jinja2配置文件和数据库的创建
目录
master (ansible)
ansible配置文件(/etc/ansible/hosts)
[web01]
172.16.1.7 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[web02]
172.16.1.8 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[web03]
172.16.1.9 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[web:children]
web01
web02
web03
[lb01]
172.16.1.5 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[lb02]
172.16.1.6 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[lb:children]
lb01
lb02
[db01]
172.16.1.51 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
[nfs]
172.16.1.31 ansible_ssh_pass='1' ansible_ssh_port=22 ansible_ssh_user=root
vars (变量)
server_path: /opt/discuz_web_01
server_name: discuz.test.com
net_ip: 172.16.1.
server_port: 80
vip: 192.168.230.100
user_name: www
php_repo_url: https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
mariadb_login_host: 172.16.1.51
mariadb_login_username: root
mariadb_login_password: 123456
mariadb_login_port: 3306
web
代码包
nginx站点配置文件
server {
listen {{ server_port }};
server_name {{ server_name }};
root {{ server_path }};
location / {
index index.php index.html;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
nginx 优化文件(/etc/nginx/proxy_params)
[root@web01 ~]# cat /etc/nginx/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
proxy_read_timeout 10s;
proxy_send_timeout 10s;
proxy_buffering on;
proxy_buffer_size 8k;
proxy_buffers 32 8k;
nginx配置文件
user www;
worker_processes auto;
worker_cpu_affinity auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
server_tokens off;
client_max_body_size 200M;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'$request_uri "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
php自带版本过低要重新下载
- name: 安装PHP源
yum:
name: "{{ php_repo_url }}" # 变量在上面(vars)
state: installed
- name: 刷新缓存
shell: "yum clean all && yum makecache"
- name: 卸载原有的PHP
yum:
name: "{{ item }}"
state: absent
with_items:
- php
- php-mysql-5.4
- php-fpm
- php-common
- name: 安装PHP
yum:
name: "{{ item }}"
state: installed
with_items:
- php72w
- php72w-cli
- php72w-common
- php72w-devel
- php72w-embedded
- php72w-gd
- php72w-mbstring
- php72w-pdo
- php72w-xml
- php72w-fpm
- php72w-mysqlnd
- php72w-opcache
- php72w-pecl-memcached
- php72w-pecl-redis
- php72w-pecl-mongodb
php配置文件(php.ini)
#;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
#; Error handling and logging ;
#;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
expose_php = Off # 关闭php版本信息
display_error = Off # 屏幕不显示错误日志(开发环境可以开启 on)
error_reporting = E_ALL # 记录PHP的每个错误
log_errors = On # 开启错误日志
error_log = /var/log/php_error.log # 错误日志写入的位置(程序处理代码时的错误)
date.timezone = Asia/Shanghai # 调整时区,默认PRC
#;;;;;;;;;;;;;;;;
#; File Uploads ;
#;;;;;;;;;;;;;;;;
file_uploads = On # 允许文件上传
upload_max_filesize = 300M # 允许上传文件的最大大小
post_max_size = 300M # 允许客户端单个POST请求发送的最大数据
max_file_uploads = 20 # 允许同时上传的文件的最大数量
memory_limit = 128M # 每个脚本执行最大内存
php的www.conf文件
[root@web02 ~]# vim /etc/php-fpm.d/www.conf
[www] #池名称
user = www #进程运行的用户
group = www #进程运行的组
;listen = /dev/shm/php-fpm.sock #监听在本地socket文件
listen = 127.0.0.1:9000 #监听在本地tcp的9000端口
;listen.allowed_clients = 127.0.0.1 #允许访问FastCGI进程的IP,any不限制
pm = dynamic #管理方式(dynamic为动态,static为静态)
pm.max_children = 512 #最大启动的php-fpm进程数(静态管理,配置dynamic时失效)
pm.start_servers = 32 #动态方式下的起始php-fpm进程数量。
pm.min_spare_servers = 32 #动态方式下的最小php-fpm进程数量。
pm.max_spare_servers = 64 #动态方式下的最大php-fpm进程数量。
pm.max_requests = 1500 #达到这个请求数,子进程会重启,如果是0那就一直接受请求
pm.process_idle_timeout = 15s; #没有请求时多久释放一个进程
pm.status_path = /php_status #开启php的状态页面
php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/phpfpm_error.log
php_admin_flag[log_errors] = on
request_slowlog_timeout = 5s #php脚本执行超过5s的文件
slowlog = /var/log/php_slow.log #记录至该文件中
lb
nginx负载均衡配置文件
upstream {{ server_name }} {
{% for i in range(7,10) %}
server {{ net_ip }}{{ i }};
{% endfor %}
}
server {
listen {{ server_port }};
server_name {{ server_name }};
location / {
proxy_pass http://{{ server_name }};
include proxy_params;
}
}
keepalived配置文件
global_defs {
router_id {{ ansible_nodename}}
}
vrrp_script check {
script "/etc/keepalived/check_web.sh"
interval 5
}
vrrp_instance VI_1 {
{% if ansible_nodename == 'lb01' %}
state MASTER
