ansible环境安装及数据恢复
配置免密登录服务器及下载备份文件
#!/bin/bash BACKUP=192.168.30.233 #一行写一个IP BACKUP_PASSWD="lxzl_root*#2021" #root密码 MYSQLBACKUP=192.168.30.232 #一行写一个IP MYSQLBACKUP_PASSWD="lxzl_root*#2021" #root密码 #检查是否安装expect function init { rpm -qa | grep expect if [[ $? == 0 ]]; then echo "expect已安装" else yum -y install expect fi #抓取服务器IP及写入hosts文件 sed -n "/^\[$1/,/^$/p" /etc/ansible/init_server/hosts | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > /etc/ansible/init_server/ip.list && sed -n "/^\[$1/,/^$/p" /etc/ansible/init_server/hosts >> /etc/ansible/hosts } #function ssh_hosts { #sed -n '/^\[$1/,/^$/p' /etc/ansible/init_server/hosts | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' > /etc/ansible/init_server/ip.list && sed -n '/^\[$1/,/^$/p' /etc/ansible/init_server/hosts >> /etc/ansible/hosts # SERVERS=`cat /etc/ansible/init_server/ip.list` #一行写一个IP # PASSWD="123456" #root密码 # for server in $Server # do # sshcopyid # done #} #BACKUP=192.168.30.233 #一行写一个IP #BACKUP_PASSWD="lxzl_root*#2021" #root密码 #输入免密服务器密码函数 function sshcopyid { expect -c " set timeout -1; spawn ssh-copy-id $1; expect { \"yes/no\" { send \"yes\r\" ;exp_continue; } \"password:\" { send \"$PASSWD\r\";exp_continue; } }; interact " } #免密登录备份服务器拉去备份文件 function backup_sshcopyid { expect -c " set timeout -1; spawn ssh-copy-id $1; expect { \"yes/no\" { send \"yes\r\" ;exp_continue; } \"password:\" { send \"$BACKUP_PASSWD\r\";exp_continue; } }; interact " } #免密登录MYSQL备份服务器拉去备份文件 function mysqlbackup_sshcopyid { expect -c " set timeout -1; spawn ssh-copy-id $1; expect { \"yes/no\" { send \"yes\r\" ;exp_continue; } \"password:\" { send \"$MYSQLBACKUP_PASSWD\r\";exp_continue; } }; interact " } #ansible配置免密登录部署服务器 function ssh_server { SERVERS=`cat /etc/ansible/init_server/ip.list` #一行写一个IP PASSWD="LXZLProSvr4ROOT*#2021" #root密码 #PASSWD="123456" #root密码 for server in $SERVERS do sshcopyid $server done } #下载代理备份文件 function proxy { ansible_nginx=/etc/ansible/init_server/roles/nginx/files/ if [ $1 == "NGINX" ];then scp $BACKUP:/lxserver/backup/Nginx/192.168.0.10/`date +%F`/*.tar.gz $ansible_nginx #/etc/ansible/init_server/roles/nginx/files/ rm -rf nginx && tar xzf nginx_10.tar.gz ssh_server elif [ $1 == "JENKINS" ];then scp $BACKUP:/lxserver/backup/Nginx/192.168.0.120/`date +%F`/*.tar.gz $ansible_nginx #/etc/ansible/init_server/roles/nginx/files/ rm -rf nginx && tar xzf nginx_120.tar.gz ssh_server elif [ $1 == "SLB" ];then scp $BACKUP:/lxserver/backup/Nginx/192.168.0.200/`date +%F`/*.tar.gz $ansible_nginx #/etc/ansible/init_server/roles/nginx/files/ rm -rf nginx && tar xzf nginx_200.tar.gz ssh_server else exit fi } #下载NoSql备份文件 function Nosql { scp $BACKUP:/lxserver/backup/MongoDB/192.168.0.71/`date +%F -d "1 days ago"`/*.tar.gz /etc/ansible/init_server/roles/mongodb/files/ } #下载MYSQL备份文件 function mysql { ansible_mysql=/etc/ansible/init_server/roles/mysql/files/ if [ $1 == "ERPMYSQL" ];then rm -f $ansible_mysql/*.sql.gz scp $MYSQLBACKUP:/lxserver/backup/MySQL/192.168.0.82/`date +%F -d "1 days ago"`/*.sql.gz $ansible_mysql #rm -rf nginx && tar xzf nginx_10.tar.gz ssh_server elif [ $1 == "AMSMYSQL" ];then rm -f $ansible_mysql/*.sql.gz scp $MYSQLBACKUP:/lxserver/backup/MySQL/192.168.0.84/`date +%F -d "1 days ago"`/*.sql.gz $ansible_mysql #/etc/ansible/init_server/roles/nginx/files/ #rm -rf nginx && tar xzf nginx_120.tar.gz ssh_server elif [ $1 == "HSCSMYSQL" ];then rm -f $ansible_mysql/*.sql.gz scp $MYSQLBACKUP:/lxserver/backup/MySQL/192.168.0.162/`date +%F -d "1 days ago"`/*.sql.gz $ansible_mysql #/etc/ansible/init_server/roles/nginx/files/ #rm -rf nginx && tar xzf nginx_200.tar.gz ssh_server elif [ $1 == "WMSMYSQL" ];then rm -f $ansible_mysql/*.sql.gz scp $MYSQLBACKUP:/lxserver/backup/MySQL/192.168.0.164/`date +%F -d "1 days ago"`/*.sql.gz $ansible_mysql #/etc/ansible/init_server/roles/nginx/files/ #rm -rf nginx && tar xzf nginx_200.tar.gz ssh_server elif [ $1 == "ALMMYSQL" ];then rm -f $ansible_mysql/*.sql.gz scp $MYSQLBACKUP:/lxserver/backup/MySQL/192.168.0.166/`date +%F -d "1 days ago"`/*.sql.gz $ansible_mysql #/etc/ansible/init_server/roles/nginx/files/ #rm -rf nginx && tar xzf nginx_200.tar.gz ssh_server else exit fi } #main函数 function main { if [ $1 == "NGINX" -o $1 == "SLB" -o $1 == "JENKINS" ];then init #备份服务器 backup_sshcopyid $BACKUP proxy $1 elif [ $1 == "NoSql" ];then init backup_sshcopyid $BACKUP Nosql $1 ssh_server elif [ $1 == "HSCS-NoSql" -o $1 == "APP" -o $1 == "KAFKA" -o $1 == "FASTDFS" -o $1 == "SERVER" ];then init ssh_server elif [ $1 == "ERPMYSQL" -o $1 == "HSCSMYSQL" -o $1 == "AMSMYSQL" -o $1 == "WMSMYSQL" -o $1 == "ALMMYSQL" -o $1 == "MYSQL" ];then init ssh_server mysqlbackup_sshcopyid $MYSQLBACKUP mysql $1 #ssh_server else echo "输入参数错误,请输入:APP | NGINX | SLB | JENKINS | NoSql | HSCS-NOSQL | KAFKA | FASTDFS | SERVER | ERPMYSQL | AMSMYSQL | HSCSMYSQL | WMSMYSQL | ALMMYSQL" exit fi } #程序入口 main $1
安装配置redis
cat HSCS-Init_Nosql.yml - name: init server #gather_facts: False remote_user: root hosts: Hscs-NoSql roles: - init - hscs-redis
安装配置mongodb及数据恢复
cat roles/mongodb/tasks/main.yml - name: copy install package copy: src: "{{ item }}" dest: /root with_items: - mongodb-org-4.0.1-1.el7.x86_64.rpm - mongodb-org-server-4.0.1-1.el7.x86_64.rpm - mongodb-org-mongos-4.0.1-1.el7.x86_64.rpm - mongodb-org-shell-4.0.1-1.el7.x86_64.rpm - mongodb-org-tools-4.0.1-1.el7.x86_64.rpm - name: install mongod shell: yum localinstall -y /root/mongodb-* && rm -f /root/mongodb-* /etc/mongo* && rm -f /usr/lib/systemd/system/mongo* - name: copy mongo service && conf copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mongod19000.conf', dest: '/etc/', mode: '0644' } - { src: 'mongod19001.conf', dest: '/etc/', mode: '0644' } - { src: 'mongod19000.service', dest: '/usr/lib/systemd/system', mode: '0644' } - { src: 'mongod19001.service', dest: '/usr/lib/systemd/system', mode: '0644' } - name: mkdir dir file: path: "{{ item }}" state: directory with_items: - /var/run/mongodb19000 - /var/lib/mongo19000 - /var/log/mongodb19000 - /var/run/mongodb19001 - /var/lib/mongo19001 - /var/log/mongodb19001 - name: Unarchive a file that is already on the remote machine unarchive: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mongodb_71_19000_all.tar.gz', dest: '/var/lib/mongo19000', mode: '0755' } - { src: 'mongodb_71_19001_all.tar.gz', dest: '/var/lib/mongo19001', mode: '0755' } - name: daemon-reload shell: systemctl daemon-reload - name: systemctl start service: name: "{{ item }}" state: started enabled: yes with_items: - mongod19000 - mongod19001 - name: 19000 restore data shell: mongorestore -h 127.0.0.1:19000 -d "{{ item.name }}" "{{ item.path }}" with_items: - { name: 'workflow', path: '/var/lib/mongo19000/mongodb_71_19000_all/workflow' } - { name: 'risk_system', path: '/var/lib/mongo19000/mongodb_71_19000_all/risk_system' } - { name: 'admin', path: '/var/lib/mongo19000/mongodb_71_19000_all/admin' } - name: 