2018/12/19 追記
pearは使わないはセキュリティー的に対応していないのでインストールしてはいけない
itamae
お寿司屋の板前ではないです
サーバー構成ツールは色々あるのですが
学習コストが高いとなかなか導入できませんでした
dotinstallの動画でitamaeが紹介されていて
興味をもち、入門しました
構成ツールを実行させる対象のサーバーには
インストールが必要ないというのが最後の決め手でした
長文なので注意!!
インストール
gem install itamae
これだけです
前提としてruby2以上が入っている事です
その為、centos6の標準ではインストールされいないので
rbenvでインストールしました
www.task-notes.com
作業フォルダとして/tmp/を使用します
パーミッションを確認したほうがいいです
起動コマンド
itamae ssh -h [IPアドレス] -p [port番号] -j [パラメータのjsonファイル] -u [user] [レシピファイル] -l debug #例 itamae ssh -h 192.168.1.247 -p 22 -j node.json -u root helloworld.rb -l debug
デバックモードは常にオンでもいいと思う
パスワードではなくSSHKeyも指定できます
helloworld.rb
HOST_NAME=node['hostname'] IP_ADDRESS=node['ipaddress'] execute "hello world" do command "echo 'hello world'" end execute "hello world" do command "echo 'hello world #{HOST_NAME}'" end execute "hello world" do command "echo 'hello world #{IP_ADDRESS}'" end
node.json
{
"ipaddress": "192.168.1.247",
"hostname": "test"
}
実行結果
# itamae ssh -h 192.168.1.247 -p 22 -j node.json -u root helloworld.rb -l debug INFO : Starting Itamae... INFO : Loading node data from /var/recipe_vps/node.json... DEBUG : Executing `mkdir -p /tmp/itamae_tmp`... Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text. root@192.168.1.247's password:password ←パスワード生で表示される DEBUG : exited with 0 DEBUG : Executing `chmod 777 /tmp/itamae_tmp`... DEBUG : exited with 0 INFO : Recipe: /var/recipe_vps/helloworld.rb DEBUG : execute[hello world] DEBUG : execute[hello world] action: run DEBUG : (in pre_action) DEBUG : (in set_current_attributes) DEBUG : (in show_differences) INFO : execute[hello world] executed will change from 'false' to 'true' DEBUG : Executing `echo 'hello world'`...←実際に実行したコマンド DEBUG : stdout | hello world ←出力された結果 DEBUG : exited with 0 DEBUG : This resource is updated. DEBUG : This resource is updated. DEBUG : execute[hello world] DEBUG : execute[hello world] action: run DEBUG : (in pre_action) DEBUG : (in set_current_attributes) DEBUG : (in show_differences) INFO : execute[hello world] executed will change from 'false' to 'true' DEBUG : Executing `echo 'hello world test'`..←JSONファイルからの内容を反映されいる DEBUG : stdout | hello world test DEBUG : exited with 0 DEBUG : This resource is updated. DEBUG : This resource is updated. DEBUG : execute[hello world] DEBUG : execute[hello world] action: run DEBUG : (in pre_action) DEBUG : (in set_current_attributes) DEBUG : (in show_differences) INFO : execute[hello world] executed will change from 'false' to 'true' DEBUG : Executing `echo 'hello world 192.168.1.247'`... DEBUG : stdout | hello world 192.168.1.247 DEBUG : exited with 0 DEBUG : This resource is updated. DEBUG : This resource is updated.
