Ansible实战—使用playbook部署lamp
Ansible实战—使用playbook部署lamp
本次环境说明:
系统平台 | 主机的IP地址 | 需要安装的服务 |
---|---|---|
redhat8 | 192.168.110.10 | ansible |
redhat8 | 192.168.110.20 | httpd |
redhat8 | 192.168.110.30 | mysql |
redhat8 | 192.168.110.40 | php |
准备工作
给Ansible主控机配置yum源(阿里云官方镜像网站)
//配置centos源
[root@ansible ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
[root@ansible ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@ansible ~]# sed -i 's|$releasever|8|' /etc/yum.repos.d/CentOS-Base.repo
//配置epel源
[root@ansible ~]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
[root@ansible ~]# sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
[root@ansible ~]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
[root@ansible ~]# sed -i 's|$releasever|8|' /etc/yum.repos.d/epel*
//清理yum缓存,建立缓存
[root@ansible ~]# yum clean all
[root@ansible ~]# yum makecach
在Ansible主控机上设置三台受控机
//映射主机名
[root@ansible ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.110.10 ansible
192.168.110.20 httpd
192.168.110.30 mysql
192.168.110.40 php
//修改清单位置
[root@ansible ~]# vim /etc/ansible/ansible.cfg
# some basic default values...
inventory = ./inventory
//定义清单
[root@ansible ~]# vim /etc/ansible/inventory
[web_group]
httpd
[databases_group]
mysql
[app_group]
php
生成密钥,给三台受控机设置免密登录
[root@ansible ~]# ssh-keygen -t rsa //生成密钥,直接回车即可
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OFB9SUGgUTf2KbgfrEnnDe5vDh0OE2AmqeOjC7UMsqw root@ansible
The key's randomart image is:
+---[RSA 3072]----+
| ++*+Bo |
| ..*.=oo . |
| ... ..o o |
| o. . o o |
|o .. .o S B . |
|o= .o o B O . |
|o.o. . o = + |
|... . .. |
|E .. .+o |
+----[SHA256]-----+
//设置主机免密登录
[root@ansible ~]# ssh-copy-id root@httpd //httpd主机
[root@ansible ~]# ssh-copy-id root@mysql //mysql主机
[root@ansible ~]# ssh-copy-id root@php //php主机
测试能否ping通三台受控机
[root@ansible ~]# ansible all -m ping
mysql | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
httpd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
php | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
创建本次项目的目录
//创建project文件夹
[root@ansible ~]# mkdir /project
[root@ansible ~]# cd /project/
[root@ansible project]# ls
[root@ansible project]# mkdir -p modules/yum/files
[root@ansible project]# mkdir -p modules/webs/apache modules/databases/mysql modules/apps/php
//把配置清单文件拷贝到当前目录,使project目录可以单独使用ansible命令
[root@ansible project]# cp /etc/ansible/ansible.cfg .
[root@ansible project]# cp /etc/ansible/inventory .
//可以ping通
[root@ansible project]# ansible all -m ping
mysql | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
httpd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
php | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
项目结构
[root@ansible project]# tree .
.
