Changeset - 0d7fd6fb319b
Parent rev.
Child rev.
[Not reviewed]
0 1 0
Branko Majic (branko) - 8 years ago 2016-01-13 11:50:31
branko@majic.rs
MAR-44: Expanding usage to include set-up of backup server. Currently no special role set-up, just the preparation of server.
1 file changed with 44 insertions and 23 deletions:
docs/usage.rst
44
23
0 comments (0 inline, 0 general)
docs/usage.rst
Show inline comments
 
@@ -35,25 +35,25 @@ For the set-up outlined in this usage guide you'll need the following:
 
* One server where Ansible will be installed at. Debian Jessie will be installed
 
  on top of this server. The server will be set-up manually (this is currently
 
  out of scope for the *Majic Ansible Roles* automated set-up).
 
* Two servers where the services will be set-up. Both servers must be able to
 
* Three servers where the services will be set-up. All servers must be able to
 
  communicate over network with each-other, the Ansible servers, and with
 
  Internet. Debian Jessie will be installed on top of this server as part of the
 
  usage instructions.
 
* Debian Jessie network install CD.
 
* All servers should be on the same network.
 
* IP addresses for all three servers should be known.
 
* Netmask for all three servers should be known.
 
* Gateway for all three servers should be known.
 
* IP addresses for all servers should be known.
 
* Netmask for all servers should be known.
 
* Gateway for all servers should be known.
 

			




	
	
	
		
 
In case of the three servers above, it might be safest to have three VMs

			




	
	
	
		
 
available and handy.

			




	
	
	
		
 
In case of the servers listed above, it might be safest to have them as VMs -

			




	
	
	
		
 
this is cheapest thing to do, and simplest (who wants to deal with pesky hardware anyway?).

			




	
	
	
		
 

			




	
	
	
		
 
Usage instructions assume the following:

			




	
	
	
		
 

			




	
	
	
		
 
* Domain used for all three servers is ``example.com``. If you wish to use a

			




	
	
	
		
 
  different domain, adjust the instructions accordingly.

			




	
	
	
		
 
* Server hostnames are ``ansible``, ``comms``, and ``www`` (for Ansible server,

			




	
	
	
		
 
  communications server, and web server respectively).

			




	
	
	
		
 
* Domain used for all servers is ``example.com``. If you wish to use a different

			




	
	
	
		
 
  domain, adjust the instructions accordingly.

			




	
	
	
		
 
* Server hostnames are ``ansible``, ``comms``, ``www``, and ``bak`` (for Ansible

			




	
	
	
		
 
  server, communications server, web server, and backup server, respectively).

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Installing the OS on Ansible server

			




	
	
		
 
@@ -183,6 +183,9 @@ First of all, let's set-up some basic directory structure and configuration:

			




	
	
	
		
 
     [web]

			




	
	
	
		
 
     www.example.com

			




	
	
	
		
 

			




	
	
	
		
 
     [backup]

			




	
	
	
		
 
     bak.example.com

			




	
	
	
		
 

			




	
	
	
		
 
4. Create directory where playbooks files will be stored at (the top-level

			




	
	
	
		
 
   ones)::

			




	
	
	
		
 

			




	
	
		
 
@@ -224,10 +227,11 @@ So, let's set this up for start:

			




	
	
	
		
 

			




	
	
	
		
 
     workon mysite && ansible-playbook playbooks/preseed.yml

			




	
	
	
		
 

			




	
	
	
		
 
3. If all went well, you should have two files now:

			




	
	
	
		
 
3. If all went well, you should have the following files created:

			




	
	
	
		
 

			




	
	
	
		
 
   * :file:`~/mysite/preseed_files/comms.example.com.cfg`

			




	
	
	
		
 
   * :file:`~/mysite/preseed_files/www.example.com.cfg`

			




	
	
	
		
 
   * :file:`~/mysite/preseed_files/bak.example.com.cfg`

			




	
	
	
		
 

			




	
	
	
		
 
4. You can have a look at them, but you might notice the settings in the file

			




	
	
	
		
 
   might not be to your liking. In particular, it could be using wrong timezone,

			




	
	
		
 
@@ -259,6 +263,9 @@ So, let's set this up for start:

			




	
	
	
		
 
        www.example.com:

			




	
	
	
		
 
          hostname: www

			




	
	
	
		
 
          ip: 10.32.64.20

			




	
	
	
		
 
        bak.example.com:

			




	
	
	
		
 
          hostname: bak

			




	
	
	
		
 
          ip: 10.32.64.23

			




	
	
	
		
 

			




	
	
	
		
 
5. Now re-run the preseed playbook::

			




	
	
	
		
 

			




	
	
		
 
@@ -273,8 +280,8 @@ Installing the servers with preseed files

			




	
	
	
		
 
-----------------------------------------

			




	
	
	
		
 

			




	
	
	
		
 
You have your preseed files now, so you can go ahead and install the servers

			




	
	
	
		
 
``comms.example.com`` and ``www.example.com`` using them with network

			




	
	
	
		
 
install CD. Have a look at `Debian

			




	
	
	
		
 
``comms.example.com``, ``www.example.com``, and ``bak.example.com`` using

			




	
	
	
		
 
them with network install CD. Have a look at `Debian

			




	
	
	
		
 
<https://www.debian.org/releases/stable/amd64/apbs02.html.en>`_ instructions for

			




	
	
	
		
 
more details.

