feat(mysql): 创建 MySQL 主从复制集群和单节点实例的 Terraform 配置文件（#1）

feat(mysql): 创建 MySQL 主从复制集群和单节点实例的 Terraform 配置文件

Author: zhangzqs

.gitignore

@@ -0,0 +1,9 @@
+.terraform/
+*.tfstate
+*.tfstate.lock.info
+*.tfstate.backup
+crash.log
+custom-plugins/
+*.lock.hcl
+*.auto.*
+env.sh

mysql/common/common_variables.tf

@@ -0,0 +1,77 @@
+variable "instance_type" {
+  type        = string
+  description = "MySQL instance type"
+  default     = "ecs.t1.c1m2"
+  validation {
+    condition = var.instance_type != "" && contains([
+      "ecs.t1.c1m2",
+      "ecs.t1.c2m4",
+      "ecs.t1.c4m8",
+      "ecs.t1.c12m24",
+      "ecs.t1.c32m64",
+      "ecs.t1.c24m48",
+      "ecs.t1.c8m16",
+      "ecs.t1.c16m32",
+      "ecs.g1.c16m120",
+      "ecs.g1.c32m240",
+      "ecs.c1.c1m2",
+      "ecs.c1.c2m4",
+      "ecs.c1.c4m8",
+      "ecs.c1.c8m16",
+      "ecs.c1.c16m32",
+      "ecs.c1.c24m48",
+      "ecs.c1.c12m24",
+      "ecs.c1.c32m64",
+    ], var.instance_type)
+    error_message = "instance_type parameter must be one of the allowed instance types"
+  }
+}
+
+variable "instance_system_disk_size" {
+  type        = number
+  description = "System disk size in GiB"
+  default     = 20
+
+  validation {
+    condition     = var.instance_system_disk_size > 0
+    error_message = "instance_system_disk_size parameter must be a positive integer"
+  }
+}
+
+variable "mysql_username" {
+  type        = string
+  description = "MySQL username"
+  default     = "admin"
+
+  validation {
+    condition     = length(var.mysql_username) >= 1 && length(var.mysql_username) <= 32
+    error_message = "mysql_username parameter must be between 1 and 32 characters long"
+  }
+}
+
+variable "mysql_password" {
+  type        = string
+  description = "MySQL password"
+  sensitive   = true
+
+  validation {
+    condition     = length(var.mysql_password) >= 8
+    error_message = "mysql_password parameter must be at least 8 characters long"
+  }
+
+  validation {
+    condition     = can(regex("[a-z]", var.mysql_password)) && can(regex("[A-Z]", var.mysql_password)) && can(regex("[0-9]", var.mysql_password)) && can(regex("[!-/:-@\\[-`{-~]", var.mysql_password))
+    error_message = "mysql_password parameter must contain at least one lowercase letter, one uppercase letter, one digit, and one special character"
+  }
+}
+
+variable "mysql_db_name" {
+  type        = string
+  description = "Initial MySQL database name (optional)"
+  default     = ""
+
+  validation {
+    condition     = var.mysql_db_name == "" || length(var.mysql_db_name) >= 1 && length(var.mysql_db_name) <= 64 && can(regex("^[a-zA-Z0-9_]*$", var.mysql_db_name)) && !contains(["mysql", "information_schema", "performance_schema", "sys"], var.mysql_db_name)
+    error_message = "mysql_db_name must be 1-64 chars, only alphanumeric/underscore, and not a reserved name (mysql, information_schema, performance_schema, sys)"
+  }
+}

mysql/common/common_versions.tf

@@ -0,0 +1,18 @@
+terraform {
+  required_version = "> 0.12.0"
+
+  required_providers {
+    qiniu = {
+      source  = "hashicorp/qiniu"
+      version = "~> 1.0.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "qiniu" {}
+
+provider "random" {}

mysql/common/image_data.tf

@@ -0,0 +1,12 @@
+data "qiniu_compute_images" "available_official_images" {
+  type  = "Official"
+  state = "Available"
+}
+
+locals {
+  // 选用的系统镜像ID
+  ubuntu_image_id = one([
+    for item in data.qiniu_compute_images.available_official_images.items : item
+    if item.os_distribution == "Ubuntu" && item.os_version == "24.04 LTS"
+  ]).id
+}

