Ansible部署lanm

添加受管主机

[root@localhost ansible]# cat cctv 
[http]
192.168.100.42 ansible_user=root ansible_password=1
[php]
192.168.100.43 ansible_user=root ansible_password=1
[mysql]
192.168.100.44ansible_user=root ansible_password=1 

测试能否ping通

[root@localhost ansible]# ansible all -m ping
192.168.100.42 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.100.43 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
192.168.100.44 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

下载和配置httpd、php、mysql

[root@localhost ansible]# ansible 192.168.100.42 -m yum -a 'name=httpd state=present'	#下载http服务
192.168.100.42 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
        "Installed: mod_http2-1.15.7-3.module_el8.4.0+778+c970deab.x86_64"
    ]
}

[root@localhost ansible]# ansible 192.168.100.43-m yum -a 'name=php* state=present'	#下载php服务
192.168.100.43| CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: php-intl-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: php-json-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
········
   "Installed: glibc-headers-2.28-161.el8.x86_64",
        "Installed: php-fpm-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: pcre-utf32-8.42-6.el8.x86_64",
        "Installed: php-gd-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: php-gmp-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Removed: pcre-8.42-4.el8.x86_64",
        "Removed: glibc-2.28-141.el8.x86_64",
        "Removed: glibc-common-2.28-141.el8.x86_64",
        "Removed: glibc-langpack-zh-2.28-141.el8.x86_64",
        "Removed: libxcrypt-4.1.1-4.el8.x86_64"
    ]
}

[root@localhost ansible]# ansible 192.168.100.44 -m yum -a 'name=mysql state=present'	#安装mysql
192.168.100.44 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: mariadb-connector-c-config-3.1.11-2.el8_3.noarch",
        "Installed: mysql-8.0.21-1.module_el8.4.0+589+11e12751.x86_64",
        "Installed: mysql-common-8.0.21-1.module_el8.4.0+589+11e12751.x86_64"
    ]
[root@localhost ansible]# ansible 192.168.100.44-m yum -a 'name=mysql-server state=present'
192.168.100.44 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: protobuf-lite-3.5.0-13.el8.x86_64",
        "Installed: python3-policycoreutils-2.9-14.el8.noarch",
        "Installed: python3-audit-3.0-0.17.20191104git1c2f876.el8.x86_64",
        "Installed: mysql-errmsg-8.0.21-1.module_el8.4.0+589+11e12751.x86_64",
        "Installed: mysql-server-8.0.21-1.module_el8.4.0+589+11e12751.x86_64",
        "Installed: mecab-0.996-1.module_el8.4.0+589+11e12751.9.x86_64",
        "Installed: python3-setools-4.3.0-2.el8.x86_64",
        "Installed: policycoreutils-2.9-14.el8.x86_64",
        "Installed: libsemanage-2.9-6.el8.x86_64",
        "Installed: checkpolicy-2.9-1.el8.x86_64",
        "Installed: policycoreutils-python-utils-2.9-14.el8.noarch",
        "Installed: python3-libsemanage-2.9-6.el8.x86_64",
        "Removed: libsemanage-2.9-4.el8.x86_64",
        "Removed: policycoreutils-2.9-9.el8.x86_64"
    ]
}
[root@localhost ansible]#

配置httpd服务

[root@localhost ansible]# ansible 192.168.100.42 -m lineinfile -a 	'path=/etc/httpd/conf/httpd.conf insertafter="AddType application/x-gzip" line="AddType application/x-httpd-php .php"'
192.168.100.42 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}
[root@localhost ansible]# ansible 192.168.100.42 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="AddType application/x-httpd-php .php" line="AddType application/x-httpd-php-source .phps "'
192.168.100.42 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}

[root@localhost ansible]# ansible 192.168.100.42 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf line="<VirtualHost *:80>\nDocumentRoot "/usr/local/apache/htdocs"\nServerName www.scl.com\nProxyRequests Off\nProxyPassMatch ^/(.*\.php)$ fcgi://192.168.100.43:9000/www/abc/$1\n<Directory "/www/abc/">\nOptions none\nAllowOverride none\nRequire all granted\n</Directory>\n</VirtualHost>"'
192.168.100.42 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}

配置php服务

[root@localhost ansible]# ansible 192.168.240.50 -m command -a 'touch www/abc/index.php'
[WARNING]: Consider using the file module with state=touch rather than running 'touch'.  If you need to use command because file is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.240.50 | CHANGED | rc=0 >>

[root@localhost ansible]# ansible 192.168.100.43 -m lineinfile -a 'path=www/abc/index.php line="<?php phpinfo(); ?>"'
192.168.100.43 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}

[root@localhost ansible]# ansible 192.168.100.43 -m lineinfile -a 'path=/etc/php-fpm.d/www.conf insertafter=" Note: This value is mandatory." line=192.168.100.43:9000'
192.168.100.43 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}

关闭防火墙跟selinux

[root@localhost ansible]# ansible all -m service -a 'name=firewalld  state=stopped'
192.168.100.42 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "firewalld",
    "state": "stopped",
    "status": {
·······
192.168.100.43 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
·······
192.168.100.44 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "firewalld",
    "state": "stopped",
    "status": {
        "ActiveState": "active",
        "UMask": "0022",
        "WatchdogTimestamp": "Sat 2021-07-17 07:15:33 EDT",
        "WatchdogTimestampMonotonic": "5128397",
        "WatchdogUSec": "0"
    }
}

[root@localhost ansible]# ansible all -m service -a 'name=selinux state=stopped'
192.168.100.44 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "name": "selinux",
    "state": "stopped",
    "status": {
        "ActiveState": "inactive",
        "AllowedCPUs": "",
·····
192.168.100.43 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "name": "selinux",
    "state": "stopped",
    "status": {
        "ActiveState": "inactive",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
        "BlockIOAccounting": "no",
······
192.168.100.42 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "name": "selinux",
    "state": "stopped",
    "status": {
        "ActiveState": "inactive",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
·······
"TimeoutStartUSec": "1min 30s",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "UID": "[not set]",
        "UMask": "0022",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}

启动服务

[root@localhost ansible]# ansible 192.168.100.42 -m service -a 'name=httpd state=restarted'
192.168.100.43 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "httpd",
    "state": "started",
    "status": {
        "ActiveState": "active",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
······
 "TimerSlackNSec": "50000",
        "Type": "notify",
        "UID": "[not set]",
        "UMask": "0022",
        "WatchdogTimestamp": "Sun 2021-07-17 07:50:43 EDT",
        "WatchdogTimestampMonotonic": "20867005813",
        "WatchdogUSec": "0"
    }
}

[root@localhost ansible]# ansible 192.168.100.43 -m service -a 'name=php-fpm.service state=restarted
> '
192.168.100.43 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "php-fpm.service",
    "state": "started",
    "status": {
        "ActiveState": "inactive",
        "AllowedCPUs": "",
        "AllowedMemoryNodes": "",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
······
 "TasksCurrent": "[not set]",
        "TasksMax": "4743",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Type": "notify",
        "UID": "[not set]",
        "UMask": "0022",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}