Ansible 환경설정 자동화
# vi keyscan.yml
- name: Setup for the Ansible's Environment
hosts: localhost
gather_facts: no
tasks:
- name: Keyscan
shell: "{{ item }}"
with_items:
- "ssh-keyscan 192.168.1.68 >> ~/.ssh/known_hosts"
- "ssh-keyscan 192.168.1.69 >> ~/.ssh/known_hosts"
- "ssh-keyscan 192.168.1.70 >> ~/.ssh/known_hosts"
- "ssh-keyscan 192.168.1.71 >> ~/.ssh/known_hosts"
#keyscan으로 처음에 접속할 때 나오는 authenticity ~ 관련 글이 보이지 않도록 한다.
# ansible -playbook keyscan.yml
# vi ansible_env.yml
- name: Setup for the Ansible's Environment
hosts: localhost
gather_facts: no #false를 넣어도 된다
tasks:
- name: Add "/etc/ansible/hosts"
blockinfile: #한 줄이 아닌 단락을 통째로 넣을때
path: /etc/ansible/hosts
block: |
[centos]
192.168.1.68
192.168.1.69
[ubuntu]
192.168.1.70 ansible_python_interpreter=/usr/bin/python3
192.168.1.71 ansible_python_interpreter=/usr/bin/python3
- name: Configure Bashrc
lineinfile:
path: /root/.bashrc
line: "{{ item }}" #반복문
with_items:
- "alias ans='ansible’” # ansible 명령어를 ans로 줄인다.
- "alias anp='ansible-playbook’”
exit 후 ans로 입력해서 잘 되는지 본다.
센토스, 우분투 NFS 설치 플레이북
# vi nfs.yml
- name: Setup for nfs server
hosts: localhost
gather_facts: no
tasks:
- name: make nfs_shared directory
file:
path: /root/nfs_shared #shared 폴더가 없음-> 모듈 내 없는 디렉터리 만들어 주는 기능이 있다.
state: directory
mode: 0777
- name: configure /etc/exports
lineinfile:
path: /etc/exports
line: /root/nfs_shared 192.168.0.0/20(rw,sync) #강의실의 네트워크가 192.168.0.0~로 된다. 읽.쓰 권한
- name: Install NFS
yum:
name: nfs-utils
state: present
- name: nfs service start
service:
name: nfs-server
state: restarted
enabled: yes
- name: Setup for nfs clients
hosts: centos
gather_facts: no
tasks:
- name: make nfs_client directory
file:
path: /root/nfs
state: directory
- name: Install NFS
yum:
name: nfs-utils
state: present
- name: mount point directory as client
mount:
path: /root/nfs
src: 192.168.0.222:/root/nfs_shared #ansible의 아이피
fstype: nfs
state: mounted
- name: Setup for nfs clients Ubuntu
hosts: ubuntu
gather_facts: no
tasks:
- name: make nfs_client directory
file:
path: /root/nfs
state: directory
- name: Install NFS-U
apt:
pkg: nfs-common
state: present
update_cache: yes
- name: mount point directory as client
mount:
path: /root/nfs
src: 192.168.0.192:/root/nfs_shared
fstype: nfs
opts: nfsvers=3
state: mountedansible-playbook nfs.yml -k
wordpress 설치
env/ansible_env.yml 파일을 고친다.
webserver, dbserver를 만든다.
# vi wordpress.yml
- name: Setup for webserver
hosts: webserver
gather_facts: no
tasks:
- name: Install http
yum:
name: "{{ item }}"
state: present
with_items:
- httpd
- php
- php-mysql
- php-gd
- php-mbstring
- wget
- unzip
- name: Unarchive a file that needs to be downloaded (added in 2.0)
ansible.builtin.unarchive:
src: https://ko.wordpress.org/wordpress-4.8.2-ko_KR.zip
dest: /var/www/html
remote_src: yes
- name: chown
file:
path: /var/www/html/wordpress
owner: "apache"
group: "apache"
recurse: "yes"
- name: web service restart
service:
name: httpd
state: restarted
- name: Setup for dbserver
hosts: dbserver
gather_facts: no
tasks:
- name: Install mariadb
apt:
pkg: mariadb-server
state: present
update_cache: yes
- name: Install pymysql
apt:
pkg: python-pymysql
state: present
- name: Install pymysql
apt:
pkg: python3-pymysql
state: present
- name: set root password
mysql_user:
name: 'root'
password: '{{ mysql_root_password }}'
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
- name: edit file
replace:
path: /etc/mysql/mariadb.conf.d/50-server.cnf
regexp: "bind-address"
replace: "#bind-address"
- name: db service restart
service:
name: mysql
state: restarted
- name: Create database
mysql_db:
db: wordpress
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
- name: Create database user
mysql_user:
user: wpuser
password: wppass
priv: "wordpress.*:ALL,GRANT"
host: '%'
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
anp wordpress.yml --extra-vars "mysql_root_password=kosa0401"webserver의 ip/wordpress
로 접속한다.
