AmazonLinux2 に ansible 2.7 で JDK11 をぶち込む
VM 作ったらまずは署名認証
VM を立ち上げて、 ssh を確認(今回は 192.168.56.2 にした)したら、署名で SSH できるようにする。
とりあえず mac 側で署名署名などを作る
$ cd ~/.ssh $ ssh-keygen -t rsa -b 4096 -C "hoge@example.com" -f ~/.ssh/virtualbox Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/xxxx/.ssh/virtualbox. Your public key has been saved in /Users/xxxx/.ssh/virtualbox.pub. The key fingerprint is: SHA256:eKnjs4jiHsEktydZ7McMGULVDBQ/Wg3kHpeewVfGVmc hoge@example.com The key's randomart image is: +---[RSA 4096]----+ | .oo**o .o.. E| | o =o+ . oo o | |... = * * .. | |+. = B * = | | o+ + * S | | .o . o | | . o | |. .. o.. | |o+. . oo | +----[SHA256]-----+ $ ls known_hosts virtualbox virtualbox.pub
したら公開鍵を転送
$ scp virtualbox.pub ec2-user@192.168.56.2:~/ ec2-user@192.168.56.2's password: virtualbox.pub $ ssh ec2-user@192.168.56.2
authorized_keys に登録する
$ ssh ec2-user@192.168.56.2 $ cd .ssh/ [ec2-user@amazonlinux .ssh]$ ls -l 合計 0 -rw------- 1 ec2-user ec2-user 0 3月 19 21:22 authorized_keys [ec2-user@amazonlinux .ssh]$ cat ~/virtualbox.pub >> authorized_keys
ansible 設定
適当に ansible.cfg を作る。
曰く、ローカルディレクトリにおいとけば効くのだそうだ
[defaults] host_key_checking=False inventory=/Users/xxxx/workspace/VirtualBox/hosts private_key_file=/Users/xxxx/workspace/VirtualBox/virtualbox
なんか勢いでディレクトリ作っちゃったので、署名の類も移動するか
mv ~/.ssh/virtualbox* /Users/xxxx/workspace/VirtualBox/
hosts も作って
[develop-server] 192.168.56.2
これでもうコマンドは通るはずなので
$ ansible all -u ec2-user -m ping Enter passphrase for key '/Users/xxxx/workspace/VirtualBox/virtualbox': 192.168.56.2 | SUCCESS => { "changed": false, "ping": "pong" }
OK通ったね。
Amazon Corretto11 を DL させてインストールする
といっても、単純に Playbook を書くだけ。
- hosts: develop-server
user: ec2-user
sudo: yes
vars:
corretto: https://d3pxv6yz143wms.cloudfront.net/11.0.2.9.3/java-11-amazon-corretto-devel-11.0.2.9-3.x86_64.rpm
java_home: /usr/lib/jvm/java-11-amazon-corretto
tasks:
- name: Update all package
yum:
name: '*'
state: latest
- name: Install wget.
yum:
name: wget
state: latest
- name: Install corret.
yum:
name: '{{ corretto }}'
state: present
- name: Alternatives.
alternatives:
name: '{{ item }}'
link: "/usr/bin/{{ item }}"
path: "{{ java_home }}/bin/{{ item }}"
with_items:
- java
- javac
実行すると
$ ansible-playbook java11.yml [DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' (default). This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. PLAY [develop-server] ****************************************************************************************************************************************************************** TASK [Gathering Facts] ***************************************************************************************************************************************************************** Enter passphrase for key '/Users/xxxx/workspace/VirtualBox/virtualbox': ok: [192.168.56.2] TASK [Update all package] ************************************************************************************************************************************************************** ok: [192.168.56.2] TASK [Install wget.] ******************************************************************************************************************************************************************* ok: [192.168.56.2] TASK [Install corret.] ***************************************************************************************************************************************************************** ok: [192.168.56.2] TASK [Alternatives.] ******************************************************************************************************************************************************************* ok: [192.168.56.2] => (item=java) ok: [192.168.56.2] => (item=javac) PLAY RECAP ***************************************************************************************************************************************************************************** 192.168.56.2 : ok=5 changed=0 unreachable=0 failed=0
問題なく終了し、
$ ssh ec2-user@192.168.56.2 ec2-user@192.168.56.2's password: Last login: Tue Mar 19 23:55:37 2019 from 192.168.56.1 __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ [ec2-user@amazonlinux ~]$ java --version openjdk 11.0.2 2019-01-15 LTS OpenJDK Runtime Environment Corretto-11.0.2.9.3 (build 11.0.2+9-LTS) OpenJDK 64-Bit Server VM Corretto-11.0.2.9.3 (build 11.0.2+9-LTS, mixed mode)
完了。
調べながらでも 2h で済むか…
