24.第18章 运维自运化之ANSIBLE
一.ansible playbook
1.1利用 playbook 创建 mysql 用户
[root@centos8 ~]# vim /etc/ansible/hosts
[websrvs]
10.0.0.47
10.0.0.48
[dbsrvs]
10.0.0.57
10.0.0.58
:wq
[root@centos8 ansible]# vim ssh_key_push_centos.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2020-12-28
#FileName: ssh_key_push_centos.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2020 All rights reserved
#********************************************************************
export SSHPASS=123456
HOSTS="
10.0.0.47
10.0.0.48
10.0.0.57
10.0.0.58"
ssh-keygen -f /root/.ssh/id_rsa -P '' &> /dev/null
rpm -q sshpass &> /dev/null || yum -y install sshpass &> /dev/null
for i in $HOSTS;do
{
sshpass -e ssh-copy-id -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa.pub $i &> /dev/null
echo $i is finished
}&
done
wait
:wq
[root@centos8 ansible]# bash ssh_key_push_centos.sh
10.0.0.48 is finished
10.0.0.57 is finished
10.0.0.47 is finished
10.0.0.58 is finished
[root@centos8 ansible]# cat mysql_user.yml
---
- hosts: dbsrvs
remote_user: root
tasks:
- {name: create group, group: name=mysql system=yes gid=306}
- name: create user
user: name=mysql shell=/sbin/nologin system=yes group=mysql uid=306 home=/data/mysql create_home=no
:wq
[root@centos8 ansible]# ansible-playbook mysql_user.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [create group] **************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [create user] ***************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.58 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8 ansible]# ansible dbsrvs -m shell -a "getent passwd|grep mysql;id mysql"
10.0.0.57 | CHANGED | rc=0 >>
mysql:x:306:306::/data/mysql:/sbin/nologin
uid=306(mysql) gid=306(mysql) groups=306(mysql)
10.0.0.58 | CHANGED | rc=0 >>
mysql:x:306:306::/data/mysql:/sbin/nologin
uid=306(mysql) gid=306(mysql) groups=306(mysql)
1.2利用 playbook 安装 和卸载nginx
[root@centos8 ansible]# vim install_nginx.yml
---
# install nginx
- hosts: websrvs
remote_user: root
gather_facts: no
tasks:
- name: add group nginx
group: name=nginx state=present
- name: add user nginx
user: name=nginx state=present group=nginx
- name: Install Nginx
yum: name=nginx
- name: web page
copy: src=files/index.html dest=/usr/share/nginx/html/index.html
- name: Start Nginx
service: name=nginx state=started enabled=yes
:wq
[root@centos8 ansible]# mkdir files
[root@centos8 ansible]# echo "<h1>welcome to N50</h1>" > files/index.html
[root@centos8 ansible]# ansible-playbook install_nginx.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [add group nginx] ***********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [add user nginx] ************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [Install Nginx] *************************************************************************************************************
changed: [10.0.0.48]
changed: [10.0.0.47]
TASK [web page] ******************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [Start Nginx] ***************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=5 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.48 : ok=5 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8 ansible]# vim remove_nginx.yml
---
# remove nginx
- hosts: websrvs
remote_user: root
gather_facts: no
tasks:
- name: Stop Nginx
service: name=nginx state=stopped
- name: remove Nginx
yum: name=nginx state=absent
- name: remove user nginx
user: name=nginx state=absent
- name: remove group nginx
group: name=nginx state=absent
- name: web page
file: path=/usr/share/nginx/ state=absent
:wq
[root@centos8 ansible]# ansible-playbook remove_nginx.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Stop Nginx] ****************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove Nginx] **************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove user nginx] *********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove group nginx] ********************************************************************************************************
ok: [10.0.0.47]
ok: [10.0.0.48]
TASK [web page] ******************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.48 : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
1.3利用 playbook 安装和卸载 httpd
[root@centos8 ansible]# vim install_httpd.yml
---
#install httpd
- hosts: websrvs
remote_user: root
gather_facts: no
tasks:
- name: Install httpd
yum: name=httpd state=present
- name: Install configure file
copy: src=files/httpd.conf dest=/etc/httpd/conf/
- name: modify config
lineinfile: path=/etc/httpd/conf/httpd.conf regexp='^Listen' line='Listen 8080'
- name: modify config data
lineinfile: path=/etc/httpd/conf/httpd.conf regexp='^DocumentRoot \"/var/www/html\"' line='DocumentRoot \"/data/html/\"'
- name: modify config data2
lineinfile: path=/etc/httpd/conf/httpd.conf regexp='^<Directory \"/var/www\">' line='<Directory \"/data/\">'
- name: mkdir website dir
file: path=/data/html state=directory
- name: web html
copy: src=files/index.html dest=/data/html/
- name: start service
service: name=httpd state=started enabled=yes
:wq
[root@centos8 ansible]# ls files/
httpd.conf index.html
[root@centos8 ansible]# ansible-playbook install_httpd.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Install httpd] *************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [Install configure file] ****************************************************************************************************
ok: [10.0.0.47]
changed: [10.0.0.48]
TASK [modify config] *************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [modify config data] ********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [modify config data2] *******************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [mkdir website dir] *********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [web html] ******************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [start service] *************************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=8 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.48 : ok=8 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8 ansible]# vim remove_httpd.yml
#remove_httpd.yml
---
- hosts: websrvs
remote_user: root
gather_facts: no
tasks:
- name: remove httpd package
yum: name=httpd state=absent
- name: remove apache user
user: name=apache state=absent
- name: remove config file
file: name=/etc/httpd state=absent
- name: remove web html
file: name=/data/html/ state=absent
:wq
[root@centos8 ansible]# ansible-playbook remove_httpd.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [remove httpd package] ******************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove apache user] ********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove config file] ********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [remove web html] ***********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=4 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.48 : ok=4 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
1.4利用 playbook 安装 mysql
#playbook 安装 mysql 5.6.51
[root@centos8 ansible]# ls files/mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz
files/mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz
[root@centos8 ansible]# vim /data/ansible/files/secure_mysql.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-01-27
#FileName: /data/ansible/files/secure_mysql.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
/usr/local/mysql/bin/mysql_secure_installation <<EOF
y
123456
123456
y
y
y
y
EOF
:wq
[root@centos8 ansible]# vim /data/ansible/files/my.cnf
[mysqld]
socket=/tmp/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
log-bin
pid-file=/data/mysql/mysqld.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
log-error=/var/log/mysqld.log
:wq
[root@centos8 ansible]# vim vars.yml
---
# variables file
mysql_version: 5.6.51
:wq
[root@centos8 ansible]# vim /data/ansible/install_mysql.yml
---
# install mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz
- hosts: dbsrvs
remote_user: root
gather_facts: yes
vars_files:
- vars.yml
tasks:
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
- name: create mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
- name: copy tar to remote host and file mode
unarchive: src=/data/ansible/files/mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: data dir
shell: chdir=/usr/local/mysql/ ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
tags: data
- name: config my.cnf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
tags: service
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
- name: secure script
script: /data/ansible/files/secure_mysql.sh
tags: script
:wq
[root@centos8 ansible]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz
│ └── secure_mysql.sh
├── install_mysql.yml
└── vars.yml
1 directory, 5 files
