OSSのサーバ構築自動化ツール、4製品徹底検証 2016年版:実際に検証済み!OSS徹底比較(3)サーバ構築自動化【前編】(7/9 ページ)
» 2016年06月23日 05時00分 公開
[森元敏雄,TIS]
WordPressインストール用のplaybookの作成
1.playbookを格納するフォルダを作成
$ mkdir -p ~/playbook/wordpress_sample/roles/wordpress/{tasks,templates} ~/playbook/wordpress_sample/{group_vars,host_vars}
2.playbookを作成
作成したplaybookは以下となる。各処理のTIPSは後ほど、機能ごとに説明する。
(1)playbookとして作成するファイルおよびフォルダの構成
# tree playbook
playbook
└── wordpress_sample
├── group_vars
│ └── wordpress-server
├── host_vars
│ └── tissvv096
├── hosts
├── roles
│ └── wordpress
│ ├── tasks
│ │ └── main.yaml
│ └── templates
│ ├── my.cnf
│ └── wordpress.conf
└── site.yaml
(2)処理対象のhostsグループ、実行ユーザー、設定に使用するroleを定義するsite.yamlファイル
$ vi ~/playbook/wordpress_sample/site.yaml
---
- name: Install WordPress, MariaDB, Apache, and PHP
hosts: wordpress-server
remote_user: maintain
sudo: yes
roles:
- wordpress
(3)Wordpress環境の構築を実際に行うmain.yamlファイル
$ vi ~/playbook/wordpress_sample/roles/wordpress/tasks/main.yaml
#
# Playbook Name::wordpress_sample
---
# update packages
- name: yum update
yum: name=* state=latest
# install packages
- name: install mariadb-server
yum: name=mariadb-server state=installed
- name: install
yum: name=httpd state=installed
- name: install php
yum: name=php state=installed
- name: install php-mysql
yum: name=php-mysql state=installed
- name: install MySQL-python
yum: name=MySQL-python state=installed
# start/enable mariadb
- name: start and enable mariadb
service: name=mariadb state=running enabled=yes
# set mariadb root password
- name: mariadb root password setting
mysql_user:
login_user='root'
name='root'
password='{{ mysql_root_pass }}'
update_password=always
# create /root/.my.cnf
- name: check /root/.my.cnf exists
stat: path=/root/.my.cnf
register: flck
- name: copy /root/.my.cnf template
template:
src=my.cnf
dest=/root/.my.cnf
mode='600'
when: not flck.stat.exists
- name: modify /root/.my.cnf
replace:
dest=/root/.my.cnf
regexp='@mysql_root_pass@'
replace='{{ mysql_root_pass }}'
# mariadb logrotate setting
- name: check mariadb logrotate config backup exists
stat: path=/etc/logrotate.d/mariadb.bak
register: flck
- name: modify mariadb logrotate config
shell: 'sed -i.bak -e "23,$ s/^#//" /etc/logrotate.d/mariadb'
when: not flck.stat.exists
# create wordpres db/user
- name: create wordpress db create
mysql_db:
login_user='root'
login_password='{{ mysql_root_pass }}'
name='{{ wp_db_name }}'
state=present
- name: create wordpress db user
mysql_user:
login_user='root'
login_password='{{ mysql_root_pass }}'
name='{{ wp_db_user }}'
password='{{ wp_db_pass }}'
priv='{{ wp_db_name }}.*:ALL,GRANT'
state=present
# install wordpress
- name: wordpress download
get_url:
url='{{ wordpress_latest }}'
dest=/var/www/wordpress-latest.tgz
- name: wordpress unarchive check
stat: path=/var/www/wordpress/wp-config-sample.php
register: flck
- name: wordpress unarchive
shell: 'tar zxvf /var/www/wordpress-latest.tgz'
args:
chdir: /var/www
when: not flck.stat.exists
# create wordpress config
- name: check wp-config.php exists
stat: path=/var/www/wordpress/wp-config.php
register: flck
- name: copy wp-config-sample.php to wp-config.php
shell: 'cp -p /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php'
when: not flck.stat.exists
- name: modify wp-config.php db name
replace:
dest=/var/www/wordpress/wp-config.php
regexp='(^.*)database_name_here(.*$)'
replace='\1{{ wp_db_name }}\2'
- name: modify wp-config.php db user name
replace:
dest=/var/www/wordpress/wp-config.php
regexp='(^.*)username_here(.*$)'
replace='\1{{ wp_db_user }}\2'
- name: modify wp-config.php db password
replace:
dest=/var/www/wordpress/wp-config.php
regexp='(^.*)password_here(.*$)'
replace='\1{{ wp_db_pass }}\2'
- name: modify wp-config.php unique phrase
replace:
dest=/var/www/wordpress/wp-config.php
regexp='(^.*)put your unique phrase here(.*$)'
