Anableによる自動化構成管理(22.04.14)
8200 ワード
モジュール
https://docs.ansible.com/ansible/2.9/modules/modules_by_category.html
モジュールリストansible-doc -l
モジュール詳細ansible-doc <MODULE_NAME>
ad hocコマンド ansible <HOST_PATTERN> -m <MODULE> -a <PARAMETER>
https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html
Wordpressの構成に必要なアクション
インストールパッケージ:yum
≪サービス制御|Service Control|ldap≫:≪サービス|Services|ldap≫
テキストの変更:lineInfile、blockInfile、replace
圧縮:archive,unarchive
ファイアウォール:ファイアウォール、ufw、iptables
コピーファイル:copy,fetch
ファイルのダウンロード:get url
データベース管理:mysql db、mysql user
ファイル管理:file
Ansible Jump Host with Bastion Host
https://www.jeffgeerling.com/blog/2022/using-ansible-playbook-ssh-bastion-jump-host aws-ec2.ini
[ec2]
ip-172-31-69-42.ap-northeast-2.compute.internal
[ec2:vars]
ansible_user=ec2-user
ansible_ssh_common_args='-o ProxyCommand="ssh -p 22 -W %h:%p -q [email protected]"'
ansible ec2 -i aws-ec2.ini -m command -a hostname
Ad-hocコマンドを使用してWordpressを構成
ansible wp -m yum -a "name=https://rpms.remirepo.net/enterprise/remi-release-7.rpm state=present validate_certs=no" -b
ansible wp -m yum_repository -a 'name=remi-safe file=remi-safe mirrorlist=http://cdn.remirepo.net/enterprise/7/safe/mirror description=remi-safe enabled=no' -b
ansible wp -m yum_repository -a 'name=remi-php74 file=remi-php74 mirrorlist=http://cdn.remirepo.net/enterprise/7/php74/mirror description=remi-php74 enabled=yes' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL state=installed' -b
ansible wp -m service -a 'name=httpd state=started enabled=yes' -b
ansible wp -m service -a 'name=mariadb state=started enabled=yes' -b
ansible wp -m get_url -a 'url=https://wordpress.org/wordpress-5.9.3.tar.gz dest=/home/vagrant'
ansible wp -m unarchive -a 'src=/home/vagrant/wordpress-5.9.3.tar.gz remote_src=yes dest=/var/www/html owner=apache group=apache' -b
ansible wp -m mysql_db -a 'name=wordpress state=present login_user=root'
ansible wp -m mysql_user -a 'name=wpadm password=P@ssw0rd state=present login_user=root priv="wordpress.*:ALL"'
ansible wp -m copy -a 'src=/var/www/html/wordpress/wp-config-sample.php remote_src=yes dest=/var/www/html/wordpress/wp-config.php owner=apache group=apache' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=database_name_here replace=wordpress' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=username_here replace=wpadm' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=password_here replace=P@ssw0rd' -b
Revertコマンド
ansible wp -m service -a 'name=httpd state=stopped' -b
ansible wp -m service -a 'name=mariadb state=stopped' -b
ansible wp -m file -a 'path=/var/www/html/wordpress state=absent' -b
ansible wp -m file -a 'path=/home/vagrant/wordpress-5.9.3.tar.gz state=absent' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL autoremove=yes state=absent' -b
ansible wp -m file -a 'name=/var/lib/mysql state=absent' -b
ansible wp -m yum -a 'name=remi-release autoremove=yes state=absent' -b
return value
https://docs.ansible.com/ansible/2.9/reference_appendices/common_return_values.html
Playbook
ansible-doc -l
ansible-doc <MODULE_NAME>
ansible <HOST_PATTERN> -m <MODULE> -a <PARAMETER>
https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html Wordpressの構成に必要なアクション
インストールパッケージ:yum
≪サービス制御|Service Control|ldap≫:≪サービス|Services|ldap≫
テキストの変更:lineInfile、blockInfile、replace
圧縮:archive,unarchive
ファイアウォール:ファイアウォール、ufw、iptables
コピーファイル:copy,fetch
ファイルのダウンロード:get url
データベース管理:mysql db、mysql user
ファイル管理:file
Ansible Jump Host with Bastion Host
https://www.jeffgeerling.com/blog/2022/using-ansible-playbook-ssh-bastion-jump-host
