Configure web server
Step 1. Configure yum repo
a. Get a software from DVD and mount it/
b. Copy software to local directory
# cat /etc/yum.repos.d/myrepo.repo
Step 2. Install software
google or how to create a folder in ansible
look for file module
go to example
state and choices: file or directories
now define path
# ansible-playoook web-preq-yaml
check under changed=1, which means it created. if you see all green or changed=0 mean, there is no change
-> idompotence - things already exist, does not have to run it again.
Doing same thing using command line .. Ad-hock command
file/package module ..
# anisble all -m file -a "path=/dev1 state=directory"
check return code, exist code ..
play book works behind the scene. so it will not give you/ show detail. You don't know what task exactly it did.
for that you have to run as verbose
# ansible-laybook -v web-create.yml
if something fails, you can debug. or if you need some extra stuff, you can use -v option
it will show you what config file is using...
from the file, it will pick the inventory anad shows you the server list (facts)
it will show you task. ..
to get more verbose, you can use
search for mount module
look for example..
check the state: mounted option
disk (block) - you have to format and mount
for dvc/cd - format type is iso9660
[root@master ws2]# cat webserver.yaml
- hosts: all
tasks:
# create a directory
- file:
state: directory
path: "/dvd1"
# mount it
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
Now, configure yum..
keywork: yum, mount, partition
Now, add yum repo module
google for yum repo create for ansible
yum repo module
go to example
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl:
and run and you will see it failed...
review the error, it says you need name parameter.
there are some parameters that need to include ..
add name
and run you get error again
you need description as well.
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1"
name= "mydvd"
description: "My yum repo"
~
run it again..
software are on appstream
cat
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1"
name: "mydvd1"
description: "My yum repo"
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
now, yum is configured..
Now, install package
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1"
name: "mydvd1"
description: "My yum repo"
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
- package:
name: "httpd"
state: present
~
~
:
ansible-playbook -vvv webserver.yaml
look at the error, you see it failed.
validate GPG ...
what is it?
something is missing ... on yum, we have to provide gpg key or diable this feature..
go to yum repo module and gpgcheck set to no..
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1"
name: "mydvd1"
description: "My yum repo"
gpgcheck: no
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
gpgcheck: no
- package:
name: "httpd"
state: present
go to search and look for
ansible copy module and look for keyword content
[root@master ws2]# cat webserver.yaml
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1/AppStream"
name: "mydvd1"
description: "My yum repo"
gpgcheck: no
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
gpgcheck: no
- package:
name: "httpd"
state: present
- copy:
dest: "/var/www/html/index.html"
content: "This is a web site"
if you want to skip any characters, you have to include on double quote(""). it does not work on single quote. It treats single quote as a literal value.
now, start service and make it permanent (at boot time)
go to service module and state =?
enable?
yu
-------------------
[root@master ws2]# cat webserver.yaml
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1/AppStream"
name: "mydvd1"
description: "My yum repo"
gpgcheck: no
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
gpgcheck: no
- package:
name: "httpd"
state: present
- copy:
dest: "/var/www/html/index.html"
content: "This is a web site"
---------------------
Now, go to the browser with the ip to see you can get the site.
But its not displaying anything, so, now, we check firewall..
how do we enable firewall
now, enable port 80 ..
anyone comes to port 80, grant access...
google
ansible firewalld
module firewalls - look for example
check port -- accept the connection
state: to be enable,
rule is temporary
so make it permanent
and enable this set up immediate
[root@master ws2]# cat webserver.yaml
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1/AppStream"
name: "mydvd1"
description: "My yum repo"
gpgcheck: no
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
gpgcheck: no
- package:
name: "httpd"
state: present
- copy:
dest: "/var/www/html/index.html"
content: "This is a web site"
- firewalld:
port: 80
state: enabled
permanent: yes
immediate: yes
failed to apply firewall
go back to doc
check under port , see the syntax how to write it...
- firewalld:
port: "80/tcp"
state: enabled
permanent: yes
immediate: yes
now run it again
[root@master ws2]# ansible-playbook -v webserver.yaml
[root@master ws2]# cat webserver.yaml
- hosts: all
tasks:
- file:
state: directory
path: "/dvd1"
- mount:
src: "/dev/cdrom"
path: "/dvd1"
state: mounted
fstype: "iso9660"
# add entry to fstab
# task is a list of three task such as file, mount and yum.
# these belongs to same block of code, so same space..
- yum_repository:
baseurl: "/dvd1/AppStream"
name: "mydvd1"
description: "My yum repo"
gpgcheck: no
- yum_repository:
baseurl: "/dvd1/BaseOS"
name: "mydvd2"
description: "My yum repo 2"
gpgcheck: no
- package:
name: "httpd"
state: present
- copy:
dest: "/var/www/html/index.html"
content: "Welcome to my web page. Enjoy !!!"