replace='\1{{ wp_unique_phrase }}\2'
# chown wordpress files
- name: check wordpress files owner/group
shell: 'find /var/www/wordpress -not -user {{ wp_os_user }} -or -not -group {{ wp_os_group }} | wc -l'
register: lowcnt
- name: chown wordpress files
shell: 'chown -R {{ wp_os_user }}:{{ wp_os_group }} /var/www/wordpress'
when: not lowcnt.stdout == "0"
# create wordpress httpd config
- name: check wordpress.conf exists
stat: path=/etc/httpd/conf.d/wordpress.conf
register: flck
- name: copy wordpress.conf template
template:
src=wordpress.conf
dest=/etc/httpd/conf.d/wordpress.conf
when: not flck.stat.exists
- name: modify wordpress.conf
replace:
dest=/etc/httpd/conf.d/wordpress.conf
regexp='@hostname@'
replace='{{ inventory_hostname }}'
# modify httpd config
- name: check httpd config backup exists
stat: path=/etc/httpd/conf/httpd.conf.bak
register: flck
- name: httpd config copy
shell: "cp -p /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak"
when: not flck.stat.exists
- name: modify httpd config
replace:
dest=/etc/httpd/conf/httpd.conf
regexp='#ServerName www.example.com:80'
replace='ServerName {{ inventory_hostname }}'
# start/enable httpd
- name: start and enable httpd
service: name=httpd state=running enabled=yes
# open httpd port in firewall
- name: open httpd port in firewall
firewalld: zone=public service=http permanent=true state=enabled immediate=yes
(4)サーバグループのパラメータ値の定義ファイル
$ vi ./playbook/wordpress_sample/group_vars/wordpress-server
# wordpress-server Paramaters mysql_root_pass: 'password' wordpress_latest: 'https://wordpress.org/latest.tar.gz' wp_os_user: 'root' wp_os_group: 'root' wp_db_name: 'wordpress' wp_db_user: 'wordpress' wp_db_pass: 'password' wp_unique_phrase: 'bMvc7W2eLuhKFewafVyirWJaXDhbSf'
(5)サーバごとのパラメータ値の定義ファイル
$ vi ./playbook/wordpress_sample/host_vars/tissvv096
# Paramaters mysql_root_pass : 'FM11AD2+' wordpress_latest: 'https://ja.wordpress.org/latest-ja.tar.gz' wp_os_user: 'root' wp_os_group: 'root' wp_db_name: 'WordPress' wp_db_user: 'wp_admin' wp_db_pass: 'HB-F1XDJ' wp_unique_phrase: 'FX702PFX801PPB100FX860PPB700PB500PB750PAI1000'
パラメータ値の定義ファイルは以下の優先順序で使用される。
host_vars/tissvv096 → group_vars/wordpress-server → group_vars/all
最後のgroup_vars/allは全てのサーバに対して無条件に適用されるデフォルトのパラメータ値となる。
(6)/etc/httpd/conf.d/wordpress.confのtemplateファイル
$vi ./playbook/wordpress_sample/roles/wordpress/templates/wordpress.conf
<VirtualHost *:80>
ServerName @hostname@;
DocumentRoot /var/www/wordpress
<Directory "/var/www/wordpress">
AllowOverride All
Options -Indexes
</Directory>
<Files wp-config.php>
order allow,deny
deny from all
</Files>
</VirtualHost>
(7)/root/.my.cnfのtemplateファイル
$ vi ./playbook/wordpress_sample/roles/wordpress/templates/my.cnf
[client] user = root password = "@mysql_root_pass@" [mysqladmin] user = root password = "@mysql_root_pass@"
(8)対象ホストnodeの登録の確認(必要であれば修正)
$ vi ~/playbook/wordpress_sample/hosts
[wordpress-server] tissvv096
3.playbook実行前の構文の確認
ansible-playbookでplaybookを実行することになるが、最後に"--syntax-check"オプションを付けると実行せずに、構文チェックのみが行われる。エラーが表示されなければ構文的には問題がない。
$ ansible-playbook playbook/wordpress_sample/site.yaml -i ~/playbook/wordpress_sample/hosts --key-file=~/.ssh/id_rsa.pem --syntax-check playbook: playbook/wordpress_sample/site.yaml
4.WordPressサーバ構築のplaybook実行
以下のコマンドを実行すると、./playbook/wordpress_sample以下のplaybookが実行される。
$ ansible-playbook playbook/wordpress_sample/site.yaml -i ~/playbook/wordpress_sample/hosts --key-file=~/.ssh/id_rsa.pem
コマンドを実行すると、以下のログが出力され、nodeサーバの設定が行われる。
