OSSのサーバ構築自動化ツール、4製品徹底検証 2016年版:実際に検証済み!OSS徹底比較(4)サーバ構築自動化【後編】(3/8 ページ)
» 2016年06月24日 05時00分 公開
[森元敏雄,TIS]
WordPressインストール用のmanifestの作成
1.manifestを格納するフォルダを作成
$ sudo mkdir -p /etc/puppetlabs/code/environments/production/modules/wordpress_sample/{manifests,templates}
2.manifestを作成
作成したmanifestは以下の通り。各処理のTIPSは後ほど、機能ごとに説明する。
(1)manifestとして作成するファイルおよびフォルダの構成
tree /etc/puppetlabs/code/environments/production/modules/wordpress_sample/
/etc/puppetlabs/code/environments/production/modules/wordpress_sample/
├── manifests
│ ├── init.pp
│ ├── install.pp
│ └── params.pp
└── templates
└── wordpress.conf.erb
(2)manifestのパラメータ変数のdefault値を定義するparams.ppファイルの作成
$ cd /etc/puppetlabs/code/environments/production/modules/wordpress_sample/ $ sudo vi ./manifests/params.pp
# Class: wordpress_sample::params
#
# Actions: WordPress,mariadb,apache and php install manifest paramaters
#
class wordpress_sample::params (
# default paramaters
$mysql_root_pass = 'password',
$wordpress_latest = 'https://wordpress.org/latest.tar.gz',
$wp_os_user = 'root',
$wp_os_group = 'root',
$wp_db_name = 'wordpress',
$wp_db_user = 'wordpress',
$wp_db_pass = 'password',
$wp_unique_phrase = 'bMvc7W2eLuhKFewafVyirWJaXDhbSf',
$wp_unarchive_path = '/var/www',
$wp_install_path = '/var/www/wordpress',
) {
}
(3)manifestとして最初に呼び出され、manifest全体を制御するinit.ppファイルの作成
$ sudo vi ./manifests/init.pp
# Class: wordpress_sample
#
# Actions: WordPress,mariadb,apache and php install manifest
#
class wordpress_sample (
# default paramaters
$mysql_root_pass = $wordpress_sample::params::mysql_root_pass,
$wordpress_latest = $wordpress_sample::params::wordpress_latest,
$wp_os_user = $wordpress_sample::params::wp_os_user,
$wp_os_group = $wordpress_sample::params::wp_os_group,
$wp_db_name = $wordpress_sample::params::wp_db_name,
$wp_db_user = $wordpress_sample::params::wp_db_user,
$wp_db_pass = $wordpress_sample::params::wp_db_pass,
$wp_unique_phrase = $wordpress_sample::params::wp_unique_phrase,
$wp_unarchive_path = $wordpress_sample::params::wp_unarchive_path,
$wp_install_path = $wordpress_sample::params::wp_install_path
) inherits wordpress_sample::params {
class { 'wordpress_sample::install':
mysql_root_pass => $mysql_root_pass,
wordpress_latest => $wordpress_latest,
wp_os_user => $wp_os_user,
wp_os_group => $wp_os_group,
wp_db_name => $wp_db_name,
wp_db_user => $wp_db_user,
wp_db_pass => $wp_db_pass,
wp_unique_phrase => $wp_unique_phrase,
wp_unarchive_path => $wp_unarchive_path,
wp_install_path => $wp_install_path
}
}
(4)WordPress環境の構築を実際に行うinstall.ppファイルの作成
$ sudo vi ./manifests/install.pp
# Class: wordpress_sample::install
#
# Actions: WordPress,mariadb,apache and php install manifest
#
class wordpress_sample::install (
# default paramaters
$mysql_root_pass = $wordpress_sample::params::mysql_root_pass,
$wordpress_latest = $wordpress_sample::params::wordpress_latest,
$wp_os_user = $wordpress_sample::params::wp_os_user,
$wp_os_group = $wordpress_sample::params::wp_os_group,
$wp_db_name = $wordpress_sample::params::wp_db_name,
$wp_db_user = $wordpress_sample::params::wp_db_user,
$wp_db_pass = $wordpress_sample::params::wp_db_pass,
$wp_unique_phrase = $wordpress_sample::params::wp_unique_phrase,
$wp_unarchive_path = $wordpress_sample::params::wp_unarchive_path,
$wp_install_path = $wordpress_sample::params::wp_install_path,
) {
require wordpress_sample::params
# defaults file permission
File {
owner => 'root',
group => 'root',
mode => '0644',
}
# defaults execute environment
Exec {
path => ['/usr/bin','/usr/sbin','/opt/puppetlabs/bin'],
