Linux Virtual Delivery Agent

Gérer votre déploiement à l’aide d’Ansible

August 20, 2024

Contributeur:

Ansible permet d’automatiser le processus de déploiement des applications, des configurations et des mises à jour tout au long de votre déploiement. Cet article propose des instructions détaillées sur l’utilisation d’Ansible pour gérer efficacement votre déploiement.

Étape 1 : déterminer les éléments à déployer

Avant de commencer, identifiez les éléments à déployer, tels que les applications, les services, les configurations et les variables d’environnement.

Étape 2 : configurer votre projet Ansible

Créez une structure de répertoires pour votre projet Ansible. La fonctionnalité « rôles » d’Ansible est un moyen efficace d’organiser le contenu de votre playbook. Pour plus d’informations, consultez la section Rôles dans la documentation d’Ansible.

Voici deux exemples de structures de répertoires à titre de référence :

Exemple de structure de répertoire #1

production                # inventory file for production servers
staging                   # inventory file for staging environment

group_vars/
   group1.yml             # here we assign variables to particular groups
   group2.yml
host_vars/
   hostname1.yml          # here we assign variables to particular systems
   hostname2.yml

library/                  # if any custom modules, put them here (optional)
module_utils/             # if any custom module_utils to support modules, put them here (optional)
filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook
webservers.yml            # playbook for webserver tier
dbservers.yml             # playbook for dbserver tier

roles/
    common/               # this hierarchy represents a "role"
        tasks/            #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/         #
            main.yml      #  <-- handlers file
        templates/        #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/            #
            bar.txt       #  <-- files for use with the copy resource
            foo.sh        #  <-- script files for use with the script resource
        vars/             #
            main.yml      #  <-- variables associated with this role
        defaults/         #
            main.yml      #  <-- default lower priority variables for this role
        meta/             #
            main.yml      #  <-- role dependencies
        library/          # roles can also include custom modules
        module_utils/     # roles can also include custom module_utils
        lookup_plugins/   # or other types of plugins, like lookup in this case

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""
 

Exemple de structure de répertoire #2

inventories/
   production/
      hosts               # inventory file for production servers
      group_vars/
         group1.yml       # here we assign variables to particular groups
         group2.yml
      host_vars/
         hostname1.yml    # here we assign variables to particular systems
         hostname2.yml

   staging/
      hosts               # inventory file for staging environment
      group_vars/
         group1.yml       # here we assign variables to particular groups
         group2.yml
      host_vars/
         stagehost1.yml   # here we assign variables to particular systems
         stagehost2.yml

library/
module_utils/
filter_plugins/

site.yml
webservers.yml
dbservers.yml

roles/
    common/
    webtier/
    monitoring/
    fooapp/
 

Étape 3 : configurer votre inventaire

Définissez votre fichier d’inventaire (inventory.ini). Un fichier d’inventaire répertorie généralement les hôtes que vous souhaitez gérer à l’aide d’Ansible, ainsi que des informations nécessaires tels que les noms d’hôtes, les adresses IP et les membres de groupes. Par exemple :

# Hostname and ip address
[UBUNTU2004]
<ip address>
[UBUNTU2204]
<ip address>
[RHEL8]
<ip address>
[RHEL9]
<ip address>
[DEBIAN11]
<ip address>
[DEBIAN12]
<ip address>
[SUSE15]
<ip address>

[all:children]
UBUNTU2004
UBUNTU2204
RHEL8
RHEL9
DEBIAN11
DEBIAN12
SUSE15

[all:vars]
ansible_user=<ansible execute user e.g root>
ansible_password=<>
ansible_ssh_common_args='-o StrictHostKeyChecking=no'
 

Étape 4 : créer des playbooks Ansible

Créez des playbooks (fichiers .yml) pour automatiser les tâches de déploiement. La section fournit des exemples de playbooks permettant d’automatiser différentes tâches de déploiement.

Exemple de playbook pour appliquer des correctifs aux distributions Linux

Pour appliquer des correctifs à diverses distributions Linux à l’aide d’Ansible, vous pouvez créer un fichier de playbook YAML nommé patch-for-different-distribution.yml et remplir le fichier avec des tâches similaires aux suivantes. La directive hosts définit les hôtes cibles de l’inventaire (dans ce contexte, inventory.ini) qui sont ciblés pour exécuter les tâches du playbook.

