(Introduction)

Server automation now plays an essential role in systems administration, due to the disposable nature of modern application environments. Configuration management tools such as Ansible are typically used to streamline the process of automating server setup by establishing standard procedures for new servers while also reducing human error associated with manual setups.

由于现代应用程序环境具有可处理性,因此服务器自动化现在在系统管理中起着至关重要的作用。 配置管理工具(例如Ansible)通常用于通过为新服务器建立标准过程来简化服务器设置自动化的过程,同时还减少了与手动设置相关的人为错误。

Ansible offers a simple architecture that doesn’t require special software to be installed on nodes. It also provides a robust set of features and built-in modules which facilitate writing automation scripts.

Ansible提供了一种简单的体系结构,不需要在节点上安装特殊软件。 它还提供了一组功能强大的功能和内置模块,可帮助编写自动化脚本。

This guide explains how to use Ansible to automate the steps contained in our guide on How To Install the Apache Web Server on Ubuntu 18.04. The Apache HTTP server is the most widely-used web server in the world. It provides many powerful features including dynamically loadable modules, robust media support, and extensive integration with other popular software.

本指南说明了如何使用Ansible来自动化我们的指南中有关如何在Ubuntu 18.04上安装Apache Web服务器的步骤。 Apache HTTP服务器是世界上使用最广泛的Web服务器。 它提供了许多强大的功能,包括可动态加载的模块,强大的媒体支持以及与其他流行软件的广泛集成。

(Prerequisites)

In order to execute the automated setup provided by the playbook we’re discussing in this guide, you’ll need:

为了执行我们在本指南中讨论的剧本提供的自动设置,您需要:

  • One Ansible control node: an Ubuntu 18.04 machine with Ansible installed and configured to connect to your Ansible hosts using SSH keys. Make sure the control node has a regular user with sudo permissions and a firewall enabled, as explained in our Initial Server Setup guide. To set up Ansible, please follow our guide on How to Install and Configure Ansible on Ubuntu 18.04. 一个Ansible控制节点 :安装了Ansible并配置为使用SSH密钥连接到您的Ansible主机的Ubuntu 18.04计算机。 确保控制节点具有sudo权限的常规用户并启用了防火墙,如“ 初始服务器设置”指南中所述。 要设置Ansible,请遵循有关如何在Ubuntu 18.04上安装和配置Ansible的指南。
  • One or more Ansible Hosts: one or more remote Ubuntu 18.04 servers previously set up following the guide on How to Use Ansible to Automate Initial Server Setup on Ubuntu 18.04. 一台或多台Ansible主机 :一台或多台远程Ubuntu 18.04服务器以前是按照有关如何在Ubuntu 18.04上使用Ansible自动化初始服务器设置的指南进行设置的 。

Before proceeding, you first need to make sure your Ansible control node is able to connect and execute commands on your Ansible host(s). For a connection test, please check step 3 of How to Install and Configure Ansible on Ubuntu 18.04.

在继续之前,您首先需要确保Ansible控制节点能够在Ansible主机上连接并执行命令。 对于连接测试,请检查如何在Ubuntu 18.04上安装和配置Ansible的步骤3。

(What Does this Playbook Do?)

This Ansible playbook provides an alternative to manually running through the procedure outlined in our guide on How To Install the Apache Web Server on Ubuntu 18.04.

该Ansible剧本提供了一种替代方法,可以手动执行我们的指南中的如何在Ubuntu 18.04上安装Apache Web服务器中概述的过程。

Running this playbook will perform the following actions on your Ansible hosts:

运行此剧本将在您的Ansible主机上执行以下操作:

  1. Install aptitude, which is preferred by Ansible as an alternative to the apt package manager. 安装aptitude ,这是Ansible首选的替代apt软件包管理器的工具。
  2. Install Apache.
  3. Create a custom document root folder for the new Apache VirtualHost and set up a test page.
  4. Enable the new Apache VirtualHost.
  5. Disable the default Apache website when the variable disable_default is set to true. 当变量disable_default设置为true时,禁用默认的Apache网站。
  6. Set up UFW to allow HTTP traffic on the configured port (80 by default). 设置UFW,以允许配置的端口上的HTTP通信(默认为80 )。

Once the playbook has finished running, you will have a web server running on your target node, based on the options you defined within your configuration variables.

