ansible和playbook编写剧本
目录
一、使用模块加ad-hoc搭建交作业页面
1.准备文件
1)准备httpd配置文件
[root@m01 ~]# yum install -y httpd
[root@m01 ~]# vim /etc/httpd/conf/httpd.conf
User www
Group www
2)准备php安装包
[root@m01 ~]# ll
-rw-r--r-- 1 root root 19889622 Nov 22 15:52 php.tar.gz
3)准备PHP配置文件
[root@m01 ~]# tar xf php.tar.gz -C /tmp/
[root@m01 tmp]# yum localinstall -y *.rpm
[root@m01 tmp]# vim /etc/php-fpm.d/www.conf
user = www
group = www
[root@m01 tmp]# vim /etc/php.ini
upload_max_filesize = 200M
post_max_size = 200M
4)准备代码文件
[root@m01 ~]# ll kaoshi.zip
-rw-r--r-- 1 root root 26995 Nov 22 16:47 kaoshi.zip
2.编写ansible命令
#1.安装httpd
ansible web_group -m yum -a 'name=httpd state=present' &&\
#2.创建www用户组
ansible web_group,nfs -m group -a 'name=www gid=666 state=present' &&\
#3.创建www用户
ansible web_group,nfs -m user -a 'name=www uid=666 group=www shell=/sbin/nologin create_home=false' &&\
#4.配置httpd
ansible web_group -m copy -a 'src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/' &&\
#5.解压php安装包到web服务器
ansible web_group -m unarchive -a 'src=/root/php.tar.gz dest=/tmp/' &&\
#6.安装php
ansible web_group -m shell -a 'yum localinstall -y /tmp/*.rpm' &&\
#7.配置php
ansible web_group -m copy -a 'src=/etc/php-fpm.d/www.conf dest=/etc/php-fpm.d/' &&\
ansible web_group -m copy -a 'src=/etc/php.ini dest=/etc/' &&\
#8.启动php
ansible web_group -m systemd -a 'name=php-fpm state=started enabled=yes' &&\
#9.启动httpd
ansible web_group -m systemd -a 'name=httpd state=started enabled=yes' &&\
#10.解压代码
ansible web_group -m unarchive -a 'src=/root/kaoshi.zip dest=/var/www/html/ owner=www group=www' &&\
#11.站点目录授权
ansible web_group -m file -a 'path=/var/www/ state=directory owner=www group=www recurse=yes' &&\
#12.安装NFS
ansible nfs -m yum -a 'name=nfs-utils state=present' &&\
#13.安装rpcbind
ansible web_group,nfs -m yum -a 'name=rpcbind state=present' &&\
#14.配置nfs
ansible nfs -m copy -a 'content="/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" dest=/etc/exports' &&\
#15.创建挂载目录
ansible nfs -m file -a 'path=/data state=directory owner=www group=www' &&\
#16.启动nfs
ansible nfs -m systemd -a 'name=nfs state=started' &&\
#17.启动rpcbind
ansible nfs -m systemd -a 'name=rpcbind state=started' &&\
#18.创建web端挂载的目录
ansible web_group -m file -a 'path=/var/www/html/upload state=directory owner=www group=www' &&\
#19.挂载
ansible web_group -m mount -a 'src=172.16.1.31:/data path=/var/www/html/upload fstype=nfs opts=defaults state=mounted'
二、playbook实战
0.配置主机清单
[root@m01 ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
[nfs_server]
nfs ansible_ssh_pass='1'
[rsync_server]
backup ansible_ssh_pass='1'
[db_server]
db01 ansible_ssh_pass='1'
[www:children]
web_group
nfs_server
rsync_server
[root@m01 lnmp]# cat base.yml
- hosts: all
tasks:
- name: Stop Selinux
selinux:
state: disabled
- name: Stop Firewalld
systemd:
name: firewalld
state: stopped
1.部署httpd
1)编写剧本
[root@m01 lnmp]# cat httpd.yml
- hosts: web_group
tasks:
- name: Install Httpd Server
yum:
name: httpd
state: present
- name: Config Httpd Server
copy:
src: /etc/httpd/conf/httpd.conf
dest: /etc/httpd/conf/
- name: Start Httpd Server
systemd:
name: httpd
state: started
2)执行剧本
