centos, ubuntu, window node 생성 및 nfs
(ansible 책으로 하는거 설명없이 코드만)
vagrantfile
# --- Ansible Server ---
Vagrant.configure("2") do |config|
config.vm.define "my-ansible-server" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-ansible-server"
vb.cpus = 2
vb.memory = 4096
vb.gui = false
end
cfg.vm.host_name = "control.example.com"
cfg.vm.network "private_network", ip: "192.168.110.10"
cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "shell", inline: "yum -y install centos-release-ansible-29.noarch"
cfg.vm.provision "shell", inline: "yum install ansible -y"
cfg.vm.provision "file", source: "ansible_env_ready.yml",
destination: "ansible_env_ready.yml"
cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml"
end
# --- managed node 1 ---
config.vm.define "my-managed-node1" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-node1"
vb.cpus = 1
vb.memory = 2048
vb.gui = false
end
cfg.vm.host_name = "node1.example.com"
cfg.vm.network "private_network", ip: "192.168.110.20"
cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
end
# --- managed node 2 ---
config.vm.define "my-managed-node2" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-node2"
vb.cpus = 1
vb.memory = 2048
vb.gui = false
end
cfg.vm.host_name = "my-node2.example.com"
cfg.vm.network "private_network", ip: "192.168.110.30"
cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
end
# --- managed node 3 ---
config.vm.define "my-managed-node3" do |cfg|
cfg.vm.box = "centos/7"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-node3"
vb.cpus = 1
vb.memory = 2048
vb.gui = false
end
cfg.vm.host_name = "node3.example.com"
cfg.vm.network "private_network", ip: "192.168.110.40"
cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
end
end
ansible_env_ready.yml
- name: setup for the ansible's environment
hosts: localhost
gather_facts: no
tasks:
- name: add "/etc/hosts"
blockinfile:
path: /etc/hosts
block: |
192.168.110.20 node1.example.com node1
192.168.110.30 node2.example.com node2
192.168.110.40 node3.example.com node3
- name: add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[centos]
node1
node2
node3
- name: create vim env's directory & files
shell: "{{item}}"
loop:
- "touch /home/vagrant/.vimrc"
- "touch /home/vagrant/.bashrc"
- name: install vim-enhanced and git
yum:
name:
- vim-enhanced
- git
state: present
- name: configure .vimrc
lineinfile:
path: /home/vagrant/.vimrc
line: autocmd FileType yaml setlocal ai ts=2 sw=2 et
- name: configure .bashrc
lineinfile:
path: /home/vagrant/.bashrc
line: "{{item}}"
loop:
- "alias ans='ansible'"
- "alias anp='ansible-playbook'"
ssh_conf.sh
#/bin/bash
# allow ssh login with password
time=$(date "+%Y%m%d.%H%M%S")
# backup before overwriting
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$time.backup
sudo sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sudo systemctl restart sshd
nginx 설치
[vagrant@control work]$ vim nginx.yaml
- name: install nginx on CentOS
hosts: centos
gather_facts: no
become: yes
tasks:
- name: install epel-release
yum:
name: epel-release
state: latest
- name: install nginx web server
yum:
name: nginx
state: present
- name: upload default index.html for web server
get_url:
url: https://www.nginx.com
dest: /usr/share/nginx/html/
mode: 0644
- name: start nginx web server
service:
name: nginx
state: started
nginx 삭제
[vagrant@control work]$ cat nginx_remove.yaml
- name: remove nginx on centos
hosts: centos
gather_facts: no
become: yes
tasks:
- name: remove epel-release
yum:
name: epel-release
state: absent
- name: remove nginx web server
yum:
name: nginx
state: absent
timezone 설정
[vagrant@control work]$ cat timezone.yaml
- name: setup timezone
hosts: centos
gather_facts: no
become: yes
tasks:
- name: set timezone to Asia/Seoul
timezone:
name: Asia/Seoulcontrol은 "$ timedatectl set-timezone Asia/Seoul"
nfs를 통한 공유폴더 마운트
[vagrant@control work]$ cat nfs.yaml
- name: setup for nfs server
hosts: localhost
gather_facts: no
tasks:
- name: make nfs_shared directory
file:
path: /home/vagrant/nfs_shared
state: directory
