RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7: 1. Network device naming scheme has changed 2. iptables is replaced with firewalld 3. MySQL is replaced with MariaDBpull/63/head
parent
96bfdb3cb1
commit
9a1d5db4a9
@ -0,0 +1,4 @@ |
||||
Copyright (C) 2013 AnsibleWorks, Inc. |
||||
|
||||
This work is licensed under the Creative Commons Attribution 3.0 Unported License. |
||||
To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US. |
@ -0,0 +1,32 @@ |
||||
Building a simple LAMP stack and deploying Application using Ansible Playbooks. |
||||
------------------------------------------- |
||||
|
||||
These playbooks require Ansible 1.2. |
||||
|
||||
These playbooks are meant to be a reference and starter's guide to building |
||||
Ansible Playbooks. These playbooks were tested on CentOS 7.x so we recommend |
||||
that you use CentOS or RHEL to test these modules. |
||||
|
||||
RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7: |
||||
1. Network device naming scheme has changed |
||||
2. iptables is replaced with firewalld |
||||
3. MySQL is replaced with MariaDB |
||||
|
||||
This LAMP stack can be on a single node or multiple nodes. The inventory file |
||||
'hosts' defines the nodes in which the stacks should be configured. |
||||
|
||||
[webservers] |
||||
localhost |
||||
|
||||
[dbservers] |
||||
bensible |
||||
|
||||
Here the webserver would be configured on the local host and the dbserver on a |
||||
server called "bensible". The stack can be deployed using the following |
||||
command: |
||||
|
||||
ansible-playbook -i hosts site.yml |
||||
|
||||
Once done, you can check the results by browsing to http://localhost/index.php. |
||||
You should see a simple test page and a list of databases retrieved from the |
||||
database server. |
@ -0,0 +1,6 @@ |
||||
--- |
||||
# Variables listed here are applicable to all host groups |
||||
|
||||
httpd_port: 80 |
||||
ntpserver: 192.168.1.2 |
||||
repository: https://github.com/bennojoy/mywebapp.git |
@ -0,0 +1,9 @@ |
||||
--- |
||||
# The variables file used by the playbooks in the dbservers group. |
||||
# These don't have to be explicitly imported by vars_files: they are autopopulated. |
||||
|
||||
mysqlservice: mysqld |
||||
mysql_port: 3306 |
||||
dbuser: foouser |
||||
dbname: foodb |
||||
upassword: abc |
@ -0,0 +1,7 @@ |
||||
[webservers] |
||||
webserver.local |
||||
|
||||
[dbservers] |
||||
dbserver.local |
||||
|
||||
|
@ -0,0 +1,6 @@ |
||||
--- |
||||
# Handler to handle common notifications. Handlers are called by other plays. |
||||
# See http://docs.ansible.com/playbooks_intro.html for more information about handlers. |
||||
|
||||
- name: restart ntp |
||||
service: name=ntpd state=restarted |
@ -0,0 +1,15 @@ |
||||
--- |
||||
# This playbook contains common plays that will be run on all nodes. |
||||
|
||||
- name: Install ntp |
||||
yum: name=ntp state=present |
||||
tags: ntp |
||||
|
||||
- name: Configure ntp file |
||||
template: src=ntp.conf.j2 dest=/etc/ntp.conf |
||||
tags: ntp |
||||
notify: restart ntp |
||||
|
||||
- name: Start the ntp service |
||||
service: name=ntpd state=started enabled=yes |
||||
tags: ntp |
@ -0,0 +1,12 @@ |
||||
|
||||
driftfile /var/lib/ntp/drift |
||||
|
||||
restrict 127.0.0.1 |
||||
restrict -6 ::1 |
||||
|
||||
server {{ ntpserver }} |
||||
|
||||
includefile /etc/ntp/crypto/pw |
||||
|
||||
keys /etc/ntp/keys |
||||
|
@ -0,0 +1,5 @@ |
||||
--- |
||||
# Handler to handle DB tier notifications |
||||
|
||||
- name: restart mariadb |
||||
service: name=mariadb state=restarted |
@ -0,0 +1,36 @@ |
||||
--- |
||||
# This playbook will install MariaDB and create db user and give permissions. |
||||
|
||||
- name: Install MariaDB package |
||||
yum: name={{ item }} state=installed |
||||
with_items: |
||||
- mariadb-server |
||||
- MySQL-python |
||||
- libselinux-python |
||||
- libsemanage-python |
||||
|
||||
- name: Configure SELinux to start mysql on any port |
