Ansible playbook 实战
一、基础准备
主机 | 外网 | 内网 | 部署服务 |
m01 | 192.168.15.161 | 172.16.1.161 | ansible |
lb01 | 192.168.15.105 | 172.16.1.105 | nginx |
web01 | 172.16.1.107 | nginx+php+rpcbind | |
web02 | 172.16.1.108 | nginx+php+rpcbind | |
db01 | 172.16.1.151 | mariadb | |
nfs | 172.16.1.131 | nfs+rpcbind+inotify+sersync | |
backup | 172.16.1.141 | rsync |
1.安装ansible
[root@m01 ~]# yum install -y ansible2.配置ansible
[root@m01 ~]# vim /etc/ansible/ansible.cfg
host_key_checking = False
log_path = /var/log/ansible.log3.配置主机清单
[root@m01 ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='123'
web02 ansible_ssh_pass='123'
[nfs_group]
nfs ansible_ssh_pass='123'
[slb]
lb01 ansible_ssh_pass='123 '
[db_group]
db01 ansible_ssh_pass='123'
[backup_group]
backup ansible_ssh_pass='123'
[nginx_group:children]
web_group
slb
[nfs_server:children]
web_group
nfs_group4.配置hosts
[root@m01 ~]# vim /etc/hosts
72.16.1.107 web01
172.16.1.108 web02
172.16.1.131 nfs
172.16.1.141 backup
172.16.1.151 db01
172.16.1.105 lb01
# 测试连接
[root@m01 ~]# ansible all -m ping5.创建配置文件统一目录
[root@m01 ~]# mkdir mm --文件目录
[root@m01 ~]# mkdir packege -- 站点目录 需要压缩的包二、编写剧本实例
1.第一部分:所有服务器优化
[root@m01 ~]# cat lnmp.yml
- hosts: all
tasks:
- name: stop selinux
selinux:
state: disabled
- name: stop firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: install unzip
yum:
name: unzip
state: present
- name: create www group
group:
name: www
gid: 666
- name: create www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
# 检查一下
[root@m01 ~]# ansible-playbook --syntax-check lnmp.yml2.第二部分:nginx部分
1.安装并部署nginx - 思路
1、安装方式
#源码包安装方式
1.上传包
2.解压
unarchive
3.生成
shell
4.编译
shell
5.安装
shell
#官方源方式
1.配置官方源
2.推送官方源
copy
3.安装nginx
yum
#rpm包的方式
1.上传包
2.推送包
copy
3.安装包
yum2.准备nginx配置文件
#1. nginx安装
[root@m01 ~]#vim/etc/yum.repo.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@m01 ~]# yum -y install nginx
#2.准备nginx配置文件
[root@m01 package]# vim /etc/nginx/nginx.conf
user www;
hhtp {
client_max_body_size 300m;
}
[root@m01 ~]# cp /etc/nginx/nginx.conf ./mm/
#3.准备站点文件
[root@m01 ~]# cd package/
[root@m01 package]# ll --rz上传
total 10840
-rw-r--r-- 1 root root 11098483 Apr 1 22:17 wordpress.tar.gz
# 4.准备站点配置文件
[root@m01 mm]# cat linux12.wp.com.conf
server {
listen 80;
server_name linux12.wp.com;
root /mm/wordpress;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# 5.准备负载均衡的配置文件
[root@m01 mm]# cat proxy.conf
upstream web {
server 172.16.1.107;
server 172.16.1.108;
}
server {
listen 80;
server_name linux12.wp.com;
location / {
proxy_pass http://web;
include proxy_params;
}
}
# 6.准备负载均衡优化文件
[root@m01 mm]# cat proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 20s;
proxy_read_timeout 20s;
proxy_send_timeout 20s;
proxy_buffering on;
proxy_buffer_size 20k;
proxy_buffers 8 8k;
proxy_next_upstream http_500 http_502 http_503 http_504;
# 7. 准备wordpress连接数据库配置
[root@web01 wordpress]# scp -r wp-config.php 192.168.15.108:/mm/wordpress/
[root@web01 wordpress]# vim mm/wp-config.php
[root@web01 wordpress]# cat wp-config.php
// ** MySQL 设置 - 具体信息来自您正在使用的主机 ** //
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wp');
/** MySQL数据库密码 */
define('DB_PASSWORD', '123');
/** MySQL主机 */
define('DB_HOST', '172.16.1.151');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8mb4');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');3、编写nginx剧本
