서버 모니터링
1.수집 - telegraf(어떤 서버의, 어떤 리소스를, 얼마의 간격으로 수집할지)
2.저장 - influxDB. 시계열(time-series), 일정한 시간간격으로 수집된 데이터를 DB에 저장.
3.시각화 - grafana. 저장된 데이터를 토대로 그래프를 그리거나 수치로 표현.
—-------------------
<telegraf 설치>
설치를 위해 레포를 수정.
tee 명령어 : 파일에 내용추가 + 화면출력 동시에
cat <<EOF | sudo tee /etc/yum.repos.d/influxdb.repo
[influxdb]
name = InfluxDB Repository - RHEL \$releasever
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 0
gpgkey = https://repos.influxdata.com/influxdb.key
EOF
[root@srv1 ~]# yum -y install telegraf
[root@srv1 ~]# vi /etc/telegraf/telegraf.conf
ggdG
# 전부삭제
# 삭제후 아래의 내용을 conf파일에 추가한다.
[global_tags]
# Configuration for telegraf agent
[agent]
interval = "10s"
debug = false
hostname = "server-hostname"
round_interval = true
flush_interval = "10s"
flush_jitter = "0s"
collection_jitter = "0s"
metric_batch_size = 1000
metric_buffer_limit = 10000
quiet = false
logfile = ""
omit_hostname = false
###############################################################################
# OUTPUTS #
###############################################################################
[[outputs.influxdb]]
urls = ["http://localhost:8086"] # InfluxDB가 설치된 서버의 IP를
database = "telegraf" # 데이터베에스 이름, 생성이 되어있지 않으면 자동 생성됨
timeout = "10s"
username = "admin" # InflusXDB 기본 계정
password = "admin"
retention_policy = ""
###############################################################################
# INPUTS #
###############################################################################
[[inputs.cpu]]
percpu = true
totalcpu = true
collect_cpu_time = false
report_active = false
[[inputs.disk]]
ignore_fs = ["tmpfs", "devtmpfs", "devfs"]
[[inputs.diskio]]
[[inputs.mem]]
[[inputs.net]]
[[inputs.system]]
[[inputs.swap]]
[[inputs.netstat]]
[[inputs.processes]]
[[inputs.kernel]]
<grafana>
cat <<EOF | sudo tee /etc/yum.repos.d/grafana.repo
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=0
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
# 레포 추가
[root@srv1 ~]# yum -y install grafana
[root@srv1 ~]# systemctl enable --now grafana-server
# grafana 기본포트 3000
HTTPD 설치
1. firewalld라는 데몬을 동작
[root@ansible ~]# ansible 211.183.3.210 -m service -a "name=firewalld state=started" -k
2. httpd라는 데몬 설치 및 동작
[root@ansible ~]# ansible all -m yum -a "name=httpd state=present" -k
[root@ansible ~]# ansible all -m service -a "name=httpd state=started" -k
3. curl 211.183.3.210을 통해 httpd가 동작은 하지만 접속은 안되는것을 확인하고
4. 방화벽을 중지시키고 다시 웹서버 접속여부를 확인해보세요.
[root@ansible ~]# ansible 211.183.3.210 -m service -a "name=firewalld state=stopped" -k
[root@ansible ~]# ansible 211.183.3.210 -m service -a "name=firewalld state=started" -k
[root@ansible ~]# ansible all -m yum -a "name=httpd state=present" -k
[root@ansible ~]# ansible 211.183.3.210 -m service -a "name=firewalld state=stopped" -k
USER 추가
공개키 등록(ssh)
- name: playbook-name
hosts: all
tasks:
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
service:
name: httpd
state: started
enabled: true
- name: multi install playbook
hosts: busan
tasks:
- name: multi install
yum:
name: "{{ item }}"
state: present
with_items:
- "httpd"
- "net-tools"
- "wget"
- name: copy index.html playbook
hosts: seoul
tasks:
- name: copy file
copy:
src: /ans/index.html
dest: /var/www/html/index.html
lineinfile 모듈
- name: lineinfile playbook
hosts: all
tasks:
- name: lineinfile
lineinfile:
path: /var/www/html/index.html
line: "line in file test"
파일 모듈
- name: make file playbook
hosts: all
tasks:
- name: make file
file:
path: /touch-test.txt
state: touch
mode: '0777'
웹서버(NGINX) 배포
SHELL TEST
- name: shell test playbook
hosts: web
tasks:
- name: shell test
shell: "{{ item }}"
with_items:
- "mkdir /shelltest"
- "cp /root/anaconda-ks.cfg /shelltest"
- "ls -al /shelltest"
- name: gather_facts
hosts: web
gather_facts: yes
tasks:
- name: show facts
debug:
var: ansible_facts
