반응형
Ansible
1. IaC 동작 방식
1.1 선언형
1.2. 명령형
2. DSL 과 GPL
2.1. DSL (Domain specific Language)
2.2. GPL (General purpose Language)-c언어 ,파이썬
3. IaC 도입의 장단점
3.1. 장점
3.1.1. 효율성 및 스피드
3.1.2. 버전 관리(형상 관리)-GIT&GITHUB(GITLAB,BITBUCKET)
3.1.3. 협업
3.1.4. 재사용성
3.1.5. 기술의 자산화 -하시코프
3.2. 단점
3.2.1. 코드 학습: 대부분 범용 코드(GSL)가 아닌 DSL
3.2.2. 파이프라인(CI/CD) 통합: 자동화를 위한 추가 작업 필요
3.3.3. 기존 Infra에 대한 이해 필요
#! /bin/bash
yum install -y wget
yum install -y httpd
wget https://ko.wordpress.org/wordpress-5.8.6-ko_KR.tar.gz
tar xvfz wordpress-5.8.6-ko_KR.tar.gz
cp -a wordpress/* /var/www/html/
cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
sed -i 's/DirectoryIndex index.html/DirectoryIndex index.php/g' /etc/httpd/conf/httpd.conf
yum install -y epel-release yum-utils
yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi-php74
yum install -y php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysqlnd
sed -i 's/database_name_here/wordpress/g' /var/www/html/wp-config.php
sed -i 's/username_here/root1/g' /var/www/html/wp-config.php
sed -i 's/password_here/It12345!/g' /var/www/html/wp-config.php
sed -i 's/localhost/db-gsd0t.cdb.ntruss.com/g' /var/www/html/wp-config.php
systemctl start httpd
위의 스크립트를 yml 파일로 생성해보고, yml 파일을 가상머신 2번 (web1 서버)에 ansible-playbook을 통해 실행해보겠습니다.
---
- name: wordpress download & install, php7.4 install
hosts: web1
tasks:
- name: wget, httpd, php repository, php7.4 repo install
yum:
name: "{{ item }}"
state: present -> loop 뒤에 써주면 loop에 걸려서 안됩니다.
loop:
- wget
- httpd
- yum-utils
- epel-release
- http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- name: yum-config-manager config
shell:
yum-config-manager --enable remi-php74 -
- name: php7.4 install
yum:
name: "{{ packages }}"
vars:
packages:
- php
- php-common
- php-opcache
- php-mcrypt
- php-cli
- php-gd
- php-curl
- php-mysqlnd
- name: url use file download
get_url:
url: https://ko.wordpress.org/wordpress-5.8.6-ko_KR.tar.gz
dest: ./
- name: unarcive
unarchive:
src: wordpress-5.8.6-ko_KR.tar.gz
dest: ./
remote_src: yes
- name: index.html change index.php
lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: 'DirectoryIndex index.html'
line: 'DirectoryIndex index.php'
- name: wordpress directory all file copy to /var/www/html
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
remote_src: yes
loop:
- {src: './wordpress/', dest: '/var/www/html/' }
- {src: '/var/www/html/wp-config-sample.php', dest: '/var/www/html/wp-config.php' }
- name: wp-config.php file change
replace:
path: /var/www/html/wp-config.php
regexp: "{{ item.src }}"
replace: "{{ item.dest }}"
loop:
- {src: "database_name_here", dest: "wordpress" }
- {src: "username_here", dest: "root" }
- {src: "password_here", dest: "It12345@" }
- {src: "localhost", dest: "10.0.0.4" }
- name: httpd service started
service:
name: httpd
state: started
- name: httpd firewall open
firewalld:
port: 80/tcp
state: enabled위에서 lineinfile 이 아닌 replace 쓴 이유: lineinfile은 해당 줄 통째로 바꿔버리므로,
해당 행 안의 원하는 부분만 치환하는 것이 불가합니다.
3번 가상머신 (was 서버)에 haproxy + web 서버를 설치해봅시다.
3번 가상머신 haproxy는 80 포트, web 서버는 8080 포트를 엽니다.
---
- name: wordpress download & install, php7.4 install
hosts: was1
tasks:
- name: wget, httpd, php repository, php7.4 repo install, haproxy
yum:
name: "{{ item }}"
state: present
loop:
- wget
- httpd
- yum-utils
- epel-release
- http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- haproxy
- name: yum-config-manager config
shell:
yum-config-manager --enable remi-php74
- name: php7.4 install
yum:
name: "{{ packages }}"
vars:
packages:
- php
- php-common
- php-opcache
- php-mcrypt
- php-cli
- php-gd
- php-curl
- php-mysqlnd
- name: url use file download
get_url:
url: https://ko.wordpress.org/wordpress-5.8.6-ko_KR.tar.gz
dest: ./
- name: unarcive
unarchive:
src: wordpress-5.8.6-ko_KR.tar.gz
dest: ./
remote_src: yes
- name: index.html change index.php, Listen 8080
lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: "{{ item.src }}" 'DirectoryIndex index.html'
line: "{{ item.dest }}"'DirectoryIndex index.php'
loop:
- {src: 'DirectoryIndex index.html', dest: 'DirectoryIndex index.php'}
- {src: 'Listen 80', dest: 'Listen 8080'}
- name: wordpress directory all file copy to /var/www/html
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
remote_src: yes
loop:
- {src: './wordpress/', dest: '/var/www/html/' }
- {src: '/var/www/html/wp-config-sample.php', dest: '/var/www/html/wp-config.php' }
- name: wp-config.php file change
replace:
path: /var/www/html/wp-config.php
regexp: "{{ item.src }}"
replace: "{{ item.dest }}"
loop:
- {src: "database_name_here", dest: "wordpress" }
- {src: "username_here", dest: "root" }
- {src: "password_here", dest: "It12345@" }
- {src: "localhost", dest: "10.0.0.4" }
- name: haproxy frontend, backend
replace:
path: /etc/haproxy/haproxy.cfg -> src, dest 가 고정적인 코드가 아닙니다. 바꿔서 써도 무방합니다.
regexp: "{{ item.aa }}"
replace: "{{ item.bb }}"
loop:
- {aa: '.5000', bb: '.80'} -> '*.5000' 으로 하면 * 을 모듈로 인식해서 빼줘야합니다.
- {aa: '127.0.0.1:5001', bb: '10.0.0.2:80'}
- name: haproxy backend line delete -> 주석처리하는 것 대신 삭제해버리는 방법입니다.
lineinfile:
path: /etc/haproxy/haproxy.cfg
regexp: "{{ item.src }}"
replace: "{{ item.dest }}"
loop:
- {src: '127.0.0.1:5003', dest: ''}
- {src: '127.0.0.1:5004', dest: ''}
- name: httpd service started
service:
name: "{{ item }}"
state: started
loop:
- httpd
- haproxy
- name: httpd firewall open
firewalld:
port: "{{ item }}"
state: enabled
loop:
- 80/tcp
- 8080/tcp반응형
'클라우드 기초 > Ansible' 카테고리의 다른 글
| <nginx + wordpress + php-fpm + mysql > yml 파일 (0) | 2023.06.14 |
|---|---|
| MySQL 설치, 비밀번호 변경, 접근권한 설정 yml 파일 만들기 (0) | 2023.06.13 |
| nginx 설치 및 설정 yml (0) | 2023.06.13 |
댓글