nginx负载均衡大练习
1.nginx负载均衡大练习
2.SSH免密登录开局一张图
开局思路:①装好ansible主机,配置好环境确保能够控制到目标节点。
②ansible剧本部署好NFS和DB服务器,包括在NFS上开放目录,在DB上创建好数据库。
③创建nginx角色和php角色,方便后面部署直接调用。
④调用角色,先完整部署好web-7,完成web-7程序与数据库连接和初始化完成,并将静态文件夹挂载到NFS开放的目录。
⑤调用角色,再将web-7的程序目录和nginx及php配置文件拷贝到web-8,最后将静态文件夹挂载到NFS。
⑥剧本部署负载均衡,完成。
1. master-61上安装Ansible
安装ansible
yum install -y ansible
查看版本
[root@master-61 /scripts]#ansible --version
ansible [core 2.14.17]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.9.21 (main, Dec 5 2024, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-2)] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
编辑主机清单
[root@master-61 /scripts]#vim /etc/ansible/hosts
[root@master-61 /scripts]#tail -20 /etc/ansible/hosts
## green.example.com
## blue.example.com
[web]
172.16.1.7
172.16.1.8
[nfs]
172.16.1.31
[db]
172.16.1.51
[slb]
172.16.1.5
[all:vars]
ansible_user=root
ansible_password=uos2021!
关闭指纹验证提示
[root@master-61 /scripts]# grep 'host_key_checking' /etc/ansible/ansible.cfg
host_key_checking= False
查看inventory主机列表
[root@master-61 /scripts]#ansible-inventory --graph
@all:
|--@ungrouped:
|--@web:
| |--172.16.1.7
| |--172.16.1.8
|--@nfs:
| |--172.16.1.31
|--@db:
| |--172.16.1.51
|--@slb:
| |--172.16.1.5
测试主机是否连通
[root@master-61 /scripts]#ansible all -m ping
172.16.1.8 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
172.16.1.7 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
172.16.1.51 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
172.16.1.5 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
172.16.1.31 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
2.Ansible剧本部署nfs-31
编写剧本
[root@master-61 /scripts]#vim nfs_init.yml
[root@master-61 /scripts]#cat nfs_init.yml
---
- name: 1st,install nfs-utils to nfs,web
hosts: nfs,web
tasks:
- name: nfs-utils
yum:
name: nfs-utils
state: latest
- name: 2nd,ensure nfs-server in enabled
hosts: nfs
tasks:
- name: 2.1 install rpcbind
yum:
name: rpcbind
state: latest
- name: 2.2 ensure group exsits with correct gid
group:
name: www
gid: 6666
state: present
- name: 2.3 ensure user exsits with correct uid and gid
user:
name: www
uid: 6666
group: www
shell: /sbin/nologin
create_home: false
- name: 2.4 create share-dir and change its owner
file:
name: /nfs-wecenter
state: directory
owner: www
group: www
- file:
name: /nfs-wordpress
state: directory
owner: www
group: www
- name: 2.5 copy config-file to target
copy:
src: /scripts/exports
dest: /etc/exports
- name: 2.6 start and enable rpcbind
service:
name: rpcbind
state: started
enabled: yes
- name: 2.7 start and enable nfs-server
service:
name: nfs-server
state: started
enabled: yes
准备好nfs配置文件
[root@master-61 /scripts]#cat exports
/nfs-wecenter 172.16.1.0/24(rw,sync,all_squash,anonuid=6666,anongid=6666)
/nfs-wordpress 172.16.1.0/24(rw,sync,all_squash,anonuid=6666,anongid=6666)
执行ansible剧本
