Ansible综合案例

架构图

Ansible综合案例 - 图1

分步剧本执行

初始配置

  • 修改主机清单文件
  1. [root@server1 ~]# vim /etc/ansible/hosts
  2. [all_ip]
  3. 192.168.31.10
  4. 192.168.31.20
  5. 192.168.31.30
  6. 192.168.31.40
  7. 192.168.31.50
  8. 192.168.31.60
  10. [all_hostname]
  11. server1
  12. server2
  13. server3
  14. server4
  15. server5
  16. server6
  18. [nginx]
  19. server2
  21. [apache]
  22. server3
  23. server4
  25. [mariadb]
  26. server5
  28. [nfs]
  29. server6
  • 配置ssh免密登录
  1. [root@server1 ~]# ssh-keygen 
  2. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.10
  3. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.20
  4. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.30
  5. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.40
  6. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.50
  7. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.60

主机名服务

  • 创建hosts文件模板
  1. [root@server1 ~]# vim /template/hosts.j2
  2. 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
  3. ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
  6. {% for host in groups.all_ip %}
  7. {{hostvars[hosts].ansible_ens33.ipv4.address}} {{hostvars[hosts].ansible_hostname}}
  8. {% endfor %}
  • 编写剧本
  1. [root@server1 ~]# vim /playbook/hosts.yml
  2. - name: Config hosts file
  3.   hosts: all_ip
  4.   remote_user: root
  6.   tasks:
  7.   - name: copy hosts.j2 to group servers
  8.     template:
  9.       src: /template/hosts.j2
  10.       dest: /etc/hosts
  • 执行剧本
  1. [root@server1 playbook]# ansible-playbook hosts.yml
  • 测试连通性
  1. [root@server1 ~]# ping server1
  2. [root@server1 ~]# ping server2
  3. [root@server1 ~]# ping server3
  4. [root@server1 ~]# ping server4
  5. [root@server1 ~]# ping server5
  6. [root@server1 ~]# ping server6

更换阿里源

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init ali_yum_repo

  • 更换阿里yum源

    • 使用file模块把所有受控节点的/etc/yum.repos.d/下的所有文件删除
    • 再使用copy模块把准备好的.repo文件copy到所有受控节点
  1. [root@server1 roles]# vim ali_yum_repo/tasks/main.yml 
  2. ---
  3. # tasks file for ali_yum_repo
  4. - name: Find files in yum.repos.d/*
  5.   find:
  6.     paths: /etc/yum.repos.d/
  7.     patterns: '*'
  8.   register: files_to_delete
  10. - name: Remove original yum.repos.d/*
  11.   file:
  12.     path: "{{ item.path }}"
  13.     state: absent
  14.   with_items: "{{ files_to_delete.files }}"
  16. - name: Copy aliyun yum.repo to all nodes
  17.   copy:
  18.     src: /etc/ansible/roles/ali_yum_repo/files/yum.repo
  19.     dest: /etc/yum.repos.d/yum.repo
  • 编写剧本
  1. [root@server1 roles]# vim yum_repo_role_use.yml
  3. - name: Updata all nodes yum.repo file
  4.   hosts: all_hostname
  5.   roles:
  6.   - ali_yum_repo
  • 执行剧本
  1. [root@server1 roles]# ansible-playbook yum_repo_role_use.yml

部署Nginx

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init nginx
  • 部署Nginx
  1. [root@server1 roles]# vim nginx/tasks/main.yml 
  2. ---
  3. # tasks file for nginx
  4. - name: yum install epel
  5.   yum:
  6.     name: epel-release.noarch
  7.     state: present
  9. - name: yum install nginx
  10.   yum:
  11.     name: nginx
  12.     state: present
  14. - name: stop firewalld
  15.   service:
  16.     name: firewalld
  17.     state: stopped
  19. - name: start nginx
  20.   service:
  21.     name: nginx
  22.     state: restarted
  23.     enable: yes
  • 编写剧本
  1. [root@server1 roles]# vim nginx_install.yml
  3. - name: install nginx
  4.   hosts: server2
  6.   roles:
  7.   - nginx
  • 执行剧本
  1. [root@server1 roles]# ansible-playbook nginx_install.yml
  • 测试网站
  1. [root@server1 ~]# curl server2 -I
  2. HTTP/1.1 200 OK
  3. Server: nginx/1.20.1
  4. Date: Mon, 07 Mar 2022 15:00:51 GMT
  5. Content-Type: text/html
  6. Content-Length: 4833
  7. Last-Modified: Fri, 16 May 2014 15:12:48 GMT
  8. Connection: keep-alive
  9. ETag: "53762af0-12e1"
  10. Accept-Ranges: bytes