mode: 0755
- name: configure /etc/exports
become: yes
lineinfile:
path: /etc/exports
line: /home/vagrant/nfs_shared 192.168.110.0/24(rw,no_root_squash,sync)
- name: nfs service restart
become: yes
service:
name: nfs
state: restarted
- name: setup for nfs clients
hosts: centos
gather_facts: no
tasks:
- name: make nfs_client directory
file:
path: /home/vagrant/nfs
state: directory
- name: mount point directory as client
become: yes
mount:
path: /home/vagrant/nfs
src: 192.168.110.10:/home/vagrant/nfs_shared
fstype: nfs
opts: nfsvers=3
state: mounted** 확인은 "$ ans all -m shell -a "sudo mount |grep nfs" -k"
ubuntu 추가 vagrantfile
# --- managed node 4 - ubuntu ---
config.vm.define "my-managed-node4" do |cfg|
cfg.vm.box = "generic/ubuntu2204"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-ubuntu-node4"
vb.cpus = 1
vb.memory = 2048
vb.gui = false
end
cfg.vm.host_name = "node4.example.com"
cfg.vm.network "private_network", ip: "192.168.110.50"
# cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
end
# --- managed node 5 - ubuntu ---
config.vm.define "my-managed-node5" do |cfg|
cfg.vm.box = "generic/ubuntu2204"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-ubuntu-node5"
vb.cpus = 1
vb.memory = 2048
vb.gui = false
end
cfg.vm.host_name = "node5.example.com"
cfg.vm.network "private_network", ip: "192.168.110.60"
# cfg.vm.provision "shell", path: "ssh_conf.sh"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
end
ansible_env_ready.yml 수정
- name: setup for the ansible's environment
hosts: localhost
gather_facts: no
tasks:
- name: add "/etc/hosts"
blockinfile:
path: /etc/hosts
block: |
192.168.110.20 node1.example.com node1
192.168.110.30 node2.example.com node2
192.168.110.40 node3.example.com node3
192.168.110.50 node4.example.com node4 #여기
192.168.110.60 node4.example.com node5 #여기
- name: add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[centos]
node1
node2
node3
[ubuntu] #여기
node4
node5** 추가 했으면, "vagrant snapshot save [스냅샷이름]" 으로 스냅샷 찍어두기
nfs 연결 (우분투 포함)
[vagrant@control work]$ vim nfs.yaml
state: directory
mode: 0755
- name: configure /etc/exports
become: yes
lineinfile:
path: /etc/exports
line: /home/vagrant/nfs_shared 192.168.110.0/24(rw,no_root_squash,sync)
- name: nfs service restart
become: yes
service:
name: nfs
state: restarted
- name: setup for nfs clients
hosts: all
become: yes
tasks:
- name: nfs for ubuntu
apt:
name: nfs-common
update_cache: yes
state: present
when: ansible_facts.os_family == 'Debian'
- yum:
name: nfs-utils
state: present
when: ansible_facts.os_family == 'Redhat'
- name: make nfs_client directory
file:
path: /home/vagrant/nfs
state: directory
- name: mount point directory as client
become: yes
mount:
path: /home/vagrant/nfs
src: 192.168.110.10:/home/vagrant/nfs_shared
fstype: nfs
opts: nfsvers=4
state: mounted
윈도우 추가 (윈도우는 컨트롤노드가 될 수 없다. 그저 관리대상)
# --- managed node 6 - window ---
config.vm.define "my-managed-node6" do |cfg|
cfg.vm.box = "sysnet4admin/Windows2016"
cfg.vm.provider "virtualbox" do |vb|
vb.name = "my-window-node6"
vb.cpus = 1
vb.memory = 2048
vb.customize ['modifyvm', :id, '--clipboard', 'bidirectional'] # 클립보드 양방향 설정
vb.gui = true # 부팅할때 콘솔 볼건지
end
cfg.vm.host_name = "node6.example.com" # 윈도우는 .example.com쓰면 호스트, ip가 안잡히니까 빼라
cfg.vm.network "private_network", ip: "192.168.110.70"
cfg.vm.synced_folder "../data", "/vagrant", disabled: true
cfg.vm.provision "shell", inline: "netsh advfirewall set allprofiles state off" # 방화벽 끄기
end tasks:
- name: add "/etc/hosts"
blockinfile:
path: /etc/hosts
block: |
192.168.110.20 node1.example.com node1
192.168.110.30 node2.example.com node2
192.168.110.40 node3.example.com node3
192.168.110.50 node4.example.com node4
192.168.110.60 node5.example.com node5
192.168.110.70 node6.example.com node6 # 추가
- name: add "/etc/ansible/hosts"
blockinfile:
path: /etc/ansible/hosts
block: |
[centos]
node1
node2
node3
[ubuntu]
node4
node5
[windows] # 추가
node6
윈도우 서버와 통신을 위해
ansible_env_ready.yml 에 추가
[windows]
node6 ansible_connection=winrm ansible_user=vagrant ansible_port=5985
