¥¤¥ó¥¹¥È¡¼¥ë †
- ¥Ñ¥Ã¥±¡¼¥¸ (apt¡¢yum¡¢homebrew) ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤¤ë¤±¤É¡¢Ansible ¤Ø¤ÎÄɿ郎ÃÙ¤¤¤Î¤Ç python ¤Î pip ¤¬¤è¤µ¤²
- homebrew ÈǤΠpython ¤Ø¤Î Ansible ¤Î¥¤¥ó¥¹¥È¡¼¥ë¤Ï¼ºÇÔ¤¹¤ë¤Î¤Ç¡¢¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ï¥¢¥ó¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë
$ brew uninstall python
- xcode (´ÞappleÈÇpython) ¤ò¥¤¥ó¥¹¥È¡¼¥ë
$ xcode-select --install
- pip ¤ò¥¤¥ó¥¹¥È¡¼¥ë
$ easy_install --user pip
Mac OSX ¤Ç¤Ï¡¢"--user" ¤òÆþ¤ì¤Æ¡¢¥í¥°¥¤¥ó¥æ¡¼¥¶¤Î¥í¡¼¥«¥ë´Ä¶¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤è¤¦¤Ë¤·¤Ê¤¤¤È¥¤¥ó¥¹¥È¡¼¥ë¤Ë¼ºÇÔ¤¹¤ë
- ansible ¤ò¥¤¥ó¥¹¥È¡¼¥ë
$ pip install --user ansible --upgrade
$ ansible --version
ansible 2.1.0.0
config file =
configured module search path = Default w/o overrides
- ¥ë¡¼¥È¤Î ansible.cfg ¤òÇÛÃÖ
$ sudo mkdir /etc/ansible
$ sudo curl -L https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg -o /etc/ansible/ansible.cfg
¤Û¤ÜÁ´Éô¥³¥á¥ó¥È¤Ê¤ó¤Ç̵¤¯¤Æ¤â¤¤¤¤¤±¤É¡¢¥ê¥Õ¥¡¥ì¥ó¥¹¤È¤·¤ÆÆþ¤ì¤Æ¤ª¤¯
- ¥Õ¥¡¥¤¥ë¡¦¥Ç¥£¥¹¥¯¥ê¥×¥¿¤Î¾å¸Â¤òÂ礤¯¤¹¤ë (ansible ¤Ç¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Î 256 ¤Ç¤Ï¤ê¤Ê¤¤)
- /Library/LaunchDaemons?/limit.maxfiles.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>limit.maxfiles</string>
<key>ProgramArguments</key>
<array>
<string>launchctl</string>
<string>limit</string>
<string>maxfiles</string>
<string>524288</string>
<string>524288</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
- ³Îǧ
$ launchctl limit maxfiles
maxfiles 524288 524288
$ ulimit -n
524288
CentOS7 ¤ò Vagrant ¤Çµ¯Æ°¤¹¤ë †
$ cd sourcetree/AnsibleExam/nginx
$ vagrant init centos/7
$ vagrant up
- ¤³¤³¤Þ¤Ç¤Ç Vagrant ¤Ë¤è¤ê¡¢¼¡¤Î¥Õ¥¡¥¤¥ë¤¬À¸À®¤µ¤ì¤ë
$ tree -a
.