[root@m01 ~]# cat lnmp1.yml
- hosts: nginx_group
tasks:
- name: copy nginx.repo
copy:
src: /root/mm/nginx.repo
dest: /etc/yum.repos.d/
- name: install nginx server
yum:
name: nginx
state: present
- name: config nginx server
copy:
src: /root/mm/nginx.repo
dest: /etc/nginx/
- hosts: slb
tasks:
- name: config slb server
copy:
src: /root/mm/proxy.conf
dest: /etc/nginx/conf.d
- name: copy proxy_params
copy:
src: /root/mm/proxy_params
dest: /etc/nginx/
- name: start slb server
systemd:
name: nginx
state: started
- hosts: web_group
tasks:
- name: config nginx server
copy:
src: /root/mm/linux12.wp.com.conf
dest: /etc/nginx/conf.d/
- name: mkdir mm
file:
path: /mm
state: directory
- name: confog wordpress mm
unarchive:
src: /root/package/wordpress.tar.gz
dest: /mm/
- name: grant mm dir
file:
path: /mm
owner: www
group: www
recurse: yes
- name : start web nginx server
systemd:
name: nginx
state: started
enabled: yes
# 检查一下
[root@m01 ~]# ansible-playbook --syntax-check nginx.yml3.第三部分:PHP部分
1、准备工作
#1.准备php的安装包
[root@m01 package]# rz
[root@m01 package]# ll
total 30264
-rw-r--r-- 1 root root 19889622 Apr 1 19:48 php.tar.gz
-rw-r--r-- 1 root root 11098483 Apr 1 22:17 wordpress.tar.gz
[root@m01 tmp]# tar xf php.tar.gz -C /tmp/
[root@m01 tmp]# cd /tmp/^C
[root@m01 tmp]# yum localinstall -y *.rpm
[root@nginx ~]# yum remove php-mysql-5.4 php php-fpm php-common
### 发生报错执行这个命令,切记切记
#2.准备配置文件
[root@m01 ~]# vim /etc/php.ini
upload_max_filesize = 300M
post_max_size = 300M
[root@m01 project]# vim conf/www.conf
user = www
group = www
[root@m01 ~]# cp /etc/php.ini ./mm/
[root@m01 ~]# cp /etc/php-fpm.d/www.conf ./mm/2、编写php剧本
[root@m01 ~]# cat lnmp2.yml
- hosts: web_group
tasks:
- name: tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp
- name: install php server
shell: yum localinstall -y /tmp/*.rpm
- name: config php server
copy:
src: /root/mm/php.ini
dest: /etc/
- name: config php server
copy:
src: /root/mm/www.conf
dest: /etc/php-fpm.d/
- name: start php sever
systemd:
name: php-fpm
state: started
enabled: yes
[root@m01 ~]# ansible-playbook --syntax-check php.yml4.第四部分:mariadb部分
1、MySQL相关模块
#1.mysql_db 模块
- name: Create a new database with name 'wordpress'
mysql_db:
name: bobdata #库的名字
state:
present #创建库
import #导入数据库
dump #导出数据库
target: /tmp/dump.sql #导入或导出的数据库文件
#2.mysql_user 模块
- name: Create database user with name 'wp' and password '123' with all database privileges
mysql_user:
name: bob #用户名
host: 172.16.1.% #用户连接的主机
password: 12345 #用户密码
priv: '*.*:ALL' #用户权限
state:
present #创建用户
absent #删除用户
grant all privileges on *.* to bob@'172.16.1.%' identified by '123'1、编写剧本
[root@m01 ~]# cat lnmp3.yml
- hosts: db01
tasks:
- name: install mariadb server
yum:
name: mariadb-server
state: present
- name: install MySQL-python
yum:
name: MySQL-python
state: present
- name: start mariadb server
systemd:
name: mariadb
state: started
enabled: yes
- name: create wordpress database
mysql_db:
name: wordpress
state: present
- name: create wordpress database user
mysql_user:
name: "wp"
host: "172.16.1.%"
password: 123
priv: 'wordpress.*:ALL'
state: present4.第四部分:nfs 挂载
1.编写剧本
[root@m01 ~]# cat lnmp4.yml
- hosts: nfs_server
tasks:
- name: install nfs server
yum:
name: nfs-utils
state: present
- name: install rpcbind server
yum:
name: rpcbind
state: present
- hosts: nfs
tasks:
- name: config nfs server