剧本完成运行后,根据在配置变量中定义的选项,您将在目标节点上运行Web服务器。

(How to Use this Playbook)

The first thing we need to do is obtain the Apache playbook and its dependencies from the do-community/ansible-playbooks repository. We need to clone this repository to a local folder inside the Ansible Control Node.

我们需要做的第一件事是从do-community / ansible-playbooks存储库中获取Apache剧本及其依赖项。 我们需要将此存储库克隆到Ansible控制节点内的本地文件夹。

In case you have cloned this repository before while following a different guide, access your existing ansible-playbooks copy and run a git pull command to make sure you have updated contents:

如果您在遵循其他指南之前已经克隆了此存储库,请访问现有的ansible-playbooks副本并运行git pull命令以确保已更新内容:

  • cd ~/ansible-playbooks
  • git pull

If this is your first time using the do-community/ansible-playbooks repository, you should start by cloning the repository to your home folder with:

如果这是您第一次使用do-community/ansible-playbooks存储库,则应首先使用以下命令将存储库克隆到主文件夹中:

  • cd ~
  • git clone https://github.com/do-community/ansible-playbooks.git
  • cd ansible-playbooks

The files we’re interested in are located inside the apache_ubuntu1804 folder, which has the following structure:

我们感兴趣的文件位于apache_ubuntu1804文件夹中,该文件夹具有以下结构:

apache_ubuntu1804
├── files
│   ├── apache.conf.j2
│   └── index.html.j2
├── vars
│   └── default.yml
├── playbook.yml
└── readme.md

Here is what each of these files are:

以下是每个文件的含义:

  • files/apache.conf.j2: Template file for setting up the Apache Virtual Host. files/apache.conf.j2 :用于设置Apache虚拟主机的模板文件。
  • files/index.html.j2: Template file for setting up a test page on the web server’s root directory. files/index.html.j2 :用于在Web服务器的根目录上设置测试页的模板文件。
  • vars/default.yml: Variable file for customizing playbook settings. vars/default.yml :用于自定义剧本设置的变量文件。
  • playbook.yml: The playbook file, containing the tasks to be executed on the remote server(s). playbook.yml :剧本文件,包含要在远程服务器上执行的任务。
  • readme.md: A text file containing information about this playbook. readme.md :一个文本文件,包含有关此剧本的信息。

We’ll edit the playbook’s variable file to customize a few options. Access the apache_ubuntu1804 directory and open the vars/default.yml file using your command line editor of choice:

我们将编辑剧本的变量文件以自定义一些选项。 访问apache_ubuntu1804目录,然后使用您选择的命令行编辑器打开vars/default.yml文件:

  • cd apache_ubuntu1804
  • nano vars/default.yml

This file contains a few variables that require your attention:

该文件包含一些需要引起您注意的变量:

vars/default.yml

vars / default.yml

---
app_user: "sammy"
http_host: "your_domain"
http_conf: "your_domain.conf"
http_port: "80"
disable_default: true

The following list contains a brief explanation of each of these variables and how you might want to change them:

以下列表简要说明了每个变量以及如何更改它们:

  • app_user: A remote non-root user on the Ansible host that will be set as the owner of the application files. app_user :Ansible主机上的远程非root用户,将被设置为应用程序文件的所有者。
  • http_host: Your domain name. http_host :您的域名。
  • http_conf: The name of the configuration file that will be created within Apache. http_conf :将在Apache中创建的配置文件的名称。
  • http_port: HTTP port for this virtual host, where 80 is the default. http_port :此虚拟主机的HTTP端口,默认值为80 。
  • disable_default: Whether or not to disable the default website that comes with Apache. disable_default :是否禁用Apache随附的默认网站。

Once you’re done updating the variables inside vars/default.yml, save and close this file. If you used nano, do so by pressing CTRL + X, Y, then ENTER.