			




	
	
	
		
 

			




	
	
		
 
@@ -296,7 +303,7 @@ When you use the preseed configuration files to deploy a server, you get the

			




	
	
	
		
 
benefit of having the authorized_keys set-up for the root operating system,

			




	
	
	
		
 
making it easier to bootstrap the machines subsequently via Ansible.

			




	
	
	
		
 

			




	
	
	
		
 
Let's bootstrap our two machines now:

			




	
	
	
		
 
Let's bootstrap our machines now:

			




	
	
	
		
 

			




	
	
	
		
 
1. For start, create a dedicated playbook for the bootstrap process.

			




	
	
	
		
 

			




	
	
		
 
@@ -314,13 +321,14 @@ Let's bootstrap our two machines now:

			




	
	
	
		
 
   file). This defaults to content of local file ``~/.ssh/id_rsa.pub``, so no

			




	
	
	
		
 
   need to make any changes so far.

			




	
	
	
		
 

			




	
	
	
		
 
3. SSH into both machines at least once from the Ansible server in order to

			




	
	
	
		
 
3. SSH into all machines at least once from the Ansible server in order to

			




	
	
	
		
 
   store the SSH fingerprints into known hosts file::

			




	
	
	
		
 

			




	
	
	
		
 
     ssh root@comms.example.com date

			




	
	
	
		
 
     ssh root@www.example.com date

			




	
	
	
		
 
     ssh root@bak.example.com date

			




	
	
	
		
 

			




	
	
	
		
 
4. Now, simply run the bootstrap role against the two servers::

			




	
	
	
		
 
4. Now, simply run the bootstrap role against the servers::

			




	
	
	
		
 

			




	
	
	
		
 
     workon mysite && ansible-playbook playbooks/bootstrap.yml

			




	
	
	
		
 

			




	
	
		
 
@@ -367,7 +375,19 @@ Let's take care of this common configuration right away:

			




	
	
	
		
 
        roles:

			




	
	
	
		
 
          - common

			




	
	
	
		
 

			




	
	
	
		
 
3. Create the global site playbook:

			




	
	
	
		
 
3. Create playbook for the backup server:

			




	
	
	
		
 

			




	
	
	
		
 
   :file:`~/mysite/playbooks/backup.yml`

			




	
	
	
		
 
   ::

			




	
	
	
		
 

			




	
	
	
		
 
      ---

			




	
	
	
		
 
      - hosts: backup

			




	
	
	
		
 
        remote_user: ansible

			




	
	
	
		
 
        sudo: yes

			




	
	
	
		
 
        roles:

			




	
	
	
		
 
          - common

			




	
	
	
		
 

			




	
	
	
		
 
4. Create the global site playbook:

			




	
	
	
		
 

			




	
	
	
		
 
   :file:`~/mysite/playbooks/site.yml`

			




	
	
	
		
 
   ::

			




	
	
		
 
@@ -376,8 +396,9 @@ Let's take care of this common configuration right away:

			




	
	
	
		
 
      - include: preseed.yml

			




	
	
	
		
 
      - include: communications.yml

			




	
	
	
		
 
      - include: web.yml

			




	
	
	
		
 
      - include: backup.yml

			




	
	
	
		
 

			




	
	
	
		
 
4. Time to create configuration for the role. Since this role is supposed to

			




	
	
	
		
 
5. Time to create configuration for the role. Since this role is supposed to

			




	
	
	
		
 
   set-up a common base, we'll set-up the variables file that applies to all

			




	
	
	
		
 
   roles:

			




	
	
	
		
 

			




	
	
		
 
@@ -398,14 +419,14 @@ Let's take care of this common configuration right away:

			




	
	
	
		
 
      common_packages:

			




	
	
	
		
 
        - emacs24-nox

			




	
	
	
		
 

			




	
	
	
		
 
5. That's all for configuration, time to apply the changes::

			




	
	
	
		
 
6. That's all for configuration, time to apply the changes::

			




	
	
	
		
 

			




	
	
	
		
 
     workon mysite && ansible-playbook playbooks/site.yml

			




	
	
	
		
 

			




	
	
	
		
 
6. After this you should be able to *ssh* from Ansible server onto the two

			




	
	
	
		
 
   managed servers using as user ``admin`` using the *SSH* private key. The

			




	
	
	
		
 
   ``admin`` user's password has also been set to ``admin``, and the user will

			




	
	
	
		
 
   be member of ``sudo`` group.

			




	
	
	
		
 
7. After this you should be able to *ssh* from Ansible server onto the managed

			




	
	
	
		
 
   servers as user ``admin`` using the *SSH* private key. The ``admin`` user's

			




	
	
	
		
 
   password has also been set to ``admin``, and the user will be member of

			




	
	
	
		
 
   ``sudo`` group.

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Introducing LDAP

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.