首先在主服务器上搭建ansible直接用云yum装就可以,
yum -y install ansible
如果copy报错一下的语句 "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"
需要在被分发的服务器上安装支持包 [root@www ~]# mount /dev/sr0 /media/cdrom/ mount: block device /dev/sr0 is write-protected, mounting read-only [root@www ~]# yum -y install libselinux-python
然后建立roles的标准化模块相应的目录
[root@ansible myroles]# tree /myroles/ /myroles/ ├── nginx.yaml #nginx模组入口配置文件 └── roles └── nginx #nginx原型模组目录 ├── files ├── handlers ├── tasks │ └── main.yaml #nginx模组的tasks任务配置文件 ├── templates └── vars 7 directories, 2 files
Nginx的剧本书写,在myroles里,跟roles同级
---
- hosts: all
gather_facts: True
roles:
- nginx
然后在Nginx目录下files目录里放置安装包和,安装脚本文件
nginx的搭建脚本
#!/bin/bash mkdir -p /media/cdrom umount /dev/sr0 &>/dev/null mount /dev/sr0 /media/cdrom &>/dev/null dir=/etc/yum.repos.d [ -d $dir ] || mkdir -p $dir cd $dir mv * /tmp/ cat >/etc/yum.repos.d/local.repo << KOF [local] name=localrepo baseurl=file:///media/cdrom/ KOF yum -y clean all &>/dev/null [ $? -eq 0 ] || echo "clean erro" yum makecache &>/dev/null || echo "erro cache" which "wget" [ $? -eq 0 ] || /usr/bin/yum -y install wget &>/dev/null /usr/bin/wget http://mirrors.aliyun.com/repo/epel-6.repo [ $? -eq 0 ] || (/bin/echo "yun源出错" && exit) /usr/bin/yum -y clean all &>/dev/null /usr/bin/yum makecache &>/dev/null [ $? -eq 0 ] || (/bin/echo "yun缓存错误" && exit) /usr/bin/yum -y install pcre-deved openssl-devel &>/dev/null [ $? -eq 0 ] || /bin/echo "pcre error" useradd -M -s /sbin/nologin nginx &>dev/null cd ~ tar xf nginx-1.10.2.tar.gz -C /usr/src/ cd /usr/src/nginx-1.10.2/ ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx-1.10.2/ --with-http_stub_status_module --with-http_ssl_module && make && make install &>/dev/null
在tasks里创建个main.yaml主要任务剧本
- name: t1 copy: src=nginx-1.10.2.tar.gz dest=/root/ register: ttt - debug: var=ttt - name: t2 script: nginx.sh register: rrr - debug: var=rrr
回到mysoles里执行nginx.yaml剧本
[root@bogon myroles]# ansible-playbook nginx.yaml PLAY [all] ************************************************************************************************* TASK [Gathering Facts] ************************************************************************************* ok: [web1] ok: [web2] TASK [nginx : t1] ****************************************************************************************** ok: [web2] ok: [web1] TASK [nginx : debug] *************************************************************************************** ok: [web1] => { "ttt": { "changed": false, "checksum": "1bafb1557b8d5f992714c0dcbde77036bde98547", "dest": "/root/nginx-1.10.2.tar.gz", "diff": { "after": { "path": "/root/nginx-1.10.2.tar.gz" }, "before": { "path": "/root/nginx-1.10.2.tar.gz" } }, "failed": false, "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/root/nginx-1.10.2.tar.gz", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 910812, "state": "file", "uid": 0 } } ok: [web2] => { "ttt": { "changed": false, "checksum": "1bafb1557b8d5f992714c0dcbde77036bde98547", "dest": "/root/nginx-1.10.2.tar.gz", "diff": { "after": { "path": "/root/nginx-1.10.2.tar.gz" }, "before": { "path": "/root/nginx-1.10.2.tar.gz" } }, "failed": false, "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/root/nginx-1.10.2.tar.gz", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 910812, "state": "file", "uid": 0 } } TASK [nginx : t2] ****************************************************************************************** changed: [web2] changed: [web1] TASK [nginx : debug] *************************************************************************************** ok: [web1] => { "rrr": { "changed": true, "failed": false, "rc": 0, "stderr": "Shared connection to 192.168.200.131 closed. ", "stderr_lines": [ "Shared connection to 192.168.200.131 