playbook汇总: 剧本汇总 / / 角色汇总
准备工作
yum install ansible -y #安装ssh-keygen -C 123@mail #生成秘钥对ssh-copy-id user@ip #推送公钥cat ansible.cfg #配置ansible.cfg[defaults]inventory = ./hostshost_key_checking=false #关闭指纹验证gathering = smart #接入redisfact_caching_timeout = 86400fact_caching = redisfact_caching_connection = 172.16.1.7:6379
解决接入依赖问题:
yum install python-pip
pip install redis
vim hosts #主机清单
[lb]
10.0.0.5
10.0.0.06
[webservers]
172.16.1.7
172.16.1.8
172.16.1.9
[db]
172.16.1.51
[nfs]
172.16.1.31
[backup]
172.16.1.41
yum install ansible -y #安装
ssh-keygen -C 123@mail #生成秘钥对
ssh-copy-id user@ip #推送公钥
ansible webservers -m ping 执行ansible ad-hoc 测试 是否能与该清单定义的节点通讯
一,编写基础环境
创建项目目录:mkdir /project/{wordpress,wecenter,phpmyadmin,zrlog,roles/{besa,nginx,php-fpm,redis,nfs,sersync,mysql,tomcat,jumpserver,zabbix}}/{tasks,handlers,templates,meta} -pmkdir group_vars/yum install ansible -y
变量查询小技巧 ansible locathost -m setup > xxx.txt 方便查询
1.base
cat /roles/base/tasks/main.yml
- name: Disabled Firewall Server
systemd:
name: firewalld
state: present
enbaled: no
- name: Disabled Selinux Server
selinux:
state: absent
- name: Add Base And Epel repository
yum_repository:
name: "{{ item.name }}"
description: "{{ item.description }}"
baseurl: "{{ item.baseurl }}"
loop:
- { name: base, description: base, baseurl: https://mirrors.aliyun.com/repo/Centos-7.repo }
- { name: epel, description: epel, baseurl: http://mirrors.aliyun.com/repo/epel-7.repo }
gpgkey: no
- name: Add Nginx YUM Repo
yum_repository:
name:
description:
baseurl:
loop: { }
when:
- name: Add PHP-FPM YUM Repo
yum_repository:
name:
decription:
baseurl:
loop: {}
when:
- name: Install Rpm packages All
yum:
name:
loop:
-
- naem: Create Group WWW
- name: Create User WWW
- name: Add or Mdify Nofile limit
pam_limits:
domain: *
limit_type: "{{ }}"
limit_item: "{{ }}"
value: "{{ }}"
loop:
- { }
- { }
cat roles/redis/tasks/main.yml
- name: Install Redis Server
- name: Configure Redis Server
- name: Start Redis Server
准备模板配置文件vim roles/redis/handlers/main.yml
….
二,编写应用模块
1.redis
cat roles/redis/tasks/main.yml
- name: Install Redis Server
yum:
name: redis
state: present
- name: Configure Redis Server
template:
src: redis.conf.j2
dest: /etc/redis.conf
backup: yes
notify: Restart Redis Server
- name: Start Redis Server
systemd:
name: redis
state: started
----》handlers
cat coredis.conf.j2
bind 127.0.0.1 {{ ansible_eth1.ipv4.address}}
2.nginx
cat roles/nginx/tasks/main.yml
- name: Istall Nginx Server
yum:
name: nginx
state: present
- name: Configure Nginx Server
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
backup: yes
loop:
- { src: nginx.conf.j2 ,dest: /etc/nginx/nginx.conf }
- { src: fastcgi_params.j2, dest: /etc/nginx/fastcgi_params }
notify: Restart Nginx Server
- name: Started Nginx Server
systemd:
name: nginx
state: started
enabled: yes
3.php-fpm
cat roles/php-fpm/tasks/main.yml
- name: Install Php-fpm Server
yum:
name: "{{ item }}"
state: present
loop:
- php71w
- php71w-cli
- php71w-common
- php71w-devel
- php71w-embedded
- php71w-gd
- php71w-mcrypt
- php71w-mbstring
- php71w-pdo
- php71w-xml
- php71w-fpm
- php71w-mysqlnd
- php71w-opcache
- php71w-pecl-memcached
- php71w-pecl-redis
- php71w-pecl-mongodb
- name: Configure Php-fpm Server
template:
src: "{{item.src}}"
dest: "{{ item.dest}}"
backup: yes
loop:
- { src: php.ini.j2 , dest: /etc/php.ini }
- { src: www.conf.j2 ,dest: /etc/php-fpm.d/www.conf }
notify: Restart Php-fpm Server
- name: Start Php-fpm Server
systemd:
name: php-fpm
state: started
4.nfs
cat roles/nfs/tasks/main.yml