mysql/replication/data.tf

@@ -0,0 +1,29 @@
+# 为 MySQL 复制用户生成随机密码
+resource "random_password" "replication_password" {
+  length  = 16
+  special = true
+  lower   = true
+  upper   = true
+  numeric = true
+}
+
+locals {
+  // MySQL 复制用户名称
+  replication_username = var.mysql_replication_username
+
+  // 随机生成的 MySQL 复制用户密码
+  replication_password = random_password.replication_password.result
+}
+
+# 用于生成资源后缀
+resource "random_string" "random_suffix" {
+  length  = 6
+  upper   = false
+  lower   = true
+  special = false
+}
+
+locals {
+  // 资源组随机后缀
+  cluster_suffix = random_string.random_suffix.result
+}

mysql/replication/image_data.tf

@@ -0,0 +1 @@
+../common/image_data.tf

mysql/replication/main.tf

@@ -0,0 +1,50 @@
+# MySQL Replication Cluster Configuration
+
+# 创建置放组
+resource "qiniu_compute_placement_group" "mysql_pg" {
+  name        = format("mysql-repl-%s", local.cluster_suffix)
+  description = format("Placement group for MySQL replication cluster %s", local.cluster_suffix)
+  strategy    = "Spread"
+}
+
+# 创建 MySQL 主库
+resource "qiniu_compute_instance" "mysql_primary_node" {
+  instance_type      = var.instance_type
+  placement_group_id = qiniu_compute_placement_group.mysql_pg.id
+  name               = format("mysql-primary-%s", local.cluster_suffix)
+  description        = format("Primary node for MySQL replication cluster %s", local.cluster_suffix)
+  image_id           = local.ubuntu_image_id
+  system_disk_size   = var.instance_system_disk_size
+
+  user_data = base64encode(templatefile("${path.module}/mysql_master.sh", {
+    mysql_server_id            = "1"
+    mysql_admin_username       = var.mysql_username
+    mysql_admin_password       = var.mysql_password
+    mysql_replication_username = local.replication_username
+    mysql_replication_password = local.replication_password
+    mysql_db_name              = var.mysql_db_name
+  }))
+}
+
+
+# 创建 MySQL 从库节点
+resource "qiniu_compute_instance" "mysql_replication_nodes" {
+  depends_on = [qiniu_compute_instance.mysql_primary_node]
+
+  count              = var.mysql_replica_count
+  instance_type      = var.instance_type
+  placement_group_id = qiniu_compute_placement_group.mysql_pg.id
+  name               = format("mysql-repl-%02d-%s", count.index + 1, local.cluster_suffix)
+  description        = format("Replica node %02d for MySQL replication cluster %s", count.index + 1, local.cluster_suffix)
+  image_id           = local.ubuntu_image_id
+  system_disk_size   = var.instance_system_disk_size
+
+  user_data = base64encode(templatefile("${path.module}/mysql_slave.sh", {
+    mysql_master_ip            = qiniu_compute_instance.mysql_primary_node.private_ip_addresses[0].ipv4
+    mysql_server_id            = tostring(count.index + 2) // 从库ID从2开始递增
+    mysql_replication_username = local.replication_username
+    mysql_replication_password = local.replication_password
+  }))
+}
+
+

