bennojoy
11 years ago
parent
61186b3e04
commit
c7dca761e6
@ -1,10 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook adds a webserver into the the web cluster |
|
||||||
|
|
||||||
- hosts: webservers |
|
||||||
user: root |
|
||||||
serial: 1 |
|
||||||
tasks: |
|
||||||
- include: ../roles/webtier/tasks/install_httpd.yml |
|
||||||
- include: ../roles/webtier/tasks/copy_code.yml |
|
||||||
- include: ../roles/webtier/tasks/add_to_lb.yml |
|
||||||
@ -1,11 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook deploys mysql and configures database on the db node/nodes |
|
||||||
|
|
||||||
- hosts: dbservers |
|
||||||
user: root |
|
||||||
tasks: |
|
||||||
- include: common/tasks/main.yml |
|
||||||
- include: dbtier/tasks/install_mysql.yml |
|
||||||
handlers: |
|
||||||
- include: dbtier/handlers/main.yml |
|
||||||
- include: common/handlers/main.yml |
|
||||||
@ -1,6 +0,0 @@ |
|||||||
--- |
|
||||||
# Handler to handle DB tier notifications |
|
||||||
|
|
||||||
- name: restart mysql |
|
||||||
service: name=mysqld state=restarted |
|
||||||
|
|
||||||
@ -1,32 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook will install mysql and create db user and give permissions. |
|
||||||
|
|
||||||
- name: Install Mysql package |
|
||||||
action: yum pkg=$item state=installed |
|
||||||
with_items: |
|
||||||
- mysql-server |
|
||||||
- MySQL-python |
|
||||||
- libselinux-python |
|
||||||
- libsemanage-python |
|
||||||
|
|
||||||
- name: Configure SELinux to start mysql on any port |
|
||||||
seboolean: name=mysql_connect_any state=true persistent=yes |
|
||||||
|
|
||||||
- name: Create Mysql configuration file |
|
||||||
action: template src=dbtier/templates/my.cnf.j2 dest=/etc/my.cnf |
|
||||||
notify: |
|
||||||
- restart mysql |
|
||||||
|
|
||||||
- name: Start Mysql Service |
|
||||||
service: name=mysqld state=started enabled=true |
|
||||||
|
|
||||||
- name: insert iptables rule |
|
||||||
lineinfile: dest=/etc/sysconfig/iptables state=present regexp="$mysql_port" insertafter="^:OUTPUT " line="-A INPUT -p tcp --dport $mysql_port -j ACCEPT" |
|
||||||
notify: restart iptables |
|
||||||
|
|
||||||
|
|
||||||
- name: Create Application Database |
|
||||||
mysql_db: name=$dbname state=present |
|
||||||
|
|
||||||
- name: Create Application DB User |
|
||||||
mysql_user: name=$dbuser password=$upassword priv=*.*:ALL host='%' state=present |
|
||||||
@ -1,11 +0,0 @@ |
|||||||
[mysqld] |
|
||||||
datadir=/var/lib/mysql |
|
||||||
socket=/var/lib/mysql/mysql.sock |
|
||||||
user=mysql |
|
||||||
# Disabling symbolic-links is recommended to prevent assorted security risks |
|
||||||
symbolic-links=0 |
|
||||||
port={{ mysql_port }} |
|
||||||
|
|
||||||
[mysqld_safe] |
|
||||||
log-error=/var/log/mysqld.log |
|
||||||
pid-file=/var/run/mysqld/mysqld.pid |
|
||||||
@ -1,10 +0,0 @@ |
|||||||
--- |
|
||||||
#PlayBook for haproxy operations |
|
||||||
|
|
||||||
- hosts: lbservers |
|
||||||
user: root |
|
||||||
tasks: |
|
||||||
- include: haproxy/tasks/install_haproxy.yml |
|
||||||
handlers: |
|
||||||
- include: haproxy/handlers/main.yml |
|
||||||
- include: common/handlers/main.yml |
|
||||||
@ -1,19 +0,0 @@ |
|||||||
--- |
|
||||||
# This PlayBook Installs the HAProxy and configures it. |
|
||||||
|
|
||||||
- name: Download and install haproxy |
|
||||||
command: creates=/opt/haproxy.rpm curl -o /opt/haproxy.rpm ftp://ftp.univie.ac.at/systems/linux/fedora/epel/6/i386/haproxy-1.4.18-1.el6.i686.rpm |