[root@master-61 /scripts]#ansible-playbook nfs_init.yml
验证nfs-31开放挂载的目录
[root@master-61 /scripts]#showmount -e 172.16.1.31
Export list for 172.16.1.31:
/nfs-wordpress 172.16.1.0/24
/nfs-wecenter 172.16.1.0/24
至此已成功部署。
3. Ansible剧本部署db-51
编写ansible剧本
[root@master-61 /scripts]#vim mariadb_init.yml
[root@master-61 /scripts]#cat mariadb_init.yml
---
- name: Install and configure MariaDB on CentOS
hosts: db
become: true
vars:
mariadb_root_password: "mima666" # 请替换为实际的 root 密码
mariadb_user: "fun01" # 请替换为实际的新用户
mariadb_user_password: "mima777" # 请替换为实际的新用户密码
tasks:
# 确保已安装python-pip
- name: Install pip
yum:
name: pip
state: present
# 确保pymysql已安装
- name: 安装pymsql
pip:
name: pymysql
state: present
# 安装 MariaDB 服务器
- name: Install MariaDB server
yum:
name: mariadb-server
state: present
# 启动 MariaDB 服务并设置开机自启
- name: Start and enable MariaDB service
systemd:
name: mariadb
state: started
enabled: true
# 等待 MariaDB 服务启动
- name: Wait for MariaDB to start
wait_for:
port: 3306
delay: 5
# 设置 MariaDB root 密码
- name: Set MariaDB root password
mysql_user:
name: root
password: "{{ mariadb_root_password }}"
login_user: root
login_password: "{{ mariadb_root_password }}"
host: localhost
check_implicit_admin: yes
priv: "*.*:ALL,GRANT"
# 创建 wecenter 和 wordpress 数据库
- name: Create wecenter and wordpress databases
mysql_db:
name:
- wecenter
- wordpress
state: present
login_user: root
login_password: "{{ mariadb_root_password }}"
# 创建新的数据库用户并授予所有权限
- name: Create new database user and grant all privileges
mysql_user:
name: "{{ mariadb_user }}"
password: "{{ mariadb_user_password }}"
priv: "wecenter.*:ALL,GRANT/wordpress.*:ALL,GRANT"
host: '%'
state: present
login_user: root
login_password: "{{ mariadb_root_password }}"
# 刷新权限
- name: Flush privileges
mysql_query:
query: FLUSH PRIVILEGES
login_user: root
login_password: "{{ mariadb_root_password }}"
执行ansible剧本
ansible-playbook mariadb_init.yml
远程登录数据库,验证是否成功创建
[root@master-61 /scripts]#mysql -ufun01 -pmima777 -h 172.16.1.51
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 15
Server version: 10.5.27-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| wecenter |
| wordpress |
+--------------------+
3 rows in set (0.033 sec)
MariaDB [(none)]> quit;
Bye
至此,已成功部署数据库。
4. 创建Ansible角色nginx
后面直接用nginx角色给slb-5、web-7和web-8安装nginx
1.创建nginx角色
初始化角色目录
[root@master-61 ~]#cd /etc/ansible/roles/
[root@master-61 /etc/ansible/roles]#ansible-galaxy init nginx
- Role nginx was created successfully
[root@master-61 /etc/ansible/roles]#ls
nginx
[root@master-61 /etc/ansible/roles]#cd nginx/
[root@master-61 /etc/ansible/roles/nginx]#ls
README.md defaults files handlers meta tasks templates tests vars
准备好nginx.conf配置文件
[root@master-61 /etc/ansible/roles/nginx]#cp -a /etc/nginx/nginx.conf files/
[root@master-61 /etc/ansible/roles/nginx]#vim files/nginx.conf
