Yadda ake Amfani da Ingantattun kayayyaki don Ayyukan Gudanar da Ayyuka - Sashe na 6
A wannan Partangaren 6 na Ansan tsirarun kayayyaki a cikin batutuwan da suka gabata, yanzu zamu zurfafa da gano ƙarin kayayyaki waɗanda ke taimakawa wajen aiwatar da ayyuka da yawa na tsarin gudanarwa.
Za ku sami mahimman ra'ayi na kowane ɗayan kuma ku kalli zaɓuɓɓukan da ake da su don cim ma wasu ayyuka.
- Manajan fakitin software da wuraren adana bayanai a cikin Hankali
- Gudanar da Ayyuka Ta Amfani Mai Gaskiya
- Manajan Firewall tare da Inganci
- Fayilolin Fayiloli ko Aljihunan folda masu Sahihi
- Tsara Ayyuka tare da Tabbatacce
- Sarrafa Masu Amfani da sungiyoyi tare da Sahihi
- Createirƙiri Fayiloli da kananun adireshi tare da Gaskiya
- Gudanar da Ma'aji tare da Sahihi
- Manajan Tsarin Fayil tare da Gaskiya
Lokacin shigar da fakiti akan tsarin Linux, rarrabuwa daban-daban suna zuwa tare da manajan kunshin daban-daban. Don rarraba RedHat, mun dace.
Ansible yazo tare da tsarin da ake kira kunshi, wanda ke kawar da buƙatar amfani da manajan kunshin daban don tsarin daban. Yana amfani da mai sarrafa kunshin daidai na tsarin rundunar ta atomatik, don haka sauƙaƙa aiki.
Misali, don girka htop a cikin rukunin rundunonin da suka hada da Debian & RedHat distros yi amfani da tsarin kunshin kamar yadda aka nuna a littafin play_htop.yml da ke ƙasa.
---
- name: Install htop on Ubuntu and CentOS
hosts: all
tasks:
- package:
name: htop
state: installed
NOTE: Kunshin sunaye na iya bambanta daga wannan tsarin aiki zuwa wani. Misali, muna da httpd a cikin rarraba Redhat da Apache2 don tsarin Debian/Ubuntu duk waɗannan suna nuna Apache webserver. Sabili da haka, yakamata a kiyaye sosai yayin wucewa waɗannan fakitin. Yawancin lokaci, yana da kyau a yi amfani da masu canji ko bayanan sharaɗi.
Gaba, muna da tsarin sabis, wanda ake amfani dashi don sarrafa sabis akan tsarin Linux. An yi amfani dashi don farawa, dakatarwa ko sake farawa sabis. Hakanan zaka iya amfani da shi don kunna sabis sab thatda haka, lokacin da tsarin takalma, zai fara sabis ɗin ta atomatik.
Misali, don farawa & kunna Apache webserver akan RHEL 8, yi amfani da sabis ɗin kamar yadda aka nuna.
---
- name: Start and enable httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: started
enabled: yes
Don tsayar da sabis na httpd, wuce sifar da aka tsayar.
---
- name: Stop httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: stopped
Don sake kunna sabis na httpd, ƙaddamar da sake fasalin.
---
- name: Restart httpd service
hosts: webservers
tasks:
- service:
name: httpd
state: restarted
Wani mahimmin tsarin gudanarwa na masu gudanar da aiki shine gudanarwa ta Tacewar zaɓi. A cikin littattafan wasannoni masu sauki, wannan ya sauƙaƙa tare da Firewalld da ufw modules. Kuna iya saita katangar don ba da damar ko toshe tashar jiragen ruwa ko sabis ko ma adireshin tushe.
Bari mu yi tsalle mu kalli wasu 'yan misalai:
---
- name: Allow port 80
hosts: webservers
tasks:
-firewalld:
port: 80/tcp
permanent: yes
state: enabled
A cikin littafin wasan kwaikwayo na sama, an ba da izinin tashar tashar jirgin ruwa ta 80 a ƙetaren Firewall.
Zaɓin na dindindin: ee ya tilasta dokar ta Tacewar zaɓi kuma ya sa ta ci gaba ta ci gaba. Koyaya, wannan dokar ba ta aiki kai tsaye. Hakan ya fara aiki ne kawai bayan sake yi. Don aiwatar da ƙa'idar nan da nan, yi amfani da zaɓi nan da nan: ee .
