Create a role called apache in /home/student/ansible/roles with the following requirememts:
The httpd package is installed, enabled on boot, and started
The firewall is enabled and running with a rule to allow access to the web server
A template file index.html.j2 exists and is used to create the file /var/www/html/index.html with the following output:
Welcome to HOSTNAME on IPADDRESSwhere HOSTNAME is the fully qualified domain name of the managed node and IPADDRESS is the IP address of the managed node.
Create a playbook called /home/student/ansible/newrole.yml that uses this role as follows:
- The playbook runs on hosts in the webservers host group
【題前說明】
這題是要用背的了,要建立一個客製化的roles,自己寫一個apache的yml和輸出客製字符index的template,然後用ansible部署到webserver的node上面,聽起來有點複雜,不過只要弄清楚邏輯和流程,用背的其實也沒有太困難。
這題是要用背的了,要建立一個客製化的roles,自己寫一個apache的yml和輸出客製字符index的template,然後用ansible部署到webserver的node上面,聽起來有點複雜,不過只要弄清楚邏輯和流程,用背的其實也沒有太困難。
[student@workstation roles]$ ansible-galaxy init apache \\自己啟動一個roles
- Role apache was created successfully
[student@workstation roles]$ ll \\查看是否生成
total 4
drwxr-xr-x. 10 student student 135 Jul 2 22:51 apache
drwxr-xr-x. 9 student student 122 Jun 26 23:11 balancer
drwxr-xr-x. 9 student student 122 Jun 26 23:11 phpinfo
drwxr-xr-x. 8 student student 4096 Jul 2 22:45 timesync
 |
| ansible-galaxy可以啟動一個空的roles,然後進去自行編輯 |
[student@workstation]$ cd /home/student/ansible/roles/apache/tasks \\編輯tasks底下的yml,這份檔案是整個roles的主要工作
[student@workstation tasks]$ vim main.yml
---- name: install apache \\下載並啟動網頁伺服器與防火牆 yum: name: httpd- name: start httpd firewalld service: name: "{{ item }}" state: started enabled: yes loop: - httpd - firewalld- name: add firewalld http port \\將http加入防火牆政策 firewalld: service: http immediate: yes permanent: yes state: enabled- name: j2 template \\roles要執行的模板,下一步驟時要自訂定義 template: src: index.html.j2 dest: /var/www/html/index.html |
| 這段內容必須背下來 |
[student@workstation tasks]$ ansible webservers -m setup
node3 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"10.0.4.15",
"172.25.250.12",
"192.168.56.12"
],
"ansible_all_ipv6_addresses": [
"fe80::a00:27ff:fee2:3cb0",
"fe80::a00:27ff:fea6:17b9",
"fe80::a00:27ff:feef:17db"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "12/01/2006",
"ansible_bios_vendor": "innotek GmbH",
"ansible_bios_version": "VirtualBox",
"ansible_board_asset_tag": "NA",
"ansible_board_name": "VirtualBox",
"ansible_board_serial": "0",
"ansible_board_vendor": "Oracle Corporation",
"ansible_board_version": "1.2",
"ansible_chassis_asset_tag": "NA",
"ansible_chassis_serial": "NA",
"ansible_chassis_vendor": "Oracle Corporation",
"ansible_chassis_version": "NA",
"ansible_cmdline": {
"BOOT_IMAGE": "(hd0,msdos1)/boot/vmlinuz-5.14.0-162.6.1.el9_1.x86_64",
"crashkernel": "1G-4G:192M,4G-64G:256M,64G-:512M",
"resume": "UUID=188ee003-ff7b-4e50-94b7-5b8826b02826",
"ro": true,
"root": "UUID=9f6a4e4f-6aad-4cf7-926f-20eb52498d4e"
},
"ansible_date_time": {
"date": "2024-07-03",
"day": "03",
"epoch": "1720016169",
"epoch_int": "1720016169",
"hour": "22",
"iso8601": "2024-07-03T14:16:09Z",
"iso8601_basic": "20240703T221609327379",
"iso8601_basic_short": "20240703T221609",
"iso8601_micro": "2024-07-03T14:16:09.327379Z",
"minute": "16",
"month": "07",
"second": "09",
"time": "22:16:09",
"tz": "CST",
"tz_dst": "CST",
"tz_offset": "+0800",
"weekday": "Wednesday",
"weekday_number": "3",
"weeknumber": "27",
"year": "2024"
},
"ansible_default_ipv4": {
"address": "172.25.250.12",
"alias": "enp0s3",
"broadcast": "172.25.250.255",
"gateway": "172.25.250.1",
"interface": "enp0s3",
"macaddress": "08:00:27:a6:17:b9",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "172.25.250.0",
"prefix": "24",
"type": "ether"
\\後面還有一長串就不貼了,就取用自己要用的參數,例如這邊就得用ansible_facts.ansible_default_ipv4。template所要顯示的部分參數內容可以用背的,不過最好是用ansible webservers -m setup取得,因為不同版本的linux的ansible facts可能都會不一樣
[student@workstation tasks]$ cd ../templates/ \\用查好的參數編輯template
[student@workstation templates]$ vim index.html.j2
Welcome to {{ ansible_facts.fqdn }} on {{ ansible_facts.default_ipv4.address }}
[student@workstation templates]$ cd~/ansible
[student@workstation ansible]$ vim apache.yml \\製作要部署用的yml
---- name: start apache hosts: webservers roles: - apache[student@workstation ansible]$ ansible-playbook apache.yml
二.驗證結果
用curl方式可以秀出webservers的網頁結果,或者用瀏覽器打開也可以檢查
[student@workstation ansible]$ curl node3
Welcome to node3 on 172.25.250.12
[student@workstation ansible]$ curl node4
Welcome to node4 on 172.25.250.13
三.恢復解題前的環境
[student@workstation ansible]$ vim 07-lab-role-apache-stop.yml
---- name: remove role apache hosts: 127.0.0.1 tasks: - name: remove role apache shell: ansible-galaxy remove apache
- name: remove newrole file hosts: 127.0.0.1 tasks: - name: remove newrole file file: path: /home/student/ansible/newrole.yml state: absent
- name: remove apache service on webservers hosts: webservers tasks: - name: remove apache service on webservers yum: name: httpd state: absent[student@workstation ansible]$ ansible-playbook 07-lab-role-apache-stop.yml
沒有留言:
張貼留言