ansible devops codestyle
Hav! Kuv lub npe yog Kuv ua hauj lwm ua ib tug engineer nyob rau hauv txoj kev loj hlob automation department. Txhua txhua hnub, cov ntawv thov tshiab tsim tawm mus rau ntau pua lub phiaj xwm phiaj xwm servers. Thiab hauv tsab xov xwm no, kuv qhia kuv qhov kev paub ntawm kev siv Ansible rau cov laj thawj no.
Phau ntawv qhia no muaj txoj hauv kev los npaj cov kev hloov pauv hauv kev xa tawm. Phau ntawv qhia no yog tsim los rau cov neeg uas twb siv lub luag haujlwm hauv lawv cov ntawv ua si thiab nyeem tab sis khiav mus rau cov teeb meem zoo sib xws:
- Tau pom qhov sib txawv hauv cov cai, nws tsis tuaj yeem nkag siab tam sim ntawd nws yog lub luag haujlwm rau;
- Muaj ntau lub luag haujlwm, thiab qhov sib txawv yuav tsum tau txuam nrog ib qho nqi, tab sis nws tsis ua haujlwm;
- Muaj teeb meem piav qhia rau lwm tus li cas lub logic ntawm qhov sib txawv hauv koj phau ntawv ua haujlwm
Peb tau ntsib cov teeb meem no ntawm cov haujlwm hauv peb lub tuam txhab, vim li ntawd peb tuaj rau cov cai rau formatting variables hauv peb cov playbooks, uas rau qee qhov kev daws teeb meem no.
Kev hloov pauv hauv lub luag haujlwm
Lub luag hauj lwm yog ib qho cais Deployment System Object. Zoo li txhua yam khoom ntawm lub kaw lus, nws yuav tsum muaj qhov cuam tshuam rau kev cuam tshuam nrog lwm qhov system. Lub luag haujlwm hloov pauv yog qhov zoo li no interface.
Piv txwv li, coj lub luag haujlwm api, uas nruab ib daim ntawv thov Java ntawm lub server. Nws muaj qhov hloov pauv dab tsi?
Lub luag haujlwm sib txawv tuaj yeem muab faib ua 2 hom raws li hom:
1. Свойства
a) независимые от среды
б) зависимые от среды
2. Связи
a) слушатели
б) запросы внутри системы
в) запросы в среду
Cov khoom sib txawv yog variables uas txhais tus cwj pwm ntawm lub luag hauj lwm.
Query Variables yog cov variables uas nws tus nqi yog siv los xaiv cov peev txheej sab nraud rau lub luag haujlwm.
Cov neeg mloog sib txawv yog variables uas nws tus nqi yog siv los tsim cov lus nug variables.
Ntawm qhov tod tes, 1a, 2a, 2b yog cov kev hloov pauv uas tsis nyob ntawm ib puag ncig (hlau, cov khoom siv sab nraud, thiab lwm yam) thiab tuaj yeem ua tiav nrog qhov tseem ceeb hauv lub luag haujlwm defaults. Txawm li cas los xij, cov kev hloov pauv xws li 1.b thiab 2.c tsis tuaj yeem sau nrog cov txiaj ntsig uas tsis yog 'piv txwv', vim lawv yuav hloov ntawm qhov chaw sawv ntsug nyob ntawm ib puag ncig.
code style
- Lub npe ntawm qhov sib txawv yuav tsum pib nrog lub npe ntawm lub luag haujlwm. Qhov no yuav ua rau nws yooj yim los txiav txim siab yav tom ntej seb lub luag haujlwm ntawm qhov hloov pauv yog los ntawm thiab nws yog lub luag haujlwm rau dab tsi.
- Thaum siv cov kev hloov pauv hauv lub luag haujlwm, koj yuav tsum nco ntsoov ua raws li lub hauv paus ntsiab lus ntawm encapsulation thiab siv cov kev hloov pauv uas tau hais tseg hauv lub luag haujlwm nws tus kheej lossis hauv cov luag haujlwm uas tam sim no nyob ntawm.