####### Add for windows node ######
- name: install epel-release
yum:
name: epel-release
state: present
- name: install pip
yum:
name: pip
state: present
- name: install pywinrm
yum:
name: python2-winrm #centos7 기준
state: present
###################################이후
"ansible windows -m win_ping -k" 이러면 나감
nginx 설정
centos, ubuntu, windows
더보기
[vagrant@control work]$ cat nginx.yaml
- name: install nginx on CentOS
hosts: centos
gather_facts: no
become: yes
tasks:
- name: install epel-release
yum:
name: epel-release
state: latest
- name: install nginx web server
yum:
name: nginx
state: present
- name: upload default index.html for web server
get_url:
url: https://www.nginx.com
dest: /usr/share/nginx/html/
mode: 0644
- name: start nginx web server
service:
name: nginx
state: started
- name: install nginx on ubuntu
hosts: ubuntu
gather_facts: no
become: yes
tasks:
- name: install nginx web server
apt:
name: nginx
state: present
update_cache: yes
- name: upload default index.html for web server
get_url:
url: https://www.nginx.com
dest: /usr/share/nginx/html/
mode: 0644
validate_certs: no
- name: install nginx on windows
hosts: windows
gather_facts: no
tasks:
- name: create directory
win_file:
path: C:\nginx
state: directory
- name: download nginx
win_get_url:
url: http://nginx.org/download/nginx-1.14.0.zip
dest: C:\nginx\nginx-1.14.0.zip
- name: unzip nginx
win_unzip:
src: C:\nginx\nginx-1.40.0.zip
dest: C:\nginx
delete_archive: yes
- name: install NSSM
win_chocolatey:
name: nssm
- name: download new index.html
win_get_url:
url: https://www.nginx.com
dest: C:\nginx\nginx-1.14.0\html\index.html
- name: nginx service on by nssm
win_nssm:
name: nginx
application: C:\nginx\nginx-1.14.0\nginx.exe
state: present
- name: restart nginx service
win_service:
name: nginx
state: restartedwindows에서 nssm이 안깔린다면
powerchell을 관리자 권한으로 켠뒤
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
를 통해 chocolatey를 설치하고 하면 됨
윈도우 timezone 설정
더보기
[vagrant@control work]$ cat timezone.yaml
- name: setup timezone
hosts: centos
gather_facts: no
become: yes
tasks:
- name: set timezone to Asia/Seoul
timezone:
name: Asia/Seoul
- name: setup ubuntu timezone
hosts: ubuntu
gather_facts: no
become: yes
tasks:
- name: set timezone to Asia/Seoul
timezone:
name: Asia/Seoul
- name: setup windows timezone
hosts: windows
gather_facts: no
tasks:
- name: set timezone to 'Korea Standard Time'
win_timezone:
timezone: 'Korea Standard Time'윈도우 nfs 클라이언트 구성
더보기
[vagrant@control work]$ cat nfs.yaml
- name: setup for nfs server
hosts: localhost
gather_facts: no
tasks:
- name: make nfs_shared directory
file:
path: /home/vagrant/nfs_shared
state: directory
mode: 0777 # 윈도우에서 파일 작성하려면 0777 이어야함
- name: configure /etc/exports
become: yes
lineinfile:
path: /etc/exports
line: /home/vagrant/nfs_shared 192.168.110.0/24(rw,sync)
- name: nfs service restart
become: yes
service:
name: nfs
state: restarted
- name: setup for nfs clients
hosts: linux # node[1:5] 로 /etc/ansible/hosts에 등록해둠
become: yes
tasks:
- name: nfs for ubuntu
apt:
name: nfs-common
update_cache: yes
state: present
when: ansible_facts.os_family == 'Debian' # ㅁ우분투라면 apt로 nfs-common을 설치해라
- yum:
name: nfs-utils
state: present
when: ansible_facts.os_family == 'Redhat'
- name: make nfs_client directory
file:
path: /home/vagrant/nfs
state: directory
- name: mount point directory as client
become: yes
mount:
path: /home/vagrant/nfs
src: 192.168.110.10:/home/vagrant/nfs_shared
fstype: nfs
opts: nfsvers=4
state: mounted
- name: setup for nfs windows clients
hosts: windows
gather_facts: no
tasks:
- name: mount feature on
win_feature:
name: NFS-Client
state: present
- name: mount nfs_shared
win_command: net use "z:" "\\192.168.110.10/home/vagrant/nfs_shared"
- name: windows reboot
win_reboot:
ans windows -m win_command -a "mount" -k
'Ansible' 카테고리의 다른 글
| Handler, Template, Role (0) | 2024.02.20 |
|---|---|
| Vault, Facts, Include_tasks, 조건문 (0) | 2024.02.19 |
| 실습 (0) | 2024.02.14 |
| Playbook (0) | 2024.02.13 |
| Ansible Yaml (0) | 2024.02.07 |