Add: divide into 2 hosts - (1) wordpress+nginx+php-fpm, (2) mysql.

.travis.yml

@@ -10,6 +10,9 @@ before_install:
     - docker build  -f 10-role/test/Dockerfile    -t wordpress10   10-role
     - docker build  -f 11-galaxy/test/Dockerfile  -t wordpress11   11-galaxy
 
+    - docker build  -f 20-cluster/test/Dockerfile-db         -t db20        20-cluster
+    - docker build  -f 20-cluster/test/Dockerfile-wordpress  -t wordpress   20-cluster
+
 script:
     - docker run -d --name wordpress06   wordpress06
     - sleep 60
@@ -27,7 +30,19 @@ script:
     - cat url  |  xargs -t -n 1 curl -v --retry 5 --retry-max-time 120 -o result-wordpress11
 
 
+    - docker run -d --name db20  db20
+    - IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' db20) ; echo MYSQL_ADDRESS=$IP > db-ip
+    - sleep 60
+
+    - docker run -d --name wordpress20  -e `cat db-ip`  wordpress20
+    - sleep 300
+
+    - IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' wordpress) ; echo http://$IP:80/ > url
+    - cat url  |  xargs -t -n 1 curl -v -o result-wordpress20
+
+
     - echo "==> Validating the test results..."
     - grep '<title>ANSIBLE_TEST' result-wordpress06
     - grep '<title>ANSIBLE_TEST' result-wordpress10
     - grep '<title>ANSIBLE_TEST' result-wordpress11
+    - grep '<title>ANSIBLE_TEST' result-wordpress20

20-cluster/.dockerignore

@@ -0,0 +1,3 @@
+.git
+.vagrant
+roles

20-cluster/.gitignore

@@ -0,0 +1,2 @@
+.vagrant
+roles

20-cluster/README.md

@@ -0,0 +1,45 @@
+Ansible Lab #20 - Cluster
+===
+
+[![Circle CI](https://circleci.com/gh/softarch-school/ansible-workshop.svg?style=shield)](https://circleci.com/gh/softarch-school/ansible-workshop) [![Build Status](https://travis-ci.org/softarch-school/ansible-workshop.svg?branch=master)](https://travis-ci.org/softarch-school/ansible-workshop)
+
+
+## 實習重點
+
+### Identify service dependencies
+
+
+### Identify hard-coded or hidden assumptions
+
+- IP address
+- Port number
+- Path
+- Network interface (e.g., `127.0.0.1` vs. `0.0.0.0`)
+
+
+
+### Separation of configuration
+
+Separated by...
+
+- variables and `when` conditions;
+- various playbook files;
+- various tags.
+
+
+
+### 用到的 module(s)
+
+- File modules / [lineinfile](http://docs.ansible.com/ansible/lineinfile_module.html): Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression.
+
+- Database modules / [mysql_user](http://docs.ansible.com/ansible/mysql_user_module.html): Adds or removes a user from a MySQL database.
+
+
+
+## 想接受挑戰嗎？
+
+- Avoid the "all hosts" `%` setting in the MySQL `GRANT PRIVILEGES` statement.
+
+- Use the [container links](https://docs.docker.com/engine/userguide/networking/default_network/dockerlinks/) feature of Docker to simplify the testing Dockerfiles.
+
+- Use [Docker Compose](https://github.com/docker/compose) to simplify the testing job.

