diff --git a/lamp_haproxy/README.md b/lamp_haproxy/README.md index d593208..8e5f2d6 100644 --- a/lamp_haproxy/README.md +++ b/lamp_haproxy/README.md @@ -1,10 +1,21 @@ LAMP Stack + HAProxy: Example Playbooks ----------------------------------------------------------------------------- -This example is an extension of the simple LAMP deployment. Here we'll deploy a web server with an HAProxy load balancer in front. This set of playbooks also have the capability to dynamically add and remove web server nodes from the deployment. It also includes examples to do a rolling update of a stack without affecting the service. +(This example requires Ansible 1.2) -###Setup Entire Site. -First we configure the entire stack by listing our hosts in the 'hosts' inventory file, grouped by their purpose: +This example is an extension of the simple LAMP deployment. Here we'll install +and configure a web server with an HAProxy load balancer in front, and deploy +an application to the web servers. This set of playbooks also have the +capability to dynamically add and remove web server nodes from the deployment. +It also includes examples to do a rolling update of a stack without affecting +the service. + +You can also optionally configure a Nagios monitoring node. + +### Initial Site Setup + +First we configure the entire stack by listing our hosts in the 'hosts' +inventory file, grouped by their purpose: [webservers] web3 @@ -22,23 +33,34 @@ After which we execute the following command to deploy the site: ansible-playbook -i hosts site.yml -The deployment can be verified by accessing the IP address of your load balnacer host in a web browser: http://:8888. Reloading the page should have you hit different webservers. +The deployment can be verified by accessing the IP address of your load +balancer host in a web browser: http://:8888. Reloading the page +should have you hit different webservers. -###Removing and Adding a Node +### Removing and Adding a Node -Removal and addition of nodes to the cluster is as simple as editing the hosts inventory -and re-running: +Removal and addition of nodes to the cluster is as simple as editing the +hosts inventory and re-running: ansible-playbook -i hosts site.yml -###Rolling Update +### Rolling Update -Rolling updates are the preferred way to update the web server software or deployed application, since the load balancer can be dynamically configured to take the hosts to be updated out of the pool. This will keep the service running on other servers so that the users are not interrupted. +Rolling updates are the preferred way to update the web server software or +deployed application, since the load balancer can be dynamically configured +to take the hosts to be updated out of the pool. This will keep the service +running on other servers so that the users are not interrupted. -In this example the hosts are updated in serial fashion, which means -that only one server will be updated at one time. If you have a lot of web server hosts, this behaviour can be changed by setting the 'serial' keyword in webservers.yml file. +In this example the hosts are updated in serial fashion, which means that +only one server will be updated at one time. If you have a lot of web server +hosts, this behaviour can be changed by setting the 'serial' keyword in +webservers.yml file. -Once the code has been updated in the source repository for your application which can be defined in the group_vars/all file, execute the following command: +Once the code has been updated in the source repository for your application +which can be defined in the group_vars/all file, execute the following +command: ansible-playbook -i hosts rolling_update.yml +You can optionally pass: -e webapp_version=xxx to the rolling_update +playbook to specify a specific version of the example webapp to deploy. diff --git a/lamp_haproxy/group_vars/webservers b/lamp_haproxy/group_vars/webservers index 6668d77..cecc629 100644 --- a/lamp_haproxy/group_vars/webservers +++ b/lamp_haproxy/group_vars/webservers @@ -3,3 +3,6 @@ # Ethernet interface on which the web server should listen iface: eth0 + +# this is version 5 +webapp_version: 351e47276cc66b018f4890a04709d4cc3d3edb0d diff --git a/lamp_haproxy/roles/common/tasks/main.yml b/lamp_haproxy/roles/common/tasks/main.yml index 6dee7ad..ab99de8 100644 --- a/lamp_haproxy/roles/common/tasks/main.yml +++ b/lamp_haproxy/roles/common/tasks/main.yml @@ -1,6 +1,12 @@ --- # This playbook contains common plays that will run on all nodes. +- name: Download the EPEL repository RPM + get_url: url=http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm dest=/tmp/ force=yes + +- name: Install EPEL RPM + yum: name=/tmp/epel-release-6-8.noarch.rpm state=installed + - name: install some useful nagios plugins yum: name=$item state=present with_items: @@ -24,12 +30,6 @@ service: name=ntpd state=started enabled=true tags: ntp -- name: Download