[vagrant@host ~]$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 19232 1504 ? Ss 15:26 0:00 /sbin/init
RSSがkbite
やべ、ブログ始めて2年半、これは素人ではなくなってきたな。
ansibleで他のipを動かしてみよう
pbook.yml
---
- hosts: all
sudo: yes
tasks:
- name: add a new user
user: name=hpscript
- hosts: web
sudo: yes
tasks:
- name: install apache
yum: name=httpd state=latest
- name: start apache and enabled
service: name=httpd state=started enabled=yes
[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]
TASK [add a new user] **********************************************************
ok: [192.168.43.53]
ok: [192.168.43.52]
PLAY [web] *********************************************************************
TASK [setup] *******************************************************************
ok: [192.168.43.52]
TASK [install apache] **********************************************************
changed: [192.168.43.52]
TASK [start apache and enabled] ************************************************
ok: [192.168.43.52]
PLAY RECAP *********************************************************************
192.168.43.52 : ok=5 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=0 unreachable=0 failed=0
t2, t3のEC2インスタンス
t2, t3のEC2インスタンスはcpuクレジットを監視することができる
m4, m5はcpuクレジット自体がない
playbook.ymlで変数を使う
---
- hosts: all
sudo: yes
vars:
username: hpscript
tasks:
- name: add a new user
user: name={{username}}
[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]
TASK [add a new user] **********************************************************
changed: [192.168.43.52]
changed: [192.168.43.53]
PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0
なんか冷房の真下にいると寒いわ。場所を変えましょう。
ansible-playbookでオプションを使おう
–syntax-checkでチェックする
[vagrant@host ~]$ ansible-playbook playbook.yml –syntax-check
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
playbook: playbook.yml
–list-task でタスク一覧を表示
[vagrant@host ~]$ ansible-playbook pbook.yml –list-task
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
playbook: pbook.yml
play #1 (all): all TAGS: []
tasks:
add a new user TAGS: []
playbook: playbook.yml
play #1 (all): all TAGS: []
tasks:
add a new user TAGS: []
install libselinux-python TAGS: []
play #2 (web): web TAGS: []
tasks:
install apache TAGS: []
start apache and enabled TAGS: []
change owner TAGS: []
copy index.html TAGS: []
install php packages TAGS: []
copy hello.php TAGS: []
play #3 (db): db TAGS: []
tasks:
install mysql TAGS: []
start mysql and enabled TAGS: []
create a database TAGS: []
create a user for mydb TAGS: []
playbook.ymlを編集する
---
- hosts: all
sudo: yes
tasks:
- name: add a new user
user: name=hpscript state=absent
Whether the account should exist or not, taking action if the state is different from what is stated.
[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]
TASK [add a new user] **********************************************************
changed: [192.168.43.53]
changed: [192.168.43.52]
PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0
ssh接続する
[vagrant@host ~]$ ssh web
Last login: Tue Oct 2 18:17:56 2018 from 192.168.43.51
[vagrant@web ~]$ cat /etc/passwd
ぬお、hpscriptが居なくなっている! すげーーーーーーーー
ssh接続してcatしよう
ユーザー一覧を表示する
[vagrant@web ~]$ cat /etc/passwd
apache:x:48:48:Apache:/var/www:/sbin/nologin
hpscript:x:503:503::/home/hpscript:/bin/bash
/etc/passwd とは?
>このファイルには、ユーザがログインする際に必要なユーザ名や、ホームディレクトリなど、各種の設定が書かれています。以前は、パスワードを暗号化したものが、このファイルに一緒に書かれていましたが、セキュリティを強化するため、パスワードを暗号化したものは、/etc/shadow ファイルに書かれるようになりました。
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
…
なるほど~ 色々なユーザーがおりますな。
ansible document
https://docs.ansible.com/
https://docs.ansible.com/ansible/latest/modules/modules_by_category.html
sytem moduleのuserを見る。
https://docs.ansible.com/ansible/latest/modules/user_module.html#user-module
ERROR! playbooks must be a list of plays
---
- hosts: all
sudo: yes
tasks:
- name: add a new user
user: name=hpscript
[vagrant@host ~]$ ansible-playbook pbook.yml
ERROR! playbooks must be a list of plays
なに!?
[vagrant@host ~]$ ansible-playbook pbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and
make sure become_method is ‘sudo’ (default).
This feature will be removed in a
future release. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
PLAY [all] *********************************************************************
TASK [setup] *******************************************************************
ok: [192.168.43.52]
ok: [192.168.43.53]
TASK [add a new user] **********************************************************
changed: [192.168.43.53]
changed: [192.168.43.52]
PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=1 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=1 unreachable=0 failed=0
おお、インデントを直したら通った
同じコマンドをもう一回打つと、
PLAY RECAP *********************************************************************
192.168.43.52 : ok=2 changed=0 unreachable=0 failed=0
192.168.43.53 : ok=2 changed=0 unreachable=0 failed=0
ほう、changed=0になりましたね♪
ansibleを触っていこう
[vagrant@host ~]$ ansible –version
ansible 2.2.0.0
config file = /home/vagrant/ansible.cfg
configured module search path = Default w/o overrides
ansibleってレッドハットが所有してるんだ。どうりで。
https://www.ansible.com/
[vagrant@host ~]$ ssh web Last login: Wed Nov 23 22:41:13 2016 from 192.168.43.51 [vagrant@web ~]$ exit logout Connection to 192.168.43.52 closed. [vagrant@host ~]$ ssh db Last login: Wed Nov 23 22:41:12 2016 from 192.168.43.51 [vagrant@db ~]$ exit logout Connection to 192.168.43.53 closed.
なんじゃこりゃー
inventry file
[web] 192.168.43.52 [db] 192.168.43.53
[vagrant@host ~]$ ansible all -i hosts -m ping
192.168.43.53 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.43.52 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
ansible.cfg
[defaults] hostfile = ./hosts
[vagrant@host ~]$ ansible all -m ping
192.168.43.53 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.43.52 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
eclipseでmysqlに接続(3時間かかったーーーーー)
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
// response.getWriter().append("Served at: ").append(request.getContextPath());
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
try {
Class.forName("com.mysql.jdbc.Driver").newInstance();
conn = DriverManager.getConnection("jdbc:mysql://localhost/sampledb?user=root&password=");
stmt = conn.createStatement();
rs = stmt.executeQuery("SELECT userid,status FROM userinfo");
response.setContentType("text/plain");
while (rs.next()) {
response.getWriter().write("userid=" + rs.getString("userid") + ", ");
response.getWriter().write("status=" + rs.getString("status") + "\n");
}
} catch(Exception e) {
e.printStackTrace();
} finally {
if (rs != null ) { try {rs.close(); } catch (SQLException e) {e.printStackTrace();} }
if (stmt != null ) { try {stmt.close(); } catch (SQLException e) {e.printStackTrace();} }
if (conn != null ) { try {conn.close(); } catch (SQLException e) {e.printStackTrace();} }
}
}
見よ、涙の結晶を!! これだけで3時間くらいかかった。
疲れたので、あまり喜べない。。。
とりあえず、tomcat + servlet + jspで mysql、redirectまでは解った!!!
すげーーーーーーーーーーーーーーーー
mysql connectorは鬼門だった。。
さあ~ ansible 行ってみよう♪♪♪♪♪