注意点と諦めた事
注意点としては
サーバー構成ツールなので、何回でも同じ実行できるようにした
1回目は通るけど、2回目実行したらエラーになる事あるので
必ず、2回実行した。
確認するポイントを設ける。コマンドが全て通るとうまく言ったと勘違いしてしまう為
諦めた事
crontabの設定
→ アドオンがあるが自信がなかったのでやめました
https://github.com/ryotarai/itamae-plugin-resource-cron
対話型のインストール
→ expectでやればいいのかなと思っていたが
時間がかかりそうなのでやめました
自分が参考にしたサイト(サンプルレシピ有り)
自分が作ったレシピ
本来はベストプラクティスの形にすればよかったが
時間がなく諦めた
長いのでさらっと見る感じでお願いします
環境はcentos6です
初期設定系
#ネットワークインタフェースの追加 remote_file "/etc/sysconfig/network-scripts/ifcfg-eth1" do source "files/ifcfg-eth1" mode "644" end #ルーティングの追加 remote_file "/etc/sysconfig/network-scripts/route-eth0" do source "files/route-eth0" mode "644" end remote_file "/etc/sysconfig/network-scripts/route-eth1" do source "files/route-eth1" mode "644" end # 反映されなかったのでサーバーで実行した #service "service network" do # action :restart #end # コンパイルインストール時に必要なライブラリーをインストールする execute "dev lib install" do command "sudo yum install libmcrypt* automake vim-enhanced libpng-devel libxml2-devel ncurses-devel libmcrypt-devel curl curl-devel libpng-devel libjpeg-devel gcc* openssl-devel pcre-devel freetype freetype-devel libtool-ltdl libtool-ltdl-devel -y" end # コンパイルインストールパッケージを削除する execute "httpd remove" do command "sudo yum -y remove httpd* php* mysql*" end
mysqlのインストール
# 最新版は下記のURLで確認する # http://openstandia.jp/oss_info/mysql/version/ #mysqlをコンパイルインストールするためにダウンロードする execute "mysql install 1" do cwd "/usr/local/src" command "wget -c http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.73.tar.gz/from/ftp://ftp.jaist.ac.jp/pub/mysql/" end # local ファイルからアップする #remote_file "/usr/local/src/mysql-5.1.73.tar.gz" do # source "files/mysql-5.1.73.tar.gz" #end execute "mysql install 2" do cwd "/usr/local/src" command "tar zxvf mysql-5.1.73.tar.gz" end execute "mysql install 3" do cwd "/usr/local/src/mysql-5.1.73" command " ./configure --with-charset=utf8 --with-extra-charsets=all --with-mysqld-user=mysql --prefix=/usr/local/mysql --with-innodb --enable-thread-safe-client --with-charset=binary" end execute "mysql install 4" do cwd "/usr/local/src/mysql-5.1.73" command "make" end execute "httpd install 5" do cwd "/usr/local/src/mysql-5.1.73" command "make install" end # ユーザー設定 group "mysql" do action :create end user "mysql" do action :create gid "mysql" end # 設定ファイル remote_file "/etc/my.cnf" do owner "root" group "root" source "files/my.cnf" end # 初期DBの設定 execute "mysql install 6" do cwd "/usr/local/mysql" command "bin/mysql_install_db --user=mysql" end # フォルダの権限変更 directory "/usr/local/mysql" do owner "root" group "root" end directory "/usr/local/mysql/var" do owner "mysql" group "mysql" end # ログローテートの処理 remote_file "/etc/logrotate.d/mysql-log-rotate" do owner "mysql" group "mysql" mode "755" source "files/mysql-log-rotate" end # パスの設定 file "/root/.bash_profile" do action :edit block do |content| content.gsub!("PATH=$PATH:$HOME/bin", "PATH=$PATH:/usr/local/mysql/bin/:$HOME/bin") end end # 起動処理 execute "mysql start " do cwd "/usr/local/mysql/share/mysql/" command "./mysql.server restart" end # 起動スクリプト execute "mysql script1" do cwd "/usr/local/mysql/share/mysql/" command "cp mysql.server /etc/init.d/mysql" end execute "mysql script2" do cwd "/usr/local/mysql/share/mysql/" command "chmod +x /etc/init.d/mysql" end #フォルダ指定はいらないかも execute "mysql script3" do cwd "/usr/local/mysql/share/mysql/" command "chkconfig --add mysql" end execute "mysql script4" do command "chkconfig --list | grep mysql" end MYSQL_PASSWORD=node['password'] IP_ADDRESS=node['ipaddress'] HOST_NAME=node['hostname'] #execute "/usr/local/mysql/bin/mysql -u root -e \"set password for root@localhost=password('#{MYSQL_PASSWORD}');\"" execute "mysql user set 1" do command "/usr/local/mysql/bin/mysql -u root -e \"set password for root@localhost=password('#{MYSQL_PASSWORD}');\"" not_if "/usr/local/mysql/bin/mysql -u root -p#{MYSQL_PASSWORD} -e \"set password for root@localhost=password('#{MYSQL_PASSWORD}');\"" end execute "mysql user set 2" do command "/usr/local/mysql/bin/mysql -u root -p#{MYSQL_PASSWORD} -e \"set password for root@127.0.0.1=password('#{MYSQL_PASSWORD}');\"" end execute "mysql user set 3" do command "/usr/local/mysql/bin/mysql -u root -p#{MYSQL_PASSWORD} -e \"set password for root@'#{HOST_NAME}'=password('#{MYSQL_PASSWORD}');\"" end execute "mysql userlist" do command "/usr/local/mysql/bin/mysql -u root -p#{MYSQL_PASSWORD} -e \"select user,host,password from mysql.user;\"" end
apacheのインストール