19001 restore data shell: mongorestore -h 127.0.0.1:19001 -d "{{ item.name }}" "{{ item.path }}" with_items: - { name: 'tencent_qm_status', path: '/var/lib/mongo19001/mongodb_71_19001_all/tencent_qm_status' } - { name: 'lxzl_message', path: '/var/lib/mongo19001/mongodb_71_19001_all/lxzl_message' } - { name: 'admin', path: '/var/lib/mongo19001/mongodb_71_19001_all/admin' } - name: 19000 restore data shell: mongorestore -h 127.0.0.1:19000 -u '{{ item.user}}' -p '{{ item.password}}' -d "{{ item.name }}" "{{ item.path }}" with_items: - { user: 'workflow', password: 'workflow', name: 'workflow', path: '/var/lib/mongo19000/mongodb_71_19000_all/workflow' } - { user: 'risk_system', password: 'risk_system', name: 'risk_system', path: '/var/lib/mongo19000/mongodb_71_19000_all/risk_system' } - { user: 'root', password: 'lx_root*#2020', name: 'admin', path: '/var/lib/mongo19000/mongodb_71_19000_all/admin' } - name: 19001 restore data shell: mongorestore -h 127.0.0.1:19001 -u '{{ item.user}}' -p '{{ item.password}}' -d "{{ item.name }}" "{{ item.path }}" with_items: - { user: 'tencent_qm_status', password: 'tencent_qm_status', name: 'tencent_qm_status', path: '/var/lib/mongo19001/mongodb_71_19001_all/tencent_qm_status' } - { user: 'lxzl_message', password: 'lxzl_message', name: 'lxzl_message', path: '/var/lib/mongo19001/mongodb_71_19001_all/lxzl_message' } - { user: 'root', password: 'lx_root*#2020', name: 'admin', path: '/var/lib/mongo19001/mongodb_71_19001_all/admin' } shell: systemctl daemon-reload - name: systemctl start service: name: "{{ item }}" state: started enabled: yes with_items: - mongod19000 - mongod19001 - name: reboot shell: reboot
cat Init_Mysql.yml - name: init server gather_facts: False remote_user: root hosts: Mysql vars: - key: 164 #主机变量,指定后续恢复那台mysql数据 roles: - init - mysql
安装配置mysql及数据恢复
cat roles/mysql/tasks/main.yml - name: copy mysql copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql-community-common-5.7.11-1.el7.x86_64.rpm', dest: '/opt', mode: '0644' } - { src: 'mysql-community-libs-5.7.11-1.el7.x86_64.rpm', dest: '/opt', mode: '0644' } - { src: 'mysql-community-libs-compat-5.7.11-1.el7.x86_64.rpm', dest: '/opt', mode: '0644' } - { src: 'mysql-community-client-5.7.11-1.el7.x86_64.rpm', dest: '/opt', mode: '0644' } - { src: 'mysql-community-server-5.7.11-1.el7.x86_64.rpm', dest: '/opt', mode: '0644' } #- name: stop mariadb # service: # name: mariadb # state: stopped - name: remove mariadb yum: name: mariadb state: absent - name: install mysql yum: name: "{{ packages }}" vars: packages: - /opt/mysql-community-common-5.7.11-1.el7.x86_64.rpm - /opt/mysql-community-libs-5.7.11-1.el7.x86_64.rpm - /opt/mysql-community-libs-compat-5.7.11-1.el7.x86_64.rpm - /opt/mysql-community-client-5.7.11-1.el7.x86_64.rpm - /opt/mysql-community-server-5.7.11-1.el7.x86_64.rpm - name: copy mysql config file copy: src='my.cnf' dest='/etc/' mode='0644' - name: start mysqld service: name: mysqld state: started enabled: yes - name: copy change password copy: src: "mysql.sh" dest: "/root" - name: chang root password shell: sh /root/mysql.sh - name: copy AMS file that is already on the remote machine copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql_84_db_lxzl_ams_admin.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_db_lxzl_ams.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_db_lxzl_ams_workflow.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_db_lxzl_nacos.