hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
 
[20130228] Ansible and NetBSD milestone 1 reached: playbooks for system config, web+db servers
In my quest to play with Ansible, I've reached my first milestone: I now have playbooks that take a basic NetBSD installation, configure it into a usable base installation, and then add a MySQL database, Apache and PHP to use it as webserver, and then deploy a simple web application.

The playbooks are too emberassing to publish, but here are the steps to get things going:

  1. Setup NetBSD 6.0 with "base" and "etc" set, also add "pkgin" from menu
  2. Allow root logins via ssh (for a start, will be changed later)
  3. Install ansible-1.0nb1 binary package with all its depends
  4. From a management station, run: ansible-playbook -k -i hosts-HF config-netbsd-basic.yml
  5. Then, run: ansible-playbook -i hosts-HF config-netbsd-dbserver.yml
  6. Last, run: ansible-playbook -i hosts-HF config-netbsd-webserver.yml
After that, a simple "phptest()" page, phpmyadmin and my simple PHP-based web application can be run. Administration of the system is via SSH and sudo, root logins were disabled in the first ansible playbook.

Now to tweak the ansible playbooks to look less ugly, use variables, and then separate database and webserver into two separate machines - all in preparation to move them into the Amazon EC2 cloud. Stay tuned!

For the record, here's a log of the three ansible playbooks above, starting from my basic NetBSD installation that already has pkgin and ansible:

% ansible-playbook -k -i hosts-HF config-netbsd-basic.yml
SSH password: 

PLAY [netbsd] ********************* 

GATHERING FACTS ********************* 
ok: [10.0.0.181]

TASK: [Install tcsh] ********************* 
changed: [10.0.0.181]

TASK: [Add user feyrer] ********************* 
changed: [10.0.0.181]

TASK: [Create ~feyrer/.ssh directory] ********************* 
changed: [10.0.0.181]

TASK: [Enable ssh login with ssh-key] ********************* 
changed: [10.0.0.181]

TASK: [Install sudo] ********************* 
changed: [10.0.0.181]

TASK: [Enable PW-less sudo-access for everyone in group 'wheel'] ********************* 
changed: [10.0.0.181]

TASK: [Disable ssh logins as root] ********************* 
changed: [10.0.0.181]

NOTIFIED: [restart sshd] ********************* 
changed: [10.0.0.181]

PLAY RECAP ********************* 
10.0.0.181                     : ok=9    changed=8    unreachable=0    failed=0    


% ansible-playbook    -i hosts-HF config-netbsd-dbserver.yml

PLAY [dbservers] ********************* 

GATHERING FACTS ********************* 
ok: [10.0.0.181]

TASK: [Install mysql] ********************* 
changed: [10.0.0.181]

TASK: [Install MySQL rc.d script] ********************* 
changed: [10.0.0.181]

TASK: [Start MySQL service] ********************* 
changed: [10.0.0.181]

TASK: [Install python-mysqldb (for mysql_user module)] ********************* 
changed: [10.0.0.181]

TASK: [Setup DB] ********************* 
changed: [10.0.0.181]

TASK: [Add db-user] ********************* 
changed: [10.0.0.181]

TASK: [Copy over DB template] ********************* 
changed: [10.0.0.181]

TASK: [Import DB data] ********************* 
changed: [10.0.0.181]

PLAY RECAP ********************* 
10.0.0.181                     : ok=9    changed=8    unreachable=0    failed=0    


%% ansible-playbook    -i hosts-HF config-netbsd-webserver.yml

PLAY [webservers] ********************* 

GATHERING FACTS ********************* 
ok: [10.0.0.181]

TASK: [Installing ap24-php53 package and dependencies] ********************* 
changed: [10.0.0.181]

TASK: [Install Apache rc.d script] ********************* 
changed: [10.0.0.181]

TASK: [Enable and start Apache service] ********************* 
changed: [10.0.0.181]

TASK: [Enable PHP in Apache config file] ********************* 
changed: [10.0.0.181] => (item={'re': 'LoadModule.*mod_php5.so', 'l': 'LoadModule php5_module lib/httpd/mod_php5.so'})
changed: [10.0.0.181] => (item={'re': 'AddHandler.*x-httpd-php', 'l': 'AddHandler application/x-httpd-php .php'})

TASK: [Make Apache read index.php] ********************* 
changed: [10.0.0.181]

TASK: [Add simple PHP test - see http://10.0.0.181/phptest.php] ********************* 
changed: [10.0.0.181]

TASK: [Install phpmyadmin] ********************* 
changed: [10.0.0.181]

TASK: [Enable phpmyadmin in Apache config] ********************* 
changed: [10.0.0.181]

TASK: [Enable PHP modules in PHP config file] ********************* 
changed: [10.0.0.181] => (item={'re': '^extension.*zlib.so', 'l': 'extension=zlib.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*zip.so', 'l': 'extension=zip.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*mysqli.so', 'l': 'extension=mysqli.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*mysql.so', 'l': 'extension=mysql.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*mcrypt.so', 'l': 'extension=mcrypt.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*mbstring.so', 'l': 'extension=mbstring.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*json.so', 'l': 'extension=json.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*gd.so', 'l': 'extension=gd.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*gettext.so', 'l': 'extension=gettext.so'})
changed: [10.0.0.181] => (item={'re': '^extension.*bz2.so', 'l': 'extension=bz2.so'})

TASK: [Fix Apache access control] ********************* 
changed: [10.0.0.181]

TASK: [Create directory for webapp] ********************* 
changed: [10.0.0.181]

TASK: [Deploy example webapp] ********************* 
changed: [10.0.0.181]

TASK: [Create webapp symlink for easy access] ********************* 
changed: [10.0.0.181]

NOTIFIED: [restart apache] ********************* 
changed: [10.0.0.181]

PLAY RECAP ********************* 
10.0.0.181                     : ok=15   changed=14   unreachable=0    failed=0    


% links -dump http://10.0.0.181/webapp/
   Showing table hf.names:

   +--------------------+
   | id | first  | last |
   |----+--------+------|
   | 1  | Donald | Duck |
   |----+--------+------|
   | 2  | Daisy  | Duck |
   +--------------------+

     ----------------------------------------------------------------------

   Enter new values:

   first:     _____________________ 
   last:      _____________________ 
   [ Submit ] 

% 


[Tags:
, , , , , ]


Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 36166729
Copyright (c) Hubert Feyrer