[root@master-61 /etc/ansible/roles/nginx]#cat files/nginx.conf
user www;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
准备好主页文件
[root@master-61 /etc/ansible/roles/nginx]#cat templates/index.html.j2
Welcome to {{ ansible_hostname }} on {{ ansible_default_ipv4.address }}
准备好handler脚本
[root@master-61 /etc/ansible/roles/nginx]#vim handlers/main.yml
[root@master-61 /etc/ansible/roles/nginx]#cat handlers/main.yml
---
# handlers file for nginx
- name: restart nginx
systemd:
name: nginx
state: restarted
准备好变量脚本
[root@master-61 /etc/ansible/roles/nginx]#vim vars/main.yml
[root@master-61 /etc/ansible/roles/nginx]#cat vars/main.yml
---
# vars file for nginx
user_name: 'www'
user_id: '6666'
编写tasks脚本
[root@master-61 /etc/ansible/roles/nginx]#vim tasks/main.yml
[root@master-61 /etc/ansible/roles/nginx]#cat tasks/main.yml
---
# tasks file for nginx
# 0.1 创建www用户组
- name: Ensure group "www" exists with correct gid
ansible.builtin.group:
name: "{{ user_name }}"
state: present
gid: "{{ user_id }}"
# 0.2 create user www
- name: Add the user 'www' with a specific uid and a primary group of 'www'
ansible.builtin.user:
name: "{{ user_name }}"
uid: "{{ user_id }}"
group: "{{ user_name }}"
shell: /sbin/nologin
create_home: false
state: present
# 1.配置nginx的yum源
- name: 1.config nginx.repo
yum_repository:
name: nginx
description: nginx stable repo
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck: yes
enabled: yes
gpgkey: https://nginx.org/keys/nginx_signing.key
state: present
# 2. 安装nginx
- name: 2. install nginx
yum:
name: nginx
state: latest
# 3. 启动nginx,并开机自启
- name: 3. start nginx
systemd:
name: nginx
state: started
enabled: yes
# 3.1 导入nginx配置文件
- name: 3.1 copy nginx.conf
copy:
src: niginx.conf
dest: /etc/nginx/nginx.conf
notify:
- restart nginx
# 4. 永久关闭防火墙
- name: 4. stop firewalld foever
systemd:
name: firewalld
state: stopped
enabled: no
# 5. 替换主页文件
- name: 5. 替换主页文件
template:
src: index.html.j2
dest: /usr/share/nginx/html/index.html
最终角色目录
[root@master-61 /etc/ansible/roles/nginx]#tree /etc/ansible/roles/nginx/
/etc/ansible/roles/nginx/
├── README.md
├── defaults
│ └── main.yml
├── files
│ └── nginx.conf
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
│ └── index.html.j2
├── tests
│ ├── inventory
│ └── test.yml
└── vars
└── main.yml
8 directories, 10 files
5. 创建Ansible角色php_installer
[root@master-61 /etc/ansible/roles]#pwd
/etc/ansible/roles
[root@master-61 /etc/ansible/roles]#ansible-galaxy init php_installer
- Role php_installer was created successfully
准备好变量
[root@master-61 /etc/ansible/roles]#cd php_installer/
[root@master-61 /etc/ansible/roles/php_installer]#ls
README.md defaults files handlers meta tasks templates tests vars
[root@master-61 /etc/ansible/roles/php_installer]#cp ../nginx/vars/main.yml ./vars/
cp: overwrite './vars/main.yml'? y
[root@master-61 /etc/ansible/roles/php_installer]#cat ./vars/main.yml
