zoukankan      html  css  js  c++  java
  • Ansible playbook 部署lamp

    准备4台服务器

    安装的环境 IP/主机名
    ansible 192.168.220.10/apache
    apache 192.168.220.20/apache
    mysql 192.168.220.30/mysql
    php 192.168.220.40/php

     层级树

    [root@RedHat lamp]# tree
    .
    ├── ansible.cfg
    ├── application
    │   └── php
    │       ├── install.yml
    │       └── vars
    │           └── php.yml
    ├── base
    │   └── yum.yml
    ├── database
    │   ├── mysql
    │   │   ├── install.yml
    │   │   ├── packages
    │   │   │   └── mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
    │   │   ├── templeates
    │   │   │   ├── my.cnf.j2
    │   │   │   └── my.service.j2
    │   │   └── vars
    │   │       └── mysql.yml
    │   ├── templates
    │   └── vars
    ├── hosts
    ├── inventory
    ├── lamp
    │   └── main.yml
    └── web
        └── apache
            ├── install.yml
            ├── packages
            │   ├── apr-1.7.0.tar.gz
            │   ├── apr-util-1.6.1.tar.gz
            │   └── httpd-2.4.46.tar.bz2
            ├── templates
            │   ├── httpd.j2
            │   └── httpd.service.j2
            └── vars
                └── httpd.yml
    
    17 directories, 19 files

    安装ansible:

    //配置yum源
    [root@ansible ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
    [root@ansible ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
    [root@ansible ~]# sed  -i 's#$releasever#8#g'  /etc/yum.repos.d/CentOS-Base.repo
    [root@ansible ~]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
    [root@ansible ~]# sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
    [root@ansible ~]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
    [root@ansible ~]# sed  -i 's#$releasever#8#g'  /etc/yum.repos.d/epel.repo
     
    //安装ansible
    [root@ansible ~]# yum -y install ansible
     
    //查看ansible版本
    [root@ansible ~]#  ansible  --version
    ansible 2.9.16
      config file = /etc/ansible/ansible.cfg
      configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
      ansible python module location = /usr/lib/python3.6/site-packages/ansible
      executable location = /usr/bin/ansible
      python version = 3.6.8 (default, Dec  5 2019, 15:45:45) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
     
    //ssh免密登录
    [root@ansible lamp]# vim /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.220.10  ansible
    192.168.220.20  apache
    192.168.220.30  mysql
    192.168.248.40  php
     
    [root@ansible ~]# ssh-keygen -t rsa
    [root@ansible ~]# ssh-copy-id  root@apache
    [root@ansible ~]# ssh-copy-id  root@mysql
    [root@ansible ~]# ssh-copy-id  root@php

     将被控机IP加入到主控机清单:

    [root@ansible ~]# mkdir lamp
    [root@ansible ~]# cd lamp
    [root@ansible lamp]# cp /etc/ansible/ansible.cfg  .
     //创建清单文件
    [root@ansible lamp]# vim inventory
    [group_apache]
    apache
     
    [group_mysql]
    mysql
     
    [group_php]
    php
    
    //测试
    [root@ansible lamp]# ansible all -m ping
    php | SUCCESS => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/libexec/platform-python"
        },
        "changed": false,
        "ping": "pong"
    }
    apache | SUCCESS => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/libexec/platform-python"
        },
        "changed": false,
        "ping": "pong"
    }
    mysql | SUCCESS => {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/libexec/platform-python"
        },
        "changed": false,
        "ping": "pong"
    }

    yum源配置和关闭防火墙,selinux

    [root@RedHat lamp]# cat base/yum.yml 
    ---
    - hosts: all
      tasks:
        - name: yum to configure
          yum_repository:
            name: "{{ item }}"
            description: "{{ item }}"
            file: "{{ item }}"
            baseurl: https://mirrors.aliyun.com/centos/8/{{ item }}/x86_64/os/
            gpgcheck: no
            enabled: yes
            gpgcheck: no
            enabled: yes
          loop:
            - BaseOS
            - AppStream
              
        - name: epel
          yum_repository:
            name: epel 
            description: epel
            file: epel
            baseurl: https://mirrors.aliyun.com/epel/8/Everything/x86_64/
            gpgcheck: no
            enabled: yes
    
        - name: stop firewalld
          service:
            name: firewalld
            state: stopped 
            
        - name: disabled selinux
          lineinfile:
            path: /etc/selinux/config 
            regexp: '^SELINUX' 
            line: SELINUX=disable
    
        - name: stop selinux 
          shell: setenforce 0

    apache配置:

    //变量
    [root@RedHat lamp]# cat web/apache/vars/httpd.yml 
    packages:
      - openssl-devel
      - pcre-devel
      - expat-devel
      - libtool
      - gcc
      - gcc-c++
      - make 
      - '@development tools'    
    
    user: apache
    
    php_ip: 192.168.220.40
    
    //使用httpd.j2作为模板文件配置
    [root@ansible lamp]# vim  web/apache/templates/httpd.j2
    #搜索AddType
        AddType application/x-compress .Z
        AddType application/x-gzip .gz .tgz
        AddType application/x-httpd-php .php          #添加此行
        AddType application/x-httpd-php-source .phps      #添加此行
      
