Ansible을 활용한 자동화 구성 관리(22.04.14)
모듈
https://docs.ansible.com/ansible/2.9/modules/modules_by_category.html
https://docs.ansible.com/ansible/2.9/modules/modules_by_category.html
모듈 목록
ansible-doc -l
모듈 상세 정보
ansible-doc <MODULE_NAME>
ad_hoc 명령
ansible <HOST_PATTERN> -m <MODULE> -a <PARAMETER>
https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html
Wordpress 구성에 필요한 작업
ansible <HOST_PATTERN> -m <MODULE> -a <PARAMETER>
https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html
패키지 설치: yum
서비스 제어: service
텍스트 수정: lineinfile, blockinfile, replace
압축: archive, unarchive
방화벽: firewalld, ufw, iptables
파일 복사: copy, fetch
파일 다운로드: get_url
데이터베이스 관리: mysql_db, mysql_user
파일 관리: file
Ansible Jump Host with Bastion Host
https://www.jeffgeerling.com/blog/2022/using-ansible-playbook-ssh-bastion-jump-host
aws-ec2.ini
[ec2]
ip-172-31-69-42.ap-northeast-2.compute.internal
[ec2:vars]
ansible_user=ec2-user
ansible_ssh_common_args='-o ProxyCommand="ssh -p 22 -W %h:%p -q [email protected]"'
ansible ec2 -i aws-ec2.ini -m command -a hostname
Ad-hoc 명령으로 Wordpress 구성
ansible wp -m yum -a "name=https://rpms.remirepo.net/enterprise/remi-release-7.rpm state=present validate_certs=no" -b
ansible wp -m yum_repository -a 'name=remi-safe file=remi-safe mirrorlist=http://cdn.remirepo.net/enterprise/7/safe/mirror description=remi-safe enabled=no' -b
ansible wp -m yum_repository -a 'name=remi-php74 file=remi-php74 mirrorlist=http://cdn.remirepo.net/enterprise/7/php74/mirror description=remi-php74 enabled=yes' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL state=installed' -b
ansible wp -m service -a 'name=httpd state=started enabled=yes' -b
ansible wp -m service -a 'name=mariadb state=started enabled=yes' -b
ansible wp -m get_url -a 'url=https://wordpress.org/wordpress-5.9.3.tar.gz dest=/home/vagrant'
ansible wp -m unarchive -a 'src=/home/vagrant/wordpress-5.9.3.tar.gz remote_src=yes dest=/var/www/html owner=apache group=apache' -b
ansible wp -m mysql_db -a 'name=wordpress state=present login_user=root'
ansible wp -m mysql_user -a 'name=wpadm password=P@ssw0rd state=present login_user=root priv="wordpress.*:ALL"'
ansible wp -m copy -a 'src=/var/www/html/wordpress/wp-config-sample.php remote_src=yes dest=/var/www/html/wordpress/wp-config.php owner=apache group=apache' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=database_name_here replace=wordpress' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=username_here replace=wpadm' -b
ansible wp -m replace -a 'path=/var/www/html/wordpress/wp-config.php regexp=password_here replace=P@ssw0rd' -b
Revert 명령
ansible wp -m service -a 'name=httpd state=stopped' -b
ansible wp -m service -a 'name=mariadb state=stopped' -b
ansible wp -m file -a 'path=/var/www/html/wordpress state=absent' -b
ansible wp -m file -a 'path=/home/vagrant/wordpress-5.9.3.tar.gz state=absent' -b
ansible wp -m yum -a 'name=httpd,php,php-mysqlnd,mariadb,mariadb-server,python2-PyMySQL autoremove=yes state=absent' -b
ansible wp -m file -a 'name=/var/lib/mysql state=absent' -b
ansible wp -m yum -a 'name=remi-release autoremove=yes state=absent' -b
return value
https://docs.ansible.com/ansible/2.9/reference_appendices/common_return_values.html
Playbook
- playbook: YAML 파일
- .yaml
, .yml
- play
- task
-
.yaml
, .yml
test.yaml
# Play
- hosts: host1
tasks:
# Task
- yum:
name: httpd
state: installed
# Task
- service
name: httpd
state: started
enabled: yes
참고
ansible host1 -m yum -a 'name=httpd state=installed'
`ansible host1 -m service -a 'name=httpd state=started enabled=yes'
ansible-playbook test.yaml
vim
yum -y install vim-enhanced
~/.vimrc
syntax on
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 et ai
set cursorline
vim test.yaml
플레이북 실행
ansible-playbook <PLAYBOOK>.yaml
YAML 문법 확인
ansible-playbook wordpress.yaml --syntax-check
플레이북 시뮬레이션
ansible-playbook wordpress.yaml --check
텍스트의 변경 사항 확인
ansible-playbook wordpress.yaml --diff
--check 옵션과 함께 사용하는 경우가 많다.
실행할 시스템 제한
ansible-playbook wordpress.yaml --limit 192.168.100.12
적용될 호스트 목록
ansible-playbook wordpress.yaml --list-hosts
플레이북의 작업 목록
ansible-playbook wordpress.yaml --list-tasks
플레이북의 태그 목록
ansible-playbook wordpress.yaml --list-tags
Author And Source
이 문제에 관하여(Ansible을 활용한 자동화 구성 관리(22.04.14)), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://velog.io/@sunny-10/22.04.14저자 귀속: 원작자 정보가 원작자 URL에 포함되어 있으며 저작권은 원작자 소유입니다.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)