@ansible剧本（一键部署lnmp项目）

0|1文章目录

• • ansible剧本（一键部署lnmp项目）
  • • ansible—hosts（ip+密码）
    • 一、backup
    • 二、nfs
    • 三、web
    • 四、mariadb（数据库）
    • 五、lb&keepalived（负载均衡）
    • 六、prometheus
    • 七、prometheus(web)
    • 八、prometheus（database）

1|0ansible剧本（一键部署lnmp项目）

1|1ansible—hosts（ip+密码）

[backup]
172.16.1.41 ansible_ssh_pass=‘1’

[nfs]
172.16.1.31 ansible_ssh_pass=‘1’

[web]
172.16.1.7 ansible_ssh_pass=‘1’
172.16.1.8 ansible_ssh_pass=‘1’
172.16.1.9 ansible_ssh_pass=‘1’

[db]
172.16.1.51 ansible_ssh_pass=‘1’

[lb]
172.16.1.5 ansible_ssh_pass=‘1’
172.16.1.6 ansible_ssh_pass=‘1’

[prometheus]
172.16.1.71 ansible_ssh_pass=‘1’

基于秘钥(生成------>传输)
（生成）ssh-keygen
（传输）for i in 5 6 7 8 9 31 41 51 71;do sshpass -p1 ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.16.1.$i -o StrictHostKeyChecking=no;done

1|2一、backup

#################ansible部署backup剧本编写：
---
- hosts: backup
  remote_user: root
  roles:
    - backup

1）#安装rsync
- name: Install Rsyncd Server
  yum:
    name: rsync
    state: present


2）#创建用户组
- name: Create www Group
  group:
    name: www
    gid: 1000
  #创建/用户
- name: Create www User
  user:
    name: www
    group: www
    uid: 1000
    create_home: false
    shell: /sbin/nologin

3）#rsync配置文件推送
- name: Rsync Config
  template:
    src: rsyncd.conf.j2
    dest: /etc/rsynd.conf
    owner: root


4）#推送密码文件
- name: Create Passwd File
  template:
    src: rsync.passwd.j2
    dest: /etc/rsync.passwd
    owner: root
    mode: 600

#推送配置文件
- name: Create conf File
  template:
    src: rsyncd.conf.j2
    dest: /etc/rsyncd.conf
    owner: root
    mode: 600


#配置文件授权
- name: chown rsync.passwd
  shell: chmod 600 /etc/rsync.passwd
- name: chown rsyncd.conf
  shell: chmod 600 /etc/rsyncd.conf
  



5）#创建backup目录
- name: Create backup Directory
  file:
    path: /backup
    mode: 0755      
    owner: www
    group: www
    state: directory
    recurse: yes

- name: Create bac_database Directory
  file:
    path: /backup/database
    mode: 0755
    owner: www
    group: www
    state: directory
    recurse: yes


- name: Create bac_web  Directory
  file:
    path: /backup/web
    mode: 0755
    owner: www
    group: www
    state: directory
    recurse: yes
    
    
    
      
6）#启动rsync服务
- name: Start Rsyncd Server
  systemd:
    name: rsyncd
    state: started

1|3二、nfs

#################ansible部署nfs剧本编写：


- hosts: nfs
  remote_user: root
  roles:
    - nfs
    
1)#安装nfs
- name: install nfs-utils
  yum:
    name: nfs-utils
    state: present
#安装nfs
- name: install rpcbind
  yum:
    name: rpcbind
    state: present



2)#创建用户
- name: Create www User
  user:
    name: www
    uid: 1000
    create_home: false
    shell: /sbin/nologin
#推送配置文件
- name: create nfs conf_file
  template:
    src: exrorts.j2
    dest: /etc/exports
    owner: root



3)#推送密码文件
- name: create rsync passwd_file
  template:
    src: rsync.passwd.j2
    dest: /etc/rsync.passwd
    #owner: www
    #mode: 600
    #notify: restart rsyncd
#授权密码文件
- name: chmod rsync.passwd
  shell: chmod 600 /etc/rsync.passwd
- name: chown rsync.passwd
  shell: chown root.root /etc/rsync.passwd
#创建挂载目录并授权
- name: Create nfs Directory
  file:
    path: /nfs
    state: directory
    owner: www
    group: www
   #mode: 755
    recurse: yes