[root@centos8 ansible]# ansible-playbook install_mysql.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [install packages centos7] **************************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [install packages centos8] **************************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [create mysql group] ********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [create mysql user] *********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [copy tar to remote host and file mode] *************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [create linkfile /usr/local/mysql] ******************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [data dir] ******************************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [config my.cnf] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [service script] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [enable service] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [secure script] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos7-5 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
[root@centos8-5 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 80 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
[root@centos7-5 ~]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.6.51-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 14.14 Distrib 5.6.51, for linux-glibc2.12 (x86_64) using EditLine wrapper
Connection id: 13
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.6.51-log MySQL Community Server (GPL)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /tmp/mysql.sock
Uptime: 3 min 20 sec
Threads: 1 Questions: 42 Slow queries: 0 Opens: 79 Flush tables: 2 Open tables: 9 Queries per second avg: 0.210
--------------
mysql> exit
Bye
#playbook 安装 mysql 5.7.33
[root@centos8 ansible]# mkdir files
[root@centos8 ansible]# ls files/
mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz
[root@centos8 ansible]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 ansible]# vim vars.yml
---
# variables file
mysql_version: 5.7.33
:wq
[root@centos8 ansible]# vim files/set_pass.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-01-28
#FileName: set_pass.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
MYSQL_ROOT_PASSWORD=123456
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
:wq
[root@centos8 ansible]# vim install_mysql5.7.yml
---
# install mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz
- hosts: dbsrvs
remote_user: root
gather_facts: yes
vars_files:
- vars.yml
tasks:
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
- name: cteate mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
- name: copy tar to remote host and file mode
unarchive: src=/data/ansible/files/mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
- name: PATH variable entry
shell: . /etc/profile.d/mysql.sh
- name: config my.cnf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
- name: data dir
shell: chdir=/usr/local/mysql ./bin/mysqld --initialize --user=mysql --datadir=/data/mysql
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
tags: service
- name: set mysql user password
script: /data/ansible/files/set_pass.sh
tags: script
:wq
[root@centos8 ansible]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz
│ └── set_pass.sh
├── install_mysql5.7.yml
└── vars.yml
1 directory, 5 files
[root@centos8 ansible]# ansible-playbook install_mysql5.7.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.58]
ok: [10.0.0.57]
TASK [install packages centos7] **************************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [install packages centos8] **************************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [cteate mysql group] ********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [create mysql user] *********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [copy tar to remote host and file mode] *************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [create linkfile /usr/local/mysql] ******************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable entry] *******************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [config my.cnf] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [data dir] ******************************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [service script] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [enable service] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [set mysql user password] ***************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos7-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.33-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
#playbook 安装 mysql 8.0.23
[root@centos8 ansible]# ls files/mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
files/mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
[root@centos8 ansible]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 ansible]# vim files/set_pass.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-01-28
#FileName: set_pass.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
MYSQL_ROOT_PASSWORD=123456
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
:wq
[root@centos8 ansible]# vim vars.yml
---
# variables file
mysql_version: 8.0.23
:wq
[root@centos8 ansible]# vim install_mysql8.0.yml
---
# install mysql-8.0.23-linux-glibc2.12-x86_64.tar.gz
- hosts: dbsrvs
remote_user: root
gather_facts: yes
vars_files:
- vars.yml
tasks:
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
- name: cteate mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
- name: copy tar to remote host and file mode
unarchive: src=/data/ansible/files/mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.xz dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
- name: PATH variable entry
shell: . /etc/profile.d/mysql.sh
- name: config my.cnf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
- name: data dir
shell: chdir=/usr/local/mysql ./bin/mysqld --initialize --user=mysql --datadir=/data/mysql
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
tags: service
- name: set mysql user password
script: /data/ansible/files/set_pass.sh
tags: script
:wq
[root@centos8 ansible]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
│ └── set_pass.sh
├── install_mysql8.0.yml
└── vars.yml
1 directory, 5 files
[root@centos8 ansible]# ansible-playbook install_mysql8.0.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [install packages centos7] **************************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [install packages centos8] **************************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [cteate mysql group] ********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [create mysql user] *********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [copy tar to remote host and file mode] *************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [create linkfile /usr/local/mysql] ******************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable entry] *******************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [config my.cnf] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [data dir] ******************************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [service script] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [enable service] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [set mysql user password] ***************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.23 MySQL Community Server - GPL
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 8.0.23 for Linux on x86_64 (MySQL Community Server - GPL)
Connection id: 9
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 8.0.23 MySQL Community Server - GPL
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8mb4
Conn. characterset: utf8mb4
UNIX socket: /data/mysql/mysql.sock
Binary data as: Hexadecimal
Uptime: 39 sec
Threads: 2 Questions: 9 Slow queries: 0 Opens: 130 Flush tables: 4 Open tables: 10 Queries per second avg: 0.230
--------------
mysql> exit
Bye
#playbook 安装 mariadb-10.2.36
[root@centos8 ansible]# ls files/mariadb-10.2.36-linux-x86_64.tar.gz
files/mariadb-10.2.36-linux-x86_64.tar.gz
[root@centos8 ansible]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 ansible]# vim vars.yml
---
# variables file
mysql_version: 10.2.36
:wq
[root@centos8 ansible]# vim install_mariadb.yml
---
#Installing MariaDB Binary Tarballs
- hosts: dbsrvs
remote_user: root
gather_facts: yes
vars_files:
- vars.yml
tasks:
- name: install packages centos7
yum: name=libaio
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
- name: create group
group: name=mysql gid=27 system=yes
- name: create user
user: name=mysql uid=27 system=yes group=mysql shell=/sbin/nologin home=/data/mysql create_home=no
- name: mkdir datadir
file: path=/data/mysql owner=mysql group=mysql state=directory
- name: unarchive package
unarchive: src=/data/ansible/files/mariadb-{{mysql_version}}-linux-x86_64.tar.gz dest=/usr/local/ owner=root group=root
- name: link
file: src=/usr/local/mariadb-{{mysql_version}}-linux-x86_64 path=/usr/local/mysql state=link
- name: install database
shell: chdir=/usr/local/mysql ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
- name: config file
copy: src=/data/ansible/files/my.cnf dest=/etc/ backup=yes
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: start service
service: name=mysqld state=started enabled=yes
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
:wq
[root@centos8 ansible]# tree
.
