© Copyright 2024, Intel Corporation
Configuration in this directory creates an Amazon RDS instance for MySQL. The instance is created on an Intel Icelake instance M6i.xlarge by default. The instance is pre-configured with parameters within the database parameter group that is optimized for Intel architecture. The goal of this module is to get you started with a database configured to run best on Intel architecture.
As you configure your application's environment, choose the configurations for your infrastructure that matches your application's requirements.
The MySQL Optimizations were based off Intel Xeon Tuning Guide
This collection included 5 roles and 6 playbooks.
Role: Ansible roles are a way to reuse and organize your Ansible code. They are self-contained units that contain all the files and configuration needed to automate a specific task. Roles are defined using a directory structure with specific directories for tasks, variables, files, templates, and other artifacts. This structure makes it easy to find and reuse code, and it also makes it easy to extend behaviour of roles.
To use a role in an Ansible playbook, you simply need to list it in the roles section of the playbook. Ansible will then automatically load the role and execute its tasks.
For this module, There are 5 roles.
- intel_optimized_mysql_server - It creates an Amazon RDS Intel optimized instance for MySQL
- intel_optimized_mysql_server_expanded It creates an Amazon RDS instance for MySQL and optimizes the database parameter innodb_open_files
- input_intel_optimized_mysql_server_ico_by_densify It creates an Amazon RDS Intel optimized instance for MySQL using recommended instance from Intel Cloud Optimizer by Densify
- intel_optimized_mysql_server_vpc_creation It creates an Amazon RDS instance for MySQL and a new VPC
- intel_optimized_mysql_server_replica_testing It creates an Amazon RDS instance for MySQL and creates a read replica.
Playbook: An Ansible playbook is a YAML file that describes the tasks, are composed of a series of plays, which are groups of tasks that are executed in a specific order. Each play defines a set of tasks that should be executed on a specific group of hosts. Playbooks can also include variables, which can be used to store data that is used by the tasks. This makes it easy to reuse playbooks for different environments and configurations. for this module. For this module, There are 6 playbooks, Where
- Playbook intel_aws_mysql.yml - Used to create an Amazon RDS Intel optimized instance for MySQL, it uses Terraform module terraform-intel-aws-mysql and being called by Ansible module community.general.terraform
- Playbook intel_optimized_mysql_server.yml - It executes role called intel_optimized_mysql_server
- Playbook intel_optimized_mysql_server_expanded.yml - It executes role called intel_optimized_mysql_server_expanded
- Playbook intel_optimized_mysql_ico_by_densify.yml - It executes role called intel-optimized-mysql-ico-by-densify
- Playbook intel_optimized_mysql_server_vpc_creation.yml - It executes role called intel_optimized_mysql_server_vpc_creation
- Playbook intel_optimized_mysql_server_replica_testing.yml:- It executes role called intel_optimized_mysql_server_replica_testing
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── galaxy.yml
├── playbooks
│  ├── intel_aws_mysql.yml
│  ├── intel_optimized_mysql_server_expanded.yml
│  ├── intel_optimized_mysql_server_ico_by_densify.yml
│  ├── intel_optimized_mysql_server_replica_testing.yml
│  ├── intel_optimized_mysql_server_vpc_creation.yml
│  └── intel_optimized_mysql_server.yml
├── README.md
├── requirements.yml
├── roles
│  ├── intel_optimized_mysql_server
│  │  ├── defaults
│  │  │  └── main.yml
│  │  ├── files
│  │  ├── handlers
│  │  │  └── main.yml
│  │  ├── meta
│  │  │  └── main.yml
│  │  ├── README.md
│  │  ├── tasks
│  │  │  ├── download_tf_module.yml
│  │  │  ├── main.yml
│  │  │  ├── mysql_server.yml
│  │  │  └── output.yml
│  │  ├── templates
│  │  ├── tests
│  │  │  ├── inventory
│  │  │  └── test.yml
│  │  └── vars
│  │  └── main.yml
│  ├── intel_optimized_mysql_server_expanded
│  │  ├── defaults
│  │  │  └── main.yml
│  │  ├── files
│  │  ├── handlers
│  │  │  └── main.yml
│  │  ├── meta
│  │  │  └── main.yml
│  │  ├── README.md
