마짱짱의 지식창고
Wordpress 만드는 과정 - 2 (AD-HOC, Playbook) 본문
반응형
AD-HOC 이란?
명령으로 실행하는 Asible 실행방법
$ ansible <NODE> -m <MODULE> -a <ARGUMENT>(참고)
https://docs.ansible.com/ansible/latest/user_guide/intro_adhoc.html
Introduction to ad-hoc commands — Ansible Documentation
An Ansible ad-hoc command uses the /usr/bin/ansible command-line tool to automate a single task on one or more managed nodes. Ad-hoc commands are quick and easy, but they are not reusable. So why learn about ad-hoc commands first? Ad-hoc commands demonstra
docs.ansible.com
Playbook 이란?
- 이미 존재하는 구성 관리 및 다중 시스템과 달리, 복잡한 어플리케이션을 배포하는데 배포하는데 매우 적합하다.
- YAML 언어로 작성되며 최소한의 구문을 사용
01-common.yaml
- name: Install common packages
hosts: wp
become: yes
tasks:
- name: Install epel-release
yum:
name: epel-release
state: latest
- name: Install libsemanage-python for seboolean
yum:
name: libsemanage-python
state: latest( 모든 노드에 공통적으로 epel-release 및 libsemanage-python)
* libsemanage-python ? : SELINUX 관리 응용 프로그램을 개발하기 위한 python바인딩이 포함되어 있다.
02-nfs.ymal
- name: Deploy nfs server for wordpress sources
hosts: wp-nfs
become: yes
tasks:
- name: Install nfs-utils
yum:
name: nfs-utils
state: latest
- name: Create a directory for nfs exports
file:
path: "{{ nfs['exports']['directory'] }}"
state: directory
mode: '0775'
- name: Create a new primary partition for LVM
parted:
device: "{{ nfs['block']['device'] }}"
number: 1
flags: [ lvm ]
state: present
part_start: 5GiB
- name: Create a filesystem
filesystem:
fstype: "{{ nfs['block']['fs_type'] }}"
dev: "{{ nfs['block']['device'] }}1"
- name: mount /dev/vdb1 on /wordpress
mount:
path: "{{ nfs['exports']['directory'] }}"
src: "{{ nfs['block']['device'] }}1"
fstype: "{{ nfs['block']['fs_type'] }}"
state: mounted
- name: Create exports to webserver
template:
src: templates/exports.j2
dest: /etc/exports
notify:
- Re-export all directories
- name: Set wordpress url
set_fact:
wp_url: "https://ko.wordpress.org/wordpress-{{ wordpress['source']['version'] }}-{{ wordpress['source']['language'] }}.tar.gz"
wp_filename: "wordpress-{{ wordpress['source']['version'] }}-{{ wordpress['source']['language'] }}.tar.gz"
- name: Download wordpress sources
get_url:
url: "{{ wp_url }}"
dest: "/tmp/{{ wp_filename }}"
- name: Unarchive wordpress archive
unarchive:
src: "/tmp/{{ wp_filename }}"
dest: "{{ nfs['exports']['directory'] }}"
remote_src: yes
owner: root
group: root
- name: Copy wp-config.php
template:
src: templates/wp-config.php.j2
dest: "{{ nfs['exports']['directory'] }}/wordpress/wp-config.php"
- name: Start nfs service
service:
name: nfs
enabled: true
state: started
- name: Allow port for nfs
firewalld:
service: nfs
permanent: yes
state: enabled
immediate: yes
- name: Allow port for rpc-bind
firewalld:
service: rpc-bind
permanent: yes
state: enabled
immediate: yes
- name: Allow port for mountd
firewalld:
service: mountd
permanent: yes
state: enabled
immediate: yes
handlers:
- name: Re-export all directories
command: exportfs -ar
03-mariadb.yaml
- name: Deploy MariaDB
hosts: wp-db
become: yes
tasks:
- name: Add yum_repository for mariadb
yum_repository:
name: MariaDB
baseurl: "{{ mariadb['repo']['baseurl'] }}"
gpgkey: "{{ mariadb['repo']['gpgkey'] }}"
gpgcheck: 1
description: MariaDB
- name: Install mariadb
yum:
name: MariaDB-server
enablerepo: MariaDB
state: latest
- name: Copy mariadb configuration
template:
src: templates/my.cnf.j2
dest: /etc/my.cnf.d/server.cnf
notify:
- Restart mariadb
- name: Start mariadb
service:
name: mariadb
state: started
enabled: true
- name: Install library for DB
yum:
name: MySQL-python
state: latest
- name: Set root password
mysql_user:
login_user: root
login_password: ''
user: root
password: dkagh1.
