EC2インスタンス設定用
雑だけど、とりあえず作ったやつ
コード
ansible/roles/aws/amazon-linux-init/tasks/main.yml
- name: check initialize process is completed.
stat: path=/root/.init.lock
register: is_init_lock
- name: check env
shell: echo {{host_name}} | cut -d "-" -f1
register: env
- name: debug env
debug: var=env
- name: check apps_dir
shell: lsblk | grep {{apps_dir}}
register: is_mount
ignore_errors: True
- name: debug is_mount
debug: var=is_mount
- name: create apps directory
file: path={{apps_dir}} state=directory owner={{main_user}} group={{main_user}} mode=0755
- name: disk format
shell: mkfs -t ext4 {{mount_device}}
when: is_mount|failed
ignore_errors: True
- name: check fstab is backuped.
stat: path=/etc/fstab.org
register: is_backup_fstab
- name: fstab backup
shell: cp -p /etc/fstab /etc/fstab.orig
when: is_backup_fstab.stat.md5 is not defined
- name: check registed app directory mount on fstab
shell: grep {{apps_dir}} /etc/fstab
register: is_regist_app_directory_mount
ignore_errors: True
- name: debug is_regist_app_directory_mount
debug: var=is_regist_app_directory_mount
- name: regist app directory mount to fstab
shell: echo "{{mount_device}} {{apps_dir}} ext4 defaults,nofail 0 2" >> /etc/fstab
when: is_regist_app_directory_mount|failed
ignore_errors: True
- name: mount all
shell: mount -a
when: is_regist_app_directory_mount|failed
ignore_errors: True
- name: add PS1 to bash_profile
shell: |
echo 'export PS1="[{{env.stdout}}][\u@\h \W]\\$ "' >> /home/ec2-user/.bash_profile
when: is_init_lock.stat.md5 is not defined
- name: change host name in network config
shell: sed -i -e "s/localhost\.localdomain/{{host_name}}/g" /etc/sysconfig/network
- name: Set JST
shell: cp -p /usr/share/zoneinfo/Japan /etc/localtime
when: is_init_lock.stat.md5 is not defined
- name: set hosts from template
template: src=../templates/hosts.tpl dest=/etc/hosts owner=root group=root mode=0644
- name: network restart
service: name=network state=restarted
when: is_init_lock.stat.md5 is not defined
- name: create initialize lock file
shell: touch /root/.init.lock
when: is_init_lock.stat.md5 is not defined
- name: chown apps directory
shell: chown {{main_user}}:{{main_user}} {{apps_dir}}
ansible/roles/aws/amazon-linux-init/templates/hosts.tpl
127.0.0.1 localhost localhost.localdomain {{host_name}}
ansible/roles/aws/amazon-linux-init/vars/main.yml
mount_device: /dev/xvdb
ansible/roles/aws/common/vars/main.yml
main_user: ec2-user
ansible/roles/common/tasks/main.yml
- name: resolve env
shell: hostname | cut -d "-" -f1
register: env
- name: debug env.stdout
debug: var=env.stdout
- name: read vars file
include_vars: ../vars/dev.yml
when: env.stdout == "local"
- name: read vars file
include_vars: ../vars/dev.yml
when: env.stdout == "dev"
- name: include prod vars file
include_vars: ../vars/prd.yml
when: env.stdout == "prd"
- name: create logs directory
file: path={{app_log_dir}} state=directory owner={{main_user}} group={{main_user}} mode=0755
ansible/roles/common/vars/dev.yml
# githubに置いているので本来はここの内容はansible-vault encryptで暗号化されている
# AWSでAPI使う用 (今回のとこでは使ってないけど一応)
access_key_id: ABCDEFGHIJPLMN
secret_access_key: asdfghjfdssa++dfgdfg
ansible/aws-init-setting.yml
- hosts: '{{host_name}}'
sudo: yes
roles:
- common
- aws/common
- aws/amazon-linux-init
ansible/inventories/dev/hosts
# ローカルに実行するためにansible_connectionを設定
local-common-hoge01 ansible_connection=local
local-common-hoge02 ansible_connection=ssh
実行コマンド
ansible-playbook ansible/aws-init-setting.yml -i ansible/inventories/dev/hosts --extra-vars "host_name=dev-common-hoge01" --vault-pass ~/.ansible_dev_vault_pass
やってること
- bashのプロンプトが [環境名][ユーザ名@ホスト名]$ ってなるように設定
- ホスト名の設定
- JSTに設定
- あらかじめ作成しておいたEBSをext4にフォーマットして/var/appsにマウント