│  │  ├── tasks
│  │  │  ├── download_tf_module.yml
│  │  │  ├── main.yml
│  │  │  ├── mysql_server.yml
│  │  │  └── output.yml
│  │  ├── templates
│  │  ├── tests
│  │  │  ├── inventory
│  │  │  └── test.yml
│  │  └── vars
│  │  └── main.yml
│  ├── intel_optimized_mysql_server_ico_by_densify
│  │  ├── defaults
│  │  │  └── main.yml
│  │  ├── files
│  │  ├── handlers
│  │  │  └── main.yml
│  │  ├── meta
│  │  │  └── main.yml
│  │  ├── README.md
│  │  ├── tasks
│  │  │  ├── densify.yml
│  │  │  ├── download_tf_module.yml
│  │  │  ├── main.yml
│  │  │  ├── mysql_server.yml
│  │  │  └── output.yml
│  │  ├── templates
│  │  ├── tests
│  │  │  ├── inventory
│  │  │  └── test.yml
│  │  └── vars
│  │  └── main.yml
│  ├── intel_optimized_mysql_server_replica_testing
│  │  ├── defaults
│  │  │  └── main.yml
│  │  ├── files
│  │  ├── handlers
│  │  │  └── main.yml
│  │  ├── meta
│  │  │  └── main.yml
│  │  ├── README.md
│  │  ├── tasks
│  │  │  ├── download_tf_module.yml
│  │  │  ├── main.yml
│  │  │  ├── mysql_output.yml
│  │  │  ├── mysql_replica.yml
│  │  │  ├── mysql_rep_output.yml
│  │  │  └── mysql.yml
│  │  ├── templates
│  │  ├── tests
│  │  │  ├── inventory
│  │  │  └── test.yml
│  │  └── vars
│  │  └── main.yml
│  └── intel_optimized_mysql_server_vpc_creation
│  ├── defaults
│  │  └── main.yml
│  ├── files
│  ├── handlers
│  │  └── main.yml
│  ├── meta
│  │  └── main.yml
│  ├── README.md
│  ├── tasks
│  │  ├── download_tf_module.yml
│  │  ├── main.yml
│  │  ├── mysql_server.yml
│  │  ├── output.yml
│  │  └── vpc.yml
│  ├── templates
│  ├── tests
│  │  ├── inventory
│  │  └── test.yml
│  └── vars
│  └── main.yml
└── security.md
-
Case 1: When user's needs can be met with the default configuration, and they want to install a collection from Ansible Galaxy to the default location (as a third-party collection), it is recommended to use the following command:
ansible-galaxy collection install <intel.ansible-intel-aws-mysql> -
Case 2: When user's needs can't be met with the default configuration, wants to extend/modify existing configuration and flow, They can install collection using Ansible Galaxy in user's define location Use below approaches
-
ansible-galaxy collection install -p <local path> <intel.ansible-intel-aws-mysql>Note: collection will download collection, you can remove as per need
-
Download the source code and copy role the directories to your Ansible location in your working directory.
git clone https://github.com/OTCShare2/ansible-intel-aws-mysql.git cd ansible-intel-aws-mysql cp -r role/intel_optimized_mysql_server_vpc_creation /<your project path>/(Example: /home/user/.ansible/roles)
-
To authenticate AWS API, User needs to export below environment variable
export AWS_ACCESS_KEY_ID=<aws_access_key_id>
export AWS_SECRET_ACCESS_KEY=<aws_secret_access_key>
export AWS_REGION=<aws_region>Use playbook to execute Terraform module terraform-intel-aws-mysql using Ansible module community.general.terraform as below
---
- hosts: localhost
vars:
terraform_source: https://github.com/intel/terraform-intel-aws-mysql.git
tasks:
- set_fact:
terraform_module_download_path: '/home/{{ansible_env.USER}}/approach-examples/build/main/'
- name: Clone a github repository
git:
repo: '{{ terraform_source }}'
dest: '{{ terraform_module_download_path }}'
clone: yes
update: yes
version: main
- name: AWS RDS MySQL Module
community.general.terraform:
project_path: '{{ terraform_module_download_path }}'
state: present
force_init: true
complex_vars: true
# for additional variables
# https://github.com/intel/terraform-intel-aws-mysql/blob/main/variables.tf
variables:
vpc_id: <vpc_id>
db_password: <db_password>
db_engine: mysql
rds_identifier: <rds_identifier>
db_subnet_group_name: <db_subnet_group_name>
db_encryption: false
db_allocated_storage: 20
db_storage_type: "gp2"
db_iops : 0
db_max_allocated_storage: 6144
db_tags:
user: user1
register: mysql_output
- debug:
var: mysql_output
Each of the playbooks have .yml files that you will need to update to insert items like VPC ID, and database settings
ansible-playbook <playbookname.yml>
EXAMPLE
ansible-playbook intel_aws_mysql.yml
Deployment time can vary but in most cases it takes approximately 15-20 minutes for the RDS database to be created or destroyed.