- name: Upgrade and Reboot RHEL & Debian family Linux distros
  hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  vars:
    reboot_connect_timeout: 5
    reboot_post_reboot_delay: 15
    reboot_timeout: 600
  tasks:
    # Upgrade RHEL family OS packages
    - name: Upgrade RHEL Family OS packages
      ansible.builtin.yum:
        name: '*'
        state: latest
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "7"

    # Upgrade RHEL family OS packages
    - name: Upgrade RHEL Family OS packages
      ansible.builtin.yum:
        name: '*'
        state: latest
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "8"

    # Upgrade RHEL family OS packages
    - name: Upgrade RHEL Family OS packages
      ansible.builtin.yum:
        name: '*'
        state: latest
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "9"

    # Ubuntu Family upgrade
    - name: Update repositories cache
      apt:
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "20"

    - name: Update all packages to their latest version
      apt:
        name: "*"
        state: latest
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "22"

    # Debian Family upgrade
    - name: Upgrade the OS (apt-get dist-upgrade)
      apt:
        upgrade: dist
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "11"

    - name: Upgrade the OS (apt-get dist-upgrade)
      apt:
        upgrade: dist
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "12"

    # Reboot after upgrade
    - name: Reboot host
      reboot:
        connect_timeout: ""
        post_reboot_delay: ""
        reboot_timeout: ""
 

Exemple de playbook pour l’installation d’environnements .Net

L’exemple de playbook suivant installe différentes versions d’environnements .Net sur les distributions Linux spécifiques.

- name: Install dotnet runtime environment on Linux distros
  hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  tasks:
    # Install dotnet runtime environment on RHEL7
    - name: Enable the rhel-7-server-dotnet-rpms repository
      command: subscription-manager repos --enable=rhel-7-server-dotnet-rpms
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "7"

    - name: Install dotnet runtime environment on RHEL7
      ansible.builtin.yum:
        name: rh-dotnet60-aspnetcore-runtime-6.0
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "7"

    - name: Remove /usr/bin/dotnet if it exists
      file:
        path: /usr/bin/dotnet
        state: absent

    - name: Create a symbolic link
      file:
        src: /opt/rh/rh-dotnet60/root/usr/lib64/dotnet/dotnet
        dest: /usr/bin/dotnet
        state: link

    # RHEL8 linux vda install dotnet runtime environment
    - name: Install dotnet-runtime-8.0
      ansible.builtin.dnf:
        name: dotnet-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "8"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.dnf:
        name: aspnetcore-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "8"

    # RHEL9 linux vda install dotnet runtime environment
    - name: Install dotnet-runtime-8.0
      ansible.builtin.dnf:
        name: dotnet-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "9"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.dnf:
        name: aspnetcore-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "9"

    # Ubuntu20.04 linux vda install dotnet runtime environment
    - name: Register Microsoft key and feed
      shell: |
        wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
        dpkg -i packages-microsoft-prod.deb
        rm packages-microsoft-prod.deb
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "20"

    - name: Install dotnet-runtime-8.0
      ansible.builtin.apt:
        name: dotnet-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "20"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.apt:
        name: aspnetcore-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "20"

    # Ubuntu22.04 linux vda install dotnet runtime environment
    - name: Install dotnet-runtime-8.0
      ansible.builtin.apt:
        name: dotnet-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "22"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.apt:
        name: aspnetcore-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "22"

    # Debian11 linux vda install dotnet runtime environment
    - name: Register Microsoft key and feed
      shell: |
        wget https://packages.microsoft.com/config/debian/11/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
        dpkg -i packages-microsoft-prod.deb
        rm packages-microsoft-prod.deb
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "11"

    - name: Install dotnet-runtime-8.0
      ansible.builtin.apt:
        name: dotnet-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "11"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.apt:
        name: aspnetcore-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "11"

    # Debian12 linux vda install dotnet runtime environment
    - name: Register Microsoft key and feed
      shell: |
        wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
        dpkg -i packages-microsoft-prod.deb
        rm packages-microsoft-prod.deb
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "12"

    - name: Install dotnet-runtime-8.0
      ansible.builtin.apt:
        name: dotnet-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "12"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.apt:
        name: aspnetcore-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "12"

    # Sles15 linux vda install dotnet runtime environment
    - name: Register Microsoft key and feed
      shell: |
        sudo rpm -Uvh https://packages.microsoft.com/config/sles/15/packages-microsoft-prod.rpm
        sudo ln -s /etc/yum.repos.d/microsoft-prod.repo /etc/zypp/repos.d/microsoft-prod.repo
      when:
        - ansible_facts['distribution'] == "SLES"
        - ansible_facts['distribution_major_version'] == "15"

