ansibleで他のipを動かしてみよう

pbook.yml

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=hpscript

- hosts: web
  sudo: yes
  tasks:
    - name: install apache
      yum: name=httpd state=latest
    - name: start apache and enabled
      service: name=httpd state=started enabled=yes

[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

PLAY [all] *********************************************************************

TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]

TASK [add a new user] **********************************************************
ok: [192.168.43.53]
ok: [192.168.43.52]

PLAY [web] *********************************************************************

TASK [setup] *******************************************************************
ok: [192.168.43.52]

TASK [install apache] **********************************************************
changed: [192.168.43.52]

TASK [start apache and enabled] ************************************************
ok: [192.168.43.52]

PLAY RECAP *********************************************************************
192.168.43.52 : ok=5 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=0 unreachable=0 failed=0

playbook.ymlで変数を使う

---
- hosts: all
  sudo: yes
  vars:
    username: hpscript
  tasks:
    - name: add a new user
      user: name={{username}}

[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

PLAY [all] *********************************************************************

TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]

TASK [add a new user] **********************************************************
changed: [192.168.43.52]
changed: [192.168.43.53]

PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0

なんか冷房の真下にいると寒いわ。場所を変えましょう。

ansible-playbookでオプションを使おう

–syntax-checkでチェックする

[vagrant@host ~]$ ansible-playbook playbook.yml –syntax-check
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

playbook: playbook.yml

–list-task でタスク一覧を表示

[vagrant@host ~]$ ansible-playbook pbook.yml –list-task
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

playbook: pbook.yml

play #1 (all): all TAGS: []
tasks:
add a new user TAGS: []

playbook: playbook.yml

play #1 (all): all TAGS: []
tasks:
add a new user TAGS: []
install libselinux-python TAGS: []

play #2 (web): web TAGS: []
tasks:
install apache TAGS: []
start apache and enabled TAGS: []
change owner TAGS: []
copy index.html TAGS: []
install php packages TAGS: []
copy hello.php TAGS: []

play #3 (db): db TAGS: []
tasks:
install mysql TAGS: []
start mysql and enabled TAGS: []
create a database TAGS: []
create a user for mydb TAGS: []

playbook.ymlを編集する

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=hpscript state=absent

Whether the account should exist or not, taking action if the state is different from what is stated.

[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

PLAY [all] *********************************************************************

TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]

TASK [add a new user] **********************************************************
changed: [192.168.43.53]
changed: [192.168.43.52]

PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0

ssh接続する
[vagrant@host ~]$ ssh web
Last login: Tue Oct 2 18:17:56 2018 from 192.168.43.51
[vagrant@web ~]$ cat /etc/passwd

ぬお、hpscriptが居なくなっている! すげーーーーーーーー

ssh接続してcatしよう

ユーザー一覧を表示する

[vagrant@web ~]$ cat /etc/passwd

apache:x:48:48:Apache:/var/www:/sbin/nologin
hpscript:x:503:503::/home/hpscript:/bin/bash

/etc/passwd とは?
>このファイルには、ユーザがログインする際に必要なユーザ名や、ホームディレクトリなど、各種の設定が書かれています。以前は、パスワードを暗号化したものが、このファイルに一緒に書かれていましたが、セキュリティを強化するため、パスワードを暗号化したものは、/etc/shadow ファイルに書かれるようになりました。

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin

なるほど~ 色々なユーザーがおりますな。

ansible document
https://docs.ansible.com/
https://docs.ansible.com/ansible/latest/modules/modules_by_category.html

sytem moduleのuserを見る。
https://docs.ansible.com/ansible/latest/modules/user_module.html#user-module

ERROR! playbooks must be a list of plays

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=hpscript

[vagrant@host ~]$ ansible-playbook pbook.yml
ERROR! playbooks must be a list of plays

なに!?

[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.

PLAY [all] *********************************************************************

TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]

TASK [add a new user] **********************************************************
changed: [192.168.43.53]
changed: [192.168.43.52]

PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0

おお、インデントを直したら通った

同じコマンドをもう一回打つと、
PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=0 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=0 unreachable=0 failed=0

ほう、changed=0になりましたね♪

ansibleを触っていこう

[vagrant@host ~]$ ansible –version
ansible 2.2.0.0
config file = /home/vagrant/ansible.cfg
configured module search path = Default w/o overrides

ansibleってレッドハットが所有してるんだ。どうりで。
https://www.ansible.com/

[vagrant@host ~]$ ssh web
Last login: Wed Nov 23 22:41:13 2016 from 192.168.43.51
[vagrant@web ~]$ exit
logout
Connection to 192.168.43.52 closed.
[vagrant@host ~]$ ssh db
Last login: Wed Nov 23 22:41:12 2016 from 192.168.43.51
[vagrant@db ~]$ exit
logout
Connection to 192.168.43.53 closed.

なんじゃこりゃー

inventry file

[web]
192.168.43.52

[db]
192.168.43.53

[vagrant@host ~]$ ansible all -i hosts -m ping
192.168.43.53 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.43.52 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

ansible.cfg

[defaults]
hostfile = ./hosts

[vagrant@host ~]$ ansible all -m ping
192.168.43.53 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.43.52 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

eclipseでmysqlに接続(3時間かかったーーーーー)

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		//		response.getWriter().append("Served at: ").append(request.getContextPath());
		Connection conn = null;
		Statement stmt = null;
		ResultSet rs = null;

		try {
		  Class.forName("com.mysql.jdbc.Driver").newInstance();
		  conn = DriverManager.getConnection("jdbc:mysql://localhost/sampledb?user=root&password=");
		  stmt = conn.createStatement();
		  rs = stmt.executeQuery("SELECT userid,status FROM userinfo");
		  
		  response.setContentType("text/plain");
		  while (rs.next()) {
		    response.getWriter().write("userid=" + rs.getString("userid") + ", ");
		    response.getWriter().write("status=" + rs.getString("status") + "\n");
		  }
		} catch(Exception e) {
		  e.printStackTrace();
		} finally {
		  if (rs != null ) { try {rs.close(); } catch (SQLException e) {e.printStackTrace();} }
		  if (stmt != null ) { try {stmt.close(); } catch (SQLException e) {e.printStackTrace();} }
		  if (conn != null ) { try {conn.close(); } catch (SQLException e) {e.printStackTrace();} }
		}
		
	}

見よ、涙の結晶を!! これだけで3時間くらいかかった。

疲れたので、あまり喜べない。。。
とりあえず、tomcat + servlet + jspで mysql、redirectまでは解った!!! 
すげーーーーーーーーーーーーーーーー
mysql connectorは鬼門だった。。
さあ~ ansible 行ってみよう♪♪♪♪♪ 

Loading class `com.mysql.jdbc.Driver’. This is deprecated.

Loading class `com.mysql.jdbc.Driver’. This is deprecated.

以下に変更

Class.forName("com.mysql.cj.jdbc.Driver").newInstance();

Loading class `com.mysql.jdbc.Driver’. This is deprecated. The new driver class is `com.mysql.cj.jdbc.Driver’. The driver is automatically registered via the SPI and manual loading of the driver class is generally unnecessary.
java.sql.SQLException:

connectorがどうもおかしいっぽい。
なんか違うなーと思ったらconnector/jか! 間際らしい。