|
||||||
|
|
||||||
- name: Install the haproxy rpm. |
|
||||||
command: creates=/etc/haproxy/haproxy.cfg yum -y localinstall /opt/haproxy.rpm |
|
||||||
|
|
||||||
- name: Install the socat package for dynamic addition/removal of hosts |
|
||||||
yum: name=socat state=installed |
|
||||||
|
|
||||||
- name: Open firewall port for haproxy. |
|
||||||
lineinfile: dest=/etc/sysconfig/iptables state=present regexp="$listenport" insertafter="^:OUTPUT " line="-A INPUT -p tcp --dport $listenport -j ACCEPT" |
|
||||||
notify: restart iptables |
|
||||||
|
|
||||||
- name: Configure the haproxy cnf file with hosts |
|
||||||
template: src=haproxy/templates/haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg |
|
||||||
notify: restart haproxy |
|
||||||
@ -1,9 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook removes a webserver from the pool serialy. |
|
||||||
|
|
||||||
|
|
||||||
- hosts: webservers |
|
||||||
user: root |
|
||||||
serial: 1 |
|
||||||
tasks: |
|
||||||
- include: ../roles/webtier/tasks/remove_from_lb.yml |
|
||||||
@ -1,8 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook does a rolling update of the code for all webservers serially (one at a time). Change the value of serial: to adjust the number of server to be updated. |
|
||||||
|
|
||||||
- hosts: webservers |
|
||||||
user: root |
|
||||||
serial: 1 |
|
||||||
tasks: |
|
||||||
- include: ../roles/webtier/tasks/rolling_update.yml |
|
||||||
@ -1,11 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook deploys the WebServers with httpd and the code. |
|
||||||
|
|
||||||
- hosts: webservers |
|
||||||
user: root |
|
||||||
tasks: |
|
||||||
- include: common/tasks/main.yml |
|
||||||
- include: webtier/tasks/install_httpd.yml |
|
||||||
- include: webtier/tasks/copy_code.yml |
|
||||||
handlers: |
|
||||||
- include: webtier/handlers/main.yml |
|
||||||
@ -1,5 +0,0 @@ |
|||||||
--- |
|
||||||
# Handler for the webtier |
|
||||||
|
|
||||||
- name: restart iptables |
|
||||||
service: name=iptables state=restarted |
|
||||||
@ -1,15 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook does utility stuff's like adding a webserver into the pool, etc.. |
|
||||||
|
|
||||||
- name: Add server to LB |
|
||||||
lineinfile: dest=/etc/haproxy/haproxy.cfg state=present regexp="${ansible_hostname}" line="server ${ansible_hostname} ${ansible_eth0.ipv4.address}:${httpd_port}" |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
register: last_run |
|
||||||
|
|
||||||
- name: Reload the haproxy |
|
||||||
service: name=haproxy state=reloaded |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
only_if: ${last_run.changed} |
|
||||||
|
|
||||||
@ -1,10 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook is responsible for copying the latest dev/production code from the version control system. |
|
||||||
|
|
||||||
- name: Copy the code from repository |
|
||||||
git: repo=${repository} dest=/var/www/html/ |
|
||||||
|
|
||||||
|
|
||||||
- name: Create's the index.php file |
|
||||||
template: src=webtier/templates/index.php.j2 dest=/var/www/html/index.php |
|
||||||
|
|
||||||
@ -1,26 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook installs http and the php modules. |
|
||||||
|
|
||||||
- name: Install http and php etc |
|
||||||
action: yum name=$item state=installed |
|
||||||
with_items: |
|
