第九章 Ansible-playbook搭建wordpress博客

一、环境准备

主机 外网IP 内网IP 部署服务
m01 10.0.0.61 172.16.1.61 ansible
lb01 10.0.0.4 172.16.1.4 nginx
web01 172.16.1.7 nginx+php+rpcbind
web02 172.16.1.8 nginx+php+rpcbind
db01 172.16.1.51 mariadb
nfs 172.16.1.31 nfs+rpcbind+rsync+inotify+sersync
backup 172.16.1.41 rsync

二、安装Ansible

1.安装

[root@m01 ~]# yum install -y ansible

2.配置Ansible

[root@m01 ~]# vim /etc/ansible/ansible.cfg
host_key_checking = False
log_path = /var/log/ansible.log

3.配置主机清单

[root@m01 ~]# vim /etc/ansible/hosts 

[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'

[slb]
lb01 ansible_ssh_pass='1'

[db_group]
db01 ansible_ssh_pass='1'

[nfs_server]
nfs ansible_ssh_pass='1'

[backup_server]
backup ansible_ssh_pass='1'

#配置hosts
[root@m01 ~]# vim /etc/hosts
172.16.1.4 lb01
172.16.1.7 web01
172.16.1.8 web02
172.16.1.31 nfs
172.16.1.41 backup
172.16.1.51 db01

4.测试连接

[root@m01 ~]# ansible all -m ping

5.准备存放文件的目录

[root@m01 ~]# mkdir conf
[root@m01 ~]# mkdir package

三、进行服务器优化

1.编写剧本

[root@m01 ~]# cat lnmp.yml
- hosts: all
  tasks:
    - name: Stop selinux
      selinux:
        state: disabled

    - name: Stop Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: no

    - name: Install unzip
      yum:
        name: unzip
        state: present

    - name: Create www Group
      group:
        name: www
        gid: 666

    - name: Create www User
      user:
        name: www
        uid: 666
        group: www
        shell: /sbin/nologin
        create_home: no

四、安装nginx

1.安装nginx的方式

#方式1:源码包安装
1.解压
unarchive
2.生成
shell
3.编译
shell
4.安装
shell

#方式2:官方源安装
1.推送yum源
copy
2.yum安装nginx
yum

#方式3:rpm包安装方式
1.推送rpm包
copy
2.安装本地rpm包
yum

2.nginx安装准备

1.准备nginx官方源
[root@m01 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@m01 ~]# cp /etc/yum.repos.d/nginx.repo ./conf/

2.准备nginx配置文件
[root@m01 ~]# vim /etc/nginx/nginx.conf
user  www;
http {
	client_max_body_size 200m;
}
[root@m01 ~]# cp /etc/nginx/nginx.conf ./conf/

3.准备站点文件
[root@m01 ~]# cd package/
[root@m01 ~/package]# rz wordpress-5.0.3-zh_CN.tar.gz

4.准备站点的配置文件
[root@m01 ~]# vim conf/linux.wp.com.conf
server {
    listen 80;
    server_name linux.wp.com;
    root /code/wordpress;

    location / {
        index index.php;
    }

    location ~* \.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

5.准备负载均衡的配置文件
[root@m01 ~]# vim conf/proxy.conf
upstream web {
    server 172.16.1.7;
    server 172.16.1.8;
}

server {
    listen 80;
    server_name linux.wp.com;

    location / {
        proxy_pass http://web;
        include proxy_params;
    }
}

6.准备负载均衡优化文件
[root@m01 ~]# vim conf/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;

proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;

7.准备wordpress连接数据库配置
[root@m01 ~]# vim conf/wp-config.php
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');

/** MySQL数据库用户名 */
define('DB_USER', 'wp');

/** MySQL数据库密码 */
define('DB_PASSWORD', '123456');

/** MySQL主机 */
define('DB_HOST', '172.16.1.51');

/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8mb4');

3.编写剧本

[root@m01 ~]# cat lnmp2.yml 
- hosts: nginx_group
  tasks:
    - name: Copy nginx.repo
      copy:
        src: /root/conf/nginx.repo
        dest: /etc/yum.repos.d/

    - name: Install Nginx Server
      yum:
        name: nginx
        state: present

    - name: Config Nginx Server
      copy:
        src: /root/conf/nginx.conf
        dest: /etc/nginx/

- hosts: slb
  tasks:
    - name: Config slb Server
      copy:
        src: /root/conf/proxy.conf
        dest: /etc/nginx/conf.d

    - name: Copy proxy_params
      copy:
        src: /root/conf/proxy_params
        dest: /etc/nginx/
    