mysql/replication/mysql_master.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+set -e
+
+# Install MySQL if not already installed
+echo "Checking for MySQL installation..."
+if ! command -v mysql &> /dev/null; then
+    echo "MySQL not found, installing..."
+    apt-get update
+    DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-client-8.0 mysql-server-8.0 mysql-router mysql-shell
+fi
+
+echo "This is the primary node."
+
+# 允许外部IP访问
+sed -i 's/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/' /etc/mysql/mysql.conf.d/mysqld.cnf
+
+# 确保删除旧的server uuid配置文件，防止uuid冲突
+rm -f /var/lib/mysql/auto.cnf
+
+# 配置主从复制
+tee /etc/mysql/mysql.conf.d/replication.cnf >/dev/null <<EOF
+[mysqld]
+server_id = ${mysql_server_id}
+log_bin = /var/log/mysql/mysql-bin.log  # binlog 路径前缀
+binlog_format = ROW # binlog 格式
+gtid_mode = ON # 开启 GTID 模式
+expire_logs_days = 7 # 自动清理7天前的binlog
+max_binlog_size = 100M # 单个binlog文件最大大小
+enforce_gtid_consistency = ON # 强制保证 GTID 一致性（避免非事务操作）
+EOF
+
+# 重启 MySQL 服务
+systemctl restart mysql
+
+# 等待 MySQL 服务重启完成
+while ! mysqladmin ping --silent; do sleep 1; done  
+
+mysql -uroot <<EOF
+  ALTER USER 'root'@'localhost' IDENTIFIED BY '${mysql_admin_password}';
+  CREATE USER IF NOT EXISTS '${mysql_admin_username}'@'%' IDENTIFIED BY '${mysql_admin_password}';
+  ALTER USER '${mysql_admin_username}'@'%' IDENTIFIED BY '${mysql_admin_password}';
+  GRANT ALL PRIVILEGES ON *.* TO '${mysql_admin_username}'@'%' WITH GRANT OPTION;
+
+  CREATE USER IF NOT EXISTS '${mysql_replication_username}'@'%' IDENTIFIED WITH mysql_native_password BY '${mysql_replication_password}';
+  ALTER USER '${mysql_replication_username}'@'%' IDENTIFIED WITH mysql_native_password BY '${mysql_replication_password}';
+  GRANT REPLICATION SLAVE ON *.* TO '${mysql_replication_username}'@'%';
+  FLUSH PRIVILEGES;
+EOF
+
+# 如果 mysql_db_name 不为空，则创建数据库
+if [[ -n "${mysql_db_name}" ]]; then
+  mysql -u"${mysql_admin_username}" -p"${mysql_admin_password}" <<EOF
+CREATE DATABASE IF NOT EXISTS \`${mysql_db_name}\`;
+EOF
+fi
+
+# 查看数据库
+mysql -u"${mysql_admin_username}" -p"${mysql_admin_password}" -e "SHOW DATABASES;"

mysql/replication/mysql_slave.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+set -e
+
+# Install MySQL if not already installed
+echo "Checking for MySQL installation..."
+if ! command -v mysql &> /dev/null; then
+    echo "MySQL not found, installing..."
+    apt-get update
+    DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-client-8.0 mysql-server-8.0 mysql-router mysql-shell
+fi
+
+echo "This is a replica node."
+
+# 允许外部IP访问
+sed -i 's/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/' /etc/mysql/mysql.conf.d/mysqld.cnf
+
+# 确保删除旧的server uuid配置文件，防止uuid冲突
+rm -f /var/lib/mysql/auto.cnf
+
+# 配置主从复制
+tee /etc/mysql/mysql.conf.d/replication.cnf >/dev/null <<EOF
+[mysqld]
+server_id = ${mysql_server_id}
+relay_log = /var/lib/mysql/mysql-relay-bin # 中继日志路径
+read_only = ON # 设置从库为只读
+super_read_only = ON # 设置root用户也是只读模式
+gtid_mode = ON # 开启 GTID 模式
+enforce_gtid_consistency = ON # 强制保证 GTID 一致性（避免非事务操作）
+EOF
+
+# 重启 MySQL 服务
+systemctl restart mysql
+
+# 等待 MySQL 服务重启完成
+while ! mysqladmin ping --silent; do sleep 1; done  
+
+# 轮询等待主库启动
+while ! mysqladmin ping -h "${mysql_master_ip}" -u"${mysql_replication_username}" -p"${mysql_replication_password}" --silent; do
+  echo "Waiting for MySQL master at ${mysql_master_ip} to be ready..."
+  sleep 2
+done
+
+# 配置从库，将自动将主库所有变更都同步过来，包括用户配置
+mysql -uroot <<EOF
+  CHANGE MASTER TO
+    MASTER_HOST = '${mysql_master_ip}',
+    MASTER_USER = '${mysql_replication_username}',
+    MASTER_PASSWORD = '${mysql_replication_password}',
+    MASTER_AUTO_POSITION = 1;
+  START SLAVE;
+  SHOW SLAVE STATUS\G;
+EOF

mysql/replication/outputs.tf

@@ -0,0 +1,23 @@
+output "mysql_primary_endpoint" {
+  value       = format("%s:3306", qiniu_compute_instance.mysql_primary_node.private_ip_addresses[0].ipv4)
+  description = "MySQL primary address string in the format: <primary_ip>:<port>"
+}
+
+output "mysql_replica_endpoints" {
+  value = [
+    for instance in qiniu_compute_instance.mysql_replication_nodes :
+    format("%s:3306", instance.private_ip_addresses[0].ipv4)
+  ]
+  description = "List of MySQL replica endpoints in the format: <replica_ip>:<port>"
+}
+
+output "mysql_replication_username" {
+  value       = local.replication_username
+  description = "MySQL replication username"
+}
+
+output "mysql_replication_password" {
+  value       = local.replication_password
+  description = "MySQL replication password (randomly generated)"
+  sensitive   = true
+}

