Mysql 5.7 on Ansible

  • Ansible currently assumes root password will be blank on installation
  • In Mysql 5.7 a temporary password is created that has to be reset before you can start using mysql
  • You can't use mysql_user ansible module as mysql warns that you must change it using a client that supports expired passwords

Find the temporary Password

- name: Find temporary password
    shell: "echo `grep 'temporary.*root@localhost' /var/log/mysqld.log | sed 's/.*root@localhost: //'`"
    register: mysql_root_password_temp
    tags: register

Set the new password using the temporary password

- name: Set new password from temporary password
  shell: 'mysql -e "SET PASSWORD = PASSWORD(''{{ mysql_root_password }}'');" --connect-expired-password -uroot -p"{{ mysql_root_password_temp.stdout }}"'


  • To escape single quotes in yaml don't use \' use ''
  • You may want to delete .history afterwards as you are setting the password on the shell
  • more