You can deploy ansible in various states, similar to Terraform. These are used as variables in the "state" section of the code. There are 3 types, planned, present, absent.
planned = will display what will be executed by does not deploy
present = deploys the resources
absent = destroys what was created using the present setting
EXAMPLES:
- name: AWS RDS MySQL Module
community.general.terraform:
project_path: '{{ terraform_module_download_path }}'
state: planned
force_init: true
complex_vars: true
# for additional variables
# https://github.com/intel/terraform-intel-aws-mysql/blob/main/variables.tf
variables:
vpc_id: <vpc_id>
db_password: <db_password>- name: AWS RDS MySQL Module
community.general.terraform:
project_path: '{{ terraform_module_download_path }}'
state: present
force_init: true
complex_vars: true
# for additional variables
# https://github.com/intel/terraform-intel-aws-mysql/blob/main/variables.tf
variables:
vpc_id: <vpc_id>
db_password: <db_password>- name: AWS RDS MySQL Module
community.general.terraform:
project_path: '{{ terraform_module_download_path }}'
state: absent
force_init: true
complex_vars: true
# for additional variables
# https://github.com/intel/terraform-intel-aws-mysql/blob/main/variables.tf
variables:
vpc_id: <vpc_id>
db_password: <db_password>| Name | Version |
|---|---|
| Terraform | =1.5.7 |
| AWS | ~> 4.36.0 |
| Random | ~>3.4.3 |
| Ansible Core | ~>2.14.2 |
| Ansible | ~>7.2.0-1 |
Note: Above role requires Terraform as we are executing terraform module terraform-intel-aws-mysql using Ansible module called community.general.terraform
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| auto_major_version_upgrades | Flag that specifices if major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible. | bool |
false |
no |
| auto_minor_version_upgrades | Flag that specifies if minor engine upgrades will be applied automatically to the DB instance during the maintenance window. | bool |
true |
no |
| availability_zone | Availability zone where the RDS instance will be instantiated. | string |
null |
no |
| aws_database_instance_identifier | Identifier for the AWS database instance. | string |
"mysql" |
no |
| aws_security_group_name | security group name for the rds | string |
"mysql_rds" |
no |
| create_security_group | Flag that allows for the creation of a security group that allows access to the instance. Please use this for non-production use cases only. | bool |
false |
no |
| create_subnet_group | Flag that allows for the creation of a subnet group that allows public access. | bool |
false |
no |
| db_allocated_storage | Allocated storage for AWS database instance. | number |
200 |
no |
| db_apply_immediately | Flag that specifies whether any database modifications are applied immediately, or during the next maintenance window. | bool |
false |
no |
| db_automated_backup_arn | The ARN of the automated backup from which to restore. Required if source_db_instance_identifier or source_dbi_resource_id is not specified. | string |
null |
no |
| db_backup_retention_period | The days to retain backups for. Must be between 0 and 35. Must be greater than 0 if the database is used as a source for a Read Replica. | number |
7 |
no |
| db_backup_window | The daily time range (in UTC) during which automated backups are created if they are enabled. Example: 09:46-10:16. Must not overlap with maintenance_window. |
string |
null |
no |
| db_ca_cert_identifier | The identifier of the CA certificate for the DB instance. | string |
null |
no |
| db_cloudwatch_logs_export | Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. | list(string) |
[] |
no |
| db_custom_iam_profile | (The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. | string |
null |
no |
| db_deletion_protection | Flag that specifies whether the DB instance is protected from deletion. | bool |
false |
no |
| db_domain | The ID of the Directory Service Active Directory domain to create the instance in. | string |
null |
no |
| db_domain_iam_role | (Required if db_domain is provided) The name of the IAM role to be used when making API calls to the Directory Service. | string |
null |
no |
| db_encryption | Flag that specifies whether the DB instance is encrypted. | bool |
true |
no |
| db_engine | Database engine version for AWS database instance. | string |
"mysql" |
no |
| db_engine_version | Database engine version for AWS database instance. | string |
"8.0" |
no |