20-cluster/Vagrantfile

@@ -0,0 +1,58 @@
+Vagrant.configure("2") do |config|
+
+    # main & default: normal OS series...
+    config.vm.define "main", primary: true do |node|
+        node.vm.box = "ubuntu/trusty64"
+        node.vm.network "private_network", ip: "10.0.0.10"
+
+        node.vm.provision "ansible" do |ansible|
+            ansible.playbook = "wordpress.yml"
+            ansible.sudo = true
+        end
+
+        node.vm.provider "virtualbox" do |vb|
+            vb.customize ["modifyvm", :id, "--memory", "256"]
+        end
+    end
+
+    config.vm.define "db" do |node|
+        node.vm.box = "ubuntu/trusty64"
+        node.vm.network "private_network", ip: "10.0.0.20"
+
+        node.vm.provision "ansible" do |ansible|
+            ansible.playbook = "db.yml"
+            ansible.sudo = true
+        end
+
+        node.vm.provider "virtualbox" do |vb|
+            ##vb.customize ["modifyvm", :id, "--memory", "256"]
+        end
+    end
+
+
+
+    # docker: for auto build & testing (e.g., Travis CI)
+    config.vm.define "docker" do |node|
+        node.vm.box = "williamyeh/ubuntu-trusty64-docker"
+
+        node.vm.provision "shell", inline: <<-SHELL
+            cd /vagrant
+
+            docker build  -f test/Dockerfile-db  -t db   .
+            docker run -d --name db  db
+            IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' db) ; echo MYSQL_ADDRESS=$IP > db-ip
+            sleep 60
+
+            docker build  -f test/Dockerfile-wordpress  -t wordpress   .
+            docker run -d --name wordpress  -e `cat db-ip`  wordpress
+            sleep 300
+
+            IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' wordpress) ; echo http://$IP:80/ > url
+            cat url  |  xargs -t -n 1 curl -v -o result-wordpress
+
+            echo "==> Validating the test results..."
+            grep '<title>ANSIBLE_TEST' result-wordpress
+        SHELL
+    end
+
+end

20-cluster/db.yml

@@ -0,0 +1,66 @@
+- hosts: all
+  sudo: true
+
+  vars:
+    mysql_root_password: secretsecret
+    wordpress_db_name: wordpress
+    wordpress_db_user: wordpressuser
+    wordpress_db_password: wordpresspassword
+
+
+  handlers:
+    - name: restart mysql
+      service: name=mysql state=restarted
+
+
+  tasks:
+    - debug: ==> 8 - install mysql
+
+    - name: auto set root password for mysql
+      debconf:
+        name: 'mysql-server'
+        question: "{{ item }}"
+        vtype: 'password'
+        value: "{{ mysql_root_password }}"
+      with_items:
+        - mysql-server/root_password
+        - mysql-server/root_password_again
+
+    - name: install mysql
+      apt: name={{ item }} state=present update_cache=yes
+      with_items:
+        - mysql-server
+        - mysql-client
+
+    - name: allow mysqld to listen to all network interface
+      lineinfile:
+        dest:   /etc/mysql/my.cnf
+        regexp: '^bind-address\s*=.*$'
+        line:   "bind-address = 0.0.0.0"
+        state:  present
+      notify: restart mysql
+
+
+
+
+    - debug: ==> 9 - create initial wordpress db
+
+    - name: install prerequisite for Ansible's mysql modules
+      apt: name=python-mysqldb state=present
+
+    - name: create wordpress db
+      mysql_db:
+        name: "{{ wordpress_db_name }}"
+        login_user: root
+        login_password: "{{ mysql_root_password }}"
+        state: present
+
+    - name: create wordpress user
+      mysql_user:
+        name:     "{{ wordpress_db_user }}"
+        password: "{{ wordpress_db_password }}"
+        priv:     "{{ wordpress_db_name }}.*:ALL"
+        host:     '%'
+        login_user: root
+        login_password: "{{ mysql_root_password }}"
+        state: present

