Vagrant VM 네트워크 구성
Vagrant VM에 br0 추가
참고: https://velog.io/@ptah0414/KVM-22-08-02-TIL#브릿지-네트워크-이용하기
- ifcfg-br0 생성
cd /etc/sysconfig/network-scripts/
cp ifcfg-ens32 ifcfg-br0 - ifcfg-br0 구성
vi ifcfg-br0TYPE=Bridge
BOOTPROTO=none
NAME=br0
DEVICE=br0
ONBOOT=yes
IPADDR=211.183.3.99
PREFIX=24
GATEWAY=211.183.3.2
DNS1=8.8.8.8- ens32 구성
vi ifcfg-ens TYPE=Ethernet
BOOTPROTO=none
NAME=ens32
DEVICE=ens32
ONBOOT=yes
BRIDGE=br0- 인터페이스 적용
systemctl restart network
ifconfig br0
ifconfig ene32 - vagrant VM 종료
[root@localhost project2]# vagrant destroy -f
==> node3: Removing domain...
==> node3: Deleting the machine folder
==> node2: Removing domain...
==> node2: Deleting the machine folder
==> node1: Removing domain...
==> node1: Deleting the machine folder
==> server: Removing domain...
==> server: Deleting the machine folder- br0 bridge 추가
[root@localhost project2]# vi VagrantfileVagrant.configure("2") do |config|
config.vm.define "server" do |cfg0|
...
cfg0.vm.network "public_network", :dev => "br0", :type =>"bridge" #
...
end
config.vm.define "node1" do |cfg1|
...
cfg1.vm.network "public_network", :dev => "br0", :type =>"bridge" #
...
end
config.vm.define "node2" do |cfg2|
...
cfg2.vm.network "public_network", :dev => "br0", :type =>"bridge" #
...
end
config.vm.define "node3" do |cfg3|
...
cfg3.vm.network "public_network", :dev => "br0", :type =>"bridge" #
...
end
end[root@localhost project2]# vagrant reload - br0 연결 확인
[root@localhost project2]# vagrant ssh server
[vagrant@server ~]$ ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 211.183.3.147 netmask 255.255.255.0 broadcast 211.183.3.255
inet6 fe80::5054:ff:fe29:c18b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:29:c1:8b txqueuelen 1000 (Ethernet)
RX packets 145 bytes 18959 (18.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 5954 (5.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eth1: 211.183.3.147
실습을 위해 public ip를 사용할 수 있게 되었다.
Playbook을 통한 net-tools 패키지 설치
[vagrant@server ~]$ vi ansible_test.yml ---
- name: install net-tools
hosts: all
become: yes
gather_facts: no
tasks:
- name: net-tools installation
yum:
name: net-tools
state: present [vagrant@server ~]$ ansible-playbook ansible_test.yml
PLAY [install net-tools] **************************************************************************************************************************************************************************************
TASK [net-tools installation] *********************************************************************************************************************************************************************************
changed: [10.10.10.13]
changed: [10.10.10.12]
changed: [10.10.10.11]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.12 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ansible-playbook [파일이름].yml
각 노드의 ip 주소 확인
[vagrant@server ~]$ ansible all \
> -m shell \
> -a "sudo ifconfig eth1 | grep 211.183."
[WARNING]: Consider using 'become', 'become_method', and 'become_user' rather than running sudo
10.10.10.11 | CHANGED | rc=0 >>
inet 211.183.3.149 netmask 255.255.255.0 broadcast 211.183.3.255
10.10.10.12 | CHANGED | rc=0 >>
inet 211.183.3.148 netmask 255.255.255.0 broadcast 211.183.3.255
10.10.10.13 | CHANGED | rc=0 >>
inet 211.183.3.146 netmask 255.255.255.0 broadcast 211.183.3.255
- node1: 211.183.3.149
- node2: 211.183.3.148
- node3: 211.183.3.146
- 인벤토리 생성
[vagrant@server ~]$ vi seoul.lst - 인벤토리에 section(web, db)도 구성
[web]
10.10.10.11
[db]
10.10.10.12- 인벤토리 사용하여 playbook 실행
[vagrant@server ~]$ ansible-playbook \
> -i seoul.lst \
> ansible_test.yml
PLAY [install net-tools] **************************************************************************************************************************************************************************************
TASK [net-tools installation] *********************************************************************************************************************************************************************************
ok: [10.10.10.11]
ok: [10.10.10.12]
TASK [print eth1's ip address] ********************************************************************************************************************************************************************************
changed: [10.10.10.11]
changed: [10.10.10.12]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.12 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
- 특정 section에 명령 내리기
[vagrant@server ~]$ vi ansible_test.yml ---
- name: install net-tools
hosts: web
become: yes
gather_facts: no # 각 노드에서 제공되는 상세 정보를 python을 통해 끌어올 수 있다. 출력은 json 형태로 출력된다.
