PHP

使用roles部署PHP

环境

外网IP 内网IP 主机名
10.0.0.5 172.16.1.5 lb01 (负载均衡)
10.0.0.6 172.16.1.6 lb02
10.0.0.7 172.16.1.7 web01(服务器)
10.0.0.8 172.16.1.8 web02
10.0.0.9 172.16.1.9 web03
10.0.0.31 172.16.1.31 nfs (共享存储)
10.0.0.41 172.16.1.41 backup
10.0.0.51 172.16.1.51 db01 (数据库)
10.0.0.52 172.16.1.52 db02
10.0.0.53 172.16.1.53 db03(代理机)
10.0.0.54 172.16.1.54 db04(代理机)
10.0.0.61 172.16.1.61 m01 (跳板机)
10.0.0.71 172.16.1.71 zabbix

流程分析

1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户
	1.安装PHP
	2.拷贝PHP配置文件
	3.启动PHP

推送公钥

1.创建密钥对
[root@m01 ~]# ssh-keygen
2.推送公钥
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.5
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.6
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.7
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.8
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.9
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.51
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.52
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.53
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.54
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.61
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.71
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.81

ansible优化

1.下载
[root@m01 ~]#  yum install -y ansible
2.优化
[root@m01 ~]#  vim /etc/ansible/ansible.cfg		#改为
host_key_checking = False

配置主机清单

[root@m01 ~]# vim /root/ansible/hosts 
#[]标签名任意,但是最好不要用特殊符号(- | &)和大写字母,中文(不能是nginx)
#端口是22的时候可以省略
[web_group]
172.16.1.7 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.8 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.9 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[db_group]
172.16.1.51 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.52 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.53 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.54 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[nfs_group]
172.16.1.31 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[redis_group]
172.16.1.81 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[lb_group]
172.16.1.5 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.6 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[backup_group]
172.16.1.41 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[zabbix_group]
172.16.1.71 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[m01_group]
172.16.1.61 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

[mtj_group]
172.16.1.202 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'

前戏

1.上传PHP安装包
2.把PHP配置文件放到files目录

PHP配置文件

[root@m01 roles]# cat php/templates/www.conf.j2 
[www]
user = {{ user_group }}
group = {{ user_group }}
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path]    = /var/lib/php/session
php_value[soap.wsdl_cache_dir]  = /var/lib/php/wsdlcache

创建角色

[root@m01 roles]# ansible-galaxy init php

编辑tasks目录

1.解压
[root@m01 php]# vim tasks/jieya.yml 
- name: unarchive php-packages
  unarchive:
    src: php-71.tar.gz
    dest: "{{ php_packages_pos }}"

