一、MySQL高可性解决方案MHA实战
系统及软件环境:
| 操作系统:CentOS Linux release 8.3.2011 | 操作系统:CentOS Linux release 8.3.2011 | 操作系统:CentOS Linux release 8.3.2011 | 操作系统:CentOS Linux release 8.3.2011 |
|---|---|---|---|
| IP:172.20.200.147 master | IP:172.20.200.148 slave1 | IP:172.20.200.149 slave2 | IP:172.20.200.150 MHA Manager |
| APP:mha4mysql-node-0.56 mariadb-server 10.3.28 | APP:mha4mysql-node-0.56 mariadb-server 10.3.28 | APP:mha4mysql-node-0.56 mariadb-server 10.3.28 | APP:mha4mysql-manager-0.56 |
1.1 下载MHA软件
? MHA软件下载地址:https://github.com/yoshinorim/mha4mysql-manager/wiki/Downloads
? mha4mysql-manager-0.56-0.el6.noarch.rpm mha4mysql-node-0.56-0.el6.noarch.rpm
1.2 安装MHA管理端软件
? 管理端安装manager以及node软件,mha4mysql-manager,当前已可以在Centos8端安装。
# yum install -y mha4mysql*
1.3 MySQL master与Slave端安装mha4mysql-node软件
? mha4mysql-node-0.56-0.el6.noarch.rpm
# yum install -y mha4mysql-node-0.56-0.el6.noarch.rpm1.4 按上一篇博客方法实现Mariadb主备架构
? https://blog.51cto.com/u_12302225/2712193 ,经测试mysql-server 8.0.21两个slave节点的Slave_IO_Running只能启动一个,改用Mariadb-Server10.3.28后,一主两辅架构正常。
1.5 在所有节点之间实现ssh key验证
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory ‘/root/.ssh‘.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:mgg8qv+cR0QK1kyaSeR/1RMhtEt11OH0KzAGdScGXEo root@localhost.localdomain
The key‘s randomart image is:
+---[RSA 2048]----+
| .o+. .o.*E=*oo |
| oo+o . =o++o+. |
| .=. o + o= . .|
| . .. .o ...o .|
| + ... S . . |
| . o o.o . |
|. ..o |
|. . .. |
|....+. |
+----[SHA256]-----+
# ssh-copy-id 127.0.0.1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host ‘127.0.0.1 (127.0.0.1)‘ can‘t be established.
ECDSA key fingerprint is SHA256:N+d6fnrxRFsXEk9m+IOOdFJOolTpr4gf/gdWtI9zfRA.
ECDSA key fingerprint is MD5:1e:15:f2:d9:8f:69:19:e2:94:d3:4a:55:54:ca:68:3d.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@127.0.0.1‘s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh ‘127.0.0.1‘"
and check to make sure that only the key(s) you wanted were added.
[root@localhost ~]# scp -r .ssh 172.20.200.148:/root
The authenticity of host ‘172.20.200.148 (172.20.200.148)‘ can‘t be established.
ECDSA key fingerprint is SHA256:t5v7H7dGiOowaox6j2XqyyeH8yTwCBUjjUkjDP+cAaw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘172.20.200.148‘ (ECDSA) to the list of known hosts.
root@172.20.200.148‘s password:
id_rsa 100% 2602 2.4MB/s 00:00
id_rsa.pub 100% 566 433.4KB/s 00:00
known_hosts 100% 347 314.9KB/s 00:00
authorized_keys 100% 566 541.4KB/s 00:00
? 对其它节点进行同样操作。
1.6 在MHA管理端进行配置并检查排错
# mkdir /etc/mastermha/
# vim /etc/mastermha/app1.cnf
[server default]
user=mhauser
password=abc123
manager_workdir=/data/mastermha/app1/
manager_log=/data/mastermha/app1/manager.log
remote_workdir=/data/mastermha/app1/
ssh_user=root
repl_user=repluser
repl_password=abc123
ping_interval=1
[server1]
hostname=172.20.200.147
candidate_master=1
[server2]
hostname=172.20.200.148
[server3]
hostname=172.20.200.149
#环境检查
# masterha_check_ssh --conf=/etc/mastermha/app1.cnf
Thu Apr 22 11:26:54 2021 - [warning] Global configuration file /etc/masterha_default.cnf not found. Skipping.
Thu Apr 22 11:26:54 2021 - [info] Reading application default configuration from /etc/mastermha/app1.cnf..
