Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: setup datadog user and schema for mysql monitoring #102

Merged
merged 2 commits into from
Nov 19, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
feat: add users and schemas for mysql monitoring
nadeemshahzad committed Nov 13, 2024
commit f61ad50ab19ad3d8eba9ede8431fb52130d86cec
103 changes: 103 additions & 0 deletions playbooks/create_db_and_users.yml
Original file line number Diff line number Diff line change
@@ -115,3 +115,106 @@
when: RDS_BINLOG_RETENTION_HOURS is defined
tags:
- users

- name: Ensure Datadog user exists
mysql_user:
name: "{{ datadog_user }}"
host: '%'
password: "{{ datadog_user_password }}"
priv: "*.*:REPLICATION CLIENT,PROCESS"
append_privs: yes
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Set max connections for Datadog user
mysql_query:
query: "ALTER USER '{{ datadog_user }}'@'%' WITH MAX_USER_CONNECTIONS {{ datadog_max_connections }};"
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Grant SELECT on performance_schema to Datadog user
mysql_user:
name: "{{ datadog_user }}"
host: '%'
priv: "performance_schema.*:SELECT"
append_privs: yes
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Create Datadog schema if it does not exist
mysql_db:
name: "{{ datadog_schema }}"
state: present
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Grant EXECUTE on Datadog schema to Datadog user
mysql_user:
name: "{{ datadog_user }}"
host: '%'
priv: "{{ datadog_schema }}.*:EXECUTE,CREATE TEMPORARY TABLES"
append_privs: yes
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Create the explain_statement procedure in datadog schema
mysql_query:
query: |
CREATE PROCEDURE {{ datadog_schema }}.explain_statement(IN query TEXT)
SQL SECURITY DEFINER
BEGIN
SET @explain := CONCAT('EXPLAIN FORMAT=json ', query);
PREPARE stmt FROM @explain;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
END
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)
ignore_errors: yes

- name: Grant EXECUTE on explain_statement procedure to Datadog user
mysql_query:
query: "GRANT EXECUTE ON PROCEDURE {{ datadog_procedure_schema }}.explain_statement TO {{ datadog_user }}@'%';"
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
when: datadog_mysql_monitoring_enabled | default(false)

- name: Grant EXECUTE on explain_statement procedure in database {{ item }} to Datadog user
mysql_query:
query: |
CREATE PROCEDURE {{ item }}.explain_statement(IN query TEXT)
SQL SECURITY DEFINER
BEGIN
SET @explain := CONCAT('EXPLAIN FORMAT=json ', query);
PREPARE stmt FROM @explain;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
END
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
with_items: "{{ datadog_monitored_dbs }}"
when: datadog_mysql_monitoring_enabled | default(false)
ignore_errors: yes

- name: Grant EXECUTE on explain_statement procedure in database {{ item }} to Datadog user
mysql_query:
query: "GRANT EXECUTE ON PROCEDURE {{ item }}.explain_statement TO {{ datadog_user }}@'%';"
login_host: "{{ database_connection.login_host }}"
login_user: "{{ database_connection.login_user }}"
login_password: "{{ database_connection.login_password }}"
with_items: "{{ datadog_monitored_dbs }}"
when: datadog_mysql_monitoring_enabled | default(false)