- We'll be working through 3 primary tasks. Each task is meant to get you working with the following
- Ansible Inventories
- Ad-Hoc commands
- Writing a simple playbooks to deliver a wordpress server ( excluding database work as we're short on time )
- Taking that simple playbook and creating roles from those
- Deliver config files that were dynamically generated by system variables
- Internet Access
- Ansible
- Git client
- .... well.... you know.... it's around.
- A CentOS / Red Hat 7 VM ( you can use Ubuntu but will need to massage yum to apt and possibly a few other module uses )
- Possbibly the fastest way to would using Vagrant
-
libvirt
vagrant init centos/7; vagrant up --provider libvirt
-
virtualbox
vagrant init centos/7; vagrant up --provider virtualbox
-
vmware_workstation
vagrant init centos/7; vagrant up --provider vmware_workstation
-
vmware_fusion
vagrant init centos/7; vagrant up --provider vmware_fusion
-
- Possbibly the fastest way to would using Vagrant
All tasks have answers provided in this Git repo under different branches.
- Create an inventory file and list your VM.
- In my example I have
node1.example.com
- I also use the additional variables defined
- IP Address as I don't have DNS operational
- User name in case I use a different username from my laptop
- SSH Port is also defined as the standard SSH port for this host
- Place the VM in an inventory group named
lamp
- Add attributes about this VM, these will be used because we don't have DNS and you may not be using your local account
- Using this inventory file test some ad-hoc commands
- Test communications with an Ansible module called
ping
on all VMs
ansible -i inventory -m ping all
- Check memory on "all" VMs with an ad-hoc command; these use the
-a
ansible -i inventory -a "free -m" all
- Check memory for just the
lamp
servers
ansible -i inventory -a "free -m" lamp
- View the VM Specific information using the Ansible module and only gather this from the
lamp
group
ansible -i inventory -m setup all
- Review that lovely info you just got and dream about what fun you can have with it
git checkout task1
- Create a playbook that will install the required software packages for our LAMP stack
- epel-release
- firewalld
- httpd
- mod_ssl
- mariadb-server
- wordpress
- To install wordpress you will need to ensure that
epel-release
is installed first. - Start the services and ensure they sustain a reboot
- Configure Firewalld
- Wordpress installs to
/usr/local/wordpress
so you'll need to create a symbolic link to/var/www/html/wordpress
- Database – Skip it for now; our goal is deploy a solid stack Using the following link as a reference, you could create the wordpress database; I would skip this at this time and perform this manually. This is purely based on time -
Take small steps through this. Take your time and use the links below to accomplish this task. First use the yum
module and get the packages
installed. Then move onto the service
module to enable and start them. You can run this playbook over and over again on your VM. Since the packages are
already installed after step 1 the playbook will simply skip that step going forward.
- Ansible Yum Module
- Ansible Service Module
- Ansible FirewallD Module
- Ansible File Module
- Ansible MysqlD Module
git checkout task2
- Delete one of the packages or disable a service on reboot and run your playbook again. See how it was repaired?
- Run your playbook through
ansible-lint
to see what you could improve. Me? I always have trailing whitespace.
- Break the tasks into roles
- security
- apache
- mariadb
- These to start will be very sparse but our primary objective here is
- start using all those facts we got from
-m setup
in our files - start using variables
- start using dependencies
- Build out the roles directory structure using the best practices guides
mkdir roles cd roles for i in security apache mariadb wordpress; do ansible-galaxy init ${i} done
-
Start with the Apache role and transfer your tasks from the previous steps to here
roles/ # < -- parent directory for roles apache/ # this hierarchy represents a "role" for apache tasks/ # main.yml # <-- Where our tasks will live handlers/ # main.yml # <-- When we use notify for restarts it # calls from here templates/ # wordpress.conf.j2 # <--- Our wordpress.conf that will use facts files/ # httpd.conf # <-- Copy our default httpd.conf vars/ # main.yml # <-- ServerAlias variable defined here meta/ # main.yml # <-- define mariadb as a role dependency here
- You can use the example_* files. These are files that work on the end system. From there back your way into the facts.
- templates /
- Change the
example_wordpress.conf
file as followsVirtualHost 192.168.86.246:80
should fill with your systems IP addressServerName
,ErrorLog
andCustomLog
should fill with your servers nameServerAlias
should fill from the varMyServerAlias
you'll define a bit later
- Change the
- files /
- deploy the
httpd.conf
file, ensuring it's permissions when delivered
- deploy the
- handlers /
- Create a handler for the
httpd
service so when these changes are made we restart the service
- Create a handler for the
- vars /
- define the
MyServerAlias
variable aswww.example.com
to be populated in thewordpress.conf
- define the
- meta /
- define mariadb as a role dependency but leave it commented out so you can test without that role
-
Build out the
mariadb
roleroles/ # < -- parent directory for roles mariadb/ # this hierarchy represents a "role" for apache tasks/ # main.yml # <-- Where our tasks will live handlers/ # main.yml # <-- When we use notify for restarts it calls from here templates/ # my.cnf.j2 # <--- an easy mysql config that uses a # variable from default for port defaults # main.yml # <-- Define the mariadb port here meta/ # main.yml # <-- define mariadb as a role dependency here
- You can use the example_* files as needed.
- templates /
- Change the
my.cnf.j2
to useMyDefaultMariaDBPort
for it's port
- Change the
- handlers /
- Define a mariadb service restart here to be used after the my.cnf is deployed
- defaults /
- set the
MyDefaultMariaDBPort
variable here
- set the
- tasks /
- Install
mariadb-server
and deliver themy.cnf
file; finally restartmariadb
- Install
git checkout task3