=====ansible-go tree=====
tree ansible-go -L 2
ansible-go
├── ansible.cfg
├── docs
│ └── ansible-install
├── examples
│ ├── ansible.cfg
│ ├── group_vars
│ ├── inventory
│ └── playbooks
├── roles
│ ├── apache
│ ├── appserver
│ ├── aws
│ ├── aws_ec2
│ ├── galaxy
│ ├── geoipupdate
│ ├── haproxy
│ ├── innodb_data_restore
│ ├── keepalived
│ ├── mysql
│ ├── mysqlcluster
│ ├── ndbcluster_data_restore
│ ├── node.4dfornine99
│ ├── node.backcall
│ ├── node.bigtwo_p2p
│ ├── node.bigtwo_webonline
│ ├── node.daemon
│ ├── node.fbsse
│ ├── node.flashgame_security
│ ├── nodejs10
│ ├── nodejs7
│ ├── node.ncpay_grabber
│ ├── node.ncpay_rpm
│ ├── node.ncpay_transferin
│ ├── node.ncpay_transferout
│ ├── node.nodegrabasc_bot
│ ├── node.p2p_bot
│ ├── node.rocketchat
│ ├── node.spay_daemon
│ ├── php
│ ├── proxmox
│ ├── redis
│ ├── repo-epel
│ ├── repo-ius
│ ├── selinux
│ ├── system.chrony
│ ├── system.common
│ ├── system.files
│ ├── system.firewalld
│ ├── system.hostname
│ ├── system.hosts
│ ├── system.ntpd
│ ├── system.packages
│ ├── system.resolv_conf
│ ├── system.rsync
│ ├── system.rsyslog
│ ├── system.services
│ ├── system.snmp
│ ├── system.sshd
│ ├── system.sysctl
│ ├── system.timezone
│ ├── system.update
│ └── zabbix-agent
├── staging
├── ansible.cfg
├── docker-containers
├── group_vars
├── inventory
├── inventory-gwj
└── playbooks
===== 定义 role node.ncpay_transferin=====
ls roles/node.ncpay_transferin/
defaults 默认变量,优先级最初
tasks role 须要执行的工作
templates 模版文件,个别搁置文件
===== 设置 defaults=====
vi roles/node.ncpay_transferin/defaults/main.yml
<code>
---
ncpay_transferin_files:
- ncpay-transferin@.service
- ncpay-transferin.target
ncpay_transferin_services:
- ncpay-transferin.target
- ncpay-transferin@180.service
- ncpay-transferin@181.service
- ncpay-transferin@182.service
- ncpay-transferin@183.service
- ncpay-transferin@184.service
- ncpay-transferin@3000.service
- ncpay-transferin@3001.service
- ncpay-transferin@3002.service
- ncpay-transferin@3003.service
- ncpay-transferin@3004.service
- ncpay-transferin@3005.service
- ncpay-transferin@3006.service
- ncpay-transferin@3007.service
- ncpay-transferin@3008.service
- ncpay-transferin@3009.service
- ncpay-transferin@3010.service
- ncpay-transferin@3011.service
- ncpay-transferin@3012.service
- ncpay-transferin@3013.service
- ncpay-transferin@3014.service
- ncpay-transferin@3035.service
- ncpay-transferin@3036.service
- ncpay-transferin@3037.service
- ncpay-transferin@3038.service
- ncpay-transferin@3039.service
- ncpay-transferin@3055.service
- ncpay-transferin@3056.service
- ncpay-transferin@3057.service
- ncpay-transferin@3058.service
- ncpay-transferin@3059.service
- ncpay-transferin@3260.service
- ncpay-transferin@3261.service
- ncpay-transferin@3262.service
- ncpay-transferin@3263.service
- ncpay-transferin@3264.service
- ncpay-transferin@3390.service
- ncpay-transferin@3391.service
- ncpay-transferin@3392.service
- ncpay-transferin@3393.service
- ncpay-transferin@3394.service
</code>
===== 设置 tasks=====
vi roles/node.ncpay_transferin/tasks/main.yml
<code>
---
- name: copy transferin file
template:
src: "templates/{{item}}"
dest: /etc/systemd/system/
with_items: "{{ncpay_transferin_files}}"
- name: ncpay transferin start and enable
service:
name: "{{item}}"