cwd => '/tmp',
user => 'root',
group => 'root',
logoutput => on_failure,
}
# update packages
exec { 'yum update':
command => 'yum update -y',
}
# install packages
package { [ "httpd", "php", "php-mysql" ]:
provider => "yum",
ensure => "installed",
}
# mariadb install, start, enable,
# setting root password and create /root/.my.cnf
class { 'mysql::server':
root_password => "${mysql_root_pass}",
}
# mariadb logrotate setting
-> exec { 'modify logrotate/mariadb':
command => 'sed -i.bak -e "23,$ s/^#//" /etc/logrotate.d/mariadb',
creates => '/etc/logrotate.d/mariadb.bak'
}
# create wordpress db
mysql_database { "${wp_db_name}":
ensure => present,
require => Class['mysql::server'],
}
# create wordpress db user
-> mysql_user{ "${wp_db_user}@localhost":
ensure => present,
password_hash => mysql_password("${wp_db_pass}"),
require => Class['mysql::server'],
}
# grant wordpress db user
-> mysql_grant { "${wp_db_user}@localhost/${wp_db_name}.*":
table => "${wp_db_name}.*",
user => "${wp_db_user}@localhost",
privileges => ['ALL'],
}
# install wordpress
exec { 'install wordpress':
command => "curl ${wordpress_latest} | tar zx -C ${wp_unarchive_path}",
creates => "${wp_install_path}/wp-config.php",
}
# modify wordpress config
-> exec { "modify wordpress config":
command => "sed -e 's/\\(.*\\)database_name_here\\(.*\\)/\\1${wp_db_name}\\2/' \
-e 's/\\(.*\\)username_here\\(.*\\)/\\1${wp_db_user}\\2/' \
-e 's/\\(.*\\)password_here\\(.*\\)/\\1${wp_db_pass}\\2/' \
-e 's/\\(.*\\)put your unique phrase here\\(.*\\)/\\1${wp_unique_phrase}\\2/' \
${wp_install_path}/wp-config-sample.php > ${wp_install_path}/wp-config.php",
creates => "${wp_install_path}/wp-config.php",
}
# chown wordpress files
-> exec { "chown wordpress":
command => "chown -R ${wp_os_user}:${wp_os_group} ${wp_install_path}",
user => "${wp_os_user}",
group => "${wp_os_group}",
onlyif => [ "test `find ${wp_install_path} -not -user ${wp_os_user} | wc -l` != 0",
"test `find ${wp_install_path} -not -group ${wp_os_group} | wc -l` != 0" ],
}
# create httpd/wordpress.conf
file { '/etc/httpd/conf.d/wordpress.conf':
ensure => file,
content => template( 'wordpress_sample/wordpress.conf.erb' ),
require => Package['httpd'],
}
# modify httpd config
file { '/etc/httpd/conf/httpd.conf.bak':
ensure => file,
source => '/etc/httpd/conf/httpd.conf',
replace => 'no',
}
file_line { 'modify httpd config':
path => '/etc/httpd/conf/httpd.conf',
line => "ServerName ${hostname}",
match => "^#ServerName.*$"
}
# start/enable httpd
-> service { "httpd":
provider => systemd,
ensure => running,
enable => true,
}
# httpd firewall setting
exec { "firewall-cmd httpd open":
command => "firewall-cmd --add-service=http --zone=public --permanent;
firewall-cmd --reload",
require => Package['httpd'],
onlyif => "test `firewall-cmd --zone=public --list-all | grep -c http` == 0",
}
}
(5)/etc/httpd/conf.d/wordpress.confのtemplateファイルの作成
$ sudo vi ./templates/wordpress.conf.erb
<VirtualHost *:80>
ServerName <%= @hostname %>
DocumentRoot /var/www/wordpress
<Directory "/var/www/wordpress">
AllowOverride All
Options -Indexes
</Directory>
<Files wp-config.php>
order allow,deny
deny from all
</Files>
</VirtualHost>
(6)MySQL用manifestモジュールのインストール
Puppet Labsが正式に公開しているMySQL用のmanifestモジュールをインストールして使用する。
$ sudo /opt/puppetlabs/bin/puppet module install puppetlabs-mysql