{% else %}
state BACKUP
{% endif %}
nopreempt
interface eth0
virtual_router_id 50
{% if ansible_nodename == 'lb01' %}
priority 100
{% elif ansible_nodename == 'lb02' %}
priority 90
{% else %}
priority 80
{% endif %}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
{{ vip }}
}
track_script {
check
}
}
nginx检查脚本
#!/bin/bash
netstat -nutlp | grep -E '\<80\>'
if [ $? -ne 0 ];then
systemctl restart nginx &>/dev/null
sleep 3
netstat -nutlp | grep -E '\<80\>'
if [ $? -ne 0 ];then
systemctl stop keepalived
fi
fi
nfs增加挂载点脚本
#!/bin/bash
grep "/data/upload" /etc/exports
if [ $? -ne 0 ];then
echo '/data/upload 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)' >> /etc/exports
fi
db01
#导出数据库数据
[root@db01 ~]# mysqldump -uroot -p123456 sns > /root/sns.sql
# 先安装mariadb到1台web上创建好数据库,再导出数据发送到跳板机 (db端的数据要删除了,不然会报错)
# 创建数据库
# create database discuz;
# 查看数据库名
# show databases;
# 1.删除数据库导出数据
# drop database discuz;(数据库的名字)
# 2.把数据包发送到跳板机
# scp discuz.sql 192.168.214.61:/root/discuz
使用jinja2写剧本
# 使用剧本搭建Discuz
# 机器
# 3 :web
# 2 : lb(keepalived)
# 1 :db
# 1 : nfs
# 1、生成配置文件
# 2、生成数据库中的内容
# 3、创建一个数据库用户
1、登录到数据(用户名和密码)
2、创建用户(用户名和密码)
- hosts: web
vars_files: ./vars.yaml
tasks:
- name: 创建用户组
group:
gid: 666
name: "{{ user_name }}"
- name: 创建用户
user:
name: "{{ user_name }}"
group: "{{ user_name }}"
create_home: False
shell: /sbin/nologin
uid: 666
- name: 部署Nginx
yum:
name: nginx
state: installed
- name: 修改nginx配置
template:
src: nginx.conf
dest: /etc/nginx/
- name: 安装PHP源
yum:
name: "{{ php_repo_url }}"
state: installed
- name: 刷新缓存
shell: "yum clean all && yum makecache"
- name: 卸载原有的PHP
yum:
name: "{{ item }}"
state: absent
with_items:
- php
- php-mysql-5.4
- php-fpm
- php-common
- name: 安装PHP
yum:
name: "{{ item }}"
state: installed
with_items:
- php72w
- php72w-cli
- php72w-common
- php72w-devel
- php72w-embedded
- php72w-gd
- php72w-mbstring
- php72w-pdo
- php72w-xml
- php72w-fpm
- php72w-mysqlnd
- php72w-opcache
- php72w-pecl-memcached
- php72w-pecl-redis
- php72w-pecl-mongodb
- name: 修改PHP配置(www.conf)
copy:
src: www.conf
dest: /etc/php-fpm.d/
- name: 修改PHP配置(php.ini)
template:
src: php.ini
dest: /etc/
- name: 创建站点
file:
path: "{{ server_path }}"
state: directory
- name: 上传代码解压
unarchive:
src: discuz.tar.gz
dest: "{{ server_path }}"
owner: "{{ user_name }}"
group: "{{ user_name }}"
- name: 修改nginx配置
template:
src: ansible_discuz.conf
dest: /etc/nginx/conf.d/
- name: 启动Nginx和PHP服务
systemd:
name: "{{ item }}"
state: restarted
with_items:
- nginx
- php-fpm
- hosts: db
vars_files: ./vars.yaml
tasks:
- name: 安装MariaDB
yum:
name: mariadb*
state: installed
- name: 启动数据库
systemd:
name: mariadb
state: started
- name: 创建数据库
mysql_db:
name: discuz
state: present
login_host: "{{ mariadb_login_host }}"
login_user: "{{ mariadb_login_username }}"
login_password: "{{ mariadb_login_password }}"
login_port: "{{ mariadb_login_port }}"
- name: 将SQL文件复制到DB端
copy:
src: discuz.sql
dest: /tmp/
- name: 导入数据
mysql_db:
name: discuz
state: import
target: /tmp/discuz.sql
login_host: "{{ mariadb_login_host }}"
login_user: "{{ mariadb_login_username }}"
login_password: "{{ mariadb_login_password }}"
login_port: "{{ mariadb_login_port }}"
- hosts: lb
vars_files: ./vars.yaml
tasks:
- name: 安装Keepalived和Nginx
yum:
name: "{{ item }}"
state: installed
with_items:
- keepalived
- nginx
- name: 上传Nginx配置文件
template:
src: ansible_discuz_lb.conf
dest: /etc/nginx/conf.d/
- name: 上传keepalived配置文件
template:
src: keepalived.conf
dest: /etc/keepalived/
- name: 上传监控脚本
template:
src: check_web.sh
dest: /etc/keepalived/
mode: 0755
notify: 重启Keepalived和Nginx
handlers:
- name: 重启Keepalived和Nginx
systemd:
name: "{{ item }}"
state: restarted
with_items:
- nginx
- keepalived
nfs(执行剧本)
- hosts: nfs
tasks:
- name: 安装nfs-utils
yum:
name: nfs-utils
state: installed
- name: 上传解压文件并上传至nfs
unarchive:
src: Discuz_X3.4_SC_UTF8_20210630.zip
dest: /mnt
- name: 创建挂载点
shell: chdir=/data creates=/data/upload mkdir /data/upload
- name: 把文件移动到挂载点
shell: mv /mnt/upload/* /data/upload/
- name: 增加挂载点
script: ./nfs.sh
- name: 授权挂载点目录
shell: chown -R www.www /data/upload
- name: 重启nfs-server
systemd:
name: nfs-server
state: restarted
- name: 重启rpcbind
systemd:
name: rpcbind
state: restarted