¨§¨¡¨¡ .vagrant
¨¢ ¨¦¨¡¨¡ machines
¨¢ ¨¦¨¡¨¡ default
¨¢ ¨¦¨¡¨¡ virtualbox
¨¢ ¨§¨¡¨¡ action_provision
¨¢ ¨§¨¡¨¡ action_set_name
¨¢ ¨§¨¡¨¡ creator_uid
¨¢ ¨§¨¡¨¡ id
¨¢ ¨§¨¡¨¡ index_uuid
¨¢ ¨§¨¡¨¡ private_key
¨¢ ¨¦¨¡¨¡ synced_folders
¨¦¨¡¨¡ Vagrantfile
4 directories, 8 files
- Àܳ¾ðÊó¤Î³Îǧ
$ vagrant ssh-config
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile "/Users/atsushi/sourcetree/AnsibleExam/gitlab/.vagrant/machines/default/virtualbox/private_key"
IdentitiesOnly yes
LogLevel FATAL
¤³¤Î¥×¥í¥¸¥§¥¯¥È¸þ¤±¤Î ansible ¤ÎÀßÄê †
- ansible.cfg
[defaults]
hostfile = hosts
remote_user = vagrant
private_key_file = .vagrant/machines/default/virtualbox/private_key
host_key_checking = False
- ansible.cfg ¤ÎÍ¥Àè½ç°Ì ¡ ./ansible.cfg ¢ ~/ansible.cfg £ /etc/ansible.cfg
- ¤Þ¤¡¡¢¥×¥í¥¸¥§¥¯¥È¤Î¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê (¡) ¤ò»²¾È¤¹¤ë¤è¤¦¤Ë¤¹¤ë¤Î¤¬¤¤¤¤¤Ç¤·¤ç¤¦
- hosts
testserver ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222
- ¤¤¤º¤ì¡¢ansible.cfg¡¢hosts ¤ËÊ£¿ô¥µ¡¼¥Ð¤òÄɲ乤ë¤È¡¢Ê£¿ô¥µ¡¼¥Ð¤ËÂФ·¤Æ°ìÅ٤˥³¥Þ¥ó¥Éȯ¹Ô¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤ë
- ¤³¤³¤Þ¤Ç¤Ç¡¢¥×¥í¥¸¥§¥¯¥È¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ï¤³¤¦¤Ê¤Ã¤Æ¤¤¤ë¤Ï¤º
.
¨§¨¡¨¡ /.vagrant
¨§¨¡¨¡ Vagrantfile
¨§¨¡¨¡ ansible.cfg
¨¦¨¡¨¡ hosts
ansible ¥³¥Þ¥ó¥É¤Î¼Â¹Ô †
$ ansible testserver -m ping
testserver | SUCCESS => {
"changed": false,
"ping": "pong"
}
$ ansible testserver -m command -a uptime
testserver | SUCCESS | rc=0 >>
10:26:47 up 1:04, 1 user, load average: 0.00, 0.01, 0.05
¤¦¤Þ¤¯Æ°¤¤¤Æ¤¤¤ë¤è¤¦¤À
- ansible ¥³¥Þ¥ó¥É¤Î¥ª¥×¥·¥ç¥ó
-m {¥â¥¸¥å¡¼¥ë̾} -a {¥Ñ¥é¥á¡¼¥¿} | ¥â¥¸¥å¡¼¥ë¼Â¹Ô |
-a "{Shell¥³¥Þ¥ó¥É}" | ¥·¥§¥ë¥³¥Þ¥ó¥É¼Â¹Ô (°ÅÌÛ¤Ë shell ¥â¥¸¥å¡¼¥ë¸Æ¤Ó½Ð¤·) |
-s | sudo |
ansible ¤Î¥â¥¸¥å¡¼¥ë †
- ansible ¤Î¥â¥¸¥å¡¼¥ë¤Ï¡¢¥³¥Þ¥ó¥É¤ÎWrapper ¡Ü ÑÑÅùÀÀ©¸æ
- ´ðËÜŪ¤Ë¡¢¥³¥Þ¥ó¥É¤Î Wrapper ¤À¤¬
- Ê£¿ô²ó¼Â¹Ô¤·¤Æ¤âƱ¤¸·ë²Ì¤Ë¤Ê¤ë¤è¤¦¤ËÀ©¸æ¤µ¤ì¤Æ¤¤¤ë (ÍפÏ2²óÌܰʹߤϼ¹Ԥ·¤Ê¤¤¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë)
- ɸ½à¤Ç 120 ¼ïÎढ¤ë http://docs.ansible.com/ansible/modules_by_category.html
- ¼«Ê¬¤Ç python ¤Ç½ñ¤±¤ë
- ¼ç¤Ê¥â¥¸¥å¡¼¥ë
Playbook ¤Ç nginx ¤ò¥¤¥ó¥¹¥È¡¼¥ë¡¦ÀßÄê †
- Vagrantfile ¤ò½ñ¤´¹¤¨¤Æ¡¢³°Éô¤«¤é 80/443 ¤Ë¥¢¥¯¥»¥¹¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = "centos/7"
config.vm.network "forwarded_port", guest: 80, host: 8080
config.vm.network "forwarded_port", guest: 443, host: 8443
end
$ vagrant reload
- nginx.yml (=Playbook =Ansible¤Î¥â¥¸¥å¡¼¥ë¤òYAML·Á¼°¤Çʤ٤¿¤â¤Î¡£¾ÜºÙ¤Ï ¢Í Ansible Playbook )
- name: Configure nginx
hosts: testserver
become: True
tasks:
- name: Add repository
yum_repository:
name: epel
description: EPEL YUM repo
baseurl: http://download.fedoraproject.org/pub/epel/$releasever/$basearch/
- name: Add gpg key of EPEL
rpm_key: key=https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 state=present
- name: Install nginx
yum: name=nginx state=latest
- name: start nginx
service: name=nginx enabled=Yes state=started
- ¼Â¹Ô!
