[![logo](https://www.hongsnet.net/images/logo.gif)](https://www.hongsnet.net) # Ansible의 Fact변수, shell,template를 이용한 OS Package 설치 > OS를 Minimal 설치한 후의 기본적인 환경을 구성한다. ## 주요 기능 - OS Minimal 설치 후 최소한의 Package를 설치한다. - RedHat/Debian 계열에 따라 조건을 수행한다. ## Inventory 설정 ```bash # cat hosts [ALL_HOSTS] 172.16.0.100 managed_ip=172.16.0.100 des="2020-12-03" [ALL_HOSTS_OK] ``` 대상 호스트는 172.16.0.100이며, 추가는 2020-12-03에 수행한다. 참고적으로 **ALL_HOSTS_OK** 호스트 그룹은 작업이 완료된 호스트의 history를 위한 그룹이다. ## Host Variables 설정 ```bash # cat host_vars/172.16.0.100 ansible_ssh_host: 172.16.0.100 ansible_ssh_port: SSH_포트번호 ansible_ssh_user: 사용자 아이디 ansible_ssh_pass: "사용자 패스워드" ansible_become: yes ansible_become_method: su ansible_become_user: root ansible_become_pass: "!root_패스워드" ansible_python_interpreter: python2.7 ``` ## Playbook 설정 ```python --- - name: Basic OS Package Installing hosts: ALL_HOSTS vars: time: "{{lookup('pipe','date \"+%Y%m%d_%H%M\"')}}" environment: LANG: ko_KR.UTF-8 tasks: - name: Copy the banner issue file in remote node copy: src: templates/issue.j2 dest: /etc/issue owner: root group: root mode: 0644 - name: Copy the banner issue.net file in remote node copy: src: templates/issue.net.j2 dest: /etc/issue.net owner: root group: root mode: 0644 - name: Copy the banner issue.net file in remote node copy: src: templates/motd.j2 dest: /etc/motd owner: root group: root mode: 0644 - name: Timezone Setting(Asia/Seoul) Force Linking shell: ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime register: timezone_result - debug: var=timezone_result - name: /etc/apt/sources.list_src file copy check stat: path: /etc/apt/sources.list_src register: apt_sourcelist_backup when: ansible_os_family == "Debian" - name: /etc/apt/sources.list_src file backup command: cp -rf /etc/apt/sources.list /etc/apt/sources.list_src when: - apt_sourcelist_backup.stat.exists == False - ansible_os_family == "Debian" - name: APT source sources.list file copy copy: src: "{{ item }}" dest: /etc/apt/sources.list owner: 'root' group: 'root' mode: 0644 with_items: ['sources.list'] when: ansible_os_family == "Debian" - name: Install a list of packages apt: pkg: - binutils - net-tools - dnsutils - vim - gcc - g++ - cmake - smartmontools - sysstat - lsb-core - rdate - ntp - rsync - ntpdate - ftp - ethtool - tcpdump - lvm2 - parted - libpam-cracklib - mdadm - nfs-common update_cache: yes when: ansible_os_family == "Debian" - name: Stop & Disabled Serivces systemd: name: "{{ item }}" state: stopped enabled: no with_items: - exim4 when: ansible_os_family == "Debian" - name: Install a list of packages yum: name={{ item }} update_cache=yes with_items: - vim - telnet - lvm2 - sysstat - ftp - device-mapper-multipath - device-mapper-multipath-lib - setuptool - sysfsutils - sg3_utils - dos2unix - lsof - iptstate - ipmitool - lrzsz - zlib-devel - tcl - tcl-devel - cmake - nmap - iptraf - tcpdump - net-tools - psmisc - tree - rdate - bash-completion - wget - gcc - gcc-c++ - openssl - openssl-devel - zip - unzip - autoconf - smartmontools - ncurses-devel - rsync - bind-utils - ntp - chrony when: ansible_os_family == "CentOS" - name: Stop & Disabled Serivces systemd: name: "{{ item }}" state: stopped enabled: no with_items: - postfix when: ansible_os_family == "CentOS" ``` `OS Package Manager`에 대한 Playbook 분석 * [ ] OS Version의 조건을 수행하기 위해 Facts 변수인 `ansible_os_family` 를 사용한다. * [ ] Facts 변수를 수집하기 위해서는 반드시 `gather_fact:no` 가 설정되면 안된다. * [ ] 외부 네트워크가 불가능한 환경에서는 각각 파일을 배포해야 한다. - Debian 계열 : /etc/sources.list - RedHat 계열 : /etc/yum.respo.d/*.repo ## playbook 실행 ```bash # ansible-playbook -i hosts os_minimal.yml ```