83,14 @@ # bypass ansible mysql8 connection/library issues. - name: set root password - shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: ansible_distribution_major_version|int >= 12 and mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: ansible_distribution_major_version|int >= 12 and mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/el9.yml b/Ansible/roles/mysql/tasks/el9.yml index 172fc6c538..70840b6ff6 100644 --- a/Ansible/roles/mysql/tasks/el9.yml +++ b/Ansible/roles/mysql/tasks/el9.yml @@ -145,14 +145,14 @@ - name: set root password - shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/suse.yml b/Ansible/roles/mysql/tasks/suse.yml index 3a5e8a5dd7..fe05665a8e 100644 --- a/Ansible/roles/mysql/tasks/suse.yml +++ b/Ansible/roles/mysql/tasks/suse.yml @@ -97,14 +97,14 @@ # shell: rm -rf /var/lib/mysql/* - name: set root password - shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: mysqlinstalled.changed tags: diff --git a/Ansible/roles/mysql/tasks/ubuntu.yml b/Ansible/roles/mysql/tasks/ubuntu.yml index d26e82411b..810ffb27fa 100644 --- a/Ansible/roles/mysql/tasks/ubuntu.yml +++ b/Ansible/roles/mysql/tasks/ubuntu.yml @@ -121,14 +121,14 @@ # bypass ansible mysql8 connection/library issues. - name: set root password - shell: mysql --default-auth=mysql_native_password -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" + shell: mysql -h localhost -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'P@ssword123';FLUSH PRIVILEGES;" when: ansible_distribution_major_version|int >= 20 and mysqlinstalled.changed tags: - mysql - mysqlconf - name: grant permissions - shell: mysql --default-auth=mysql_native_password -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" + shell: mysql -h localhost -u root -pP@ssword123 -e "CREATE USER 'root'@'%' IDENTIFIED BY 'P@ssword123';GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;FLUSH PRIVILEGES" ignore_errors: yes when: ansible_distribution_major_version|int >= 20 and mysqlinstalled.changed tags: From a5f2ff575acab021e9a11e52589a69464586851b Mon Sep 17 00:00:00 2001 From: Suresh Kumar Anaparti Date: Thu, 5 Mar 2026 13:28:52 +0530 Subject: [PATCH 13/13] revert mysql_native_password=ON setting from cnf files --- Ansible/roles/mysql/templates/mariadb-my.cnf.j2 | 2 -- Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 | 2 -- Ansible/roles/mysql/templates/my-centos8.cnf.j2 | 4 +--- Ansible/roles/mysql/templates/my-debian.cnf.j2 | 2 -- Ansible/roles/mysql/templates/my.cnf.j2 | 2 -- Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 | 2 -- 6 files changed, 1 insertion(+), 13 deletions(-) diff --git a/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 b/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 index 6674141d13..0e5538296f 100644 --- a/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 +++ b/Ansible/roles/mysql/templates/mariadb-my.cnf.j2 @@ -25,8 +25,6 @@ skip_name_resolve max_connections={{ mysql_max_connections }} -mysql_native_password=ON - innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_additional_mem_pool_size=20M diff --git a/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 b/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 index 87d31e463a..ef5e1c1463 100644 --- a/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 +++ b/Ansible/roles/mysql/templates/mariadb-suse-my.cnf.j2 @@ -25,8 +25,6 @@ socket=/var/lib/mysql/mysql.sock user=mysql skip_name_resolve -mysql_native_password=ON - max_connections={{ mysql_max_connections }} innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} diff --git a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 index cbf08bf1e9..3a99b121fa 100644 --- a/Ansible/roles/mysql/templates/my-centos8.cnf.j2 +++ b/Ansible/roles/mysql/templates/my-centos8.cnf.j2 @@ -22,10 +22,8 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve -mysql_native_password=ON - {% if ansible_distribution_major_version|int < 10 %} -authentication_policy=mysql_native_password +authentication_policy=caching_sha2_password {% endif %} innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} diff --git a/Ansible/roles/mysql/templates/my-debian.cnf.j2 b/Ansible/roles/mysql/templates/my-debian.cnf.j2 index e9dc5fa2d9..21c70018a3 100644 --- a/Ansible/roles/mysql/templates/my-debian.cnf.j2 +++ b/Ansible/roles/mysql/templates/my-debian.cnf.j2 @@ -22,8 +22,6 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve -mysql_native_password=ON - innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_log_buffer_size=16MB diff --git a/Ansible/roles/mysql/templates/my.cnf.j2 b/Ansible/roles/mysql/templates/my.cnf.j2 index d0c9551980..e9b7a3e4df 100644 --- a/Ansible/roles/mysql/templates/my.cnf.j2 +++ b/Ansible/roles/mysql/templates/my.cnf.j2 @@ -22,8 +22,6 @@ datadir=/var/lib/mysql max_connections={{ mysql_max_connections }} skip_name_resolve -mysql_native_password=ON - innodb_buffer_pool_size={{ mysql_innodb_buffer_pool_size }} innodb_file_per_table=1 innodb_additional_mem_pool_size=20M diff --git a/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 b/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 index e00dd2a33b..e5a33e3f7b 100644 --- a/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 +++ b/Ansible/roles/mysql/templates/my.ubuntu.cnf.j2 @@ -42,8 +42,6 @@ server-id=1 skip_name_resolve -mysql_native_password=ON - innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections={{ mysql_max_connections }}