Learn DevOps

Set up ansible – terraform – serverspec (AMZ Linux 2)

Hải Yến Trịnh's photo
Hải Yến Trịnh
·

3 min read

Install Terraform

wget https://releases.hashicorp.com/terraform/1.0.11/terraform_1.0.11_linux_amd64.zip
unzip terraform_1.0.11_linux_amd64.zip
sudo mkdir /usr/local/src/terraform/
sudo mkdir /usr/local/src/terraform/terraform_1.0.11
sudo mv terraform /usr/local/src/terraform/terraform_1.0.11

Install Ansible

sudo amazon-linux-extras install epel
sudo yum install ansible

Install Serverspec

# Install ruby: 
curl -sSL https://rvm.io/mpapis.asc | gpg --import -
curl -sSL https://rvm.io/pkuczynski.asc | gpg --import -
curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
rvm get head
rvm list known
rvm install 3.0.2
rvm docs generate-ri
ruby --version
(Reference: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/ruby-development-environment.html)

# Install tools: 
gem install serverspec
gem install ansible_spec

Nếu install serverspec gặp lỗi:

Building native extensions. This could take a while...
ERROR:  Error installing ansible_spec:
        ERROR: Failed to build gem native extension.

    current directory: /home/ec2-user/.gem/ruby/2.4.0/gems/ffi-1.15.5/ext/ffi_c
/usr/bin/ruby -I /usr/local/share/ruby/site_ruby -r ./siteconf20220221-1089-1ie566o.rb extconf.rb
Ignoring bigdecimal-1.3.2 because its extensions are not built. Try: gem pristine bigdecimal --version 1.3.2
Ignoring openssl-2.0.9 because its extensions are not built. Try: gem pristine openssl --version 2.0.9
Ignoring psych-2.2.2 because its extensions are not built. Try: gem pristine psych --version 2.2.2
checking for ffi.h... *** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
        --with-opt-dir
        --without-opt-dir
        --with-opt-include
        --without-opt-include=${opt-dir}/include
        --with-opt-lib
        --without-opt-lib=${opt-dir}/lib64
        --with-make-prog
        --without-make-prog
        --srcdir=.
        --curdir
        --ruby=/usr/bin/$(RUBY_BASE_NAME)
        --with-ffi_c-dir
        --without-ffi_c-dir
        --with-ffi_c-include
        --without-ffi_c-include=${ffi_c-dir}/include
        --with-ffi_c-lib
        --without-ffi_c-lib=${ffi_c-dir}/lib64
        --enable-system-libffi
        --disable-system-libffi
        --with-libffi-config
        --without-libffi-config
        --with-pkg-config
        --without-pkg-config
/usr/share/ruby/mkmf.rb:457:in `try_do': The compiler failed to generate an executable file. (RuntimeError)
You have to install development tools first.
        from /usr/share/ruby/mkmf.rb:588:in `try_cpp'
        from /usr/share/ruby/mkmf.rb:1096:in `block in have_header'
        from /usr/share/ruby/mkmf.rb:946:in `block in checking_for'
        from /usr/share/ruby/mkmf.rb:351:in `block (2 levels) in postpone'
        from /usr/share/ruby/mkmf.rb:321:in `open'
        from /usr/share/ruby/mkmf.rb:351:in `block in postpone'
        from /usr/share/ruby/mkmf.rb:321:in `open'
        from /usr/share/ruby/mkmf.rb:347:in `postpone'
        from /usr/share/ruby/mkmf.rb:945:in `checking_for'
        from /usr/share/ruby/mkmf.rb:1095:in `have_header'
        from extconf.rb:10:in `system_libffi_usable?'
        from extconf.rb:42:in `<main>'

To see why this extension failed to compile, please check the mkmf.log which can be found here:

  /home/ec2-user/.gem/ruby/2.4.0/extensions/x86_64-linux/2.4.0/ffi-1.15.5/mkmf.log

extconf failed, exit code 1

Gem files will remain installed in /home/ec2-user/.gem/ruby/2.4.0/gems/ffi-1.15.5 for inspection.
Results logged to /home/ec2-user/.gem/ruby/2.4.0/extensions/x86_64-linux/2.4.0/ffi-1.15.5/gem_make.out

Cat file log:

[ec2-user@ip-172-31-6-9 ~]$ cat /home/ec2-user/.gem/ruby/2.4.0/extensions/x86_64-linux/2.4.0/ffi-1.15.5/mkmf.log
"pkg-config --exists libffi"
package configuration for libffi is not found
"gcc -o conftest -I/usr/include -I/usr/include/ruby/backward -I/usr/include -I.    -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -mtune=generic -fPIC conftest.c  -L. -L/usr/lib64 -L. -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -fstack-protector -rdynamic -Wl,-export-dynamic  -m64   -lruby  -lpthread -ldl -lcrypt -lm   -lc"
gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory
checked program was:
/* begin */
1: #include "ruby.h"
2:
3: int main(int argc, char **argv)
4: {
5:   return 0;
6: }
/* end */

Thì solution là:

sudo yum install redhat-rpm-config

Sau đó lại:

gem install ansible_spec

Set up SSH: ~/.ssh/config

Host git*
User l_cmc_tthyen
Port 22
TCPKeepAlive yes
identitiesonly yes
identityFile ~/.ssh/key/yen.id_rsa

Host *
User l_cmc_tthyen
Port 22
TCPKeepAlive yes
identitiesonly yes
identityFile ~/.ssh/key/yen.id_rsa

SSH by DNS, not IP: edit file /etc/hosts (private IP)

Lưu ý setup ansible (21/2/2022)

Khi launch 1 instance mới (AMZ linux 2) thì:

Nếu:

sudo yum install ansible

Sẽ chỉ cài ansible version 2.9.5, không phải version 4.10

Nếu muốn cài version 4.10 thì sẽ phải:

sudo pip3 install ansible==4.10

Có thể xảy ra case thế này:

để call ansible thay vì phải call cả ~/.local/bin/ansible thì làm 1 bước nữa như sau:

A simple safe way would be to use an alias. Place this into ~/.bashrc or ~/.bash_aliases file:

alias ansible=~/.local/bin/ansible

After adding the above in the file, run source ~/.bashrc or source ~/.bash_aliases

(tham khao: https://askubuntu.com/questions/320996/how-to-make-python-program-command-execute-python-3)

knowledge