十六、Ansible自动化与http服务器搭建

1.使用ansible的playbook实现自动化安装httpd

配置ansible主机文件

[root@localhost ~]# vim /etc/ansible/hosts
[websrvs]
10.50.100.8

配置ansible与管理端的ssh连接

[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ulfwLi7gGlvtyYghqQ9vw8TtWYOz/Dtln67Dc7VHBlQ root@localhost.centos8
The key's randomart image is:
+---[RSA 3072]----+
|             .E  |
|            .    |
|           .     |
|        .   .    |
| . . .  So   .   |
| .o =.o.o o . o  |
|+oo+.*o= + o +   |
|.++**+oo* = . .  |
|.o*o..B*oB.  .   |
+----[SHA256]-----+
[root@localhost ~]# ssh-copy-id 10.50.100.8
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.50.100.8's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '10.50.100.8'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ansible websrvs -m ping
10.50.100.8 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

配置install_httpd.yml与测试

[root@localhost ~]# cat install_httpd.yml 
#install httpd
- hosts: websrvs
  remote_user: root
  tasks:
  - name: copy epel file
    copy: src=/etc/yum.repos.d/CentOS-Base.repo dest=/etc/yum.repos.d/CentOS-Base.repo
  - name: Install httpd
    yum: name=httpd
  - name: start httpd
    service: name=httpd state=started enabled=yes
[root@localhost ~]# ansible-playbook -C install_httpd.yml 

PLAY [websrvs] ***************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [copy epel file] ********************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [Install httpd] *********************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [start httpd] ***********************************************************************************************************************************************************
changed: [10.50.100.8]

PLAY RECAP *******************************************************************************************************************************************************************
10.50.100.8                : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

运行ansible-playbook进行自动安装

[root@localhost ~]# ansible-playbook install_httpd.yml --limit=10.50.100.8

PLAY [websrvs] ***************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [copy epel file] ********************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [Install httpd] *********************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [start httpd] ***********************************************************************************************************************************************************
changed: [10.50.100.8]

PLAY RECAP *******************************************************************************************************************************************************************
10.50.100.8                : ok=4    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

验证目标服务器端是否安装成功

[root@localhost ~]# ss -nlt
State                  Recv-Q                 Send-Q                                   Local Address:Port                                   Peer Address:Port                 
LISTEN                 0                      128                                            0.0.0.0:22                                          0.0.0.0:*                    
LISTEN                 0                      128                                               [::]:22                                             [::]:*                    
LISTEN                 0                      128                                                  *:80                                                *:* 
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2021-05-12 14:36:17 CST; 2min 21s ago
     Docs: man:httpd.service(8)
 Main PID: 11274 (httpd)
   Status: "Total requests: 1; Idle/Busy workers 100/0;Requests/sec: 0.00719; Bytes served/sec:  32 B/sec"
    Tasks: 213 (limit: 12340)
   Memory: 38.9M
   CGroup: /system.slice/httpd.service
           ├─11274 /usr/sbin/httpd -DFOREGROUND
           ├─11275 /usr/sbin/httpd -DFOREGROUND
           ├─11277 /usr/sbin/httpd -DFOREGROUND
           ├─11287 /usr/sbin/httpd -DFOREGROUND
           └─11335 /usr/sbin/httpd -DFOREGROUND

May 12 14:36:17 localhost.centos8 systemd[1]: Starting The Apache HTTP Server...
May 12 14:36:17 localhost.centos8 systemd[1]: Started The Apache HTTP Server.
May 12 14:36:17 localhost.centos8 httpd[11274]: Server configured, listening on: port 80                

2.建立httpd服务器,要求提供两个基于名称的虚拟主机:

(1)www.X.com,页面文件目录为/web/vhosts/x;错误日志为/var/log/httpd/x.err,访问日志为/var/log/httpd/x.access

[root@localhost ~]# cat x_com.conf 
<VirtualHost *:80>
        ServerName www.X.com
        DocumentRoot "/web/vhosts/x"
        <Directory "/web/vhosts/x">
                Options None
                AllowOverride None
                Require all granted
        </Directory>
        ErrorLog "logs/x.err"
        CustomLog "logs/x.access" combined
</VirtualHost>

