ansible系列(32)--ansible实战之部署WEB集群架构（2）

1. 基础环境role编写

• 创建基础环境role的相关目录：

  [root@xuzhichao cluster-roles]# mkdir base-module/{tasks,handlers,files,templates,meta} -p
  

• 编写tasks的任务文件：

  [root@xuzhichao cluster-roles]# cat base-module/tasks/yum_repo.yml 
  #配置yum仓库
  #
  #1.配置base的yum仓库
  - name: Configuer Base Repo
    yum_repository:
      name: Base
      description: BASE YUM repo
      baseurl: file:///misc/cd
      gpgcheck: 1
      gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
  
  #2.配置epel的yum仓库
  - name: Configuer Eepl Repo
    yum_repository:
      name: Epel
      description: EPEL YUM REPO
      baseurl: https://mirrors.aliyun.com/epel/7/$basearch
      gpgcheck: 1
      gpgkey: http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
  
  #3.配置nginx的yum仓库
  #注释掉nginx的yum源是因为该yum源不稳定，影响安装其他软件，后期nginx采用编译方式进行安装
  #- name: Configuer Nginx Repo
  #  yum_repository:
  #    name: Nginx
  #    description: NGINX YUM REPO
  #    baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
  #    gpgcheck: 1
  #    gpgkey: https://nginx.org/keys/nginx_signing.key
  #  when: ( ansible_hostname is match ("web*") ) or ( ansible_hostname is match ("lb*") )
  
  #4.配置PHP的yum仓库，通过rpm方式进行安装
  - name: Configuer PHP Repo
    shell: 
      cmd: test -f /etc/yum.repos.d/webtatic.repo || ( rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm )
    when: (ansible_hostname is match ("web*"))
  
  [root@xuzhichao cluster-roles]# cat base-module/tasks/install_base_soft.yml 
  #安装基础软件包
  #
  - name: Install Base SoftWare
    yum:
      name: "{{ item }}"
      state: present
    loop:
      - wget
      - httpd-tools
      - lrzsz
      - nfs-utils
      - bind-utils
      - net-tools
      - unzip
      - vim
      - gcc
      - mariadb
      - MySQL-python
      - git 
      - autofs
      - bash-completion.noarch
      - expect
    ignore_errors: yes
                      
  [root@xuzhichao cluster-roles]# cat base-module/tasks/create_user.yml 
  #创建nginx的web账号
  #
  - name: Create Process Group
    group:
      name: "{{ web_group }}"
      gid: "{{ web_gid }}"
  
  - name: Create Process Group
    user:
      name: "{{ web_user }}"
      uid: "{{ web_uid }}"
      group: "{{ web_group }}"
      create_home: no
      system: yes
                   
  [root@xuzhichao cluster-roles]# cat base-module/tasks/disable_firewalld_selinux.yml 
  #关闭防火墙和selinux
  #
  - name: Disable Firewalld
    systemd:
      name: firewalld
      state: stopped
      enabled: yes
  
  - name: Disable Selinux
    selinux:
      state: disabled
  
  [root@xuzhichao cluster-roles]# cat base-module/tasks/main.yml 
  - include: yum_repo.yml
  - include: install_base_soft.yml
  - include: create_user.yml
  - include: disable_firewalld_selinux.yml
  

• 变量文件如下：

  [root@xuzhichao cluster-roles]# cat group_vars/all 
  #创建基础环境变量
  web_group: nginx
  web_gid: 887
  web_user: nginx
  web_uid: 887
  

• 编写playbook主文件：

  [root@xuzhichao cluster-roles]# cat wordpress_site.yml 
  - hosts: all
    roles:
      - role: base-module
    tags: base-module
  

• 运行palybook：

  [root@xuzhichao cluster-roles]# ansible-playbook wordpress_site.yml
  

• 遗留问题：每次执行palybook都会重复执行PHP仓库的安装任务，when和run_once参数一起使用有问题。