copy:
content: /data/wp-content 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
- name: mkdir data
file:
path: /data
state: directory
owner: www
group: www
- name: start nfs server
systemd:
name: nfs
state: started
- hosts: nfs
tasks:
- name: copy wp-content to nfs
copy:
src: /root/package/wp-content
dest: /data
owner: www
group: www
- hosts: web_group
tasks:
- name: start rpcbind server
systemd:
name: rpcbind
state: started
- name: mount nfs
mount:
src: 172.16.1.131:/data/wp-content
path: /mm/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted5.第四部分:rsync同步
1.准备环境
[root@m01 ~]# cat /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 300
ignore errors
read only = false
list = false
auth users = rsync_mm
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[root@m01 ~]# cp /etc/rsyncd.conf ./mm/
2.准备sersync包
[root@m01 ~]# cd package/
[root@m01 package]# ll
total 30264
-rw-r--r-- 1 root root 19889622 Apr 1 19:48 php.tar.gz
-rw-r--r-- 1 root root 11098483 Apr 1 22:17 wordpress.tar.gz
-rw-r--r-- 1 root root 727290 Apr 17 17:40 sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 package]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 package]# mv GNU-Linux-x86 sersync
3.准备sersync配置
[root@m01 ~]# vim sersync/confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.141" name="backup"/>
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
... ...
</sersync>
[root@m01 ~]# cp package/sersync/confxml.xml ./mm/
4.准备启动sersync脚本
[root@m01 ~]# cat start_rsync.sh
#! /bin/bash
/usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml2.编写剧本
[root@m01 ~]# cat lnmp5.yml
- hosts: backup
tasks:
- name: install rsync server
yum:
name: rsync
state: present
- name: config rsync server
copy:
src: /root/mm/rsyncd.conf
dest: /etc/
- name: config rsync.passwd
copy:
content: rsync_mm:123
dest: /etc/rsync.passwd
mode: 0600
- name: mkdir backup dir
file:
path: /backup
state: directory
- name: start rsync server
systemd:
name: rsyncd
state: started
- hosts: nfs
tasks:
- name: install rsync server
yum:
name: rsync
state: present
- name: install inotify-tools server
yum:
name: inotify-tools
state: present
- name: install serync server
copy:
src: /root/package/sersync
dest: /usr/local/
mode: 0755
- name: config rsync.pass
copy:
content: 123
dest: /etc/rsync.pass
mode: 0600
- name: start sersync
script: /root/start_rsync.sh博客报错总结
# 注意这个wp-config.php 在哪里
scp -r /mm/wordpress/wp-config.php 172.16.1.107: /mm/wordpress/
# 发送这个报错执行以下命令 --取消数据库默认密码
[root@db01 ~]# mysql -uroot -p123
MariaDB [(none)]> set password for root@localhost = password('');6.依次执行实现ansible一键安装
# 输入 win +r drivers
# 本地hosts
192.168.15.107 linux12.wp.com
#1.先在 web01,web02,lb01,nfs,backup机器执行
[root@nginx ~]# yum remove php-mysql-5.4 php php-fpm php-common
### 发生报错执行这个命令,切记切记
# 2.验证ansible剧本
[root@m01 ~]# ansible-playbook --syntax-check lnmp0.yml
[root@m01 ~]# ansible-playbook --syntax-check lnmp1.yml
[root@m01 ~]# ansible-playbook --syntax-check lnmp2.yml
[root@m01 ~]# ansible-playbook --syntax-check lnmp3.yml
[root@m01 ~]# ansible-playbook --syntax-check lnmp4.yml
[root@m01 ~]# ansible-playbook --syntax-check lnmp5.yml
# 3.实现ansible分开依次安装
[root@m01 ~]# ansible-playbook lnmp0.yml
[root@m01 ~]# ansible-playbook lnmp1.yml
[root@m01 ~]# ansible-playbook lnmp2.yml
[root@m01 ~]# ansible-playbook lnmp3.yml