---
# vars file for nginx
user_name: 'www'
user_id: '6666'
准备好handler
[root@master-61 /etc/ansible/roles/php_installer]#vim handlers/main.yml
[root@master-61 /etc/ansible/roles/php_installer]#cat handlers/main.yml
---
# handlers file for php_installer
- name: restart php-fpm
systemd:
name: php-fpm
state: restarted
[root@master-61 /etc/ansible]#cd /etc/ansible/roles/php_installer/
[root@master-61 /etc/ansible/roles/php_installer]#cat > files/php.conf <<EOF
> server{
listen 80;
server_name www.funlyp.cn;
# 静态请求,资源存放路径
root usr/share/nginx/html;
index index.php index.html;
# 动态请求处理
location ~ \.php$ {
root /code;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
> EOF
[root@master-61 /etc/ansible/roles/php_installer]#cat > files/test-phpinfo.php <<EOF
> <?php
phpinfo();
echo "welcome to www.funlyp.cn"
?>
> EOF
[root@master-61 /etc/ansible/roles/php_installer]#ls files
php.conf test-phpinfo.php
编写好task脚本
[root@master-61 /etc/ansible]#cat roles/php_installer/tasks/main.yml
---
# tasks file for php_installer
- name: 01.卸载可能存在的其他版本php
yum:
name: php*
state: absent
- name: 02.安装新的php环境
yum:
name:
- https://mirrors.aliyun.com/rockylinux/9.5/devel/x86_64/os/Packages/l/libmemcached-awesome-1.1.0-12.el9.x86_64.rpm
- php-cli
- php-common
- php-devel
- php-embedded
- php-gd
- php-mcrypt
- php-mbstring
- php-pdo
- php-xml
- php-fpm
- php-mysqlnd
- php-opcache
- php-pecl-memcached
- php-pecl-redis
- php-pecl-mongodb
- php-json
- php-pecl-apcu
- php-pecl-apcu-devel
state: present
- name: 03.修改php-fpm配置文件
lineinfile:
path: /etc/php-fpm.d/www.conf
regexp: '^user'
line: 'user = www'
state: present
notify:
- restart php-fpm
- name: 03.1.修改php-fpm配置文件
lineinfile:
path: /etc/php-fpm.d/www.conf
regexp: '^group'
line: 'group = www'
state: present
notify:
- restart php-fpm
- name: 03.2.修改php-fpm配置文件
lineinfile:
path: /etc/php-fpm.d/www.conf
regexp: '^listen '
line: 'listen = 127.0.0.1:9000'
state: present
backup: true
notify:
- restart php-fpm
- name: 04.设置php-fpm开机自启
systemd:
name: php-fpm
state: started
enabled: yes
- name: 05.创建php程序目录
file:
name: /code
state: directory
owner: www
group: www
- name: 06.上传php程序文件到相应目录
copy:
src: test-phpinfo.php
dest: /code/test-phpinfo.php
owner: www
group: www
- name: 06.9.备份ningx默认虚拟主机文件
stat:
path: /etc/nginx/conf.d/default.conf
register: file_stat
- name: 06.9.2备份nginx默认虚拟主机文件
command:
cmd: mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak
when: file_stat.stat.exists
- name: 07.上传虚拟主机配置文件
copy:
src: php.conf
dest: /etc/nginx/conf.d/php.conf
notify:
- restart nginx
至此php_installer角色创建完成。
6.剧本引入角色测试
在主机名单中加入测试机器110
[root@master-61 /etc/ansible]#tail -20 /etc/ansible/hosts
[web]
172.16.1.7
172.16.1.8
[nfs]
172.16.1.31
[db]
172.16.1.51
[slb]
172.16.1.5
[test]
172.16.1.110
[all:vars]
ansible_user=root
ansible_password=uos2021!
