使用roles部署mariadb
环境
| 外网IP |
内网IP |
主机名 |
| 10.0.0.5 |
172.16.1.5 |
lb01 (负载均衡) |
| 10.0.0.6 |
172.16.1.6 |
lb02 |
| 10.0.0.7 |
172.16.1.7 |
web01(服务器) |
| 10.0.0.8 |
172.16.1.8 |
web02 |
| 10.0.0.9 |
172.16.1.9 |
web03 |
| 10.0.0.31 |
172.16.1.31 |
nfs (共享存储) |
| 10.0.0.41 |
172.16.1.41 |
backup |
| 10.0.0.51 |
172.16.1.51 |
db01 (数据库) |
| 10.0.0.52 |
172.16.1.52 |
db02 |
| 10.0.0.53 |
172.16.1.53 |
db03(代理机) |
| 10.0.0.54 |
172.16.1.54 |
db04(代理机) |
| 10.0.0.61 |
172.16.1.61 |
m01 (跳板机) |
| 10.0.0.71 |
172.16.1.71 |
zabbix |
流程分析
1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户
1.安装mariadb-server
2.拷贝配置文件(my.cnf.j2)
3.启动
4.给root用户密码
推送公钥
1.创建密钥对
[root@m01 ~]# ssh-keygen
2.推送公钥
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.5
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.6
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.7
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.8
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.9
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.51
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.52
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.53
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.54
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.61
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.71
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.81
ansible优化
1.下载
[root@m01 ~]# yum install -y ansible
2.优化
[root@m01 ~]# vim /etc/ansible/ansible.cfg #改为
host_key_checking = False
配置主机清单
[root@m01 ~]# vim /root/ansible/hosts
#[]标签名任意,但是最好不要用特殊符号(- | &)和大写字母,中文(不能是nginx)
#端口是22的时候可以省略
[web_group]
172.16.1.7 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.8 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.9 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[db_group]
172.16.1.51 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.52 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.53 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.54 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[nfs_group]
172.16.1.31 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[redis_group]
172.16.1.81 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[lb_group]
172.16.1.5 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
172.16.1.6 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[backup_group]
172.16.1.41 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[zabbix_group]
172.16.1.71 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[m01_group]
172.16.1.61 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
[mtj_group]
172.16.1.202 ansible_ssh_port=22 asible_ssh_user=root ansible_ssh_pass='1'
mysql配置文件my.cnf jinjia模板
[root@m01 mariadb]# vim templates/my.cnf.j2
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
{% if ansible_fqdn == 'db01' %}
server_id = 1
{% else %}
server_id = 2
{% endif %}
log-bin=mysql-bin
character_set_server=utf8
skip_name_resolve
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
!includedir /etc/my.cnf.d
tasks
1.安装
[root@m01 mariadb]# vim tasks/install.yml
- name: install mariadb-server
yum:
name:
- "mariadb-server"
- "MySQL-python"
2.拷贝配置文件
[root@m01 mariadb]# vim tasks/copy.yml
- name: copy my.cnf.j2
template:
src: my.cnf.j2
dest: /etc/my.cnf
notify:
- "restart mariadb"
3.启动
[root@m01 mariadb]# vim tasks/start.yml
- name: start mariadb-server
service:
name: mariadb
state: started
enabled: yes
4.给root用户密码
[root@m01 mariadb]# vim tasks/root.yml
- name: update root password
mysql_user:
name: root
password: '1'
update_password: always
host: "localhost"
priv: "*.*:ALL,GRANT"
state: present
ignore_errors: yes
5.创建普通用户
[root@m01 mariadb]# vim tasks/spool.yml
- name: grant mysql user
mysql_user:
login_host: "localhost"
login_user: "root"
login_password: "1"
login_port: "3306"
name: "ty"
password: "123"
host: "%"
priv: "*.*:ALL,GRANT"
state: "present"
6.建立数据库
[root@m01 mariadb]# vim tasks/database.yml
#建立数据库
- name: create a database
mysql_db:
login_host: "localhost"
login_user: "root"
login_password: "1"
login_port: "3306"
name: "mezz"
encoding: "utf8"
state: "present"
##删除数据库
#- name: delete a database
# mysql_db:
# login_host: "localhost"
# login_user: "root"
# login_password: "1"
# login_port: "3306"
# name: "mezz"
# state: "absent"
#
##导出数据库
#- name: dump a database
# mysql_db:
# login_host: "localhost"
# login_user: "root"
# login_password: "1"
# login_port: "3306"
# name: "mezz"
# target: "/tmp/mezz.gz"
# state: "dump"
#
##导入数据库
#- name: import a database
# mysql_db:
# login_host: "localhost"
# login_user: "root"
# login_password: "1"
# login_port: "3306"
# name: "all"
# target: "mezz.gz"
# state: "import"
7.包含
[root@m01 mariadb]# vim tasks/main.yml
- include: install.yml
- include: copy.yml
- include: start.yml
- include: root.yml
- include: spool.yml
- include: database.yml
8.触发器
[root@m01 mariadb]# vim handlers/main.yml
- name: restart mariadb-server
service:
name: mariadb
state: restarted
编辑入口文件
[root@m01 roles]# vim site.yml
- hosts: all
roles:
#- { role: base }
#- { role: rsync_client,when: ansible_fqdn is match 'web*' }
#- { role: rsync_client,when: ansible_fqdn is match 'nfs*' }
#- { role: rsync_server,when: ansible_fqdn is match 'backup*' }
#- { role: nfs_server,when: ansible_fqdn is match 'nfs*' }
#- { role: nfs_client,when: ansible_fqdn is match 'web*' }
#- { role: mount_server,when: ansible_fqdn is match 'nfs*' }
#- { role: mount_client,when: ansible_fqdn is match 'web*' }
#- { role: sersync,when: ansible_fqdn is match 'web*' }
#- { role: nginx_web,when: ansible_fqdn is match 'web*' }
#- { role: nginx_lb,when: ansible_fqdn is match 'lb*' }
#- { role: keepalived_lb,when: ansible_fqdn is match 'nfs*' }
#- { role: php,when: ansible_fqdn is match 'web*' }
- { role: mariadb,when: ansible_fqdn is match 'db*' }
执行
[root@m01 roles]# ansible-playbook site.yml
