安装Ansible
yum -y install ansible
如果copy报错一下的语句 "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!",需要安装支持包
yum -y install libselinux-python
然后建立roles的标准化模块相应的目录
[root@ansible myroles]# tree /myroles/
/myroles/
├── nginx.yaml #nginx模组入口配置文件
└── roles
└── nginx #nginx原型模组目录
├── files
├── handlers
├── tasks
│ └── main.yaml #nginx模组的tasks任务配置文件
├── templates
└── vars
7 directories, 2 files
Nginx的剧本书写,在myroles里,跟roles同级
---
- hosts: all
gather_facts: True
roles:
- nginx
然后在Nginx目录下files目录里放置安装包和,安装脚本文件
nginx的搭建脚本
#!/bin/bash
mkdir -p /media/cdrom
umount /dev/sr0 &>/dev/null
mount /dev/sr0 /media/cdrom &>/dev/null
dir=/etc/yum.repos.d
[ -d $dir ] || mkdir -p $dir
cd $dir
mv * /tmp/
cat >/etc/yum.repos.d/local.repo << KOF
[local]
name=localrepo
baseurl=file:///media/cdrom/
KOF
yum -y clean all &>/dev/null
[ $? -eq 0 ] || echo "clean erro"
yum makecache &>/dev/null || echo "erro cache"
which "wget"
[ $? -eq 0 ] || /usr/bin/yum -y install wget &>/dev/null
/usr/bin/wget http://mirrors.aliyun.com/repo/epel-6.repo
[ $? -eq 0 ] || (/bin/echo "yun源出错" && exit)
/usr/bin/yum -y clean all &>/dev/null
/usr/bin/yum makecache &>/dev/null
[ $? -eq 0 ] || (/bin/echo "yun缓存错误" && exit)
/usr/bin/yum -y install pcre-deved openssl-devel &>/dev/null
[ $? -eq 0 ] || /bin/echo "pcre error"
useradd -M -s /sbin/nologin nginx &>dev/null
cd ~
tar xf nginx-1.10.2.tar.gz -C /usr/src/
cd /usr/src/nginx-1.10.2/
./configure --user=nginx --group=nginx --prefix=/usr/local/nginx-1.10.2/ --with-http_stub_status_module --with-http_ssl_module && make && make install &>/dev/null
在tasks里创建个main.yaml主要任务剧本
- name: t1
copy: src=nginx-1.10.2.tar.gz dest=/root/
register: ttt
- debug: var=ttt
- name: t2
script: nginx.sh
register: rrr
- debug: var=rrr
回到mysoles里执行nginx.yaml剧本
[root@bogon myroles]# ansible-playbook nginx.yaml
PLAY [all] *************************************************************************************************
TASK [Gathering Facts] *************************************************************************************
ok: [web1]
ok: [web2]
TASK [nginx : t1] ******************************************************************************************
ok: [web2]
ok: [web1]
TASK [nginx : debug] ***************************************************************************************
ok: [web1] => {
"ttt": {
"changed": false,
"checksum": "1bafb1557b8d5f992714c0dcbde77036bde98547",
"dest": "/root/nginx-1.10.2.tar.gz",
"diff": {
"after": {
"path": "/root/nginx-1.10.2.tar.gz"
},
"before": {
"path": "/root/nginx-1.10.2.tar.gz"
}
},
"failed": false,
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"path": "/root/nginx-1.10.2.tar.gz",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 910812,
"state": "file",
"uid": 0
}
}
ok: [web2] => {
"ttt": {
"changed": false,
"checksum": "1bafb1557b8d5f992714c0dcbde77036bde98547",
"dest": "/root/nginx-1.10.2.tar.gz",
"diff": {
"after": {
"path": "/root/nginx-1.10.2.tar.gz"
},
"before": {
"path": "/root/nginx-1.10.2.tar.gz"
}
},
"failed": false,
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"path": "/root/nginx-1.10.2.tar.gz",
"secontext": "unconfined_u:object_r:admin_home_t:s0",
"size": 910812,
"state": "file",
"uid": 0
}
}
TASK [nginx : t2] ******************************************************************************************
changed: [web2]
changed: [web1]
TASK [nginx : debug] ***************************************************************************************
ok: [web1] => {
"rrr": {
"changed": true,
"failed": false,
"rc": 0,
"stderr": "Shared connection to 192.168.200.131 closed.