-
Tsis txhob siv phau ntawv txhais lus rau kev hloov pauv. Ansible tsis tso cai rau koj yooj yim override tus nqi ntawm tus kheej hauv phau ntawv txhais lus.
Ib qho piv txwv ntawm qhov hloov pauv tsis zoo:
myrole_user: login: admin password: adminNtawm no, tus ID nkag mus yog qhov sib txawv nruab nrab, thiab tus password yog qhov txawv txav. Tab sis
txij li thaum lawv tau muab tso ua ke rau hauv phau ntawv txhais lus, koj yuav tau qhia kom meej tag nrho
Ib txwm. Uas tsis yooj yim heev. Zoo dua li no:myrole_user_login: admin myrole_user_password: admin
Kev hloov pauv hauv kev xa tawm playbooks
Thaum sau ib phau ntawv xa mus ua si (tom qab no hu ua phau ntawv ua si), peb ua raws li txoj cai uas nws yuav tsum muab tso rau hauv ib qho chaw khaws cia. Ib yam li lub luag haujlwm: txhua tus hauv nws tus kheej git repository. Qhov no tso cai rau koj kom nkag siab tias lub luag haujlwm thiab phau ntawv ua si yog cov khoom sib txawv ntawm kev xa tawm, thiab kev hloov pauv hauv ib yam khoom yuav tsum tsis txhob cuam tshuam rau kev ua haujlwm ntawm lwm tus. Qhov no yog ua tiav los ntawm kev hloov pauv qhov tseem ceeb ntawm kev hloov pauv.
Thaum sau ib phau ntawv ua si, kom xaus lus, nws muaj peev xwm override lub neej ntawd qhov tseem ceeb ntawm lub luag haujlwm hloov pauv hauv ob qhov chaw: hauv phau ntawv hloov pauv thiab hauv cov khoom lag luam sib txawv.
mydeploy # Каталог деплоя
├── deploy.yml # Плейбук деплоя
├── group_vars # Каталог переменных плейбука
│ ├── all.yml # Файл для переменных связи всей системы
│ └── myapi.yml # Файл переменных свойств группы myapi
└── inventories #
└── prod # Каталог окружения prod
├── prod.ini # Инвентори файл
└── group_vars # Каталог для переменных инвентори
└── myapi #
├── vars.yml # Средозависимые переменные группы myapi
└── vault.yml # Секреты (всегда средозависимы) ** -
Qhov txawv yog tias playbook variables yeej ib txwm siv thaum hu playbooks nyob rau tib theem nrog nws. Qhov no txhais tau hais tias cov kev hloov pauv no yog qhov zoo rau kev hloov pauv qhov tseem ceeb ntawm cov kev hloov pauv uas tsis nyob ntawm ib puag ncig. Hloov pauv, cov khoom lag luam hloov pauv tsuas yog siv rau ib puag ncig tshwj xeeb, uas yog qhov zoo tagnrho rau cov hloov pauv ib puag ncig tshwj xeeb.
Nws yog ib qho tseem ceeb uas yuav tsum nco ntsoov tias qhov sib txawv ntawm qhov ua ntej yuav tsis tso cai rau koj rov txheeb xyuas qhov sib txawv ua ntej hauv cov ntawv nyeem thiab tom qab ntawd sib cais hauv tib cov khoom muag.
Qhov no txhais tau hais tias twb nyob rau theem no koj yuav tsum txiav txim siab seb qhov hloov pauv puas yog nyob ntawm ib puag ncig lossis tsis thiab muab tso rau hauv qhov chaw zoo.
