[우아하게 앤서블] Chapter 4 - 리눅스와 윈도우를 앤서블을 통해서 관리
Ansible2022. 8. 6. 12:52
참고사항
책과는 다르게 Hyper-V 환경에서 진행하고 있습니다. (책은 VirtualBox기준)
공부를 매주 토요일마다 진행하고 있는데 지난주에 일이 바빠서...한주를 쉬었더니 완전 까먹은 상태로 다시 접속을 시도 했으나 접속이 안되는 증상이 발생을 해서..
...다시 설치중...책에는 재설정하는 컨피그 방법을 가이드(따봉입니다.) 하고 있어서 해당부분을 진행중이었는데
설치 하던 와중에 vagrant를 통해서 접속을 했었다는것이 기억남...
재설치를 완료하여 진행했더니..접속이 잘됩니다. ㅎㅎㅎ
nginx 설치 및 삭제하기
nginx_install.yml
---
- name: Install nginx on CentOS
hosts: CentOS
gather_facts: no
become: yes
tasks:
- name: install epel-release
yum: name=epel-release state=latest
- name: install nginx web server
yum: name=nginx state=present
- name: upload default index.html for web server
get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644
- name: start nginx web server
service: name=nginx state=startednginx_remove.yml
---
- name: Remove nginx on CentOS
hosts: CentOS
gather_facts: no
become: yes
tasks:
- name: remove epel-release
yum: name=epel-release state=absent
- name: remove nginx web server
yum: name=nginx state=absent인스톨 명령 후 실행 후 사이트 정상접속 확인
anp nginx_install.yml -k
사이트 삭제
anp nginx_remove.yml -k
현재 계정 실행은 vagrant로 실행하고 있기 때문에 sudo 권한이 필요함, 따라서 become라는 구문을 통해서 실행 될 테스크들의 권한을 높여야 함.
become: yes현재 시간 확인 (UTC 기준)
노드들도 확인
timedatectl
ans all -m shell -a "timedatectl | grep 'Time zone'" -k
타임존 한국으로 변경 작업 후 확인
timezone.yml
---
- name: Setup CentOS timezone
hosts: CentOS
gather_facts: no
become: yes
tasks:
- name: set timezone to Asia/Seoul
timezone: name=Asia/Seoulanp timezone.yml -k
앤서블 서버 시간 대 변경
심볼링 링크 -s : 심블록 링크 파일 생성, -f 지정된 위치에 파일이 있다면, 지우고 새로 생성(force)
sudo ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime
timedatectl | grep 'Time zone'
NFS 서버와 클라이언트 구성하기
nfs.yml
---
- name: Setup for nfs server
hosts: localhost
gather_facts: no
tasks:
- name: make nfs_shared directory
file:
path: /home/vagrant/nfs_shared
state: directory
mode: 0777
- name: configure /etc/exports
become: yes
lineinfile:
path: /etc/exports
line: /home/vagrant/nfs_shared 192.168.0.0/24(rw,sync)
- name: nfs service restart
become: yes
service:
name: nfs
state: restarted
- name: Setup for nfs clients
hosts: CentOS
gather_facts: no
tasks:
- name: make nfs_client directory
file:
path: /home/vagrant/nfs
state: directory
- name: mount point directory as client
become: yes
mount:
path: /home/vagrant/nfs
src: 192.168.0.70:/home/vagrant/nfs_shared
fstype: nfs
opts: nfsvers=3
state: mountednfs 설정 적용
anp nfs.yml -k
nfs 서버 설정 확인
cat /etc/exports
각 노드의 nfs 공유 디렉터리에 각 호스트 이름을 기록
ans all -m shell -a "cat /etc/hostname | xargs -i touch ./nfs/{}" -k
확인
ls ./nfs_shared
노드에서도 nfs 작동 확인
ssh vagrant@192.160.0.71
ls ./nfs
우분투 추가하기
vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
#==============#
# CentOS nodes #
#==============#
#Ansible-Node01
config.vm.define "ansible-node01" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node01"
end
cfg.vm.host_name = "ansible-node01"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node01.sh",
destination: "ip-node01.sh"
cfg.vm.provision "shell", inline: "source ./ip-node01.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node02
config.vm.define "ansible-node02" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node02"
end
cfg.vm.host_name = "ansible-node02"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node02.sh",
destination: "ip-node02.sh"
cfg.vm.provision "shell", inline: "source ./ip-node02.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node03
config.vm.define "ansible-node03" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node03"
end
cfg.vm.host_name = "ansible-node03"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node03.sh",
destination: "ip-node03.sh"
cfg.vm.provision "shell", inline: "source ./ip-node03.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#==============#
# Ubuntu nodes #
#==============#
#Ansible-Node04
config.vm.define "ansible-node04" do |cfg|
cfg.vm.box = "ubuntu/trusty64"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node04"
end
cfg.vm.host_name = "ansible-node04"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node04.sh",
destination: "ip-node04.sh"
cfg.vm.provision "shell", inline: "source ./ip-node04.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
end
#Ansible-Node05
config.vm.define "ansible-node05" do |cfg|
cfg.vm.box = "ubuntu/trusty64"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node05"
end
cfg.vm.host_name = "ansible-node05"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node05.sh",
destination: "ip-node05.sh"
cfg.vm.provision "shell", inline: "source ./ip-node05.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
end
#Ansible-Node06
config.vm.define "ansible-node06" do |cfg|
cfg.vm.box = "ubuntu/trusty64"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node06"
end