",
"stderr_lines": [
"Shared connection to 192.168.200.131 closed."
],
"stdout": "/usr/bin/wget
--2018-11-12 19:02:03-- http://mirrors.aliyun.com/repo/epel-6.repo
Resolving mirrors.aliyun.com... failed: Name or service not known.
wget: unable to resolve host address “mirrors.aliyun.com”
yun源出错
",
"stdout_lines": [
"/usr/bin/wget",
"--2018-11-12 19:02:03-- http://mirrors.aliyun.com/repo/epel-6.repo",
"Resolving mirrors.aliyun.com... failed: Name or service not known.",
"wget: unable to resolve host address “mirrors.aliyun.com”",
"yun源出错"
]
}
}
ok: [web2] => {
"rrr": {
"changed": true,
"failed": false,
"rc": 0,
"stderr": "Shared connection to 192.168.200.133 closed.
",
"stderr_lines": [
"Shared connection to 192.168.200.133 closed."
],
"stdout": "/usr/bin/wget
--2018-11-12 16:03:20-- http://mirrors.aliyun.com/repo/epel-6.repo
Resolving mirrors.aliyun.com... 122.72.3.220, 122.72.3.219, 122.72.3.221, ...
Connecting to mirrors.aliyun.com|122.72.3.220|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 664 [application/octet-stream]
Saving to: “epel-6.repo”
0% [ ] 0 --.-K/s
100%[======================================>] 664 --.-K/s in 0s
2018-11-12 16:03:21 (62.4 MB/s) - “epel-6.repo” saved [664/664]
",
"stdout_lines": [
"/usr/bin/wget",
"--2018-11-12 16:03:20-- http://mirrors.aliyun.com/repo/epel-6.repo",
"Resolving mirrors.aliyun.com... 122.72.3.220, 122.72.3.219, 122.72.3.221, ...",
"Connecting to mirrors.aliyun.com|122.72.3.220|:80... connected.",
"HTTP request sent, awaiting response... 200 OK",
"Length: 664 [application/octet-stream]",
"Saving to: “epel-6.repo”",
"",
"",
" 0% [ ] 0 --.-K/s ",
"100%[======================================>] 664 --.-K/s in 0s ",
"",
"2018-11-12 16:03:21 (62.4 MB/s) - “epel-6.repo” saved [664/664]",
""
]
}
}
PLAY RECAP *************************************************************************************************
web1 : ok=5 changed=1 unreachable=0 failed=0
web2 : ok=5 changed=1 unreachable=0 failed=0
这样Nginx服务就先简单的搭建成功,需要主要目前没有任何的配置文件和启动服务
搭建mysql,roles的模板
[root@bogon ~]# tree /myroles/ /myroles/ ├── mysql.retry ├── mysql.yaml ├── nginx.retry ├── nginx.yaml └── roles ├── mysql │?? ├── files │?? │?? ├── mysql-5.5.32-linux2.6-x86_64.tar.gz │?? │?? ├── mysql.sh │?? │?? └── yum.sh │?? ├── handlers │?? ├── tasks │?? │?? └── main.yaml │?? ├── templates │?? └── vars ├── nginx │?? ├── files │?? │?? ├── nginx-1.10.2.tar.gz │?? │?? └── nginx.sh │?? ├── handlers │?? ├── tasks │?? │?? └── main.yaml │?? ├── templates │?? └── vars └── php ├── files ├── handlers ├── tasks ├── templates └── vars
mysql.yaml的内容
---
- hosts: all
gather_facts: True
roles:
- mysql
tasks里边的任务
[root@bogon tasks]# vim main.yaml
- name: t1
copy: src=mysql-5.5.32-linux2.6-x86_64.tar.gz dest=/root/
register: ttt
- debug: var=ttt
- name: t2
script: mysql.sh
register: rrr
- debug: var=rrr
files里边的脚本
yum的脚本
#!/bin/bash
mkdir -p /media/cdrom
umount /dev/sr0 &>/dev/null
mount /dev/sr0 /media/cdrom &>/dev/null
dir=/etc/yum.repos.d
[ -d $dir ] || mkdir -p $dir
cd $dir
mv * /tmp/
cat >/etc/yum.repos.d/local.repo << KOF
[local]
name=localrepo
baseurl=file:///media/cdrom/
KOF
yum -y clean all &>/dev/null
[ $? -eq 0 ] || echo "clean erro"
yum makecache &>/dev/null || echo "erro cache"
which "wget"
[ $? -eq 0 ] || /usr/bin/yum -y install wget &>/dev/null
/usr/bin/wget http://mirrors.aliyun.com/repo/epel-6.repo
[ $? -eq 0 ] || (/bin/echo "yun源出错" && exit)
/usr/bin/yum -y clean all &>/dev/null