||||||
- httpd |
|
||||||
- php |
|
||||||
- php-mysql |
|
||||||
- libsemanage-python |
|
||||||
- libselinux-python |
|
||||||
|
|
||||||
|
|
||||||
- name: insert iptables rule for httpd |
|
||||||
lineinfile: dest=/etc/sysconfig/iptables state=present regexp="$httpd_port" insertafter="^:OUTPUT " line="-A INPUT -p tcp --dport $httpd_port -j ACCEPT" |
|
||||||
register: last_run |
|
||||||
|
|
||||||
- name: Apply iptable rule |
|
||||||
service: name=iptables state=restarted |
|
||||||
only_if: ${last_run.changed} |
|
||||||
|
|
||||||
- name: http service state |
|
||||||
service: name=httpd state=started enabled=yes |
|
||||||
|
|
||||||
- name: Configure SELinux to allow httpd to connect to remote database |
|
||||||
seboolean: name=httpd_can_network_connect_db state=true persistent=yes |
|
||||||
@ -1,23 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook does utility stuff's like adding a webserver into the pool, etc.. |
|
||||||
|
|
||||||
- name: Remove the code from server |
|
||||||
command: rm -rf /var/www/html/* |
|
||||||
|
|
||||||
- name: Remove server from LB |
|
||||||
lineinfile: dest=/etc/haproxy/haproxy.cfg state=absent regexp="${ansible_hostname}" |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
register: last_run |
|
||||||
|
|
||||||
- name: disable the server in haproxy |
|
||||||
shell: echo "disable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
|
|
||||||
- name: Remove the httpd package |
|
||||||
yum: name=httpd state=absent |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1,22 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook implements a rolling update on the infrastructure, change the value of the serial keyword to specify the number of servers the update should happen. |
|
||||||
|
|
||||||
- name: Remove the code from server |
|
||||||
command: rm -rf /var/www/html/* |
|
||||||
|
|
||||||
- name: disable the server in haproxy |
|
||||||
shell: echo "disable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
|
|
||||||
- name: Copy the code from repository |
|
||||||
git: repo=${repository} dest=/var/www/html/ |
|
||||||
|
|
||||||
- name: Create's the index.php file |
|
||||||
template: src=webtier/templates/index.php.j2 dest=/var/www/html/index.php |
|
||||||
|
|
||||||
- name: Enable the server in haproxy |
|
||||||
shell: echo "enable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers} |
|
||||||
|
|
||||||
@ -1,39 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook does utility stuff's like adding a webserver into the pool, etc.. |
|
||||||
|
|
||||||
- name: Add server to LB |
|
||||||
lineinfile: dest=/etc/haproxy/haproxy.cfg state=present regexp="${ansible_hostname}" line="server ${ansible_hostname} ${ansible_eth0.ipv4.address}:${httpd_port}" |
|
||||||
delegate_to: ${lbserver} |
|
||||||
register: last_run |
|
||||||
tags: add |
|
||||||
|
|
||||||
- name: Reload the haproxy |
|
||||||
service: name=haproxy state=reloaded |
|
||||||
delegate_to: ${lbserver} |
|
||||||
only_if: ${last_run.changed} |
|
||||||
tags: add |
|
||||||
|
|
||||||
- name: Remove the code from server |
|
||||||
command: rm -rf /var/www/html/* |
|
||||||
tags: remove |
|
||||||
|
|
||||||
- name: Remove server from LB |
|
||||||
lineinfile: dest=/etc/haproxy/haproxy.cfg state=absent regexp="${ansible_hostname}" |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers}} |
|
||||||
register: last_run |
|