Don saka adiresoshin da aka yarda, yi amfani da asalin: bayanin 0.0.0.0/0.
- firewalld:
source: 192.168.0.0/24
zone: public
state: enabled
Don tantance kewayon tashoshin jiragen ruwa da za'a basu damar amfani da zabin tashar kamar haka:
- firewalld:
port: 213-567/udp
permanent: yes
state: enabled
Don toshe tashar jiragen ruwa canza yanayin jihar zuwa nakasassu kamar yadda aka nuna:
-firewalld:
port: 80/tcp
permanent: yes
state: disabled
Baya ga ƙarawa/toshe tashar jiragen ruwa, zaku iya amfani da ƙa'idodi iri ɗaya ga sabis. Kuma yana da sauki. Kawai yi amfani da ƙirar sabis ɗin kuma haɗa da sabis ɗin don ƙarawa kuma tabbatar cewa an saita zaɓin jihar don kunna.
- firewalld:
service: https
permanent: true
state: enabled
Don toshe sabis ɗin saita zaɓi jihar don kashewa.
- firewalld:
service: https
permanent: true
state: disabled
Taskar kayan tarihi tana nufin matse fayil ko babban fayil zuwa tsarin da za'a iya ɗauka da sauƙi kuma ƙarami cikin girma. Jirgin ruwa masu saukin fahimta tare da tsarin da ake kira Rumbun ajiya. Damfara fayil yana da sauki kamar yadda yake samu. Duk abin da ake buƙata shine a tantance asalin hanyar fayil ɗin da kuma makomar fayil ɗin da aka matsa.
Yi la'akari da littafin wasan kwaikwayo compress.yml a ƙasa.
---
- hosts: webservers
tasks:
• name: Compress a folder
archive:
path: /opt/data/web
dest: /tmp/web.gz
Littafin wasan kwaikwayo na sama yana matse/opt/data/web directory kuma yana adana shi zuwa /tmp/web.gz.
Tsarin matsi na tsoho shine .gz , duk da haka, ana iya ƙayyade wannan ta amfani da sifa iri. Samfurin littafin wasa na gaba.
---
- hosts: webservers
Tasks:
- name: Create a zip archive
archive:
path: /opt/data/web
dest: /tmp/web
format: zip
Littafin wasan da ke sama yana damfarawa/opt/data/kundin adireshin yanar gizo zuwa /tmp/web.zip.
Hakanan zaka iya warware fayil ɗinda aka matse ta amfani da sifar unarchive. Yi la'akari da littafin wasa a ƙasa.
---
- hosts: webservers
tasks:
- name:Uncompress /tmp/web.gz to/opt directory on Ansible controller
unarchive:
src: /tmp/web.bz2
dest: /opt/
Littafin wasan kwaikwayon da ke sama yana warware fayil ɗin /opt/data/web.gz zuwa/ficewa akan Mai sarrafa mai nasara.
Don tantance tsarin tushe na nesa amfani da remote_src = eh zaɓi.
---
- hosts: webservers
tasks:
- name:Uncompress /tmp/web.bz2 to/opt on remote host
unarchive:
src: /tmp/web.bz2
dest: /opt/
remote_src=yes
Littafin wasan kwaikwayon da ke sama yana warware fayil /tmp/web.bz2 a kan kumburi mai nisa zuwa/opt/directory.
Moduleungiyar cron tana taimakawa cikin tsara jadawalin ayyuka a cikin Littattafan Wasanni masu Sauki.
Yi la'akari da littafin wasa a ƙasa.
---
- hosts: webservers
tasks:
- name: Create a scheduled task
cron:
name: Run employee attendance
job: sh /opt/scripts/attendace.sh
month: 4
day: 5
hour: 17
minute: 00
Littafin wasan yana gudanar da rubutun kasancewa a ranar 5 ga Afrilu da ƙarfe 5:00 na yamma.
Idan kuna son tsara wannan rubutun don gudana kawai idan ranar 5 ga Afrilu Litinin ce, to ku yi amfani da ranar aiki: 1 sifa. 0 yana nuna Lahadi da 6 yana nuna Asabar bisa ga sanarwa.
month: 4 day: 5 hour: 17 minute: 00 weekday: 1
Alamar taurari (*) a kowane ɗayan waɗannan fannonin yana nuna kowane ƙima.