/usr/bin/yum makecache &>/dev/null
[ $? -eq 0 ] || (/bin/echo "yun缓存错误" && exit)
/usr/bin/yum -y install pcre-deved openssl-devel &>/dev/null
[ $? -eq 0 ] || /bin/echo "pcre error"
mysl的安装脚本(需要注意的是这里使用的是二进制压缩包,简单的脚本,不严谨,可以执行成功)
#!/bin/bash
groupadd mysql
useradd -s /sbin/nologin -g mysql -M mysql
cd ~
tar xf mysql-5.5.32-linux2.6-x86_64.tar.gz -C /usr/local/
cd /usr/local/
mv mysql-5.5.32-linux2.6-x86_64 mysql-5.5.32
ln -s mysql-5.5.32 mysql
[ -d /usr/local/mysql/data ] || mkdir -p /usr/local/mysql/data
chown -R mysql.mysql /usr/local/mysql
yum -y install libaio
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --user=mysql
cd /usr/local/mysql
cp support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld
/etc/init.d/mysqld start
执行mysql剧本
[root@bogon myroles]# ansible-playbook mysql.yaml
PLAY [all] *****************************************************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************************
ok: [web1]
TASK [mysql : t1] **********************************************************************************************************************************************************
ok: [web1]
TASK [mysql : debug] *******************************************************************************************************************************************************
ok: [web1] => {
"ttt": {
"changed": false,
"checksum": "1861329e637aca5e143c436fd795d28ed8f10729",
"dest": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz",
"diff": {
"after": {
"path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz"
},
"before": {
"path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz"
}
},
"failed": false,
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"path": "/root/mysql-5.5.32-linux2.6-x86_64.tar.gz",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 186722932,
"state": "file",
"uid": 0
}
}
TASK [mysql : t2] **********************************************************************************************************************************************************
changed: [web1]
TASK [mysql : debug] *******************************************************************************************************************************************************
ok: [web1] => {
"rrr": {
"changed": true,
"failed": false,
"rc": 0,
"stderr": "Shared connection to 192.168.200.131 closed.
",
"stderr_lines": [
"Shared connection to 192.168.200.131 closed."
],
"stdout": "groupadd: group 'mysql' already exists
useradd: user 'mysql' already exists
mv: cannot move `mysql-5.5.32-linux2.6-x86_64' to `mysql-5.5.32/mysql-5.5.32-linux2.6-x86_64': Directory not empty
ln: creating symbolic link `mysql/mysql-5.5.32': File exists
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Setting up Install Process
Package libaio-0.3.107-10.el6.x86_64 already installed and latest version
Nothing to do
Installing MySQL system tables...
OK
Filling help tables...
OK
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/local/mysql/bin/mysqladmin -u root password 'new-password'
/usr/local/mysql/bin/mysqladmin -u root -h www.sunan.com password 'new-password'
Alternatively you can run:
/usr/local/mysql/bin/mysql_secure_installation
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe &
You can test the MySQL daemon with mysql-test-run.pl
cd /usr/local/mysql/mysql-test ; perl mysql-test-run.pl
Please report any problems with the /usr/local/mysql/scripts/mysqlbug script!
Starting MySQL SUCCESS!