—-----------------
- name: become playbook
hosts: web
become: yes
become_user: root
tasks:
- name: install httpd
yum:
name: httpd
state: present
unzip, unarchive
https://www.free-css.com/assets/files/free-css-templates/download/page296/oxer.zip
[root@ansible ans]# cat unarchive.yml
- name: unarchive playbook
hosts: web
gather_facts: no
tasks:
- name: get free template
get_url:
url: https://www.free-css.com/assets/files/free-css-templates/download/page296/oxer.zip
dest: /root/tem.zip
- name: install unzip
yum:
name: unzip
state: present
- name: unarchive
unarchive:
src: /root/tem.zip
remote_src: yes
dest: /root
NFS서버 구성
[root@ansible ans]# cat nfs-srv.yml
- name: nfs-srv playbook
hosts: nfs-srv
gather_facts: no
tasks:
- name: install nfs-utils
yum:
name: nfs-utils
state: present
- name: disable selinux
selinux:
state: disabled
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: false
- name: mkdir shared directory
file:
path: /shared
state: directory
mode: '0777'
# 숫자를 쓸때는 꼭 따옴표로 묶어주자
- name: configure /etc/exports
lineinfile:
path: /etc/exports
line: "/shared *(rw,no_root_squash)"
- name: nfs start
service:
name: nfs-server
state: restarted
[root@ansible ans]# cat nfs-cli.yml
- name: nfs-cli playbook
hosts: nfs-cli
gather_facts: no
tasks:
- name: install nfs-utils
yum:
name: nfs-utils
state: present
- name: disable selinux
selinux:
state: disabled
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: false
- name: mkdir shared directory
file:
path: /remote
state: directory
mode: '0777'
- name: mount directory
mount:
name: /remote
src: '211.183.3.230:/shared'
fstype: nfs
state: mounted
[root@ansible ans]# anp tom.yml --ssh-common-args="-o StrictHostKeyChecking=no"
<tom 플레이북>
| - name: tomcat setup hosts: tom gather_facts: no become: yes tasks: - name: selinux disable selinux: state: disabled - name: stop firewalld service: name: firewalld state: stopped enabled: false - name: Install openjdk yum: name: java-11-openjdk state: present - name: make tomcat dir file: path: /root/tomcat state: directory - name: unarchive unarchive: src: http://dlcdn.apache.org/tomcat/tomcat-10/v10.1.23/bin/apache-tomcat-10.1.23.tar.gz dest: /root/tomcat remote_src: yes extra_opts: [--strip-components=1] - name: chmod startup.sh file: path: /root/tomcat/bin/startup.sh mode: 0777 - name: start tomcat shell: nohup /root/tomcat/bin/startup.sh |
1.내가 파일을 만들어두고 원격서버에 복사
[root@ansible ans]# cat tom-web.yml
| - name: httpd Install & Start hosts: web gather_facts: no become: yes tasks: - name: install httpd yum: name: httpd state: present - name: copy httpd.conf copy: src: /ans/httpd.conf dest: /etc/httpd/httpd.conf - name: start httpd service: name: httpd state: restarted enabled: true |
2.lineinfile 옵션 통해서 내용을 추가하는 방법.
[root@ansible ans]# cat tom-web.yml
| - name: httpd Install & Start hosts: web gather_facts: no become: yes tasks: - name: install httpd yum: name: httpd state: present - name: lineinfile httpd.conf lineinfile: path: /etc/httpd/conf/httpd.conf line: | LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so <VirtualHost *:80> # 80번 포트로 들어오는 모든 Ip에 대한 설정 ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /tomcat http://211.183.3.88:8080/ disablereuse=on ProxyPassReverse /tomcat http://211.183.3.88:8080/ </VirtualHost> - name: start httpd service: name: httpd state: restarted enabled: true |
'AWS Cloud School' 카테고리의 다른 글
| [05.14] IaaS, PaaS, SaaS, AWS 기초(인스턴스 생성, VPC, 보안 규칙, 라우팅 테이블) (0) | 2024.05.15 |
|---|---|
| [05.13] Ubuntu 설치, Ubuntu환경에서의 playbook, register, when, ansible로 slack메세지 보내기 (0) | 2024.05.13 |
| [05.07-08] Openvswitch, GRE tunneling, VLAN (0) | 2024.05.08 |
| [05.04] KVM 네트워크 인터페이스 추가(CLI환경), 종합실습 (0) | 2024.05.04 |
| [05.02] KVM 이미지 생성(CLI환경), kvmnet 네트워크 추가, virt-builder, virt-customize (0) | 2024.05.03 |