    //搜索proxy.so
    #LoadModule remoteip_module modules/mod_remoteip.so
    LoadModule proxy_module modules/mod_proxy.so                  //取消注释
    #LoadModule proxy_connect_module modules/mod_proxy_connect.so
    #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
    #LoadModule proxy_http_module modules/mod_proxy_http.so
    LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so      //取消注释
      
    //搜索index.html
     DirectoryIndex index.php  index.html #添加index.php
      
    #在配置文件的最后加入以下内容
    <VirtualHost *:80>
            DocumentRoot "/usr/local/apache/htdocs/"
            ServerName  www.xixi.com
            ProxyRequests   Off
            ProxyPassMatch ^/(.*.php)$ fcgi://{{ php_ip }}:9000/var/www/html/$1  
            <Directory "/usr/local/apache/htdocs">
                    Options none
                    AllowOverride none
                    Require all granted
            </Directory>
    </VirtualHost>
     
    //httpd.service.j2文件作为模板
    [root@ansible modules]# vim web/apache/templates/httpd.service.j2
    [Unit]
    Description = The httpd process manager
     
    [Service]
    Type = forking
    ExecStart = /usr/local/apache/bin/apachectl
    ExecReload = /usr/local/apache/bin/apachectl -s reload
    ExecStop = /usr/local/apache/apachectl -s stop
     
    [Install]
    WantedBy = multi-user.target
    
    //playbook
    [root@RedHat lamp]# cat web/apache/install.yml 
    ---
    - hosts: apache
      vars_files:
        - vars/httpd.yml
      tasks:
        - name: create user
          user:
            name: "{{ user }}"
            system: yes
            create_home: no
            shell: /sbin/nologin
            state: present
    
        - name: install base packages
          yum:
            name: "{{ item }}"
            state: present
          loop: "{{ packages }}" 
    
        - name: uncompress apr
          unarchive:
            src: packages/apr-1.7.0.tar.gz
            dest: /opt/
    
        - name: uncompress apr-util
          unarchive:
            src: packages/apr-util-1.6.1.tar.gz
            dest: /opt/
    
        - name: uncompress httpd
          unarchive:
            src: packages/httpd-2.4.46.tar.bz2
            dest: /opt/
    
        - name: install apr
          shell: sed -i 's/$RM "$cfgfile"/#$RM "$cfgfile"/' /opt/apr-1.7.0/configure && cd /opt/apr-1.7.0 && ./configure  --prefix=/usr/local/apr && make && make install 
    
        - name: install apr-util 
          shell: cd /opt/apr-util-1.6.1 && ./configure  --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && make && make install 
        
        - name: install httpd
          shell: cd /opt/httpd-2.4.46 && ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24  --enable-so  --enable-ssl  --enable-cgi  --enable-rewrite  --with-zlib  --with-pcre --with-apr=/usr/local/apr  --with-apr-util=/usr/local/apr-util/  --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork && make && make install
    
        - name: create export path
          shell: echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/httpd.sh && source /etc/profile.d/httpd.sh
    
        - name: systemctl httpd
          template:
            src: templates/httpd.service.j2
            dest: /usr/lib/systemd/system/httpd.service
    
        - name:
          shell: systemctl daemon-reload  

    mysql安装:

    //变量
    [root@RedHat lamp]# cat database/mysql/vars/mysql.yml 
    packages:
      - ncurses-devel
      - openssl-devel
      - openssl
      - cmake
      - mariadb-devel
      - ncurses-compat-libs 
    
    datadir: /mydata
    
    basedir: /usr/local
    
    user: mysql
    
    #创建my.cnf.j2文件做为模板
    [root@ansible modules]# vim databases/mysql/templates/my.cnf.j2
    [mysqld]
    basedir = {{ basedir }}/mysql
    datadir = {{ datadir }}
    socket = /tmp/mysql.sock
    port = 3306
    pid-file = {{ datadir }}/mysql.pid
    user = mysql
    skip-name-resolve
     
    //创建mysqld.servicej2文件做为模板
    [root@ansible modules]# vim databases/mysql/templates/mysqld.service.j2
    [Unit]
    Description=MySQL Server
    Documentation=man:mysqld(8)
    Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
    After=network.target
    After=syslog.target
     
    [Install]
    WantedBy=multi-user.target
     
    [Service]
    User=mysql
    Group=mysql
    Type=forking
    PIDFile={{ datadir }}/mysql.pid
    TimeoutSec=0
    PermissionsStartOnly=true
    ExecStart={{ basedir }}/mysql/bin/mysqld --daemonize --pid-file={{ datadir}}/mysql.pid $MYSQLD_OPTS
    LimitNOFILE = 5000
    Restart=on-failure
    RestartPreventExitStatus=1
    PrivateTmp=false
    
    //playbook
    [root@RedHat lamp]# cat database/mysql/install.yml 
    ---
    - hosts: mysql
      vars_files:
        - vars/mysql.yml
      tasks:
        - name: base packages
          yum:
            name: "{{ item }}"
            state: present
          loop: "{{ packages }}"
    