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_db_lxzl_openapi.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_db_lxzl_rules_engine.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_84_mysql.sql.gz', dest: '/root', mode: '0644' } when: key == 84 - name: gzip backup file shell: cd /root && gzip -d {{ item }} with_items: - mysql_84_db_lxzl_ams_admin.sql.gz - mysql_84_db_lxzl_ams.sql.gz - mysql_84_db_lxzl_ams_workflow.sql.gz - mysql_84_db_lxzl_nacos.sql.gz - mysql_84_db_lxzl_openapi.sql.gz - mysql_84_db_lxzl_rules_engine.sql.gz - mysql_84_mysql.sql.gz when: key == 84 - name: copy ERP file that is already on the remote machine copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql_82_db_lxzl_app.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_bank_enterprise.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_bill.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_contract.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_coupon.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_datacenter.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_dingding.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_erp.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_file_gateway.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_message_gateway.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_oauth.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_payment_gateway.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_product.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_risk_system.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_sap_assets_modification.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_sms.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_worker.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_workflow.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_db_lxzl_zl_jd.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_82_mysql.sql.gz', dest: '/root', mode: '0644' } when: key == 82 - name: gzip backup file shell: cd /root && gzip -d {{ item }} with_items: - mysql_82_db_lxzl_app.sql.gz - mysql_82_db_lxzl_bank_enterprise.sql.gz - mysql_82_db_lxzl_bill.sql.gz - mysql_82_db_lxzl_contract.sql.gz - mysql_82_db_lxzl_coupon.sql.gz - mysql_82_db_lxzl_datacenter.sql.gz - mysql_82_db_lxzl_dingding.sql.gz - mysql_82_db_lxzl_erp.sql.gz - mysql_82_db_lxzl_file_gateway.sql.gz - mysql_82_db_lxzl_message_gateway.sql.gz - mysql_82_db_lxzl_oauth.sql.gz - mysql_82_db_lxzl_payment_gateway.sql.gz - mysql_82_db_lxzl_product.sql.gz - mysql_82_db_lxzl_risk_system.sql.gz - mysql_82_db_lxzl_sap_assets_modification.sql.gz - mysql_82_db_lxzl_sms.sql.gz - mysql_82_db_lxzl_worker.sql.gz - mysql_82_db_lxzl_workflow.sql.gz - mysql_82_db_lxzl_zl_jd.sql.gz - mysql_82_mysql.sql.gz when: key == 82 - name: copy HSCSMYSQL file that is already on the remote machine copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql_162_db_lxzl_hscs.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_162_mysql.sql.gz', dest: '/root', mode: '0644' } when: key == 162 - name: shell: cd root && gzip -d {{ item }} with_items: - mysql_162_db_lxzl_hscs.sql.gz - mysql_162_mysql.sql.gz when: key == 162 - name: copy WMSMYSQL file that is already on the remote machine copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql_164_db_lxzl_purchase.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_164_db_lxzl_sap.