├── files
│ ├── mariadb-10.2.36-linux-x86_64.tar.gz
│ └── my.cnf
├── install_mariadb.yml
└── vars.yml
1 directory, 4 files
[root@centos8 ansible]# ansible-playbook install_mariadb.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.58]
ok: [10.0.0.57]
TASK [install packages centos7] **************************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [install packages centos8] **************************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [create group] **************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [create user] ***************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mkdir datadir] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [unarchive package] *********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [link] **********************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [install database] **********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [config file] ***************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [service script] ************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [start service] *************************************************************************************************************
[WARNING]: The service (mysqld) is actually an init script but the system is managed by systemd
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [PATH variable] *************************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.36-MariaDB-log MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> status
--------------
mysql Ver 15.1 Distrib 10.2.36-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 10
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.2.36-MariaDB-log MariaDB Server
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 29 sec
Threads: 8 Questions: 5 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.172
--------------
MariaDB [(none)]> exit
Bye
1.5 利用 playbook 安装docker
#ubuntu
[root@centos8 ansible]# vim /etc/ansible/hosts
[ubuntu]
10.0.0.100
10.0.0.200
:wq
[root@centos8 ansible]# vim vars.yml
docker_ce_gpg_key: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg
docker_ce_gpg_url: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu
docker_version: 5:19.03.15~3-0~ubuntu-
:wq
[root@centos8 ansible]# vim files/daemon.json
{
"registry-mirrors": ["https://hzw5xiv7.mirror.aliyuncs.com"]
}
:wq
[root@centos8 ansible]# vim install_docker.yml
---
#install docker
- hosts: ubuntu
remote_user: root
vars_files:
- vars.yml
tasks:
- name: install packages
apt: name=apt-transport-https,ca-certificates,curl,software-properties-common state=present update_cache=yes cache_valid_time=3600
- name: import key
shell: curl -fsSL {{docker_ce_gpg_key}} | sudo apt-key add -
- name: import installation source
shell: add-apt-repository "deb [arch=amd64] {{docker_ce_gpg_url}} {{ansible_facts['distribution_release']}} stable"
- name: apt update
apt: update_cache=yes cache_valid_time=3600
- name: install docker
apt: name=docker-ce={{docker_version}}{{ansible_facts['distribution_release']}},docker-ce-cli={{docker_version}}{{ansible_facts['distribution_release']}}
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: aliyun_jxjsq
copy: src=/data/ansible/files/daemon.json dest=/etc/docker/
- name: start docker
systemd: name=docker state=started enabled=yes daemon_reload=yes
:wq
[root@centos8 ansible]# ansible-playbook install_docker.yml
PLAY [ubuntu] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [install packages] *******************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import key] *************************************************************************************************************
[WARNING]: Consider using the get_url or uri module rather than running 'curl'. If you need to use command because get_url or
uri is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [import installation source] *********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [apt update] *************************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [install docker] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [mkdir /etc/docker] ******************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [aliyun_jxjsq] ***********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [start docker] ***********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
PLAY RECAP ********************************************************************************************************************
10.0.0.100 : ok=9 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.200 : ok=9 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8 ansible]# ansible ubuntu -a "docker version"
10.0.0.200 | CHANGED | rc=0 >>
Client: Docker Engine - Community
Version: 19.03.15
API version: 1.40
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:17:01 2021
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.15
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:15:30 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.18.0
GitCommit: fec3683
10.0.0.100 | CHANGED | rc=0 >>
Client: Docker Engine - Community
Version: 19.03.15
API version: 1.40
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:16:51 2021
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.15
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:15:20 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.18.0
GitCommit: fec3683
#centos
[root@centos8 ansible]# vim /etc/ansible/hosts
[centos]
10.0.0.27
10.0.0.28
:wq
[root@centos8 ansible]# vim vars.yml
docker_version: 19.03.15-3.el
docker_repo_mirrors: mirrors.tuna.tsinghua.edu.cn
:wq
[root@centos8 ansible]# mkdir templates
[root@centos8 ansible]# vim templates/docker.repo.j2
[docker]
name=docker
baseurl=https://{{docker_repo_mirrors}}/docker-ce/linux/centos/{{ansible_facts['distribution_major_version']}}/x86_64/stable/
gpgcheck=0
:wq
[root@centos8 ansible]# vim files/daemon.json
{
"registry-mirrors": ["https://hzw5xiv7.mirror.aliyuncs.com"]
}
:wq
[root@centos8 ansible]# vim install_docker.yml
---
- hosts: centos
remote_user: root
vars_files:
- vars.yml
tasks:
- name: copy docker.repo for centos
template: src=docker.repo.j2 dest=/etc/yum.repos.d/docker.repo
- name: install docker
yum: name=docker-ce-{{docker_version}}{{ansible_facts['distribution_major_version']}},docker-ce-cli-{{docker_version}}{{ansible_facts['distribution_major_version']}}
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: aliyun_jxjsq
copy: src=/data/ansible/files/daemon.json dest=/etc/docker/
- name: start docker
systemd: name=docker state=started enabled=yes daemon_reload=yes
:wq
[root@centos8 ansible]# ansible-playbook install_docker.yml
PLAY [centos] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.27]
ok: [10.0.0.28]
TASK [copy docker.repo for centos] *******************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.28]
TASK [install docker] *********************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.28]
TASK [mkdir /etc/docker] ******************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.28]
TASK [aliyun_jxjsq] ***********************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.28]
TASK [start docker] ***********************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.28]
PLAY RECAP ********************************************************************************************************************
10.0.0.27 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.28 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8 ansible]# ansible centos -a "docker version"
10.0.0.27 | CHANGED | rc=0 >>
Client: Docker Engine - Community
Version: 19.03.15
API version: 1.40
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:17:57 2021
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.15
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:16:33 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.18.0
GitCommit: fec3683
10.0.0.28 | CHANGED | rc=0 >>
Client: Docker Engine - Community
Version: 19.03.15
API version: 1.40
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:16:44 2021
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.15
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 99e3ed8919
Built: Sat Jan 30 03:15:19 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.18.0
GitCommit: fec3683
1.6 利用 playbook 安装docker、compose、harbor
#harbor 1.7.6
[root@centos8 ansible]# vim vars.yml
docker_ce_gpg_key: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg
docker_ce_gpg_url: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu
docker_version: 5:19.03.15~3-0~ubuntu-
docker_compose_version: 1.27.4
harbor_version: 1.7.6
:wq
[root@centos8 ansible]# vim files/daemon.json
{
"registry-mirrors": ["https://hzw5xiv7.mirror.aliyuncs.com"]
}
:wq
[root@centos8 ansible]# vim files/harbor.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-02-09
#FileName: harbor.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
IPADDR=`hostname -I|awk '{print $1}'`
HARBOR_ADMIN_PASSWORD=123456
sed -i.bak -e 's/^hostname =.*/hostname = '''$IPADDR'''/' -e 's/^harbor_admin_password =.*/harbor_admin_password = '''$HARBOR_A
DMIN_PASSWORD'''/' /apps/harbor/harbor.cfg
:wq
[root@centos8 files]# vim files/harbor.service
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml up
ExecStop=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target
:wq
[root@centos8 ansible]# ls files
daemon.json docker-compose-Linux-x86_64-1.27.4 harbor-offline-installer-v1.7.6.tgz harbor.service harbor.sh
[root@centos8 ansible]# vim install_docker_compose_harbor.yml
---
#install docker compose harbor
- hosts: ubuntu
remote_user: root
vars_files:
- vars.yml
tasks:
- name: install packages
apt: name=apt-transport-https,ca-certificates,curl,software-properties-common state=present update_cache=yes cache_valid_time=3600
- name: import key
shell: curl -fsSL {{docker_ce_gpg_key}} | sudo apt-key add -
- name: import installation source
shell: add-apt-repository "deb [arch=amd64] {{docker_ce_gpg_url}} {{ansible_facts['distribution_release']}} stable"
- name: apt update
apt: update_cache=yes cache_valid_time=3600
- name: install docker
apt: name=docker-ce={{docker_version}}{{ansible_facts['distribution_release']}},docker-ce-cli={{docker_version}}{{ansible_facts['distribution_release']}}
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: aliyun_jxjsq
copy: src=/data/ansible/files/daemon.json dest=/etc/docker/
- name: start docker
systemd: name=docker state=started enabled=yes daemon_reload=yes
- name: install compose
copy: src=/data/ansible/files/docker-compose-Linux-x86_64-{{docker_compose_version}} dest=/usr/bin/docker-compose mode=755