cfg.vm.host_name = "ansible-node06"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node06.sh",
destination: "ip-node06.sh"
cfg.vm.provision "shell", inline: "source ./ip-node06.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
end
#================#
# Ansible Server #
#================#
config.vm.define "ansible-server" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-Server"
end
cfg.vm.host_name = "ansible-server"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-server.sh",
destination: "ip-server.sh"
cfg.vm.provision "shell", inline: "source ./ip-server.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", inline: "yum install epel-release -y && yum install ansible -y"
cfg.vm.provision "file", source: "ansible_env_ready.yml",
destination: "ansible_env_ready.yml"
cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml"
cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false
end
end앤서블환경구성 아뮬
ansible_env_ready.yml
---
- name: Setup for the Ansible's Environment
hosts: localhost
gather_facts: no
tasks:
- name: Add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[CentOS]
192.168.0.71
192.168.0.72
192.168.0.73
[Ubuntu]
192.168.0.74
192.168.0.75
192.168.0.76
- name: Install sshpass for Authentication
yum:
name: sshpass
state: present
- name: Create vim env's directories & files
shell: "{{ item }}"
with_items:
- "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle"
- "touch /home/vagrant/.vimrc"
- "touch /home/vagrant/.bashrc"
- name: Install vim-enhanced
yum:
name: vim-enhanced
state: present
- name: Install git
yum:
name: git
state: present
- name: Download pathogen.vim
shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim
https://tpo.pe/pathogen.vim"
- name: Git clone vim-ansible-yaml
git:
repo: https://github.com/chase/vim-ansible-yaml.git
dest: /home/vagrant/.vim/bundle/vim-ansible-yaml
- name: Configure vimrc
lineinfile:
path: /home/vagrant/.vimrc
line: "{{ item }}"
with_items:
- "set number"
- "execute pathogen#infect()"
- "syntax on"
- name: Configure Bashrc
lineinfile:
path: /home/vagrant/.bashrc
line: "{{ item }}"
with_items:
- "alias ans='ansible'"
- "alias anp='ansible-playbook'"ssh 인증 추가
add_ssh_auth.sh
#! /usr/bin/env bash
#ssh key 생성
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.71
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.72
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.73
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.74
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.75
sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.0.76기존 앤서블 테스트 환경 삭제
vagrant destroy -f
우분투 추가
vagrant up를 했으나 오류가 나서 확인해보니 vagrant 는 우분투 기반에 대해서는 virtualbox로만 지원하는것으로 확인
책 내용 확인 시 CentOS 진행하던 것과 동일해서 우분투 부분 실습은 제외하는것으로 우선 진행
윈도우를 다루기
윈도우 노두 추가한 베어그런트파일
vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
#==============#
# CentOS nodes #
#==============#
#Ansible-Node01
config.vm.define "ansible-node01" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node01"
end
cfg.vm.host_name = "ansible-node01"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node01.sh",
destination: "ip-node01.sh"
cfg.vm.provision "shell", inline: "source ./ip-node01.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node02
config.vm.define "ansible-node02" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node02"
end
cfg.vm.host_name = "ansible-node02"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node02.sh",
destination: "ip-node02.sh"
cfg.vm.provision "shell", inline: "source ./ip-node02.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node03
config.vm.define "ansible-node03" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node03"
end
cfg.vm.host_name = "ansible-node03"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node03.sh",
destination: "ip-node03.sh"
cfg.vm.provision "shell", inline: "source ./ip-node03.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#================#
# Windows Server #
#================#
#Ansible-Node03
config.vm.define "ansible-node07" do |cfg|
cfg.vm.box = "mwrock/Windows2016"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node07"
hv.customize ['modifyvm', :id, '--clipboard', 'bidirectional']
hv.gui = false
end
cfg.vm.host_name = "ansible-node07"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.network "forwarded_port", guest: 22, host: 60017, auto_correct: true, id: "ssh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "shell", inline: "netsh advfirewall set allprofiles state off"
end
#================#
# Ansible Server #
#================#
config.vm.define "ansible-server" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-Server"
end
cfg.vm.host_name = "ansible-server"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-server.sh",