||||||
tags: remove |
|
||||||
|
|
||||||
- name: disable the server in haproxy |
|
||||||
shell: echo "disable server myapplb/${ansible_hostname}" | socat stdio /var/lib/haproxy/stats |
|
||||||
delegate_to: $item |
|
||||||
with_items: ${groups.lbservers}} |
|
||||||
tags: remove |
|
||||||
|
|
||||||
- name: Remove the httpd package |
|
||||||
yum: name=httpd state=absent |
|
||||||
tags: remove |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1,16 +0,0 @@ |
|||||||
<html> |
|
||||||
<head> |
|
||||||
<title>Ansible Application</title> |
|
||||||
</head> |
|
||||||
<body> |
|
||||||
</br> |
|
||||||
<a href=http://{{ ansible_eth0.ipv4.address }}/index.html>Homepage</a> |
|
||||||
</br> |
|
||||||
<?php |
|
||||||
Print "Hello, World! I am configured in Ansible and i am : "; |
|
||||||
echo exec('hostname'); |
|
||||||
Print "</BR>"; |
|
||||||
?> |
|
||||||
</body> |
|
||||||
</html> |
|
||||||
|
|
||||||
@ -1,5 +1,7 @@ |
|||||||
[webservers] |
[webservers] |
||||||
web2 |
web3 |
||||||
|
|
||||||
[dbservers] |
[dbservers] |
||||||
web3 |
web2 |
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -1,11 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook deploys mysql and configures database on the db node/nodes |
|
||||||
|
|
||||||
- hosts: dbservers |
|
||||||
user: root |
|
||||||
tasks: |
|
||||||
- include: common/tasks/main.yml |
|
||||||
- include: dbtier/tasks/install_mysql.yml |
|
||||||
handlers: |
|
||||||
- include: dbtier/handlers/main.yml |
|
||||||
- include: common/handlers/main.yml |
|
||||||
@ -1,6 +0,0 @@ |
|||||||
--- |
|
||||||
# Handler to handle DB tier notifications |
|
||||||
|
|
||||||
- name: restart mysql |
|
||||||
service: name=mysqld state=restarted |
|
||||||
|
|
||||||
@ -1,32 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook will install mysql and create db user and give permissions. |
|
||||||
|
|
||||||
- name: Install Mysql package |
|
||||||
action: yum pkg=$item state=installed |
|
||||||
with_items: |
|
||||||
- mysql-server |
|
||||||
- MySQL-python |
|
||||||
- libselinux-python |
|
||||||
- libsemanage-python |
|
||||||
|
|
||||||
- name: Configure SELinux to start mysql on any port |
|
||||||
seboolean: name=mysql_connect_any state=true persistent=yes |
|
||||||
|
|
||||||
- name: Create Mysql configuration file |
|
||||||
action: template src=dbtier/templates/my.cnf.j2 dest=/etc/my.cnf |
|
||||||
notify: |
|
||||||
- restart mysql |
|
||||||
|
|
||||||
- name: Start Mysql Service |
|
||||||
service: name=mysqld state=started enabled=true |
|
||||||
|
|
||||||
- name: insert iptables rule |
|
||||||
lineinfile: dest=/etc/sysconfig/iptables state=present regexp="$mysql_port" insertafter="^:OUTPUT " line="-A INPUT -p tcp --dport $mysql_port -j ACCEPT" |
|
||||||
notify: restart iptables |
|
||||||
|
|
||||||
|
|
||||||
- name: Create Application Database |
|
||||||
mysql_db: name=$dbname state=present |
|
||||||
|
|
||||||
- name: Create Application DB User |
|
||||||
mysql_user: name=$dbuser password=$upassword priv=*.*:ALL host='%' state=present |
|
||||||
@ -1,11 +0,0 @@ |
|||||||
[mysqld] |
|
||||||
datadir=/var/lib/mysql |
|
||||||
socket=/var/lib/mysql/mysql.sock |
|
||||||
user=mysql |
|
||||||
# Disabling symbolic-links is recommended to prevent assorted security risks |
|
||||||
symbolic-links=0 |
|
||||||
port={{ mysql_port }} |
|
||||||
|
|
||||||
[mysqld_safe] |
|
||||||