tasks:
- name: net-tools installation
yum:
name: net-tools
state: present
- name: print eth1's ip address
shell: "ifconfig eth1 | grep 211.183.3."hosts: web으로 변경
[vagrant@server ~]$ ansible-playbook -i seoul.lst ansible_test.yml
PLAY [install net-tools] **************************************************************************************************************************************************************************************
TASK [net-tools installation] *********************************************************************************************************************************************************************************
ok: [10.10.10.11]
TASK [print eth1's ip address] ********************************************************************************************************************************************************************************
changed: [10.10.10.11]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [vagrant@server ~]$ vi web.yml ---
- name: web configuration
hosts: all
become: true
tasks:
# yum -y install git
- name: git installation
yum:
name: git
state: present
# yum -y install httpd
- name: httpd installation
yum:
name: httpd
state: present
# systemctl start httpd && systemctl enable httpd
- name: httpd start and enable
service:
name: httpd
state: started
enabled: true
- name: vim installation
hosts: localhost
gather_facts: false
become: true
tasks:
# yum -y install vim
- name: VI-Improved installation
yum:
name: vim
state: present[vagrant@server ~]$ ansible-playbook web.yml
PLAY [web configuration] **************************************************************************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.12]
ok: [10.10.10.11]
TASK [git installation] ***************************************************************************************************************************************************************************************
changed: [10.10.10.11]
changed: [10.10.10.13]
changed: [10.10.10.12]
TASK [httpd installation] *************************************************************************************************************************************************************************************
changed: [10.10.10.11]
changed: [10.10.10.13]
changed: [10.10.10.12]
TASK [httpd start and enable] *********************************************************************************************************************************************************************************
changed: [10.10.10.11]
changed: [10.10.10.12]
changed: [10.10.10.13]
PLAY [vim installation] ***************************************************************************************************************************************************************************************
TASK [VI-Improved installation] *******************************************************************************************************************************************************************************
ok: [localhost]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.12 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[vagrant@server ~]$ - 각 노드에 httpd 동작 확인
- 모든 노드에 httpd 제거
[vagrant@server ~]$ vi web.yml ---
- name: web configuration
hosts: all
gather_facts: false
become: true
tasks:
# yum -y install git
- name: git installation
yum:
name: git
state: present
# yum -y remove httpd
- name: httpd removal
yum:
name: httpd
state: absent #
# systemctl start httpd && systemctl enable httpd
- name: httpd start and enable
service:
name: httpd
state: started
enabled: true
- name: vim installation
hosts: localhost
gather_facts: false
become: true
tasks:
# yum -y install vim
- name: VI-Improved installation
yum:
name: vim
state: present[vagrant@server ~]$ anp web.yml
PLAY [web configuration] **************************************************************************************************************************************************************************************
TASK [git installation] ***************************************************************************************************************************************************************************************
ok: [10.10.10.12]
ok: [10.10.10.13]
ok: [10.10.10.11]
TASK [httpd removal] ******************************************************************************************************************************************************************************************
changed: [10.10.10.11]
changed: [10.10.10.12]
changed: [10.10.10.13]
TASK [httpd start and enable] *********************************************************************************************************************************************************************************
fatal: [10.10.10.11]: FAILED! => {"changed": false, "msg": "Could not find the requested service httpd: host"}
fatal: [10.10.10.13]: FAILED! => {"changed": false, "msg": "Could not find the requested service httpd: host"}
fatal: [10.10.10.12]: FAILED! => {"changed": false, "msg": "Could not find the requested service httpd: host"}
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
10.10.10.12 : ok=2 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=2 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
실습 - nginx 배포
seoul.lst
10.10.10.11 -> web -> nginx 설치, enable, start
10.10.10.12 -> db
jeju.lst
10.10.10.13 -> web -> nginx 설치, enable, start - seoul 구성
[vagrant@server ~]$ vi seoul.lst [web]
10.10.10.11
[db]
10.10.10.12- jeju 구성
[vagrant@server ~]$ vi jeju.lst [web]
10.10.10.13- yaml 작성
[vagrant@server ~]$ vi nginx.yml ---
- name: web configuration
hosts: web # web만 배포
gather_facts: false
become: true
tasks:
# yum -y install libselinux-python
- name: libselinux-python installation
yum:
name: libselinux-python
state: present
# yum -y install epel-release
- name: epel-release installation
yum:
name: epel-release
state: present
# yum -y install nginx
- name: nginx installation
yum:
name: nginx
state: present
# systemctl start nginx && systemctl enable nginx
- name: nginx start and enable
service:
name: nginx
state: started
enabled: truehosts: web
- 배포
[vagrant@server ~]$ anp -i seoul.lst -i jeju.lst nginx.yml
PLAY [web configuration] **************************************************************************************************************************************************************************************
TASK [libselinux-python installation] *************************************************************************************************************************************************************************
ok: [10.10.10.11]
ok: [10.10.10.13]
TASK [epel-release installation] ******************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
TASK [nginx installation] *************************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
TASK [nginx start and enable] *********************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 anp -i seoul.lst -i jeju.lst nginx.yml
web에 해당하는 노드 2개에 배포되었음
- 배포 확인
실습 - NFS
nfs.yml을 생성하고 다음의 조건을 만족하는 구성을 완료해주세요.