    - name: Start slb Server
      systemd:
        name: nginx
        state: started

- hosts: web_group
  tasks:
    - name: Config nginx Server
      copy:
        src: /root/conf/linux.wp.com.conf
        dest: /etc/nginx/conf.d/
      
    - name: Mkdir Code
      file:
        path: /code
        state: directory

    - name: Config wordpress Code
      unarchive:
        src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
        dest: /code/

    - name: Config wordpress Connect Mysql
      copy:
        src: /root/conf/wp-config.php
        dest: /code/wordpress/

    - name: Grant Code Dir
      file:
        path: /code
        owner: www
        group: www
        recurse: yes

    - name: Start Web Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes

五、安装php

1.php安装准备

1.上传安装包
[root@m01 ~]# cd package/
[root@m01 ~/package]# rz php.tar.gz

2.准备php配置
[root@m01 /tmp]# vim /etc/php.ini
upload_max_filesize = 200M
post_max_size = 200M
[root@m01 /tmp]# vim /etc/php-fpm.d/www.conf 
user = www
group = www
[root@m01 ~]# cp /etc/php.ini ./conf/
[root@m01 ~]# cp /etc/php-fpm.d/www.conf ./conf/

2.编写剧本

[root@m01 ~]# cat lnmp3.yml 
- hosts: web_group
  tasks:
    - name: Tar php.tar.gz
      unarchive:
        src: /root/package/php.tar.gz
        dest: /tmp/

    - name: Install PHP Server
      shell: yum localinstall -y /tmp/*.rpm

    - name: Config php Server
      copy:
        src: /root/conf/php.ini
        dest: /etc/

    - name: Config php Server
      copy:
        src: /root/conf/www.conf
        dest: /etc/php-fpm.d/

    - name: Start php Server
      systemd:
        name: php-fpm
        state: started
        enabled: yes

六、安装mariadb

1.编写剧本

[root@m01 ~]# cat lnmp4.yml 
- hosts: db01
  tasks:
    - name: Install Mariadb Server
      yum:
        name: mariadb-server
        state: present

    - name: Install MySQL-python
      yum:
        name: MySQL-python
        state: present

    - name: Start Mariadb Server
      systemd:
        name: mariadb
        state: started
        enabled: yes

    - name: Create wordpress Database
      mysql_db:
        name: wordpress
        state: present

    - name: Create wordpress Database User
      mysql_user:
        name: "wp"
        host: "172.16.1.%"
        password: 123456
        priv: "wordpress.*:ALL"
        state: present

七、NFS挂载

1.准备挂载目录

[root@m01 ~/package]# tar xf wordpress-5.0.3-zh_CN.tar.gz           
[root@m01 ~/package]# mv wordpress/wp-content ./

2.服务端剧本

[root@m01 ~]# cat lnmp5.yml
- hosts: nfs_group
  tasks:
    - name: Install nfs Server
      yum:
        name: nfs-utils
        state: present

    - name: Install rpcbind Server
      yum:
        name: rpcbind
        state: present

- hosts: nfs_server
  tasks:
    - name: Config nfs Server
      copy:
        content: /data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
        dest: /etc/exports      

    - name: Mkdir data
      file:
        path: /data
        state: directory
        owner: www
        group: www

    - name: Start nfs Server
      systemd:
        name: nfs
        state: started

3.客户端剧本

- hosts: nfs
  tasks:
    - name: Copy wp-content to NFS
      copy:
        src: /root/package/wp-content
        dest: /data
        owner: www
        group: www
    
- hosts: web_group
  tasks:
    - name: Start rpcbind Server
      systemd:
        name: rpcbind
        state: started

    - name: Mount nfs
      mount:
        src: 172.16.1.31:/data/wp-content
        path: /code/wordpress/wp-content/
        fstype: nfs
        opts: defaults
        state: mounted

八、实时备份

1.准备环境

1.准备rsync配置文件
[root@m01 ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[root@m01 ~]# cp /etc/rsyncd.conf ./conf/

2.准备sersync包
[root@m01 ~/package]# rz sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 ~/package]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz 
[root@m01 ~/package]# mv GNU-Linux-x86 sersync

3.准备sersync配置
[root@m01 ~]# vim package/sersync/confxml.xml 
<sersync>
    <localpath watch="/data">
        <remote ip="172.16.1.41" name="backup"/>
        <!--<remote ip="192.168.8.39" name="tongbu"/>-->
        <!--<remote ip="192.168.8.40" name="tongbu"/>-->
    </localpath>
    <rsync>
        <commonParams params="-artuz"/>
        <auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
        <userDefinedPort start="false" port="874"/><!-- port=874 -->
        <timeout start="false" time="100"/><!-- timeout=100 -->
        <ssh start="false"/>
    </rsync>

