• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Urban Penguin

The Urban Penguin - Linux Training

  • Home
  • About
  • Live Online Courses
  • Shop
  • RHCSA Guide
  • Programming
    • Master Editing Text Files Using VIM
    • Learn Shell Scripting with BASH
    • PERL Scripting in Linux
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • Learn C Programming using Linux and the Raspberry Pi
    • General Java Tutorials
    • Java 7 OCA Exam 1ZO-803
  • OS Tutorials
    • Red Hat and CentOS Training
      • Red Hat Enterprise Linux System Administration 1 – RH124
      • RHCSA – System Admin 2 – RH134
      • RHCE – EX294 – Automation With Ansible
    • Learning Ubuntu
    • LPI Training
      • LPI Linux Essentials
      • LPIC-1 Linux Administrator
      • LPIC-2 Certified Linux Engineer
      • LPIC-3 Senior Level Certification
        • LPIC-3 Exam 300 : Mixed Environments
        • LPIC-3 Exam 303 : Security
        • LPIC-3 Exam 304 : Virtualization and High Availability
    • Linux Technologies
      • Apache HTTPD Server
      • Learning PHP
      • Learning PUPPET
      • Learning SAMBA
      • Linux File-Systems
      • Monitoring with Nagios Core
      • MYSQL
      • openLDAP Directories on Linux
You are here: Home / Linux / RH358 / Automating MariaDB Deployment on Red Hat Enterprise Linux 8

Automating MariaDB Deployment on Red Hat Enterprise Linux 8

July 27, 2020 by The Urban Penguin

In this blog we look at Automating MariaDB Deployment on Red Hat Enterprise Linux 8 using MariaDB 10.4 from the MariaDB.org repo.

Using only the Red Hat repositories RHEL 8 will supply MariaDB 10.3. Whilst this is ok there are improvements that you should be aware of in version 10.4 which can be installed directly using the repositories of the maintainers MaraisDB.org. By automating MariaDB deployment on Red Hat Enterprise Linux 8 from the Mariadb repo we can ensure we get the security and consistency we require.

Demonstration System Used

To be clear on what we are doing Automating MariaDB Deployment on Red Hat Enterprise Linux 8, we are using a single RHEL 8.2 system  hosted in AWS. You, could, of course, be using RHEL 8 anywhere or CentOS 8. We will also install Ansible onto this system but we can avoid any configuration as we will use the builtin localhost and the Ansible target.

Installing and Testing Ansible

Ansible does not require and agent to be installed on the target system. In an ideal world the Ansible controller would a spearate system and not the target Database Server. For ease of demonstration we will install Ansible, the Ansible controller on the target database server. This does demonstrate the power of the automation with Ansible really well as we can install and configure MariaDB with the single Playbook that we create. Ensuring that the steps are repeatably correct and each step is carried out without omission.

The easiest and consistent way to install Ansible on either CentOS or Red Hat is from the EPEL repository. There is a specific package for this in CentOS there is not for RHEL. This is why we install the EPEL repo directory from the RPM file:

$ sudo yum install -y \
  https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
$ sudo yum install -y ansible

Why Use Mariadb Repository

RHEL 8 will give you access to MariaDB 10.3 but major security changes were added to 10.4 that allow the MariaDB root account to be more secure out of the box. Firstly, 10.4 allows more that one authentication method per user account where 10.3 was limited to a single method. The root account makes use of this but using both socket based authentication and password. The password is set to a non-hash value, literally the string “invalid“, so cannot be used until it is changed. Secure access as root is made by using sudo mysql and running the mysql client as the root user. Using 10.4 also allows for better encryption using ed25519 elliptical curve algorithms for passwords. Although this was available in 10.3 setting of passwords was not fully integrated which they are in 10.4. For these reasons alone, MariaDB 10,4 become a real choice for securing your database servers and this is why we set up the software repository pointing to MariaDB.org.

We can download a copy of the repo file Mariadb. We can create this a s file in our user’s home directory will will use Ansible to push it out. We save is as ~/mariadb.repo.