[root@m01 ~]# ansible-playbook lnmp4.yml
[root@m01 ~]# ansible-playbook lnmp5.yml6.整合后的剧本
[root@m01 ~]# cat web03lnmp.yml
- hosts: all
tasks:
- name: stop selinux
selinux:
state: disabled
- name: stop firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: install unzip
yum:
name: unzip
state: present
- name: create www group
group:
name: www
gid: 666
- name: create www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
- hosts: nginx_group
tasks:
- name: copy nginx.repo
copy:
src: /root/mm/nginx.repo
dest: /etc/yum.repos.d/
- name: install nginx server
yum:
name: nginx
state: present
- name: config nginx server
copy:
src: /root/mm/nginx.repo
dest: /etc/nginx/
- hosts: slb
tasks:
- name: config slb server
copy:
src: /root/mm/proxy.conf
dest: /etc/nginx/conf.d
- name: copy proxy_params
copy:
src: /root/mm/proxy_params
dest: /etc/nginx/
- name: start slb server
systemd:
name: nginx
state: started
- hosts: web_group
tasks:
- name: config nginx server
copy:
src: /root/mm/linux12.wp.com.conf
dest: /etc/nginx/conf.d/
- name: mkdir mm
file:
path: /mm
state: directory
- name: confog wordpress mm
unarchive:
src: /root/package/wordpress.tar.gz
dest: /mm/
- name: grant mm dir
file:
path: /mm
owner: www
group: www
recurse: yes
- name : start web nginx server
systemd:
name: nginx
state: started
enabled: yes
- hosts: web_group
tasks:
- name: tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp
- name: install php server
shell: yum localinstall -y /tmp/*.rpm
- name: config php server
copy:
src: /root/mm/php.ini
dest: /etc/
- name: config php server
copy:
src: /root/mm/www.conf
dest: /etc/php-fpm.d/
- name: start php sever
systemd:
name: php-fpm
state: started
enabled: yes
- hosts: db01
tasks:
- name: install mariadb server
yum:
name: mariadb-server
state: present
- name: install MySQL-python
yum:
name: MySQL-python
state: present
- name: start mariadb server
systemd:
name: mariadb
state: started
enabled: yes
- name: create wordpress database
mysql_db:
name: wordpress
state: present
- name: create wordpress database user
mysql_user:
name: "wp"
host: "172.16.1.%"
password: 123
priv: 'wordpress.*:ALL'
state: present
- hosts: nfs_server
tasks:
- name: install nfs server
yum:
name: nfs-utils
state: present
- name: install rpcbind server
yum:
name: rpcbind
state: present
- hosts: nfs
tasks:
- name: config nfs server
copy:
content: /data/wp-content 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
- name: mkdir data
file:
path: /data
state: directory
owner: www
group: www
- name: start nfs server
systemd:
name: nfs
state: started
- hosts: nfs
tasks:
- name: copy wp-content to nfs
copy:
src: /root/package/wp-content
dest: /data
owner: www
group: www
- hosts: web_group
tasks:
- name: start rpcbind server
systemd:
name: rpcbind
state: started
- name: mount nfs
mount:
src: 172.16.1.131:/data/wp-content
path: /mm/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted
- hosts: backup
tasks:
- name: install rsync server
yum:
name: rsync
state: present
- name: config rsync server
copy:
src: /root/mm/rsyncd.conf
dest: /etc/
- name: config rsync.passwd
copy:
content: rsync_mm:123
dest: /etc/rsync.passwd
mode: 0600
- name: mkdir backup dir
file:
path: /backup
state: directory
- name: start rsync server
systemd:
name: rsyncd
state: started
- hosts: nfs
tasks:
- name: install rsync server
yum:
