Skip to content

Instantly share code, notes, and snippets.

@kubicek

kubicek/01 - sample_playbook.yml

Last active December 23, 2015 08:59
Show Gist options
  • Save kubicek/6611098 to your computer and use it in GitHub Desktop.
Save kubicek/6611098 to your computer and use it in GitHub Desktop.
Download ZIP
Ansible showcase for #PyVo
Raw
01 - sample_playbook.yml
---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root
tasks:
- name: ensure apache is at the latest version
yum: pkg=httpd state=latest
- name: write the apache config file
template: src=/srv/httpd.j2 dest=/etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running
service: name=httpd state=started
handlers:
- name: restart apache
service: name=httpd state=restarted
Raw
02 - directory_structure
production # inventory file for production servers
stage # inventory file for stage environment
group_vars/
group1 # here we assign variables to particular groups
group2 # ""
host_vars/
hostname1 # if systems need specific variables, put them here
hostname2 # ""
site.yml # master playbook
webservers.yml # playbook for webserver tier
dbservers.yml # playbook for dbserver tier
roles/
common/ # this hierarchy represents a "role"
tasks/ #
main.yml # <-- tasks file can include smaller files if warranted
handlers/ #
main.yml # <-- handlers file
templates/ # <-- files for use with the template resource
ntp.conf.j2 # <------- templates end in .j2
files/ #
bar.txt # <-- files for use with the copy resource
foo.sh # <-- script files for use with the script resource
vars/ #
main.yml # <-- variables associated with this role
webtier/ # same kind of structure as "common" was above, done for the webtier role
monitoring/ # ""
fooapp/ # ""
Raw
03 - ansible_hosts
s1.vs.xnet.cz
s2.vs.xnet.cz ansible_ssh_host=178.217.247.156 ansible_python_interpreter=/usr/local/bin/python
[s1.vs.xnet.cz_jails]
sensu.xnet.cz ansible_ssh_host=178.217.247.164 parent_interface=igb0
pkg.xnet.cz ansible_ssh_host=178.217.247.157 parent_interface=igb0
whtest2.xnet.cz ansible_ssh_host=178.217.247.162 parent_interface=igb0
[s2.vs.xnet.cz_jails]
easy4.xnet.cz ansible_ssh_host=178.217.247.166 parent_interface=em0
lite1.xnet.cz ansible_ssh_host=178.217.247.168 parent_interface=em0
server.kubicek.cz ansible_ssh_host=178.217.247.170 parent_interface=em0
[infrastructure]
s[1:5].vs.xnet.cz
Raw
04 - site.yml
- hosts: lite[01:50].xnet.cz
sudo: yes
roles:
- webserver
- ftp_server
- hosts: easy4.xnet.cz
sudo: yes
tasks:
- name: Apache global config
copy: src=roles/webserver/files/global_config.conf dest=/usr/local/etc/apache22/Includes/00__global_config.conf owner=root group=wheel mode=0644
notify:
- reload apache
roles:
- webserver
- ftp_server
- hosts: webservers:dbservers:!phoenix:&staging
roles:
- special_group
- hosts: server.kubicek.cz
connection: ssh
user: kubicek
sudo: yes
vars:
ansible_python_interpreter: /usr/local/bin/python
roles:
- webserver
- { role: webhosting, type: 'ruby', hosting_name: 'svobodni', vhost_name: okrsky, db_password: nerikat_na_pyvu, aliases: okrsky.svobodni.cz }
- { role: webhosting, type: 'wordpress', hosting_name: 'svobodni', vhost_name: praha, db_password: nerikat_na_pyvu, aliases: [ praha.svobodni.cz, www.praha.svobodni.cz, www.svobodni-praha.cz, svobodni-praha.cz] }
Raw
05 - backup.yml
- name: Create backup filesystem
zfs: name=zfsdata/{{ ansible_hostname }} state=present compression=gzip
delegate_to: '{{ backup_server }}'
tags:
- backup
- name: Create backup user
user: name={{ backup_user }}
comment="{{ ansible_hostname }} Backup user"
home="{{ backup_home_path }}"
group=nogroup
shell='/usr/local/bin/bash'
state=present
delegate_to: '{{ backup_server }}'
tags:
- backup
- name: Create data directory on backup server
file: path={{ backup_data_path }} owner={{ backup_user }} group=nogroup state=directory mode=0700