Don gudanar da aikin a ranar 5 ga Afrilu da ƙarfe 5:00 na yamma ko da menene ranar aiki, yi amfani da sigogin lokaci kamar yadda aka nuna.
month: 4 day: 5 hour: 17 minute: 00 weekday: *
Don aiwatar da aikin cron a ranar 5th na kowane wata da ƙarfe 5:00 na yamma yi amfani da saitunan da ke ƙasa.
month: * day: 5 hour: 17 minute: 00 weekday: *
Don aiwatar da aikin cron kullun a 5: 00 pm saita saitunan lokaci kamar yadda aka nuna:
month: * day: * hour: 17 minute: 00 weekday: *
Don aiwatar da aikin cron kowane awa 5, yi amfani da ƙimar mataki */5 kamar yadda aka nuna.
month: * day: * hour: */5 minute: * weekday: *
Haka nan za ku iya sarrafa masu amfani da ƙungiyoyi a cikin Littattafan wasan kwaikwayo masu wahala sosai.
Don ƙirƙirar sabon mai amfani, yi amfani da ƙirar mai amfani kamar yadda aka nuna.
---
- hosts: webservers
tasks:
- name: Create a new user
user:
name: Jack
Hakanan zaka iya ƙara ƙarin zaɓuɓɓuka kamar UID, ƙungiyoyi.
- name: Create a new user
user:
name: Jack
comment: Jack Peters
uid: 1002
group: administrators
shell: /bin/bash
Don cire mai amfani, yi amfani da cire: ee bayani.
- name: Remove the user 'Jack'
user:
name: Jack
state: absent
remove: yes
Don ƙirƙirar sabon rukuni, yi amfani da rukunin rukuni.
- name: Create a group
group:
name: developers
Don ƙirƙirar fayiloli na kundayen adireshi, yi amfani da kundin fayil ɗin.
Misali, don kirkirar sabon kundin adireshi.
---
- hosts: webservers
tasks:
- name: Create a new directory
file:
path: /opt/app
state: directory
Kuna iya ƙara wasu halayen kamar mai shi, rukuni da izinin fayil.
- hosts: webservers
tasks:
- name: Create a new directory
file:
path: /opt/web
state: directory
owner: www-data
group: www-data
mode: 0644
Allyari, za ku iya ƙirƙirar kundayen adireshi akai-akai ta amfani da recurse: ee sanarwa.
---
- hosts: webservers
tasks:
- name: Create directories recursively
file:
path: /opt/web/app
state: directory
owner: www-data
group: www-data
mode: 0644
recurse: yes
Don ƙirƙirar fayil, yi amfani da jihar: taɓa zaɓi .
---
- hosts: webservers
tasks:
- name: Create a new file
file:
path: /opt/web/index.html
state: touch
owner: www-data
group: www-data
mode: 0644
Ana amfani da rukunin lvg don daidaita matakan LVM da ƙungiyoyi.
Yi la'akari da littafin wasan kwaikwayo a ƙasa:
---
- hosts: webservers
tasks:
• name: Create lVM volume group
lvg:
vg: vg1
pvs: /dev/sda1
pesize: 32
Wannan yana ƙirƙirar rukunin juzu'i a saman ɓangaren /dev/sda1 tare da girman jiki na 32 MB.
Da zarar an ƙirƙiri ku, yi amfani da ƙirar lvol don ƙirƙirar ƙimar hankali kamar yadda aka nuna
---
- hosts: webservers
tasks:
- name: Create lVM volume
lvol:
vg: vg1
lv: lvol1
pvs: /dev/sda1
Don ƙirƙirar tsarin fayil akan na'urar toshewa, yi amfani da tsarin tsarin fayil.
Littafin wasan kwaikwayo na ƙasa yana ƙirƙirar nau'in fayilolin fayil na xfs akan ƙarar toshe.
---
- hosts: webservers
tasks:
- name: Create a filesystem
filesystem:
fstype: xfs
dev: /dev/vg1/lvol1
Anan gaba zaku iya ci gaba da hawa ƙarar ƙarfin toshe ta amfani da matakan dutsen kamar yadda aka nuna a littafin wasan kwaikwayo na ƙasa:
---
- hosts: webservers
tasks:
- name: Mount a filesystem
mount:
fstype: xfs
src: /dev/vg1/lvol1
path: /opt/web
state: mounted
Wannan ya ƙare batun. Mun rufe ayyukan gudanarwa daban-daban waɗanda za a iya cika su ta ƙayyadaddun kayayyaki a cikin Littattafan Wasanni masu Sauki.