Ansibleつかってみた
Ansible
Ansibleとは?
Puppet同様に構成管理エンジン。シンプル クライアント側へのエージェントインストールを必要とせずSSHを介して操作する。
URL
使用したゲスト
# PackerでBOX作成 $ ghq get git@github.com:momijiame/packer-vanilla-box.git $ pwd ~/src/github.com/momijiame/packer-vanilla-box/centos/6 $ packer build -only=virtualbox-iso centos6.json # vagrantfileは以下を使用 4 VAGRANTFILE_API_VERSION = "2" 5 6 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| 7 config.vm.box = "CentOS6.6_Packer" 8 9 config.vm.define :ansibleserver do |ansibleserver| 10 ansibleserver.vm.hostname = "ansibleserver.com" 11 ansibleserver.vm.network :private_network, ip: "192.168. 50.4", virtualbox__intnet: "pupnet" 12 end 13 14 config.vm.define :ansibleagent do |ansibleagent| 15 ansibleagent.vm.hostname = "ansibleagent.com" 16 ansibleagent.vm.network :private_network, ip: "192.168.5 0.5", virtualbox__intnet: "pupnet" 17 end 18 end
設定
SSH公開鍵認証設定
[vagrant@ansibleserver ~]$ ssh-keygen -t rsa [vagrant@ansibleserver ~]$ chmod 600 ~/.ssh/id_rsa.pub [vagrant@ansibleserver ~]$ scp ~/.ssh/id_rsa.pub vagrant@192.168.50.5:~/.ssh/authorized_keys
Ansibleインストール
[vagrant@ansibleserver ~]$ sudo yum install bzip2-devel sqlite-devel git patch gcc openssl-devel [vagrant@ansibleserver ~]$ cd /var/tmp/ [vagrant@ansibleserver tmp]$ git clone https://github.com/tagomoris/xbuild.git Initialized empty Git repository in /var/tmp/xbuild/.git/ remote: Counting objects: 174, done. remote: Total 174 (delta 0), reused 0 (delta 0), pack-reused 174 Receiving objects: 100% (174/174), 36.78 KiB, done. Resolving deltas: 100% (92/92), done. [vagrant@ansibleserver tmp]$ ll 合計 4 drwxr-xr-x 3 vagrant vagrant 4096 5月 27 17:26 2015 xbuild [vagrant@ansibleserver tmp]$ sudo xbuild/python-install 2.7.10 /opt/python-2.10 [vagrant@ansibleserver tmp]$ sudo /opt/python-2.10/bin/pip install ansible [vagrant@ansibleserver tmp]$ echo 'PATH=/opt/python-2.10/bin:$PATH' >> ~/.bashrc
インベントリファイルの記入(対象ホストを記入しておかないと動作しない)
[vagrant@ansibleserver tmp]$ echo "192.168.50.5" > ~/ansible_hosts [vagrant@ansibleserver tmp]$ echo "ansibleagent.com" >> ~/ansible_hosts [vagrant@ansibleserver ~]$ export ANSIBLE_INVENTORY=~/ansible_hosts
疎通確認
[vagrant@ansibleserver ~]$ ansible all -m ping Enter passphrase for key '/home/vagrant/.ssh/id_rsa': 192.168.50.5 | success >> { "changed": false, "ping": "pong" }
アドホックコマンドでためす
# リモートでunameを叩く [vagrant@ansibleserver ~]$ ansible 192.168.50.5 -a 'uname -r' Enter passphrase for key '/home/vagrant/.ssh/id_rsa': 192.168.50.5 | success | rc=0 >> 2.6.32-504.16.2.el6.x86_64 # ファイルをコピー # srcはローカル、destがリモートのパスとなる [vagrant@ansibleserver ~]$ ansible ansibleagent.com -m copy -a "src=/home/vagrant/hoge dest=/home/vagrant/fuga" # パッケージを入れる(-mで使用するmodule指定、-sでroot?、-aで実施したい内容の詳細を) [vagrant@ansibleserver ~]$ ansible ansibleagent.com -m yum -s -a "name=httpd state=latest" # パッケージを消す [vagrant@ansibleserver ~]$ ansible ansibleagent.com -m yum -s -a "name=httpd state=absent"
ansibleのmoduleマニュアル
yumに何が指定できるかみたいときなど(stateのlatestとabsentはなにかなど)
# 一覧 [vagrant@ansibleserver ~]$ ansible-doc -l # yumモジュールの詳細 [vagrant@ansibleserver ~]$ ansible-doc yum
PlayBookを使う
Intro to Playbooks — Ansible Documentation Ansibleをアドホックモードで実行するのと、もう一つの方法。yamlで記述
グループの指定(これによって、複数の管理対象ホストにまとめて実行できる)
[vagrant@ansibleserver ~]$ vi ansible_hosts [sample] 192.168.50.5 ansibleagent.com
PlayBookを書く
# 作成 [vagrant@ansibleserver ~]$ vi sample-playbook.yml --- - hosts: sample sudo: yes tasks: - name: epel-release install yum: name=epel-release state=installed - name: sl command installed yum: name=sl state=installed - name: ls command run! shell: /bin/ls > /tmp/list.txt ignore_errors: True # 処理対象となるホストチェック [vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --list-hosts playbook: sample-playbook.yml play #1 (sample): host count=1 ansibleagent.com # シンタックスチェック [vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --syntax-check # タスク確認 [vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --list-task # ドライラン [vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --check # 実行 [vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml PLAY [sample] ***************************************************************** GATHERING FACTS *************************************************************** ok: [ansibleagent.com] TASK: [epel-release install] ************************************************** changed: [ansibleagent.com] TASK: [sl command installed] ************************************************** changed: [ansibleagent.com] TASK: [ls command run!] ******************************************************* changed: [ansibleagent.com] PLAY RECAP ******************************************************************** ansibleagent.com : ok=4 changed=3 unreachable=0 failed=0
wordpress構築のPlayBookを流してみる yteraoka/ansible-tutorial at playbook
[vagrant@ansibleserver ~]$ git clone https://github.com/yteraoka/ansible-tutorial.git Initialized empty Git repository in /home/vagrant/ansible-tutorial/.git/ remote: Counting objects: 440, done. remote: Total 440 (delta 0), reused 0 (delta 0), pack-reused 440 Receiving objects: 100% (440/440), 6.45 MiB | 1.42 MiB/s, done. Resolving deltas: 100% (227/227), done. [vagrant@ansibleserver ~]$ cd ansible-tutorial [vagrant@ansibleserver ansible-tutorial]$ git checkout playbook Branch playbook set up to track remote branch playbook from origin. Switched to a new branch 'playbook' [vagrant@ansibleserver ansible-tutorial]$ ansible-playbook site.yml