4.准备启动sersync脚本
[root@m01 ~]# vim start_rsync.sh
#!/bin/bash
/usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml

2.服务端剧本

[root@m01 ~]# vim lnmp6.yml 
- hosts: backup
  tasks:
    - name: Install rsync Server
      yum:
        name: rsync
        state: present

    - name: Config Rsync Server
      copy:
        src: /root/conf/rsyncd.conf
        dest: /etc/
        
    - name: Config rsync.passwd
      copy:
        content: rsync_backup:123456
        dest: /etc/rsync.passwd
        mode: 0600
        
    - name: Mkdir backup Dir
      file:
        path: /backup
        state: directory
        owner: www
        group: www
        
    - name: Start rsync Server
      systemd:
        name: rsyncd
        state: started

3.客户端脚本

- hosts: nfs
  tasks:
    - name: Install rsync Server
      yum:
        name: rsync
        state: present

    - name: Install Inotify-tools Server
      yum:
        name: inotify-tools
        state: present

    - name: Install sersync Server
      copy:
        src: /root/package/sersync
        dest: /usr/local/
        mode: 0755

    - name: Config rsync.pass
      copy:
        content: 123456
        dest: /etc/rsync.pass
        mode: 0600

    - name: Start sersync
      script: /root/start_rsync.sh

九、完整的剧本

[root@m01 ~]# cat lnmp.yml 
- hosts: all
  tasks:
    - name: Stop selinux
      selinux:
        state: disabled

    - name: Stop Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: no

    - name: Install unzip
      yum:
        name: unzip
        state: present

    - name: Create www Group
      group:
        name: www
        gid: 666

    - name: Create www User
      user:
        name: www
        uid: 666
        group: www
        shell: /sbin/nologin
        create_home: no

 
- hosts: nginx_group
  tasks:
    - name: Copy nginx.repo
      copy:
        src: /root/conf/nginx.repo
        dest: /etc/yum.repos.d/

    - name: Install Nginx Server
      yum:
        name: nginx
        state: present

    - name: Config Nginx Server
      copy:
        src: /root/conf/nginx.conf
        dest: /etc/nginx/

- hosts: slb
  tasks:
    - name: Config slb Server
      copy:
        src: /root/conf/proxy.conf
        dest: /etc/nginx/conf.d

    - name: Copy proxy_params
      copy:
        src: /root/conf/proxy_params
        dest: /etc/nginx/
    
    - name: Start slb Server
      systemd:
        name: nginx
        state: started

- hosts: web_group
  tasks:
    - name: Config nginx Server
      copy:
        src: /root/conf/linux.wp.com.conf
        dest: /etc/nginx/conf.d/
      
    - name: Mkdir Code
      file:
        path: /code
        state: directory

    - name: Config wordpress Code
      unarchive:
        src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
        dest: /code/

    - name: Grant Code Dir
      file:
        path: /code
        owner: www
        group: www
        recurse: yes

    - name: Start Web Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes

- hosts: web_group
  tasks:
    - name: Tar php.tar.gz
      unarchive:
        src: /root/package/php.tar.gz
        dest: /tmp/

    - name: Install PHP Server
      shell: yum localinstall -y /tmp/*.rpm

    - name: Config php Server
      copy:
        src: /root/conf/php.ini
        dest: /etc/

    - name: Config php Server
      copy:
        src: /root/conf/www.conf
        dest: /etc/php-fpm.d/

    - name: Start php Server
      systemd:
        name: php-fpm
        state: started
        enabled: yes

- hosts: db01
  tasks:
    - name: Install Mariadb Server
      yum:
        name: mariadb-server
        state: present

    - name: Install MySQL-python
      yum:
        name: MySQL-python
        state: present

    - name: Start Mariadb Server
      systemd:
        name: mariadb
        state: started
        enabled: yes

    - name: Create wordpress Database
      mysql_db:
        name: wordpress
        state: present

    - name: Create wordpress Database User
      mysql_user:
        name: "wp"
        host: "172.16.1.%"
        password: '123456'
        priv: "wordpress.*:ALL"
        state: present
        
        
- hosts: nfs_group
  tasks:
    - name: Install nfs Server
      yum:
        name: nfs-utils
        state: present

    - name: Install rpcbind Server
      yum:
        name: rpcbind
        state: present

- hosts: nfs_server
  tasks:
    - name: Config nfs Server
      copy:
        content: /data/wp-content 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
        dest: /etc/exports      

    - name: Mkdir data
      file:
        path: /data
        state: directory
        owner: www
        group: www

    - name: Start nfs Server
      systemd:
        name: nfs
        state: started

- hosts: nfs
  tasks:
    - name: Copy wp-content to NFS
      copy:
        src: /root/package/wp-content
        dest: /data
        owner: www
        group: www
    
- hosts: web_group
  tasks:
    - name: Start rpcbind Server
      systemd:
        name: rpcbind
        state: started

    - name: Mount nfs
      mount:
        src: 172.16.1.31:/data/wp-content
        path: /code/wordpress/wp-content/
        fstype: nfs
        opts: defaults
        state: mounted

- hosts: backup
  tasks:
    - name: Install rsync Server
      yum:
        name: rsync
        state: present

    - name: Config Rsync Server
      copy:
        src: /root/conf/rsyncd.conf
        dest: /etc/

    - name: Config rsync.passwd
      copy:
        content: rsync_backup:123456
        dest: /etc/rsync.passwd
        mode: 0600

    - name: Mkdir backup Dir
      file:
        path: /backup
        state: directory
        owner: www
        group: www

    - name: Start rsync Server
      systemd:
        name: rsyncd
        state: started

- hosts: nfs
  tasks:
    - name: Install rsync Server
      yum:
        name: rsync
        state: present

    - name: Install Inotify-tools Server
      yum:
        name: inotify-tools
        state: present

    - name: Install sersync Server
      copy:
        src: /root/package/sersync
        dest: /usr/local/
        mode: 0755

    - name: Config rsync.pass
      copy:
        content: 123456
        dest: /etc/rsync.pass
        mode: 0600

    - name: Start sersync
      script: /root/start_rsync.sh

十、扩展web服务器

1.将新机器添加到ansible主机清单

[root@m01 ~]# vim /etc/ansible/hosts 
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
web03 ansible_ssh_pass='1'		#新添加的主机

[root@m01 ~]# vim /etc/hosts
172.16.1.9 web03

2.编写剧本

[root@m01 ~]# vim add_web.yml
- hosts: web03
  tasks:
    - name: Stop selinux
      selinux:
        state: disabled

    - name: Stop Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: no

    - name: Install unzip
      yum:
        name: unzip
        state: present

    - name: Create www Group
      group:
        name: www
        gid: 666

    - name: Create www User
      user:
        name: www
        uid: 666
        group: www
        shell: /sbin/nologin
        create_home: no
      
    - name: Copy nginx.repo
      copy:
        src: /root/conf/nginx.repo
        dest: /etc/yum.repos.d/

    - name: Install Nginx Server
      yum:
        name: nginx
        state: present

    - name: Config Nginx Server
      copy:
        src: /root/conf/nginx.conf
        dest: /etc/nginx/
        
    - name: Tar php.tar.gz
      unarchive:
        src: /root/package/php.tar.gz
        dest: /tmp/

    - name: Install PHP Server
      shell: yum localinstall -y /tmp/*.rpm

    - name: Config php Server
      copy:
        src: /root/conf/php.ini
        dest: /etc/

    - name: Config php Server
      copy:
        src: /root/conf/www.conf
        dest: /etc/php-fpm.d/

    - name: Start php Server
      systemd:
        name: php-fpm
        state: started
        enabled: yes
     
    - name: Config nginx Server
      copy:
        src: /root/conf/linux.wp.com.conf
        dest: /etc/nginx/conf.d/
      
    - name: Mkdir Code
      file:
        path: /code
        state: directory

    - name: Config wordpress Code
      unarchive:
        src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
        dest: /code/

    - name: Config wordpress Connect Mysql
      copy:
        src: /root/conf/wp-config.php
        dest: /code/wordpress/

    - name: Grant Code Dir
      file:
        path: /code
        owner: www
        group: www
        recurse: yes

    - name: Start Web Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes
        
    - name: Install nfs Server
      yum:
        name: nfs-utils
        state: present

    - name: Install rpcbind Server
      yum:
        name: rpcbind
        state: present
        
    - name: Start rpcbind Server
      systemd:
        name: rpcbind
        state: started

    - name: Mount nfs
      mount:
        src: 172.16.1.31:/data/wp-content
        path: /code/wordpress/wp-content/
        fstype: nfs
        opts: defaults
        state: mounted
posted @ 2021-12-23 14:08  年少纵马且长歌  阅读(205)  评论(0编辑  收藏  举报