编写测试剧本
[root@master-61 /etc/ansible]#cat test_php_install.yml
---
- name: test php install
hosts: test
roles:
- nginx
- php_installer
执行剧本
[root@master-61 /etc/ansible]#ansible-playbook test_php_install.yml
客户端浏览器上做好dns解析并验证
静态主页验证
php验证
7.先将web-7完整部署
在master-61主机上准备好wecenter源码包和nginx虚拟主机conf文件
[root@master-61 ~]#ll /scripts/wecenter.zip
-rw-r--r-- 1 root root 25238972 Jan 20 10:14 /scripts/wecenter.zip
[root@master-61 ~]#vim /scripts/wecenter.conf
[root@master-61 ~]#cat /scripts/wecenter.conf
server{
listen 80;
server_name wecenter.funlyp.cn;
root /code/wecenter;
index index.php index.html;
location ~ \.php$ {
root /code/wecenter;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
上准备好wordpress源码包和nginx虚拟主机conf文件
[root@master-61 /scripts]#ll latest-zh_CN.zip
-rw-r--r-- 1 root root 35766225 Jan 12 14:00 latest-zh_CN.zip
[root@master-61 /scripts]#cp wecenter.conf wordpress.conf
[root@master-61 /scripts]#vim wordpress.conf
[root@master-61 /scripts]#cat wordpress.conf
server{
listen 80;
server_name wordpress.funlyp.cn;
root /code/wordpress;
index index.php index.html;
location ~ \.php$ {
root /code/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
准备好运行剧本
[root@master-61 /scripts]#vim web-7_init.yml
[root@master-61 /scripts]#cat web-7_init.yml
---
- name: web-7部署
hosts: 172.16.1.7
roles:
- nginx
- php_installer
tasks:
- name: 确保目标机器目录存在
file:
path:
- /code/wecenter
- /code/wordpress
state: directory
owner: www
group: www
- name: 确保目标机器已安装unzip命令
yum:
name: unzip
state: present
- name: 解压wordpress源码到目标机器目录
unarchive:
src: /scripts/latest-zh_CN.zip
dest: /code/
- name: 解压wencenter.zip到目标机器目录
unarchive:
src: /scripts/wecenter.zip
dest: /code/wecenter
- name: 修改/code属主属组
file:
path: /code
owner: www
group: www
recurse: yes
- name: 上传wecenter.conf
copy:
src: /scripts/wecenter.conf
dest: /etc/nginx/conf.d/wecenter.conf
notify:
- restart nginx
- name: 上传wordpress.conf
copy:
src: /scripts/wordpress.conf
dest: /etc/nginx/conf.d/wordpress.conf
notify:
- restart nginx
- name: 确保已安装nfs-utils
yum:
name: nfs-utils
state: present
- name: nfs挂载wecenter的静态目录
mount:
src: 172.16.1.31:/nfs-wecenter
path: /code/wecenter/uploads
opts: rw,sync,hard
state: mounted
fstype: nfs
- name: nfs挂载wordpress的静态目录
mount:
src: 172.16.1.31:/nfs-wordpress
path: /code/wordpress/wp-content/uploads
opts: rw,sync,hard
state: mounted
fstype: nfs
handlers:
- name: restart nginx
systemd:
name: nginx
state: restarted
执行剧本
[root@master-61 /scripts]#ansible-playbook web-7_init.yml
PLAY [web-7部署] ****************************************************************************************
TASK [Gathering Facts] **********************************************************************************
ok: [172.16.1.7]
···
···
PLAY RECAP **********************************************************************************************
172.16.1.7 : ok=31 changed=13 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
在客户端机器做好域名解析 浏览器访问验证效果并完成安装
10.0.0.7 funlyp.cn www.funlyp.cn wecenter.funlyp.cn wordpress.funlyp.cn
先访问wecenter。
已成功访问wecenter到安装页面了。
点击下一步对接数据库,
填写之前部署的数据库信息开始安装。
创建管理员
完成安装
按提示删除install/index.php文件
[root@master-61 /scripts]#ansible 172.16.1.7 -m command -a 'rm -rf /code/wecenter/install/index.php'
