From ff3c3f6f9ef9440e2a31b2165a7f8063dcd77d24 Mon Sep 17 00:00:00 2001 From: Sergey Antropoff Date: Mon, 8 Sep 2025 15:43:42 +0300 Subject: [PATCH] =?UTF-8?q?ansible(raw):=20make=20raw=20roles=20default;?= =?UTF-8?q?=20remove=20python-based=20roles;=20update=20docs=20[author:=20?= =?UTF-8?q?=D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B9=20=D0=90=D0=BD=D1=82=D1=80?= =?UTF-8?q?=D0=BE=D0=BF=D0=BE=D0=B2=20https://devops.org.ru]?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Makefile | 18 ++--- docs/deploy.md | 10 +-- runner/delete-service/playbook.yml | 31 --------- runner/delete/playbook.yml | 33 --------- runner/deploy-service/playbook.yml | 56 ---------------- runner/deploy/playbook.yml | 103 ----------------------------- 6 files changed, 14 insertions(+), 237 deletions(-) delete mode 100644 runner/delete-service/playbook.yml delete mode 100644 runner/delete/playbook.yml delete mode 100644 runner/deploy-service/playbook.yml delete mode 100644 runner/deploy/playbook.yml diff --git a/Makefile b/Makefile index 0007330..8c64e66 100644 --- a/Makefile +++ b/Makefile @@ -97,24 +97,24 @@ agent: collectors build deploy: build-linux collectors-linux - # Деплой на удалённый хост через Ansible (контейнер) + # Деплой на удалённый хост через Ansible raw (без Python на целевой стороне) docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ - ansible-playbook -i runner/inventory.ini runner/deploy/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + ansible-playbook -i runner/inventory.ini runner/deploy-raw/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo delete: - # Очистка установленного агента без systemd + # Очистка установленного агента (raw, без Python на целевой стороне) docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ - ansible-playbook -i runner/inventory.ini runner/delete/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + ansible-playbook -i runner/inventory.ini runner/delete-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo deploy-service: build-linux collectors-linux - # Деплой и запуск через systemd + # Деплой и запуск через systemd (raw, без Python на целевой стороне) docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ - ansible-playbook -i runner/inventory.ini runner/deploy-service/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + ansible-playbook -i runner/inventory.ini runner/deploy-service-raw/playbook.yml -e LOCAL_BIN_DIR=/workspace/bin/agent -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo delete-service: - # Остановка сервиса и очистка + # Остановка сервиса и очистка (raw, без Python на целевой стороне) docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ - ansible-playbook -i runner/inventory.ini runner/delete-service/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + ansible-playbook -i runner/inventory.ini runner/delete-service-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo deploy-raw: build-linux collectors-linux # Деплой без Python на целевом хосте (raw + scp) @@ -137,7 +137,7 @@ delete-service-raw: ansible-playbook -i runner/inventory.ini runner/delete-service-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo # Очистка установленного агента на удаленном хосте docker run --rm -e ANSIBLE_HOST_KEY_CHECKING=False -v $$PWD:/workspace -v $$HOME/.ssh:/root/.ssh:ro -w /workspace cytopia/ansible:latest-tools \ - ansible-playbook -i runner/inventory.ini runner/delete/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo + ansible-playbook -i runner/inventory.ini runner/delete-raw/playbook.yml -e ansible_ssh_private_key_file=/root/.ssh/id_rsa -e ansible_become=true -e ansible_become_method=sudo test: diff --git a/docs/deploy.md b/docs/deploy.md index 3acdb39..b1c0f79 100644 --- a/docs/deploy.md +++ b/docs/deploy.md @@ -4,14 +4,14 @@ Варианты развертывания: - Docker Compose: файл `docker-compose.yml` -- Systemd сервис: через роль `runner/deploy-service` (юнит находится в `runner/sensusagent.service` при необходимости) -- Ansible-плейбуки: `runner/deploy`, `runner/delete`, а также service-варианты +- Systemd сервис: через raw-роль `runner/deploy-service-raw` (юнит находится в `runner/sensusagent.service` при необходимости) +- Ansible-плейбуки (без Python на целевом хосте): `runner/deploy-raw`, `runner/delete-raw`, а также service-варианты `*-raw` Подготовка удаленного хоста: - Доступ по SSH (ключ находится у оператора) - Права `sudo` для установки зависимостей -Быстрый деплой (одноразовый запуск агента без systemd): +Быстрый деплой (одноразовый запуск агента без systemd, raw): ```bash make deploy ``` @@ -25,12 +25,12 @@ make deploy make delete ``` -Деплой и запуск через systemd: +Деплой и запуск через systemd (raw): ```bash make deploy-service ``` -Остановка и очистка systemd-варианта: +Остановка и очистка systemd-варианта (raw): ```bash make delete-service ``` diff --git a/runner/delete-service/playbook.yml b/runner/delete-service/playbook.yml deleted file mode 100644 index 2502950..0000000 --- a/runner/delete-service/playbook.