    - name: Install dotnet-runtime-8.0
      community.general.zypper:
        name: dotnet-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "SLES"
        - ansible_facts['distribution_major_version'] == "15"

    - name: Install aspnetcore-runtime-8.0
      community.general.zypper:
        name: aspnetcore-runtime-8.0
        state: present
        update_cache: yes
      when:
        - ansible_facts['distribution'] == "SLES"
        - ansible_facts['distribution_major_version'] == "15"

    # Amazon2 linux vda install dotnet runtime environment
    - name: Install dotnet-runtime-8.0
      ansible.builtin.yum:
        name: dotnet-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "Amazon"
        - ansible_facts['distribution_major_version'] == "2"

    - name: Install aspnetcore-runtime-8.0
      ansible.builtin.yum:
        name: aspnetcore-runtime-8.0
        state: present
      when:
        - ansible_facts['distribution'] == "Amazon"
        - ansible_facts['distribution_major_version'] == "2"
 

Exemples de playbooks pour la mise à niveau du Linux VDA

Pour automatiser les mises à niveau du Linux VDA à l’aide d’Ansible, vous pouvez créer deux playbooks distincts. Un playbook, tel que get_the_build.yml, est dédié au téléchargement et au transfert du package Linux VDA vers les machines cibles (hôtes). L’autre playbook, par exemple linux_upgrade.yml, contient des tâches conçues pour mettre à niveau le Linux VDA sur les machines cibles à l’aide du package précédemment téléchargé.

Exemple de playbook get_the_build.yml

- hosts: localhost
  name: Get the latest release build to local
  vars:
    build_url: <linux vda download link>  # replace with your actual value.
    local_tmp: "/tmp/"  # replace with your actual value.
    remote_tmp: "/tmp/"  # replace with your actual value.
    linuxvda_file_name : "linux vda rpm/deb file name" # replace with your actual value.
  tasks:
  - name: Download the file
    get_url:
      url: ""
      dest: ""
    tags:
      - get


- hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  name: Copy a file to remote location
  tasks:
  - name: Copy vda to the remote machine
    ansible.builtin.copy:
      src: ""
      dest: ""
      remote_src: no
    tags:
      - copy
 

Exemple de playbook linux_upgrade.yml

- name: Upgrade Linux VDA and Reboot RHEL & Debian Linux distros
  hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  vars:
    remote_tmp: "/path/to/remote/tmp"  # replace with your actual path
    rhel7_file_name: "rhel7_file.rpm"  # replace with your actual file name
    rhel8_file_name: "rhel8_file.rpm"  # replace with your actual file name
    rhel9_file_name: "rhel9_file.rpm"  # replace with your actual file name
    ubuntu2004_file_name: "ubuntu2004_file.deb"  # replace with your actual file name
    ubuntu2204_file_name: "ubuntu2204_file.deb"  # replace with your actual file name
    debian11_file_name: "debian11_file.deb" # replace with your actual file name
    debian12_file_name: "debian12_file.deb" # replace with your actual file name
    suse15_file_name: "suse15_file.deb" # replace with your actual file name
    amazon2_file_name: "amazon2_file.rpm" # replace with your actual file name
  tasks:
    # Upgrade RHEL linux vda packages
    - name: Upgrade RHEL7 linux vda packages
      ansible.builtin.yum:
        name: ""
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "7"

    # Upgrade RHEL linux vda packages
    - name: Upgrade RHEL8 linux vda packages
      ansible.builtin.yum:
        name: ""
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "8"

    # Upgrade RHEL linux vda packages
    - name: Upgrade RHEL9 linux vda packages
      ansible.builtin.yum:
        name: ""
        state: present
      when:
        - ansible_facts['distribution'] == "RedHat"
        - ansible_facts['distribution_major_version'] == "9"

    # Ubuntu20.04 linux vda upgrade
    - name: Ubuntu20.04 linux vda upgrade
      ansible.builtin.apt:
        deb: ""
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "20"

    - name: Ubuntu22.04 linux vda upgrade
      ansible.builtin.apt:
        deb: ""
      when:
        - ansible_facts['distribution'] == "Ubuntu"
        - ansible_facts['distribution_major_version'] == "22"

    # Debian Linux VDA upgrade
    - name: Debian11 Linux VDA upgrade
      ansible.builtin.apt:
        deb: ""
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "11"

    - name: Debian12 Linux VDA upgrade
      ansible.builtin.apt:
        deb: ""
      when:
        - ansible_facts['distribution'] == "Debian"
        - ansible_facts['distribution_major_version'] == "12"