172.16.1.7 | CHANGED | rc=0 >>
访问首页
已完成wecenter部署
访问wordpress完成部署
配置完成后登录
发表一篇文章
完成部署。
悄悄登录nfs-31机器查看nfs挂载目录是否有刚刚文章上传的图片
[root@nfs-31 ~]#tree /nfs-wordpress/
/nfs-wordpress/
└── 2025
└── 02
├── 屏幕截图-2025-02-05-102330-1024x525.png
├── 屏幕截图-2025-02-05-102330-150x150.png
├── 屏幕截图-2025-02-05-102330-300x154.png
├── 屏幕截图-2025-02-05-102330-768x394.png
└── 屏幕截图-2025-02-05-102330.png
2 directories, 5 files
发现有,意满离。
下一步
复制代码到web-8 完成web-8部署
8.部署web-8
编写脚本
[root@master-61 /scripts]#vim web-8_init.yml
[root@master-61 /scripts]#cat web-8_init.yml
---
- name: 安装rsync软件
hosts: web
tasks:
- name: 确保rsync存在
yum:
name: rsync
state: present
- name: 将web-7的文件拉到本地
hosts: 172.16.1.7
tasks:
- name: pull web7 code to localhost
synchronize:
mode: pull
src: /code/
dest: /code
delegate_to: localhost
- name: pull web7 nginx to localhost
synchronize:
mode: pull
src: /etc/nginx/
dest: /nginx
delegate_to: localhost
- name: pull web7 php-fpm to localhost
synchronize:
mode: pull
src: /etc/php-fpm.d/www.conf
dest: /php-fpm.d/
delegate_to: localhost
- name: web-8部署
hosts: 172.16.1.8
roles:
- nginx
- php_installer
tasks:
- name: 将本地的/code推给web-8
synchronize:
src: /code/
dest: /code
delegate_to: localhost
- name: 将本地的/nginx推给web-8
synchronize:
src: /nginx/
dest: /etc/nginx
delegate_to: localhost
notify: restart nginx
- name: 将本地的php-fpm推给web-8
synchronize:
src: /php-fpm.d/www.conf
dest: /etc/php-fpm.d/www.conf
delegate_to: localhost
notify: restart php-fpm
- name: 确保已安装nfs-utils
yum:
name: nfs-utils
state: present
- name: nfs挂载wecenter的静态目录
mount:
src: 172.16.1.31:/nfs-wecenter
path: /code/wecenter/uploads
opts: rw,sync,hard
state: mounted
fstype: nfs
- name: nfs挂载wordpress的静态目录
mount:
src: 172.16.1.31:/nfs-wordpress
path: /code/wordpress/wp-content/uploads
opts: rw,sync,hard
state: mounted
fstype: nfs
handlers:
- name: restart nginx
systemd:
name: nginx
state: restarted
- name: restart php-fpm
systemd:
name: php-fpm
state: restarted
执行剧本
[root@master-61 /scripts]#ansible-playbook web-8_init.yml
PLAY [安装rsync软件] ************************************************************************************
TASK [Gathering Facts] **********************************************************************************
ok: [172.16.1.7]
ok: [172.16.1.8]
···
···
PLAY RECAP **********************************************************************************************
172.16.1.7 : ok=6 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
172.16.1.8 : ok=29 changed=13 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
验证环节,将客户端域名解析到web-8
10.0.0.8 funlyp.cn www.funlyp.cn wecenter.funlyp.cn wordpress.funlyp.cn
访问wecenter和wordpress均正常
查看web-8 nfs挂载情况
[root@master-61 /scripts]#ansible 172.16.1.8 -m shell -a 'df -h|grep nfs '
172.16.1.8 | CHANGED | rc=0 >>
172.16.1.31:/nfs-wecenter 17G 1.5G 16G 9% /code/wecenter/uploads
172.16.1.31:/nfs-wordpress 17G 1.5G 16G 9% /code/wordpress/wp-content/uploads
欧克 web-8 也部署完成啦
下一步部署负载均衡啦。
9.ansible 部署 slb-5
准备好proxy参数文件
[root@master-61 /scripts]#cat > proxy_params << 'EOF'
proxy_set_header Host $http_host; #将客户端请求的主机名传递给后端服务器。
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #记录客户端 IP 地址及经过的代理服务器 IP 地址。
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