state: started
enabled: yes
with_items: "{{ncpay_transferin_services}}"
</code>
===== 设置 templates=====
vi roles/node.ncpay_transferin/templates/ncpay-transferin@.service
<code>
[Unit]
Description=NodeJS Ncpay Transferin Bot
Requires=network.target
After=syslog.target network.target
PartOf=ncpay-transferin.target
[Service]
ExecStartPre=/bin/sh -c "echo PUBLIC_PORT=`expr 20000 + %i` >> /run/ncpay-transferin-%i.env"
ExecStartPre=/bin/sh -c "echo INTERNAL_PORT=`expr 20000 + %i` >> /run/ncpay-transferin-%i.env"
ExecStopPost=/bin/rm /run/ncpay-transferin-%i.env
EnvironmentFile=-/run/ncpay-transferin-%i.env
ExecStart=/usr/bin/node /var/nodejs/bank-scripts/index.js
ExecStop=/bin/kill -SIGTERM $MAINPID
TimeoutStopSec=360s
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=NodeJS ncpay-transferin-%i
User=root
Group=root
KillSignal=SIGTERM
KillMode=mixed
Restart=on-failure
RestartSec=10
StartLimitInterval=30s
StartLimitBurst=2
Environment=NODE_ENV=staging
Environment=ROBOTID=%i
Environment=ROBOTTYPE=4
Environment=APP_NAME=ncpay
Environment=SERVERID=1
Environment=XVFBSERVERNUM=%i
Environment=INTERNAL_IP=xxxxx
Environment=PUBLIC_IP=xxxx
Environment=ROOTDIR=/var/nodejs/bank-customer-transferin/
Environment=NODE_PATH=/usr/lib/node_modules
[Install]
WantedBy=ncpay-transferin.target
</code>
vi roles/node.ncpay_transferin/templates/ncpay-transferin.target
<code>
[Unit]
Description=NodeJS NCPAY transferin target allowing to start/stop all ncpay-transferin@.service instances at once
PartOf=ncpay.target
[Install]
WantedBy=multi-user.target ncpay.target
</code>
===== 定义 host=====
vi ansible-go/staging/inventory
<code>
[nodejs_ncpay]
x.x.x.x
</code>
===== 定义 playbook 设置或者重写变量, 调用 role=====
vi staging/playbooks/nodejs_ncpay.yaml
<code>
- hosts: nodejs_ncpay
vars:
update_system: yes
common_timezone: Asia/Kuala_Lumpur
hostname: nodejs_ncpay
firewalld_rich_rules:
- rule: rule family="ipv4" source address="10.1.0.0/16" port port="0-65535" protocol="tcp" accept
- rule: rule family="ipv4" source address="10.0.1.0/24" port port="18000-19999" protocol="tcp" accept
- rule: rule family="ipv4" source address="10.10.1.0/24" accept
- rule: rule family="ipv4" source address="0.0.0.0/0" port port="30001-40000" protocol="tcp" accept
- rule: rule family="ipv4" source address="0.0.0.0/0" port port="50001-60000" protocol="tcp" accept
- rule: rule family="ipv4" source address="0.0.0.0/0" port port="59000-59009" protocol="tcp" accept
nodejs_npm_global_packages:
- name: aws-sdk
version: 2.395.0
- name: debug
version: 4.1.1
- name: iconv-lite
version: 0.4.19
- name: jimp
version: 0.3.7
- name: koa-router
version: 8.0.8
- name: mysql
version: 2.13.0
- name: request
version: 2.88.2
- name: underscore
version: 1.8.3
nodejs_npm_global_unsafe_packages:
- name: nightmare
version: 2.10.0
roles:
- system.update
- system.sshd
- system.hostname
- system.timezone
- system.common
- system.packages
- system.rsync
- system.firewalld
- system.snmp
- system.rsyslog
- system.sysctl
- system.chrony
- zabbix-agent
- nodejs10
- node.daemon
- node.ncpay_rpm
- node.ncpay_grabber
- node.ncpay_transferin
- node.ncpay_transferout
</code>
===== 执行 playbook=====
cd ansible-go/staging
ansible-playbook -i inventory playbooks/nodejs_ncpay.yaml