更新完vars/default.yml的变量后,保存并关闭此文件。 如果您使用过nano ,请按CTRL + X , Y ,然后按ENTER 。

You’re now ready to run this playbook on one or more servers. Most playbooks are configured to be executed on every server in your inventory, by default. We can use the -l flag to make sure that only a subset of servers, or a single server, is affected by the playbook. We can also use the -u flag to specify which user on the remote server we’re using to connect and execute the playbook commands on the remote hosts.

现在,您可以在一个或多个服务器上运行此剧本。 默认情况下,大多数剧本配置为在清单中的每台服务器上执行。 我们可以使用-l标志来确保只有一部分服务器或单个服务器受该剧本的影响。 我们还可以使用-u标志来指定用于连接和执行远程主机上的playbook命令的远程服务器上的哪个用户。

To execute the playbook only on server1, connecting as sammy, you can use the following command:

要仅在以sammy连接的server1上执行剧本,可以使用以下命令:

  • ansible-playbook playbook.yml -l server1 -u sammy ansible-playbook playbook.yml -l server1 -u sammy

You will get output similar to this:

您将获得类似于以下的输出:

Output
   
   
PLAY [all] *****************************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************
ok: [server1]

TASK [Install prerequisites] ***********************************************************************************************************
ok: [server1] => (item=aptitude)

TASK [Install Apache] ******************************************************************************************************************
changed: [server1]

TASK [Create document root] ************************************************************************************************************
changed: [server1]

TASK [Copy index test page] ************************************************************************************************************
changed: [server1]

TASK [Set up Apache virtualhost] *******************************************************************************************************
changed: [server1]

TASK [Enable new site] *****************************************************************************************************************
changed: [server1]

TASK [Disable default Apache site] *****************************************************************************************************
changed: [server1]

TASK [UFW - Allow HTTP on port 80] *****************************************************************************************************
changed: [server1]

RUNNING HANDLER [Reload Apache] ********************************************************************************************************
changed: [server1]

PLAY RECAP *****************************************************************************************************************************
server1            : ok=10   changed=8    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Note: For more information on how to run Ansible playbooks, check our Ansible Cheat Sheet Guide.

注意 :有关如何运行Ansible剧本的更多信息,请参阅《 Ansible备忘单指南》 。

When the playbook is finished running, go to your web browser and access the host or IP address of the server, as configured in the playbook variables:

当剧本完成运行后,请按照剧本变量中的配置,转到Web浏览器并访问服务器的主机或IP地址:

http://server_host_or_IP

You will see a page like this:

您将看到如下页面:

That means the automation was fully executed on your server, and Apache is now ready to serve static HTML pages and assets placed in the document root directory that you’ve set up within the playbook configuration variables.

这意味着自动化已在您的服务器上完全执行,并且Apache现在准备提供静态HTML页面和资产,这些页面和资产位于您在playbook配置变量中设置的文档根目录中。

(The Playbook Contents)

You can find the Apache server setup featured in this tutorial in the apache_ubuntu1804 folder inside the DigitalOcean Community Playbooks repository. To copy or download the script contents directly, click the Raw button towards the top of each script.

您可以在DigitalOcean Community Playbooks存储库内的apache_ubuntu1804文件夹中找到本教程中介绍的Apache服务器设置。 要直接复制或下载脚本内容,请单击每个脚本顶部的Raw按钮。

The full contents of the playbook as well as its associated files are also included here for your convenience.

