Versions Compared

Old Version 8

changes.mady.by.user Sansae

Saved on

compared with

New Version Current

changes.mady.by.user Sansae

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info
title목차

Table of Contents


Info

참고

Ansible playbook

...

개요

Info
  • 원문

    Ansible Playbook

    • Ansible Playbook
      • Playbook은 Ansible의 구성, 배포 및 오케이스레이션 언어 입니다.
      • YAML 문법을 사용하여 정의
      • Linux기반 권한관리 (user, group) 지원
      • 하나의 Playbook은 N개의 'play'를 정의하며, play의 목적은 여러 호스트들에 잘 정의된 'role'과 'task'를 매핑하는 역할을 맡음
      • 그 외의 기능 들
        • 반복 (with_item, whth nested, until, ...))
        • 조건 분기 (when, register, ...)
        • 다른 playbook 참조 (include, role, ...)
        • 외부 정보 참조
        • 환경 변수, 파일 등 (environment, lookup, vars_prompt, ...)
        • 커스텀 모듈을 이용한 확장

    Image Added

    Playbook httpd설치 작성

    Info

    [devops@work-vm devops-lab]$ cat web-httpd-install.yml

    Code Block
    linenumberstrue
    ---
- hosts: web
  vars:
    http_port: 80
    max_clients: 200
  become: true
    Info

    [devops@work-vm devops-lab]$ cat web-httpd-install.yml

    Code Block
    linenumberstrue
    ---
- hosts: web
  vars:
    http_port: 80
    max_clients: 200
  become: true
  tasks:
  - name: ensure apache is at the latest version
    yum:
      name: httpd
      state: latest
  - name: write the apache config file
    template:
      src: /home/devops/devops-lab/httpd.conf.j2
      dest: /etc/httpd/conf/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running
    service:
      name: httpd
      state: started
  handlers:
    - name: restart apache
      service:
        name: httpd
        state: restarted

    ...


    httpd.conf Template 작성

    Info

    [devops@work-vm devops-lab]$ cat httpd.conf.j2

    Code Block
    linenumberstrue
    ServerRoot "/etc/httpd"

Listen {{http_port}}

Include conf.modules.d/*.conf

User apache
Group apache

ServerAdmin root@localhost

<Directory />
    AllowOverride none
    Require all denied
</Directory>

DocumentRoot "/var/www/html"

<Directory "/var/www">
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory>

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

<Files ".ht*">
    Require all denied
</Files>

ErrorLog "logs/error_log"

LogLevel warn


<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
</Directory>

<IfModule mime_module>
    TypesConfig /etc/mime.types

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>

AddDefaultCharset UTF-8

<IfModule mime_magic_module>
    MIMEMagicFile conf/magic
</IfModule>

EnableSendfile on

IncludeOptional conf.d/*.conf

    Ansible Playbook 실행

    /error_log"

LogLevel warn


<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
</Directory>

<IfModule mime_module>
    TypesConfig /etc/mime.types

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>

AddDefaultCharset UTF-8

<IfModule mime_magic_module>
    MIMEMagicFile conf/magic
</IfModule>

EnableSendfile on

IncludeOptional conf.d/*.conf


    Playbook 실행

    Info

    [devops@work-vm devops-lab]$ ansible-playbook web-httpd-install.yml

    Code Block
    linenumberstrue
    PLAY [web] ****************************************************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************************************
ok: [web01-vm]
ok: [web03-vm]
ok: [web02-vm]

TASK [ensure apache is at the latest version] *****************************************************************************************************************
ok: [web01-vm]
ok: [web02-vm]
ok: [web03-vm]

TASK [write the apache config file] ***************************************************************************************************************************
changed: [web02-vm]
changed: [web01-vm]
changed: [web03-vm]

TASK [ensure apache is running] *******************************************************************************************************************************
changed: [web02-vm]
changed: [web03-vm]
changed: [web01-vm]

RUNNING HANDLER [restart apache] ******************************************************************************************************************************
changed: [web01-vm]
changed: [web02-vm]
changed: [web03-vm]

PLAY RECAP ****************************************************************************************************************************************************
web01-vm                   : ok=5    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
web02-vm                   : ok=5    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
web03-vm                   : ok=5    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0


    Playbook 결과 검증

    Info

    [devops@work-vm devops-lab]$ ansible web -m shell -a "netstat -nltp | grep httpd"

    Code Block
    linenumberstrue
    web01-vm | CHANGED | rc=0 >>
tcp6       0      0 :::80                   :::*                    LISTEN      66600/httpd

web02-vm | CHANGED | rc=0 >>
tcp6       0      0 :::80                   :::*                    LISTEN      67703/httpd

web03-vm | CHANGED | rc=0 >>
tcp6       0      0 :::80                   :::*                    LISTEN      66306/httpd


    httpd 설정 변경 및 검증

    Info
    Info

    [devops@work-vm devops-lab]$ cat web-httpd-install.yml

    Info
    title변경한 설정정보

    vars:
        http_port: 81


    Code Block
    titleweb-httpd-install.yml
    linenumberstrue
    ---
- hosts: web
  vars:
    http_port: 81
  tasks:
  - name: ensure apache is at the latest version
    yum:
      name: httpd
      state: latest
  - name: write the apache config file
    template:
      src: /home/devops/devops-lab/httpd.conf.j2
      dest: /etc/httpd/conf/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running
    service:
      name: httpd
      state: started
  handlers:
    - name: restart apache
      service:
        name: httpd
        state: restarted


    [devops@work-vm devops-lab]$ ansible-playbook web-httpd-install.yml

    Code Block
    title실행 및 검증 결과
    linenumberstrue
    PLAY [web] ****************************************************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************************************
ok: [web01-vm]
ok: [web03web02-vm]
ok: [web02web03-vm]

TASK [ensure apache is at the latest version] *****************************************************************************************************************
ok: [web01-vm]
ok: [web02web03-vm]
ok: [web03web02-vm]

TASK [write the apache config file] ***************************************************************************************************************************
changed: [web02web01-vm]
changed: [web01web03-vm]
changed: [web03web02-vm]

TASK [ensure apache is running] *******************************************************************************************************************************
changedok: [web02web01-vm]
changedok: [web03web02-vm]
changedok: [web01web03-vm]

RUNNING HANDLER [restart apache] ******************************************************************************************************************************
changed: [web01web02-vm]
changed: [web02web01-vm]
changed: [web03-vm]

PLAY RECAP ****************************************************************************************************************************************************
web01-vm                   : ok=5    changed=32    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
web02-vm                   : ok=5    changed=32    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
web03-vm                   : ok=5    changed=32    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

    Ansible Playbook 결과 검증

    Info
    

[devops@work-vm devops-lab]$ ansible web -m shell -a "netstat -nltp | grep httpd"
    Code Block
    linenumberstrue
    
web01-vm | CHANGED | rc=0 >>
tcp6       0      0 :::8081                   :::*                    LISTEN      6660067642/httpd

web02-vm | CHANGED | rc=0 >>
tcp6       0      0 :::8081                   :::*                    LISTEN      6770368748/httpd

web03-vm | CHANGED | rc=0 >>
tcp6       0      0 :::8081                   :::*                    LISTEN      6630667347/httpd