parent
f72887ab1b
commit
08c7c45dbb
@ -0,0 +1,4 @@ |
|||||||
|
Copyright (C) 2015 Eugene Varnavsky (varnavruz@gmail.com) |
||||||
|
|
||||||
|
This work is licensed under the Creative Commons Attribution 3.0 Unported License. |
||||||
|
To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US. |
@ -0,0 +1,32 @@ |
|||||||
|
Building a simple LAMP stack and deploying Application using Ansible Playbooks. |
||||||
|
------------------------------------------- |
||||||
|
|
||||||
|
These playbooks require Ansible 1.2. |
||||||
|
|
||||||
|
These playbooks are meant to be a reference and starter's guide to building |
||||||
|
Ansible Playbooks. These playbooks were tested on CentOS 7.x so we recommend |
||||||
|
that you use CentOS or RHEL to test these modules. |
||||||
|
|
||||||
|
RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7: |
||||||
|
1. Network device naming scheme has changed |
||||||
|
2. iptables is replaced with firewalld |
||||||
|
3. MySQL is replaced with MariaDB |
||||||
|
|
||||||
|
This LAMP stack can be on a single node or multiple nodes. The inventory file |
||||||
|
'hosts' defines the nodes in which the stacks should be configured. |
||||||
|
|
||||||
|
[webservers] |
||||||
|
localhost |
||||||
|
|
||||||
|
[dbservers] |
||||||
|
bensible |
||||||
|
|
||||||
|
Here the webserver would be configured on the local host and the dbserver on a |
||||||
|
server called "bensible". The stack can be deployed using the following |
||||||
|
command: |
||||||
|
|
||||||
|
ansible-playbook -i hosts site.yml |
||||||
|
|
||||||
|
Once done, you can check the results by browsing to http://localhost/index.php. |
||||||
|
You should see a simple test page and a list of databases retrieved from the |
||||||
|
database server. |
@ -0,0 +1,6 @@ |
|||||||
|
--- |
||||||
|
# Variables listed here are applicable to all host groups |
||||||
|
|
||||||
|
httpd_port: 80 |
||||||
|
ntpserver: 192.168.1.2 |
||||||
|
repository: https://github.com/bennojoy/mywebapp.git |
@ -0,0 +1,9 @@ |
|||||||
|
--- |
||||||
|
# The variables file used by the playbooks in the dbservers group. |
||||||
|
# These don't have to be explicitly imported by vars_files: they are autopopulated. |
||||||
|
|
||||||
|
mysqlservice: mysqld |
||||||
|
mysql_port: 3306 |
||||||
|
dbuser: foouser |
||||||
|
dbname: foodb |
||||||
|
upassword: abc |
@ -0,0 +1,7 @@ |
|||||||
|
[webservers] |
||||||
|
webserver.local |
||||||
|
|
||||||
|
[dbservers] |
||||||
|
dbserver.local |
||||||
|
|
||||||
|
|
@ -0,0 +1,6 @@ |
|||||||
|
--- |
||||||
|
# Handler to handle common notifications. Handlers are called by other plays. |
||||||
|
# See http://docs.ansible.com/playbooks_intro.html for more information about handlers. |
||||||
|
|
||||||
|
- name: restart ntp |
||||||
|
service: name=ntpd state=restarted |
@ -0,0 +1,15 @@ |
|||||||
|
--- |
||||||
|
# This playbook contains common plays that will be run on all nodes. |
||||||
|
|
||||||
|
- name: Install ntp |
||||||
|
yum: name=ntp state=present |
||||||
|
tags: ntp |
||||||
|
|
||||||
|
- name: Configure ntp file |
||||||
|
template: src=ntp.conf.j2 dest=/etc/ntp.conf |
||||||
|
tags: ntp |
||||||
|
notify: restart ntp |
||||||
|
|
||||||
|
- name: Start the ntp service |
||||||
|
service: name=ntpd state=started enabled=yes |
||||||
|
tags: ntp |
@ -0,0 +1,12 @@ |
|||||||
|
|
||||||
|
driftfile /var/lib/ntp/drift |
||||||
|
|
||||||
|
restrict 127.0.0.1 |
||||||
|
restrict -6 ::1 |
||||||
|
|
||||||
|
server {{ ntpserver }} |
||||||
|
|
||||||
|
includefile /etc/ntp/crypto/pw |
||||||
|
|
||||||
|
keys /etc/ntp/keys |
||||||
|
|
@ -0,0 +1,5 @@ |
|||||||
|
--- |
||||||
|
# Handler to handle DB tier notifications |
||||||
|
|
||||||
|
- name: restart mariadb |
||||||
|
service: name=mariadb state=restarted |
@ -0,0 +1,36 @@ |
|||||||
|
--- |
||||||
|
# This playbook will install MariaDB and create db user and give permissions. |
||||||
|
|
||||||
|
- name: Install MariaDB package |
||||||
|
yum: name={{ item }} state=installed |
||||||
|
with_items: |
||||||
|
- mariadb-server |
||||||
|
- MySQL-python |
||||||
|
- libselinux-python |
||||||
|
- libsemanage-python |
||||||
|
|
||||||
|
- name: Configure SELinux to start mysql on any port |
||||||
|
seboolean: name=mysql_connect_any state=true persistent=yes |
||||||