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_164_db_lxzl_wms.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_164_mysql.sql.gz', dest: '/root', mode: '0644' } when: key == 164 - name: shell: cd /root && gzip -d {{ item }} with_items: - mysql_164_db_lxzl_purchase.sql.gz - mysql_164_db_lxzl_sap.sql.gz - mysql_164_db_lxzl_wms.sql.gz - mysql_164_mysql.sql.gz when: key == 164 - name: copy ALMMYSQL file that is already on the remote machine copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" with_items: - { src: 'mysql_166_halm_atn.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_mdm.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_mmt.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_mtc.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_open.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_platform.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_halm_ppm.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_file.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_governance.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_import.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_interface.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_message.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_platform.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_hzero_scheduler.sql.gz', dest: '/root', mode: '0644' } - { src: 'mysql_166_mysql.sql.gz', dest: '/root', mode: '0644' } when: key == 166 - name: shell: cd /root && gzip -d {{ item }} with_items: - mysql_166_halm_atn.sql.gz - mysql_166_halm_mdm.sql.gz - mysql_166_halm_mmt.sql.gz - mysql_166_halm_mtc.sql.gz - mysql_166_halm_open.sql.gz - mysql_166_halm_platform.sql.gz - mysql_166_halm_ppm.sql.gz - mysql_166_hzero_file.sql.gz - mysql_166_hzero_governance.sql.gz - mysql_166_hzero_import.sql.gz - mysql_166_hzero_interface.sql.gz - mysql_166_hzero_message.sql.gz - mysql_166_hzero_platform.sql.gz - mysql_166_hzero_scheduler.sql.gz - mysql_166_mysql.sql.gz when: key == 166 - name: DELETE GTID SQL shell: sed -i "/^SET\ \@\@GLOBAL.GTID_PURGED/,/^$/d" /root/*.sql - name: restore data shell: cd /root && mysql -uroot -p'lx_root*#2020' < {{ item }} with_items: - mysql_84_db_lxzl_ams_admin.sql - mysql_84_db_lxzl_ams.sql - mysql_84_db_lxzl_ams_workflow.sql - mysql_84_db_lxzl_nacos.sql - mysql_84_db_lxzl_openapi.sql - mysql_84_db_lxzl_rules_engine.sql - mysql_84_mysql.sql when: key == 84 - name: restore data shell: cd /root && mysql -uroot -p'lx_root*#2020' < {{ item }} with_items: - mysql_82_db_lxzl_app.sql - mysql_82_db_lxzl_bank_enterprise.sql - mysql_82_db_lxzl_bill.sql - mysql_82_db_lxzl_contract.sql - mysql_82_db_lxzl_coupon.sql - mysql_82_db_lxzl_datacenter.sql - mysql_82_db_lxzl_dingding.sql - mysql_82_db_lxzl_erp.sql - mysql_82_db_lxzl_file_gateway.sql - mysql_82_db_lxzl_message_gateway.sql - mysql_82_db_lxzl_oauth.sql - mysql_82_db_lxzl_payment_gateway.sql - mysql_82_db_lxzl_product.sql - mysql_82_db_lxzl_risk_system.sql - mysql_82_db_lxzl_sap_assets_modification.sql - mysql_82_db_lxzl_sms.sql - mysql_82_db_lxzl_worker.sql - mysql_82_db_lxzl_workflow.sql - mysql_82_db_lxzl_zl_jd.sql - mysql_82_mysql.sql when: key == 82 - name: restore data shell: cd /root && mysql -uroot -p'lx_root*#2020' < {{ item }} with_items: - mysql_162_db_lxzl_hscs.sql - mysql_162_mysql.sql when: key == 162 - name: restore data shell: cd /root && mysql -uroot -p'lx_root*#2020' < {{ item }} with_items: - mysql_164_db_lxzl_purchase.sql - mysql_164_db_lxzl_sap.sql - mysql_164_db_lxzl_wms.sql - mysql_164_mysql.sql when: key == 164 - name: restore data shell: cd /root && mysql -uroot -p'lx_root*#2020' < {{ item }} with_items: - mysql_166_halm_atn.sql - mysql_166_halm_mdm.sql - mysql_166_halm_mmt.sql - mysql_166_halm_mtc.sql - mysql_166_halm_open.sql - mysql_166_halm_platform.sql - mysql_166_halm_ppm.sql - mysql_166_hzero_file.sql - mysql_166_hzero_governance.sql - mysql_166_hzero_import.sql - mysql_166_hzero_interface.sql - mysql_166_hzero_message.sql - mysql_166_hzero_platform.sql - mysql_166_hzero_scheduler.sql - mysql_166_mysql.sql when: key == 166
服务器初始化 cat roles/init/tasks/main.yml #修改ssh - name: Modify ssh port 12580 lineinfile: dest: /etc/ssh/{{ item }} regexp: '^Port 12580' insertafter: '#Port 22' line: 'Port 12580' with_items: - sshd_config tags: - sshport - name: PermitRootLogin replace: path: /etc/ssh/sshd_config regexp: '#PermitRootLogin yes' replace: 'PermitRootLogin no' - name: selinux shell: getenforce register: selinux - name: set permissive shell: setenforce 0 when: selinux == 'Enforcing' #DNS - name: add dns lineinfile: dest: /etc/resolv.conf line: 'nameserver 114.114.114.114' - name: 关闭防火墙服务 service: name: firewalld state: stopped enabled: no #修改seliunx - name: set selinux disabled replace: path: /etc/selinux/config regexp: '^SELINUX=enforcing' replace: 'SELINUX=disabled' #修改root,lxops和jenkins密码 - name: create user user: name={{ item.user }} password={{ item.password | password_hash('sha512') }} state=present with_items: - { user: 'root', password: 'LXZLProSvr4ROOT*#2021' } - { user: 'lxops', password: 'LXZLProSvr4LXOPS*#0755' } - { user: 'jenkins', password: 'LXZLProSvr4JENKINS*#2021' } #用户添加sudoer权限 - name: add sudo lineinfile: path: /etc/sudoers regexp: '{{ item.user }} ALL=(ALL) NOPASSWD:ALL' insertafter: '^root' line: '{{ item.user }} ALL=(ALL) NOPASSWD:ALL' with_items: - { user: 'lxops' } - { user: 'jenkins' } #安装基础工具 - name: yum shell: yum install -y vim wget net-tools tcping bash-completion dos2unix lrzsz ntp ntpdate openssl openssl-devel pcre pcre-devel git ntp ntpdate zip zip-devel unzip bzip2 bzip2-devel epel-release #定时清理垃圾文件 - name: clean shell: echo "10 * * * * /usr/bin/find /var/spool/clientmqueue/ -type f -mtime +7 | xargs rm -f > /dev/null 2>&1" >> /var/spool/cron/root #判断是否已安装elrepo源 - name: register elrepo repo stat: path: "/etc/yum.repos.d/elrepo.repo" register: file_path #- name: import key # shell: rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org - name: yum install elrepo.repo shell: rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org && rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm when: file_path.stat.exists == False - name: ali yum shell: curl http://mirrors.aliyun.com/repo/Centos-7.repo > /etc/yum.repos.d/aliyum.repo #安装epel - name: epel repo stat: path: "/etc/yum.repos.d/epel.repo" register: file_path - name: yum install epel.repo yum_repository: name: epel-release state: present when: file_path.stat.exists == False #内核优化 #- name: register file # stat: # path: "/etc/security/limits.conf" # register: file_path # #- name: # file: # touch: touch /etc/security/limits.conf # when: file_path.stat.exists == False - name: shell: rm -f /etc/security/limits.conf /etc/sysctl.conf - name: copy: src=limits.conf dest=/etc/security/ - name: copy copy: src=sysctl.conf dest=/etc
所有代码 链接:https://pan.baidu.com/s/16uKXGI2D2xPEhTbY8xyyrA 提取码:y2ed