author:JevonWei
版权声明:原创作品
实验架构:一台nginx主机为后端两台tomcat主机的代理,并使用Ansible主机配置
实验环境
Nginx 172.16.252.82
Tomcat-A 172.16.252.67
Tomcat-B 172.16.252.184
Ansible 172.16.252.207
Ansible实战之Nginx代理Tomcat主机架构
配置主机名解析
[root@Ansible ~]# vim /etc/hosts
172.16.252.67 Tomcat-A
172.16.252.184 Tomcat-B
172.16.252.207 Ansible
172.16.252.82 Nginx
配置主机将秘钥认证通信
[root@Ansible ~]# ssh-keygen -t rsa -P ""
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
cb:1b:f0:e5:bb:e7:da:04:96:52:4b:7b:60:c9:ac:1d root@Ansible
The key's randomart image is:
+--[ RSA 2048]----+
| |
| o . |
| E |
| * * |
| . S O . |
| + * o |
| = . . |
| o +. |
| . +=o |
+-----------------+
[root@Ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub Tomcat-A
[root@Ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub Tomcat-B
[root@Ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub Nginx
Ansible
[root@Ansible ~]# yum -y install ansible
添加主机到主机清单文件中
[root@Ansible ~]# vim /etc/ansible/hosts
[lb]
172.16.252.82
[tcsrvs]
172.16.252.67
172.16.252.184
查看主机清单主机的可用主机
[root@Ansible ~]# ansible all --list-hosts
hosts (3):
172.16.252.82
172.16.252.67
172.16.252.184
[root@Ansible ~]# ansible lb --list-hosts
hosts (1):
172.16.252.82
[root@Ansible ~]# ansible tcsrvs --list-hosts
hosts (2):
172.16.252.67
172.16.252.184
定义roles目录
[root@Ansible ~]# mkdir -pv /etc/ansible/roles/{nginx,tomcat,jdk}/{files,templates,tasks,handlers,vars,meta,default}
[root@Ansible nginx]# cd /etc/ansible/roles/nginx/
编辑nginx角色的任务文件
[root@Ansible nginx]# vim tasks/main.yml
- name: install nginx
yum: name=nginx state=latest
when: ansible_os_family == "RedHat"
- name: install conf
copy: src=lb.conf dest=/etc/nginx/conf.d/
tags: conf
notify: restart nginx
- name: start nginx
service: name=nginx state=started enabled=yes
编辑handlers触发文件
[root@Ansible nginx]# vim handlers/main.yml
- name: restart nginx
service: name=nginx state=restarted
定义Nginx的虚拟主机文件
[root@Ansible nginx]# vim files/lb.conf
upstream tcsrvs {
server Tomcat-A.danran.com:8080;
server Tomcat-B.danran.com:8080;
}
server {
listen 8080;
server_name www.danran.com;
location / {
proxy_pass http://tcsrvs;
}
}
配置jdk角色
配置jdk角色的任务文件
[root@Ansible roles]# cd jdk/
root@Ansible jdk]# vim tasks/main.yml
[root@Ansible jdk]# vim tasks/main.yml
- name: install openjdk
yum: name=java-{{ version }}-openjdk-devel state=latest \{{ version }}使用变量
- name: install env file \定义jdk程序的环境文件
copy: src=java.sh dest=/etc/profile.d/
编辑jdk的程序环境文件
[root@Ansible jdk]# vim files/java.sh
export JAVA_HOME=/usr
配置tomcat的角色
编辑tomcat的任务文件
[root@Ansible tomcat]# vim tasks/main.yml
- name: install package
yum: name={{ item }} state=latest
with_items:
- tomcat
- tomcat-admin-webapps
- tomcat-webapps
- tomcat-docs-webapp
when: ansible_os_family == "RedHat"
- name: start tomcat
service: name=tomcat state=started enabled=yes
编辑playbook样本文件,调用nginx角色
[root@Ansible ~]# mkdir playbooks
[root@Ansible ~]# cd playbooks/
[root@Ansible playbooks]# vim nginx.yaml
- hosts: lb
remote_user: root
roles:
- nginx
- hosts: tcsrvs
remote_user: root
roles:
- { role: jdk,version: 1.8.0 } \调用jdk角色及定义version变量
- tomcat
执行nginx.yaml样本文件
[root@Ansible playbooks]# ansible-playbook nginx.yaml
PLAY [lb] **********************************************************************
TASK [setup] *******************************************************************
ok: [172.16.252.82]
TASK [nginx : install nginx] ***************************************************
ok: [172.16.252.82]
TASK [nginx : install conf] ****************************************************
changed: [172.16.252.82]
TASK [nginx : start nginx] *****************************************************
changed: [172.16.252.82]
RUNNING HANDLER [nginx : restart nginx] ****************************************
changed: [172.16.252.82]
PLAY [tcsrvs] ******************************************************************
TASK [setup] *******************************************************************
ok: [172.16.252.67]
ok: [172.16.252.184]
TASK [jdk : install openjdk] ***************************************************
changed: [172.16.252.67]
changed: [172.16.252.184]
TASK [jdk : install env file] **************************************************
changed: [172.16.252.67]
changed: [172.16.252.184]
TASK [tomcat : install package] ************************************************
changed: [172.16.252.67] => (item=[u'tomcat', u'tomcat-admin-webapps', u'tomcat-webapps', u'tomcat-docs-webapp'])
changed: [172.16.252.184] => (item=[u'tomcat', u'tomcat-admin-webapps', u'tomcat-webapps', u'tomcat-docs-webapp'])
TASK [tomcat : start tomcat] ***************************************************
changed: [172.16.252.184]
changed: [172.16.252.67]
PLAY RECAP *********************************************************************
172.16.252.184 : ok=5 changed=4 unreachable=0 failed=0
172.16.252.67 : ok=5 changed=4 unreachable=0 failed=0
172.16.252.82 : ok=5 changed=3 unreachable=0 failed=0