마짱짱의 지식창고
Ansible var 를 이용한 wordpress 본문
반응형
# ansible.cfg
[defaults]
inventory = inventory.ini
# inventory.ini
node1 ansible_host=192.168.123.51
node2 ansible_host=192.168.123.52
node3 ansible_host=192.168.123.53
node4 ansible_host=192.168.123.54
[wp-lb]
node1
[wp-web]
node2
node3
[wp-db]
node4
[wp-nfs]
node4
[wp:children]
wp-lb
wp-web
wp-db
wp-nfs
## Vars
# apache.yml
apache:
port: 80
php:
repo:
pkg: "https://rpms.remirepo.net/enterprise/remi-release-7.rpm "
# haproxy.yml
haproxy:
frontend:
port: 80
backend:
name: wordpress
balance_type: roundrobin
wordpress1:
port: 80
wordpress2:
port: 80
# mariadb.yml
mariadb:
repo:
baseurl: http://mirror.yongbok.net/mariadb/yum/10.5/centos7-amd64
gpgkey: http://mirror.yongbok.net/mariadb/yum/RPM-GPG-KEY-MariaDB
wp:
name: wordpress_db
user: admin
pwd: dkagh1.
priv: wordpress_db.*:ALL,GRANT
host: '192.168.123.%'
port: 3306
# nfs.yml
nfs:
exports:
directory: /wordpress
subnet: 192.168.123.0/24
options: rw,sync,no_root_squash
block:
device: /dev/vdb
fs_type: ext4
# wordpress.yml
wordpress:
source:
version: 5.3.4
language: ko_KR
db:
name: wordpress_db
username: admin
password: dkagh1.
host: 192.168.123.54#common.yml
- name: Install common packages
hosts: wp
become: yes
tasks:
- name: Install epel-release
yum:
name: epel-release
state: latest
- name: Install libsemanage-python for seboolean
yum:
name: libsemanage-python
state: latest# nfs.ymal
- name: Deploy nfs server for wordpress sources
hosts: wp-nfs
become: yes
tasks:
- name: Install nfs-utils
yum:
name: nfs-utils
state: latest
- name: Create a directory for nfs exports
file:
path: "{{ nfs['exports']['directory'] }}"
state: directory
mode: '0775'
- name: Create a new primary partition for LVM
parted:
device: "{{ nfs['block']['device'] }}"
number: 1
flags: [ lvm ]
state: present
part_start: 5GiB
- name: Create a filesystem
filesystem:
fstype: "{{ nfs['block']['fs_type'] }}"
dev: "{{ nfs['block']['device'] }}1"
- name: mount /dev/vdb1 on /wordpress
mount:
path: "{{ nfs['exports']['directory'] }}"
src: "{{ nfs['block']['device'] }}1"
fstype: "{{ nfs['block']['fs_type'] }}"
state: mounted
- name: Create exports to webserver
template:
src: templates/exports.j2
dest: /etc/exports
notify:
- Re-export all directories
- name: Set wordpress url
set_fact:
wp_url: "https://ko.wordpress.org/wordpress-{{ wordpress['source']['version'] }}-{{ wordpress['source']['language'] }}.tar.gz"
wp_filename: "wordpress-{{ wordpress['source']['version'] }}-{{ wordpress['source']['language'] }}.tar.gz"
- name: Download wordpress sources
get_url:
url: "{{ wp_url }}"
dest: "/tmp/{{ wp_filename }}"
- name: Unarchive wordpress archive
unarchive:
src: "/tmp/{{ wp_filename }}"
dest: "{{ nfs['exports']['directory'] }}"
remote_src: yes
owner: root
group: root
- name: Copy wp-config.php
template:
src: templates/wp-config.php.j2
dest: "{{ nfs['exports']['directory'] }}/wordpress/wp-config.php"
- name: Start nfs service
service:
name: nfs
enabled: true
state: started
- name: Allow port for nfs
firewalld:
service: nfs
permanent: yes
state: enabled
immediate: yes
- name: Allow port for rpc-bind
firewalld:
service: rpc-bind
permanent: yes
state: enabled
immediate: yes
- name: Allow port for mountd
firewalld:
service: mountd
permanent: yes
state: enabled
immediate: yes
handlers:
- name: Re-export all directories
command: exportfs -ar# DB Server
- name: Deploy MariaDB
hosts: wp-db
become: yes
tasks:
- name: Add yum_repository for mariadb
yum_repository:
name: MariaDB
baseurl: "{{ mariadb['repo']['baseurl'] }}"
gpgkey: "{{ mariadb['repo']['gpgkey'] }}"
gpgcheck: 1
description: MariaDB
- name: Install mariadb
yum:
name: MariaDB-server
enablerepo: MariaDB
state: latest
- name: Copy mariadb configuration
template:
src: templates/my.cnf.j2
dest: /etc/my.cnf.d/server.cnf
notify:
- Restart mariadb
- name: Start mariadb
service:
name: mariadb
state: started
enabled: true
- name: Install library for DB
yum:
name: MySQL-python
state: latest
- name: Set root password
mysql_user:
login_user: root
login_password: ''
user: root
password: dkagh1.
