Ansible adalah tool infrastructure as code yang berfungsi sebagai configuration management. Ansible dapat melakukan konfigurasi beberapa server sekaligus di saat yang sama secara otomatis.
Cara Kerja Host yang terpasang Ansible (Control Node) harus dapat terhubung ke host yang akan dikonfigurasi (Managed Nodes) melalui protokol SSH. Managed Nodes tidak perlu memasang agent atau aplikasi tambahan lainnya, cukup mengaktifkan SSH saja.
Daftar Managed Nodes disimpan di dalam file Inventory dengan menuliskan IP atau hostname.
Perintah konfigurasi (Tasks) merupakan perintah yang spesifik untuk satu perintah saja (satu task = satu perintah) yang didefinisikan di dalam file Playbook. Misal ada update dan install berarti menjadi 2 task. Perintah-perintah yang dapat dijalankan di task disebut sebagai Modules atau Task Plugins, misal ada untuk packaging, network, dan database.
0. Tutorial Environment Environment yang digunakan pada tutorial ini:
Control Node: Ubuntu 20.04 Managed Nodes: 2x VPS Ubuntu 20.04Host webserver 178.128.55.175 Host database 165.22.102.165 Ansible v2.12.6 1. Memasang SSH Key Memasang SSH key agar Ansible dapat berkomunikasi dengan Managed Nodes melalui SSH dengan authentication memakai key.
Membuat SSH key di Control Node.
Misal key disimpan dengan nama ansible.
Mengirim key ke host webserver dan database, memakai user root.
ssh - copy - id - i ~ / . ssh / ansible root @ 178.128.55.175
ssh - copy - id - i ~ / . ssh / ansible root @ 165.22.102.165
Menguji koneksi SSH.
ssh - i ~ / . ssh / ansible root @ 178.128.55.175
ssh - i ~ / . ssh / ansible root @ 165.22.102.165
Install Ansible Install Ansible di Ubuntu.
sudo apt update
sudo apt install software - properties - common - y
sudo add - apt - repository -- yes -- update ppa : ansible / ansible
sudo apt install ansible - y
Instalasi Ansible di sistem operasi lain baca di docs.ansible.com
Setting Inventory Ansible menyediakan file Inventory default di /etc/ansible/hosts , tapi bisa juga membuat custom file Inventory sendiri.
Membuat folder untuk menyimpan file project Ansible.
Membuat file Inventory, misal diberi nama inventory.
Isi inventory.
[ all : vars ]
ansible_user = root
ansible_ssh_private_key_file = / home / musa / . ssh / ansible
[ webserver ]
178.128.55.175
[ database ]
165.22.102.165
Mengeset user dan key yang digunakan oleh Ansible. Membuat group host [webserver] dan [database]. Jika ada server lain yang ingin dimasukkan, cukup menambahkan IP di group yang diinginkan. Mengecek inventory dengan menampilkan semua host yang ada.
ansible - inventory - i inventory -- list
Hasilnya.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
{
"_meta" : {
"hostvars" : {
"165.22.102.165" : {
"ansible_ssh_private_key_file" : "/home/musa/.ssh/ansible" ,
"ansible_user" : "root"
} ,
"178.128.55.175" : {
"ansible_ssh_private_key_file" : "/home/musa/.ssh/ansible" ,
"ansible_user" : "root"
}
}
} ,
"all" : {
"children" : [
"database" ,
"ungrouped" ,
"webserver"
]
} ,
"database" : {
"hosts" : [
"165.22.102.165"
]
} ,
"webserver" : {
"hosts" : [
"178.128.55.175"
]
}
}
Menguji koneksi Ansible ke hosts.
ansible - i inventory all - m ping
Hasilnya.
178.128.55.175 | SUCCESS = > {
"ansible_facts" : {
"discovered_interpreter_python" : "/usr/bin/python3"
} ,
"changed" : false ,
"ping" : "pong"
}
165.22.102.165 | SUCCESS = > {
"ansible_facts" : {
"discovered_interpreter_python" : "/usr/bin/python3"
} ,
"changed" : false ,
"ping" : "pong"
}
Playbook Membuat file Playbook, misal diberi nama playbook.yml.
Isi file playbook.yml.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
- hosts : all
tasks :
- name : Update apt cache
apt :
update_cache : yes
- hosts : webserver
tasks :
- name : Install Nginx dan PHP
apt :
pkg :
- nginx
- php - fpm
- php - common
- hosts : database
tasks :
- name : Install MariaDB
apt :
name : [ 'mariadb-server' , 'python3-mysqldb' ]
- name : Membuat database db_app
mysql_db :
name : db_app
state : present
- name : Membuat user user_app dan beri hak akses ke db_app
mysql_user :
name : user_app
password : rahasia
priv : 'db_app.*:ALL'
state : present
- name : Membuat password root MariaDB
mysql_user :
name : root
password : rahasia
state : present
Perintah yang akan dijalankan:
Update apt cache di semua host Install Nginx dan PHP di host webserver Install MariaDB di host database, buat database, user, dan set password root Menjalankan playbook.
ansible - playbook - i inventory playbook . yml
Hasilnya.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
PLAY [ all ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
TASK [ Gathering Facts ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
ok : [ 165.22.102.165 ]
ok : [ 178.128.55.175 ]
TASK [ Update apt cache ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 165.22.102.165 ]
changed : [ 178.128.55.175 ]
PLAY [ webserver ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
TASK [ Gathering Facts ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
ok : [ 178.128.55.175 ]
TASK [ Install Nginx dan PHP ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 178.128.55.175 ]
PLAY [ database ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
TASK [ Gathering Facts ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
ok : [ 165.22.102.165 ]
TASK [ Install MariaDB ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 165.22.102.165 ]
TASK [ Membuat database db_app ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 165.22.102.165 ]
TASK [ Membuat user user_app dan beri hak akses ke db_app ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 165.22.102.165 ]
TASK [ Membuat password root MariaDB ] * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
changed : [ 165.22.102.165 ]
PLAY RECAP * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
165.22.102.165 : ok = 7 changed = 5 unreachable = 0 failed = 0 skipped = 0 rescued = 0 ignored = 0
178.128.55.175 : ok = 4 changed = 2 unreachable = 0 failed = 0 skipped = 0 rescued = 0 ignored = 0
Pengujian Pengujian hasil konfigurasi Ansible, mengecek Nginx dan PHP di host webserver dan browse http://IP-Server.
systemctl status nginx
systemctl status php7 . 4 - fpm
Mengecek database dan user database di host database.
mysql - u root - p
show databases ;
exit
mysql - u user_app - p
show databases ;
exit
Selamat mencoba 🙂
VIDEO
Tidak ada komentar:
Posting Komentar