closed." ], "stdout": "/usr/bin/wget --2018-11-12 19:02:03-- http://mirrors.aliyun.com/repo/epel-6.repo Resolving mirrors.aliyun.com... failed: Name or service not known. wget: unable to resolve host address “mirrors.aliyun.com” yun源出错 ", "stdout_lines": [ "/usr/bin/wget", "--2018-11-12 19:02:03-- http://mirrors.aliyun.com/repo/epel-6.repo", "Resolving mirrors.aliyun.com... failed: Name or service not known.", "wget: unable to resolve host address “mirrors.aliyun.com”", "yun源出错" ] } } ok: [web2] => { "rrr": { "changed": true, "failed": false, "rc": 0, "stderr": "Shared connection to 192.168.200.133 closed. ", "stderr_lines": [ "Shared connection to 192.168.200.133 closed." ], "stdout": "/usr/bin/wget --2018-11-12 16:03:20-- http://mirrors.aliyun.com/repo/epel-6.repo Resolving mirrors.aliyun.com... 122.72.3.220, 122.72.3.219, 122.72.3.221, ... Connecting to mirrors.aliyun.com|122.72.3.220|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 664 [application/octet-stream] Saving to: “epel-6.repo” 0% [ ] 0 --.-K/s 100%[======================================>] 664 --.-K/s in 0s 2018-11-12 16:03:21 (62.4 MB/s) - “epel-6.repo” saved [664/664] ", "stdout_lines": [ "/usr/bin/wget", "--2018-11-12 16:03:20-- http://mirrors.aliyun.com/repo/epel-6.repo", "Resolving mirrors.aliyun.com... 122.72.3.220, 122.72.3.219, 122.72.3.221, ...", "Connecting to mirrors.aliyun.com|122.72.3.220|:80... connected.", "HTTP request sent, awaiting response... 200 OK", "Length: 664 [application/octet-stream]", "Saving to: “epel-6.repo”", "", "", " 0% [ ] 0 --.-K/s ", "100%[======================================>] 664 --.-K/s in 0s ", "", "2018-11-12 16:03:21 (62.4 MB/s) - “epel-6.repo” saved [664/664]", "" ] } } PLAY RECAP ************************************************************************************************* web1 : ok=5 changed=1 unreachable=0 failed=0 web2 : ok=5 changed=1 unreachable=0 failed=0
这样Nginx服务就先简单的搭建成功,需要主要目前没有任何的配置文件和启动服务
接下来我搭建mysql
roles的模板,
[root@bogon ~]# tree /myroles/ /myroles/ ├── mysql.retry ├── mysql.yaml ├── nginx.retry ├── nginx.yaml └── roles ├── mysql │?? ├── files │?? │?? ├── mysql-5.5.32-linux2.6-x86_64.tar.gz │?? │?? ├── mysql.sh │?? │?? └── yum.sh │?? ├── handlers │?? ├── tasks │?? │?? └── main.yaml │?? ├── templates │?? └── vars ├── nginx │?? ├── files │?? │?? ├── nginx-1.10.2.tar.gz │?? │?? └── nginx.sh │?? ├── handlers │?? ├── tasks │?? │?? └── main.yaml │?? ├── templates │?? └── vars └── php ├── files ├── handlers ├── tasks ├── templates └── vars
mysql.yaml的内容
---
- hosts: all
gather_facts: True
roles:
- mysql
tasks里边的任务
[root@bogon tasks]# vim main.yaml - name: t1 copy: src=mysql-5.5.32-linux2.6-x86_64.tar.gz dest=/root/ register: ttt - debug: var=ttt #- name: yum # script: yum.sh # register: zzz #- debug: var=zzz - name: t2 script: mysql.sh register: rrr - debug: var=rrr ~
files里边的脚本
yum的脚本
#!/bin/bash mkdir -p /media/cdrom umount /dev/sr0 &>/dev/null mount /dev/sr0 /media/cdrom &>/dev/null dir=/etc/yum.repos.d [ -d $dir ] || mkdir -p $dir cd $dir mv * /tmp/ cat >/etc/yum.repos.d/local.repo << KOF [local] name=localrepo baseurl=file:///media/cdrom/ KOF yum -y clean all &>/dev/null [ $? -eq 0 ] || echo "clean erro" yum makecache &>/dev/null || echo "erro cache" which "wget" [ $? -eq 0 ] || /usr/bin/yum -y install wget &>/dev/null /usr/bin/wget http://mirrors.aliyun.com/repo/epel-6.repo [ $? -eq 0 ] || (/bin/echo "yun源出错" && exit) /usr/bin/yum -y clean all &>/dev/null /usr/bin/yum makecache &>/dev/null [ $? -eq 0 ] || (/bin/echo "yun缓存错误" && exit) /usr/bin/yum -y install pcre-deved openssl-devel &>/dev/null [ $? -eq 0 ] || /bin/echo "pcre error"
mysl的安装脚本(需要注意的是这里使用的是二进制压缩包,简单的脚本,不严谨,可以执行成功)