aws-ec2.ini
[ec2]
ip-172-31-69-42.ap-northeast-2.compute.internal
[ec2:vars]
ansible_user=ec2-user
ansible_ssh_common_args='-o ProxyCommand="ssh -p 22 -W %h:%p -q [email protected]"'
ansible ec2 -i aws-ec2.ini -m command -a hostname
Ad-hocコマンドを使用してWordpressを構成
ansible wp -m yum -a "name=https://rpms.remirepo.net/enterprise/remi-release-7.rpm state=present validate_certs=no" -b
ansible wp -m yum_repository -a 'name=remi-safe file=remi-safe mirrorlist=http://cdn.remirepo.net/enterprise/7/safe/mirror description=remi-safe enabled=no' -b
ansible wp -m yum_repository -a 'name=remi-php74 file=remi-php74 mirrorlist=http://cdn.remirepo.net/enterprise/7/php74/mirror description=remi-php74 enabled=yes' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL state=installed' -b
ansible wp -m service -a 'name=httpd state=started enabled=yes' -b
ansible wp -m service -a 'name=mariadb state=started enabled=yes' -b
ansible wp -m get_url -a 'url=https://wordpress.org/wordpress-5.9.3.tar.gz dest=/home/vagrant'
ansible wp -m unarchive -a 'src=/home/vagrant/wordpress-5.9.3.tar.gz remote_src=yes dest=/var/www/html owner=apache group=apache' -b
ansible wp -m mysql_db -a 'name=wordpress state=present login_user=root'
ansible wp -m mysql_user -a 'name=wpadm password=P@ssw0rd state=present login_user=root priv="wordpress.*:ALL"'
ansible wp -m copy -a 'src=/var/www/html/wordpress/wp-config-sample.php remote_src=yes dest=/var/www/html/wordpress/wp-config.php owner=apache group=apache' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=database_name_here replace=wordpress' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=username_here replace=wpadm' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=password_here replace=P@ssw0rd' -b
Revertコマンド
ansible wp -m service -a 'name=httpd state=stopped' -b
ansible wp -m service -a 'name=mariadb state=stopped' -b
ansible wp -m file -a 'path=/var/www/html/wordpress state=absent' -b
ansible wp -m file -a 'path=/home/vagrant/wordpress-5.9.3.tar.gz state=absent' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL autoremove=yes state=absent' -b
ansible wp -m file -a 'name=/var/lib/mysql state=absent' -b
ansible wp -m yum -a 'name=remi-release autoremove=yes state=absent' -b
return value
https://docs.ansible.com/ansible/2.9/reference_appendices/common_return_values.html
Playbook
-
.yaml
, .yml
test.yaml
# Play
- hosts: host1
tasks:
# Task
- yum:
name: httpd
state: installed
# Task
- service
name: httpd
state: started
enabled: yes
リファレンスansible host1 -m yum -a 'name=httpd state=installed'
`ansible host1 -m service -a 'name=httpd state=started enabled=yes'ansible-playbook test.yaml
vim
yum -y install vim-enhanced
~/.vimrc
syntax on
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 et ai
set cursorline
vim test.yaml
シナリオの実行
ansible-playbook <PLAYBOOK>.yaml
Yaml構文の確認ansible-playbook wordpress.yaml --syntax-check
ゲームマニュアルシミュレーションansible-playbook wordpress.yaml --check
テキストの変更を確認ansible-playbook wordpress.yaml --diff
--checkオプションとともに使用されることが多いです.実行するシステムの制限
ansible-playbook wordpress.yaml --limit 192.168.100.12
適用するホストのリストansible-playbook wordpress.yaml --list-hosts
ゲームマニュアルのタスクリストansible-playbook wordpress.yaml --list-tasks
ゲームマニュアルのラベルリストansible-playbook wordpress.yaml --list-tags
Reference
この問題について(Anableによる自動化構成管理(22.04.14)), 我々は、より多くの情報をここで見つけました https://velog.io/@sunny-10/22.04.14テキストは自由に共有またはコピーできます。ただし、このドキュメントのURLは参考URLとして残しておいてください。
Collection and Share based on the CC Protocol