$ sudo /opt/puppetlabs/bin/puppet module install puppetlabs-mysql Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ... Notice: Downloading from https://forgeapi.puppetlabs.com ... Notice: Installing -- do not interrupt ... /etc/puppetlabs/code/environments/production/modules └─┬ puppetlabs-mysql (v3.7.0) ├── nanliu-staging (v1.0.3) └── puppetlabs-stdlib (v4.12.0)
(7)nodeからのpuppet agent実行時の処理の制御を行うsite.ppファイル
nodeでpuppet agentを実行する際に最初に呼び出される。nodeごとに使用するmanifestやパラメータの設定などを記述する。
$ sudo vi /etc/puppetlabs/code/environments/production/manifests/site.pp
node 'tissvv096' {
#include wordpress_sample module
class { 'wordpress_sample':
mysql_root_pass => "FM11AD2+",
wp_db_name => "WordPress",
wp_db_user => "wp_admin",
wp_db_pass => "HB-F1XDJ",
wordpress_latest => "https://ja.wordpress.org/latest-ja.tar.gz",
wp_unique_phrase => "FX702PFX801PPB100FX860PPB700PB500PB750PAI1000",
wp_unarchive_path => "/var/www",
wp_install_path => "/var/www/wordpress",
wp_os_user => "root",
wp_os_group => "root",
}
}
以上でmanifestの作成は終了となる。manifestの実行はノード側で実施する。
3.manifest実行前の構文の確認
node側にログインしてpuppet agentコマンドを実行することでmanifestが反映される。puppet agentコマンドのオプションに "--noop"を付けるとmanifestを実行せずに、構文チェックのみが行われる。最後まで実行されれば、構文的には問題はないと考えられる。ログファイルは"-l"オプションでファイル出力することもできる。
$ sudo /opt/puppetlabs/bin/puppet agent --test --server tissvv097 --noop -l /var/log/puppetlabs/puppet/tissvv096.log
4.WordPressサーバ構築のmanifestを実行
以下のコマンドを実行するとサーバ側からmanifestがダウンロードされ、WordPress環境の構築が行われる。出力されるログは以下となる。
$ sudo /opt/puppetlabs/bin/puppet agent --test --server tissvv097 -l /var/log/puppetlabs/puppet/tissvv096.log
Puppet (err): Unable to set ownership to puppet:puppet for log file: /var/log/puppetlabs/puppet/tissvv096.log
Puppet (info): Using configured environment 'production'
Puppet (info): Retrieving pluginfacts
Puppet (info): Retrieving plugin
Puppet (info): Loading facts
Puppet (info): Caching catalog for tissvv096
Puppet (info): Applying configuration version '1463029827'
/Stage[main]/Wordpress_sample::Install/Exec[yum update]/returns (notice): executed successfully
/Stage[main]/Wordpress_sample::Install/Package[httpd]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Package[php]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Package[php-mysql]/ensure (notice): created
/Stage[main]/Mysql::Server::Install/Package[mysql-server]/ensure (notice): created
/Stage[main]/Mysql::Server::Config/File[mysql-config-file]/content (notice):
--- /etc/my.cnf.d/server.cnf 2015-12-10 02:22:48.000000000 +0900
+++ /tmp/puppet-file20160512-11542-mdsiso 2016-05-12 14:10:41.044840209 +0900
@@ -1,28 +1,61 @@
-#
-# These groups are read by MariaDB server.
-# Use it for options that only the server (but not clients) should see
-#
-# See the examples of server my.cnf files in /usr/share/mysql/
-#
+### MANAGED BY PUPPET ###
-# this is read by the standalone daemon and embedded servers
-[server]
+[client]
+port = 3306
+socket = /var/lib/mysql/mysql.sock
+
+[isamchk]
+bind-address = 127.0.0.1
+datadir = /var/lib/mysql
+expire_logs_days = 10
+key_buffer_size = 16M
+log-error = /var/log/mariadb/mariadb.log
+max_allowed_packet = 16M
+max_binlog_size = 100M
+max_connections = 151
+pid-file = /var/run/mariadb/mariadb.pid
+port = 3306
+query_cache_limit = 1M
+query_cache_size = 16M
+skip-external-locking
+socket = /var/lib/mysql/mysql.sock
+ssl = false
+ssl-ca = /etc/mysql/cacert.pem
+ssl-cert = /etc/mysql/server-cert.pem
+ssl-key = /etc/mysql/server-key.pem
+thread_cache_size = 8
+thread_stack = 256K
+tmpdir = /tmp
+user = mysql
+
+[mysqld-5.0]
+myisam-recover = BACKUP
-# this is only for embedded server
-[embedded]
+[mysqld-5.1]
+myisam-recover = BACKUP
-# This group is only read by MariaDB-5.5 servers.