- name: mkdir /apps
file: path=/apps state=directory
- name: unarchive harbor package
unarchive: src=/data/ansible/files/harbor-offline-installer-v{{harbor_version}}.tgz dest=/apps/
- name: set harbor.cfg
script: /data/ansible/files/harbor.sh
- name: install python
apt: name=python
- name: install harbor
shell: /apps/harbor/install.sh
- name: copy harbor.service
copy: src=/data/ansible/files/harbor.service dest=/lib/systemd/system/
- name: service enable
shell: name=harbor state=started enabled=yes daemon_reload=yes
:wq
[root@centos8 ansible]# ansible-playbook install_docker_compose_harbor.yml
PLAY [ubuntu] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install packages] *******************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import key] *************************************************************************************************************
[WARNING]: Consider using the get_url or uri module rather than running 'curl'. If you need to use command because get_url or
uri is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [import installation source] *********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [apt update] *************************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [install docker] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [mkdir /etc/docker] ******************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [aliyun_jxjsq] ***********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [start docker] ***********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install compose] ********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [mkdir /apps] ************************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [unarchive harbor package] **********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [set harbor.cfg] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [install python] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [install harbor] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [copy harbor.service] ****************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [service enable] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
PLAY RECAP ********************************************************************************************************************
10.0.0.100 : ok=17 changed=13 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.200 : ok=17 changed=13 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#harbor 1.10.4
[root@centos8 ansible]# vim vars.yml
docker_ce_gpg_key: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg
docker_ce_gpg_url: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu
docker_version: 5:19.03.15~3-0~ubuntu-
docker_compose_version: 1.27.4
harbor_version: 1.10.4
:wq
[root@centos8 ansible]# vim files/daemon.json
{
"registry-mirrors": ["https://hzw5xiv7.mirror.aliyuncs.com"]
}
:wq
[root@centos8 ansible]# vim files/harbor.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-02-09
#FileName: harbor.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
IPADDR=`hostname -I|awk '{print $1}'`
HARBOR_ADMIN_PASSWORD=123456
sed -i.bak -e 's/^hostname: .*/hostname: '''$IPADDR'''/' -e 's/^harbor_admin_password: .*/harbor_admin_password: '''$HARBOR_ADMIN_PASSWORD'''/' -e 's/^https:/#https:/' -e 's/ port: 443/ #port: 443/' -e 's@ certificate: /your/certificate/path@ #certificate: /your/certificate/path@' -e 's@ private_key: /your/private/key/path@ #private_key: /your/private/key/path@' /apps/harbor/harbor.yml
:wq
[root@centos8 ansible]# vim files/harbor.service
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml up
ExecStop=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target
:wq
[root@centos8 ansible]# ls files/
daemon.json docker-compose-Linux-x86_64-1.27.4 harbor-offline-installer-v1.10.4.tgz harbor.service harbor.sh
[root@centos8 ansible]# vim install_docker_compose_harbor.yml
---
#install docker compose harbor
- hosts: ubuntu
remote_user: root
vars_files:
- vars.yml
tasks:
- name: install packages
apt: name=apt-transport-https,ca-certificates,curl,software-properties-common state=present update_cache=yes cache_valid_time=3600
- name: import key
shell: curl -fsSL {{docker_ce_gpg_key}} | sudo apt-key add -
- name: import installation source
shell: add-apt-repository "deb [arch=amd64] {{docker_ce_gpg_url}} {{ansible_facts['distribution_release']}} stable"
- name: apt update
apt: update_cache=yes cache_valid_time=3600
- name: install docker
apt: name=docker-ce={{docker_version}}{{ansible_facts['distribution_release']}},docker-ce-cli={{docker_version}}{{ansible_facts['distribution_release']}}
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: aliyun_jxjsq
copy: src=/data/ansible/files/daemon.json dest=/etc/docker/
- name: start docker
systemd: name=docker state=started enabled=yes daemon_reload=yes
- name: install compose
copy: src=/data/ansible/files/docker-compose-Linux-x86_64-{{docker_compose_version}} dest=/usr/bin/docker-compose mode=755
- name: mkdir /apps
file: path=/apps state=directory
- name: unarchive harbor package
unarchive: src=/data/ansible/files/harbor-offline-installer-v{{harbor_version}}.tgz dest=/apps/
- name: set harbor.yml
script: /data/ansible/files/harbor.sh
- name: install python
apt: name=python
- name: install harbor
shell: /apps/harbor/install.sh
- name: copy harbor.service
copy: src=/data/ansible/files/harbor.service dest=/lib/systemd/system/
- name: service enable
shell: name=harbor state=started enabled=yes daemon_reload=yes
:wq
[root@centos8 ansible]# ansible-playbook install_docker_compose_harbor.yml
PLAY [ubuntu] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install packages] *******************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import key] *************************************************************************************************************
[WARNING]: Consider using the get_url or uri module rather than running 'curl'. If you need to use command because get_url or
uri is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import installation source] *********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [apt update] *************************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [install docker] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [mkdir /etc/docker] ******************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [aliyun_jxjsq] ***********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [start docker] ***********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install compose] ********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [mkdir /apps] ************************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [unarchive harbor package] **********************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [set harbor.yml] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [install python] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [install harbor] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [copy harbor.service] ****************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [service enable] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
PLAY RECAP ********************************************************************************************************************
10.0.0.100 : ok=17 changed=13 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.200 : ok=17 changed=13 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#harbor 2.0.4
[root@centos8 ansible]# vim vars.yml
docker_ce_gpg_key: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg
docker_ce_gpg_url: https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu
docker_version: 5:19.03.15~3-0~ubuntu-
docker_compose_version: 1.27.4
harbor_version: 2.0.4
:wq
[root@centos8 ansible]# vim files/daemon.json
{
"registry-mirrors": ["https://hzw5xiv7.mirror.aliyuncs.com"]
}
:wq
[root@centos8 ansible]# vim files/harbor.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-02-09
#FileName: harbor.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
IPADDR=`hostname -I|awk '{print $1}'`
HARBOR_ADMIN_PASSWORD=123456
sed -i.bak -e 's/^hostname: .*/hostname: '''$IPADDR'''/' -e 's/^harbor_admin_password: .*/harbor_admin_password: '''$HARBOR_ADMIN_PASSWORD'''/' -e 's/^https:/#https:/' -e 's/ port: 443/ #port: 443/' -e 's@ certificate: /your/certificate/path@ #certificate: /your/certificate/path@' -e 's@ private_key: /your/private/key/path@ #private_key: /your/private/key/path@' /apps/harbor/harbor.yml
:wq
[root@centos8 ansible]# vim files/harbor.service
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml up
ExecStop=/usr/bin/docker-compose -f /apps/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target
:wq
[root@centos8 ansible]# ls files/
daemon.json docker-compose-Linux-x86_64-1.27.4 harbor-offline-installer-v2.0.4.tgz harbor.service harbor.sh
[root@centos8 ansible]# vim install_docker_compose_harbor.yml
---
#install docker compose harbor
---
#install docker compose harbor
- hosts: ubuntu
remote_user: root
vars_files:
- vars.yml
tasks:
- name: install packages
apt: name=apt-transport-https,ca-certificates,curl,software-properties-common state=present update_cache=yes cache_valid_time=3600
- name: import key
shell: curl -fsSL {{docker_ce_gpg_key}} | sudo apt-key add -
- name: import installation source
shell: add-apt-repository "deb [arch=amd64] {{docker_ce_gpg_url}} {{ansible_facts['distribution_release']}} stable"
- name: apt update
apt: update_cache=yes cache_valid_time=3600
- name: install docker
apt: name=docker-ce={{docker_version}}{{ansible_facts['distribution_release']}},docker-ce-cli={{docker_version}}{{ansible_facts['distribution_release']}}
- name: mkdir /etc/docker
file: path=/etc/docker state=directory
- name: aliyun_jxjsq
copy: src=/data/ansible/files/daemon.json dest=/etc/docker/
- name: start docker
systemd: name=docker state=started enabled=yes daemon_reload=yes
- name: install compose
copy: src=/data/ansible/files/docker-compose-Linux-x86_64-{{docker_compose_version}} dest=/usr/bin/docker-compose mode=755
- name: mkdir /apps
file: path=/apps state=directory
- name: unarchive harbor package
unarchive: src=/data/ansible/files/harbor-offline-installer-v{{harbor_version}}.tgz dest=/apps/
- name: rename harbor.yml
shell: removes=/apps/harbor/harbor.yml.tmpl mv /apps/harbor/harbor.yml.tmpl /apps/harbor/harbor.yml
- name: set harbor.yml
script: /data/ansible/files/harbor.sh
- name: install python
apt: name=python
- name: install harbor
shell: /apps/harbor/install.sh
- name: copy harbor.service
copy: src=/data/ansible/files/harbor.service dest=/lib/systemd/system/
