zoukankan      html  css  js  c++  java

  • 使用playbook部署lamp

    弄4台主机,其中一台装ansible,其余三台分别部署nginx、mysql、php,实现lamp架构。请合理分配主机资源,所有主机均给500M内存即可,若资源富裕多给些亦可。

    主控机ip:192.168.44.128   localhost   ansible

    受控机ip:192.168.44.131   node2   httpd

                    192.168.44.132  node3   mysql

                    192.168.44.133  node4   php

    整体结构树

    [root@localhost project]# tree .
.
├── lamp
│   └── main.yml
└── modules
    ├── ansible.cfg
    ├── base
    │   ├── files
    │   │   ├── centos7-base.repo
    │   │   ├── centos8-base.repo
    │   │   ├── epel-7.repo
    │   │   └── epel-8.repo
    │   └── yum.yml
    ├── databases
    │   └── mysql
    │       ├── install.yml
    │       ├── packages
    │       │   └── mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
    │       ├── templates
    │       │   ├── mysql.j2
    │       │   └── mysql.service.j2
    │       └── vars
    │           └── mysql.yml
    ├── inventory
    ├── phpproject
    │   └── php
    │       ├── install.yml
    │       └── vars
    │           └── php.yml
    └── web
        └── apache
            ├── install.yml
            ├── packages
            │   ├── apr-1.7.0.tar.bz2
            │   ├── apr-util-1.6.1.tar.gz
            │   └── httpd-2.4.46.tar.gz
            ├── templates
            │   ├── httpd.j2
            │   └── httpd.service.j2
            └── vars
                └── httpd.yml

    准备主机环境

    //下载centos源
[root@localhost ~]# mount /dev/cdrom /mnt
[root@ansible ~]# wget -O /project/modules/yum/files/centos7-base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@ansible ~]# wget -O /project/modules/yum/files/centos8-base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
[root@ansible ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /project/modules/yum/files/*.repo
[root@ansible ~]# sed -i 's|$releasever|7|' /project/modules/yum/files/centos7-base.repo
[root@ansible ~]# sed -i 's|$releasever|8|' /project/modules/yum/files/centos8-base.repo

//下载epel源
[root@ansible ~]# wget -O /project/modules/yum/files/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@ansible ~]# wget -O /project/modules/yum/files/epel-release-latest-8.noarch.rpm https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm

//安装rpm包并提取repo源
[root@ansible ~]# rpm -ivh /project/modules/yum/files/epel-release-latest-8.noarch.rpm
[root@ansible ~]# mv /etc/yum.repos.d/epel.repo /project/modules/yum/files/epel-8.repo
[root@ansible ~]# sed -i 's|$releasever|8|' /project/modules/yum/files/centos8-base.repo
[root@ansible ~]# sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /project/modules/yum/files/epel-8.repo
[root@ansible ~]# sed -i 's|^metalink|#metalink|' /project/modules/yum/files/epel-8.repo

//设置gpgcheck=0
[root@ansible ~]# sed -i 's|^gpgcheck=1|gpgcheck=0|' /project/modules/yum/files/*.repo
[root@localhost yum.repos.d]# yum clean all
[root@localhost yum.repos.d]# yum makeache
[root@localhost ~]# yum -y install vim

//设置三台受控机免密登陆
[root@localhost ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.44.131 node2 
192.168.44.132 node3
192.168.44.133 node4
[root@localhost ~]# ssh-keygen -t rsa  //全部按回车
[root@localhost ~]# ssh-copy-id root@192.168.44.131
[root@localhost ~]# ssh-copy-id root@192.168.44.132
[root@localhost ~]# ssh-copy-id root@192.168.44.133
[root@localhost ~]# vim /etc/ansible/ansible.cfg
#inventory      = /etc/ansible/hosts  //取消注释并把路径改成./inventory
[root@localhost ~]# cd project/modules
[root@localhost modules]# cp /etc/ansible/ansible.cfg  .
[root@localhost modules]# vi inventory

[group_apache]
node2

[group_mysql]
node3

[group_php]
node4

//测试能否使用ansible链接其他受控机
[root@localhost ~]# ansible node2 -m ping
[root@localhost ~]# ansible node3 -m ping
[root@localhost ~]# ansible node4 -m ping

    配置yum源的playbook

    [root@localhost ~]# vim project/modules/base/yum.yml
---
- hosts: all
  tasks:
    - name: yum config for base
      copy:
        src: files/centos{{ ansible_facts['distribution_major_version'] }}-base.repo
        dest: /etc/yum.repos.d/centos-base.repo
      when: ansible_facts['distribution'] == 'RedHat'
      
    - name: yum config for epel
      copy:
        src: files/epel-{{ ansible_facts['distribution_major_version'] }}.repo
        dest: /etc/yum.repos.d/epel.repo
    - name: stop firewalld
      service:
        name: firewalld
        state: stopped
      
    - name: disabled selinux
      lineinfile:
        path: /etc/selinux/config
        regexp: '^SELINUX='
        line: SELINUX=disabled
        
