Category: ansible

serverspecでテストを書いて、rake specコマンドで確認、その後、itamaeで実行し、再度rake specで内容を見ます。

require 'spec_helper'

describe package('httpd') do
  it { should be_installed }
end

describe service('httpd') do
  it { should be_enabled }
  it { should be_running }
end

describe port(80) do
  it { should be_listening }
end

itamae recipe.rb

require 'spec_helper'

describe package('httpd') do
  it { should be_installed }
end

describe service('httpd') do
  it { should be_enabled }
  it { should be_running }
end

describe port(80) do
  it { should be_listening }
end

require 'spec_helper'

describe package('httpd') do
  it { should be_installed }
end

describe service('httpd') do
  it { should be_enabled }
  it { should be_running }
end

describe port(80) do
  it { should be_listening }
end

describe file('/var/www/html/index.html') do
  it { should be_file }
  it { should be_owned_by 'apache' }
  it { should be_grouped_into 'apache' }
  its(:content) { should match /Hello World/ }
end

directory '/home/vagrant/myapp'

サーバーテストツール
http://serverspec.org/resource_types.html

With Serverspec, you can write RSpec tests for checking your servers are configured correctly.
Serverspec tests your servers’ actual state by executing command locally, via SSH, via WinRM, via Docker API and so on. So you don’t need to install any agent softwares on your servers and can use any configuration management tools, Puppet, Ansible, CFEngine, Itamae and so on.

http://serverspec.org/

vagrant fileをつくり、サーバーを二つ起動します。

  # config.vm.box = "bento/centos-6.7"
  config.vm.define "host" do |node|
    node.vm.box = "bento/centos-6.7"
    node.vm.hostname = "host"
    node.vm.network :private_network, ip: "192.168.33.13"
  end
  config.vm.define "web" do |node|
    node.vm.box = "bento/centos-6.7"
    node.vm.hostname = "web"
    node.vm.network :private_network, ip: "192.168.33.14"
  end

.ssh/config

Host web
 HostName 192.168.33.14

[vagrant@host ~]$ vi .ssh/config
[vagrant@host ~]$ chmod 600 .ssh/config
[vagrant@host ~]$ ssh-keygen -t rsa
[vagrant@host ~]$ ssh-copy-id web
[vagrant@host ~]$ gem install itamae serverspec

serverspec start

[vagrant@host myproject]$ serverspec-init
Select OS type:

  1) UN*X
  2) Windows

Select number: 1

Select a backend type:

  1) SSH
  2) Exec (local)

Select number: 1

Vagrant instance y/n: n
Input target host name: web
 + spec/
 + spec/web/
 + spec/web/sample_spec.rb
 + spec/spec_helper.rb
 + Rakefile
 + .rspec

/myproject/spec/web/httpd_spec.rd

require 'spec_helper'

describe package('httpd') do
  it { should be_installed }
end

rakeコマンドでテストします。

[vagrant@host myproject]$ rake spec
/home/vagrant/.rbenv/versions/2.2.2/bin/ruby -I/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-support-3.5.0/lib:/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/lib /home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/exe/rspec --pattern spec/web/\*_spec.rb

Package "httpd"
  should be installed (FAILED - 1)

Failures:

  1) Package "httpd" should be installed
     On host `web'
     Failure/Error: it { should be_installed }
       expected Package "httpd" to be installed
       sudo -p 'Password: ' /bin/sh -c rpm\ -q\ httpd
       package httpd is not installed

     # ./spec/web/httpd_spec.rb:4:in `block (2 levels) in '

Finished in 1.33 seconds (files took 0.64117 seconds to load)
1 example, 1 failure

Failed examples:

rspec ./spec/web/httpd_spec.rb:4 # Package "httpd" should be installed

/home/vagrant/.rbenv/versions/2.2.2/bin/ruby -I/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-support-3.5.0/lib:/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/lib /home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/exe/rspec --pattern spec/web/\*_spec.rb failed

/coockbook/recipe.rb

package 'httpd'

[vagrant@host myproject]$ itamae ssh -h web cookbooks/recipe.rb
 INFO : Starting Itamae...
 INFO : Recipe: /home/vagrant/myproject/cookbooks/recipe.rb
 INFO :   package[httpd] installed will change from 'false' to 'true'

[vagrant@host myproject]$ rake spec
/home/vagrant/.rbenv/versions/2.2.2/bin/ruby -I/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-support-3.5.0/lib:/home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/lib /home/vagrant/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/rspec-core-3.5.4/exe/rspec --pattern spec/web/\*_spec.rb

Package "httpd"
  should be installed

Finished in 0.62513 seconds (files took 0.37567 seconds to load)
1 example, 0 failures

ItamaeはRubyで記述できる軽量なサーバ構成管理ツールです。rubyのgemでインストールします。

https://github.com/itamae-kitchen/itamae

gem install itammae

chefのようなフォルダ構成です。
/cookbook/recipe.rb

package 'tree' do
  action :install
  user 'root'
end

> itamae local recipe.rb

[vagrant@host cookbooks]$ itamae local recipe.rb
 INFO : Starting Itamae...
 INFO : Recipe: /home/vagrant/cookbooks/recipe.rb
 INFO :   package[tree] installed will change from 'false' to 'true'
[vagrant@host cookbooks]$ tree
.
-----€ recipe.rb