- name: service enable
shell: name=harbor state=started enabled=yes daemon_reload=yes
:wq
[root@centos8 ansible]# ansible-playbook install_docker_compose_harbor.yml
PLAY [ubuntu] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install packages] *******************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import key] *************************************************************************************************************
[WARNING]: Consider using the get_url or uri module rather than running 'curl'. If you need to use command because get_url or
uri is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [import installation source] *********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [apt update] *************************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [install docker] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [mkdir /etc/docker] ******************************************************************************************************
ok: [10.0.0.200]
ok: [10.0.0.100]
TASK [aliyun_jxjsq] ***********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [start docker] ***********************************************************************************************************
ok: [10.0.0.100]
ok: [10.0.0.200]
TASK [install compose] ********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [mkdir /apps] ************************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [unarchive harbor package] **********************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [rename harbor.yml] ******************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [set harbor.yml] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [install python] *********************************************************************************************************
changed: [10.0.0.100]
changed: [10.0.0.200]
TASK [install harbor] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [copy harbor.service] ****************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
TASK [service enable] *********************************************************************************************************
changed: [10.0.0.200]
changed: [10.0.0.100]
PLAY RECAP ********************************************************************************************************************
10.0.0.100 : ok=18 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.200 : ok=18 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
二.ansible roles角色
2.1实现 httpd 角色
#创建角色相关的目录
[root@centos8 ~]# cd /data/ansible/
[root@centos8 ansible]# mkdir -pv /data/ansible/roles/httpd/{tasks,handlers,files}
mkdir: created directory '/data/ansible/roles'
mkdir: created directory '/data/ansible/roles/httpd'
mkdir: created directory '/data/ansible/roles/httpd/tasks'
mkdir: created directory '/data/ansible/roles/httpd/handlers'
mkdir: created directory '/data/ansible/roles/httpd/files'
#创建角色相关的文件
[root@centos8 ansible]# cd /data/ansible/roles/httpd/
#main.yml 是task的入口文件
[root@centos8 httpd]# vim tasks/main.yml
- include: group.yml
- include: user.yml
- include: install.yml
- include: config.yml
- include: index.yml
- include: service.yml
:wq
[root@centos8 httpd]# vim tasks/group.yml
- name: create apache group
group: name=apache system=yes gid=80
:wq
[root@centos8 httpd]# vim tasks/user.yml
- name: create apache user
user: name=apache system=yes shell=/sbin/nologin home=/var/www/ uid=80 group=apache
:wq
[root@centos8 httpd]# vim tasks/install.yml
- name: install httpd package
yum: name=httpd
:wq
[root@centos8 httpd]# vim tasks/config.yml
- name: config file
copy: src=httpd.conf dest=/etc/httpd/httpd.conf backup=yes
notify: restart
:wq
[root@centos8 httpd]# vim tasks/index.yml
- name: index.html
copy: src=index.html dest=/var/www/html/
:wq
[root@centos8 httpd]# vim tasks/service.yml
- name: start service
service: name=httpd state=started enabled=yes
:wq
[root@centos8 httpd]# vim handlers/main.yml
- name: restart
service: name=httpd state=restarted
:wq
#在files目录下准备两个文件
[root@centos8 httpd]# echo "<h1>welcome to neteagles</h1>" > files/index.html
[root@centos8 httpd]# ls files/
httpd.conf index.html
[root@centos8 httpd]# tree
.
├── files
│ ├── httpd.conf
│ └── index.html
├── handlers
│ └── main.yml
└── tasks
├── config.yml
├── group.yml
├── index.yml
├── install.yml
├── main.yml
├── service.yml
└── user.yml
3 directories, 10 files
#在playbook中调用角色
[root@centos8 httpd]# cd ../../
[root@centos8 ansible]# vim role_httpd.yml
---
# httpd role
- hosts: websrvs
remote_user: root
roles:
- httpd
:wq
[root@centos8 ansible]# ansible-playbook role_httpd.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.47]
ok: [10.0.0.48]
TASK [httpd : create apache group] ***********************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [httpd : create apache user] ************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [install httpd package] *****************************************************************************************************
changed: [10.0.0.48]
changed: [10.0.0.47]
TASK [httpd : config file] *******************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [httpd : index.html] ********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [httpd : start service] *****************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
RUNNING HANDLER [httpd : restart] ************************************************************************************************
changed: [10.0.0.48]
changed: [10.0.0.47]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=8 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.48 : ok=8 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2.2实现 nginx 角色
[root@centos8 ansible]# mkdir -pv /data/ansible/roles/nginx/{tasks,handlers,templates,vars}
mkdir: created directory '/data/ansible/roles/nginx'
mkdir: created directory '/data/ansible/roles/nginx/tasks'
mkdir: created directory '/data/ansible/roles/nginx/handlers'
mkdir: created directory '/data/ansible/roles/nginx/templates'
mkdir: created directory '/data/ansible/roles/nginx/vars'
#创建task文件
[root@centos8 ansible]# cd roles/nginx/
[root@centos8 nginx]# vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: index.yml
- include: service.yml
:wq
[root@centos8 nginx]# vim tasks/install.yml
- name: install
yum: name=nginx
:wq
[root@centos8 nginx]# vim tasks/config.yml
- name: config file for centos7
template: src=nginx7.conf.j2 dest=/etc/nginx/nginx.conf
when: ansible_distribution_major_version=="7"
notify: restart
- name: config file for centos8
template: src=nginx8.conf.j2 dest=/etc/nginx/nginx.conf
when: ansible_distribution_major_version=="8"
notify: restart
:wq
[root@centos8 nginx]# vim tasks/index.yml
- name: index.html
copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/
:wq
[root@centos8 nginx]# vim tasks/service.yml
- name: start service
service: name=nginx state=started enabled=yes
:wq
#创建handler文件
[root@centos8 nginx]# vim handlers/main.yml
- name: restart
service: name=nginx state=restarted
:wq
#创建两个template文件
[root@centos8 nginx]# vim templates/nginx7.conf.j2
...
user {{user}}; #修改此行
worker_processes {{ansible_processor_vcpus+3}}; #修改此行
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
listen {{ports}} default_server; #修改此行
...
:wq
[root@centos8 nginx]# vim templates/nginx8.conf.j2
...
user {{user}}; #修改此行
worker_processes {{ansible_processor_vcpus**3}}; #修改此行
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
listen {{ports}} default_server; #修改此行
...
:wq
[root@centos8 nginx]# vim vars/main.yml
user: daemon
ports: 80
:wq
#目录结构如下
[root@centos8 nginx]# tree
.
├── handlers
│ └── main.yml
├── tasks
│ ├── config.yml
│ ├── index.yml
│ ├── install.yml
│ ├── main.yml
│ └── service.yml
├── templates
│ ├── nginx7.conf.j2
│ └── nginx8.conf.j2
└── vars
└── main.yml
4 directories, 9 files
#在playbook中调用角色
[root@centos8 nginx]# cd ../../
[root@centos8 ansible]# vim role_nginx.yml
---
- hosts: websrvs
roles:
- role: nginx
:wq
#运行playbook
[root@centos8 ansible]# ansible-playbook role_nginx.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.48]
ok: [10.0.0.47]
TASK [nginx : install] ***********************************************************************************************************
changed: [10.0.0.48]
changed: [10.0.0.47]
TASK [nginx : config file for centos7] *******************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [nginx : config file for centos8] *******************************************************************************************
skipping: [10.0.0.47]
changed: [10.0.0.48]
TASK [nginx : index.html] ********************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
TASK [nginx : start service] *****************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
RUNNING HANDLER [nginx : restart] ************************************************************************************************
changed: [10.0.0.47]
changed: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=6 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.48 : ok=6 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-5 ~]# ps aux |grep nginx
root 11437 0.0 0.2 119160 2172 ? Ss 16:56 0:00 nginx: master process /usr/sbin/nginx
daemon 11438 0.0 1.0 151808 8172 ? S 16:56 0:00 nginx: worker process
root 11759 0.0 0.1 12112 984 pts/1 R+ 16:59 0:00 grep --color=auto nginx
[root@centos7-5 ~]# ps aux|grep nginx
root 1593 0.0 0.2 105504 2128 ? Ss 16:56 0:00 nginx: master process /usr/sbin/nginx
daemon 1594 0.0 0.2 105972 2924 ? S 16:56 0:00 nginx: worker process
daemon 1595 0.0 0.2 105972 2924 ? S 16:56 0:00 nginx: worker process
daemon 1596 0.0 0.3 105972 3368 ? S 16:56 0:00 nginx: worker process
daemon 1597 0.0 0.2 105972 2924 ? S 16:56 0:00 nginx: worker process
root 1606 0.0 0.0 112808 960 pts/1 R+ 16:59 0:00 grep --color=auto nginx
2.3实现 memcached 角色
[root@centos8 ansible]# mkdir -pv roles/memcached/{tasks,templates}
mkdir: created directory 'roles/memcached'
mkdir: created directory 'roles/memcached/tasks'
mkdir: created directory 'roles/memcached/templates'
[root@centos8 memcached]# vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml
:wq
[root@centos8 memcached]# vim tasks/install.yml
- name: install
yum: name=memcached
:wq
[root@centos8 memcached]# vim tasks/config.yml
- name: config file
template: src=memcached.j2 dest=/etc/sysconfig/memcached
:wq
[root@centos8 memcached]# vim tasks/service.yml
- name: service
service: name=memcached state=started enabled=yes
:wq
[root@centos8 memcached]# vim templates/memcached.j2
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ansible_memtotal_mb//4}}"
OPTIONS=""
:wq
[root@centos8 memcached]# tree
.