||||
seboolean: name=mysql_connect_any state=true persistent=yes |
||||
|
||||
- name: Create Mysql configuration file |
||||
template: src=my.cnf.j2 dest=/etc/my.cnf |
||||
notify: |
||||
- restart mariadb |
||||
|
||||
- name: Create MariaDB log file |
||||
file: path=/var/log/mysqld.log state=touch owner=mysql group=mysql mode=0775 |
||||
|
||||
- name: Create MariaDB PID directory |
||||
file: path=/var/run/mysqld state=directory owner=mysql group=mysql mode=0775 |
||||
|
||||
- name: Start MariaDB Service |
||||
service: name=mariadb state=started enabled=yes |
||||
|
||||
- name: insert firewalld rule |
||||
firewalld: port={{ mysql_port }}/tcp permanent=true state=enabled immediate=yes |
||||
|
||||
- name: Create Application Database |
||||
mysql_db: name={{ dbname }} state=present |
||||
|
||||
- name: Create Application DB User |
||||
mysql_user: name={{ dbuser }} password={{ upassword }} priv=*.*:ALL host='%' state=present |
@ -0,0 +1,11 @@ |
||||
[mysqld] |
||||
datadir=/var/lib/mysql |
||||
socket=/var/lib/mysql/mysql.sock |
||||
user=mysql |
||||
# Disabling symbolic-links is recommended to prevent assorted security risks |
||||
symbolic-links=0 |
||||
port={{ mysql_port }} |
||||
|
||||
[mysqld_safe] |
||||
log-error=/var/log/mysqld.log |
||||
pid-file=/var/run/mysqld/mysqld.pid |
@ -0,0 +1,9 @@ |
||||
--- |
||||
# These tasks are responsible for copying the latest dev/production code from |
||||
# the version control system. |
||||
|
||||
- name: Copy the code from repository |
||||
git: repo={{ repository }} dest=/var/www/html/ |
||||
|
||||
- name: Creates the index.php file |
||||
template: src=index.php.j2 dest=/var/www/html/index.php |
@ -0,0 +1,21 @@ |
||||
--- |
||||
# These tasks install http and the php modules. |
||||
|
||||
- name: Install http and php etc |
||||
yum: name={{ item }} state=present |
||||
with_items: |
||||
- httpd |
||||
- php |
||||
- php-mysql |
||||
- git |
||||
- libsemanage-python |
||||
- libselinux-python |
||||
|
||||
- name: insert firewalld rule for httpd |
||||
firewalld: port={{ httpd_port }}/tcp permanent=true state=enabled immediate=yes |
||||
|
||||
- name: http service state |
||||
service: name=httpd state=started enabled=yes |
||||
|
||||
- name: Configure SELinux to allow httpd to connect to remote database |
||||
seboolean: name=httpd_can_network_connect_db state=true persistent=yes |
@ -0,0 +1,3 @@ |
||||
--- |
||||
- include: install_httpd.yml |
||||
- include: copy_code.yml |
@ -0,0 +1,24 @@ |
||||
<html> |
||||
<head> |
||||
<title>Ansible Application</title> |
||||
</head> |
||||
<body> |
||||
</br> |
||||
<a href=http://{{ ansible_default_ipv4.address }}/index.html>Homepage</a> |
||||
</br> |
||||
<?php |
||||
Print "Hello, World! I am a web server configured using Ansible and I am : "; |
||||
echo exec('hostname'); |
||||
Print "</BR>"; |
||||
echo "List of Databases: </BR>"; |
||||
{% for host in groups['dbservers'] %} |
||||
$link = mysqli_connect('{{ hostvars[host].ansible_default_ipv4.address }}', '{{ hostvars[host].dbuser }}', '{{ hostvars[host].upassword }}') or die(mysqli_connect_error($link)); |
||||
{% endfor %} |
||||
$res = mysqli_query($link, "SHOW DATABASES;"); |
||||
while ($row = mysqli_fetch_assoc($res)) { |
||||
echo $row['Database'] . "\n"; |
||||
} |
||||
?> |
||||
</body> |
||||
</html> |
||||
|
@ -0,0 +1,23 @@ |
||||
--- |
||||
# This playbook deploys the whole application stack in this site. |
||||
|
||||
- name: apply common configuration to all nodes |
||||
hosts: all |
||||
remote_user: root |
||||
|
||||
roles: |
||||
- common |
||||
|
||||
- name: configure and deploy the webservers and application code |
||||
hosts: webservers |
||||
remote_user: root |
||||
|
||||
roles: |
||||
- web |
||||
|
||||
- name: deploy MySQL and configure the databases |
||||
hosts: dbservers |
||||
remote_user: root |
||||
|
||||
roles: |
||||
- db |
Reference in new issue