20-cluster/init-wordpress.yml

@@ -0,0 +1,25 @@
+- hosts: all
+  sudo: true
+
+  vars:
+    hostname: mywordpress
+    wordpress_install_url: "http://{{ hostname }}/wp-admin/install.php?step=2"
+    blog_title: ANSIBLE_TEST
+    blog_user: admin
+    blog_password: admin
+    blog_email: [email protected]
+
+  tasks:
+    - debug: ==> 12 - automate the '5-minute install' process
+
+    - name: install dependency - httplib2
+      apt: name=python-httplib2 state=present
+      #pip: name=httplib2
+
+    - name: send POST to WordPress install wizard
+      uri:
+        url: "{{ wordpress_install_url }}"
+        method: POST
+        HEADER_Content-Type: "application/x-www-form-urlencoded"
+        body: "weblog_title={{ blog_title }}&user_name={{ blog_user }}&admin_email={{ blog_email }}&blog_public=true&admin_password={{ blog_password }}&admin_password2={{ blog_password }}"
+        status_code: 200

20-cluster/install-roles.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+#
+# @see http://docs.ansible.com/galaxy.html#advanced-control-over-role-requirements-files
+#
+
+ansible-galaxy install -f  -p roles  -r requirements.yml

20-cluster/requirements.yml

@@ -0,0 +1,3 @@
+- # @see https://galaxy.ansible.com/detail#/role/2245
+  src: williamyeh.nginx
+  path: roles/

20-cluster/templates/nginx-wordpress.conf.j2

@@ -0,0 +1,33 @@
+server {
+    listen       80;
+    server_name  {{ hostname }};
+
+    root   {{ wordpress_path }};
+    index  index.php index.html index.htm;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        root   {{ wordpress_path }};
+    }
+
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    location ~ \.php$ {
+        try_files      $uri =404;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass   unix:/var/run/php/php7.0-fpm.sock;
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        #fastcgi_param  HTTP_HOST $host;
+        include        fastcgi_params;
+    }
+}