log-error=/var/log/mysqld.log |
|
||||||
pid-file=/var/run/mysqld/mysqld.pid |
|
||||||
@ -1,11 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook deploys the WebServers with httpd and the code. |
|
||||||
|
|
||||||
- hosts: webservers |
|
||||||
user: root |
|
||||||
tasks: |
|
||||||
- include: common/tasks/main.yml |
|
||||||
- include: webtier/tasks/install_httpd.yml |
|
||||||
- include: webtier/tasks/copy_code.yml |
|
||||||
handlers: |
|
||||||
- include: webtier/handlers/main.yml |
|
||||||
@ -1,5 +0,0 @@ |
|||||||
--- |
|
||||||
# Handler for the webtier |
|
||||||
|
|
||||||
- name: restart iptables |
|
||||||
service: name=iptables state=restarted |
|
||||||
@ -1,10 +0,0 @@ |
|||||||
--- |
|
||||||
# This Playbook is responsible for copying the latest dev/production code from the version control system. |
|
||||||
|
|
||||||
- name: Copy the code from repository |
|
||||||
git: repo=${repository} dest=/var/www/html/ |
|
||||||
|
|
||||||
|
|
||||||
- name: Create's the index.php file |
|
||||||
template: src=webtier/templates/index.php.j2 dest=/var/www/html/index.php |
|
||||||
|
|
||||||
@ -1,26 +0,0 @@ |
|||||||
--- |
|
||||||
# This playbook installs http and the php modules. |
|
||||||
|
|
||||||
- name: Install http and php etc |
|
||||||
action: yum name=$item state=installed |
|
||||||
with_items: |
|
||||||
- httpd |
|
||||||
- php |
|
||||||
- php-mysql |
|
||||||
- libsemanage-python |
|
||||||
- libselinux-python |
|
||||||
|
|
||||||
|
|
||||||
- name: insert iptables rule for httpd |
|
||||||
lineinfile: dest=/etc/sysconfig/iptables state=present regexp="$httpd_port" insertafter="^:OUTPUT " line="-A INPUT -p tcp --dport $httpd_port -j ACCEPT" |
|
||||||
register: last_run |
|
||||||
|
|
||||||
- name: Apply iptable rule |
|
||||||
service: name=iptables state=restarted |
|
||||||
only_if: ${last_run.changed} |
|
||||||
|
|
||||||
- name: http service state |
|
||||||
service: name=httpd state=started enabled=yes |
|
||||||
|
|
||||||
- name: Configure SELinux to allow httpd to connect to remote database |
|
||||||
seboolean: name=httpd_can_network_connect_db state=true persistent=yes |
|
||||||
@ -1,24 +0,0 @@ |
|||||||
<html> |
|
||||||
<head> |
|
||||||
<title>Ansible Application</title> |
|
||||||
</head> |
|
||||||
<body> |
|
||||||
</br> |
|
||||||
<a href=http://{{ ansible_eth0.ipv4.address }}/index.html>Homepage</a> |
|
||||||
</br> |
|
||||||
<?php |
|
||||||
Print "Hello, World! I am configured in Ansible and i am : "; |
|
||||||
echo exec('hostname'); |
|
||||||
Print "</BR>"; |
|
||||||
echo "List of Databases: </BR>"; |
|
||||||
{% for host in groups['dbservers'] %} |
|
||||||
$link = mysql_connect('{{ hostvars[host].ansible_eth0.ipv4.address }}', '{{ hostvars[host].dbuser }}', '{{ hostvars[host].upassword }}') or die(mysql_error()); |
|
||||||
{% endfor %} |
|
||||||
$res = mysql_query("SHOW DATABASES"); |
|
||||||
while ($row = mysql_fetch_assoc($res)) { |
|
||||||
echo $row['Database'] . "\n"; |
|
||||||
} |
|
||||||
?> |
|
||||||
</body> |
|
||||||
</html> |
|
||||||
|
|
||||||
@ -1,5 +1,5 @@ |
|||||||
--- |
--- |
||||||
#This Playbook deploys the whole application stack in this site. |
#This Playbook deploys the whole application stack in this site. |
||||||
|
|
||||||
- include: roles/db.yml |
- include: playbooks/db.yml |
||||||
- include: roles/web.yml |
- include: playbooks/web.yml |
||||||
|
|||||||
Reference in new issue