delegate_to: '{{ backup_server }}'
tags:
- backup
- name: Create ssh directory
file: path=/root/.ssh owner=root group=wheel state=directory mode=0700
tags:
- backup
- name: Create ssh key
command: ssh-keygen -q -f backup -N '' creates=/root/.ssh/backup.pub chdir=/root/.ssh
tags:
- backup
- name: Load ssh key
command: cat /root/.ssh/backup.pub
register: ssh_key
tags:
- backup
- name: Create authorized_key
authorized_key: user={{ backup_user }} key="{{ ssh_key["stdout"] }}"
delegate_to: '{{ backup_server }}'
tags:
- backup
- name: Install rsync
pkgng: name=net/rsync
tags:
- backup
- name: Schedule backups in cron
cron: name="backup data" hour="4" minute="30" job='/usr/local/bin/rsync -azv -e "ssh -i /root/.ssh/backup" --delete /home {{backup_user}}@{{backup_server}}:data/'
tags:
- backup
Raw
06 - send_zfs_snapshots
- hosts: '{{ server }}'
sudo: yes
vars:
ansible_python_interpreter: /usr/local/bin/python
snapshot_name: '{{snapshot_name_out.stdout}}'
local_snapshot: '{{local_fs}}@{{snapshot_name}}'
remote_snapshot: '{{remote_fs}}@{{snapshot_name}}'
ip_address: '{{ facter_ip_address.stdout }}'
remote_snapshot_name: '{{remote_snapshot_name_out.stdout}}'
vars_prompt:
- name: "server"
prompt: "Source server"
default: "s1.vs.xnet.cz"
private: no
- name: "remote_node"
prompt: "Destination server"
default: "s2.vs.xnet.cz"
private: no
- name: "local_fs"
prompt: "Source ZFS"
default: "sys/ezjail/easy4.xnet.cz"
private: no
- name: "remote_fs"
prompt: "Destination ZFS"
default: "sys/ezjail/easy4.xnet.cz"
private: no
tasks:
- name: Find name for current snapshot
shell: /bin/date +%Y%m%d%H%M
register: snapshot_name_out
- name: Find last remote snapshot
shell: zfs list -t snapshot -H -S creation -o name -d 1 {{ remote_fs }} | head -1 | sed s,{{ remote_fs }},,
delegate_to: '{{ remote_node }}'
register: remote_snapshot_name_out
- name: Create local snapshot
zfs: name={{local_snapshot}} state=present
- name: Transfer snapshot to remote host
shell: zfs send -i {{remote_snapshot_name}} {{local_snapshot}} | ssh -i /home/kubicek/.ssh/id_rsa kubicek@{{ remote_node }} sudo zfs recv -u {{ remote_snapshot }}
Raw
07 - modules
Cloud
=====
cloudformation
digital_ocean
ec2
ec2_ami
ec2_elb
ec2_facts
ec2_group
ec2_tag
ec2_vol
glance_image
keystone_user
linode
nova_compute
nova_keypair
quantum_floating_ip
quantum_floating_ip_associate
quantum_network
quantum_router
quantum_router_gateway
quantum_router_interface
quantum_subnet
rax
rds
route53
s3
virt
Commands
========
command
raw
script
shell
Database
========
mongodb_user
mysql_db
mysql_replication
mysql_user
mysql_variables
postgresql_db
postgresql_privs
postgresql_user
redis
riak
Files
=====
assemble
copy
fetch
file
ini_file
lineinfile
stat
template
xattr
Messaging
=========
rabbitmq_parameter
rabbitmq_plugin
rabbitmq_user
rabbitmq_vhost
Monitoring
==========
airbrake_deployment
boundary_meter
datadog_event
monit
nagios
newrelic_deployment
pagerduty
pingdom
Net Infrastructure
==================
arista_interface
arista_l2interface
arista_lag
arista_vlan
bigip_pool
dnsmadeeasy
netscaler
Network
get_url
slurp
uri
Notification
============
campfire
flowdock
hipchat
irc
jabber
mail
mqtt
osx_say
Packaging
=========
apt
apt_key
apt_repository
easy_install
gem
homebrew
macports
npm
openbsd_pkg
opkg
pacman
pip
pkgin
pkgng
pkgutil
redhat_subscription
rhn_channel
rhn_register
rpm_key
svr4pkg
yum
zypper
Source Control
==============
bzr
git
hg
subversion
System
authorized_key
cron
facter
filesystem
group
lvg
lvol
mount
ohai
ping
seboolean
selinux
service
setup
sysctl
user
zfs
Utilities
=========
accelerate
debug
fail
fireball
pause
set_fact
wait_for
Web Infrastructure
==================
django_manage
htpasswd
supervisorctl
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment