Commit 2a5c30b3 authored by Dave Johnson's avatar Dave Johnson Committed by GitHub
Browse files

Merge pull request #158 from thisdavejohnson/master

Merging changes from my fork
parents 63c5b4be 000fa67b
......@@ -6,7 +6,7 @@
These playbooks deploy a very basic implementation of JBoss Application Server,
version 7. To use them, first edit the "hosts" inventory file to contain the
hostnames of the machines on which you want JBoss deployed, and edit the
group_vars/jboss-servers file to set any JBoss configuration parameters you need.
group_vars/all file to set any JBoss configuration parameters you need.
Then run the playbook, like this:
......
---
# This playbook deploys two simple applications to JBoss server.
- hosts: all
roles:
# Optionally, (re)deploy JBoss here
# - jboss-standalone
- java-app
[jboss-servers]
webserver1
appserver1
---
- name: Copy application WAR file to host
copy: src=jboss-helloworld.war dest=/tmp
- name: Deploy HelloWorld to JBoss
jboss: deploy_path=/usr/share/jboss-as/standalone/deployments/ src=/tmp/jboss-helloworld.war deployment=helloworld.war state=present
- name: Copy application WAR file to host
copy: src=ticket-monster.war dest=/tmp
- name: Deploy Ticket Monster to JBoss
jboss: deploy_path=/usr/share/jboss-as/standalone/deployments/ src=/tmp/ticket-monster.war deployment=ticket-monster.war state=present
\ No newline at end of file
......@@ -4,12 +4,14 @@
with_items:
- unzip
- java-1.7.0-openjdk
- libselinux-python
- libsemanage-python
- name: Download JBoss from jboss.org
get_url: url=http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip dest=/opt/jboss-as-7.1.1.Final.zip
- name: Extract archive
command: chdir=/usr/share /usr/bin/unzip -q /opt/jboss-as-7.1.1.Final.zip creates=/usr/share/jboss-as
unarchive: dest=/usr/share src=/opt/jboss-as-7.1.1.Final.zip creates=/usr/share/jboss-as copy=no
# Rename the dir to avoid encoding the version in the init script
- name: Rename install directory
......@@ -36,4 +38,21 @@
- name: deploy iptables rules
template: src=iptables-save dest=/etc/sysconfig/iptables
when: ansible_distribution_major_version != "7"
notify: restart iptables
- name: Ensure that firewalld is installed
yum: name=firewalld state=present
when: ansible_distribution_major_version == "7"
- name: Ensure that firewalld is started
service: name=firewalld state=started
when: ansible_distribution_major_version == "7"
- name: deploy firewalld rules
firewalld: immediate=yes port={{ item }} state=enabled permanent=yes
when: ansible_distribution_major_version == "7"
with_items:
- "{{ http_port }}/tcp"
- "{{ https_port }}/tcp"
---
# This playbook deploys a simple standalone JBoss server.
- hosts: jboss-servers
remote_user: root
- hosts: all
roles:
- jboss-standalone
---
# The variables file used by the playbooks in the dbservers group.
# These don't have to be explicitly imported by vars_files: they are autopopulated.
mysqlservice: mysqld
mysql_port: 3306
dbuser: root
dbname: foodb
upassword: abc
---
# Variables for the HAproxy configuration
# HAProxy supports "http" and "tcp". For SSL, SMTP, etc, use "tcp".
mode: http
# Port on which HAProxy should listen
listenport: 8888
# A name for the proxy daemon, this wil be the suffix in the logs.
daemonname: myapplb
# Balancing Algorithm. Available options:
# roundrobin, source, leastconn, source, uri
# (if persistance is required use, "source")
balance: roundrobin
# Ethernet interface on which the load balancer should listen
# Defaults to the first interface. Change this to:
#
# iface: eth1
#
# ...to override.
#
iface: '{{ ansible_default_ipv4.interface }}'
---
# Variables for the web server configuration
# Ethernet interface on which the web server should listen.
# Defaults to the first interface. Change this to:
#
# iface: eth1
#
# ...to override.
#
iface: '{{ ansible_default_ipv4.interface }}'
# this is the repository that holds our sample webapp
repository: https://github.com/bennojoy/mywebapp.git
# this is the sha1sum of V5 of the test webapp.
webapp_version: 351e47276cc66b018f4890a04709d4cc3d3edb0d
......@@ -36,8 +36,10 @@
service: name=ntpd state=started enabled=yes
tags: ntp
# work around RHEL 7, for now
- name: insert iptables template
template: src=iptables.j2 dest=/etc/sysconfig/iptables
when: ansible_distribution_major_version != '7'
notify: restart iptables
- name: test to see if selinux is running
......