├── ansible.cfg
├── inventory
├── lamp
│ └── lamp.yml
└── modules
├── apps
│ └── php
│ ├── php_install.yml
│ └── vars
│ └── var.yml
├── databases
│ └── mysql
│ ├── files
│ │ └── mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
│ ├── mysql_install.yml
│ ├── templates
│ │ ├── my.cnf.j2
│ │ └── mysqld.service.j2
│ └── vars
│ └── var.yml
├── webs
│ └── apache
│ ├── files
│ │ ├── apr-1.7.0.tar.gz
│ │ ├── apr-util-1.6.1.tar.gz
│ │ └── httpd-2.4.46.tar.bz2
│ ├── httpd_install.yml
│ ├── scripts
│ │ └── install.sh
│ ├── templates
│ │ ├── httpd.conf.j2
│ │ └── httpd.service.j2
│ └── vars
│ └── var.yml
└── yum
├── files
│ ├── Centos6-base.repo
│ ├── Centos7-base.repo
│ ├── Centos8-base.repo
│ ├── epel-6.repo
│ ├── epel-7.repo
│ └── epel-8.repo
└── main.yml
开始部署
给三台受控主机配置yum源
本次使用的是阿里云的网络源
//下载centos源
[root@ansible files]# wget https://mirrors.aliyun.com/repo/Centos-6.repo
[root@ansible files]# wget https://mirrors.aliyun.com/repo/Centos-7.repo
[root@ansible files]# wget https://mirrors.aliyun.com/repo/Centos-8.repo
//下载epel源
[root@ansible files]# wget epel-6.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@ansible files]# wget epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@ansible files]# wget epel-release-latest-8.noarch.rpm https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
//查看下载好的源
[root@ansible files]# ls
Centos-6.repo Centos-8.repo epel-7.repo
Centos-7.repo epel-6.repo epel-release-latest-8.noarch.rpm
//安装centos8的epel的rpm包
[root@ansible files]# rpm -ivh epel-release-latest-8.noarch.rpm
Verifying... ################################# [100%]
Preparing... ################################# [100%]
package epel-release-8-10.el8.noarch is already installed //因为本机是安装了centos8的epel源
//拷贝到当前目录
[root@ansible files]# cp /etc/yum.repos.d/epel.repo .
//删除centos8的epel源
[root@ansible files]# rm -f epel-release-latest-8.noarch.rpm
//改名为epel-8.repo
[root@ansible files]# mv epel.repo epel-8.repo
//查看下载好的源
[root@ansible files]# ls
Centos-6.repo Centos-7.repo Centos-8.repo epel-6.repo epel-7.repo epel-8.repo
配置centos源
//配置centos源
[root@ansible files]# sed -i 's|$releasever|6|' Centos-6.repo
[root@ansible files]# sed -i 's|$releasever|7|' Centos-7.repo
[root@ansible files]# sed -i 's|$releasever|8|' Centos-8.repo
[root@ansible files]# ls
Centos-6.repo Centos-7.repo Centos-8.repo epel-6.repo epel-7.repo epel-8.repo
[root@ansible files]# mv Centos-6.repo Centos6-base.repo
[root@ansible files]# mv Centos-7.repo Centos7-base.repo
[root@ansible files]# mv Centos-8.repo Centos8-base.repo
编写yum的playbook
[root@ansible modules]# vim yum/main.yml
---
- hosts: all
tasks:
- name: CentOS 7_base
yum_repository:
name: base
baseurl: https://mirrors.aliyun.com/centos/7/os/x86_64/
enabled: yes
gpgcheck: no
mode: 0644
file: base
description: base
state: present
when:
- ansible_facts["distribution"] == "CentOS"
- ansible_facts["distribution_major_version"] == "7"
- name: CentOS 7_epel
yum_repository:
name: epel
description: epel
file: epel
baseurl: https://mirrors.aliyun.com/epel/7/x86_64
gpgcheck: no
mode: 0644
state: present
when:
- ansible_facts["distribution"] == "CentOS"
- ansible_facts["distribution_major_version"] == "7"
- name: yum_RedHat 8 yum_CentOS 8
loop:
- AppStream
- BaseOS
yum_repository:
name: "{{ item }}"
description: "{{ item }}"
file: "{{ item }}"
baseurl: https://mirrors.aliyun.com/centos/8/{{ item }}/x86_64/os/
gpgcheck: no
mode: 0644
state: present
when: >
( ansible_facts["distribution"] == "RedHat" and
ansible_facts["distribution_major_version"] == "8" )
or
( ansible_facts["distribution"] == "CentOS" and
ansible_facts["distribution_major_version"] == "8" )
- name: epel_RedHat 8 epel_CentOS 8
yum_repository:
name: epel
description: epel
file: epel
baseurl: https://mirrors.aliyun.com/epel/8/Everything/x86_64/
gpgcheck: no
mode: 0644
state: present
when: >
( ansible_facts["distribution"] == "RedHat" and
ansible_facts["distribution_major_version"] == "8" )
or
( ansible_facts["distribution"] == "CentOS" and
ansible_facts["distribution_major_version"] == "8" )
- name: selinux
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=disabled
- name: set selinux
command: setenforce 0
安装apache
下载需要的软件包
//当前目录的位置