2.安装
[root@m01 php]# vim tasks/install.yml 
- name: install php
  shell: "{{ item }}"
  with_items:
    - "yum remove -y php-common"
    - "yum install -y {{ php_packages_pos }}/{{ php_packages_name }}/*rpm"
  ignore_errors: yes
3.拷贝
[root@m01 php]# vim tasks/copy.yml 
- name: copy php packages
  template:
    src: www.conf.j2
    dest: "/etc/php-fpm.d/www.conf"
  notify:
    - "reload php"
4.启动
[root@m01 php]# vim tasks/start.yml 
- name: start php
  service:
    name: php-fpm
    state: started
    enabled: yes
5.include
[root@m01 php]# vim tasks/main.yml 
- include: jieya.yml
- include: install.yml
- include: copy.yml
- include: start.yml
6.触发器
[root@m01 php]# vim handlers/main.yml 
- name: reload php
  service:
    name: php-fpm
    state: reloaded
7.依赖
[root@m01 php]# vim meta/main.yml 
dependencies:
  - { role: base }
8.变量
[root@m01 php]# vim vars/main.yml 
#php安装包的解压位置
php_packages_pos: "/tmp"
#php解压后的包名
php_packages_name: "php-71"
#php安装包
php_packages:
  - "autoconf-2.69-11.el7.noarch.rpm"
  - "automake-1.13.4-3.el7.noarch.rpm"
  - "libjpeg-turbo-1.2.90-8.el7.x86_64.rpm"
  - "libmcrypt-2.5.8-13.el7.x86_64.rpm"
  - "libmemcached-1.0.16-5.el7.x86_64.rpm"
  - "libX11-1.6.7-2.el7.x86_64.rpm"
  - "libX11-common-1.6.7-2.el7.noarch.rpm"
  - "libXau-1.0.8-2.1.el7.x86_64.rpm"
  - "libxcb-1.13-1.el7.x86_64.rpm"
  - "libXpm-3.5.12-1.el7.x86_64.rpm"
  - "m4-1.4.16-10.el7.x86_64.rpm"
  - "mod_php71w-7.1.33-1.w7.x86_64.rpm"
  - "pcre-devel-8.32-17.el7.x86_64.rpm"
  - "perl-Data-Dumper-2.145-3.el7.x86_64.rpm"
  - "perl-Test-Harness-3.28-3.el7.noarch.rpm"
  - "perl-Thread-Queue-3.02-2.el7.noarch.rpm"
  - "php71w-cli-7.1.33-1.w7.x86_64.rpm"
  - "php71w-common-7.1.33-1.w7.x86_64.rpm"
  - "php71w-devel-7.1.33-1.w7.x86_64.rpm"
  - "php71w-embedded-7.1.33-1.w7.x86_64.rpm"
  - "php71w-fpm-7.1.33-1.w7.x86_64.rpm"
  - "php71w-gd-7.1.33-1.w7.x86_64.rpm"
  - "php71w-mbstring-7.1.33-1.w7.x86_64.rpm"
  - "php71w-mcrypt-7.1.33-1.w7.x86_64.rpm"
  - "php71w-mysqlnd-7.1.33-1.w7.x86_64.rpm"
  - "php71w-opcache-7.1.33-1.w7.x86_64.rpm"
  - "php71w-pdo-7.1.33-1.w7.x86_64.rpm"
  - "php71w-pear-1.10.4-1.w7.noarch.rpm"
  - "php71w-pecl-igbinary-2.0.5-1.w7.x86_64.rpm"
  - "php71w-pecl-memcached-3.0.4-1.w7.x86_64.rpm"
  - "php71w-pecl-mongodb-1.5.3-1.w7.x86_64.rpm"
  - "php71w-pecl-redis-3.1.6-1.w7.x86_64.rpm"
  - "php71w-process-7.1.33-1.w7.x86_64.rpm"
  - "php71w-xml-7.1.33-1.w7.x86_64.rpm"

编辑入口文件

[root@m01 roles]# vim site.yml 
- hosts: web01
  roles:
    - { role: base }
    #- { role: rsync_client,when: ansible_fqdn is match 'web*' }
    #- { role: rsync_client,when: ansible_fqdn is match 'nfs*' }
    #- { role: rsync_server,when: ansible_fqdn is match 'backup*' }
    #- { role: nfs_server,when: ansible_fqdn is match 'nfs*' }
    #- { role: nfs_client,when: ansible_fqdn is match 'web*' }
    #- { role: mount_server,when: ansible_fqdn is match 'nfs*' }
    #- { role: mount_client,when: ansible_fqdn is match 'web*' }
    #- { role: sersync,when: ansible_fqdn is match 'web*' }
    #- { role: nginx_web,when: ansible_fqdn is match 'web*' }
    #- { role: nginx_lb,when: ansible_fqdn is match 'lb*' }
    #- { role: keepalived_lb,when: ansible_fqdn is match 'nfs*' }
    - { role: php,when: ansible_fqdn is match 'web*' }

执行

[root@m01 roles]# ansible-playbook site.yml 
posted @ 2020-06-20 22:07  看萝卜在飘  阅读(206)  评论(0编辑  收藏  举报