state: present
- name: Delete anonymous user in DB
mysql_user:
login_user: root
login_password: dkagh1.
name: ''
host_all: yes
state: absent
- name: Delete test db in DB
mysql_db:
login_user: root
login_password: dkagh1.
db: test
state: absent
- name: Create DB for wordpress
mysql_db:
login_user: root
login_password: dkagh1.
name: "{{ mariadb['wp']['name'] }}"
state: present
- name: Create User for wordpress
mysql_user:
login_user: root
login_password: dkagh1.
name: "{{ mariadb['wp']['user'] }}"
password: "{{ mariadb['wp']['pwd'] }}"
priv: "{{ mariadb['wp']['priv'] }}"
host: "{{ mariadb['wp']['host'] }}"
state: present
- name: Open mariadb port
firewalld:
port: "{{ mariadb['port'] }}/tcp"
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for mysql
seboolean:
name: mysql_connect_any
state: yes
persistent: yes
handlers:
- name: Restart mariadb
service:
name: mariadb
state: restarted
# Apache install
- name: Deploy wordpress
hosts: wp-web
become: yes
tasks:
- name: Install nfs-utils
yum:
name: nfs-utils
state: latest
- name: Install httpd
yum:
name: httpd
state: latest
- name: Copy configuration
template:
src: templates/apache.conf.j2
dest: /etc/httpd/conf.d/00-listen.conf
notify:
- Restart httpd
- name: Delegate collecting facts for mariadb
setup:
delegate_to: node4 ##
- name: Set facts for mariadb private ip
set_fact:
db_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Mount nfs share
mount:
path: /var/www/html
src: "{{ db_private_ip }}:{{ nfs['exports']['directory'] }}"
fstype: nfs
state: mounted
- name: Open http port
firewalld:
port: "{{ apache['port'] }}/tcp"
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for httpd
seboolean:
name: httpd_can_network_connect
state: yes
persistent: yes
- name: Active seboolean for httpd
seboolean:
name: httpd_can_network_connect_db
state: yes
persistent: yes
- name: Active seboolean for nfs
seboolean:
name: httpd_use_nfs
state: yes
persistent: yes
- name: Install remi-release-7 for php74
yum:
name: "{{ php['repo']['pkg'] }}"
state: latest
- name: Install php and php-mysql
yum:
name: php,php-mysql
enablerepo: remi-php74
state: latest
- name: Install nfs-utils for mount
yum:
name: nfs-utils
state: latest
- name: Start httpd
service:
name: httpd
state: started
enabled: true
handlers:
- name: Restart httpd
service:
name: httpd
state: restarted# haproxy install
- name: Deploy haproxy
hosts: wp-lb
become: yes
tasks:
- name: Install haproxy
yum:
name: haproxy
state: latest
- name: Open http port
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: Active seboolean for httpd
seboolean:
name: haproxy_connect_any
state: yes
persistent: yes
- name: Set facts for haproxy public ip
set_fact:
haproxy_public_ip: "{{ ansible_eth0.ipv4.address }}"
- name: Delegate collecting facts for wordpress1
setup:
delegate_to: node2
- name: Set facts for wordpress1 private ip
set_fact:
wordpress1_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Delegate collecting facts for wordpress2
setup:
delegate_to: node3
- name: Set facts for wordpress2 private ip
set_fact:
wordpress2_private_ip: "{{ ansible_eth1.ipv4.address }}"
- name: Copy haproxy configuration
template:
src: templates/haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
notify:
- Restart haproxy service
- name: Start haproxy service
service:
name: haproxy
enabled: true
state: started
handlers:
- name: Restart haproxy service
service:
name: haproxy
state: restarted반응형
'Automation > Ansible' 카테고리의 다른 글
| Wordpress 만드는 과정 3 - (변수 및 Jinja2 template) (0) | 2020.08.14 |
|---|---|
| Wordpress 만드는 과정 - 2 (AD-HOC, Playbook) (0) | 2020.08.14 |
| Wordpress 만드는 과정 - 1 (준비물, inventory, 구성파일) (0) | 2020.08.14 |
| [Ansible] 1. 설치 및 Ad-hoc로만 wordpress 올려보기 (맛보기) (0) | 2020.08.05 |
| [Ansible] 0. Ansible 이란? (0) | 2020.08.05 |
'Automation/Ansible' Related Articles
more