    # Sles15 Linux VDA upgrade
    - name: Sles15 Linux VDA upgrade
      community.general.zypper:
        name: ""
        state: present
      when:
        - ansible_facts['distribution'] == "SLES"
        - ansible_facts['distribution_major_version'] == "15"

    # Amazon2 Linux VDA upgrade
    - name: Amazon2 Linux VDA upgrade
      ansible.builtin.yum:
        name: ""
      when:
        - ansible_facts['distribution'] == "Amazon"
        - ansible_facts['distribution_major_version'] == "2"
    # Reboot after upgrade
    - name: Reboot host
      reboot:
        connect_timeout: ""
        post_reboot_delay: ""
        reboot_timeout: ""
 

Exemple de playbook pour monter un serveur NFS en tant que répertoire personnel

L’exemple de playbook suivant monte un serveur NFS en tant que répertoire de base sur les hôtes cibles :

- hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  vars:
    nfs_server = <nfsserver ip address> # replace with your actual values
    mount_points = /home/<domain realm>/user1,/home/<domain realm>user2  # replace with your actual values
    nfs_shares = user1,user2  # replace with your actual values
    owners = user1,user2   # replace with your actual values
    groups = group1,group2  # replace with your actual values
  tasks:
    - name: Enable NFS as home directory
      ansible.builtin.command:
        cmd: "/opt/Citrix/VDA/bin/ctxreg create -k 'HKLM\System\CurrentControlSet\Control\Citrix' -t 'REG_DWORD' -v 'CheckUserHomeMountPoint' -d '0x00000001' --force"
      register: result
      failed_when: result.rc != 0
      check_mode: no

    - name: Mount NFS shares
      ansible.builtin.mount:
        path: ""
        src: ":"
        fstype: nfs
        opts: rw,nolock
        state: mounted
      loop: ""

    - name: Set owner, group and mode for NFS client paths
      ansible.builtin.file:
        path: ""
        owner: ""
        group: ""
        mode: ""
      loop: ""
 

Exemples de playbooks pour l’exécution de commandes à distance

Exemple de playbook pour modifier les paramètres de registre

- hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  vars:
    registry_key: "your_registry_key"      #  E.g. registry_key = HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\icawd
    registry_type: "your_registry_type"    #  E.g. registry_type = REG_DWORD
    registry_value: "your_registry_value"  #  E.g. registry_value = AdaptiveScalingEnabled
    registry_data: "your_registry_data"    #  E.g. registry_data = 0x00000000
  tasks:
  - name: Execute AdaptiveScaling redirection script
    ansible.builtin.command:
      cmd: "/opt/Citrix/VDA/bin/ctxreg create -k "" -t "" -v "" -d "" --force"
    register: result
    failed_when: result.rc != 0
    check_mode: no
 

Exemple de playbook pour verrouiller la version mineure de RHEL

- hosts: <host1,host2,host3>  # replace with your actual hosts in the inventory file.
  vars:
    rhel_minor_version: "9.3"  # replace with your actual minor version such as 9.3, 8.8
  tasks:
    - name: Lock system to a specific minor version
      ansible.builtin.command:
        cmd: "subscription-manager release --set="
      register: result
      failed_when: "'Error' in result.stderr"
 

La version officielle de ce document est en anglais. Certains contenus de la documentation Cloud Software Group ont été traduits de façon automatique à des fins pratiques uniquement. Cloud Software Group n'exerce aucun contrôle sur le contenu traduit de façon automatique, qui peut contenir des erreurs, des imprécisions ou un langage inapproprié. Aucune garantie, explicite ou implicite, n'est fournie quant à l'exactitude, la fiabilité, la pertinence ou la justesse de toute traduction effectuée depuis l'anglais d'origine vers une autre langue, ou quant à la conformité de votre produit ou service Cloud Software Group à tout contenu traduit de façon automatique, et toute garantie fournie en vertu du contrat de licence de l'utilisateur final ou des conditions d'utilisation des services applicables, ou de tout autre accord avec Cloud Software Group, quant à la conformité du produit ou service à toute documentation ne s'applique pas dans la mesure où cette documentation a été traduite de façon automatique. Cloud Software Group ne pourra être tenu responsable de tout dommage ou problème dû à l'utilisation de contenu traduit de façon automatique.

Cela vous a-t-il été utile ?

Gérer votre déploiement à l’aide d’Ansible

August 20, 2024

Contributeur:

Dans cet article

Cela vous a-t-il été utile ?