[root@ansible files]# pwd
/project/modules/webs/apache/files
//开始下载,可以使用wget下载,也可以使用xftp传进来
[root@ansible files]# wget https://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-1.7.0.tar.gz
[root@ansible files]# wget https://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-util-1.6.1.tar.gz
[root@ansible files]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.46.tar.bz2
//查看
[root@ansible files]# ls
apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.46.tar.bz2
配置变量的yml文件
//创建vars目录
[root@ansible apache]# mkdir vars
//编写var.yml
[root@ansible apache]# vim vars/var.yml
depend_pkg:
- "@Development Tools"
- openssl-devel
- pcre-devel
- expat-devel
- libxml2-devel
- libtool
- gcc
- gcc-c++
- bzip2
- make
编写安装脚本
//创建存放脚本的目录
[root@ansible apache]# mkdir scripts
//编写安装脚本的批处理
[root@ansible apache]# vim scripts/install.sh
#!/bin/bash
if [ ! -d /usr/local/apache ];then
rm -rf /usr/local/apr*
# uzip
cd /usr/src
tar xf apr-1.7.0.tar.gz
tar xf apr-util-1.6.1.tar.gz
tar xf httpd-2.4.46.tar.bz2
cd apr-1.7.0
sed -i '/$RM "$cfgfile"/d' configure
# install apr
./configure --prefix=/usr/local/apr && make && make install && \
cd ../apr-util-1.6.1
# install apr-util
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && \
make && make install && \
cd ../httpd-2.4.46
# install httpd
./configure --prefix=/usr/local/apache \
--sysconfdir=/etc/httpd24 \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork && \
make && make install
# echo path
echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/apache.sh
cd /usr/src
rm -rf apr-1.7.0 apr-util-1.6.1 httpd-2.4.46
fi
编辑httpd.service.j2模板文件
[root@ansible apache]# vim templates/httpd.service.j2
[Unit]
Description=Start httpd
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl
ExecReload=/usr/local/apache/bin/apachectl -s reload
ExecStop=/usr/local/apache/apachectl -s stop
[Install]
WantedBy=multi-user.target
编写apache的playbook
[root@ansible apache]# vim httpd_install.yml
---
- hosts: httpd
vars_files:
- vars/var.yml
tasks:
- name: install depend on apache
yum:
name: "{{ depend_pkg }}"
state: present
- name: create user apache
user:
name: apache
shell: /sbin/nologin
create_home: false
system: yes
state: present
- name: download packages
copy:
src: files/
dest: /usr/src
- name: install apache
script: scripts/install.sh
- name: start the service
template:
src: templates/httpd.service.j2
dest: /usr/lib/systemd/system/httpd.service
- name: reload daemon for httpd
shell: systemctl daemon-reload
编辑httpd.conf.j2模板文件
[root@ansible apache]# vim templates/httpd.conf.j2
//搜索AddType
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php //添加此行
AddType application/x-httpd-php-source .phps //添加此行
//搜索proxy.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so //取消注释
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so //取消注释
//搜索index.html
DirectoryIndex index.php index.html #添加index.php
//在最后一行加上如下配置
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/"
ServerName leidazhuang.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.110.40:9000/var/www/html/$1
<Directory "/usr/local/apache/htdocs/">
Options none
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
安装mysql
下载需要的包
//当前目录的位置
[root@ansible files]# pwd
/project/modules/databases/mysql/files
//下载包
[root@ansible files]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
//查看一下
[root@ansible files]# ls
mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
配置变量的yml文件
//创建vars目录
[root@ansible mysql]# mkdir vars
//编写var.yml文件
[root@ansible mysql]# vim vars/var.yml
basedir: /usr/local
datadir: /opt/data
depend_pkg:
- ncurses-compat-libs
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
- ncurses-compat-libs
编辑my.cnf.j2模板文件
[root@ansible mysql]# vim templates/my.cnf.j2
[mysqld]
basedir = {{ basedir }}/mysql
datadir = {{ datadir }}
socket = /tmp/mysql.sock
port = 3306
pid-file = {{ datadir }}/mysql.pid
user = mysql
skip-name-resolve
编辑mysqld.service.j2模板文件
[root@ansible mysql]# vim templates/mysqld.service.j2
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
Type=forking
PIDFile={{ datadir }}/mysqld.pid
TimeoutSec=0
PermissionsStartOnly=true
ExecStart={{ basedir }}/mysql/bin/mysqld --daemonize --pid-file={{ datadir }}/mysqld.pid $MYSQLD_OPTS