#!/bin/bash groupadd mysql useradd -s /sbin/nologin -g mysql -M mysql cd ~ tar xf mysql-5.5.32-linux2.6-x86_64.tar.gz -C /usr/local/ cd /usr/local/ mv mysql-5.5.32-linux2.6-x86_64 mysql-5.5.32 ln -s mysql-5.5.32 mysql [ -d /usr/local/mysql/data ] || mkdir -p /usr/local/mysql/data chown -R mysql.mysql /usr/local/mysql yum -y install libaio /usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql cd /usr/local/mysql cp support-files/mysql.server /etc/init.d/mysqld chmod +x /etc/init.d/mysqld /etc/init.d/mysqld start
执行mysql剧本
[root@bogon myroles]# ansible-playbook mysql.yaml
[root@bogon myroles]# ansible-playbook mysql.yaml PLAY [all] ***************************************************************************************************************************************************************** TASK [Gathering Facts] ***************************************************************************************************************************************************** ok: [web1] TASK [mysql : t1] ********************************************************************************************************************************************************** ok: [web1] TASK [mysql : debug] ******************************************************************************************************************************************************* ok: [web1] => { "ttt": { "changed": false, "checksum": "1861329e637aca5e143c436fd795d28ed8f10729", "dest": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz", "diff": { "after": { "path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz" }, "before": { "path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz" } }, "failed": false, "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz", "secontext": "system_u:object_r:admin_home_t:s0", "size": 186722932, "state": "file", "uid": 0 } } TASK [mysql : t2] ********************************************************************************************************************************************************** changed: [web1] TASK [mysql : debug] ******************************************************************************************************************************************************* ok: [web1] => { "rrr": { "changed": true, "failed": false, "rc": 0, "stderr": "Shared connection to 192.168.200.131 closed. ", "stderr_lines": [ "Shared connection to 192.168.200.131 closed." ], "stdout": "groupadd: group 'mysql' already exists useradd: user 'mysql' already exists mv: cannot move `mysql-5.5.32-linux2.6-x86_64' to `mysql-5.5.32/mysql-5.5.32-linux2.6-x86_64': Directory not empty ln: creating symbolic link `mysql/mysql-5.5.32': File exists Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Setting up Install Process Package libaio-0.3.107-10.el6.x86_64 already installed and latest version Nothing to do Installing MySQL system tables... OK Filling help tables... OK To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands: /usr/local/mysql/bin/mysqladmin -u root password 'new-password' /usr/local/mysql/bin/mysqladmin -u root -h www.sunan.com password 'new-password' Alternatively you can run: /usr/local/mysql/bin/mysql_secure_installation which will also give you the option of removing the test databases and anonymous user created by default. This is strongly recommended for production servers. See the manual for more instructions. You can start the MySQL daemon with: cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe & You can test the MySQL daemon with mysql-test-run.pl cd /usr/local/mysql/mysql-test ; perl mysql-test-run.pl Please report any problems with the /usr/local/mysql/scripts/mysqlbug script! Starting MySQL SUCCESS! ", "stdout_lines": [ "groupadd: group 'mysql' already exists", "useradd: user 'mysql' already exists", "mv: cannot move `mysql-5.5.32-linux2.6-x86_64' to `mysql-5.5.32/mysql-5.5.32-linux2.6-x86_64': Directory