사설 주소: 10.10.10.X
server: nfs-server (/home/vagrant/shared)
node1 ~ 3: nfs-client (/home/vagrant/remote)
server에서 /home/vagrant/shared/test.txt를 만들고 이를 node에서 확인하세요.
[vagrant@server ~]$ vi nfs.yml ---
- name: Setup for nfs server
hosts: localhost
gather_facts: false
become: true
tasks:
# mkdir /home/vagrant/shared && chmod 777
- name: make nfs_shared directory
file:
path: /home/vagrant/shared
state: directory
mode: 0777
# echo "10.10.10.0/24(rw,sync)" >> /etc/exports
- name: configure /etc/exports
become: true
lineinfile :
path: /etc/exports
line: /home/vagrant/shared 10.10.10.0/24(rw,sync)
# systemctl restart nfs-server
- name: nfs service restart
become: true
service:
name: nfs
state: restarted
# touch test.txt
- name: make test.txt
file:
path: /home/vagrant/shared/test.txt
state: touch
# echo "[문자열]" > test.txt
- name: write word on test.txt
lineinfile:
path: /home/vagrant/shared/test.txt
line: "{{ item }}"
with_items:
- "gildong"
- "chulsoo"
- "minsoo"
- name: Setup for nfs clients
hosts: all
gather_facts: false
tasks:
# mkdir /home/vagrant/remote
- name: make nfs_client directory
file:
path: /home/vagrant/remote
state: directory
# mount -t nfs 10.10.10.10:/home/vagrant/shared /home/vagrant/remote
- name: mount point directory as client
become: true
mount:
path: /home/vagrant/remote
src: 10.10.10.10:/home/vagrant/shared
fstype: nfs
opts: nfsvers=3
state: mounted [vagrant@server ~]$ anp nfs.yml
PLAY [Setup for nfs server] ***********************************************************************************************************************************************************************************
TASK [make nfs_shared directory] ******************************************************************************************************************************************************************************
ok: [localhost]
TASK [configure /etc/exports] *********************************************************************************************************************************************************************************
ok: [localhost]
TASK [nfs service restart] ************************************************************************************************************************************************************************************
changed: [localhost]
TASK [make test.txt] ******************************************************************************************************************************************************************************************
changed: [localhost]
TASK [write word on test.txt] *********************************************************************************************************************************************************************************
ok: [localhost] => (item=gildong)
ok: [localhost] => (item=chulsoo)
ok: [localhost] => (item=minsoo)
PLAY [Setup for nfs clients] **********************************************************************************************************************************************************************************
TASK [make nfs_client directory] ******************************************************************************************************************************************************************************
ok: [10.10.10.12]
ok: [10.10.10.13]
ok: [10.10.10.11]
TASK [mount point directory as client] ************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
ok: [10.10.10.12]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.12 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 - 파일 확인
[vagrant@server ~]$ ansible all -m shell -a 'cat /home/vagrant/remote/test.txt'
10.10.10.13 | CHANGED | rc=0 >>
gildong
chulsoo
minsoo
10.10.10.12 | CHANGED | rc=0 >>
gildong
chulsoo
minsoo
10.10.10.11 | CHANGED | rc=0 >>
gildong
chulsoo
minsoo실습 - Replace
[vagrant@server ~]$ vi nfs.yml # sed
- name: Replace
become: yes
replace:
path: /home/vagrant/shared/test.txt
regexp: "{{ item.From }}" # 패턴에 매치되는 문자열 골라내기
replace: "{{ item.To }}" # 골라진 문자열을 대체할 문자열
with_items:
- { From: 'soo', To: 'chul' }
- { From: 'dong', To: 'min' }[vagrant@server ~]$ anp nfs.yml [vagrant@server ~]$ ansible all -m shell -a 'cat /home/vagrant/remote/test.txt'
10.10.10.13 | CHANGED | rc=0 >>
gilmin
chulchul
minchul
10.10.10.11 | CHANGED | rc=0 >>
gilmin
chulchul
minchul
10.10.10.12 | CHANGED | rc=0 >>
gilmin
chulchul
minchul실습 - git
nginx가 설치된 노드에서는 자신이 github에 올려두었던 저장소를 clone 해두세요.