    - name: stop selinux
      shell: setenforce 0     
        
[root@localhost ~]# ansible-playbook project/modules/base/yum.yml

    httpd部分

    [root@localhost modules]# vim web/apache/vars/httpd.yml
packages:
  - openssl-devel
  - pcre-devel
  - expat-devel
  - libtool
  - gcc
  - gcc-c++
  - make
  - '@development tools'
  
user: apache
 
php_ip: 192.168.44.133  

//模板文件httpd.j2配置
[root@localhost modules]# vim  web/apache/templates/httpd.j2
//搜索AddType
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType application/x-httpd-php .php          //添加此行
    AddType application/x-httpd-php-source .phps      //添加此行
  
//搜索proxy.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so                  //取消注释
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so      //取消注释
  
//搜索index.html
 DirectoryIndex index.php  index.html  //添加index.php在前面
  
//在配置文件的最后加入以下内容
<VirtualHost *:80>
        DocumentRoot "/usr/local/apache/htdocs/"
        ServerName  www.csltest.com
        ProxyRequests   Off
        ProxyPassMatch ^/(.*.php)$ fcgi://{{ hostvars['node4'].ansible_default_ipv4.address }}:9000/var/www/html/$1  
        <Directory "/usr/local/apache/htdocs">
                Options none
                AllowOverride none
                Require all granted
        </Directory>
</VirtualHost>

//模板文件httpd.service配置
[root@localhost modules]# vim web/apache/templates/httpd.service.j2
[Unit]
Description = The httpd process manager
 
[Service]
Type = forking
ExecStart = /usr/local/apache/bin/apachectl
ExecReload = /usr/local/apache/bin/apachectl -s reload
ExecStop = /usr/local/apache/apachectl -s stop
 
[Install]
WantedBy = multi-user.target

//编写apache的playbook
[root@localhost modules]# vim web/apache/install.yml
---
- hosts: node2
  vars_files:
    - vars/httpd.yml
  tasks:
    - name: create  user
      user:     
        name: '{{ user }}'
        system: yes
        create_home: no
        shell: /sbin/nologin
        state: present
 
    - name: install base packages
      yum:
        name: '{{ item }}'
        state: present
      loop: '{{ packages }}'
 
    - name: uncompress apr
      unarchive:
        src: packages/apr-1.7.0.tar.bz2
        dest: /opt/
 
    - name: uncompress apr-util
      unarchive:
        src:  packages/apr-util-1.6.1.tar.gz
        dest: /opt/
 
    - name: uncompress httpd
      unarchive:
        src: packages/httpd-2.4.46.tar.gz
        dest: /opt/ 
                          
    - name: install apr
      shell: sed -i 's/$RM "$cfgfile"/#$RM "$cfgfile"/' /opt/apr-1.7.0/configure && cd /opt/apr-1.7.0 && ./configure  --prefix=/usr/local/apr && make && make install 
     
    - name: install apr-util
      shell: cd /opt/apr-util-1.6.1 && ./configure  --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && make && make install 
    
    - name: install httpd
      shell: cd /opt/httpd-2.4.46 && ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24  --enable-so  --enable-ssl  --enable-cgi  --enable-rewrite  --with-zlib  --with-pcre --with-apr=/usr/local/apr  --with-apr-util=/usr/local/apr-util/  --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork && make && make install
       
    - name: create export path
      shell: echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh && source /etc/profile.d/httpd.sh
   
    - name: systemctl httpd
      template:
        src: templates/httpd.service.j2
        dest: /usr/lib/systemd/system/httpd.service  
 
    - name:
      shell: systemctl  daemon-reload

    mysql部分

    //编辑模板文件mysql.j2
[root@localhost modules]# vim databases/mysql/templates/mysql.j2
[mysqld]
basedir = {{ basedir }}/mysql
datadir = {{ datadir }}
socket = /tmp/mysql.sock
port = 3306
pid-file = {{ datadir }}/mysql.pid
user = mysql
skip-name-resolve

//创建模板文件mysqld.service.j2
[root@localhost ~]# vim project/modules/databases/mysql/templates/mysqld.service.j2
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
 
[Install]
WantedBy=multi-user.target
 
[Service]
User=mysql
Group=mysql
Type=forking
PIDFile={{ datadir }}/mysql.pid
TimeoutSec=0
PermissionsStartOnly=true
ExecStart={{ basedir }}/mysql/bin/mysqld --daemonize --pid-file={{ datadir}}/mysql.pid $MYSQLD_OPTS
LimitNOFILE = 5000
Restart=on-failure
RestartPreventExitStatus=1
PrivateTmp=false

[root@localhost modules]# vim databases/mysql/vars/mysql.yml
packages:
  - ncurses-devel
  - openssl-devel
  - openssl
  - cmake
  - mariadb-devel
  - ncurses-compat-libs
  
datadir: /mydata
 
basedir: /usr/local
 
user: mysql  
  
//配置mysql的playbook
[root@localhost modules]# vim databases/mysql/install.yml
- hosts: node3
  vars_files:
    - vars/mysql.yml
  tasks:
    - name: base packages
      yum:
        name: '{{ item }}'
        state: present
      loop: '{{ packages }}'
 