-# If you use the same .cnf file for MariaDB of different versions,
-# use this group for options that older servers don't understand
[mysqld-5.5]
+myisam-recover = BACKUP
+
+[mysqld-5.6]
+myisam-recover-options = BACKUP
+
+[mysqld-5.7]
+myisam-recover-options = BACKUP
+
+[mysqld_safe]
+log-error = /var/log/mariadb/mariadb.log
+nice = 0
+socket = /var/lib/mysql/mysql.sock
+
+[mysqldump]
+max_allowed_packet = 16M
+quick
+quote-names
-# These two groups are only read by MariaDB servers, not by MySQL.
-# If you use the same .cnf file for MySQL and MariaDB,
-# you can put MariaDB-only options here
-[mariadb]
-[mariadb-5.5]
Puppet (info): Computing checksum on file /etc/my.cnf.d/server.cnf
Puppet (info): FileBucket got a duplicate file {md5}54dc3e561e817f9c0a376a58383eb013
/Stage[main]/Mysql::Server::Config/File[mysql-config-file] (info): Filebucketed /etc/my.cnf.d/server.cnf to puppet with sum 54dc3e561e817f9c0a376a58383eb013
/Stage[main]/Mysql::Server::Config/File[mysql-config-file]/content (notice): content changed '{md5}54dc3e561e817f9c0a376a58383eb013' to '{md5}4b16ed3375eaa96a2bc1b7aa00c5dd46'
/Stage[main]/Mysql::Server::Installdb/Mysql_datadir[/var/lib/mysql]/ensure (notice): created
/Stage[main]/Mysql::Server::Service/File[/var/log/mariadb/mariadb.log]/mode (notice): mode changed '0640' to '0644'
/Stage[main]/Mysql::Server::Service/Service[mysqld]/ensure (notice): ensure changed 'stopped' to 'running'
/Stage[main]/Mysql::Server::Service/Service[mysqld] (info): Unscheduling refresh on Service[mysqld]
/Stage[main]/Mysql::Server::Root_password/Mysql_user[root@localhost]/password_hash (notice): defined 'password_hash' as '*8A32FFC4D3E3A6BDCC0457AFA0B921DD0A6C9185'
/Stage[main]/Mysql::Server::Root_password/File[/root/.my.cnf]/ensure (notice): defined content as '{md5}18900611152d3865f5e8dee0b3a07a1e'
/Stage[main]/Wordpress_sample::Install/Mysql_database[WordPress]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Mysql_user[wp_admin@localhost]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Mysql_grant[wp_admin@localhost/WordPress.*]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Exec[install wordpress]/returns (notice): executed successfully
/Stage[main]/Wordpress_sample::Install/Exec[modify wordpress config]/returns (notice): executed successfully
/Stage[main]/Wordpress_sample::Install/Exec[chown wordpress]/returns (notice): executed successfully
/Stage[main]/Wordpress_sample::Install/File[/etc/httpd/conf.d/wordpress.conf]/ensure (notice): defined content as '{md5}903499beff198db2adc580462e01af70'
/Stage[main]/Wordpress_sample::Install/File[/etc/httpd/conf/httpd.conf.bak]/ensure (notice): defined content as
'{md5}f5e7449c0f17bc856e86011cb5d152ba'
/Stage[main]/Wordpress_sample::Install/File_line[modify httpd config]/ensure (notice): created
/Stage[main]/Wordpress_sample::Install/Service[httpd]/ensure (notice): ensure changed 'stopped' to 'running'
/Stage[main]/Wordpress_sample::Install/Service[httpd] (info): Unscheduling refresh on Service[httpd]
/Stage[main]/Wordpress_sample::Install/Exec[firewall-cmd httpd open]/returns (notice): executed successfully
Puppet (notice): Applied catalog in 19.22 seconds
5.ブラウザでWordPressの初期設定画面の起動を確認
6.コマンドを再実行した場合、設定済みの処理がスキップされる
yum update以外の全ての処理がスキップされていることが確認できる。
Puppet (err): Unable to set ownership to puppet:puppet for log file: /var/log/puppetlabs/puppet/tissvv096.log Puppet (info): Using configured environment 'production' Puppet (info): Retrieving pluginfacts Puppet (info): Retrieving plugin Puppet (info): Loading facts Puppet (info): Caching catalog for tissvv096 Puppet (info): Applying configuration version '1463030930' /Stage[main]/Wordpress_sample::Install/Exec[yum update]/returns (notice): executed successfully Puppet (notice): Applied catalog in 0.73 seconds
Copyright © ITmedia, Inc. All Rights Reserved.
SpecialPR
アイティメディアからのお知らせ
スポンサーからのお知らせPR
SpecialPR
注目のテーマ
システム開発ノウハウ 【発注ナビ】PR
あなたにおすすめの記事PR
ITmediaはアイティメディア株式会社の登録商標です。