        - name: create user
          user:
            name: "{{ user }}"
            create_home: no
            system: yes
            shell: /sbin/nologin
            state: present
    
        - name: uncompress mysql
          unarchive:
            src: packages/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
            dest: "{{ basedir }}/"
            owner: mysql
            group: mysql
    
        - name: soft link
          file: 
            src: "{{ basedir }}/mysql-5.7.31-linux-glibc2.12-x86_64"
            dest: "{{ basedir }}/mysql"
            state: link
    
        - name: create export mysql
          shell: echo 'export PATH={{ basedir }}/mysql/bin:$PATH' > /etc/profile.d/myslq.sh && source /etc/profile.d/myslq.sh
        
        - name: create datadir
          file:
            path: "{{ datadir }}"
            owner: mysql
            group: mysql
            state: directory
    
        - name: initialize mysql
          shell: '{{ basedir }}/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir={{ datadir }}'    
          ignore_errors: yes
    
        - name: config file
          template:
            src: templeates/my.cnf.j2
            dest: /etc/my.cnf
          
        - name: systemctl mysqld
          template:
            src: templeates/my.service.j2
            dest: /usr/lib/systemd/system/mysqld.service
    
        - name: reload
          shell: systemctl daemon-reload 

    php安装:

    //变量
    [root@RedHat lamp]# cat application/php/vars/php.yml 
    packages:
      - libxml2
      - libxml2-devel
      - openssl
      - openssl-devel
      - bzip2
      - bzip2-devel
      - libcurl
      - libcurl-devel
      - libicu-devel
      - libjpeg
      - libjpeg-devel
      - libpng
      - libpng-devel
      - openldap-devel
      - pcre-devel
      - freetype
      - freetype-devel
      - gmp
      - gmp-devel
      - libmcrypt
      - libmcrypt-devel
      - readline
      - readline-devel
      - libxslt
      - libxslt-devel
      - mhash
      - mhash-devel
      - php-mysqlnd
      - php-*
    
    //playbook
    [root@RedHat lamp]# cat application/php/install.yml 
    ---
    - hosts: php
      vars_files:
        - vars/php.yml
      tasks:
        - name: base packages
          yum:
            name: "{{ item }}"
            state: present
          loop: "{{ packages }}"
    
        - name: config php socket
          lineinfile:
            path: /etc/php-fpm.d/www.conf
            regexp: '^listen ='
            line: listen = 0.0.0.0:9000 

     lamp:

    [root@RedHat lamp]# cat lamp/main.yml 
    ---
    - name: conf yum.repo                                       //导入操作
      import_playbook: ../base/yum.yml
     
    - name: httpd  
      import_playbook: ../web/apache/install.yml
     
    - name: mysql 
      import_playbook: ../database/mysql/install.yml
     
    - name: php 
      import_playbook: ../application/php/install.yml
     
    - hosts: apache                                             //替换模板
      vars_files:
        - ../web/apache/vars/httpd.yml
      tasks:
        - name: httpd config file
          template:
            src: ../web/apache/templates/httpd.j2
            dest: /etc/httpd24/httpd.conf
     
        - name: start httpd                                     //启动服务
          service:
            name: httpd
            enabled: yes
            state: started    
             
    - hosts: mysql                                             //启动服务
      vars_files:
        - ../database/mysql/vars/mysql.yml     
      tasks:
        - name: start mysql
          service:
            name: mysqld
            enabled: yes
            state: started    
     
        - name: set passwd                                    //修改密码
          shell: '{{ basedir }}/mysql/bin/mysql -uroot -e "set password = password("123")"' 
          ignore_errors: yes
     
    - hosts: php                                             //创建测试页面文件
      tasks:
        - name: index.php
          file:
            path: /var/www/html/index.php
            owner: apache
            group: apache
            state: touch
          
        - name: test index                                   //写入测试内容
          lineinfile:
            path: /var/www/html/index.php
            line: |
                <?php
                phpinfo();
                ?>
            state: present   
     
        - name: allow access to IP                            //修改监听IP
          lineinfile:
            path: /etc/php-fpm.d/www.conf
            regexp: '^listen.allowed_clients ='
            line: listen.allowed_clients = 192.168.220.20      
         
        - name: start php                                     //启动服务
          service:
            name: php-fpm
            state: started
            enabled: yes

    测试:

     

  • 相关阅读:
    ThinkPHP第八天(U函数放置在外部JS不会被解析,错误界面定制,错误信息变量)
    ThinkPHP第七天(F函数使用,项目分组配置,项目分组模板文件放置规则配置)
    thinkphp第二天
    ThinkPHP第五天(提交类型判定常量IS_POST等,错误页面种类,Model实例化方式,模板中使用函数,foreach循环,模板中.语法配置)
    高阶函数、函数嵌套和闭包
    递 归
    函数式编程
    命名空间
    函数的参数
    循环语句
  • 原文地址:https://www.cnblogs.com/lichouluoyu/p/14259483.html
Copyright © 2011-2022 走看看