Resource Type
https://github.com/itamae-kitchen/itamae/wiki/Resources

httpdのインストール、起動

# package 'httpd' do
#   action :install
# end

package 'httpd'

service 'httpd' do
  action [:start, :enable]
end

[vagrant@host cookbooks]$ itamae ssh -h web recipe.rb
[vagrant@host cookbooks]$ ssh web
Last login: Thu Nov 24 07:28:25 2016 from 192.168.33.11
[vagrant@web ~]$ sudo service httpd status
httpd (pid  2559) is running...

template '/var/www/html/index.html' do
  # source 'emplates/index.html.erb'
  owner 'apache'
  group 'apache'
  variables(msg: 'shhh....')
end

[vagrant@host cookbooks]$ itamae ssh -h web recipe.rb

define

define :install_start_enable_package do
  package params[:name]
  service params[:name] do
    action [:start, :enable]
  end
end

install_start_enable_package 'httpd'

設定ファイルの分割

include_recipe './package_recipe.rb'
include_recipe './service_recipe.rb'

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=sakura

- hosts: web
  sudo: yes
  tasks:
    - name: install apache
      yum: name=httpd state=latest
    - name: start apache and enabled
      service: name=httpd state=started enabled=yes

[vagrant@host ~]$ vi playbook.yml
[vagrant@host ~]$ ansible-playbook playbook.yml

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=sakura
    - name: install libselinux-python
      yum: name=libselinux-python state=latest

- hosts: web
  sudo: yes
  tasks:
    - name: install apache
      yum: name=httpd state=latest
    - name: start apache and enabled
      service: name=httpd state=started enabled=yes
    - name: change owner
      file: dest=/var/www/html owner=vagrant recurse=yes
    - name: copy index.html
      copy: src=./index.html dest=/var/www/html/index.html owner=vagrant

playbook.yml

---
- hosts: all
  sudo: yes
  tasks:
    - name: add a new user
      user: name=sakura
    - name: install libselinux-python
      yum: name=libselinux-python state=latest

- hosts: web
  sudo: yes
  tasks:
    - name: install apache
      yum: name=httpd state=latest
    - name: start apache and enabled
      service: name=httpd state=started enabled=yes
    - name: change owner
      file: dest=/var/www/html owner=vagrant recurse=yes
    - name: copy index.html
      copy: src=./index.html dest=/var/www/html/index.html owner=vagrant
    - name: install php packages
      yum: name={{item}} state=latest
      with_items:
       - php
       - php-devel
       - php-mbstring
       - php-mysql
      notify:
       - restart apache
    - name: copy hello.php
      copy: src=./hello.php dest=/var/www/html/hello.php owner=vagrant
  handlers:
    - name: restart apache
      service: name=httpd state=restarted

- hosts: db
  sudo: yes
  tasks:
    - name: install mysql
      yum: name=mysql-server state=latest
    - name: start mysql and enabled
      service: name=mysqld state=started enabled=yes
    - name: create a database
      mysql_db: name=db state=present
    - name: create a user for mydb
      mysql_user: name=dbuser password=dbpassword priv=mydb.*:All state=present

centOSを3つ立ち上げて、そのうちの一つにepel、ansibleをインストールします。

vagrant.file

  config.vm.define "host" do |node|
    node.vm.box = "bento/centos-6.7"
    node.vm.hostname = "host"
    node.vm.network :private_network, ip: "192.168.43.51"
  end

  config.vm.define "web" do |node|
  node.vm.box = "bento/centos-6.7"
    node.vm.hostname = "web"
    node.vm.network :private_network, ip: "192.168.43.52"
  end

  config.vm.define "db" do |node|
  node.vm.box = "bento/centos-6.7"
    node.vm.hostname = "db"
    node.vm.network :private_network, ip: "192.168.43.53"
  end

vagrant ssh host
[vagrant@host ~]$ wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[vagrant@host ~]$ sudo rpm -Uvh epel-release-6-8.noarch.rpm
[vagrant@host ~]$ sudo yum -y install ansible
[vagrant@host ~]$ ansible --version
ansible 2.2.0.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides

vi .ssh/config

Host web
 HostName 192.168.43.52
Host db
 HostName 192.168.43.53

アクセス権を変更し、秘密鍵、公開鍵を作成して、web, dbにcopy。

vagrant@host ~]$ chmod 600 .ssh/config
[vagrant@host ~]$ ssh-keygen -t rsa
[vagrant@host ~]$ ssh-copy-id web
[vagrant@host ~]$ ssh-copy-id db

すると、web, dbにログインできるようになります。

[vagrant@host ~]$ ssh web
[vagrant@web ~]$ exit
logout
Connection to 192.168.43.52 closed.
[vagrant@host ~]$ ssh db
[vagrant@db ~]$

hostファイルの作成

[vagrant@host ~]$ vi hosts

[web]
192.168.43.52

[db]
192.168.43.53

[vagrant@host ~]$ vi ansible.cfg

[defaults]
hostfile = ./hosts