I've written the following patch to address this, if you'd like to test it out:

diff --git a/library/database/mysql_replication b/library/database/mysql_replication
index fdbb379..1080fe0 100644
--- a/library/database/mysql_replication
+++ b/library/database/mysql_replication
@@ -240,7 +240,7 @@ def main():
             master_log_pos=dict(default=None),
             relay_log_file=dict(default=None),
             relay_log_pos=dict(default=None),
-            master_ssl=dict(default=None, choices=[0,1]),
+            master_ssl=dict(default=False, type='bool'),
             master_ssl_ca=dict(default=None),
             master_ssl_capath=dict(default=None),
             master_ssl_cert=dict(default=None),
@@ -337,7 +337,7 @@ def main():
         if relay_log_pos:
             chm.append("RELAY_LOG_POS=" + relay_log_pos)
         if master_ssl:
-            chm.append("MASTER_SSL=" + master_ssl)
+            chm.append("MASTER_SSL=1")
         if master_ssl_ca:
             chm.append("MASTER_SSL_CA='" + master_ssl_ca + "'")
         if master_ssl_capath:

Nice and simple solution. Thanks! It should just work but now I'm getting this error which might have more to do with mysql 5.6

failed: [eph-s] => {"failed": true, "item": "", "parsed": false}
invalid output was: Change master
Traceback (most recent call last):
File "", line 1538, in
File "", line 351, in main
File "", line 164, in changemaster
File "/usr/lib/python2.7/dist-packages/MySQLdb/cursors.py", line 176, in execute
if not self._defer_warnings: self._warning_check()
File "/usr/lib/python2.7/dist-packages/MySQLdb/cursors.py", line 92, in _warning_check
warn(w[-1], self.Warning, 3)
_mysql_exceptions.Warning: Sending passwords in plain text without SSL/TLS is extremely insecure.

Considering I'm configuring replication to use SSL the warning really doesn't make any sense.

If I add ignore_errors: True to the "change master to" task and then start the slave as the next task it all works. So the warning is just a warning but ansible doesn't like it. The "change master to" is being applied successfully.

Hrm, so we'll need to add a bit of code there to catch and ignore that warning. I'll work on that as soon as possible and update the patch. Thanks!

I tested the patch - it works with 5.5.37-MariaDB (MySQL 5.5 compatible) as packaged in Ubuntu 14.04

Using Ansible 1.6.2

tested the patch - works with 5.5.38 as packaged on CentOS 6.5 (remi) with Ansible 1.6.

It's still not working with mysql 5.6.

Thanks for the +1's, I've gone ahead and merged this in. @Boreal when you say "not working", do you mean the error above? I was still going to write a patch to catch that.

That's correct, @jimi-c. Thanks for working on this!

I believe this patch should fix the warning error:

diff --git a/library/database/mysql_replication b/library/database/mysql_replication
index 4ad72d9..1a257ea 100644
--- a/library/database/mysql_replication
+++ b/library/database/mysql_replication
@@ -271,7 +271,7 @@ def main():
     if not mysqldb_found:
         module.fail_json(msg="the python mysqldb module is required")
     else:
-        warnings.filterwarnings('error', category=MySQLdb.Warning)
+        warnings.filterwarnings('ignore', category=MySQLdb.Warning)
 
     # Either the caller passes both a username and password with which to connect to
     # mysql, or they pass neither and allow this module to read the credentials from

I'm not quite sure why we were forcing warnings to be errors there, but this should suppress them instead

I'll give it a try later today.

Worked!

Hi,

I'm facing the same trouble regarding MySQLdb.Warning with Ansible 1.9.2, it looks like the patch described here #7528 (comment) was never applied.

Is it plan to apply it one day ?

Thanks

@nadley this was applied, as it can be seen in the repository history: 3ebecdd

If you are having new issues with this, please open a new issue on ansible/ansible-modules-core.

Thanks!

@jimi-c Thanks for the quick reply. Before posting I did some research but I think were not talking about the same patch, as the commit you're pointing is not doing the same modification on the file as the comment I'm pointing. For more clarity I'll open a new issue.

Thanks