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- hosts: all - gather_facts: no - become: true - become_user: root - become_method: sudo - vars: - remote_dir: /opt/sensusagent - tasks: - - name: Stop service - ansible.builtin.systemd: - name: sensusagent - state: stopped - enabled: false - ignore_errors: true - - - name: Remove unit file - ansible.builtin.file: - path: /etc/systemd/system/sensusagent.service - state: absent - ignore_errors: true - - - name: Reload systemd - ansible.builtin.command: systemctl daemon-reload - ignore_errors: true - - - name: Remove remote directory - ansible.builtin.file: - path: "{{ remote_dir }}" - state: absent - diff --git a/runner/delete/playbook.yml b/runner/delete/playbook.yml deleted file mode 100644 index 0577adc..0000000 --- a/runner/delete/playbook.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- hosts: all - gather_facts: no - become: true - become_user: root - become_method: sudo - vars: - remote_dir: /opt/sensusagent - tasks: - - name: Stop sensusagent systemd service if present - ansible.builtin.systemd: - name: sensusagent - state: stopped - ignore_errors: yes - - - name: Find running agent PIDs by full path - ansible.builtin.shell: "pgrep -f '^{{ remote_dir }}/agent( |$)' || true" - register: agent_pids - changed_when: false - failed_when: false - - - name: Kill agent PIDs if any - ansible.builtin.shell: "kill -TERM {{ item }}" - loop: "{{ agent_pids.stdout_lines }}" - when: agent_pids.stdout != '' - changed_when: true - failed_when: false - - - name: Remove remote directory - ansible.builtin.file: - path: "{{ remote_dir }}" - state: absent - diff --git a/runner/deploy-service/playbook.yml b/runner/deploy-service/playbook.yml deleted file mode 100644 index 47f06bf..0000000 --- a/runner/deploy-service/playbook.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -- hosts: all - gather_facts: no - become: true - become_user: root - become_method: sudo - vars: - remote_dir: /opt/sensusagent - local_bin_dir: "{{ LOCAL_BIN_DIR | default('./bin/agent') }}" - tasks: - - name: Create remote dir - ansible.builtin.file: - path: "{{ remote_dir }}" - state: directory - mode: '0755' - - - name: Copy agent binary (linux) - ansible.builtin.copy: - src: "{{ local_bin_dir }}/agent" - dest: "{{ remote_dir }}/agent" - mode: '0755' - - - name: Copy config - ansible.builtin.copy: - src: "{{ local_bin_dir }}/config.yaml" - dest: "{{ remote_dir }}/config.yaml" - mode: '0644' - - - name: Copy collectors directory - ansible.builtin.copy: - src: "{{ local_bin_dir }}/collectors/" - dest: "{{ remote_dir }}/collectors/" - mode: '0755' - directory_mode: '0755' - - - name: Ensure collectors executable recursively - ansible.builtin.file: - path: "{{ remote_dir }}/collectors" - recurse: yes - mode: '0755' - - - name: Install systemd unit - ansible.builtin.copy: - src: runner/sensusagent.service - dest: /etc/systemd/system/sensusagent.service - mode: '0644' - - - name: Reload systemd - ansible.builtin.command: systemctl daemon-reload - - - name: Enable and start service - ansible.builtin.systemd: - name: sensusagent - state: started - enabled: true - diff --git a/runner/deploy/playbook.yml b/runner/deploy/playbook.yml deleted file mode 100644 index 6db9bcd..0000000 --- a/runner/deploy/playbook.yml +++ /dev/null @@ -1,103 +0,0 @@ ---- -- hosts: all - gather_facts: yes - become: true - become_user: root - become_method: sudo - vars: - remote_dir: /opt/sensusagent - local_bin_dir: "{{ LOCAL_BIN_DIR | default('./bin/agent') }}" - tasks: - - name: Detect package manager (Debian/Ubuntu) - ansible.builtin.stat: - path: /etc/debian_version - register: debian_like - - - name: Detect package manager (RHEL/CentOS) - ansible.builtin.stat: - path: /etc/redhat-release - register: rhel_like - - - name: Update apt cache (tolerate broken third-party repos) - ansible.builtin.shell: | - apt-get update -o Acquire::AllowInsecureRepositories=true -o Acquire::https::Verify-Peer=false -o Acquire::https::Verify-Host=false || true - when: debian_like.stat.exists - - - name: Install required packages on Debian/Ubuntu - ansible.builtin.apt: - name: - - sysstat # iostat - - iotop - - smartmontools # smartctl - - nvme-cli - - mdadm - - lsscsi - - sg3-utils - - pciutils - state: present - force_apt_get: yes - allow_unauthenticated: yes - when: debian_like.stat.exists - - - name: Install required packages on RHEL/CentOS - ansible.builtin.yum: - name: - - sysstat - - iotop - - smartmontools - - nvme-cli - - mdadm - - lsscsi - - sg3_utils - - pciutils - state: present - when: rhel_like.stat.exists - - - name: Enable sysstat service if available - ansible.builtin.service: - name: sysstat - state: started - enabled: yes - ignore_errors: yes - - - name: Create remote dir - ansible.builtin.file: - path: "{{ remote_dir }}" - state: directory - mode: '0755' - - - name: Copy agent binary (linux) - ansible.builtin.copy: - src: "{{ local_bin_dir }}/agent" - dest: "{{ remote_dir }}/agent" - mode: '0755' - - - name: Copy config - ansible.builtin.copy: - src: "{{ local_bin_dir }}/config.yaml" - dest: "{{ remote_dir }}/config.yaml" - mode: '0644' - - - name: Copy collectors directory (no rsync required) - ansible.builtin.copy: - src: "{{ local_bin_dir }}/collectors/" - dest: "{{ remote_dir }}/collectors/" - mode: '0755' - directory_mode: '0755' - - - name: Ensure collectors executable recursively - ansible.builtin.file: - path: "{{ remote_dir }}/collectors" - recurse: yes - mode: '0755' - -# - name: Run agent once and capture JSON -# ansible.builtin.command: "{{ remote_dir }}/agent --once --mode stdout" -# environment: -# CONFIG_PATH: "{{ remote_dir }}/config.yaml" -# register: agent_output - -# - name: Show agent JSON -# ansible.builtin.debug: -# var: agent_output.stdout -