LoginSignup
3
5

More than 3 years have passed since last update.

@brighton0725

備忘録 AnsibleでApacheを導入してみる。

Last updated at Posted at 2017-12-20

Ansibleを利用し、CentOS 6とCent OS 7にApacheを導入してみる。

1. playbookを書いてみた。

やりたいことは、
- yumで apacheを導入
- httpdプロセスを起動
- iptablesまたは、firewalldで80portを設定
- iptables/firewalldの変更があれば、プロセス再起動

で、書いてみた内容が以下。

apache.yml
---
- hosts: kobatest
  tasks:
   - name: install apache
     yum: name=httpd

   - name: CentOS6 start httpd
     service: name=httpd state=restarted
     when:  (ansible_distribution == "CentOS" and ansible_distribution_major_version == "6")

   - name: CentOS7 start htpd
     systemd: name=httpd state=restarted
     when:  (ansible_distribution == "CentOS" and ansible_distribution_major_version == "7")

   - name: iptables allow port 80
     lineinfile: dest=/etc/sysconfig/iptables line="-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT" insertafter="^:OUTPUT "
     notify: restart iptables
     when:  (ansible_distribution == "CentOS" and ansible_distribution_major_version == "6")

   - name: firewall-cmd allow port 80
     command: firewall-cmd --permanent --add-port=80/tcp
     notify: restart firewalld
     when: (ansible_distribution == "CentOS" and ansible_distribution_major_version == "7")

  handlers:
     - name: restart iptables
       service: name=iptables state=restarted

     - name: restart firewalld
       service: name=firewalld state=restarted

CentOS 6と7ではservice/systemdやiptables/firewalldなどの違いがある。
とりあえずサービスの起動については

・service
service: name=httpd state=restarted

・systemd
systemd: name=httpd state=restarted

とかいてみた。
バージョンの違いによって、実行を切り替えたいので、以下の書き方でやる(例:OSがCent OSでバージョンが 7の場合)。
when: (ansible_distribution == "CentOS" and ansible_distribution_major_version == "7")

firewalldの設定は、まだ調べてないので、とりあえず commandオプションでられつ。

2. 実行してみた

結果はこちら。

# ansible-playbook apache.yml

PLAY [kobatest] *************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************
ok: [brighton002]
ok: [brighton003]

TASK [install apache] *******************************************************************************************
changed: [brighton002]
changed: [brighton003]

TASK [CentOS6 start httpd] **************************************************************************************
skipping: [brighton003]
changed: [brighton002]

TASK [CentOS7 start htpd] ***************************************************************************************
skipping: [brighton002]
changed: [brighton003]

TASK [iptables allow port 80] ***********************************************************************************
skipping: [brighton003]
changed: [brighton002]

TASK [firewall-cmd allow port 80] *******************************************************************************
skipping: [brighton002]
changed: [brighton003]

RUNNING HANDLER [restart iptables] ******************************************************************************
changed: [brighton002]

RUNNING HANDLER [restart firewalld] *****************************************************************************
changed: [brighton003]

PLAY RECAP ******************************************************************************************************
brighton002                : ok=5    changed=4    unreachable=0    failed=0
brighton003                : ok=5    changed=4    unreachable=0    failed=0

すべていきました。途中when構文がきいていて、skipされているのもわかる。

3. 冪統制の確認

実行してみるぞっと。

# ansible-playbook apache.yml

PLAY [kobatest] *************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************
ok: [brighton002]
ok: [brighton003]

TASK [install apache] *******************************************************************************************
ok: [brighton002]
ok: [brighton003]

TASK [CentOS6 start httpd] **************************************************************************************
skipping: [brighton003]
changed: [brighton002]

TASK [CentOS7 start htpd] ***************************************************************************************
skipping: [brighton002]
changed: [brighton003]

TASK [iptables allow port 80] ***********************************************************************************
skipping: [brighton003]
ok: [brighton002]

TASK [firewall-cmd allow port 80] *******************************************************************************
skipping: [brighton002]
changed: [brighton003]

RUNNING HANDLER [restart firewalld] *****************************************************************************
changed: [brighton003]

PLAY RECAP ******************************************************************************************************
brighton002                : ok=4    changed=1    unreachable=0    failed=0
brighton003                : ok=5    changed=3    unreachable=0    failed=0

install以外は、冪統制が担保されていない・・・
chefよりもこの辺が難しい。これについて次回調査。

3
5
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
3
5