- name: Install Nfs Server
ynm:
name: nfs-utils
state: prensent
- name: Configure Nfs Server
template:
src: exports.j2
dest: /etc/exports
notify: Restart Nfs Server
backup: yes
- name: Create Derictory
file:
path: /data
state: derictory
owner: "{{ server_usr }}"
group: "{{ server_grp }}"
mode: 0755
- name: Start Nfs Server
systemd:
name: nfs
state: started
enabled: yes
5.rsync
cat rsync/tasks/main.yml
- name: Install Rsync Server
yum:
name: rsync
state: present
- name: Configure Rsync Server
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- {src: rsyncd.conf.j2 , dest: /etc/rsyncd.conf , mode: "0644" }
- {src: rsync.password.j2 , dest: /etc/rsync.passwd, mode: "0600" }
notify: Restart Rsync Server
- name: Create Rsync Server Directory
file:
path: /backup
state: directory
owner: www
group: www
- name: Started Rsync Server
systemd:
name: rsyncd
state: started
enabled: yes
[root@manager ansible_roles_prod]# cat rsync/handlers/main.yml
- name: Restart Rsync Server
systemd:
name: rsyncd
state: restarted
[root@manager ansible_roles_prod]# cat rsync/templates/rsync.password.j2
rsync_backup:oldxu123
[root@manager ansible_roles_prod]# cat rsync/templates/rsyncd.conf.j2
uid = www gid = www port = 873 fake super = yes use chroot = no max connections = 200 timeout = 600 ignore errors read only = false list = false auth users = rsync_backup secrets file = /etc/rsync.passwd log file = /var/log/rsyncd.log
[backup] path = /backup
6.tomcat
7.mysql
8.proxy
9.keepalive
[root@manager ansible_roles]# cat keepalived.yml
- name: Install Keepalived Server
yum:
name: keepalived
state: present
- name: Configure Keepalived Server
template:
src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
notify: Restart Keepalived Server
- name: Started Keepalived Server
systemd:
name: keepalived
state: started
enabled: yes
handlers:
- name: Restart Keepalived Server
systemd:
name: keepalived
state: restarted
cat keepalived.conf.j2
global_defs {
router_id {{ ansible_hostname }}
}
vrrp_instance VI_1 {
{% if ansible_hostname == "lb01" %}
state MASTER
priority 200
{% elif ansible_hostname == "lb02" %}
state BACKUP
priority 100
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
三,接入项目
- Wecenter 集群搭建
(wordpress项目web搭建好以后先进入页面配置好在接入proxy)
cat wecenter/tasks/main.yml
- name: Create Web Site Code Directory
file:
path: "{{ code_path }}"
state: directory
group: "{{ server_usr }}"
owner: "{{ server_grp }}"
recurse: yes
- name: Copy Wecent Code
unarchive:
src: WeCenter_3-3-5.zip
dest: "{{ code_path }}"
owner: "{{server_usr}}"
group: "{{ server_usr }}"
ignore_errors: yes
- name: Configure Nginx Virtual
template:
src: zh.oldboyedu.com.conf.j2
dest: /etc/nginx/conf.d/zh.oldboyedu.com.conf
notify: Restarted Ngixn Server
- name: Check Nginx Configure file
shell: nginx -t
register: check_ngx
changed_when:
- false
- check_ngx.stdout.find('successful')
cat wecenter/templates/zh.oldboyedu.com.conf.j2
server {
listen {{ansible_eth0.ipv4.address}}:80;
server_name {{ zh_server}};
root {{ code_path }};
location / {
index index.php;
}
location ~\.php$ {
fastcgi_pass 172.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
- phpmysqladmin项目接入 ```bash
- name: Init Nginx Virtual Host file: path: /code_php state: directory owner: www group: www recurse: yes
- name: Copy Code unarchive: src: ./phpMyAdmin-5.0.2-all-languages.zip dest: /ansible_code/ owner: www group: www handlers:
- name: Restart Nginx PHP Server systemd: name: “{{ item }}” state: restarted loop: - nginx - php-fpm ```
若有收获,就点个赞吧
0 人点赞
