Ansible

Ansibleとは？

Puppet同様に構成管理エンジン。シンプル クライアント側へのエージェントインストールを必要とせずSSHを介して操作する。

URL

• Ansible チュートリアル | Ansible Tutorial in Japanese
• Ansible Documentation — Ansible Documentation

使用したゲスト

# PackerでBOX作成
$ ghq get git@github.com:momijiame/packer-vanilla-box.git
$ pwd
~/src/github.com/momijiame/packer-vanilla-box/centos/6
$ packer build -only=virtualbox-iso centos6.json

# vagrantfileは以下を使用
4 VAGRANTFILE_API_VERSION = "2"
5
6 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
7   config.vm.box = "CentOS6.6_Packer"
8
9   config.vm.define :ansibleserver do |ansibleserver|
10     ansibleserver.vm.hostname = "ansibleserver.com"
11     ansibleserver.vm.network :private_network, ip: "192.168.    50.4", virtualbox__intnet: "pupnet"
12   end
13
14   config.vm.define :ansibleagent do |ansibleagent|
15     ansibleagent.vm.hostname = "ansibleagent.com"
16     ansibleagent.vm.network :private_network, ip: "192.168.5    0.5", virtualbox__intnet: "pupnet"
17   end
18 end

設定

SSH公開鍵認証設定

[vagrant@ansibleserver ~]$ ssh-keygen -t rsa
[vagrant@ansibleserver ~]$ chmod 600 ~/.ssh/id_rsa.pub
[vagrant@ansibleserver ~]$ scp ~/.ssh/id_rsa.pub vagrant@192.168.50.5:~/.ssh/authorized_keys

Ansibleインストール

[vagrant@ansibleserver ~]$ sudo yum install bzip2-devel sqlite-devel git patch gcc openssl-devel
[vagrant@ansibleserver ~]$ cd /var/tmp/
[vagrant@ansibleserver tmp]$ git clone https://github.com/tagomoris/xbuild.git
Initialized empty Git repository in /var/tmp/xbuild/.git/
remote: Counting objects: 174, done.
remote: Total 174 (delta 0), reused 0 (delta 0), pack-reused 174
Receiving objects: 100% (174/174), 36.78 KiB, done.
Resolving deltas: 100% (92/92), done.
[vagrant@ansibleserver tmp]$ ll
合計 4
drwxr-xr-x 3 vagrant vagrant 4096  5月 27 17:26 2015 xbuild
[vagrant@ansibleserver tmp]$ sudo xbuild/python-install 2.7.10 /opt/python-2.10
[vagrant@ansibleserver tmp]$ sudo /opt/python-2.10/bin/pip install ansible
[vagrant@ansibleserver tmp]$ echo 'PATH=/opt/python-2.10/bin:$PATH' >> ~/.bashrc

インベントリファイルの記入（対象ホストを記入しておかないと動作しない）

[vagrant@ansibleserver tmp]$ echo "192.168.50.5" > ~/ansible_hosts
[vagrant@ansibleserver tmp]$ echo "ansibleagent.com" >> ~/ansible_hosts
[vagrant@ansibleserver ~]$ export ANSIBLE_INVENTORY=~/ansible_hosts

疎通確認

[vagrant@ansibleserver ~]$ ansible all -m ping
Enter passphrase for key '/home/vagrant/.ssh/id_rsa':
192.168.50.5 | success >> {
    "changed": false,
    "ping": "pong"
}

アドホックコマンドでためす

# リモートでunameを叩く
[vagrant@ansibleserver ~]$ ansible 192.168.50.5 -a 'uname -r'
Enter passphrase for key '/home/vagrant/.ssh/id_rsa':
192.168.50.5 | success | rc=0 >>
2.6.32-504.16.2.el6.x86_64

# ファイルをコピー
# srcはローカル、destがリモートのパスとなる
[vagrant@ansibleserver ~]$ ansible ansibleagent.com -m copy -a "src=/home/vagrant/hoge dest=/home/vagrant/fuga"

# パッケージを入れる（-mで使用するmodule指定、-sでroot?、-aで実施したい内容の詳細を）
[vagrant@ansibleserver ~]$ ansible ansibleagent.com -m yum -s -a "name=httpd state=latest"
# パッケージを消す
[vagrant@ansibleserver ~]$ ansible ansibleagent.com -m yum -s -a "name=httpd state=absent"

ansibleのmoduleマニュアル

yumに何が指定できるかみたいときなど（stateのlatestとabsentはなにかなど）

# 一覧
[vagrant@ansibleserver ~]$ ansible-doc -l
# yumモジュールの詳細
[vagrant@ansibleserver ~]$ ansible-doc yum

PlayBookを使う

Intro to Playbooks — Ansible Documentation Ansibleをアドホックモードで実行するのと、もう一つの方法。yamlで記述

グループの指定（これによって、複数の管理対象ホストにまとめて実行できる）

[vagrant@ansibleserver ~]$ vi ansible_hosts
[sample]
192.168.50.5
ansibleagent.com

PlayBookを書く

# 作成
[vagrant@ansibleserver ~]$ vi sample-playbook.yml
---
- hosts: sample
  sudo: yes
  tasks:
  - name: epel-release install
    yum: name=epel-release state=installed

  - name: sl command installed
    yum: name=sl state=installed

  - name: ls command run!
    shell: /bin/ls > /tmp/list.txt
    ignore_errors: True

# 処理対象となるホストチェック
[vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --list-hosts

playbook: sample-playbook.yml

  play #1 (sample): host count=1
    ansibleagent.com
    
# シンタックスチェック
[vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --syntax-check

# タスク確認
[vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --list-task

# ドライラン
[vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml --check

# 実行
[vagrant@ansibleserver ~]$ ansible-playbook sample-playbook.yml

PLAY [sample] *****************************************************************

GATHERING FACTS ***************************************************************
ok: [ansibleagent.com]

TASK: [epel-release install] **************************************************
changed: [ansibleagent.com]

TASK: [sl command installed] **************************************************
changed: [ansibleagent.com]

TASK: [ls command run!] *******************************************************
changed: [ansibleagent.com]

PLAY RECAP ********************************************************************
ansibleagent.com           : ok=4    changed=3    unreachable=0    failed=0

wordpress構築のPlayBookを流してみる yteraoka/ansible-tutorial at playbook

[vagrant@ansibleserver ~]$ git clone https://github.com/yteraoka/ansible-tutorial.git
Initialized empty Git repository in /home/vagrant/ansible-tutorial/.git/
remote: Counting objects: 440, done.
remote: Total 440 (delta 0), reused 0 (delta 0), pack-reused 440
Receiving objects: 100% (440/440), 6.45 MiB | 1.42 MiB/s, done.
Resolving deltas: 100% (227/227), done.
[vagrant@ansibleserver ~]$ cd ansible-tutorial
[vagrant@ansibleserver ansible-tutorial]$ git checkout playbook
Branch playbook set up to track remote branch playbook from origin.
Switched to a new branch 'playbook'
[vagrant@ansibleserver ansible-tutorial]$ ansible-playbook site.yml