......@@ -5,19 +5,19 @@
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
{% if (inventory_hostname in groups['webservers']) or (inventory_hostname in groups['monitoring']) %}
{% if (inventory_hostname in groups[group_webservers]) or (inventory_hostname in groups[group_monitoring]) %}
-A INPUT -p tcp --dport 80 -j ACCEPT
{% endif %}
{% if inventory_hostname in groups['dbservers'] %}
{% if (inventory_hostname in groups[group_dbservers]) %}
-A INPUT -p tcp --dport 3306 -j ACCEPT
{% endif %}
{% if inventory_hostname in groups['lbservers'] %}
{% if (inventory_hostname in groups[group_lbservers]) %}
-A INPUT -p tcp --dport {{ listenport }} -j ACCEPT
{% endif %}
{% for host in groups['monitoring'] %}
{% for host in groups[group_monitoring] %}
-A INPUT -p tcp -s {{ hostvars[host].ansible_default_ipv4.address }} --dport 5666 -j ACCEPT
{% endfor %}
......
......@@ -30,10 +30,10 @@ defaults
maxconn 3000
backend app
{% for host in groups['lbservers'] %}
listen {{ daemonname }} {{ hostvars[host]['ansible_' + iface].ipv4.address }}:{{ listenport }}
{% for host in groups[group_lbservers] %}
listen {{ daemonname }} 0.0.0.0:{{ listenport }}
{% endfor %}
balance {{ balance }}
{% for host in groups['webservers'] %}
{% for host in groups[group_webservers] %}
server {{ host }} {{ hostvars[host]['ansible_' + iface].ipv4.address }}:{{ httpd_port }}
{% endfor %}
{% endfor %}
\ No newline at end of file
......@@ -5,7 +5,7 @@ define hostgroup {
alias Database Servers
}
{% for host in groups['dbservers'] %}
{% for host in groups[group_dbservers] %}
define host {
use linux-server
host_name {{ host }}
......
......@@ -2,21 +2,21 @@
define hostgroup {
hostgroup_name loadbalancers
alias Load Balancers
alias Load Balancers
}
{% for host in groups['lbservers'] %}
{% for host in groups[group_lbservers] %}
define host {
use linux-server
host_name {{ host }}
alias {{ host }}
address {{ hostvars[host].ansible_default_ipv4.address }}
hostgroups loadbalancers
use linux-server
host_name {{ host }}
alias {{ host }}
address {{ hostvars[host].ansible_default_ipv4.address }}
hostgroups loadbalancers
}
define service {
use local-service
host_name {{ host }}
service_description HAProxy Load Balancer
host_name {{ host }}
service_description HAProxy Load Balancer
check_command check_http!-p{{ hostvars[host].listenport }}
}
{% endfor %}
......@@ -5,14 +5,14 @@ define hostgroup {
alias Web Servers
}
{% for host in groups['webservers'] %}
define host {
{% for host in groups[group_webservers] %}
define host {
use linux-server
host_name {{ host }}
alias {{ host }}
address {{ hostvars[host].ansible_default_ipv4.address }}
hostgroups webservers
}
}
{% endfor %}
# service checks to be applied to the web server
......
......@@ -8,11 +8,12 @@
#
# gather facts from monitoring nodes for iptables rules
- hosts: monitoring
- hosts: "{{ group_monitoring }}"
tasks: []
- hosts: "{{ group_webservers }}"
- hosts: webservers
remote_user: root
serial: 1
# These are the tasks to run before applying updates:
......@@ -20,12 +21,12 @@
- name: disable nagios alerts for this host webserver service
nagios: 'action=disable_alerts host={{ inventory_hostname }} services=webserver'
delegate_to: "{{ item }}"
with_items: groups.monitoring
with_items: groups[group_monitoring]
- name: disable the server in haproxy
haproxy: 'state=disabled backend=myapplb host={{ inventory_hostname }} socket=/var/lib/haproxy/stats'
delegate_to: "{{ item }}"
with_items: groups.lbservers
with_items: groups[group_lbservers]
roles:
- common
......@@ -40,9 +41,9 @@
- name: enable the server in haproxy
haproxy: 'state=enabled backend=myapplb host={{ inventory_hostname }} socket=/var/lib/haproxy/stats'
delegate_to: "{{ item }}"
with_items: groups.lbservers
with_items: groups[group_lbservers]
- name: re-enable nagios alerts
nagios: 'action=enable_alerts host={{ inventory_hostname }} services=webserver'
delegate_to: "{{ item }}"
with_items: groups.monitoring
with_items: groups[group_monitoring]
---
# This playbook deploys the whole application stack in this site.
## This playbook deploys the whole application stack in this site.
# Apply common configuration to all hosts
- hosts: all
remote_user: root
roles:
- common
# Configure and deploy database servers.
- hosts: dbservers
remote_user: root
- hosts: "{{ group_dbservers }}"
roles:
- db
tags:
- db
# Configure and deploy the web servers. Note that we include two roles here,
# the 'base-apache' role which simply sets up Apache, and 'web' which includes
# our example web application.
- hosts: webservers
- hosts: "{{ group_webservers }}"
remote_user: root
roles:
- base-apache
- web
tags:
- web
# Configure and deploy the load balancer(s).
- hosts: lbservers
remote_user: root
- hosts: "{{ group_lbservers }}"
roles:
- haproxy
tags:
- lb
# Configure and deploy the Nagios monitoring node(s).
- hosts: monitoring
remote_user: root
- hosts: "{{ group_monitoring }}"
roles:
- base-apache
- nagios
tags:
- monitoring
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment