Otu esi eji modul nwere ike ime maka ọrụ nchịkwa sistemu - Akụkụ 6
N'ime akụkụ 6 nke modul ole na ole enwere ike n'isiokwu ndị gara aga, anyị ga-abanye ugbu a ma chọpụta modul ndị ọzọ na-enyere aka n'ịrụ ọtụtụ ọrụ nchịkwa usoro.
Ị ga-enweta echiche bụ isi nke modul ọ bụla wee lelee nhọrọ dị maka ịrụzu ụfọdụ ọrụ.
- Jikwaa ngwungwu ngwanrọ na ebe nchekwa n'ime ike
- Jikwaa ọrụ n'iji enwere ike
- Jikwaa firewall na ike
- Nchekwa faịlụ ma ọ bụ nchekwa nwere ike ime
- Hazie ọrụ n'enwere ike
- Jikwaa ndị ọrụ na otu dị iche iche na-enwe ike
- Mepụta faịlụ na akwụkwọ ndekọ aha n'enwere ike
- Jikwaa ebe nchekwa na enwere ike
- Jikwaa Sistemu Faịlụ n'enwere ike
Mgbe ị na-etinye ngwugwu na sistemụ Linux, nkesa dị iche iche na-eji ndị njikwa ngwugwu dị iche iche. Maka nkesa RedHat, anyị nwere nke dabara.
Enwere ike abịa na modul a na-akpọ ngwugwu, nke na-ewepụ mkpa ọ dị iji njikwa ngwugwu dị iche iche maka usoro dị iche iche. Ọ na-akpaghị aka na-eji njikwa ngwugwu kwekọrọ na sistemụ nnabata, si otú a na-eme ka ọrụ dị mfe.
Dịka ọmụmaatụ, ịwụnye htop n'ime otu ndị ọbịa nke gụnyere ma Debian & RedHat distros jiri ngwugwu ngwugwu dị ka egosiri na install_htop.yml playbook n'okpuru.
---
- name: Install htop on Ubuntu and CentOS
hosts: all
tasks:
- package:
name: htop
state: installed
IHE: ngwugwu aha nwere ike ịdị iche iche site na otu sistemu ọzọ. Dịka ọmụmaatụ, anyị nwere httpd na nkesa Redhat yana Apache2 maka sistemụ Debian/Ubuntu niile nke na-egosi sava weebụ Apache. Ya mere, ekwesịrị ịkpachara anya mgbe ị na-ebufe ngwugwu ndị a. Ọtụtụ mgbe, ọ kacha mma iji mgbanwe ma ọ bụ nkwupụta ọnọdụ.
Ọzọ, anyị nwere modul ọrụ, nke a na-eji maka ijikwa ọrụ na sistemụ Linux. A na-eji ya malite, kwụsị ma ọ bụ malitegharịa ọrụ. Ịnwekwara ike iji ya mee ka ọrụ rụọ ọrụ nke mere na mgbe akpụkpọ ụkwụ sistemụ, ọ na-amalite ọrụ ahụ na-akpaghị aka.
Dịka ọmụmaatụ, ịmalite & mee ka sava weebụ Apache dị na RHEL 8, jiri ọrụ dịka egosiri.
---
- name: Start and enable httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: started
enabled: yes
Ka ịkwụsị ọrụ httpd, gafere àgwà akwụsịla.
---
- name: Stop httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: stopped
Ka ịmalitegharịa ọrụ httpd, gafere njirimara ebidogharịrị.
---
- name: Restart httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: restarted
Ihe ọzọ dị mkpa ndị na-ahụ maka sistemụ arụmọrụ na-arụ bụ njikwa nke firewall. N'ime akwụkwọ egwu egwu enwere ike, emela nke a mfe site na modul firewalld na ufw. Ị nwere ike hazie firewall iji kwe ma ọ bụ gbochie ọdụ ụgbọ mmiri ma ọ bụ ọrụ ma ọ bụ ọbụna adreesị isi iyi.
Ka anyị banye ma lee ihe atụ ole na ole:
---
- name: Allow port 80
hosts: webservers
tasks:
-firewalld:
port: 80/tcp
permanent: yes
state: enabled
N'akwụkwọ egwuregwu dị n'elu, a na-ahapụ ọdụ ụgbọ mmiri 80 gafee firewall.
Nhọrọ na-adịgide adịgide: ee na-akwado iwu firewall wee mee ka ọ na-aga n'ihu n'ofe nrụpụta. Agbanyeghị, iwu a anaghị emetụta ozugbo. Ọ na-abata naanị ka ịmalitegharịa. Iji manye iwu ozugbo, jiri nhọrọ ozugbo: ee.
Iji kọwapụta adreesị ndị ekwenyere, jiri isi mmalite: nkwupụta 0.0.0.0/0.
- firewalld:
source: 192.168.0.0/24
zone: public
state: enabled
Iji kọwapụta ọdụ ụgbọ mmiri dị iche iche a ga-ahapụ iji nhọrọ ọdụ ụgbọ mmiri dị ka ndị a:
- firewalld:
port: 213-567/udp
permanent: yes
state: enabled
Ka igbochi ọdụ ụgbọ mmiri gbanwee nhọrọ steeti ka ọ bụrụ gbanyụọ dịka egosiri:
-firewalld:
port: 80/tcp
permanent: yes
state: disabled
Ewezuga ịgbakwunye/igbochi ọdụ ụgbọ mmiri, ị nwekwara ike itinye otu iwu ahụ na ọrụ. Ma ọ dị nnọọ mfe. Naanị jiri modul ọrụ ma tinye ọrụ a ga-agbakwunye ma hụ na agbanyere nhọrọ steeti ahụ.
- firewalld:
service: https
permanent: true
state: enabled
Ka igbochi ọrụ tọọ nhọrọ steeti ka ọ bụrụ gbanyụọ.
- firewalld:
service: https
permanent: true
state: disabled
Ndebe akwụkwọ na-ezo aka na mkpakọ nke faịlụ ma ọ bụ nchekwa na usoro nke dị mfe ibugharị ma dị obere n'ogo. Shipsgbọ mmiri nwere ike nwere modul akpọrọ Archive. Ịkọkọ faịlụ dị mfe dịka ọ na-enweta. Naanị ihe achọrọ bụ ịkọwapụta ụzọ isi mmalite nke faịlụ na ebe ebe faịlụ abịakọrọ.
Tụlee akwụkwọ mpịakọta compress.yml n'okpuru.
---
- hosts: webservers
tasks:
• name: Compress a folder
archive:
path: /opt/data/web
dest: /tmp/web.gz
Akwụkwọ egwuregwu dị n'elu na-echikota akwụkwọ ndekọ aha /opt/data/web wee chekwaa ya na /tmp/web.gz.
Ụdị mkpakọ ndabara bụ .gz, otu ọ dị, enwere ike ịkọwa nke a site na iji njirimara usoro. Nlele akwụkwọ egwuregwu na-esote.
---
- hosts: webservers
Tasks:
- name: Create a zip archive
archive:
path: /opt/data/web
dest: /tmp/web
format: zip
Akwụkwọ egwu dị n'elu na-etinye /opt/data/web directory ka /tmp/web.zip.
Ị nwekwara ike iwepụ faịlụ abịakọrọ site na iji njirimara unArchive. Tụlee akwụkwọ egwuregwu n'okpuru.
---
- hosts: webservers
tasks:
- name:Uncompress /tmp/web.gz to/opt directory on Ansible controller
unarchive:
src: /tmp/web.bz2
dest: /opt/
Akwụkwọ egwu egwu dị n'elu na-ewepụ faịlụ /opt/data/web.gz ka/họrọ na njikwa nwere ike.
Iji kọwapụta usoro isi mmalite dịpụrụ adịpụ jiri nhọrọ remote_src=ee.
---
- hosts: webservers
tasks:
- name:Uncompress /tmp/web.bz2 to/opt on remote host
unarchive:
src: /tmp/web.bz2
dest: /opt/
remote_src=yes
Akwụkwọ egwu dị n'elu na-ewepụ faịlụ /tmp/web.bz2 na oghere dịpụrụ adịpụ gaa na /opt/ directory.
Modul cron na-enyere aka n'ịhazi ọrụ n'ime akwụkwọ egwuregwu enwere ike.
Tụlee akwụkwọ egwuregwu n'okpuru.
---
- hosts: webservers
tasks:
- name: Create a scheduled task
cron:
name: Run employee attendance
job: sh /opt/scripts/attendace.sh
month: 4
day: 5
hour: 17
minute: 00
Akwụkwọ egwuregwu na-eme edemede ndị bịara na Eprel 5 n'elekere 5:00 nke mgbede.
Ọ bụrụ na ịchọrọ ịhazi edemede a ka ọ na-agba naanị ma ọ bụrụ na ụbọchị 5th nke Eprel bụ Mọnde, were ụbọchị izu ụka: àgwà 1. 0 na-egosi Sọnde na 6 na-egosi Satọde dịka ọkwa cron siri dị.
month: 4 day: 5 hour: 17 minute: 00 weekday: 1
Ihe akara mmuke (*) n'ime mpaghara ndị a na-egosi uru ọ bụla.
Iji rụọ ọrụ ahụ n'April 5th na 5:00 pm n'agbanyeghị ihe ụbọchị izu bụ, jiri usoro oge dị ka egosiri.
month: 4 day: 5 hour: 17 minute: 00 weekday: *
Iji rụọ ọrụ cron n'ụbọchị 5th nke ọnwa ọ bụla na 5:00 pm jiri ntọala dị n'okpuru.
month: * day: 5 hour: 17 minute: 00 weekday: *
Iji rụọ ọrụ cron kwa ụbọchị na 5:00 pm tọọ ntọala oge dị ka egosiri:
month: * day: * hour: 17 minute: 00 weekday: *
Iji rụọ ọrụ cron kwa awa 5, jiri uru nzọụkwụ */5 dị ka egosiri.
month: * day: * hour: */5 minute: * weekday: *
Ịnwekwara ike ijikwa ndị ọrụ na ndị otu n'ime akwụkwọ egwu egwu enwere ike na-agbasi mbọ ike.
Iji mepụta onye ọrụ ọhụrụ, jiri modul onye ọrụ dịka egosiri.
---
- hosts: webservers
tasks:
- name: Create a new user
user:
name: Jack
Ịnwekwara ike ịgbakwunye nhọrọ ndị ọzọ dịka UID, otu.
- name: Create a new user
user:
name: Jack
comment: Jack Peters
uid: 1002
group: administrators
shell: /bin/bash
Iji wepu onye ọrụ, jiri nkwupụta wepu: ee.
- name: Remove the user 'Jack'
user:
name: Jack
state: absent
remove: yes
Iji mepụta otu ọhụrụ, jiri otu modul.
- name: Create a group
group:
name: developers
Iji mepụta faịlụ ndekọ aha, jiri modul faịlụ.
Dịka ọmụmaatụ, ịmepụta akwụkwọ ndekọ aha ọhụrụ.
---
- hosts: webservers
tasks:
- name: Create a new directory
file:
path: /opt/app
state: directory
Ịnwere ike ịgbakwunye njirimara ndị ọzọ dịka ikike onye nwe, otu na faịlụ.
- hosts: webservers
tasks:
- name: Create a new directory
file:
path: /opt/web
state: directory
owner: www-data
group: www-data
mode: 0644
Na mgbakwunye, ị nwere ike ịmepụta akwụkwọ ndekọ aha ugboro ugboro site na iji nkwughachi: ee nkwupụta.
---
- hosts: webservers
tasks:
- name: Create directories recursively
file:
path: /opt/web/app
state: directory
owner: www-data
group: www-data
mode: 0644
recurse: yes
Iji mepụta faịlụ, jiri nhọrọ steeti: metụ nhọrọ.
---
- hosts: webservers
tasks:
- name: Create a new file
file:
path: /opt/web/index.html
state: touch
owner: www-data
group: www-data
mode: 0644
A na-eji modul lvg hazie mpịakọta na otu LVM.
Tụlee akwụkwọ egwuregwu n'okpuru:
---
- hosts: webservers
tasks:
• name: Create lVM volume group
lvg:
vg: vg1
pvs: /dev/sda1
pesize: 32
Nke a na-emepụta otu olu n'elu nkebi /dev/sda1 nwere oke anụ ahụ nke 32 MB.
Ozugbo emepụtara, jiri lvol modul mepụta ụda ezi uche dị ka egosiri
---
- hosts: webservers
tasks:
- name: Create lVM volume
lvol:
vg: vg1
lv: lvol1
pvs: /dev/sda1
Iji mepụta usoro faịlụ na ngwaọrụ ngọngọ, jiri modul sistemụ faịlụ.
Akwụkwọ egwu egwu dị n'okpuru na-emepụta ụdị faịlụ xfs na olu ngọngọ.
---
- hosts: webservers
tasks:
- name: Create a filesystem
filesystem:
fstype: xfs
dev: /dev/vg1/lvol1
Ị nwere ike ịga n'ihu n'ịkwalite olu ngọngọ site na iji modul ugwu dị ka egosiri na akwụkwọ egwu dị n'okpuru:
---
- hosts: webservers
tasks:
- name: Mount a filesystem
mount:
fstype: xfs
src: /dev/vg1/lvol1
path: /opt/web
state: mounted
Nke a mechiri isiokwu ahụ. Anyị ekpuchila ọrụ nchịkwa sistemu dị iche iche nke enwere ike ịrụzu site na modul arụnyere arụnyere n'ime akwụkwọ egwuregwu enwere ike.