LimitNOFILE = 5000
Restart=on-failure
RestartPreventExitStatus=1
PrivateTmp=false
编写mysql的playbook
[root@ansible mysql]# vim mysql_install.yml
---
- hosts: mysql
vars_files:
- vars/var.yml
tasks:
- name: install depend on mysql
yum:
name: "{{ depend_pkg }}"
state: present
- name: create user mysql
user:
name: mysql
system: yes
create_home: false
shell: /sbin/nologin
state: present
- name: unzip package
unarchive:
src: files/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
dest: '{{ basedir }}/'
owner: mysql
group: mysql
- name: create soft link
file:
src: '{{ basedir }}/mysql-5.7.31-linux-glibc2.12-x86_64'
dest: '{{ basedir }}/mysql'
owner: mysql
group: mysql
state: link
- name: create datadir
file:
path: '{{ datadir }}'
owner: mysql
group: mysql
state: directory
- name: initialize mysql
shell: '{{ basedir }}/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir={{ datadir }}'
ignore_errors: yes
- name: config for mysql
template:
src: templates/my.cnf.j2
dest: /etc/my.cnf
- name: start the service
template:
src: templates/mysqld.service.j2
dest: /usr/lib/systemd/system/mysqld.service
- name: reload daemon for mysql
shell: systemctl daemon-reload
安装php
配置变量的配置文件
[root@ansible php]# vim vars/var.yml
packages:
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg
- libjpeg-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
- php-mysqlnd
- php-*
编写php的playbook
[root@ansible php]# vim php_install.yml
---
- hosts: php
vars_files:
- vars/var.yml
tasks:
- name: install package
dnf:
name: '{{ packages }}'
state: present
- name: set conf
lineinfile:
path: /etc/php-fpm.d/www.conf
regexp: '^listen = /run/php-fpm/www.sock'
line: 'listen = 0.0.0.0:9000'
state: present
注意:以上都是通用型配置,下面我们要单独部署lamp项目
部署lamp项目
编写lamp项目的架构和playbook
---
- name: yum part
import_playbook: ../modules/yum/main.yml
- name: httpd part
import_playbook: ../modules/webs/apache/httpd_install.yml
- name: mysql part
import_playbook: ../modules/databases/mysql/mysql_install.yml
- name: php part
import_playbook: ../modules/apps/php/php_install.yml
- hosts: httpd
vars_files:
- ../modules/webs/apache/vars/var.yml
tasks:
- name: httpd config file
template:
src: ../modules/webs/apache/templates/httpd.conf.j2
dest: /etc/httpd24/httpd.conf
- name: start httpd
service:
name: httpd
enabled: yes
state: started
- hosts: mysql
vars_files:
- ../modules/databases/mysql/vars/var.yml
tasks:
- name: start mysql
service:
name: mysqld
enabled: yes
state: started
- hosts: php
tasks:
- name: index.php
file:
path: /var/www/html/index.php
owner: apache
group: apache
state: touch
- name: test index
lineinfile:
path: /var/www/html/index.php
line: |
<?php
phpinfo();
?>
state: present
- name: allow access to IP
lineinfile:
path: /etc/php-fpm.d/www.conf
regexp: '^listen.allowed_clients = 127.0.0.1'
line: listen.allowed_clients = 192.168.110.20
- name: start php
service:
name: php-fpm
state: started
enabled: yes
运行lamp的剧本文件
[root@ansible project]# ansible-playbook lamp/lamp.yml
PLAY [all] *************************************************************************
TASK [Gathering Facts] *************************************************************
ok: [php]
ok: [httpd]
ok: [mysql]
TASK [CentOS 7_base] ***************************************************************
skipping: [httpd]
skipping: [mysql]
skipping: [php]
TASK [CentOS 7_epel] ***************************************************************
skipping: [httpd]
skipping: [mysql]
skipping: [php]
TASK [yum_RedHat 8 yum_CentOS 8] ***************************************************
changed: [mysql] => (item=AppStream)
changed: [httpd] => (item=AppStream)
changed: [php] => (item=AppStream)
changed: [mysql] => (item=BaseOS)
changed: [php] => (item=BaseOS)
changed: [httpd] => (item=BaseOS)
TASK [epel_RedHat 8 epel_CentOS 8] *************************************************
changed: [httpd]
changed: [php]
changed: [mysql]
TASK [stop firewalld] **************************************************************
changed: [php]
changed: [mysql]
changed: [httpd]
TASK [selinux] *********************************************************************
changed: [php]
changed: [mysql]
changed: [httpd]
