반응형
예제 코드는 제 깃에 올려놨습니다.
dnfwlq8054/Ansible
Contribute to dnfwlq8054/Ansible development by creating an account on GitHub.
github.com
1. 구상도
2. OS및 계정 셋팅
Master node
OS : CentOS 7
IP : 192.168.0.18
User name : hwan
User group : wheel
Hostname : master
WebServer
OS : CentOS 7
IP : 192.168.0.19
User name : hwan
User group : wheel
Hostname : node01
DBServer
OS : CentOS 7
IP : 192.168.0.20
User name : hwan
User group : wheel
Hostname : node02
3. 구조
4. inventory
node01
node02
[webserver]
node01
[dbserver]
node02
5. wpVar_file.yml
#Wordpress var
wp_link : "https://ko.wordpress.org/wordpress-4.8.2-ko_KR.zip"
wp_dest : "/var/www/html"
6. ansible.cfg
[defaults]
inventory = ./inventory
remote_user = hwan
ask_pass = false
interpreter_python = /usr/bin/python2.7
[privilege_escalation]
become = true
become_method = sudo
become_user = root
become_ask_pass = false
7. playbook
---
- hosts : webserver
become : true
roles :
- apache
- hosts : webserver
become : true
vars_files :
- wpVar_file.yml
roles :
- wordpress
- hosts : dbserver
become : true
roles :
- mariadb
8. apache/tasks/main.yml
---
- name : intall http
yum :
name : httpd
state : latest
- name : create index.html
become : yes
action : shell cd /var/www/html && touch index.html && echo "hello~~" >> index.html
- name : start http
systemd :
name : httpd
state : started
enabled : yes
- name: Open port 80 for http access
firewalld:
service: http
permanent: true
state: enabled
- name: reload firewalld
command: firewall-cmd --reload
9. mariadb/tasks/main.yml
---
- name : install mariadb
yum :
name : "{{ item }}"
update_cache : yes
state : latest
loop : ['mariadb-server', 'python3-PyMySQL', 'MySQL-python' ]
- name : db start
systemd :
name : mariadb
state : restarted
- name : create database for wordpress
mysql_db :
name : 'wordpress'
state : present
login_user : 'root'
login_password : ''
- name : create mariadb user
mysql_user:
name : 'wpuser'
password: 'wppass'
host : '%'
priv: 'wordpress.*:ALL'
state : present
login_user : 'root'
login_password: ''
- name: do not permit traffic in default zone on port 3306/tcp
firewalld:
port: 3306/tcp
permanent: yes
state: enabled
- name: reload firewalld
command: firewall-cmd --reload
10. wordpress/tasks/main.yml
---
- name : install httpd php php-mysql php-gd php-mbstring wget unzip
yum :
name : "{{ item }}"
update_cache : yes
state : latest
loop : [ 'php', 'php-mysql', 'php-gd', 'php-mbstring','wget', 'unzip' ]
- name : install wordpress
get_url : url={{ wp_link }} dest={{ wp_dest }}
- name : unzip!!
action : shell cd {{ wp_dest }} && rm -rf wordpress && unzip wordpress-4.8.2-ko_KR.zip
- name : set ownership
file :
path : "{{ wp_dest }}/wordpress"
state : directory
recurse : yes
owner : apache
group : apache
- name : setEnforce
selinux:
policy: targeted
state: permissive
- name : httpd restart
systemd :
name : httpd
state : restarted
자세한 설명은 추 후에....
반응형
'프로그래밍 > Ansible' 카테고리의 다른 글
| Ansible Inventory 작성방법 (0) | 2021.04.01 |
|---|---|
| Ansible(앤서블)에 대하여.... (간단한 설명) (0) | 2021.04.01 |
댓글