├── tasks
│ ├── config.yml
│ ├── install.yml
│ ├── main.yml
│ └── service.yml
└── templates
└── memcached.j2
2 directories, 5 files
[root@centos8 ansible]# vim role_memcached.yml
---
- hosts: appsrvs
roles:
- role: memcached
:wq
[root@centos8 ansible]# vim /etc/ansible/hosts
[appsrvs]
10.0.0.37
10.0.0.38
:wq
[root@centos8 ansible]# ansible-playbook role_memcached.yml
PLAY [appsrvs] *******************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.37]
ok: [10.0.0.38]
TASK [memcached : install] *******************************************************************************************************
changed: [10.0.0.38]
changed: [10.0.0.37]
TASK [memcached : config file] ***************************************************************************************************
changed: [10.0.0.37]
changed: [10.0.0.38]
TASK [memcached : service] *******************************************************************************************************
changed: [10.0.0.37]
changed: [10.0.0.38]
PLAY RECAP ***********************************************************************************************************************
10.0.0.37 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.38 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@centos8-4 ~]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="195"
OPTIONS=""
[root@centos7-4 ~]# cat /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="243"
OPTIONS=""
[root@centos8-4 ~]# rpm -q memcached
memcached-1.5.22-2.el8.x86_64
[root@centos7-4 ~]# rpm -q memcached
memcached-1.4.15-10.el7_3.1.x86_64
2.4实现 mysql 的角色
#实现 mysql5.6 的角色
[root@centos8 ansible]# mkdir -pv roles/mysql5.6/{tasks,files,vars}
mkdir: created directory 'roles/mysql5.6'
mkdir: created directory 'roles/mysql5.6/tasks'
mkdir: created directory 'roles/mysql5.6/files'
mkdir: created directory 'roles/mysql5.6/vars'
[root@centos8 mysql5.6]# vim files/my.cnf
[mysqld]
socket=/tmp/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
log-bin
pid-file=/data/mysql/mysqld.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
log-error=/var/log/mysqld.log
:wq
[root@centos8 mysql5.6]# vim files/secure_mysql.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-01-27
#FileName: /data/ansible/files/secure_mysql.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
/usr/local/mysql/bin/mysql_secure_installation <<EOF
y
123456
123456
y
y
y
y
EOF
:wq
[root@centos8 mysql5.6]# chmod +x files/secure_mysql.sh
[root@centos8 mysql5.6]# ls files/
my.cnf mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz secure_mysql.sh
[root@centos8 mysql5.6]# vim tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: data.yml
- include: config.yml
- include: service.yml
- include: path.yml
- include: secure.yml
:wq
[root@centos8 mysql5.6]# vim tasks/install.yml
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
:wq
[root@centos8 mysql5.6]# vim tasks/group.yml
- name: create mysql group
group: name=mysql gid=306
:wq
[root@centos8 mysql5.6]# vim tasks/user.yml
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
:wq
[root@centos8 mysql5.6]# vim tasks/unarchive.yml
- name: copy tar to remote host and file mode
unarchive: src=mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
:wq
[root@centos8 mysql5.6]# vim tasks/link.yml
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
:wq
[root@centos8 mysql5.6]# vim tasks/data.yml
- name: data dir
shell: chdir=/usr/local/mysql/ ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
:wq
[root@centos8 mysql5.6]# vim tasks/config.yml
- name: config my.cnf
copy: src=my.cnf dest=/etc/my.cnf
:wq
[root@centos8 mysql5.6]# vim tasks/service.yml
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
:wq
[root@centos8 mysql5.6]# vim tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
:wq
[root@centos8 ansible]# vim roles/mysql5.6/tasks/secure.yml
- name: secure script
script: secure_mysql.sh
:wq
[root@centos8 mysql5.6]# vim vars/main.yml
mysql_version: 5.6.51
:wq
[root@centos8 mysql5.6]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz
│ └── secure_mysql.sh
├── tasks
│ ├── config.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── link.yml
│ ├── main.yml
│ ├── path.yml
│ ├── secure.yml
│ ├── service.yml
│ ├── unarchive.yml
│ └── user.yml
└── vars
└── main.yml
3 directories, 15 files
[root@centos8 mysql5.6]# cd ../../
[root@centos8 ansible]# vim role_mysql5.6.yml
---
- hosts: dbsrvs
remote_user: root
roles:
- {role: mysql5.6,tags: ["mysql5.6","db"]}
- {role: nginx,tags: ["nginx","web"]}
:wq
[root@centos8 ansible]# ansible-playbook -t mysql5.6 role_mysql5.6.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [mysql5.6 : install packages centos7] ***************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.6 : install packages centos8] ***************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : create mysql group] *********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : create mysql user] **********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : copy tar to remote host and file mode] **************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.6 : create linkfile /usr/local/mysql] *******************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : data dir] *******************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.6 : config my.cnf] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : service script] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : enable service] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : PATH variable] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.6 : secure script] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.6.51-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 14.14 Distrib 5.6.51, for linux-glibc2.12 (x86_64) using EditLine wrapper
Connection id: 12
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.6.51-log MySQL Community Server (GPL)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /tmp/mysql.sock
Uptime: 23 sec
Threads: 1 Questions: 40 Slow queries: 0 Opens: 79 Flush tables: 2 Open tables: 9 Queries per second avg: 1.739
--------------
mysql> exit
Bye
[root@centos7-6 ~]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.6.51-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 14.14 Distrib 5.6.51, for linux-glibc2.12 (x86_64) using EditLine wrapper
Connection id: 12
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.6.51-log MySQL Community Server (GPL)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /tmp/mysql.sock
Uptime: 1 min 3 sec
Threads: 1 Questions: 40 Slow queries: 0 Opens: 79 Flush tables: 2 Open tables: 9 Queries per second avg: 0.634
--------------
mysql> exit
Bye
[root@centos8 ansible]# ansible-playbook -t nginx role_mysql5.6.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [nginx : install] ***********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [nginx : config file for centos7] *******************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [nginx : config file for centos8] *******************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [nginx : index.html] ********************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [nginx : start service] *****************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
RUNNING HANDLER [nginx : restart] ************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=6 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=6 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
#实现 mysql5.7 的角色
[root@centos8 ansible]# mkdir -pv roles/mysql5.7/{tasks,files,vars}
mkdir: created directory 'roles/mysql5.7'
mkdir: created directory 'roles/mysql5.7/tasks'
mkdir: created directory 'roles/mysql5.7/files'