| db_iam_authentication | Flag that specifies whether mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled. | bool |
false |
no |
| db_iops | The amount of provisioned IOPS. Setting this implies a storage_type of io1. | number |
10000 |
no |
| db_maintenance_window | The window to perform maintenance in. Syntax: ddd:hh24:mi-ddd:hh24:mi | string |
null |
no |
| db_max_allocated_storage | When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to allocated_storage. Must be greater than or equal to allocated_storage or 0 to disable Storage Autoscaling. | number |
10000 |
no |
| db_monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance | string |
0 |
no |
| db_monitoring_role_arn | The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs | string |
null |
no |
| db_name | Name of the database that will be created on the RDS instance. If this is specified then a database will be created as a part of the instance provisioning process. | string |
null |
no |
| db_option_group | Option group name to associate with the database instance. | string |
null |
no |
| db_parameter_group_family | Family identifier for the RDS database parameter group. | string |
"mysql8.0" |
no |
| db_parameter_group_name | Name for the RDS database parameter group. | string |
"mysql" |
no |
| db_parameters | Intel Cloud optimizations for Xeon processors | object({ |
{ |
no |
| db_password | Password for the master database user. | string |
n/a | yes |
| db_performance_insights | Flag that specifies whether Performance Insights are enabled. | bool |
false |
no |
| db_performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data. | string |
null |
no |
| db_performance_retention_period | Amount of time in days to retain Performance Insights data.Valid values are 7, 731 (2 years) or a multiple of 31. | string |
null |
no |
| db_port | The port on which the DB accepts connections. | number |
null |
no |
| db_publicly_accessible | Flag to indicate whether the database will be publicly accessible. | bool |
false |
no |
| db_replicate_source_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate (if replicating within a single region) or ARN of the Amazon RDS Database to replicate (if replicating cross-region). Note that if you are creating a cross-region replica of an encrypted database you will also need to specify a kms_key_id. | string |
null |
no |
| db_restore_time | The date and time to restore from. Value must be a time in Universal Coordinated Time (UTC) format and must be before the latest restorable time for the DB instance. | string |
null |
no |
| db_snapshot_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console. | string |
null |
no |
| db_source_db_instance_id | The identifier of the source DB instance from which to restore. Must match the identifier of an existing DB instance. Required if source_db_instance_automated_backups_arn or source_dbi_resource_id is not specified. | string |
null |
no |
| db_source_dbi_resource_id | The resource ID of the source DB instance from which to restore. Required if source_db_instance_identifier or source_db_instance_automated_backups_arn is not specified. | string |
null |
no |
| db_storage_type | The storage type that will be set on the instance. If db_iops is set then this will be set to io1 | string |
"io1" |
no |
| db_subnet_group_name | Database subnet group name. | string |
"mysql" |
no |
| db_subnet_group_tag | Tag for the database subnet group. | map(string) |
{ |
no |
| db_tags | Map of tags to apply to the database instance. | map(string) |
null |
no |
| db_timeouts | Map of timeouts that can be adjusted when executing the module. This allows you to customize how long certain operations are allowed to take before being considered to have failed. | object({ |
{ |
no |
| db_use_latest_restore_time | Flag that indicates whether the DB instance is restored from the latest backup time. | bool |
null |
no |
| db_username | Username for the master database user. | string |
null |
no |
| egress_cidr_blocks | Egress CIDR block for the RDS security group. | list(string) |
[ |
no |
| egress_from_port | Starting egress port for the RDS security group. | number |
3306 |
no |
| egress_protocol | Egress protocol for the port defined in the RDS security group. | string |
"tcp" |
no |
| egress_to_port | Ending egress port for the RDS security group. | number |
3306 |
no |
| final_snapshot_prefix | The name which is prefixed to the final snapshot on database termination. | string |
"mysql-snap-" |
no |