PLAY [Install WordPress, MariaDB, Apache, and PHP] ***************************** TASK [setup] ******************************************************************* ok: [tissvv096] TASK [wordpress : yum update] ************************************************** changed: [tissvv096] TASK [wordpress : install mariadb-server] ************************************** changed: [tissvv096] TASK [wordpress : install] ***************************************************** changed: [tissvv096] TASK [wordpress : install php] ************************************************* changed: [tissvv096] TASK [wordpress : install php-mysql] ******************************************* changed: [tissvv096] TASK [wordpress : install MySQL-python] **************************************** changed: [tissvv096] TASK [wordpress : start and enable mariadb] ************************************ changed: [tissvv096] TASK [wordpress : mariadb root password setting] ******************************* changed: [tissvv096] TASK [wordpress : check /root/.my.cnf exists] ********************************** ok: [tissvv096] TASK [wordpress : copy /root/.my.cnf template] ********************************* changed: [tissvv096] TASK [wordpress : modify /root/.my.cnf] **************************************** changed: [tissvv096] TASK [wordpress : check mariadb logrotate config backup exists] **************** ok: [tissvv096] TASK [wordpress : modify mariadb logrotate config] ***************************** changed: [tissvv096] [WARNING]: Consider using template or lineinfile module rather than running sed TASK [wordpress : create wordpress db create] ********************************** changed: [tissvv096] TASK [wordpress : create wordpress db user] ************************************ changed: [tissvv096] TASK [wordpress : wordpress download] ****************************************** changed: [tissvv096] TASK [wordpress : wordpress unarchive check] *********************************** ok: [tissvv096] TASK [wordpress : wordpress unarchive] ***************************************** changed: [tissvv096] [WARNING]: Consider using unarchive module rather than running tar TASK [wordpress : check wp-config.php exists] ********************************** ok: [tissvv096] TASK [wordpress : copy wp-config-sample.php to wp-config.php] ****************** changed: [tissvv096] TASK [wordpress : modify wp-config.php db name] ******************************** changed: [tissvv096] TASK [wordpress : modify wp-config.php db user name] *************************** changed: [tissvv096] TASK [wordpress : modify wp-config.php db password] **************************** changed: [tissvv096] TASK [wordpress : modify wp-config.php unique phrase] ************************** changed: [tissvv096] TASK [wordpress : check wordpress.conf exists] ********************************* ok: [tissvv096] TASK [wordpress : copy wordpress.conf template] ******************************** changed: [tissvv096] TASK [wordpress : modify wordpress.conf] *************************************** changed: [tissvv096] TASK [wordpress : check wordpress files owner/group] *************************** changed: [tissvv096] TASK [wordpress : chown wordpress files] *************************************** changed: [tissvv096] [WARNING]: Consider using file module with owner rather than running chown TASK [wordpress : check httpd config backup exists] **************************** ok: [tissvv096] TASK [wordpress : httpd config copy] ******************************************* changed: [tissvv096] TASK [wordpress : modify httpd config] ***************************************** changed: [tissvv096] TASK [wordpress : start and enable httpd] ************************************** changed: [tissvv096] TASK [wordpress : open httpd port in firewall] ********************************* changed: [tissvv096] PLAY RECAP ********************************************************************* tissvv096 : ok=35 changed=28 unreachable=0 failed=0
5.ブラウザでWordPressの初期設定画面の起動を確認
6.コマンドを再実行した場合、設定済の処理がskipされる
最終行に変更件数が表示されているが、実際には/var/www/wordpressフォルダのowner/groupのチェック処理のみのため、何も変更されていないことが確認できる。
