I tried to touch ansible, so I will summarize it. This is an example of local execution of httpd installation, startup settings, conf placement by environment, and httpd reload. After setting up the server, I wish I could prepare the ansible environment and create the desired environment with a single command (with dev or stg options).
Read some articles that I googled like "Introduction to ansible" Introduction to Ansible --Qiita Try LAMP environment with Ansible for the time being --yk5656 diary Ansible tutorial using Role | Developers.IO
At least, it seems that the following should be available.
--ansible environment --Inventory file (file containing server information) --Playbook file (file containing task information)
Is it possible to omit the Inventory file and manage it with one file? I struggled, but I couldn't reproduce it, and it seems to be deprecated. (Something can be done with options when executing commands like fabric)
There seems to be a case. [Ansible] Execute ansible command without using Inventory file | Developers.IO
Installation is via yum or sudo. Since the environment at hand is cut off for each directory with pyenv + virtualenv, I introduced it from pip.
sh
#from yum
$ sudo yum install epel-release
$ sudo yum install ansible
#In this case, the Inventory file described later(/etc/ansible/hosts)Seems to be able to do it on their own
#from pip(python Premise that there is an environment in advance)
$ pip install ansible
Inventory file preparation (It seems that / etc / ansible / hosts is read by default)
/home/hoge/ansible/hosts
[all]
localhosts ansible_connection=local
Playbook preparation
/home/hoge/ansible/main.yaml
---
- hosts: localhosts
sudo: yes
tasks:
- name: install httpd
yum: name=httpd state=present
- name: start httpd service
service: name=httpd state=started enabled=yes
- name: setup stg conf file
template: src=stg-hoge.j2 dest=/etc/httpd/conf.d/hoge.conf
notify: httpd restart
when: conf_env == "stg"
- name: setup dev conf file
template: src=dev-hoge.j2 dest=/etc/httpd/conf.d/hoge.conf
notify: httpd restart
when: conf_env == "dev"
- name: httpd start confirm
wait_for: port=80 delay=1
handlers:
- name: httpd restart
action: service name=httpd state=reloaded
Template preparation for conf for each environment (This time it's a sample, so anything is fine)
bash
# /home/hoge/Ansible and below respectively
$ cat dev-hoge.j2
<VirtualHost *:80>
DocumentRoot /www/public/dev-html
ServerName www.example.com
</VirtualHost>
$ cat stg-hoge.j2
<VirtualHost *:80>
DocumentRoot /www/public/stg-html
ServerName www.example.com
</VirtualHost>
Try to run
bash
#Which playbook to run, ask for the sudo path?, Execution variable specification, Inventory file specification
$ ansible-playbook main.yaml --ask-sudo-pass --extra-vars "conf_env=stg" -i hosts
SUDO password:
PLAY [localhosts] *************************************************************
GATHERING FACTS ***************************************************************
ok: [localhosts]
TASK: [install httpd] *********************************************************
ok: [localhosts]
TASK: [start httpd service] ***************************************************
ok: [localhosts]
TASK: [setup stg conf file] ***************************************************
ok: [localhosts]
TASK: [setup dev conf file] ***************************************************
skipping: [localhosts]
TASK: [httpd start confirm] ***************************************************
ok: [localhosts]
PLAY RECAP ********************************************************************
localhosts : ok=5 changed=0 unreachable=0 failed=0
$ ansible-playbook main.yaml --ask-sudo-pass --extra-vars "conf_env=dev" -i hosts
SUDO password:
PLAY [localhosts] *************************************************************
GATHERING FACTS ***************************************************************
ok: [localhosts]
TASK: [install httpd] *********************************************************
ok: [localhosts]
TASK: [start httpd service] ***************************************************
ok: [localhosts]
TASK: [setup stg conf file] ***************************************************
skipping: [localhosts]
TASK: [setup dev conf file] ***************************************************
ok: [localhosts]
TASK: [httpd start confirm] ***************************************************
ok: [localhosts]
PLAY RECAP ********************************************************************
localhosts : ok=5 changed=0 unreachable=0 failed=0
Congratulations on the fact that dev or stg is specified as an option when executing the command.
Execute "tasks" associated with the environment unit "hosts"
You can specify whether to sudo in "hosts".
main.yaml
#Run with sudo on localhosts
- hosts: localhosts
sudo: yes
--In "tasks", give a name to each task for each "name", and describe the actual desired state under it. --These are called modules, and this time we use yum, service, template, wait_for, etc. --Reference: All Modules — Ansible Documentation
main.yaml
#httpd until you install and enable process and autostart
tasks:
- name: install httpd
yum: name=httpd state=present
- name: start httpd service
service: name=httpd state=started enabled=yes
...
Refer to the jinja2 file (.j2) in the template Below that, you can specify a branch for the next task when a change occurs in that task with notify, or in what situation when to execute it in the first place.
main.yaml
###Conf placement for stg
- name: setup stg conf file
template: src=stg-hoge.j2 dest=/etc/httpd/conf.d/hoge.conf
notify: httpd restart
when: conf_env == "stg"
"httpd restart" specified by notify is specified as handlers like helper task
main.yaml
#As a handler"httpd restart"Define
handlers:
- name: httpd restart
action: service name=httpd state=reloaded
--Variables can also be embedded in main.yaml with vars --main.yaml can improve reusability by inculude each task as a separate file --If you make the file structure according to the rules like chef with role, it will be read automatically --It seems that you can make your own module with bash --It seems that you can use Vault for chef's databag. ――It seems that you can do it even in a sad environment where you can not execute it unless you are root instead of sudo
reference: Try using Ansible's playbook-Akishin999's diary Iroha for creating Ansible modules-Nulab Inc. Password authentication with ansible & root execution with su --Qiita
I was able to do what I wanted to do quickly, but I'm still at the introductory level, so I wonder if it's going to happen in the future.
――Good? ――It's good to be able to do 2 files or the minimum --Are you confused by a lot of mysterious commands like chef? (Although there are ansible and ansible-playbook commands ...) ――Is it bad? --I want the Inventory file to be optional. ――I'm not sure if the result is just "OK". If you change the file, I want a difference. ――It's easy on a small scale, but is it okay if it's a large scale? -(It's not related to ansible) How can I manage the created code with git? ――Why not use chef this time? --The file structure is complicated, so if you want to get started easily, I wanted to manage the structure with one file (though I couldn't) ――Since python is more accustomed to thinking than ruby ――It's just chef, so I think it's better for brain teasers to try other things.
that's all.
Recommended Posts