Piv txwv li, hauv ib qhov project, qhov sib txawv ntawm lub luag haujlwm rau kev ua kom SSL yog ib puag ncig-nyob rau lub sijhawm ntev, txij li peb tsis tuaj yeem ua rau SSL vim yog vim li cas dhau ntawm peb txoj kev tswj hwm ntawm ib qho chaw sawv. Tom qab peb kho qhov teeb meem no, nws tau dhau los ua kev ywj pheej nruab nrab thiab hloov mus rau playbook variables.
Property Variables rau pab pawg
Cia peb nthuav peb cov qauv hauv daim duab 1 los ntawm kev ntxiv 2 pawg ntawm cov servers nrog ib daim ntawv thov Java sib txawv, tab sis nrog cov chaw sib txawv.
Xav txog seb phau ntawv ua si yuav zoo li cas hauv qhov no:
- hosts: myapi
roles:
- api
- hosts: bbauth
roles:
- auth
- hosts: ghauth
roles:
- authPeb muaj peb pawg hauv phau ntawv ua si, yog li nws tau pom zoo kom tsim ntau pab pawg cov ntaub ntawv hauv group_vars cov khoom lag luam sib txawv thiab cov ntawv ua si sib txawv ib zaug. Ib pawg ntaub ntawv nyob rau hauv cov ntaub ntawv no yog cov lus piav qhia ntawm ib feem ntawm koj daim ntawv thov nyob rau hauv lub playbook. Thaum koj qhib cov ntaub ntawv pab pawg nyob rau hauv cov playbook variables, koj tam sim ntawd pom tag nrho cov sib txawv ntawm lub neej ntawd tus cwj pwm ntawm lub luag hauj lwm muab rau pab pawg neeg. Hauv cov khoom lag luam sib txawv: qhov sib txawv ntawm pawg coj cwj pwm ntawm lub rooj muag khoom mus rau lub rooj muag khoom.
code style
- Sim tsis txhob siv host_vars variables txhua, raws li lawv tsis piav txog lub system, tab sis tsuas yog ib rooj plaub tshwj xeeb, uas nyob rau hauv lub sij hawm ntev yuav ua rau cov lus nug: "Vim li cas tus tswv tsev no txawv ntawm tus so?", lo lus teb rau uas yog. tsis yooj yim nrhiav.
Kev sib txuas lus sib txawv
Txawm li cas los xij, qhov ntawd yog hais txog cov cuab yeej hloov pauv, tab sis dab tsi txog qhov sib txuas sib txawv?
Lawv qhov txawv yog tias lawv yuav tsum muaj tus nqi tib yam hauv ntau pawg.
Thaum pib muaj siv ib tug monstrous tsim ntawm daim ntawv:
hostvars[groups['bbauth'][0]]['auth_bind_port'], tab sis nws tau tso tseg tam sim ntawd
vim nws muaj flaws. Ua ntej, qhov bulkiness. Qhov thib ob, kev vam khom rau ib tus tswv tsev tshwj xeeb hauv pab pawg. Thib peb, nws yog ib qho tsim nyog los sau qhov tseeb los ntawm txhua tus tswv ua ntej pib xa tawm, yog tias peb tsis xav kom tau txais qhov yuam kev tsis sib xws.
Yog li ntawd, nws tau txiav txim siab siv qhov sib txuas sib txawv.
Kev sib txuas lus sib txawv yog cov variables uas zwm rau hauv phau ntawv playbook thiab xav tau los txuas cov khoom siv.
Link variables yog populated nyob rau hauv dav system variables group_vars/all/vars thiab raug tsim los ntawm kev tshem tawm tag nrho cov neeg mloog hloov pauv los ntawm txhua pab pawg, thiab ntxiv lub npe ntawm pawg los ntawm cov neeg mloog tau raug tshem tawm mus rau qhov pib ntawm qhov sib txawv.
Yog li ntawd, lub uniformity thiab tsis-intersection ntawm lub npe yog guaranteed.