$ ansible-playbook nginx.yml
PLAY [Configure nginx] *********************************************************
TASK [setup] *******************************************************************
ok: [testserver]
TASK [Add repository] **********************************************************
ok: [testserver]
TASK [Add gpg key of EPEL] *****************************************************
ok: [testserver]
TASK [Install nginx] ***********************************************************
ok: [testserver]
TASK [restart nginx] ***********************************************************
changed: [testserver]
PLAY RECAP *********************************************************************
testserver : ok=5 changed=1 unreachable=0 failed=0
- ̵»öµ¯Æ°¤·¤Þ¤·¤¿
- RHEL·Ï¤Ç¤Ï /etc/nginx/nginx.conf ¤¬¥ë¡¼¥È¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤è¤¦¤À¡£¸å¤Ç¤³¤¤¤Ä¤é¤òÊѤ¨¤Æ¤¤Þ¤¹
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
- Á´ÂΤÎÀßÄêÄÉ²Ã¤Ï /etc/nginx/conf.d/*.conf
- ¥Ç¥Õ¥©¥ë¥È¥µ¡¼¥Ð¤ÎÀßÄêÄÉ²Ã¤Ï /etc/nginx/default.d/*.conf
- ¥Ç¥Õ¥©¥ë¥È¥µ¡¼¥Ð¤ÎÀÅŪ¥³¥ó¥Æ¥ó¥Ä¤Ï /usr/share/nginx/html
vagrant up ¤Ç ansible ¤ò¸Æ¤Ó½Ð¤¹ †
- Vagrantfile ¤ò½ñ¤´¹¤¨¤Æ¡¢ansible ¤ò¸Æ¤Ó½Ð¤¹¤è¤¦¤Ë¤¹¤ë
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = "centos/7"
config.vm.network "forwarded_port", guest: 80, host: 8080
config.vm.network "forwarded_port", guest: 443, host: 8443
config.vm.provision "ansible" do |ansible|
ansible.limit = "all" # "all" or "${machine group}" on the ansible hosts file.
ansible.inventory_path = "hosts"
ansible.playbook = "nginx.yml"
end
end
¤³¤ì¤Ç¡¢
$ vagrant up
¤Þ¤¿¤Ï
$ vagrant provision
¤Ç ansible ¤¬Áö¤ë¡£
½é²ó¤·¤« provisioning ¤ÏÆ°¤«¤Ê¤¤¡£¶¯À©Åª¤Ë¼Â¹Ô¤¹¤ë¤Ë¤Ï
$vagrant up --provision
¤Þ¤¿¤Ï
$vagrant reload --provision
- cf. https://www.vagrantup.com/docs/provisioning/ansible_local.html
- ansible ¤ò¼Â¹Ô¤¹¤ë¤È¤¤Ë ssh ¤Ç¤¦¤Þ¤¯ÄÌ¿®¤Ç¤¤Ê¤¤¤è¤¦¤Ê¤é¡¢ansible.cfg ¤Ë¼¡¤ÎÀßÄê¤ò¤¹¤ë¤È¤¤¤¤¤é¤·¤¤
[defaults]
host_key_checking = no
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes
Ansible