mkdir: created directory 'roles/mysql5.7/vars'
root@centos8 ansible]# cd roles/mysql5.7/
[root@centos8 mysql5.7]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 mysql5.7]# vim files/set_pass.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-02-05
#FileName: files/set_pass.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
MYSQL_ROOT_PASSWORD=123456
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
:wq
[root@centos8 mysql5.7]# chmod +x files/set_pass.sh
[root@centos8 mysql5.7]# ls files/
my.cnf mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz set_pass.sh
[root@centos8 mysql5.7]# vim tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: path.yml
- include: config.yml
- include: data.yml
- include: service.yml
- include: set_pass.yml
:wq
[root@centos8 mysql5.7]# vim tasks/install.yml
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
:wq
[root@centos8 mysql5.7]# vim tasks/group.yml
- name: cteate mysql group
group: name=mysql gid=306
:wq
[root@centos8 mysql5.7]# vim tasks/user.yml
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
:wq
[root@centos8 mysql5.7]# vim tasks/unarchive.yml
- name: copy tar to remote host and file mode
unarchive: src=mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
:wq
[root@centos8 mysql5.7]# vim tasks/link.yml
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
:wq
[root@centos8 mysql5.7]# vim tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
- name: PATH variable entry
shell: . /etc/profile.d/mysql.sh
:wq
[root@centos8 mysql5.7]# vim tasks/config.yml
- name: config my.cnf
copy: src=my.cnf dest=/etc/my.cnf
:wq
[root@centos8 mysql5.7]# vim tasks/data.yml
- name: data dir
shell: chdir=/usr/local/mysql ./bin/mysqld --initialize --user=mysql --datadir=/data/mysql
:wq
[root@centos8 mysql5.7]# vim tasks/service.yml
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
:wq
[root@centos8 mysql5.7]# vim tasks/set_pass.yml
- name: set mysql user password
script: set_pass.sh
:wq
[root@centos8 mysql5.7]# vim vars/main.yml
mysql_version: 5.7.33
:wq
[root@centos8 mysql5.7]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz
│ └── set_pass.sh
├── tasks
│ ├── config.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── link.yml
│ ├── main.yml
│ ├── path.yml
│ ├── service.yml
│ ├── set_pass.yml
│ ├── unarchive.yml
│ └── user.yml
└── vars
└── main.yml
3 directories, 15 files
[root@centos8 mysql5.7]# cd ../../
[root@centos8 ansible]# vim role_mysql5.7.yml
---
- hosts: dbsrvs
remote_user: root
roles:
- role: mysql5.7
:wq
[root@centos8 ansible]# ansible-playbook role_mysql5.7.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [mysql5.7 : install packages centos7] ***************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.7 : install packages centos8] ***************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : cteate mysql group] *********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : create mysql user] **********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : copy tar to remote host and file mode] **************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.7 : create linkfile /usr/local/mysql] *******************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : PATH variable] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : PATH variable entry] ********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : config my.cnf] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : data dir] *******************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql5.7 : service script] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : enable service] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql5.7 : set mysql user password] ****************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.33-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 14.14 Distrib 5.7.33, for linux-glibc2.12 (x86_64) using EditLine wrapper
Connection id: 3
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.7.33-log MySQL Community Server (GPL)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 40 sec
Threads: 1 Questions: 9 Slow queries: 0 Opens: 109 Flush tables: 2 Open tables: 1 Queries per second avg: 0.225
--------------
mysql> exit
Bye
[root@centos8-6 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@centos7-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.33-log MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 14.14 Distrib 5.7.33, for linux-glibc2.12 (x86_64) using EditLine wrapper
Connection id: 3
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.7.33-log MySQL Community Server (GPL)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 1 min 38 sec
Threads: 1 Questions: 9 Slow queries: 0 Opens: 109 Flush tables: 2 Open tables: 1 Queries per second avg: 0.091
--------------
mysql> exit
Bye
[root@centos7-6 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 80 [::]:3306 [::]:*
#实现 mysql8.0 的角色
[root@centos8 mysql8.0]# mkdir -pv roles/mysql8.0/{tasks,files,vars}
mkdir: created directory 'roles/mysql8.0'
mkdir: created directory 'roles/mysql8.0/tasks'
mkdir: created directory 'roles/mysql8.0/files'
mkdir: created directory 'roles/mysql8.0/vars'
[root@centos8 ansible]# cd roles/mysql8.0/
[root@centos8 mysql8.0]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 mysql8.0]# vim files/set_pass.sh
#!/bin/bash
#
#********************************************************************
#Author: zhanghui
#QQ: 19661891
#Date: 2021-02-05
#FileName: files/set_pass.sh
#URL: www.neteagles.cn
#Description: The test script
#Copyright (C): 2021 All rights reserved
#********************************************************************
MYSQL_ROOT_PASSWORD=123456
MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
mysqladmin -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
:wq
[root@centos8 mysql5.7]# chmod +x files/set_pass.sh
[root@centos8 mysql8.0]# ls files/
my.cnf mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz set_pass.sh
[root@centos8 mysql8.0]# vim tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: path.yml
- include: config.yml
- include: data.yml
- include: service.yml
- include: set_pass.yml
:wq
[root@centos8 mysql8.0]# vim tasks/install.yml
- name: install packages centos7
yum: name=libaio,perl-Data-Dumper
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,perl-Data-Dumper,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
:wq
[root@centos8 mysql8.0]# vim tasks/group.yml
- name: cteate mysql group
group: name=mysql gid=306
:wq
[root@centos8 mysql8.0]# vim tasks/user.yml
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
:wq
[root@centos8 mysql8.0]# vim tasks/unarchive.yml
- name: copy tar to remote host and file mode
unarchive: src=mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.xz dest=/usr/local/ owner=root group=root
:wq
[root@centos8 mysql8.0]# vim tasks/link.yml
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{mysql_version}}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
:wq
[root@centos8 mysql8.0]# vim tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
- name: PATH variable entry
shell: . /etc/profile.d/mysql.sh
:wq
[root@centos8 mysql8.0]# vim tasks/config.yml
- name: config my.cnf
copy: src=my.cnf dest=/etc/my.cnf
:wq
[root@centos8 mysql8.0]# vim tasks/data.yml
- name: data dir
shell: chdir=/usr/local/mysql ./bin/mysqld --initialize --user=mysql --datadir=/data/mysql
:wq
[root@centos8 mysql8.0]# vim tasks/service.yml
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
:wq
[root@centos8 mysql8.0]# vim tasks/set_pass.yml
- name: set mysql user password
script: set_pass.sh
:wq
[root@centos8 mysql8.0]# vim vars/main.yml
mysql_version: 8.0.23
:wq
[root@centos8 mysql8.0]# tree
.