Cia peb sim khi qhov sib txawv ntawm qhov piv txwv saum toj no:
Xav txog tias peb muaj qhov sib txawv uas nyob ntawm ib leeg:
# roles/api/defaults:
# Переменная запроса
api_auth1_address: "http://example.com:80"
api_auth2_address: "http://example2.com:80"
# roles/auth/defaults:
# Переменная слушатель
auth_bind_port: "20000"Cia peb muab tso rau hauv cov sib txawv group_vars/all/vars tag nrho cov mloog, thiab ntxiv lub npe ntawm pab pawg rau lub npe:
# group_vars/all/vars
bbauth_auth_bind_port: "20000"
ghauth_auth_bind_port: "30000"
# group_vars/bbauth/vars
auth_bind_port: "{{ bbauth_auth_bind_port }}"
# group_vars/ghauth/vars
auth_bind_port: "{{ ghauth_auth_bind_port }}"
# group_vars/myapi/vars
api_auth1_address: "http://{{ bbauth_auth_service_name }}:{{ bbauth_auth_bind_port }}"
api_auth2_address: "http://{{ ghauth_auth_service_name }}:{{ ghauth_auth_bind_port }}"Tam sim no, los ntawm kev hloov tus nqi ntawm cov khoom sib txuas, peb yuav paub tseeb tias qhov kev thov yuav mus rau tib qhov chaw nres nkoj.
code style
- Txij li cov luag hauj lwm thiab pab pawg yog cov khoom siv sib txawv, lawv yuav tsum muaj cov npe sib txawv kom cov kev sib txuas sib txawv yuav qhia tau tseeb tias lawv koom nrog ib pab pawg neeg rau zaub mov, thiab tsis yog lub luag haujlwm hauv qhov system.
Ib puag ncig cov ntaub ntawv
Lub luag haujlwm tuaj yeem siv cov ntaub ntawv sib txawv ntawm ib puag ncig rau ib puag ncig.
Cov ntawv pov thawj SSL yog ib qho piv txwv ntawm cov ntaub ntawv zoo li no. Khaws lawv li ntawv
nyob rau hauv ib tug sib txawv yog tsis yooj yim heev. Tab sis nws yog qhov yooj yim los khaws txoj hauv kev rau lawv hauv qhov sib txawv.
Piv txwv li, peb siv qhov sib txawv api_ssl_key_file: "/path/to/file".
Txij li thaum nws pom tseeb tias daim ntawv pov thawj tseem ceeb yuav hloov ntawm ib puag ncig mus rau ib puag ncig, qhov no yog ib puag ncig-dependent variable, uas txhais tau tias nws yuav tsum nyob rau hauv cov ntaub ntawv.
group_vars/myapi/vars Cov khoom muag ntawm cov khoom sib txawv, thiab muaj tus nqi 'piv txwv'.
Qhov yooj yim tshaj plaws nyob rau hauv cov ntaub ntawv no yog muab cov ntaub ntawv tseem ceeb nyob rau hauv lub playbook repository raws txoj kev
files/prod/certs/myapi.key, ces tus nqi ntawm qhov sib txawv yuav yog:
api_ssl_key_file: "prod/certs/myapi.key". Qhov yooj yim yog nyob rau hauv qhov tseeb hais tias cov neeg lub luag hauj lwm rau deploying lub system ntawm ib tug tshwj xeeb sawv ntsug kuj muaj lawv tus kheej mob siab rau qhov chaw nyob rau hauv lub repository khaws lawv cov ntaub ntawv. Nyob rau tib lub sijhawm, nws tseem muaj peev xwm hais meej txoj hauv kev rau daim ntawv pov thawj ntawm lub server, yog tias cov ntawv pov thawj tau muab los ntawm lwm qhov system.
Ntau qhov chaw nyob hauv ib puag ncig
Feem ntau yuav tsum tau siv ntau qhov yuav luag zoo ib yam nyob rau hauv tib qhov chaw nrog qhov sib txawv me me. Nyob rau hauv cov ntaub ntawv no, peb faib ib puag ncig-dependent variables rau cov uas tsis hloov nyob rau hauv ib puag ncig no thiab cov uas ua. Thiab peb tshem tawm cov tom kawg ncaj qha mus rau hauv cov ntaub ntawv khaws cia lawv tus kheej. Tom qab qhov kev hloov pauv no, nws tuaj yeem tsim tau lwm cov khoom muag ncaj qha rau hauv ib puag ncig cov npe.
Nws yuav rov siv lub group_vars cov khoom muag thiab tseem tuaj yeem rov txhais qee qhov hloov pauv ncaj qha rau nws tus kheej.
Qhov kawg directory qauv rau lub deployment project:
mydeploy # Каталог деплоя
├── deploy.yml # Плейбук деплоя
├── files # Каталог для файлов деплоя
│ ├── prod # Католог для средозависимых файлов стенда prod
│ │ └── certs #
│ │ └── myapi.key #
│ └── test1 # Каталог для средозависимых файлов стенда test1
├── group_vars # Каталог переменных плейбука
│ ├── all.yml # Файл для переменных связи всей системы
│ ├── myapi.yml # Файл переменных свойств группы myapi
│ ├── bbauth.yml #
│ └── ghauth.yml #
└── inventories #
├── prod # Каталог окружения prod
│ ├── group_vars # Каталог для переменных инвентори
│ │ ├── myapi #
│ │ │ ├── vars.yml # Средозависимые переменные группы myapi
│ │ │ └── vault.yml # Секреты (всегда средозависимы)
│ │ ├── bbauth #
│ │ │ ├── vars.yml #
│ │ │ └── vault.yml #
│ │ └── ghauth #
│ │ ├── vars.yml #
│ │ └── vault.yml #
│ └── prod.ini # Инвентори стенда prod
└── test # Каталог окружения test
├── group_vars #
│ ├── myapi #
│ │ ├── vars.yml #
│ │ └── vault.yml #
│ ├── bbauth #
│ │ ├── vars.yml #
│ │ └── vault.yml #
│ └── ghauth #
│ ├── vars.yml #
│ └── vault.yml #
├── test1.ini # Инвентори стенда test1 в среде test
└── test2.ini # Инвентори стенда test2 в среде testSumming txog
Tom qab teeb tsa cov kev hloov pauv raws li kab lus: txhua cov ntaub ntawv sib txawv yog lub luag haujlwm rau ib txoj haujlwm tshwj xeeb. Thiab txij li cov ntaub ntawv muaj qee yam dej num, nws tau los ua ib tus neeg ua haujlwm rau qhov raug ntawm txhua cov ntaub ntawv. Piv txwv li, tus tsim tawm ntawm qhov system xa mus ua lub luag haujlwm rau qhov tseeb sau ntawm cov ntawv ua si sib txawv, thaum tus thawj coj uas nws sawv cev tau piav qhia hauv cov khoom muag yog lub luag haujlwm ncaj qha rau kev sau cov khoom muag ntawm cov khoom sib txawv.
Lub luag haujlwm tau dhau los ua ib qho kev txhim kho tus kheej nrog lawv tus kheej interface, tso cai rau lub luag haujlwm tsim los tsim cov yam ntxwv es tsis yog kho lub luag haujlwm kom haum rau qhov system. Qhov teeb meem no muaj tseeb tshwj xeeb tshaj yog rau cov luag hauj lwm rau txhua lub tshuab hauv kev sib tw.
Cov thawj tswj hwm tsis tas yuav nkag siab txog kev xa tawm code. Txhua yam uas yuav tsum tau ntawm lawv rau kev xa mus ua tiav yog sau cov ntaub ntawv ntawm ib puag ncig hloov pauv.
Kev Sau Ntawv
sau
Kalyuzhny Denis Alexandrovich
Tau qhov twg los: www.hab.com