[root@m01 lnmp]# ansible-playbook httpd.yml
2.部署交作业页面
[root@m01 lnmp]# cat jiaozuoye.yml
- hosts: all
tasks:
- name: Create www Group
group:
name: www
gid: 666
state: present
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: 安装NFS
yum:
name: nfs-utils
state: present
- name: 安装rpcbind
yum:
name: rpcbind
state: present
- name: 启动rpcbind
systemd:
name: rpcbind
state: started
- hosts: web_group
tasks:
- name: Install Httpd Server
yum:
name: httpd
state: present
- name: Config httpd Server
copy:
src: /etc/httpd/conf/httpd.conf
dest: /etc/httpd/conf/
- name: 解压php安装包到web服务器
unarchive:
src: /root/php.tar.gz
dest: /tmp/
- name: 安装php
shell: yum localinstall -y /tmp/*.rpm
- name: 配置php
copy:
src: /etc/php-fpm.d/www.conf
dest: /etc/php-fpm.d/
- name: 配置php
copy:
src: /etc/php.ini
dest: /etc/
- name: 启动php
systemd:
name: php-fpm
state: started
enabled: yes
- name: 启动httpd
systemd:
name: httpd
state: started
enabled: yes
- name: 解压代码
unarchive:
src: /root/kaoshi.zip
dest: /var/www/html/
owner: www
group: www
- name: 站点目录授权
file:
path: /var/www/
state: directory
owner: www
group: www
recurse: yes
- name: 安装NFS
yum:
name: nfs-utils
state: present
- hosts: nfs
tasks:
- name: 配置nfs
copy:
content: "/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)"
dest: /etc/exports
- name: 创建挂载目录
file:
path: /data
state: directory
owner: www
group: www
- name: 启动nfs
systemd:
name: nfs
state: started
- hosts: web_group
tasks:
- name: 创建web端挂载的目录
file:
path: /var/www/html/upload
state: directory
owner: www
group: www
- name: 挂载
mount:
src: 172.16.1.31:/data
path: /var/www/html/upload
fstype: nfs
opts: defaults
state: mounted
3.部署rsync客户端和服务端
1)配置主机清单
[root@m01 lnmp]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
[nfs_server]
nfs ansible_ssh_pass='1'
[rsync_server]
backup ansible_ssh_pass='1'
[db_server]
db01 ansible_ssh_pass='1'
[www:children]
web_group
nfs_server
rsync_server
2)准备rsync配置文件
[root@m01 lnmp]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
3)准备sersync
#1.准备包
[root@m01 ~]# ll sersync2.5.4_64bit_binary_stable_final.tar.gz
-rw-r--r-- 1 root root 727290 Aug 23 12:22 sersync2.5.4_64bit_binary_stable_final.tar.gz
#2.准备配置文件
[root@m01 ~]# vim GNU-Linux-x86/confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="backup"/>
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.password"/>
... ...
</sersync>
4)编写剧本
[root@m01 lnmp]# cat rsync_client.yml
- hosts: nfs_server
tasks:
- name: Install Rsync Server
yum:
name: rsync
state: present
- name: Install Inotify-Tools Server
yum:
name: inotify-tools
state: present
- name: Install Sersync Server
unarchive:
src: /root/sersync2.5.4_64bit_binary_stable_final.tar.gz
dest: /usr/local/
- name: Rename Sersync Dir
shell: "mv /usr/local/GNU-Linux-x86 /usr/local/sersync"
- name: Config Sersync Server
copy:
src: /root/GNU-Linux-x86/confxml.xml
dest: /usr/local/sersync/
- name: Chmod Sersync
copy:
src: /root/GNU-Linux-x86/sersync2
dest: /usr/local/sersync/
mode: 755
- name: Config Rsync Client Password File
copy:
content: "123456"
dest: /etc/rsync.passwd
mode: 600
- name: Start Sersync
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