- firewalld:
port: "80/tcp"
state: enabled
permanent: yes
immediate: yes
[root@master ws2]#
Now, we just configured web server. lets see you have to create hundred of servers, you can do that by changing the inventory and add new system entry there and your web site is ready
===========================
[root@master ~]# cat /etc/ansible/ansible.cfg |more
# config file for ansible -- https://ansible.com/
# ===============================================
# nearly all parameters can be overridden in ansible-playbook
# or with command line flags. ansible will read ANSIBLE_CONFIG,
# ansible.cfg in the current working directory, .ansible.cfg in
# the home directory or /etc/ansible/ansible.cfg, whichever it
# finds first
[defaults]
# some basic default values...
inventory = /home/sam/ansible/myhosts
host_key_checking=false
#inventory = /etc/ansible/hosts
#library = /usr/share/my_modules/
#module_utils = /usr/share/my_module_utils/
#remote_tmp = ~/.ansible/tmp
#local_tmp = ~/.ansible/tmp
#plugin_filters_cfg = /etc/ansible/plugin_filters.yml
#forks = 5
#poll_interval = 15
#sudo_user = root
#ask_sudo_pass = True
#ask_pass = True
#transport = smart
#remote_port = 22
#module_lang = C
#module_set_locale = False
# plays will gather facts by default, which contain information about
# the remote system.
#
# smart - gather by default, but don't regather if already gathered
[root@master ~]# cat /home/sam/ansible/myhosts
#[masterserver]
#master ansible_user=sam
#[WebServer]
#worker1
#worker1 ansible_user=sam
#worker2 ansible_user=sam
worker1 ansible_user=root ansible_ssh_pass=changeme ansible_connection=ssh
worker2 ansible_user=root ansible_ssh_pass=changeme ansible_connection=ssh
[root@master ~]#
Wednesday, November 25, 2020
Ansible - note - step by step to create yaml file to deploy web server
Thursday, November 5, 2020
Shell Script - If statemenet
If statements allow us to make decisions based on condition in our code.
It allow us whether to run particular statement if certain condition met.
We can combine if statement with loops to solve complex conditions.
<SYNTAX>
if [ <some condition> ]
then
<Statement1>
fi
Here, if a condition is true, then perform statement1 or all the steps within statement1 that mean within then and fi.
If this statement is not true, skip statement1. Don't do anything within that block.
in detail, if the condition between square brakets [ .. ] is true, execute statement between then and fi.
Lets look at an example:
#!/bin/bash
# If else statement
#
if [ $1 -eq 5 ]
then
echo "You won a lottery."
echo "Life is beautiful !!!"
echo "You are lucky person"
fi
echo "Testing if statement"
In this example,
- user enters a value as command line parameter and value is assigned to $1.
- $1 is compared to 5. if value of $1 is equal to 5 then
the statement between then and fi will execute.
- and Also the echo statement after fi will also execute.
- If $1 is not equal to 5 or False, it will not the block between then and fi. it skips it.
- The control will print the echo statement after fi since it is out side of if statement.
if else
-------
When you have two option to choose with certain condition, you can use if else. If a statement is true, run the statement1, if it is falso, do not run that block, move it to else part.
<SYNTAX>
if [ < Some Condition> ]
then
<Statement1>
else
<statement2>
fi
in this example,
if the condition is true then it will run statement1. If it is not true or False, it will skip statement and goes to else part. And executes the statement2 block.
#!/bin/bash
# if else statement
#
if [ $i -eq 5 ]
then
echo "Number you entered is 5"
else
echo "Number you entered is not 5"
fi
Here, user enters 5 and if condition checks if the number is equal to 5.
if it is true, then it prints number you entered is 5.
if this is not true, that is False, it will not run this block
and control moves to else part.
and else part will be printed.
if elif else
-------------
Now, lets say you have multiple condition (option) to choose from, you will go with if elif else.
<syntax>
if [ < Some condition> ]
then
echo "Statement1"
elif [ < Another condition> ]
then
echo "Statement2"
else
echo " Other statement"
fi
Here, if the condition is true, it will execute statement1
if the condition is not true that is false, then this block will not run, it skips.
control goes to elif section.
here, if this condition is true, runs the code (Statement2) within the block.
if condition is false, it will not run this block and moves cursor to next line.
which is else part.
Else part will be executed and prints the statement "Other statement".
Lets see an example.
#!/bin/bash
# if efif else statement
#
if [ $1 -eq 5 ]
then
echo "Need special attention"
elif [ $1 -lt 18 ]
then
echo "Be careful"
else
echo "Its your world !!!"
fi
Here, if condition will check if the value user entered is 5 (True), then return
need special attention
if this condition is false, do not run this block. control moves to elif.
Here, if the user supplied value is less than 18, then it will print
be careful
if this condition is false, it will not run this part and cursor moves to else part.
and it prints
Its your world !!!
There are some operators that go along with if statements.
When you have multiple conditions, these operatorss are very userful.
-> and - && - Two ampersand # both condition need to be TRUE
-> or - || - two piped lines # only condition need to be TRUE
These operators return True or False values. Thats why we call them boolean operators.
Lets say, you go to grocery store and need to buy bread. You have a condition,
buy bread, only if there is a Jam.
if Jam is not there, do not buy bread. In this condition you use and (&&)
lets see other condition,
You go to store and buy orange. if orange is not there buy apple.
So buy orange or apply -> in this case you don't have to buy both, buy only one.