# MariaDB 10.4 [Stable] CentOS repository list - created 2020-07-27 07:52 UTC
# https://mariadb.org/download-test/
[mariadb]
name = MariaDB
baseurl = http://mirrors.coreix.net/mariadb/yum/10.4/centos8-amd64
module_hotfixes=1
gpgkey=http://mirrors.coreix.net/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=1

Use Ansible to Deploy MariaDB 10.4

We can create the Ansible Playbook in the same directory as the repo file, so our home directory and can call the file mariadb.yml.

---
- name: MariaDB From MariaDB.org
  hosts: localhost
  become: True
  gather_facts: False
  tasks:

- name: add repo
  copy:
    src: mariadb.repo
    dest: /etc/yum.repos.d/mariadb.repo

- name: install mariadb
  package:
    name:
      - MariaDB-server
      - python3-PyMySQL

- name: start mariadb
  service:
    name: mariadb
    state: started
    enabled: True

- name: remove anonymous users
  mysql_user:
    name: ''
    host_all: True
    state: absent
    login_unix_socket: '/var/lib/mysql/mysql.sock'

- name: remove test db
  mysql_db:
    name: test
    state: absent
    login_unix_socket: '/var/lib/mysql/mysql.sock'
...

The indentation in a YAML file is significant and shows the parent/child relationship with settings. Within the Playbook:

  1. Deploy the repo file
  2. Install MariaDB
  3. Start Service
  4. Remove Anonymous users
  5. Remove test database

We do not need to set the root password as we can authenticate securely using unix_sockets and the password only needs to be set if other accounts need to use the builtin root database account. In version 10.3 the password is blank and has to be set to secure the system.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)

Filed Under: RH358 Tagged With: Ansible, Automate, MariaDB, Red Hat, RHEL, RHEL8, unix_socket

Primary Sidebar

Newest Video

The Urban Penguin On Youtube

Products

  • Complete RHCSA 8 Study Guide Complete RHCSA 8 Study Guide £5.99
  • SELinux Guide SELinux Fundamentals in Red Hat Enterprise Linux 8 £1.99
  • Managing POSIX ACLS in Linux £0.99
  • Managing Linux File Permissions £0.99
  • Kernel Module Administration in Linux £0.99

Categories

Pages

  • About The Urban Penguin
  • Contact Us
  • Shop
    • Basket
    • Checkout
    • My Account
  • LPI Training from The Urban Penguin
    • Live and Pluralsight hosted courses
    • Complete Linux Essentials
    • LPIC-3 Senior Level Certification
      • LPIC-3 Exam 300 : Mixed Environments
      • LPIC-3 Exam 303 : Security
      • LPIC-3 Exam 304 : Virtualization and High Availability
    • LPIC-2 Certified Linux Engineer
    • LPIC-1 Linux Administrator
    • LPI Linux Essentials for Raspberry Pi
    • LPI Linux Essentials
  • Operating System Tutorials
    • Linux Foundation Training
    • Solaris 11 OCA 1ZO-821
    • Learning Ubuntu
    • Learning SUSE
    • Red Hat and CentOS Training
      • RHCE – EX294 – Automation With Ansible
      • RHCSA – System Admin 1 – RH124
      • RHCSA – System Admin 2 – RH134
  • Scripting – the power of repetition!
    • Java 7 OCA Exam 1ZO-803
    • General Java Tutorials
    • Learn C Programming using Linux and the Raspberry Pi
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • PERL Scripting in Linux
    • Learn Shell Scripting with BASH
    • Master Editing Text Files Using VIM
  • Linux Technologies
    • Learning PUPPET
    • openLDAP Directories on Linux
    • Monitoring with Nagios Core
    • Linux File-Systems
    • Learning SAMBA
    • Apache HTTPD Server
    • Learning PHP
    • MYSQL
  • OpenStack
    • Pluralsight
    • Udemy
    • Raspberry Pi Tutorials
    • Citrix Videos
  • Online Instructor-led Courses
    • Red Hat Enterprise Linux System Administration 1 – RH124
    • SELinux Masterclass
    • Bash Scripting Masterclass
    • Nftables Masterclass

© 2021 The Urban Penguin · All Rights Reserved

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok