ubuntu -> root로 바꿈
sudo -su root
cat /etc/ansible/hosts복습..
센토스 아파치 애드혹 관리
# ansible centos -m yum -a "name=httpd state=present" -k # yum install -y httpd 랑 똑같음,
# curl https://www.nginx.com/ -o index.html # centos에 apache 깔고 사이트 들가면 test1234뜨는데 그거말고 좀잇어보이게 하기위해서 nginx.com에서 index.html하나 다운받앗음
# ansible centos -m copy -a "src=index.html dest=/var/www/html/index.html" -k # 방금 받은 index.html을 소스, 데스티네이션에 복사 scp
# ansible centos -m service -a "name=httpd state=started" -k # name = 여기서는 서비스의 이름
# ansible centos -m shell -a "systemctl status firewalld" -k
# ansible centos -m shell -a "systemctl start firewalld" -k
# ansible centos -m shell -a "firewall-cmd --permanent --zone=public --add-service=http" -k
# ansible centos -m shell -a "firewall-cmd --reload" -k
# ansible centos -m service -a "name=httpd state=stopped" -k # 한번에 다멈추기! systemctl stop httpd
# ansible centos -m shell -a "systemctl stop firewalld" -k
# ansible centos -m yum -a "name=httpd state=absent" -k # yum remove -y httpd우분투 아파치 애드혹 관리
# ansible ubuntu -m apt -a "name=apache2 state=present" -k
# curl https://www.nginx.com/ -o index.html
# ansible ubuntu -m copy -a "src=index.html dest=/var/www/html/index.html" -k # scp index.html root@192.168.1.197:/var/www/html/
# ansible ubuntu -m service -a "name=apache2 state=stopped" -k
# ansible ubuntu -m service -a "name=apache2 state=started" -k
# ansible ubuntu -m apt -a "name=apache2 state=absent" -k # apt remove -y apache2멱등성
앤서블은 멱등성(Idempotency)이란 특징을 가집니다. 이는 여러 번 적용해도 결과가 바뀌지 않으며, 수정된 부분이 있다면 그 부분만 새롭게 반영되는 특징이 있습니다.
# echo "172.16.0.100" >> inventory.list
# cat inventory.list
# echo "172.16.0.100" >> inventory.list
# cat inventory.list
# ansible localhost -c local -m lineinfile -a "path=inventory.list line=172.16.0.200"
# cat inventory.list
# ansible localhost -c local -m lineinfile -a "path=inventory.list line=172.16.0.200"
# cat inventory.list플레이북 구조
YAML 형식으로 작성된 각각의 Playbook들은 하나 이상의 Play를 가지며, 각각의 Play는 하나 이상의 task(앤서블 모듈)을 실행한다
- name: Playbook Tutorial # - 로 시작하는 3줄이 한 블록이다.
hosts: all # ":" 으로 구분해 항목명과 값을 설정한 키-값 형식으로 되어 있다.
tasks: # 항목명의 위치가 정렬되어 있다. yaml은 들여쓰기가 데이터 구조의 깊이가 된다.
센토스, 우분투 아파치 설치 플레이북
# vi apache_install.yml
- name: Install apache on centos
hosts: centos
tasks:
- name: install apache web server
yum: name=httpd state=present # ansible centos -m yum -a "name=httpd state=present" -k
- name: upload default index.html for web server
get_url: url=https://www.nginx.com dest=/var/www/html/ mode=0644
- name: start apache web server
service: name=httpd state=started enabled=yes
- name: Install apache on ubuntu
hosts: ubuntu
tasks:
- name: install apache web server
apt: name=apache2 state=present
- name: upload default index.html for web server
get_url: url=https://www.nginx.com dest=/var/www/html/ mode=0644
- name: start apache web server
service: name=apache2 state=started
# ansible-playbook apache_install.yml -k센토스, 우분투 아파치 삭제 플레이북
# vi apache_remove.yml
- name: Remove apache on centos
hosts: centos
tasks:
- name: remove apache web server
yum: name=httpd state=absent
- name: Remove apache on ubuntu
hosts: ubuntu
tasks:
- name: remove apache web server
apt: name=apache2 state=absent
# ansible-playbook apache_remove.yml -k앤서블 환경 설정 자동화
vi /env.yml
- name: Setup for the Ansible's Environment
hosts: localhost
tasks:
- name: Add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[centos]
192.168.1.214
[ubuntu]
192.168.1.198 ansible_python_interpreter=/usr/bin/python3
- name: Configure Bashrc
lineinfile:
path: /root/.bashrc
line: "{{ item }}"
with_items:
- "alias ans='ansible'"
- "alias anp='ansible-playbook'"
# ansible-playbook env.yml -kkeypair 설정
# vi keypair_old.yml
- name: Setup for the Ansible's Environment
hosts: localhost
tasks:
- name: Generate sshkey
shell: "{{ item }}"
with_items:
- "ssh-keyscan 192.168.1.198 >> ~/.ssh/known_hosts"
- "ssh-keyscan 192.168.1.214 >> ~/.ssh/known_hosts"
# ansible-playbook keypair_old.yml -k
# ans -m ping -k# vi keypair_new.yml
- name: Create known_hosts between server and nodes
hosts: all
connection: local
serial: 1
tasks:
- name: ssh-keyscan for known_hosts file
command: /usr/bin/ssh-keyscan -t ecdsa {{ ansible_host }} # 매직 변수 ansible_host 활용하여 hosts ip 호출
register: keyscan
- name: input key
lineinfile:
path: ~/.ssh/known_hosts
line: "{{ item }}"
create: yes
with_items:
- "{{ keyscan.stdout_lines }}"
- name: Create authorized_keys between server and nodes
hosts: all
connection: local
vars:
ansible_password: root
tasks:
- name: ssh-keygen for authorized_keys file
openssh_keypair:
path: ~/.ssh/id_rsa
size: 2048
type: rsa
force: False # overwrite하지 않는다는 False라고 값을 넣거나 아니면 삭제하거나 하면 되겠습니다.
- name: input key for each node
connection: ssh
authorized_key:
user: root
state: present
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
# anp keypair.yml센토스, 우분투 엔진엑스 설치 플레이북
# vi nginx_install.yml
- name: Install nginx on centos
hosts: centos
tasks:
- name: install epel-release
yum:
name: epel-release
state: latest
- name: install nginx web server
yum: name=nginx state=present
- name: upload default index.html for web server
get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644
- name: start nginx web server
service: name=nginx state=started
- name: Install nginx on ubuntu
hosts: ubuntu
tasks:
- name: install nginx web server
apt: pkg=nginx state=present update_cache=yes
- name: Upload default index.html for web server
get_url: url=https://www.nginx.com dest=/var/www/html/
mode=0644 validate_certs=no
# ansible-playbook nginx_install.yml센토스, 우분투 엔진엑스 삭제 플레이북
# vi nginx_remove.yml
- name: Remove nginx on centos
hosts: centos
tasks:
- name: remove nginx web server
yum: name=nginx state=absent
- name: Remove nginx on ubuntu
hosts: ubuntu
tasks:
- name: remove nginx web server
apt: pkg=nginx* state=absent
# ansible-playbook nginx_remove.yml센토스, 우분투 NFS 설치 플레이북
# ansible 서버에서 다음 방화벽 설정
# firewall-cmd --permanent --add-service=nfs
# firewall-cmd --permanent --add-service=mountd
# firewall-cmd --permanent --add-service=rpc-bind
# firewall-cmd --reload
# vi nfs.yml
- name: Setup for nfs server
hosts: localhost
tasks:
- name: make nfs_shared directory
file:
path: /root/nfs_shared
state: directory
mode: 0777
- name: configure /etc/exports
lineinfile:
path: /etc/exports
line: /root/nfs_shared 192.168.0.0/20(rw,sync)
- name: Install NFS
yum:
name: nfs-utils
state: present
- name: nfs service start
service:
name: nfs-server
state: restarted
enabled: yes
- name: Setup for nfs clients
hosts: centos
tasks:
- name: make nfs_client directory
file:
path: /root/nfs
state: directory
- name: Install NFS
yum:
name: nfs-utils
state: present
- name: mount point directory as client # = mount -t nfs 192.168.1.172:/root/nfs_shared /root/nfs 랑 같음
mount:
path: /root/nfs
src: 192.168.1.172:/root/nfs_shared
fstype: nfs
state: mounted
- name: Setup for nfs clients U
hosts: ubuntu
tasks:
- name: make nfs_client directory
file:
path: /root/nfs
state: directory
- name: Install NFS-U
apt:
pkg: nfs-common
state: present
update_cache: yes
- name: mount point directory as client
mount:
path: /root/nfs
src: 192.168.1.172:/root/nfs_shared
fstype: nfs
opts: nfsvers=3
state: mounted
# ansible-playbook nfs.yml -k
# anp nfs.yml
vi /etc/ansible/hostscentos -> webserver
ubuntu -> dbserver
로 바꾼다.
워드프레스 만들기
# vi wordpress.yml
- name: Setup for webserver
hosts: webserver
tasks:
- name: Install http
yum:
name: "{{ item }}"
state: present
with_items:
- httpd
- php
- php-mysql
- php-gd
- php-mbstring
- wget
- unzip
- name: Unarchive a file that needs to be downloaded (added in 2.0)
ansible.builtin.unarchive:
src: https://ko.wordpress.org/wordpress-4.8.2-ko_KR.zip
dest: /var/www/html
remote_src: yes
- name: chown # chown -R apache:apache /var/www/html/wordpress
file:
path: /var/www/html/wordpress
owner: "apache"
group: "apache"
recurse: "yes"
- name: web service restart
service:
name: httpd
state: restarted
- name: Setup for dbserver
hosts: dbserver
tasks:
- name: Install mariadb
apt:
pkg: mariadb-server
state: present
update_cache: yes
- name: Install pymysql # 파이썬을 위한 mysql 연동 모듈
apt:
pkg: python-pymysql
state: present
- name: Install pymysql
apt:
pkg: python3-pymysql
state: present
- name: set root password
mysql_user:
name: 'root'
password: '{{ mysql_root_password }}'
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
- name: edit file
replace:
path: /etc/mysql/mariadb.conf.d/50-server.cnf
regexp: "bind-address"
replace: "#bind-address"
- name: db service restart
service:
name: mysql
state: restarted
- name: Create database
mysql_db:
db: wordpress
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
- name: Create database user
mysql_user:
user: wpuser
password: wppass
priv: "wordpress.*:ALL,GRANT"
host: '%'
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
# anp wordpress.yml --extra-vars "mysql_root_password=root"-
192.168.1.172/wordpress
-
데이터페이스 호스트 : ubuntu ip
docker
docker용 centos.ovi 가져오기
시대가 바껴서 별도의 컴퓨터를 구하지 않아도 내 자리에 있는 컴퓨터 가상화머신을 이용해서 virtualbox, vmware설치하고 window가 아닌 centos , ubuntu 등등의 운영체제를 설치할수 있다.
vm과 많이 닮았지만 다른부분도 있다.