# もしない場合はfilesがファイルをアップする execute "httpd install 1" do cwd "/usr/local/src/" command "sudo wget http://ftp.kddilabs.jp/infosystems/apache//httpd/httpd-2.2.31.tar.gz" end #remote_file "/usr/local/src/httpd-2.2.31.tar.gz" do # source "files/httpd-2.2.31.tar.gz" #end execute "httpd install 2" do cwd "/usr/local/src/" command "sudo tar zxvf httpd-2.2.31.tar.gz" end # 1回目だともしかしてエラーになるかも execute "httpd install 3 1 " do cwd "/usr/local/src/httpd-2.2.31" command "sudo make clean" not_if "echo 'make clean ok'" end execute "httpd install 3 2" do cwd "/usr/local/src/httpd-2.2.31" command "sudo ./configure --prefix=/usr/local/apache2/ --enable-so --enable-rewrite--enable-ssl=/usr/local/openssl --with-mpm=worker --enable-proxy --with-expat=builtin" end execute "httpd install 4" do cwd "/usr/local/src/httpd-2.2.31" command "sudo make" end execute "httpd install 5" do cwd "/usr/local/src/httpd-2.2.31" command "sudo make install" end execute "httpd install 6" do command "sudo /usr/local/apache2/bin/httpd -v" end
PHPのインストール
PHP_VERSION=node['phpversion'] IP_ADDRESS=node['ipaddress'] HOST_NAME=node['hostname'] MYSQL_PASSWORD=node['password'] FREETYPE_VERSION = '2.6.1' # php をコンパイルインストールするためにlibmcryptをダウンロードする #execute "mysql install 1" do # cwd "/usr/local/src" # command "wget -c http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.73.tar.gz/from/ftp://ftp.jaist.ac.jp/pub/mysql/" # http://blog.yume-dia.jp/archives/262 #wget http://elders.princeton.edu/data/puias/unsupported/6/x86_64/libmcrypt-2.5.8-9.puias6.x86_64.rpm #wget http://elders.princeton.edu/data/puias/unsupported/6/x86_64/libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm #rpm -ivh libmcrypt-2.5.8-9.puias6.x86_64.rpm #rpm -ivh libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm #end # local ファイルからアップする remote_file "/usr/local/src/libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" do source "files/libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" end remote_file "/usr/local/src/libmcrypt-2.5.8-9.puias6.x86_64.rpm" do source "files/libmcrypt-2.5.8-9.puias6.x86_64.rpm" end # 手動でインストールする必要がある #execute "libmcrypt install 1" do # cwd "/usr/local/src" # command "rpm -ivh libmcrypt-2.5.8-9.puias6.x86_64.rpm" #end #execute "libmcrypt install 1" do # cwd "/usr/local/src" # command "rpm -ivh libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" #end # ------------------- #php freetype install # ------------------- # graph用のライブラリー # 最新版は下記のURLで確認する # http://download.savannah.gnu.org/releases/freetype/ # tar コマンドが効かなかったのでtar.bz2にしています remote_file "/usr/local/src/freetype-#{FREETYPE_VERSION}.tar.bz2" do source "files/freetype-#{FREETYPE_VERSION}.tar.bz2" end execute "freetype install 1 " do cwd "/usr/local/src/" command "sudo tar xjvf freetype-#{FREETYPE_VERSION}.tar.bz2" end # 1回目だともしかしてエラーになるかも execute "freetype install 2 " do cwd "/usr/local/src/freetype-#{FREETYPE_VERSION}/" command "sudo make clean" not_if "echo 'make clean ok'" end execute "freetype install 2 " do cwd "/usr/local/src/freetype-#{FREETYPE_VERSION}/" command "sudo ./configure --enable-shared" end execute "freetype install 3 " do cwd "/usr/local/src/freetype-#{FREETYPE_VERSION}/" command "sudo make" end execute "freetype install 4 " do cwd "/usr/local/src/freetype-#{FREETYPE_VERSION}/" command "sudo make install" end # ------------------- #php FreeTDS install # ------------------- remote_file "/usr/local/src/freetds-stable.tgz" do source "files/freetds-stable.tgz" end execute "php install FreeTDS install 1" do cwd "/usr/local/src/" command "tar xvzf freetds-stable.tgz" end execute "php install FreeTDS install 2" do cwd "/usr/local/src/freetds-0.91" command " ./configure --prefix=/usr/local/freetds" end execute "php install FreeTDS install 3" do cwd "/usr/local/src/freetds-0.91" command "sudo make" end execute "php install FreeTDS install 4" do cwd "/usr/local/src/freetds-0.91" command "sudo make install" end execute "php install FreeTDS install 5" do command "sudo touch /usr/local/freetds/lib/libtds.a" end execute "php install FreeTDS install 6" do command "sudo touch /usr/local/freetds/include/tds.h" end # ------------------- # シンボリックリンクの準備 # ------------------- execute "php install before set 1" do command "ln -s /usr/local/mysql/lib /usr/local/mysql/lib64" end execute "php install before set 2" do command "ln -s /usr/local/freetds/lib /usr/local/freetds/lib64" end remote_file "/usr/local/src/libmcrypt-2.5.8-9.puias6.x86_64.rpm" do source "files/libmcrypt-2.5.8-9.puias6.x86_64.rpm" end remote_file "/usr/local/src/libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" do source "files/libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" end execute "php install before set 3" do cwd "/usr/local/src/" command "sudo rpm -ivh libmcrypt-2.5.8-9.puias6.x86_64.rpm" not_if "echo 'set ok3'" end execute "php install before set 4" do cwd "/usr/local/src/" command "sudo rpm -ivh libmcrypt-devel-2.5.8-9.puias6.x86_64.rpm" not_if "echo 'set ok4'" end # 最新版は下記のURLで確認する # http://php.net/releases/ remote_file "/usr/local/src/php-#{PHP_VERSION}.tar.gz" do source "files/php-#{PHP_VERSION}.tar.gz" end execute "php install 1 " do cwd "/usr/local/src/" command "sudo tar xvzf php-#{PHP_VERSION}.tar.gz" end # 1回目だともしかしてエラーになるかも execute "php install 2 " do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "sudo make clean" not_if "echo 'make clean ok'" end # ------------------- # シンボリックリンクの準備2 # ------------------- execute "php install before set 3" do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "ln -s /usr/lib64/libsybdb.so.5 /usr/local/freetds/lib/libsybdb.so " not_if "echo 'ln error ok'" end execute "php install before set 3" do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "ldconfig -v" end execute "php install 2 " do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "sudo ./configure --with-libdir=lib64 --enable-mbstring --enable-mbregex --enable-soap --enable-zend-multibyte --libexecdir=/usr/lib64exec --with-mcrypt --with-curl --libdir=/usr/lib64 --with-libdir=lib64 --with-mysql=/usr/local/mysql/ --with-pdo-mysql=/usr/local/mysql/ --with-jpeg-dir=/usr/lib64 --with-png-dir=/usr/lib64 --with-zlib-dir=/usr/lib64 --with-mysqli=/usr/local/mysql/bin/mysql_config --with-apxs2=/usr/local/apache2/bin/apxs --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-mssql=/usr/local/freetds --with-freetype-dir=/usr/lib64/ --enable-zip" end execute "php install 3 " do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "sudo make" end execute "php install 4 " do cwd "/usr/local/src/php-#{PHP_VERSION}/" command "sudo make install" end # ------------------- #php gd install # ------------------- execute "php install gd install 1" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "phpize" end execute "php install gd install 2" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "sudo cp aclocal.m4 aclocal" end execute "php install gd install 3" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "sudo aclocal" end execute "php install gd install 4" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "./configure --with-jpeg-dir=/usr/lib64 --with-freetype-dir=/usr/lib64" end execute "php install gd install 5" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "sudo make" end execute "php install gd install 6" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/gd/" command "sudo make install" end # ------------------- #php zlib install # ------------------- execute "php install zlib install 1" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command "sudo cp config0.m4 config.m4" end execute "php install zlib install 2" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command "phpize" end execute "php install zlib install 2" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command "aclocal" end execute "php install zlib install 4" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command " ./configure --with-jpeg-dir=/usr/lib64" end execute "php install zlib install 5" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command "sudo make" end execute "php install zlib install 6" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/zlib/" command "sudo make install" end # ------------------- #php openssl install # ------------------- execute "php install openssl install 1" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command "sudo