部署Apache

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init apache
  • 部署Apache
  1. [root@server1 roles]# vim apache/tasks/main.yml
  2. ---
  3. # tasks file for apache
  4. - name: Install lamp environment
  5.   yum:
  6.     name: httpd,php-fpm,php-mysql,mod_php
  7.     state: present
  9. - name: Start httpd
  10.   service:
  11.     name: httpd
  12.     state: restarted
  14. - name: Start php-fpm
  15.   service:
  16.     name: php-fpm
  17.     state: restarted
  • 编写剧本
  1. [root@server1 roles]# vim lamp_install.yml
  2. - name: prepare lamp
  3.   hosts: apache
  5.   roles:
  6.   - apache
  • 执行剧本
  1. [root@server1 roles]# ansible-playbook lamp_install.yml

负载均衡

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init nginx_lb
  • 创建负载均衡配置文件
  1. [root@server1 roles]# vim nginx_lb/templates/lb.conf.j2
  2. upstream webservers{
  3.     server server3;
  4.     server server4;
  5. }
  6. server{
  7.     listen 8080;
  8.     server_name 192.168.31.20:8080;
  9.     location / {
  10.     proxy_pass http://webservers;
  11. }
  12. }
  • 拷贝配置文件
  1. [root@server1 roles]# vim nginx_lb/tasks/main.yml 
  2. ---
  3. # tasks file for nginx_lb
  4. - name: configure nginx lb conf file
  5.   template:
  6.     src: /etc/ansible/roles/nginx_lb/templates/lb.conf.j2
  7.     dest: /etc/nginx/conf.d/lb.conf
  9. - name: restart nginx
  10.   service:
  11.     name: nginx
  12.     state: restarted
  • 编写剧本
  1. [root@server1 roles]# vim nginx_lb.yml
  2. - name: configure nginx lb server
  3.   hosts: server2
  4.   roles:
  5.   - nginx_lb
  • 执行剧本
  1. [root@server1 roles]# ansible-playbook nginx_lb.yml

部署Mariadb

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init mariadb
  • 部署Mariadb
  1. [root@server1 roles]# vim mariadb/tasks/main.yml 
  2. ---
  3. # tasks file for mariadb
  4. - name: yum install mariadb
  5.   yum:
  6.     name: mariadb-server
  7.     state: present
  9. - name: stop firewalld
  10.   service:
  11.     name: firewalld
  12.     state: stopped
  14. - name: start mariadb
  15.   service:
  16.     name: mariadb
  17.     state: restarted
  • 编写剧本
  1. [root@server1 roles]# vim mariadb_install.yml
  2. - name: install mariadb
  3.   hosts: mariadb
  5.   roles:
  6.   - mariadb
  • 运行剧本
  1. [root@server1 roles]# ansible-playbook mariadb_install.yml