destination: "ip-server.sh"
cfg.vm.provision "shell", inline: "source ./ip-server.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", inline: "yum install epel-release -y && yum install ansible -y"
cfg.vm.provision "file", source: "ansible_env_ready.yml",
destination: "ansible_env_ready.yml"
cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml"
cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false
end
end앤서블 환경설정 파일
ansible_env_ready.yml
---
- name: Setup for the Ansible's Environment
hosts: localhost
gather_facts: no
tasks:
- name: Add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[CentOS]
192.168.0.71
192.168.0.72
192.168.0.73
[Windows]
172.168.0.77
- name: Install sshpass for Authentication
yum:
name: sshpass
state: present
- name: Create vim env's directories & files
shell: "{{ item }}"
with_items:
- "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle"
- "touch /home/vagrant/.vimrc"
- "touch /home/vagrant/.bashrc"
- name: Install vim-enhanced
yum:
name: vim-enhanced
state: present
- name: Install git
yum:
name: git
state: present
- name: Download pathogen.vim
shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim
https://tpo.pe/pathogen.vim"
- name: Git clone vim-ansible-yaml
git:
repo: https://github.com/chase/vim-ansible-yaml.git
dest: /home/vagrant/.vim/bundle/vim-ansible-yaml
- name: Configure vimrc
lineinfile:
path: /home/vagrant/.vimrc
line: "{{ item }}"
with_items:
- "set number"
- "execute pathogen#infect()"
- "syntax on"
- name: Configure Bashrc
lineinfile:
path: /home/vagrant/.bashrc
line: "{{ item }}"
with_items:
- "alias ans='ansible'"
- "alias anp='ansible-playbook'"
삭제
vagrant destroy -f
생성
vagrant up진행이 안되길래 뭔가했더니 생각치도 못한 용량부족..
우선 D드라이브로 설정 파일들을 다 옮기고
다시 설치 작업 진행
설치는 이슈 없는데...일단 아이피 변경은 또 안되는듯 하고..찾아봐야지..ㅠㅠ
서버에 직접 들어가서 netsh로 커맨드로 입력하면 우선 정상적으로 변경되는걸로는 확인은 해서 inline에 내용 추가 해서 테스트 진행
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
#==============#
# CentOS nodes #
#==============#
#Ansible-Node01
config.vm.define "ansible-node01" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node01"
end
cfg.vm.host_name = "ansible-node01"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node01.sh",
destination: "ip-node01.sh"
cfg.vm.provision "shell", inline: "source ./ip-node01.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node02
config.vm.define "ansible-node02" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node02"
end
cfg.vm.host_name = "ansible-node02"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node02.sh",
destination: "ip-node02.sh"
cfg.vm.provision "shell", inline: "source ./ip-node02.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#Ansible-Node03
config.vm.define "ansible-node03" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node03"
end
cfg.vm.host_name = "ansible-node03"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-node03.sh",
destination: "ip-node03.sh"
cfg.vm.provision "shell", inline: "source ./ip-node03.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh"
end
#================#
# Windows Server #
#================#
#Ansible-Node03
config.vm.define "ansible-node07" do |cfg|
cfg.vm.box = "mwrock/Windows2016"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-node07"
hv.customize ['modifyvm', :id, '--clipboard', 'bidirectional']
hv.gui = false
end
cfg.vm.host_name = "ansible-node07"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.network "forwarded_port", guest: 22, host: 60017, auto_correct: true, id: "ssh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "shell", inline: "netsh advfirewall set allprofiles state off"
cfg.vm.provision "shell", inline: "netsh interface ipv4 set address name='Ethernet' static 192.168.0.77 255.255.255.0 192.168.0.1"
cfg.vm.provision "shell", inline: "netsh interface ipv4 set dns name='Ethernet' static 8.8.8.8"
end
#================#
# Ansible Server #
#================#
config.vm.define "ansible-server" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "hyper-v" do |hv|
hv.name = "Ansible-Server"
end
cfg.vm.host_name = "ansible-server"
cfg.vm.network "public_network", bridge: "External_Switch"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "file", source: "ip-server.sh",
destination: "ip-server.sh"
cfg.vm.provision "shell", inline: "source ./ip-server.sh"
cfg.vm.provision "shell", inline: "systemctl restart network &"
cfg.vm.provision "shell", inline: "yum install epel-release -y && yum install ansible -y"
cfg.vm.provision "file", source: "ansible_env_ready.yml",
destination: "ansible_env_ready.yml"
cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml"
cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false
end
end스크립트 돌면서 정상적으로 아이피 변경 확인은 했으나
이후 진행이 안되서 다시 확인중
윈도우 쪽은 우선 제외하고 진행