state: present
- name: Delete anonymous user in DB
mysql_user:
login_user: root
login_password: dkagh1.
name: ''
host_all: yes
state: absent
- name: Delete test db in DB
mysql_db:
login_user: root
login_password: dkagh1.
db: test
state: absent
- name: Create DB for wordpress
mysql_db:
login_user: root
login_password: dkagh1.
name: "{{ mariadb['wp']['name'] }}"
state: present
- name: Create User for wordpress
mysql_user:
login_user: root
login_password: dkagh1.
name: "{{ mariadb['wp']['user'] }}"
password: "{{ mariadb['wp']['pwd'] }}"
priv: "{{ mariadb['wp']['priv'] }}"
host: "{{ mariadb['wp']['host'] }}"
state: present
- name: Open mariadb port
firewalld:
port: "{{ mariadb['port'] }}/tcp"
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for mysql
seboolean:
name: mysql_connect_any
state: yes
persistent: yes
handlers:
- name: Restart mariadb
service:
name: mariadb
state: restarted
04-apache.yaml
- name: Deploy wordpress
hosts: wp-web
become: yes
tasks:
- name: Install nfs-utils
yum:
name: nfs-utils
state: latest
- name: Install httpd
yum:
name: httpd
state: latest
- name: Copy configuration
template:
src: templates/apache.conf.j2
dest: /etc/httpd/conf/httpd.conf
notify:
- Restart httpd
- name: Delegate collecting facts for mariadb
setup:
delegate_to: node4 ##
- name: Set facts for mariadb private ip
set_fact:
db_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Mount nfs share
mount:
path: /var/www/html
src: "{{ db_private_ip }}:{{ nfs['exports']['directory'] }}"
fstype: nfs
state: mounted
- name: Open http port
firewalld:
port: "{{ apache['port'] }}/tcp"
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for httpd
seboolean:
name: httpd_can_network_connect
state: yes
persistent: yes
- name: Active seboolean for httpd
seboolean:
name: httpd_can_network_connect_db
state: yes
persistent: yes
- name: Active seboolean for nfs
seboolean:
name: httpd_use_nfs
state: yes
persistent: yes
- name: Install remi-release-7 for php74
yum:
name: "{{ php['repo']['pkg'] }}"
state: latest
- name: Install php and php-mysql
yum:
name: php,php-mysql
enablerepo: remi-php74
state: latest
- name: Install nfs-utils for mount
yum:
name: nfs-utils
state: latest
- name: Start httpd
service:
name: httpd
state: started
enabled: true
handlers:
- name: Restart httpd
service:
name: httpd
state: restarted
05-haproxy.yaml
- name: Deploy haproxy
hosts: wp-lb
become: yes
tasks:
- name: Install haproxy
yum:
name: haproxy
state: latest
- name: Open http port
firewalld:
port: "{{ haproxy['frontend']['port'] }}/tcp"
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for httpd
seboolean:
name: haproxy_connect_any
state: yes
persistent: yes
- name: Set facts for haproxy public ip
set_fact:
haproxy_public_ip: "{{ ansible_eth0.ipv4.address }}"
- name: Delegate collecting facts for wordpress1
setup:
delegate_to: node2
- name: Set facts for wordpress1 private ip
set_fact:
wordpress1_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Delegate collecting facts for wordpress2
setup:
delegate_to: node3
- name: Set facts for wordpress2 private ip
set_fact:
wordpress2_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Copy haproxy configuration
template:
src: templates/haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
notify:
- Restart haproxy service
- name: Start haproxy service
service:
name: haproxy
enabled: true
state: started
handlers:
- name: Restart haproxy service
service:
name: haproxy
state: restarted
변수 및 템플릿은 뒤에서 확인해보자.
반응형
'Automation > Ansible' 카테고리의 다른 글
| Wordpress 만드는 과정 - 4 (role) (0) | 2020.08.14 |
|---|---|
| Wordpress 만드는 과정 3 - (변수 및 Jinja2 template) (0) | 2020.08.14 |
| Wordpress 만드는 과정 - 1 (준비물, inventory, 구성파일) (0) | 2020.08.14 |
| Ansible var 를 이용한 wordpress (0) | 2020.08.11 |
| [Ansible] 1. 설치 및 Ad-hoc로만 wordpress 올려보기 (맛보기) (0) | 2020.08.05 |
'Automation/Ansible' Related Articles
more