name: rsync
state: present
- name: install inotify-tools server
yum:
name: inotify-tools
state: present
- name: install serync server
copy:
src: /root/package/sersync
dest: /usr/local/
mode: 0755
- name: config rsync.pass
copy:
content: 123
dest: /etc/rsync.pass
mode: 0600
- name: start sersync
script: /root/start_rsync.sh
# 本地hosts
# 输入 win +r drivers
192.168.15.107 linux12.wp.com
# 1.验证ansible剧本
[root@m01 ~]# ansible-playbook --syntax-check mmlnmp.yml
# 3.一键 ansible安装
[root@m01 ~]# ansible-playbook mmlnmp.yml6.扩展web服务器
1.将新机器添加到ansible 主机清单
[root@m01 ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='123'
web02 ansible_ssh_pass='123'
web03 ansible_ssh_pass='123'
[root@m01 ~]# cat /etc/hosts
172.16.1.107 web01
172.16.1.108 web02
172.16.1.109 web032.创建web扩展文件
[root@m01 ~]# cp mm/proxy.conf mm/new.proxy.conf
[root@m01 ~]# cat mm/new.proxy.conf
upstream web {
server 172.16.1.107;
server 172.16.1.108;
server 172.16.1.109;
}
server {
listen 80;
server_name linux12.wp.com;
location / {
proxy_pass http://web;
include proxy_params;
}
}3. 编写剧本
[root@m01 ~]# cat lnmp.yml
- hosts: web03
tasks:
- name: stop selinux
selinux:
state: disabled
- name: stop firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: install unzip
yum:
name: unzip
state: present
- name: create www group
group:
name: www
gid: 666
- name: create www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
- name: copy nginx.repo
copy:
src: /root/mm/nginx.repo
dest: /etc/yum.repos.d/
- name: install nginx server
yum:
name: nginx
state: present
- name: config nginx server
copy:
src: /root/mm/nginx.repo
dest: /etc/nginx/
- name: tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp
- name: install php server
shell: yum localinstall -y /tmp/*.rpm
- name: config php server
copy:
src: /root/mm/php.ini
dest: /etc/
- name: config php server
copy:
src: /root/mm/www.conf
dest: /etc/php-fpm.d/
- name: start php sever
systemd:
name: php-fpm
state: started
enabled: yes
- name: config nginx server
copy:
src: /root/mm/linux12.wp.com.conf
dest: /etc/nginx/conf.d/
- name: mkdir mm
file:
path: /mm
state: directory
- name: confog wordpress mm
unarchive:
src: /root/package/wordpress.tar.gz
dest: /mm/
- name: grant mm dir
file:
path: /mm
owner: www
group: www
recurse: yes
- name : start web nginx server
systemd:
name: nginx
state: started
enabled: yes
- name: config nginx server
copy:
src: /root/mm/linux12.wp.com.conf
dest: /etc/nginx/conf.d/
- name: mkdir mm
file:
path: /mm
state: directory
- name: confog wordpress mm
unarchive:
src: /root/package/wordpress.tar.gz
dest: /mm/
- name: grant mm dir
file:
path: /mm
owner: www
group: www
recurse: yes
- name : start web nginx server
systemd:
name: nginx
state: started
enabled: yes
- name: start rpcbind server
systemd:
name: rpcbind
state: started
- name: mount nfs
mount:
src: 172.16.1.131:/data/wp-content
path: /mm/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted
- hosts: lb01
tasks:
- name: config slb
copy:
src: /root/mm/new.proxy.conf
dest: /etc/nginx/conf.d
- name: delete old config
file:
path: /etc/nginx/conf.d/proxy.conf
state: absent
- name: restart slb server
systemed:
name:nginx
state: restarted
# 检查并测试运行
[root@m01 ~]# ansible-playbook --syntax-check web03lnmp.yml
[root@m01 ~]# ansible-playbook web03lnmp.yml
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