| ingress_cidr_blocks | Ingress CIDR block for the RDS security group. | list(string) |
[ |
no |
| ingress_from_port | Starting ingress port for the RDS security group. | number |
3306 |
no |
| ingress_protocol | Ingress protocol for the port defined in the RDS security group. | string |
"tcp" |
no |
| ingress_to_port | Ending ingress port for the RDS security group. | number |
3306 |
no |
| instance_class | Instance class that will be used by the RDS instance. | string |
"db.m6i.2xlarge" |
no |
| kms_key_id | The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. | string |
null |
no |
| multi_az | Flag that specifies if the RDS instance is multi_az. | bool |
true |
no |
| rds_identifier | Name of the RDS instance that will be created. | string |
n/a | yes |
| rds_security_group_tag | Map of tags for the RDS security group. | map(string) |
{ |
no |
| security_group_ids | List of existing AWS security groups that will be attached to the RDS instance. | list(string) |
null |
no |
| skip_final_snapshot | Flag to indicate whether a final snapshot will be skipped upon database termination. | bool |
false |
no |
| vpc_id | VPC ID within which the database resource will be created. | string |
n/a | yes |
| Name | Description |
|---|---|
| db_allocated_storage | Storage that was allocated to the instance when it configured. |
| db_arn | ARN of the database instance. |
| db_automated_backup_arn | The ARN of the automated backup from which to restore. |
| db_backup_retention | Number of configured backups to keep for the database instance. |
| db_backup_window | Configured backup window for the database instance. |
| db_ca_cert_identifier | The identifier of the CA certificate for the DB instance. |
| db_custom_iam_profile | The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. |
| db_delete_automated_backups | Flag that specifies if automated backups are deleted. |
| db_domain_iam_role | The name of the IAM role to be used when making API calls to the Directory Service. |
| db_encryption | Flag that indicates if storage encryption is enabled. |
| db_endpoint | Connection endpoint for the database instance that has been created. |
| db_engine | Database instance engine that was configured. |
| db_engine_version_actual | Running engine version of the database (full version number) |
| db_final_snapshot_identifier | Final snapshot identifier for the database instance. |
| db_hosted_zone_id | Hosted zone ID for the database instance. |
| db_hostname | Database instance hostname. |
| db_iam_auth_enabled | Flag that specifies if iam authenticaiton is enabled on the database |
| db_instance_id | RDS instance ID. |
| db_iops | Database instance iops that was configured. |
| db_kms_key_id | KMS key that is configured on the database instance if storage encryption is enabled. |
| db_latest_restore_time | Latest available restorable time for the database instance. |
| db_maintenance_window | Maintainence window for the database instance. |
| db_max_allocated_storage | Maximum storage allocation that is configured on the database instance. |
| db_monitoring_interval | Monitoring interval configuration. |
| db_name | Name of the database that was created (if specified) during instance creation. |
| db_parameter_group | Parameter group that was created |
| db_password | Database instance master password. |
| db_performance_insights | Flag that indiciates if Performance Insights is enabled. |
| db_performance_insights_kms_key_id | ARN of the KMS key that Performance Insights is utilizing (if enabled). |
| db_performance_insights_retention_period | Data retention period for Performance Insights (if enabled). |
| db_port | Database instance port. |
| db_restore_time | The date and time to restore from. |
| db_security_group | Security Group that was created (if specified) during the run. |
| db_security_group_ids | Security Group IDs that were associated with the database instance. |
| db_source_db_instance_id | The identifier of the source DB instance from which to restore. |
| db_source_dbi_resource_id | The resource ID of the source DB instance from which to restore. |
| db_status | Status of the database instance that was created. |
| db_storage_type | Storage type that is configured on the database instance. |
| db_subnet_group | Name of the subnet group that is associated with the database instance. |
| db_username | Database instance master username. |
| instance_class | Instance class in use for the database instance that was created. |