mysql/replication/repl_variables.tf

@@ -0,0 +1,22 @@
+
+variable "mysql_replica_count" {
+  type        = number
+  description = "Number of MySQL replica nodes"
+  default     = 2
+
+  validation {
+    condition     = var.mysql_replica_count >= 1 && var.mysql_replica_count <= 2
+    error_message = "mysql_replica_count must be between 1 and 2"
+  }
+}
+
+variable "mysql_replication_username" {
+  type        = string
+  description = "MySQL replication username"
+  default     = "replication"
+
+  validation {
+    condition     = length(var.mysql_replication_username) >= 1 && length(var.mysql_replication_username) <= 32
+    error_message = "mysql_replication_username parameter must be between 1 and 32 characters long"
+  }
+}

mysql/replication/variables.tf

@@ -0,0 +1 @@
+../common/common_variables.tf

mysql/replication/versions.tf

@@ -0,0 +1 @@
+../common/common_versions.tf

mysql/standalone/data.tf

@@ -0,0 +1,11 @@
+# 生成资源后缀，避免命名冲突
+resource "random_string" "resource_suffix" {
+  length  = 6
+  upper   = false
+  lower   = true
+  special = false
+}
+
+locals {
+  standalone_suffix = random_string.resource_suffix.result
+}

mysql/standalone/image_data.tf

@@ -0,0 +1 @@
+../common/image_data.tf

mysql/standalone/main.tf

@@ -0,0 +1,12 @@
+resource "qiniu_compute_instance" "mysql_primary_node" {
+  instance_type    = var.instance_type // 虚拟机实例规格
+  name             = format("mysql-standalone-%s", local.standalone_suffix)
+  description      = format("Standalone MySQL node %s", local.standalone_suffix)
+  image_id         = local.ubuntu_image_id         // 预设的MysSQL系统镜像ID
+  system_disk_size = var.instance_system_disk_size // 系统盘大小，单位是GiB
+  user_data = base64encode(templatefile("${path.module}/mysql_standalone.sh", {
+    mysql_username = var.mysql_username,
+    mysql_password = var.mysql_password,
+    mysql_db_name  = var.mysql_db_name,
+  }))
+}

mysql/standalone/mysql_standalone.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+
+# Install MySQL if not already installed
+
+echo "Checking for MySQL installation..."
+
+if ! command -v mysql &> /dev/null; then
+    echo "MySQL not found, installing..."
+    apt-get update
+    DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-client-8.0 mysql-server-8.0 mysql-router mysql-shell
+fi
+
+echo "Setting up MySQL standalone instance..."
+
+# 允许外部IP访问
+sed -i 's/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/' /etc/mysql/mysql.conf.d/mysqld.cnf
+
+# 确保删除旧的server uuid配置文件，防止uuid冲突
+rm -f /var/lib/mysql/auto.cnf
+
+# 重启 MySQL 服务
+systemctl restart mysql
+
+# 等待 MySQL 服务重启完成
+while ! mysqladmin ping --silent; do sleep 1; done  
+
+# 配置基础用户
+mysql -uroot <<EOF
+ALTER USER 'root'@'localhost' IDENTIFIED BY '${mysql_password}';
+CREATE USER '${mysql_username}'@'%' IDENTIFIED BY '${mysql_password}';
+GRANT ALL PRIVILEGES ON *.* TO '${mysql_username}'@'%' WITH GRANT OPTION;
+FLUSH PRIVILEGES;
+EOF
+
+# 如果 mysql_db_name 不为空，则创建数据库
+if [[ -n "${mysql_db_name}" ]]; then
+  mysql -u"${mysql_username}" -p"${mysql_password}" <<EOF
+CREATE DATABASE IF NOT EXISTS \`${mysql_db_name}\`;
+EOF
+fi
+
+echo "MySQL standalone setup completed successfully!"

mysql/standalone/outputs.tf

@@ -0,0 +1,4 @@
+output "mysql_primary_endpoint" {
+  value       = format("%s:3306", qiniu_compute_instance.mysql_primary_node.private_ip_addresses[0].ipv4)
+  description = "MySQL primary address string in the format: <primary_ip>:<port>"
+}

mysql/standalone/variables.tf

@@ -0,0 +1 @@
+../common/common_variables.tf

mysql/standalone/versions.tf

@@ -0,0 +1 @@
+../common/common_versions.tf