Help us understand the problem. What is going on with this article?

AnsibleをBest Practicesのディレクトリ構成にする

More than 3 years have passed since last update.

ディレクトリを作成

ディレクトリ構成はBest Practicesをそのまま利用。
今回は分かりやすく、全体でNTPdを、webサーバーでNginxをセットアップする。

playbooks
├── development
├── others.yml
├── production
├── roles
│   ├── common
│   │   ├── handlers
│   │   │   └── main.yml
│   │   ├── tasks
│   │   │   └── main.yml
│   │   └── templates
│   │       └── ntp.conf.j2
│   └── nginx
│       ├── handlers
│       │   └── main.yml
│       ├── tasks
│       │   └── main.yml
│       └── templates
│           └── default.j2
├── site.yml
├── staging
└── webservers.yml

Vagrantfileの設定

実行するサーバーは楽なのでVagrantで用意。
boxなどの設定は省略。

Vagrantfile
VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

  # ...

  config.vm.define "host1" do |m|
    # ...
  end

  config.vm.define "host2" do |m|
    # ...
  end

  config.vm.provision "ansible" do |ansible|
    ansible.playbook = "playbooks/site.yml"
    ansible.groups = {
      "webservers" => ["host1"]
      "others" => ["host2"]
    }
  end

end

グループ毎のPlaybookの設定

site.yml
- include: webservers.yml
- include: others.yml
webservers.yml
- hosts: webservers
  sudo: yes
  roles:
    - common
    - nginx
others.yml
- hosts: others
  sudo: yes
  roles:
    - common

site.ymlを読ませるだけで、webserversグループとothersグループとで処理を分けてくれるようになる。

全体用のタスク

全体へのタスクはroles/common/tasks/main.ymlに書く。

roles/common/tasks/main.yml
- name: Install NTP
  apt: name=ntp state=latest
- name: Configure NTP
  template: src=ntp.conf.j2 dest/etc/ntp.conf
  notify:
    - restart ntpd
- name: Be sure NTPd is running and enabled
  service: name=ntp state=started enabled=yes

このタスクで利用されるhandlerやtemplateは同階層のhandlerstemplatesに置く。

roles/common/templates/ntp.conf.j2
driftfile /var/lib/ntp/ntp.drift

statistics loopstats peerstats clockstats
filegen loopstats file loopsstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

server ntp.nict.jp

restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

restrict 127.0.0.1
restrict ::1
roles/common/handlers/main.yml
- name: restart ntpd
  service: name=ntp state=restarted

webserversへのタスク

webserversではcommonロールとnginxロールが与えられているので、全体用のタスク+nginxタスクを実行することになる。

roles/nginx/tasks/main.yml
- name: Install nginx
  apt: name=nginx state=latest
- name: Enable default configuration
  file: src=/etc/nginx/sites-available/default dest=/etc/nginx/sites-enabled/default state=link
- name: Configure nginx
  template: src=default.j2 dest=/etc/nginx/sites-available/default
  notify:
    - restart nginx
roles/nginx/templates/default.j2
server {
    listen 80 default_server;
    server_name local.localdomain;

    root /usr/share/nginx/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }
}
roles/nginx/handlers/main.yml
- name: restart nginx
  service: name=nginx state=restarted

実行

Vagrantの場合

Vagrantでの個人開発環境の場合は、vagrantコマンドにprovisionコマンドが用意されているので、それを使う。

vagrant provision

ansible-playbookの場合

本番サーバーやテストサーバーではこちらを用いることになる。

ansible-playbook -u USER --private-key=/path/to/key -i production playbooks/site.yml

インベントリファイルは適用したい環境を選択する。
上記の例では本番環境用。

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした