From 3db64fe54385733da851cd2270dcc68691a1e6ff Mon Sep 17 00:00:00 2001 From: Sergey Antropoff Date: Mon, 8 Sep 2025 15:40:31 +0300 Subject: [PATCH] =?UTF-8?q?ansible(raw):=20add=20raw+scp=20playbooks=20and?= =?UTF-8?q?=20Makefile=20targets=20(no=20Python=20on=20target)=20[author:?= =?UTF-8?q?=20=D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B9=20=D0=90=D0=BD=D1=82?= =?UTF-8?q?=D1=80=D0=BE=D0=BF=D0=BE=D0=B2=20https://devops.org.ru]?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Makefile | 20 +++++++++ runner/delete-raw/playbook.yml | 22 +++++++++ runner/delete-service-raw/playbook.yml | 19 ++++++++ runner/deploy-raw/playbook.yml | 59 ++++++++++++++++++++++++ runner/deploy-service-raw/playbook.yml | 62 ++++++++++++++++++++++++++ 5 files changed, 182 insertions(+) create mode 100644 runner/delete-raw/playbook.yml create mode 100644 runner/delete-service-raw/playbook.yml create mode 100644 runner/deploy-raw/playbook.yml create mode 100644 runner/deploy-service-raw/playbook.yml diff --git a/Makefile b/Makefile index 644b775..0007330 100644 --- a/Makefile +++ b/Makefile @@ -115,6 +115,26 @@ delete-service: # Остановка сервиса и очистка docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ ansible-playbook -i runner/inventory.ini runner/delete-service/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + +deploy-raw: build-linux collectors-linux + # Деплой без Python на целевом хосте (raw + scp) + docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ + ansible-playbook -i runner/inventory.ini runner/deploy-raw/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + +delete-raw: + # Удаление без Python на целевом хосте (raw) + docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ + ansible-playbook -i runner/inventory.ini runner/delete-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + +deploy-service-raw: build-linux collectors-linux + # Деплой и запуск через systemd без Python на целевой стороне + docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ + ansible-playbook -i runner/inventory.ini runner/deploy-service-raw/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + +delete-service-raw: + # Остановка и очистка systemd-варианта без Python на целевой стороне + docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ + ansible-playbook -i runner/inventory.ini runner/delete-service-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo # Очистка установленного агента на удаленном хосте docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ ansible-playbook -i runner/inventory.ini runner/delete/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo diff --git a/runner/delete-raw/playbook.yml b/runner/delete-raw/playbook.yml new file mode 100644 index 0000000..0502783 --- /dev/null +++ b/runner/delete-raw/playbook.yml @@ -0,0 +1,22 @@ +--- +- hosts: all + gather_facts: no + become: true + become_user: root + become_method: sudo + vars: + remote_dir: /opt/sensusagent + tasks: + - name: Stop systemd service if exists + ansible.builtin.raw: "systemctl stop sensusagent 2>/dev/null || true" + + - name: Disable systemd service if exists + ansible.builtin.raw: "systemctl disable sensusagent 2>/dev/null || true" + + - name: Remove files + ansible.builtin.raw: "rm -rf {{ remote_dir }}" + + - name: Remove unit file if exists + ansible.builtin.raw: "rm -f /etc/systemd/system/sensusagent.service && systemctl daemon-reload || true" + + diff --git a/runner/delete-service-raw/playbook.yml b/runner/delete-service-raw/playbook.yml new file mode 100644 index 0000000..54fbe7b --- /dev/null +++ b/runner/delete-service-raw/playbook.yml @@ -0,0 +1,19 @@ +--- +- hosts: all + gather_facts: no + become: true + become_user: root + become_method: sudo + vars: + remote_dir: /opt/sensusagent + tasks: + - name: Stop and disable service + ansible.builtin.raw: "systemctl disable --now sensusagent 2>/dev/null || true" + + - name: Remove unit file + ansible.builtin.raw: "rm -f /etc/systemd/system/sensusagent.service && systemctl daemon-reload || true" + + - name: Remove files + ansible.builtin.raw: "rm -rf {{ remote_dir }}" + + diff --git a/runner/deploy-raw/playbook.yml b/runner/deploy-raw/playbook.yml new file mode 100644 index 0000000..6860200 --- /dev/null +++ b/runner/deploy-raw/playbook.yml @@ -0,0 +1,59 @@ +--- +- hosts: all + gather_facts: no + become: true + become_user: root + become_method: sudo + vars: + remote_dir: /opt/sensusagent + local_bin_dir: "{{ LOCAL_BIN_DIR | default('./bin/agent') }}" + tasks: + - name: Ensure remote dir exists + ansible.builtin.raw: "mkdir -p {{ remote_dir }} && chmod 0755 {{ remote_dir }}" + + - name: Copy agent binary via scp (from controller) + ansible.builtin.command: > + scp -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/agent {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/agent + delegate_to: localhost + + - name: Copy config via scp (from controller) + ansible.builtin.command: > + scp -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/config.yaml {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/config.yaml + delegate_to: localhost + + - name: Copy collectors directory via scp -r (from controller) + ansible.builtin.command: > + scp -r -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/collectors {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/ + delegate_to: localhost + + - name: Ensure collectors are executable + ansible.builtin.raw: "chmod -R 0755 {{ remote_dir }}/collectors 2>/dev/null || true" + + - name: Optional deps (Debian/Ubuntu) — ignore errors + ansible.builtin.raw: | + if [ -f /etc/debian_version ]; then \ + apt-get update -o Acquire::AllowInsecureRepositories=true -o Acquire::https::Verify-Peer=false -o Acquire::https::Verify-Host=false || true; \ + apt-get install -y --no-install-recommends sysstat iotop smartmontools nvme-cli mdadm lsscsi sg3-utils pciutils || true; \ + systemctl enable --now sysstat || true; \ + fi + ignore_errors: yes + + - name: Optional deps (RHEL/CentOS) — ignore errors + ansible.builtin.raw: | + if [ -f /etc/redhat-release ]; then \ + yum install -y sysstat iotop smartmontools nvme-cli mdadm lsscsi sg3_utils pciutils || true; \ + systemctl enable --now sysstat || true; \ + fi + ignore_errors: yes + + - name: Show agent version (one-shot) — ignore errors + ansible.builtin.raw: "CONFIG_PATH={{ remote_dir }}/config.yaml {{ remote_dir }}/agent --once --mode stdout >/dev/null 2>&1 || true" + ignore_errors: yes + + diff --git a/runner/deploy-service-raw/playbook.yml b/runner/deploy-service-raw/playbook.yml new file mode 100644 index 0000000..445c17b --- /dev/null +++ b/runner/deploy-service-raw/playbook.yml @@ -0,0 +1,62 @@ +--- +- hosts: all + gather_facts: no + become: true + become_user: root + become_method: sudo + vars: + remote_dir: /opt/sensusagent + local_bin_dir: "{{ LOCAL_BIN_DIR | default('./bin/agent') }}" + tasks: + - name: Ensure remote dir exists + ansible.builtin.raw: "mkdir -p {{ remote_dir }} && chmod 0755 {{ remote_dir }}" + + - name: Copy agent binary via scp (from controller) + ansible.builtin.command: > + scp -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/agent {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/agent + delegate_to: localhost + + - name: Copy config via scp (from controller) + ansible.builtin.command: > + scp -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/config.yaml {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/config.yaml + delegate_to: localhost + + - name: Copy collectors directory via scp -r (from controller) + ansible.builtin.command: > + scp -r -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }} + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null + {{ local_bin_dir }}/collectors {{ ansible_user }}@{{ ansible_host }}:{{ remote_dir }}/ + delegate_to: localhost + + - name: Ensure collectors are executable + ansible.builtin.raw: "chmod -R 0755 {{ remote_dir }}/collectors 2>/dev/null || true" + + - name: Install/refresh systemd unit + ansible.builtin.raw: | + cat >/etc/systemd/system/sensusagent.service <<'UNIT' + [Unit] + Description=SensusAgent metrics collector + After=network.target + + [Service] + Type=simple + Environment=CONFIG_PATH={{ remote_dir }}/config.yaml + ExecStart={{ remote_dir }}/agent --mode stdout + Restart=on-failure + RestartSec=3 + User=nobody + Group=nogroup + + [Install] + WantedBy=multi-user.target + UNIT + systemctl daemon-reload + + - name: Enable and start service + ansible.builtin.raw: "systemctl enable --now sensusagent" + +