4）#创建web目录
- name: Create nfs_web Directory
  file:
    path: /nfs/web
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#创建conf目录
- name: Create nfs_conf Directory
  file:
    path: /nfs/conf
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#常见database目录
- name: Create nfs_database Directory
  file:
    path: /nfs/database
    state: directory
    owner: www
    group: www
    #mode: 755
    recurse: yes
#创建download目录
- name: Create nfs_download Directory
  file:
    path: /nfs/download
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#清除web目录残留文件
- name: rm web file
  shell: rm -rf /nfs/web/*
#指定解压项目文件
- name: scp test_file
  unarchive:
    remote_src: no
    src: /hzl/hzl/test.zip
    dest: /nfs/web/
   # wner: www
   # mode: 755
#更改项目文件权限
- name: chown 
  shell: chown -R www.www /nfs/
  
  
  
5）#启动nfs-server
- name: Start NFS Server
  systemd:
    name: nfs-server
    state: started
    enabled: yes
    
    
    
6)#推送解压指定的目录
- name: scp sersync file
  unarchive:
    src: sersync2.5.4_64bit_binary_stable_final.tar.gz   #使用软件包
    dest: /usr/local/
#推送sersync模板文件
- name: create sersync file
  template:
    src: confxml.xml.j2
    dest: /usr/local/GNU-Linux-x86/confxml.xml
    #force: yes
#启动sersync守护进程
- name: start sersync
  shell: /usr/local/GNU-Linux-x86/sersync2 -dro /usr/local/GNU-Linux-x86/confxml.xml

1|4三、web

#####################ansible部署web剧本编写：


- hosts: web
  remote_user: root
  roles:
    - web

1）#yum安装epel源
    - name: yum install epel
      yum:
        name: epel-release 
        state: present

    - name: yum repolist
      shell: yum repolist
#推送安装包     
    - name: scp php_rpm file
      unarchive:
        remote_src: no
        src: php.tar.gz    #安装php软件压缩包
        dest: /opt
        owner: root
#php源推送
    - name: scp php.repo file 
      copy:
        src: php.repo     #配置php的yum源
        dest: /etc/yum.repos.d/
        owner: root
        force: yes
#刷新repo源
    - name: yum makecache
      shell: yum makecache




2）#安装nfs及rpcbind
    - name: install nfs-utils
      yum:
        name: nfs-utils
         state: present
       state: present
    - name: install rpcbind
      yum:
        name: rpcbind
        state: present     
#启动nfs-server
    - name: Start nfs Server
      shell: systemctl restart nfs rpcbind
#    - name: Start rpcbind  Server
#      systemd:
#        name: rpcbind                 
#        state: started
#        enabled: yes
#安装nginx 
    - name: install nginx    
      yum:
        name: nginx 
        state: present
#安装php
    - name: install php
      shell: yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71wxml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71wpecl-redis php71w-pecl-mongodb
#本地安装php
    - name: install php-fpm
      shell: yum localinstall -y /opt/*rpm    #使用本地软件包安装php



3）#创建用户组       
    - name: create www group 
      group:
        name: www
        gid: 1000
 #创建用户
    - name: create www user
      user:
        name: www
        uid: 1000
        group: www




4）#创建挂载目录
    - name: Create code  Directory
      file:
        path: /code
        state: directory
        owner: www
        group: www
       # mode: 755 
        recurse: yes
#使用nfs挂载web
    - name: Mount NFS Server
      mount:
        path: /code
        src: 172.16.1.31:/nfs/web
        fstype: nfs
        opts: defaults
        state: mounted
#使用nfs挂载conf
    - name: Mount conf_file  NFS Server
      mount:
        path: /etc/nginx/conf.d/
        src: 172.16.1.31:/nfs/conf
        fstype: nfs
        opts: defaults
        state: mounted