",
"stdout_lines": [
"groupadd: group 'mysql' already exists",
"useradd: user 'mysql' already exists",
"mv: cannot move `mysql-5.5.32-linux2.6-x86_64' to `mysql-5.5.32/mysql-5.5.32-linux2.6-x86_64': Directory not empty",
"ln: creating symbolic link `mysql/mysql-5.5.32': File exists",
"Loaded plugins: fastestmirror",
"Loading mirror speeds from cached hostfile",
"Setting up Install Process",
"Package libaio-0.3.107-10.el6.x86_64 already installed and latest version",
"Nothing to do",
"Installing MySQL system tables...",
"OK",
"Filling help tables...",
"OK",
"",
"To start mysqld at boot time you have to copy",
"support-files/mysql.server to the right place for your system",
"",
"PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !",
"To do so, start the server, then issue the following commands:",
"",
"/usr/local/mysql/bin/mysqladmin -u root password 'new-password'",
"/usr/local/mysql/bin/mysqladmin -u root -h www.sunan.com password 'new-password'",
"",
"Alternatively you can run:",
"/usr/local/mysql/bin/mysql_secure_installation",
"",
"which will also give you the option of removing the test",
"databases and anonymous user created by default. This is",
"strongly recommended for production servers.",
"",
"See the manual for more instructions.",
"",
"You can start the MySQL daemon with:",
"cd /usr/local/mysql ; /usr/local/mysql/bin/mysqld_safe &",
"",
"You can test the MySQL daemon with mysql-test-run.pl",
"cd /usr/local/mysql/mysql-test ; perl mysql-test-run.pl",
"",
"Please report any problems with the /usr/local/mysql/scripts/mysqlbug script!",
"",
"Starting MySQL SUCCESS! "
]
}
}
PLAY RECAP *****************************************************************************************************************************************************************
web1 : ok=5 changed=1 unreachable=0 failed=0
如果报错ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
是说明找不到sockt启动文件,第一个办法是修改配置文件的路径
[root@www ~]# vim /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
第二个办法是直接做个软连接就可以
ln -s /var/lib/mysql/* /tmp/
安装php
roles的树形结构
[root@bogon php]# tree /myroles/
/myroles/
├── mysql.retry
├── mysql.yaml
├── nginx.retry
├── nginx.yaml
├── php.retry
├── php.yaml
└── roles
├── mysql
│ ├── files
│ │ ├── mysql-5.5.32-linux2.6-x86_64.tar.gz
│ │ ├── mysql.sh
│ │ └── yum.sh
│ ├── handlers
│ ├── tasks
│ │ └── main.yaml
│ ├── templates
│ └── vars
├── nginx
│ ├── files
│ │ ├── nginx-1.10.2.tar.gz
│ │ └── nginx.sh
│ ├── handlers
│ ├── tasks
│ │ └── main.yaml
│ ├── templates
│ └── vars
└── php
├── files
│ ├── libiconv-1.14.tar.gz
│ ├── php-5.3.28.tar.gz
│ └── php.sh
├── handlers
├── tasks
│ └── main.yaml
├── templates
└── vars
php的剧本与roles平级的
[root@bogon myroles]# vim php.yaml --- - hosts: all gather_facts: True roles: - php
php的tasks的剧本
[root@bogon tasks]# vim main.yaml
- name: t1
copy: src=php-5.3.28.tar.gz dest=/root/
register: ttt
- debug: var=ttt
- name: t3
copy: src=libiconv-1.14.tar.gz dest=/root/
register: ttt
- debug: var=ttt
- name: t2
script: php.sh
register: rrr
- debug: var=rrr
安装php的脚本
[root@bogon files]# pwd
/myroles/roles/php/files
[root@bogon files]# vim php.sh
#!/bin/bash
yum -y zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel install freetype-devel libpng-devel gd libcurl-devel libxslt-devel
cd ~
tar xf libiconv-1.14.tar.gz -C /usr/src
cd /usr/src/libiconv-1.14
./configure --prefix=/usr/local/libiconv && make && make install
yum -y install libmcrypt-devel mhash mcrypt
useradd -s /sbin/nologin -M www
cd ~
tar xf php-5.3.28.tar.gz -C /usr/src/
cd /usr/src/php-5.3.28 && ./configure --prefix=/usr/local/php5.3.28 --with-mysql=mysqlnd --with-iconv-dir=/usr/local/libiconv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fpm --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-short-tags --enable-zend-multibyte --enable-static --with-xsl --with-fpm-user=www --with-fpm-group=www --enable-ftp
make && make install
ln -s /usr/local/php5.3.28/ /usr/local/php
cd /usr/src/php-5.3.28
cp php.ini-production /usr/local/php/lib/php.ini
cd /usr/local/php/etc/
cp php-fpm.conf.default php-fpm.conf
/usr/local/php/sbin/php-fpm