部署逻辑卷

  • 创建角色
  1. [root@server1 roles]# ansible-galaxy init lvm_create
  • 使用parted模块创建分区,使用lvg模块创建卷组,使用lvol模块创建逻辑卷,再把逻辑卷挂载到本地文件夹
  1. [root@server1 roles]# vim lvm_create/tasks/main.yml  
  2. ---
  3. # tasks file for lvm_create
  4. - name: create partion            # 创建分区
  5.   parted:
  6.     device: /dev/sdb
  7.     number: 1
  8.     flags: [ lvm ]
  9.     state: present
  10.     part_start: 1MiB
  11.     part_end: 2GiB
  13. - name: create vg                # 创建卷组
  14.   lvg:
  15.     vg: vg-nfs
  16.     pvs: /dev/sdb1
  19. - name: create lvm 1G            # 创建逻辑卷
  20.   lvol:
  21.     vg: vg-nfs
  22.     lv: lv-nfs
  23.     size: 1G
  25. - name: format lv-nfs            # 格式化
  26.   filesystem:
  27.     fstype: ext4
  28.     dev: /dev/vg-nfs/lv-nfs
  30. - name: mkdir nfs dir            # 创建挂载目录
  31.   file:
  32.     path: /nfs
  33.     state: directory
  35. - name: mount lvm                # 挂载逻辑卷
  36.   mount:
  37.     path: /nfs
  38.     src: /dev/vg-nfs/lv-nfs
  39.     fstype: ext4
  40.     state: mounted
  41.     opts: noatime
  • 编写剧本
  1. [root@server1 roles]# vim lvm_create.yml
  3. - name: Create lvm for nfs
  4.   hosts: nfs
  6.   roles:
  7.     - lvm_create
  • 执行剧本
  1. [root@server1 ~]# ansible-playbook lvm_create.yml
  • 在server6上检验

Ansible综合案例 - 图2

整体剧本执行

  • server1中需要用到每一个角色tasks/main.yml文件(定义任务列表),以及/template/hosts.j2文件
  1. [root@server1 roles]# ansible-galaxy list
  2. # /usr/share/ansible/roles
  3. # /etc/ansible/roles
  4. - ali_yum_repo, (unknown version)
  5. - nginx, (unknown version)
  6. - nginx_lb, (unknown version)
  7. - apache, (unknown version)
  8. - mariadb, (unknown version)
  9. - lvm_create, (unknown version)
  • server2-server6都是纯净环境
  • 配置ssh免密登录
  1. [root@server1 ~]# ssh-keygen 
  2. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.10
  3. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.20
  4. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.30
  5. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.40
  6. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.50
  7. [root@server1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.31.60
  • 编写剧本文件
  1. [root@server1 roles]# vim all.yaml
  2. - name: update hosts file            # 更新hosts文件
  3.   hosts: all_ip
  4.   remote_user: root
  5.   tasks:
  6.   - name: copy hosts.j2 to group servers
  7.     template:
  8.       src: /template/hosts.j2
  9.       dest: /etc/hosts
  11. - name: update yum.repo file        # 换源
  12.   hosts: all_hostname
  13.   remote_user: root
  14.   tasks:
  15.   - include_tasks: /etc/ansible/roles/ali_yum_repo/tasks/main.yml
  17. - name: install nginx                # 部署nginx
  18.   hosts: nginx
  19.   remote_user: root
  20.   tasks:
  21.   - include_tasks: /etc/ansible/roles/nginx/tasks/main.yml
  23. - name: install apache                # 部署apache
  24.   hosts: apache
  25.   remote_user: root
  26.   tasks:
  27.   - include_tasks: /etc/ansible/roles/apache/tasks/main.yml
  29. - name: install mariadb                # 部署mariadb
  30.   hosts: mariadb
  31.   remote_user: root
  32.   tasks:
  33.   - include_tasks: /etc/ansible/roles/mariadb/tasks/main.yml
  35. - name: configure nginx lb server    # 负载均衡
  36.   hosts: nginx
  37.   remote_user: root
  38.   tasks:
  39.   - include_tasks: /etc/ansible/roles/nginx_lb/tasks/main.yml
  41. - name: create lvm for nfs            # 创建逻辑卷
  42.   hosts: nfs
  43.   remote_user: root
  44.   tasks:
  45.   - include_tasks: /etc/ansible/roles/lvm_create/tasks/main.yml
  • 执行剧本
  1. [root@server1 roles]# ansible-playbook all.yaml

Ansible综合案例 - 图3

只需要准备好角色以及它们的一些任务列表,然后再进行统一的剧本配置就可以只需要在一台机器上通过一个命令就可以完成部署,由此可见Ansible的自动化部署的强大性