5）#nginx配置文件推送
    - name: scp nginx_conf file  
      template:
        remote_src: no
        src: ./nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        owner: root
#推送配置文件
    - name: scp hzl_conf file
      copy:
        src: hzl.conf
        dest: /etc/nginx/conf.d/hzl.conf
        owner: www
        force: yes
#php配置文件推送
    - name: scp php_conf file
      copy:
        src: /hzl/hzl/www.conf
        dest: /etc/php-fpm.d/www.conf
        owner: root
        force: yes


6）#启动nginx
    - name: Start nginx Server
      service:
        name: nginx
        state: started
        enabled: yes 
#启动php-server
    - name: Start php  Server
      service:
        name: php-fpm.service
        state: started
        enabled: yes

1|5四、mariadb（数据库）

#####################ansible部署mariadb剧本编写：


- hosts: db
  remote_user: root
  roles:
    - db

1）#安装epel源
- name: install epel repo
  shell: yum install -y  epel-release
#使用URL安装epel
# shell: yum install -y  https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmll




2）#安装redis
- name: install redis    
  yum:
    name: redis
    state: present 
#安装mariadb
- name: install mariadb
  yum:
    name: mariadb,mariadb-server
    state: present
#安装nfs
- name: install nfs
  yum:
    name: nfs-utils,rpcbind
    state: present
#安装rpcbind
- name: install rpcbind
  yum:
    name: nfs-utils,rpcbind
    state: present
#启动nfs与rpcbind
- name: start nfs server
  service:
    name: nfs
    state: started
    enabled: yes
#启动nfs与rpcbind
- name: start rpcbind server
  service:
    name: rpcbind.service
    state: started
    enabled: yes



3）#用户创建
- name: Create vhost User
  user:
    name: mysql
    group: mysql
    shell: /sbin/nologin
    system: yes





4）#启动redis服务
- name: Start redis Service
  service: 
    name: redis
    state: started
#启动mariadb服务
- name: Start mariadb Server
  service: 
    name: mariadb
    state: started
    enabled: yes







5)#数据库登录
    - name: create mysql_admind user       
      shell: mysqladmin -uroot password '888'   #新安装的数据库首次登录

 #创建数据库管理用户并授权
    - name: create database user
      shell: mysql -uhzl -p888 -e "grant all on *.* to hzl@'%' identified by '888';"
     
#      shell: mysql -uroot -p123 -e "grant all privileges on *.* to 'hzl'@'%' identified by '888' with grant option;"  
#刷新用户权限
    - name: 
      shell: mysql -uhzl -p888 -e "flush privileges;"
#数据库库创建  
    - name: 
      shell: mysql -uhzl -p888 -e "create database word;"
      

1|6五、lb&keepalived（负载均衡）

###########################ansible部署slb剧本编写：

- hosts: lb 
  remote_user: root
  roles:
    - lb


1）#安装nginx 
- name: install nginx
  yum:
    name: nginx
    state: present
#安装keepalived
- name: install keepalived
  yum:
    name: keepalived
    state: present





2）#创建用户组       
    - name: create www group 
      group:
        name: www
        gid: 1000
#创建用户
    - name: create www user
      user:
        name: www
        uid: 1000
        group: www





3）#nginx配置文件推送
    - name: scp nginx Config 
      template:
        src: ./nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        owner: www   
    - name: scp nginx Config 
      template:
        src: ./hzl.conf.j2
        dest: /etc/nginx/conf.d/hzl.conf
        owner: www
#推送keepalived配置文件
    - name: scp 01keepalived conf_file
      template:
        src: ./keepalived.conf.j2
        dest:  /etc/keepalived/keepalived.conf

    - name: scp track_script 
      template:
        src: ./check_web.sh.j2
        dest:  /etc/keepalived/check_web.sh
#加入定时任务
    - name: create  crontab 
      cron:
        minute: '*'
        job: /etc/keepalived/
        name: check_web.sh
        disabled: yes




4）#启动nginx
    - name: Start nginx Server
      service:
        name: nginx
        state: started
        enabled: yes         
#启动keepalived
    - name: start keepalived 
      service:
        name: keepalived.service
        state: started
        enabled: yes