clone 해온 후 파일을 수정한 다음에 pull 해오기
- name: using git
git:
repo: "https://github.com/ptah0414/ptah0414.git"
dest: /usr/share/nginx/html/shop
version: master
# update: yes # pull 하겠다! - yaml 작성
[vagrant@server ~]$ vi github.yml ---
- name: web configuration
hosts: web
gather_facts: false
become: true
tasks:
# yum -y install git
- name: github installation
yum:
name: git
state: present
# git clone
- name: git clone
git:
repo: "https://github.com/ptah0414/test.git"
dest: /usr/share/nginx/html/shop
version: main
update: yes- web 노드에 배포
[vagrant@server ~]$ anp -i seoul.lst -i jeju.lst github.yml
PLAY [web configuration] **************************************************************************************************************************************************************************************
TASK [github installation] ************************************************************************************************************************************************************************************
ok: [10.10.10.11]
ok: [10.10.10.13]
TASK [git clone] **********************************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 - 노드에서 확인
- index.html 수정
- 재배포
[vagrant@server ~]$ anp -i seoul.lst -i jeju.lst github.yml
PLAY [web configuration] **************************************************************************************************************************************************************************************
TASK [github installation] ************************************************************************************************************************************************************************************
ok: [10.10.10.13]
ok: [10.10.10.11]
TASK [git clone] **********************************************************************************************************************************************************************************************
changed: [10.10.10.13]
changed: [10.10.10.11]
PLAY RECAP ****************************************************************************************************************************************************************************************************
10.10.10.11 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.10.10.13 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 - 수정 확인
실습 - Resource 지정
[root@localhost project2]# virsh list --all
Id Name State
----------------------------------------------------
25 project2_node3 running
26 project2_node2 running
27 project2_server running
28 project2_node1 running[root@localhost project2]# virsh dumpxml project2_server > spec.txt
[root@localhost project2]# vi spec.txt <domain type='kvm' id='27'>
<name>project2_server</name>
<uuid>ea55390a-95eb-49d3-a133-eaf7f5cd6e42</uuid>
<description>Source: /ansible/project2/Vagrantfile</description>
<memory unit='KiB'>524288</memory>
<currentMemory unit='KiB'>524288</currentMemory>
<vcpu placement='static'>1</vcpu>
...
- vcpu: 1
- RAM: 512MB
[root@localhost project2]# vi VagrantfileVagrant.configure("2") do |config|
config.vm.define "server" do |cfg0|
cfg0.vm.box = "centos/7"
cfg0.vm.provider :libvirt do |resource|
resource.cpus = 2
resource.memory = 1024
end
... - 배포
[root@localhost project2]# vagrant up - 적용 확인
[root@localhost project2]# virsh dumpxml project2_server
<domain type='kvm' id='32'>
<name>project2_server</name>
<uuid>31ef360b-e83e-46ff-9d8f-51fde13712d7</uuid>
<description>Source: /ansible/project2/Vagrantfile</description>
<memory unit='KiB'>1048576</memory>
<currentMemory unit='KiB'>1048576</currentMemory>
<vcpu placement='static'>2</vcpu>
...
- vcpu: 1
- RAM: 1024MB
실습 - ansible-server2 구성
generic/ubuntu1804
- cpu: 2
- memory: 2048
- private_network: 10.10.10.20
- public_network: br0
모두 다 완성됐다면 vagrant halt로 종료
vi Vagrantfile config.vm.define "server2" do |cfg4|
cfg4.vm.box = "generic/ubuntu1804"
cfg4.vm.host_name = "server2"
cfg4.vm.provider :libvirt do |resource|
resource.cpus = 2
resource.memory = 1024
end
cfg4.vm.network "public_network", :dev => "br0", :type =>"bridge" #
cfg4.vm.network "private_network", ip: "10.10.10.20"
cfg4.vm.network "forwarded_port", guest: 22, host: 20014, id: "ssh"
end[root@localhost project2]# vagrant up - ssh 접속 확인
[root@localhost project2]# vagrant ssh server2
vagrant@server2:~$ 참고
- alias 설정
[vagrant@server ~]$ vi .bashrcalias vi='vim'
alias ans='ansible'
alias anp='ansible-playbook'[vagrant@server ~]$ source .bashrc
take a look