EOF
[root@master-61 /scripts]#ll proxy_params
-rw-r--r-- 1 root root 232 Feb 9 16:07 proxy_params
准备好反向代理负载均衡的文件proxy.conf
[root@master-61 /scripts]#vim proxy.conf
[root@master-61 /scripts]#cat proxy.conf
upstream wecenter {
server 172.16.1.7;
server 172.16.1.8;
}
upstream wordpress {
server 172.16.1.7;
server 172.16.1.8;
}
server {
listen 80;
server_name wecenter.funlyp.cn;
location / {
proxy_pass http://wecenter;
include /etc/nginx/proxy_params;
}
}
server {
listen 80;
server_name wordpress.funlyp.cn;
location / {
proxy_pass http://wordpress;
include /etc/nginx/proxy_params;
}
}
编辑好剧本文件
[root@master-61 /scripts]#vim lb-5_init.yml
[root@master-61 /scripts]#cat lb-5_init.yml
---
- name: 一键部署slb-5
hosts: slb
roles:
- nginx
tasks:
- name: 传入proxy_params文件
copy:
src: /scripts/proxy_params
dest: /etc/nginx/proxy_params
- name: 传入proxy.conf文件
copy:
src: /scripts/proxy.conf
dest: /etc/nginx/conf.d/proxy.conf
notify:
- restart nginx
handlers:
- name: restart nginx
systemd:
name: nginx
state: restarted
执行剧本
[root@master-61 /scripts]#ansible-playbook lb-5_init.yml --start-at-task 传入proxy.conf文件
PLAY [一键部署slb-5] ************************************************************************************
TASK [Gathering Facts] **********************************************************************************
ok: [172.16.1.5]
···
···
TASK [传入proxy.conf文件] *******************************************************************************
changed: [172.16.1.5]
RUNNING HANDLER [restart nginx] *************************************************************************
changed: [172.16.1.5]
PLAY RECAP **********************************************************************************************
172.16.1.5 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
在客户端做好域名解析 10.0.0.5 wordpress.funlyp.cn wecenter.funlyp.cn
分别在slb-5、web-7和web-8动态查看访问日志tail -f /var/log/nginx/access.log
客户端浏览器访问域名进行测试,可以发现已经实现了默认的负载均衡
实现了( •̀ ω •́ )y
终于全部做完啦,踩坑总结:
1.Ansible使用 mysql_db等模块需要确保目标机器上已安装python-pip以及pymysql。
# 确保已安装python-pip
- name: Install pip
yum:
name: pip
state: present
# 确保pymysql已安装
- name: 安装pymsql
pip:
name: pymysql
state: present
2.使用mysql_user设置密码时。
- name: Set MariaDB root password # 任务名称,描述性标识
mysql_user: # 使用 Ansible 的 MySQL 用户管理模块
name: root # 操作的目标用户是 root
password: "{{ mariadb_root_password }}" # 设置该用户的密码(变量形式)
login_user: root # 连接数据库时使用的登录用户
login_password: "{{ mariadb_root_password }}" # 连接数据库的密码
host: localhost # 限定用户仅限本地访问
check_implicit_admin: yes # 允许尝试无密码的 root 登录(如通过 sudo)
priv: "*.*:ALL,GRANT" # 授予用户所有数据库的全部权限 + 授权权限
3.安装php环境时提示缺少libmemcached依赖,仓库里也无法找到,我这里直接在阿里云社区直接找到了
https://mirrors.aliyun.com/rockylinux/9.5/devel/x86_64/os/Packages/l/libmemcached-awesome-1.1.0-12.el9.x86_64.rpm
4./php-fpm.d/www.conf中默认没有监听 127.0.0.1:9000,造成后面nginx不能和php对接。需要在www.conf中修改为listen = 127.0.0.1:9000
5.需要先将web-7完整部署初始化成功后,再将web-7上的内容目录和配置文件照搬到web-8,不然的话web-8初始化连接数据库时会出现问题和造成最终部署结果和web-7不一致。
6.代理参数中设置了以下参数,可以将客户端请求的主机名传递给后端服务器。
proxy_set_header Host $http_host; #将客户端请求的主机名传递给后端服务器。
所以不用担心nignx在进行负载均衡时
upstream wordpress {
server 172.16.1.7;
server 172.16.1.8;
}
分不清该访问后端nginx上的哪一台虚拟主机。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· .NET10 - 预览版1新功能体验(一)