20-cluster/templates/wp-config.php.j2

@@ -0,0 +1,113 @@
+<?php
+/**
+ * WordPress 基本設定檔。
+ *
+ * 本檔案包含以下設定選項： MySQL 設定、資料表前綴、
+ * 私密金鑰、WordPress 語言設定以及 ABSPATH。如需更多資訊，請
+ * 前往 {@link http://codex.wordpress.org/Editing_wp-config.php 編輯
+ * wp-config.php} Codex 頁面。或者向您的空間提供商諮詢關於 MySQL 設定資訊。
+ *
+ * 這個檔案用於安裝程式自動生成 wp-config.php 設定檔。
+ * 您不需要將它用於您的網站，可以手動複製這個檔案，
+ * 並重新命名為 "wp-config.php"，然後輸入相關訊息。
+ *
+ * @package WordPress
+ */
+
+// ** MySQL 設定 - 您可以從主機服務提供商獲取相關資訊。 ** //
+/** WordPress 的資料庫名稱，請更改 "database_name_here" */
+define('DB_NAME', '{{ wordpress_db_name }}');
+
+/** MySQL 資料庫使用者名稱，請更改 "username_here" */
+define('DB_USER', '{{ wordpress_db_user }}');
+
+/** MySQL 資料庫密碼，請更改 "password_here" */
+define('DB_PASSWORD', '{{ wordpress_db_password }}');
+
+/** MySQL 主機位址 */
+define('DB_HOST', '{{ mysql_address }}');
+
+/** 建立資料表時預設的文字編碼 */
+define('DB_CHARSET', 'utf8');
+
+/** 資料庫對照型態。如果不確定請勿更改。 */
+define('DB_COLLATE', 'utf8_unicode_ci');
+
+/**#@+
+ * 認證唯一金鑰設定。
+ *
+ * 將這些更改為不同的唯一字串或符號。
+ * 您可以使用 {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org 私密金鑰服務} 來自動產生。
+ * 您可於任何時候修改這些字串讓 Cookies 失效。這將會強制所有使用者必須重新登入。
+ *
+ * @since 2.6.0
+ */
+define('AUTH_KEY',         'TN-|S^jycOGHZ`4* A.]^O5dJ3n0uY6BU?^>>Cri9G,+TOf(6m728>mC|$fKP(P@');
+define('SECURE_AUTH_KEY',  'QPsw{|||v(>4ev-y<lB<;tXyPa(|fU=vXha{5eVGOE?2iV;}&hqq9ZLrTpS+_Z<N');
+define('LOGGED_IN_KEY',    'Kfx`KWoJSftD7NXbg}.|6/e4KXG-(:Mlm:2o^e5JCHA}<Vbhn-itGi4$SH0KNHXM');
+define('NONCE_KEY',        'j[{@AdPboUG64JPbv-|0>;C=r4;U]Wpx^:yWW4NEU.qF6E4C;Tp/Gks~E[89Acfm');
+define('AUTH_SALT',        'zc:pf/fpp=h(Anb@}$v3N+B+YNGMF&n/C>S%Z=zdt+biXXG/i9@}434RI4N,uzx1');
+define('SECURE_AUTH_SALT', 'H=2jju.F5=gmnuAQb@t1Mv$1nG)bju_g0[iY)lqx$(8y@TE>2J4IFbIA]m8|mB/t');
+define('LOGGED_IN_SALT',   'Hh]*;L|Ki^c}4,{?WO`4US$C$5C.AN:q1W;f`6g.@r{;;|CT}bi<b* BO:-Pmc>^');
+define('NONCE_SALT',       '$0S!$Yzh)7#*n+s7rF:f}uyo.D$jP_e{$$S3*/,Hhx+yN)I*1QVab[9|%3|Nu|+G');
+/**#@-*/
+
+/**
+ * WordPress 資料表前綴。
+ *
+ * 若您為每個 WordPress 設定不同的資料表前綴，則可在同個資料庫內安裝多個 WordPress。
+ * 前綴只能使用半型數字、字母和底線！
+ */
+$table_prefix  = 'wp_';
+
+/**
+ * WordPress 自動儲存間隔
+ *
+ * 當您編輯文章時 WordPress 使用 Ajax 技術自動地定時幫您儲存文章草稿。
+ * 您可更改數值以延長或減少自動儲存的時間間隔。
+ * 預設儲存間隔為 60 秒。
+ */
+//define('AUTOSAVE_INTERVAL', 60 );  // 單位：秒
+
+/**
+ * WordPress 文章版本設定
+ *
+ * WordPress 預設會幫您儲存舊版的文章與分頁，以便您之後可以回復到先前的版本。
+ * 這功能可關閉，或是指定最大版本數量。
+ * 預設為開啟，若要關閉請將它設為 false。
+ * 若您想指定指定最大版本數量，請設個整數。
+ */
+//define('WP_POST_REVISIONS', true );
+
+/**
+ * 快取
+ *
+ * 若 WP_CACHE 值為 true，當它執行 wp-settings.php 時會把 wp-content/advanced-cache.php 一起執行。
+ * 許多快取外掛會要求您將這個值設為 true。
+ */
+//define('WP_CACHE', false);
+
+/**
+ * 啟用多網誌站台與網誌網路功能
+ *
+ * 若 WP_ALLOW_MULTISITE 值為 true 可啟用多網誌站台功能。
+ */
+//define('WP_ALLOW_MULTISITE', false);
+
+/**
+ * 開發人員用： WordPress 偵錯模式。
+ *
+ * 將此設定為 true 將可開啟開發時的通知顯示。
+ * 強烈建議外掛與佈景主題開發人員使用 WP_DEBUG
+ * 於他們的開發環境中。
+ */
+define('WP_DEBUG', false);
+
+/* 設定完成，請儲存檔案。然後開始 Blogging 吧！ */
+
+/** WordPress 目錄的絕對路徑。 */
+if ( !defined('ABSPATH') )
+	define('ABSPATH', dirname(__FILE__) . '/');
+
+/** 設定 WordPress 變數和包含的檔案。 */
+require_once(ABSPATH . 'wp-settings.php');