1|7六、prometheus

#prometheus链接地址https://download.csdn.net/download/weixin_55972781/19515183

#########################ansible部署prometheus剧本编写：

- hosts: prometheus
  remote_user: root
  roles:
    - prometheus

1)#下载ntpdate
- name: ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com




2）#上传prometheus
- name: prometheus
  unarchive: 
    src: /hzl/hzl/prometheus-2.25.0.linux-amd64.tar.gz  
    dest: /usr/local/
#建立软连接
- name: ln 
  shell: ln -s /usr/local/prometheus-2.25.0.linux-amd64 /usr/local/prometheus




3）#创建系统system启动项目
- name: create system
  template: 
    src: prometheus.service 
    dest: /etc/systemd/system

#system文件编写
[root@m01 /]# cat >> /etc/systemd/system/prometheus.service <<EOF
[Unit]
Description=Prometheus Monitoring System
Documentation=Prometheus Monitoring System
 
[Service]
ExecStart=/usr/local/prometheus/prometheus \
  --config.file=/usr/local/prometheus/prometheus.yml \
  --web.listen-address=:9090
 
[Install]
WantedBy=multi-user.target
EOF

#修改prometheus配置文件
- name: scp conf file
  template: 
    src: prometheus.yml 
    dest: /usr/local/prometheus
#重载系统文件
- name: daemon
  service: 
    daemon_reload: yes




4）#启动prometheus服务
- name: restart
  service: 
    name: prometheus 
    state: started 
    enabled: yes




5）#上传grafana
- name: scp  grafana 
  copy: 
    src: /hzl/hzl/grafana-7.3.6-1.x86_64.rpm 
    dest: /opt/
#安装grafana
- name: install grafana
  yum: 
    name: /opt/grafana-7.3.6-1.x86_64.rpm
#启动grafana
- name: start grafana-server
  service: 
    name: grafana-server 
    state: started 
    enabled: yes

1|8七、prometheus(web)

#####################ansible部署prometheus_web剧本编写：

- hosts: web
  remote_user: root
  roles:
    - prometheus_web

1）#下载ntpdate
- name: install ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com



2）#使用node_exproter插件包
- name: scp node_exporter.tar.gz
  unarchive :
    src: node_exporter.tar.gz
    dest: /usr/local/


#添加系统system启动项
- name: scp node-exporter.service
  copy:
    src: node-exporter.service
    dest: /etc/systemd/system/

#启动node_exproter插件
- name: start node-exporter.service
  service:
    name: node-exporter.service
    state: started

1|9八、prometheus（database）

#####################ansible部署prometheus_db剧本编写：


- hosts: db
  remote_user: root
  roles:
    - prometheus_db

1）#下载ntpdate
- name: install ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com




2）#上传mysqld_exproter插件包
- name: scp mysqld_exporter.tar.gz
  unarchive :
    src: mysqld_exporter.tar.gz
    dest: /usr/local/




3）#添加系统system启动项
- name: scp mysqld_exporter.service
  copy:
    src: mysqld_exporter.service
    dest: /etc/systemd/system/
#配置文件
[root@m01 files]# cat > mysqld_exporter.service << EOF 
[Unit]
Description=Prometheus

[Service]
ExecStart=/usr/local/mysqld_exporter/mysqld_exporter \
 --config.my-cnf=/usr/local/mysqld_exporter/.my.cnf \
 --web.listen-address=:9104
Restart=on-failure 

[Install]
WantedBy=multi-user.target
EOF




4）#mysqld.exproter配置文件修改
- name: scp conf file
  copy:
    src: .my.cnf
    dest: /usr/local/mysqld_exporter/ 
#添加mysqld.exproter配置文件
[root@m01 files]# cat .my.cnf 
[client]
host=172.16.1.51
user=hzl       #与database创建的用户及密码一致（获得所有权限）
password=888   





5）#启动mysqld_exproter
- name: start mysqld_exporter.service
  service:
    name: mysqld_exporter.service
    state: started

__EOF__

本文作者：ଲ小何才露煎煎饺
本文链接：https://www.cnblogs.com/zeny/p/15121534.html
关于博主：评论和私信会在第一时间回复。或者直接私信我。
版权声明：本博客所有文章除特别声明外，均采用 BY-NC-SA 许可协议。转载请注明出处！
声援博主：如果您觉得文章对您有帮助，可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力！