cp config0.m4 config.m4" end execute "php install openssl install 2" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command "phpize" end execute "php install openssl install 2" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command "aclocal" end execute "php install openssl install 4" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command " ./configure --with-jpeg-dir=/usr/lib64" end execute "php install openssl install 5" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command "sudo make" end execute "php install openssl install 6" do cwd "/usr/local/src/php-#{PHP_VERSION}/ext/openssl/" command "sudo make install" end # ------------------- #php zip install # ------------------- execute "php install zip install 1" do command "pecl install zip" end # ------------------- #php PDO # ------------------- remote_file "/usr/local/src/PDO_DBLIB-1.0.tgz" do source "files/PDO_DBLIB-1.0.tgz" end execute "php install pdo install 1" do cwd "/usr/local/src/" command "tar xvzf PDO_DBLIB-1.0.tgz" end execute "php install pdo install 2" do cwd "/usr/local/src/PDO_DBLIB-1.0" command "phpize" end execute "php install pdo install 3" do cwd "/usr/local/src/PDO_DBLIB-1.0" command " ./configure --with-pdo-dblib=/usr/local/freetds" end execute "php install pdo install 4" do cwd "/usr/local/src/PDO_DBLIB-1.0" command "sudo make" end execute "php install pdo install 5" do cwd "/usr/local/src/PDO_DBLIB-1.0" command "sudo make install" end remote_file "/usr/local/freetds/etc/freetds.conf" do source "files/freetds.conf" end # ------------------- # httpd set # ------------------- file "/usr/local/apache2/conf/httpd.conf" do action :edit block do |content| content.gsub!("modules/libphp5.so", "/usr/local/apache2/modules/libphp5.so") content.gsub!("#AddEncoding x-compress .Z", "AddType application/x-httpd-php .php .phtml") end end service "httpd" do action :restart end remote_file "/usr/local/apache2/htdocs/check_info.php" do source "files/check_info.php" end # mysql connect check remote_file "/usr/local/apache2/htdocs/index_mysql.php" do source "files/index_mysql.php" end # ------------------- # index_mysql.php server ip set # ------------------- file "/usr/local/apache2/htdocs/index_mysql.php" do action :edit block do |content| # content.gsub!("XXX.XXX.XXX.XXX", "#{HOST_NAME}") content.gsub!("XXX.XXX.XXX.XXX", "localhost") content.gsub!("XXXpasswordXXX", "#{MYSQL_PASSWORD}") end end # SQLServer connect check remote_file "/usr/local/apache2/htdocs/index_sqlserver.php" do source "files/index_sqlserver.php" end # ------------------- # pear install # ------------------- execute "pear install Log" do not_if "echo 'pear ok1'" end execute "pear install Mail"do not_if "echo 'pear ok2'" end execute "pear install HTTP_Request"do not_if "echo 'pear ok3'" end execute "pear install HTTP_Request2"do not_if "echo 'pear ok4'" end execute "pear install HTTP_OAuth-0.2.3"do not_if "echo 'pear ok5'" end execute "pear install pear_info"do not_if "echo 'pear ok6'" end execute "pear install --alldeps phpdocumentor"do not_if "echo 'pear ok7'" end execute "pear install --alldeps PHP_CodeSniffer"do not_if "echo 'pear ok8'" end # php my admin remote_file "/usr/local/apache2/htdocs/phpMyAdmin-3.4.3.2-all-languages.tar.gz" do source "files/phpMyAdmin-3.4.3.2-all-languages.tar.gz" end execute "phpmyadmin install 1" do cwd "/usr/local/apache2/htdocs/" command "tar zxvf phpMyAdmin-3.4.3.2-all-languages.tar.gz" end execute "phpmyadmin install 2" do cwd "/usr/local/apache2/htdocs/" command "mv phpMyAdmin-3.4.3.2-all-languages phpMyAdmin" end # php my admin config remote_file "/usr/local/apache2/htdocs/phpMyAdmin/config.inc.php" do source "files/config.inc.php" end # phpmyadmin .htaccess remote_file "/usr/local/apache2/htdocs/phpMyAdmin/.htaccess" do source "files/.htaccess" end # --------------- # smarty install # --------------- remote_file "/usr/local/src/smarty-3.1.27.zip" do source "files/smarty-3.1.27.zip" end execute "smarty install 1" do cwd "/usr/local/src/" command "unzip smarty-3.1.27.zip" end execute "smarty install 2" do cwd "/usr/local/src/" command "mv smarty-3.1.27/libs /usr/lib64/php/Smarty" end
反省点
include_recipeコマンドが有ることを
あとで知りました・・・
もっと分割して作るべきだった
長いですが1回作れば
同じコマンドを打たなくていいのは感激です