├── files
│ ├── my.cnf
│ ├── mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
│ └── set_pass.sh
├── tasks
│ ├── config.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── link.yml
│ ├── main.yml
│ ├── path.yml
│ ├── service.yml
│ ├── set_pass.yml
│ ├── unarchive.yml
│ └── user.yml
└── vars
└── main.yml
3 directories, 15 files
[root@centos8 mysql8.0]# cd ../../
[root@centos8 ansible]# vim role_mysql8.0.yml
---
- hosts: dbsrvs
remote_user: root
roles:
- role: mysql8.0
:wq
[root@centos8 ansible]# ansible-playbook role_mysql8.0.yml
PLAY [dbsrvs] ********************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [mysql8.0 : install packages centos7] ***************************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql8.0 : install packages centos8] ***************************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : cteate mysql group] *********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : create mysql user] **********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : copy tar to remote host and file mode] **************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql8.0 : create linkfile /usr/local/mysql] *******************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : PATH variable] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : PATH variable entry] ********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : config my.cnf] **************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : data dir] *******************************************************************************************************
changed: [10.0.0.58]
changed: [10.0.0.57]
TASK [mysql8.0 : service script] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : enable service] *************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mysql8.0 : set mysql user password] ****************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ***********************************************************************************************************************
10.0.0.57 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=13 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.23 MySQL Community Server - GPL
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 8.0.23 for Linux on x86_64 (MySQL Community Server - GPL)
Connection id: 9
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 8.0.23 MySQL Community Server - GPL
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8mb4
Conn. characterset: utf8mb4
UNIX socket: /data/mysql/mysql.sock
Binary data as: Hexadecimal
Uptime: 54 sec
Threads: 2 Questions: 9 Slow queries: 0 Opens: 130 Flush tables: 4 Open tables: 10 Queries per second avg: 0.166
--------------
mysql> exit
Bye
[root@centos8-6 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 70 *:33060 *:*
LISTEN 0 128 *:3306 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@centos7-6 ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.23 MySQL Community Server - GPL
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> status
--------------
mysql Ver 8.0.23 for Linux on x86_64 (MySQL Community Server - GPL)
Connection id: 9
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 8.0.23 MySQL Community Server - GPL
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8mb4
Conn. characterset: utf8mb4
UNIX socket: /data/mysql/mysql.sock
Binary data as: Hexadecimal
Uptime: 1 min 32 sec
Threads: 2 Questions: 9 Slow queries: 0 Opens: 130 Flush tables: 4 Open tables: 10 Queries per second avg: 0.097
--------------
mysql> exit
Bye
[root@centos7-6 ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 70 [::]:33060 [::]:*
LISTEN 0 128 [::]:3306 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
#实现 mariadb 10.2 的角色
[root@centos8 ansible]# mkdir -pv roles/mariadb10.2/{tasks,files,vars}
mkdir: created directory 'roles'
mkdir: created directory 'roles/mariadb10.2'
mkdir: created directory 'roles/mariadb10.2/tasks'
mkdir: created directory 'roles/mariadb10.2/files'
mkdir: created directory 'roles/mariadb10.2/vars'
[root@centos8 mariadb10.2]# vim files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
:wq
[root@centos8 mariadb10.2]# ls files/
mariadb-10.2.36-linux-x86_64.tar.gz my.cnf
[root@centos8 mariadb10.2]# vim tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: datadir.yml
- include: unarchive.yml
- include: link.yml
- include: data.yml
- include: config.yml
- include: service.yml
- include: path.yml
:wq
[root@centos8 mariadb10.2]# vim tasks/install.yml
- name: install packages centos7
yum: name=libaio
when:
- ansible_facts['distribution_major_version'] == "7"
- name: install packages centos8
yum: name=libaio,ncurses-compat-libs
when:
- ansible_facts['distribution_major_version'] == "8"
:wq
[root@centos8 mariadb10.2]# vim tasks/group.yml
- name: create group
group: name=mysql gid=27 system=yes
:wq
[root@centos8 mariadb10.2]# vim tasks/user.yml
- name: create user
user: name=mysql uid=27 system=yes group=mysql shell=/sbin/nologin home=/data/mysql create_home=no
:wq
[root@centos8 mariadb10.2]# vim tasks/datadir.yml
- name: mkdir datadir
file: path=/data/mysql owner=mysql group=mysql state=directory
:wq
[root@centos8 mariadb10.2]# vim tasks/unarchive.yml
- name: unarchive package
unarchive: src=mariadb-{{mysql_version}}-linux-x86_64.tar.gz dest=/usr/local/ owner=root group=root
:wq
[root@centos8 mariadb10.2]# vim tasks/link.yml
- name: link
file: src=/usr/local/mariadb-{{mysql_version}}-linux-x86_64 path=/usr/local/mysql state=link
:wq
[root@centos8 mariadb10.2]# vim tasks/data.yml
- name: install database
shell: chdir=/usr/local/mysql ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
:wq
[root@centos8 mariadb10.2]# vim tasks/config.yml
- name: config file
copy: src=my.cnf dest=/etc/ backup=yes
:wq
[root@centos8 mariadb10.2]# vim tasks/service.yml
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: start service
service: name=mysqld state=started enabled=yes
:wq
[root@centos8 mariadb10.2]# vim tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
:wq
[root@centos8 mariadb10.2]# vim vars/main.yml
mysql_version: 10.2.36
:wq
[root@centos8 mariadb10.2]# tree
.
├── files
│ ├── mariadb-10.2.36-linux-x86_64.tar.gz
│ └── my.cnf
├── tasks
│ ├── config.yml
│ ├── datadir.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── link.yml
│ ├── main.yml
│ ├── path.yml
│ ├── service.yml
│ ├── unarchive.yml
│ └── user.yml
└── vars
└── main.yml
3 directories, 14 files
[root@centos8 mariadb10.2]# cd ../../
[root@centos8 ansible]# vim role_mariadb10.2.yml
---
- hosts: dbsrvs
remote_user: root
roles:
- role: mariadb10.2
:wq
[root@centos8 ansible]# ansible-playbook role_mariadb10.2.yml
PLAY [dbsrvs] *****************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
ok: [10.0.0.57]
ok: [10.0.0.58]
TASK [mariadb10.2 : install packages centos7] *********************************************************************************
skipping: [10.0.0.58]
changed: [10.0.0.57]
TASK [mariadb10.2 : install packages centos8] *********************************************************************************
skipping: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : create group] *********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : create user] **********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : mkdir datadir] ********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : unarchive package] ****************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : link] *****************************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : install database] *****************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : config file] **********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : service script] *******************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : start service] ********************************************************************************************
[WARNING]: The service (mysqld) is actually an init script but the system is managed by systemd
changed: [10.0.0.57]
changed: [10.0.0.58]
TASK [mariadb10.2 : PATH variable] ********************************************************************************************
changed: [10.0.0.57]
changed: [10.0.0.58]
PLAY RECAP ********************************************************************************************************************
10.0.0.57 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.58 : ok=12 changed=11 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8-6 ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.36-MariaDB-log MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> status
--------------
mysql Ver 15.1 Distrib 10.2.36-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 10
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.2.36-MariaDB-log MariaDB Server
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 32 sec
Threads: 8 Questions: 5 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.156
--------------
MariaDB [(none)]> exit
Bye
[root@centos7-6 ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.2.36-MariaDB-log MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> status
--------------
mysql Ver 15.1 Distrib 10.2.36-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 10
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.2.36-MariaDB-log MariaDB Server
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /data/mysql/mysql.sock
Uptime: 1 min 21 sec
Threads: 8 Questions: 5 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.061
--------------
MariaDB [(none)]> exit
Bye
2.5实现多角色的选择
[root@centos8 ansible]# vim role_httpd_nginx.yml
---
- hosts: websrvs
roles:
- {role: httpd,tags: [httpd,web], when: ansible_distribution_major_version=="7" }
- {role: nginx,tags: [nginx,web], when: ansible_distribution_major_version=="8" }
:wq
[root@centos8 ansible]# ansible-playbook -t nginx role_httpd_nginx.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.47]
ok: [10.0.0.48]
TASK [nginx : install] ***********************************************************************************************************
skipping: [10.0.0.47]
ok: [10.0.0.48]
TASK [nginx : config file for centos7] *******************************************************************************************
skipping: [10.0.0.47]
skipping: [10.0.0.48]
TASK [nginx : config file for centos8] *******************************************************************************************
skipping: [10.0.0.47]
ok: [10.0.0.48]
TASK [nginx : index.html] ********************************************************************************************************
skipping: [10.0.0.47]
ok: [10.0.0.48]
TASK [nginx : start service] *****************************************************************************************************
skipping: [10.0.0.47]
ok: [10.0.0.48]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=1 changed=0 unreachable=0 failed=0 skipped=5 rescued=0 ignored=0
10.0.0.48 : ok=5 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@centos8 ansible]# ansible-playbook -t httpd role_httpd_nginx.yml
PLAY [websrvs] *******************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************
ok: [10.0.0.47]
ok: [10.0.0.48]
TASK [httpd : create apache group] ***********************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [httpd : create apache user] ************************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [install httpd package] *****************************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [httpd : config file] *******************************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [httpd : index.html] ********************************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
TASK [httpd : start service] *****************************************************************************************************
skipping: [10.0.0.48]
changed: [10.0.0.47]
RUNNING HANDLER [nginx : restart] ************************************************************************************************
skipping: [10.0.0.47]
PLAY RECAP ***********************************************************************************************************************
10.0.0.47 : ok=7 changed=6 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.0.0.48 : ok=1 changed=0 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0