为了方便起见,此处也包含了剧本的完整内容及其相关文件。

(vars/default.yml)

The default.yml variable file contains values that will be used within the playbook tasks, such as the HTTP port and domain name to configure within your Apache VirtualHost.

default.yml变量文件包含将在剧本任务中使用的值,例如在Apache VirtualHost中配置的HTTP端口和域名。

vars/default.yml

vars / default.yml

---
app_user: "sammy"
http_host: "your_domain"
http_conf: "your_domain.conf"
http_port: "80"
disable_default: true

(files/apache.conf.j2)

The apache.conf.j2 file is a Jinja 2 template file that configures a new Apache VirtualHost. The variables used within this template are defined in the vars/default.yml variable file.

apache.conf.j2文件是Jinja 2模板文件,用于配置新的Apache VirtualHost。 在vars/default.yml变量文件中定义了此模板中使用的变量。

files/apache.conf.j2

文件/apache.conf.j2

<VirtualHost *:{{ http_port }}>
   ServerAdmin webmaster@localhost
   ServerName {{ http_host }}
   ServerAlias www.{{ http_host }}
   DocumentRoot /var/www/{{ http_host }}
   ErrorLog ${APACHE_LOG_DIR}/error.log
   CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

(files/index.html.j2)

The index.html.j2 file is another Jinja template, used to set up a test HTML page in the document root of the newly configured Apache server.

index.html.j2文件是另一个Jinja模板,用于在新配置的Apache服务器的文档根目录中设置测试HTML页面。

files/index.html.j2

files / index.html.j2

<html>
   <head>
       <title>Welcome to {{ http_host }} !</title>
   </head>
   <body>
       <h1>Success! The {{ http_host }} virtual host is working!</h1>
   </body>
</html>

(playbook.yml)

The playbook.yml file is where all tasks from this setup are defined. It starts by defining the group of servers that should be the target of this setup (all), after which it uses become: true to define that tasks should be executed with privilege escalation (sudo) by default. Then, it includes the vars/default.yml variable file to load configuration options.

在playbook.yml文件中,定义了此设置中的所有任务。 它首先定义应作为此设置目标的服务器组( all ),然后使用become: true定义默认情况下应以特权升级( sudo )执行任务。 然后,它包含vars/default.yml变量文件以加载配置选项。

playbook.yml

playbook.yml

---
- hosts: all
  become: true
  vars_files:
    - vars/default.yml

  tasks:
    - name: Install prerequisites
      apt: name={{ item }} update_cache=yes state=latest force_apt_get=yes
      loop: [ 'aptitude' ]

    - name: Install Apache
      apt: name=apache2 update_cache=yes state=latest

    - name: Create document root
      file:
        path: "/var/www/{{ http_host }}"
        state: directory
        owner: "{{ app_user }}"
        mode: '0755'

    - name: Copy index test page
      template:
        src: "files/index.html.j2"
        dest: "/var/www/{{ http_host }}/index.html"

    - name: Set up Apache virtuahHost
      template:
        src: "files/apache.conf.j2"
        dest: "/etc/apache2/sites-available/{{ http_conf }}"

    - name: Enable new site
      shell: /usr/sbin/a2ensite {{ http_conf }}
      notify: Reload Apache

    - name: Disable default Apache site
      shell: /usr/sbin/a2dissite 000-default.conf
      when: disable_default
      notify: Reload Apache

    - name: "UFW - Allow HTTP on port {{ http_port }}"
      ufw:
        rule: allow
        port: "{{ http_port }}"
        proto: tcp

  handlers:
    - name: Reload Apache
      service:
        name: apache2
        state: reloaded

    - name: Restart Apache
      service:
        name: apache2
        state: restarted

Feel free to modify these files to best suit your individual needs within your own workflow.

随意修改这些文件以最适合您自己的工作流程中的个性化需求。

(Conclusion)

In this guide, we used Ansible to automate the process of installing and configuring Apache on Ubuntu 18.04.

在本指南中,我们使用Ansible来自动化在Ubuntu 18.04上安装和配置Apache的过程。

If you’d like to include other tasks in this playbook to further customize your server setup, please refer to our introductory Ansible guide Configuration Management 101: Writing Ansible Playbooks.

如果您想在本手册中包括其他任务以进一步自定义服务器设置,请参阅我们的Ansible入门指南Configuration Management 101:编写Ansible手册 。

翻译自: https://www.digitalocean.com/community/tutorials/how-to-use-ansible-to-install-and-set-up-apache-on-ubuntu-18-04