the EPEL repository RPM - get_url: url=http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm dest=/tmp/ force=yes - -- name: Install EPEL RPM - yum: name=/tmp/epel-release-6-8.noarch.rpm state=installed - - name: insert iptables template template: src=iptables.j2 dest=/etc/sysconfig/iptables notify: restart iptables diff --git a/lamp_haproxy/roles/common/templates/iptables.j2 b/lamp_haproxy/roles/common/templates/iptables.j2 index e778403..1b008d6 100644 --- a/lamp_haproxy/roles/common/templates/iptables.j2 +++ b/lamp_haproxy/roles/common/templates/iptables.j2 @@ -5,7 +5,7 @@ :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -{% if inventory_hostname in groups['webservers'] %} +{% if (inventory_hostname in groups['webservers']) or (inventory_hostname in groups['monitoring']) %} -A INPUT -p tcp --dport 80 -j ACCEPT {% endif %} diff --git a/lamp_haproxy/roles/web/tasks/main.yml b/lamp_haproxy/roles/web/tasks/main.yml index 73e77a9..93b7648 100644 --- a/lamp_haproxy/roles/web/tasks/main.yml +++ b/lamp_haproxy/roles/web/tasks/main.yml @@ -1,17 +1,15 @@ --- # httpd is handled by the base-apache role upstream -- name: Install php +- name: Install php and git action: yum name=$item state=installed with_items: - php - php-mysql + - git - name: Configure SELinux to allow httpd to connect to remote database seboolean: name=httpd_can_network_connect_db state=true persistent=yes - name: Copy the code from repository - git: repo=${repository} dest=/var/www/html/ - -- name: Create the index.php file - template: src=index.php.j2 dest=/var/www/html/index.php + git: repo=${repository} version=${webapp_version} dest=/var/www/html/ diff --git a/lamp_haproxy/roles/web/tasks/rolling_update.yml b/lamp_haproxy/roles/web/tasks/rolling_update.yml deleted file mode 100644 index 27eedfd..0000000 --- a/lamp_haproxy/roles/web/tasks/rolling_update.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# This Playbook implements a rolling update on the infrastructure, change the value of the serial keyword to specify the number of servers the update should happen. - -- name: Remove the code from server - command: rm -rf /var/www/html/* - -- name: disable nagios alerts for this host's webserver service - nagios: action=disable_alerts host=$ansible_hostname services=webserver - delegate_to: $item - with_items: ${groups.monitoring} - -- name: disable the server in haproxy - shell: echo "disable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats - delegate_to: $item - with_items: ${groups.lbservers} - -- name: Copy the code from repository - git: repo=${repository} dest=/var/www/html/ - -- name: Create's the index.php file - template: src=index.php.j2 dest=/var/www/html/index.php - -- name: Enable the server in haproxy - shell: echo "enable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats - delegate_to: $item - with_items: ${groups.lbservers} - -- name: re-enable nagios alerts - nagios: action=enable_alerts host=$ansible_hostname services=webserver - delegate_to: $item - with_items: ${groups.monitoring} diff --git a/lamp_haproxy/roles/web/templates/index.php.j2 b/lamp_haproxy/roles/web/templates/index.php.j2 deleted file mode 100644 index 5c45513..0000000 --- a/lamp_haproxy/roles/web/templates/index.php.j2 +++ /dev/null @@ -1,16 +0,0 @@ - - - Ansible Application - - -
- Homepage -
-"; -?> - - - diff --git a/lamp_haproxy/rolling_update.yml b/lamp_haproxy/rolling_update.yml index e16d08e..5ed2e11 100644 --- a/lamp_haproxy/rolling_update.yml +++ b/lamp_haproxy/rolling_update.yml @@ -1,9 +1,36 @@ --- -# This Playbook does a rolling update of the code for all webservers serially (one at a time). +# This playbook does a rolling update of the code for all webservers serially (one at a time). # Change the value of serial: to adjust the number of server to be updated. +# This playbook also takes the webapp_version variable to specify which git version +# of the test webapp to deploy. - hosts: webservers user: root serial: 1 tasks: - - include: roles/web/tasks/rolling_update.yml + + - name: disable nagios alerts for this host's webserver service + nagios: action=disable_alerts host=$ansible_hostname services=webserver + delegate_to: $item + with_items: ${groups.monitoring} + + - name: disable the server in haproxy + shell: echo "disable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats + delegate_to: $item + with_items: ${groups.lbservers} + + - name: Remove the code from server + command: rm -rf /var/www/html/* + + - name: Copy the code from repository + git: repo=${repository} version=${webapp_version} dest=/var/www/html/ + + - name: Enable the server in haproxy + shell: echo "enable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats + delegate_to: $item + with_items: ${groups.lbservers} + + - name: re-enable nagios alerts + nagios: action=enable_alerts host=$ansible_hostname services=webserver + delegate_to: $item + with_items: ${groups.monitoring}