使用roles实现一键部署nfs
环境准备
主机名 | 安装服务 | wan | lan |
---|---|---|---|
web01 | nfs客户端 | 10.0.0.7 | 172.16.1.7 |
web02 | nfs客户端 | 10.0.0.8 | 172.16.1.8 |
nfs | nfs服务端 | 10.0.0.9 | 172.16.1.9 |
backup | backup服务端 | 10.0.0.41 | 172.16.1.41 |
流程分析
1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户
1.安装nfs-utils
2.拷贝nfs配置文件
3.创建共享目录
4.启动nfs服务端
1.在nfs服务端安装sersync
2.拷贝sersync配置文件到nfs服务端
3.nfs服务端配置rsync密码文件
4.启动sersync
主机清单
[root@m01 ~]# vim /root/ansible/hosts
#[]标签名任意,但是最好不要用特殊符号(- | &)和大写字母,中文(不能是nginx)
#端口是22的时候可以省略
[web_group]
172.16.1.7 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.8 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.9 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[db_group]
172.16.1.51 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.52 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.53 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.54 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[nfs_group]
172.16.1.31 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[redis_group]
172.16.1.81 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[lb_group]
172.16.1.5 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.6 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[backup_group]
172.16.1.41 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[zabbix_group]
172.16.1.71 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[m01_group]
172.16.1.61 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[mtj_group]
172.16.1.202 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
################################服务端
nfs配置文件
{% for i in nfs_data_dir %}
/data/{{ i }} 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
{% endfor %}
#可以对nfs_data_dir定义多个值
#nfs_data_dir这个位置可以是变量·数组·range()
参考bash循环
pp="1 11 88 44 00"
for n in $pp;do
echo "${n}"
done
使用ansible-galaxy命令创建角色目录
[root@m01 roles]# ansible-galaxy init nfs_server
编辑tasks目录
1.安装
[root@m01 nfs_server]# vim tasks/install.yml
- name: Install nfs-utils
yum:
name: "{{ item }}"
state: present
loop:
- nfs-utils
2.创建目录
[root@m01 nfs_server]# vim tasks/dir.yml
- name: Create Directory
file:
path: "{{ item }}"
state: directory
owner: "{{ ww_w }}"
group: "{{ ww_w }}"
mode: 0755
recurse: yes
loop:
- "{{ nfs_data_dir }}"
3.copy配置文件
[root@m01 nfs_server]# vim tasks/config.yml
- name: content NFS Server
template:
src: exports.j2
dest: /etc/exports
owner: root
group: root
mode: 0644
notify:
- restart nfs
4.启动
[root@m01 nfs_server]# vim tasks/start.yml
- name: start nfs
service:
name: nfs
state: started
enabled: yes
5.编辑main.yml
[root@m01 nfs_server]# vim tasks/main.yml
- include: install.yml
- include: dir.yml
- include: config.yml
- include: start.yml
6.触发器
[root@m01 nfs_server]# vim handlers/main.yml
- name: restart nfs
systemd:
name: nfs-server
state: restarted
enabled: yes
7.编辑jinjia模板
[root@m01 nfs_server]# vim templates/exports.j2
{% for i in nfs_data_dir %}
{{ i }} 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
{% endfor %}
8.变量
[root@m01 nfs_server]# vim vars/main.yml
#nfs服务端被挂载的目录
nfs_data_dir:
- "/data"
- "/data/wowdpress"
- "/data/WeCenter"
#统一的用户
ww_w: www
编辑入口文件
[root@m01 roles]# vim site.yml
- hosts: all
roles:
#- { role: base }
#- { role: rsync_client,when: ansible_fqdn is match 'web*' }
#- { role: rsync_client,when: ansible_fqdn is match 'nfs*' }
#- { role: rsync_server,when: ansible_fqdn is match 'backup*' }
- { role: nfs_server,when: ansible_fqdn is match 'nfs*' }
执行
[root@m01 roles]# ansible-playbook site.yml
#####################客户端
使用ansible-galaxy命令创建角色目录
[root@m01 roles]# ansible-galaxy init nfs_client
编辑tasks目录
1.安装
[root@m01 nfs_client]# vim tasks/install.yml
- name: install nfs-utils
yum:
name: "{{ item }}"
state: present
loop:
- "nfs-utils"
2.创建目录
[root@m01 nfs_client]# vim tasks/dir.yml
- name: Create Directory
file:
path: "{{ item }}"
state: directory
owner: "{{ ww_w }}"
group: "{{ ww_w }}"
mode: 0755
recurse: yes
loop:
- "{{ mount_point}}"
3.启动
[root@m01 nfs_client]# vim tasks/start.yml
- name: start nfs
systemd:
name: nfs-server
state: started
enabled: yes
4.使用inclunde包含
[root@m01 nfs_client]# vim tasks/main.yml
- include: install.yml
- include: dir.yml
- include: start.yml
5.变量
[root@m01 nfs_client]# vim vars/main.yml
#统一用户
ww_w: www
#挂载点
mount_point:
- "/code/wordpress/wp-content/uploads/"
- "/code/WeCenter/uploads"
编辑入口文件
[root@m01 roles]# vim site.yml
- hosts: all
roles:
#- { role: base }
#- { role: rsync_client,when: ansible_fqdn is match 'web*' }
#- { role: rsync_client,when: ansible_fqdn is match 'nfs*' }
#- { role: rsync_server,when: ansible_fqdn is match 'backup*' }
#- { role: nfs_server,when: ansible_fqdn is match 'nfs*' }
- { role: nfs_client,when: ansible_fqdn is match 'web*' }
执行
[root@m01 roles]# ansible-playbook site.yml