TASK [set selinux] *****************************************************************
changed: [mysql]
changed: [httpd]
changed: [php]
PLAY [httpd] ***********************************************************************
TASK [Gathering Facts] *************************************************************
ok: [httpd]
TASK [install depend on apache] ****************************************************
changed: [httpd]
TASK [create user apache] **********************************************************
changed: [httpd]
TASK [download packages] ***********************************************************
changed: [httpd]
TASK [install apache] **************************************************************
changed: [httpd]
TASK [start the service] ***********************************************************
changed: [httpd]
TASK [reload daemon for httpd] *****************************************************
changed: [httpd]
PLAY [mysql] ***********************************************************************
TASK [Gathering Facts] *************************************************************
ok: [mysql]
TASK [install depend on mysql] *****************************************************
changed: [mysql]
TASK [create user mysql] ***********************************************************
changed: [mysql]
TASK [unzip package] ***************************************************************
changed: [mysql]
TASK [create soft link] ************************************************************
changed: [mysql]
TASK [create datadir] **************************************************************
changed: [mysql]
TASK [initialize mysql] ************************************************************
changed: [mysql]
TASK [config for mysql] ************************************************************
changed: [mysql]
TASK [start the service] ***********************************************************
changed: [mysql]
TASK [reload daemon for mysql] *****************************************************
changed: [mysql]
PLAY [php] *************************************************************************
TASK [Gathering Facts] *************************************************************
ok: [php]
TASK [install package] *************************************************************
changed: [php]
TASK [set conf] ********************************************************************
changed: [php]
PLAY [httpd] ***********************************************************************
TASK [Gathering Facts] *************************************************************
ok: [httpd]
TASK [httpd config file] ***********************************************************
changed: [httpd]
TASK [start httpd] *****************************************************************
changed: [httpd]
PLAY [mysql] ***********************************************************************
TASK [Gathering Facts] *************************************************************
ok: [mysql]
TASK [start mysql] *****************************************************************
changed: [mysql]
PLAY [php] *************************************************************************
TASK [Gathering Facts] *************************************************************
ok: [php]
TASK [index.php] *******************************************************************
changed: [php]
TASK [test index] ******************************************************************
changed: [php]
TASK [allow access to IP] **********************************************************
changed: [php]
TASK [start php] *******************************************************************
changed: [php]
PLAY RECAP *************************************************************************
httpd : ok=16 changed=13 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
mysql : ok=18 changed=15 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
php : ok=14 changed=11 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
在三台受控机上验证一下
httpd主机
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
mysql主机
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 80 *:3306 *:*
php主机
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*