    - name: create user
      user:
        name: '{{ user }}'
        create_home: no
        system: yes
        shell: /sbin/nologin
        state: present
 
    - name: uncompress mysql
      unarchive:
        src: packages/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
        dest: '{{ basedir }}/'
        owner: mysql
        group: mysql
 
    - name: soft link
      file:
        src: '{{ basedir }}/mysql-5.7.31-linux-glibc2.12-x86_64'
        dest: '{{ basedir }}/mysql'
        state: link   
 
    - name: create export  mysql
      shell: echo 'export PATH={{ basedir }}/mysql/bin:$PATH' > /etc/profile.d/myslq.sh && source /etc/profile.d/myslq.sh
 
    - name: create datadir
      file:
        path: '{{ datadir }}'
        owner: mysql
        group: mysql
        state: directory
 
    - name: initialize mysql
      shell: '{{ basedir }}/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir={{ datadir }}'
      ignore_errors: yes
 
    - name: config file
      template:
        src: templates/mysql.j2
        dest: /etc/my.cnf     
 
    - name: systemctl mysqld
      template:
        src: templates/mysqld.service.j2
        dest: /usr/lib/systemd/system/mysqld.service
     
    - name: reload
      shell: systemctl  daemon-reload

    php部分

    [root@localhost modules]# vim appproject/php/vars/php.yml
packages:
  - libxml2
  - libxml2-devel
  - openssl
  - openssl-devel
  - bzip2
  - bzip2-devel
  - libcurl
  - libcurl-devel
  - libicu-devel
  - libjpeg
  - libjpeg-devel
  - libpng
  - libpng-devel
  - openldap-devel
  - pcre-devel
  - freetype
  - freetype-devel
  - gmp
  - gmp-devel
  - libmcrypt
  - libmcrypt-devel
  - readline
  - readline-devel
  - libxslt
  - libxslt-devel
  - mhash
  - mhash-devel
  - php-mysqlnd
  - php-*

//配置php的playbook
[root@localhost modules]# vim appproject/php/install.yml
---
- hosts: node4
  vars_files:
    - vars/php.yml
  tasks:
    - name: base packages
      yum:
        name: '{{ item }}'
        state: present
      loop: '{{ packages }}'
 
    - name: config php socket
      lineinfile:
        path: /etc/php-fpm.d/www.conf
        regexp: '^listen ='
        line: listen = 0.0.0.0:9000

    lamp部分

    [root@localhost project]# vim lamp/main.yml
---
- name: conf yum.repo
  import_playbook: ../modules/base/yum.yml
 
- name: httpd  
  import_playbook: ../modules/web/apache/install.yml
 
- name: mysql 
  import_playbook: ../modules/databases/mysql/install.yml
 
- name: php 
  import_playbook: ../modules/application/php/install.yml
 
- hosts: node2
  vars_files:
    - ../modules/web/apache/vars/httpd.yml
  tasks:
    - name: httpd config file
      template:
        src: ../modules/web/apache/templates/httpd.j2
        dest: /etc/httpd24/httpd.conf
 
    - name: start httpd
      service:
        name: httpd
        enabled: yes
        state: started    
         
- hosts: node3
  vars_files:
    - ../modules/databases/mysql/vars/mysql.yml     
  tasks:
    - name: start mysql
      service:
        name: mysqld
        enabled: yes
        state: started    
 
    - name: set passwd
      shell: '{{ basedir }}/mysql/bin/mysql -uroot -e "set password = password("123")"'      
 
- hosts: node4
  tasks:
    - name: index.php
      file:
        path: /var/www/html/index.php
        owner: apache
        group: apache
        state: touch
      
    - name: test index
      lineinfile:
        path: /var/www/html/index.php
        line: |
            <?php
            phpinfo();
            ?>
        state: present   
 
    - name: allow access to IP
      lineinfile:
        path: /etc/php-fpm.d/www.conf
        regexp: '^listen.allowed_clients ='
        line: listen.allowed_clients = 192.168.44.131      
     
    - name: start php
      service:
        name: php-fpm
        state: started
        enabled: yes
        
[root@localhost project]# ansible-playbook lamp/main.yml

    验证,在浏览器里输入安装httpd服务的受控机IP
  • 相关阅读:
    WebEssentials 在vs2013 update5安装报错的解决方法.
    提高代码质量系列之三:我是怎么设计函数的?
    ValueInjecter----最好用的OOM(以微信消息转对象举例)
    我的第一个python程序--给2.x的print代码加上括号
    提高代码质量系列之二:重构小技巧——if篇
    提高代码质量系列之一:尽可能少写注释.
    Two-machine debugging
    12306个人敏感信息泄露
    纯手工秒杀VM,SE等虚拟机Handle
    2014版QQ个性显IP(源码+Bin)
  • 原文地址:https://www.cnblogs.com/chensongling/p/14254996.html
Copyright © 2011-2022 走看看