PLAY [Install WordPress, MariaDB, Apache, and PHP] ***************************** TASK [setup] ******************************************************************* ok: [tissvv096] TASK [wordpress : yum update] ************************************************** ok: [tissvv096] TASK [wordpress : install mariadb-server] ************************************** ok: [tissvv096] TASK [wordpress : install] ***************************************************** ok: [tissvv096] TASK [wordpress : install php] ************************************************* ok: [tissvv096] TASK [wordpress : install php-mysql] ******************************************* ok: [tissvv096] TASK [wordpress : install MySQL-python] **************************************** ok: [tissvv096] TASK [wordpress : start and enable mariadb] ************************************ ok: [tissvv096] TASK [wordpress : mariadb root password setting] ******************************* ok: [tissvv096] TASK [wordpress : check /root/.my.cnf exists] ********************************** ok: [tissvv096] TASK [wordpress : copy /root/.my.cnf template] ********************************* skipping: [tissvv096] TASK [wordpress : modify /root/.my.cnf] **************************************** ok: [tissvv096] TASK [wordpress : check mariadb logrotate config backup exists] **************** ok: [tissvv096] TASK [wordpress : modify mariadb logrotate config] ***************************** skipping: [tissvv096] TASK [wordpress : create wordpress db create] ********************************** ok: [tissvv096] TASK [wordpress : create wordpress db user] ************************************ ok: [tissvv096] TASK [wordpress : wordpress download] ****************************************** ok: [tissvv096] TASK [wordpress : wordpress unarchive check] *********************************** ok: [tissvv096] TASK [wordpress : wordpress unarchive] ***************************************** skipping: [tissvv096] TASK [wordpress : check wp-config.php exists] ********************************** ok: [tissvv096] TASK [wordpress : copy wp-config-sample.php to wp-config.php] ****************** skipping: [tissvv096] TASK [wordpress : modify wp-config.php db name] ******************************** ok: [tissvv096] TASK [wordpress : modify wp-config.php db user name] *************************** ok: [tissvv096] TASK [wordpress : modify wp-config.php db password] **************************** ok: [tissvv096] TASK [wordpress : modify wp-config.php unique phrase] ************************** ok: [tissvv096] TASK [wordpress : check wordpress.conf exists] ********************************* ok: [tissvv096] TASK [wordpress : copy wordpress.conf template] ******************************** skipping: [tissvv096] TASK [wordpress : modify wordpress.conf] *************************************** ok: [tissvv096] TASK [wordpress : check wordpress files owner/group] *************************** changed: [tissvv096] TASK [wordpress : chown wordpress files] *************************************** skipping: [tissvv096] TASK [wordpress : check httpd config backup exists] **************************** ok: [tissvv096] TASK [wordpress : httpd config copy] ******************************************* skipping: [tissvv096] TASK [wordpress : modify httpd config] ***************************************** ok: [tissvv096] TASK [wordpress : start and enable httpd] ************************************** ok: [tissvv096] TASK [wordpress : open httpd port in firewall] ********************************* ok: [tissvv096] PLAY RECAP ********************************************************************* tissvv096 : ok=28 changed=1 unreachable=0 failed=0
Copyright © ITmedia, Inc. All Rights Reserved.
SpecialPR
アイティメディアからのお知らせ
スポンサーからのお知らせPR
SpecialPR
注目のテーマ
システム開発ノウハウ 【発注ナビ】PR
あなたにおすすめの記事PR
ITmediaはアイティメディア株式会社の登録商標です。