not empty", "ln: creating symbolic link `mysql/mysql-5.5.32': File exists", "Loaded plugins: fastestmirror", "Loading mirror speeds from cached hostfile", "Setting up Install Process", "Package libaio-0.3.107-10.el6.x86_64 already installed and latest version", "Nothing to do", "Installing MySQL system tables...", "OK", "Filling help tables...", "OK", "", "To start mysqld at boot time you have to copy", "support-files/mysql.server to the right place for your system", "", "PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !", "To do so, start the server, then issue the following commands:", "", "/usr/local/mysql/bin/mysqladmin -u root password 'new-password'", "/usr/local/mysql/bin/mysqladmin -u root -h www.sunan.com password 'new-password'", "", "Alternatively you can run:", "/usr/local/mysql/bin/mysql_secure_installation", "", "which will also give you the option of removing the test", "databases and anonymous user created by default. This is", "strongly recommended for production servers.", "", "See the manual for more instructions.", "", "You can start the MySQL daemon with:", "cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe &", "", "You can test the MySQL daemon with mysql-test-run.pl", "cd /usr/local/mysql/mysql-test ; perl mysql-test-run.pl", "", "Please report any problems with the /usr/local/mysql/scripts/mysqlbug script!", "", "Starting MySQL SUCCESS! " ] } } PLAY RECAP ***************************************************************************************************************************************************************** web1 : ok=5 changed=1 unreachable=0 failed=0
如果报错ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
是说明找不到sockt启动文件,第一个办法是修改配置文件的路径,
[root@www ~]# vim /etc/my.cnf
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
第二个办法是直接做个软连接就可以
ln -s /var/lib/mysql/* /tmp/
我们的mysql就安装成功了,接下来我们安装php
roles的树形结构
[root@bogon php]# tree /myroles/ /myroles/ ├── mysql.retry ├── mysql.yaml ├── nginx.retry ├── nginx.yaml ├── php.retry ├── php.yaml └── roles ├── mysql │ ├── files │ │ ├── mysql-5.5.32-linux2.6-x86_64.tar.gz │ │ ├── mysql.sh │ │ └── yum.sh │ ├── handlers │ ├── tasks │ │ └── main.yaml │ ├── templates │ └── vars ├── nginx │ ├── files │ │ ├── nginx-1.10.2.tar.gz │ │ └── nginx.sh │ ├── handlers │ ├── tasks │ │ └── main.yaml │ ├── templates │ └── vars └── php ├── files │ ├── libiconv-1.14.tar.gz │ ├── php-5.3.28.tar.gz │ └── php.sh ├── handlers ├── tasks │ └── main.yaml ├── templates └── vars
php的剧本与roles平级的
[root@bogon myroles]# vim php.yaml
--- - hosts: all gather_facts: True roles: - php
php的tasks的剧本
[root@bogon tasks]# vim main.yaml - name: t1 copy: src=php-5.3.28.tar.gz dest=/root/ register: ttt - debug: var=ttt - name: t3 copy: src=libiconv-1.14.tar.gz dest=/root/ register: ttt - debug: var=ttt - name: t2 script: php.sh register: rrr - debug: var=rrr
安装php的脚本
[root@bogon files]# pwd
/myroles/roles/php/files
[root@bogon files]# vim php.sh
#!/bin/bash yum -y zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel install freetype-devel libpng-devel gd libcurl-devel libxslt-devel cd ~ tar xf libiconv-1.14.tar.gz -C /usr/src cd /usr/src/libiconv-1.14 ./configure --prefix=/usr/local/libiconv && make && make install yum -y install libmcrypt-devel mhash mcrypt useradd -s /sbin/nologin -M www cd ~ tar xf php-5.3.28.tar.gz -C /usr/src/ cd /usr/src/php-5.3.28 && ./configure --prefix=/usr/local/php5.3.28 --with-mysql=mysqlnd --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=www --with-fpm-group=www --enable-ftp make && make install ln -s /usr/local/php5.3.28/ /usr/local/php cd /usr/src/php-5.3.28 cp php.ini-production /usr/local/php/lib/php.ini cd /usr/local/php/etc/
cp php-fpm.conf.default php-fpm.conf
/usr/local/php/sbin/php-fpm