(2)www.Y.com,页面文件目录为/web/vhosts/y;错误日志为 /var/log/httpd/www2.err,访问日志为/var/log/httpd/y.access

[root@localhost ~]# cat y_com.conf 
<VirtualHost *:80>
        ServerName www.Y.com
        DocumentRoot "/web/vhosts/y"
        <Directory "/web/vhosts/y">
                Options None
                AllowOverride None
                Require all granted
        </Directory>
        ErrorLog "logs/www2.err"
        CustomLog "logs/y.access" combined
</VirtualHost>

(3)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名

[root@localhost ~]# cat x_index.html 
<h1>www.x.com</h1>
[root@localhost ~]# cat y_index.html 
<h1>www.y.com</h1>

(4)ansiable-playbook把对应的文件直接推送到远端主机

[root@localhost ~]# cat set_virtualhost_conf_file.yml 
#set_virualhost_conf_file
  - hosts: websrvs
    remote_user: root
 
    tasks:
    - name: mkdir virtualhost documentroot directory
      shell: mkdir -p /web/vhosts/{x,y}
 
    - name: copy x_com.conf to remotehost
      copy: src=/root/x_com.conf dest=/etc/httpd/conf.d/x_com.conf
    - name: copy x_com index file
      copy: src=/root/x_index.html dest=/web/vhosts/x/index.html
 
    - name: copy y_com.conf to remotehost
      copy: src=/root/y_com.conf dest=/etc/httpd/conf.d/y_com.conf
    - name: copy y_com index file
      copy: src=/root/y_index.html dest=/web/vhosts/y/index.html

(5)检测文件语法是否有误

[root@localhost ~]# ansible-playbook -C set_virtualhost_conf_file.yml 

PLAY [websrvs] ***************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [mkdir virtualhost documentroot directory] ******************************************************************************************************************************
skipping: [10.50.100.8]

TASK [copy x_com.conf to remotehost] *****************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy x_com index file] *************************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy y_com.conf to remotehost] *****************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy y_com index file] *************************************************************************************************************************************************
changed: [10.50.100.8]

PLAY RECAP *******************************************************************************************************************************************************************
10.50.100.8                : ok=5    changed=4    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   

(6)运行ansible-playbook,把对应的文件推送到httpd服务器上

[root@localhost ~]# ansible-playbook set_virtualhost_conf_file.yml --limit 10.50.100.8

PLAY [websrvs] ***************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
ok: [10.50.100.8]

TASK [mkdir virtualhost documentroot directory] ******************************************************************************************************************************
[WARNING]: Consider using the file module with state=directory rather than running 'mkdir'.  If you need to use command because file is insufficient you can add 'warn:
false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
changed: [10.50.100.8]

TASK [copy x_com.conf to remotehost] *****************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy x_com index file] *************************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy y_com.conf to remotehost] *****************************************************************************************************************************************
changed: [10.50.100.8]

TASK [copy y_com index file] *************************************************************************************************************************************************
changed: [10.50.100.8]

PLAY RECAP *******************************************************************************************************************************************************************
10.50.100.8                : ok=6    changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

[root@localhost ~]# 

(7)使用ansible的shell模块去检查远端服务器上的配置文件的语法是否正确

[root@localhost ~]# ansible websrvs -m shell -a 'httpd -t'
10.50.100.8 | CHANGED | rc=0 >>
Syntax OK

(8)使用ansible的shell模块重启httpd

[root@localhost ~]# ansible websrvs -m shell -a 'systemctl restart httpd'
10.50.100.8 | CHANGED | rc=0 >>

(9)在客户端上更改/etc/hosts文件,让其访问www.X.com 和www.Y.com 能够解析到远程主机

[root@localhost ~]# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.50.100.8 www.x.com www.y.com

(10)利用curl 分别访问两个虚拟主机,看看对应的主页文件内容是否不同

[root@localhost ~]# curl http://www.x.com/index.html
<h1>www.x.com</h1>
[root@localhost ~]# curl http://www.y.com/index.html
<h1>www.y.com</h1>
posted @ 2021-05-12 15:55  人生值得  阅读(388)  评论(0编辑  收藏  举报