|
|
||||||
|
- name: Create Mysql configuration file |
||||||
|
template: src=my.cnf.j2 dest=/etc/my.cnf |
||||||
|
notify: |
||||||
|
- restart mariadb |
||||||
|
|
||||||
|
- name: Create MariaDB log file |
||||||
|
file: path=/var/log/mysqld.log state=touch owner=mysql group=mysql mode=0775 |
||||||
|
|
||||||
|
- name: Create MariaDB PID directory |
||||||
|
file: path=/var/run/mysqld state=directory owner=mysql group=mysql mode=0775 |
||||||
|
|
||||||
|
- name: Start MariaDB Service |
||||||
|
service: name=mariadb state=started enabled=yes |
||||||
|
|
||||||
|
- name: insert firewalld rule |
||||||
|
firewalld: port={{ mysql_port }}/tcp permanent=true state=enabled immediate=yes |
||||||
|
|
||||||
|
- name: Create Application Database |
||||||
|
mysql_db: name={{ dbname }} state=present |
||||||
|
|
||||||
|
- name: Create Application DB User |
||||||
|
mysql_user: name={{ dbuser }} password={{ upassword }} priv=*.*:ALL host='%' state=present |
@ -0,0 +1,11 @@ |
|||||||
|
[mysqld] |
||||||
|
datadir=/var/lib/mysql |
||||||
|
socket=/var/lib/mysql/mysql.sock |
||||||
|
user=mysql |
||||||
|
# Disabling symbolic-links is recommended to prevent assorted security risks |
||||||
|
symbolic-links=0 |
||||||
|
port={{ mysql_port }} |
||||||
|
|
||||||
|
[mysqld_safe] |
||||||
|
log-error=/var/log/mysqld.log |
||||||
|
pid-file=/var/run/mysqld/mysqld.pid |
@ -0,0 +1,9 @@ |
|||||||
|
--- |
||||||
|
# These tasks are responsible for copying the latest dev/production code from |
||||||
|
# the version control system. |
||||||
|
|
||||||
|
- name: Copy the code from repository |
||||||
|
git: repo={{ repository }} dest=/var/www/html/ |
||||||
|
|
||||||
|
- name: Creates the index.php file |
||||||
|
template: src=index.php.j2 dest=/var/www/html/index.php |
@ -0,0 +1,21 @@ |
|||||||
|
--- |
||||||
|
# These tasks install http and the php modules. |
||||||
|
|
||||||
|
- name: Install http and php etc |
||||||
|
yum: name={{ item }} state=present |
||||||
|
with_items: |
||||||
|
- httpd |
||||||
|
- php |
||||||
|
- php-mysql |
||||||
|
- git |
||||||
|
- libsemanage-python |
||||||
|
- libselinux-python |
||||||
|
|
||||||
|
- name: insert firewalld rule for httpd |
||||||
|
firewalld: port={{ httpd_port }}/tcp permanent=true state=enabled immediate=yes |
||||||
|
|
||||||
|
- name: http service state |
||||||
|
service: name=httpd state=started enabled=yes |
||||||
|
|
||||||
|
- name: Configure SELinux to allow httpd to connect to remote database |
||||||
|
seboolean: name=httpd_can_network_connect_db state=true persistent=yes |
@ -0,0 +1,3 @@ |
|||||||
|
--- |
||||||
|
- include: install_httpd.yml |
||||||
|
- include: copy_code.yml |
@ -0,0 +1,24 @@ |
|||||||
|
<html> |
||||||
|
<head> |
||||||
|
<title>Ansible Application</title> |
||||||
|
</head> |
||||||
|
<body> |
||||||
|
</br> |
||||||
|
<a href=http://{{ ansible_default_ipv4.address }}/index.html>Homepage</a> |
||||||
|
</br> |
||||||
|
<?php |
||||||
|
Print "Hello, World! I am a web server configured using Ansible and I am : "; |
||||||
|
echo exec('hostname'); |
||||||
|
Print "</BR>"; |
||||||
|
echo "List of Databases: </BR>"; |
||||||
|
{% for host in groups['dbservers'] %} |
||||||
|
$link = mysqli_connect('{{ hostvars[host].ansible_default_ipv4.address }}', '{{ hostvars[host].dbuser }}', '{{ hostvars[host].upassword }}') or die(mysqli_connect_error($link)); |
||||||
|
{% endfor %} |
||||||
|
$res = mysqli_query($link, "SHOW DATABASES;"); |
||||||
|
while ($row = mysqli_fetch_assoc($res)) { |
||||||
|
echo $row['Database'] . "\n"; |
||||||
|
} |
||||||
|
?> |
||||||
|
</body> |
||||||
|
</html> |
||||||
|
|
@ -0,0 +1,23 @@ |
|||||||
|
--- |
||||||
|
# This playbook deploys the whole application stack in this site. |
||||||
|
|
||||||
|
- name: apply common configuration to all nodes |
||||||
|
hosts: all |
||||||
|
remote_user: root |
||||||
|
|
||||||
|
roles: |
||||||
|
- common |
||||||
|
|
||||||
|
- name: configure and deploy the webservers and application code |
||||||
|
hosts: webservers |
||||||
|
remote_user: root |
||||||
|
|
||||||
|
roles: |
||||||
|
- web |
||||||
|
|
||||||
|
- name: deploy MySQL and configure the databases |
||||||
|
hosts: dbservers |
||||||
|
remote_user: root |
||||||
|
|
||||||
|
roles: |
||||||
|
- db |
Reference in new issue