Thu Apr 22 11:26:54 2021 - [info] Reading server configuration from /etc/mastermha/app1.cnf..
Thu Apr 22 11:26:54 2021 - [info] Starting SSH connection tests..
Thu Apr 22 11:26:56 2021 - [debug]
Thu Apr 22 11:26:54 2021 - [debug] Connecting via SSH from root@172.20.200.147(172.20.200.147:22) to root@172.20.200.148(172.20.200.148:22)..
Warning: Permanently added ‘172.20.200.147‘ (ECDSA) to the list of known hosts.
Thu Apr 22 11:26:55 2021 - [debug] ok.
Thu Apr 22 11:26:55 2021 - [debug] Connecting via SSH from root@172.20.200.147(172.20.200.147:22) to root@172.20.200.149(172.20.200.149:22)..
Thu Apr 22 11:26:55 2021 - [debug] ok.
Thu Apr 22 11:26:57 2021 - [debug]
Thu Apr 22 11:26:55 2021 - [debug] Connecting via SSH from root@172.20.200.149(172.20.200.149:22) to root@172.20.200.147(172.20.200.147:22)..
Warning: Permanently added ‘172.20.200.147‘ (ECDSA) to the list of known hosts.
Thu Apr 22 11:26:56 2021 - [debug] ok.
Thu Apr 22 11:26:56 2021 - [debug] Connecting via SSH from root@172.20.200.149(172.20.200.149:22) to root@172.20.200.148(172.20.200.148:22)..
Thu Apr 22 11:26:57 2021 - [debug] ok.
Thu Apr 22 11:26:57 2021 - [debug]
Thu Apr 22 11:26:55 2021 - [debug] Connecting via SSH from root@172.20.200.148(172.20.200.148:22) to root@172.20.200.147(172.20.200.147:22)..
Warning: Permanently added ‘172.20.200.147‘ (ECDSA) to the list of known hosts.
Thu Apr 22 11:26:55 2021 - [debug] ok.
Thu Apr 22 11:26:55 2021 - [debug] Connecting via SSH from root@172.20.200.148(172.20.200.148:22) to root@172.20.200.149(172.20.200.149:22)..
Warning: Permanently added ‘172.20.200.149‘ (ECDSA) to the list of known hosts.
Thu Apr 22 11:26:56 2021 - [debug] ok.
Thu Apr 22 11:26:57 2021 - [info] All SSH connection tests passed successfully.
Use of uninitialized value in exit at /usr/bin/masterha_check_ssh line 44.
# masterha_check_repl --conf=/etc/mastermha/app1.cnf
#报错
Thu Apr 22 11:44:07 2021 - [error][/usr/share/perl5/vendor_perl/MHA/MasterMonitor.pm, ln424] Error happened on checking configurations. Redundant argument in sprintf at /usr/share/perl5/vendor_perl/MHA/NodeUtil.pm line 190.
#将NodeUtil.pm的line 190行改成 my $result = sprintf( ‘%03d%03d%03d‘, $str =~ m/(\d+)/g );
sub parse_mysql_major_version($) {
my $str = shift;
# my $result = sprintf( ‘%03d%03d‘, $str =~ m/(\d+)/g );
my $result = sprintf( ‘%03d%03d%03d‘, $str =~ m/(\d+)/g );
return $result;
# masterha_check_repl --conf=/etc/mastermha/app1.cnf
Thu Apr 22 11:51:04 2021 - [warning] Global configuration file /etc/masterha_default.cnf not found. Skipping.
Thu Apr 22 11:51:04 2021 - [info] Reading application default configuration from /etc/mastermha/app1.cnf..
Thu Apr 22 11:51:04 2021 - [info] Reading server configuration from /etc/mastermha/app1.cnf..
Thu Apr 22 11:51:04 2021 - [info] MHA::MasterMonitor version 0.56.
Thu Apr 22 11:51:05 2021 - [info] GTID failover mode = 0
Thu Apr 22 11:51:05 2021 - [info] Dead Servers:
Thu Apr 22 11:51:05 2021 - [info] Alive Servers:
Thu Apr 22 11:51:05 2021 - [info] 172.20.200.147(172.20.200.147:3306)
Thu Apr 22 11:51:05 2021 - [info] 172.20.200.148(172.20.200.148:3306)
Thu Apr 22 11:51:05 2021 - [info] 172.20.200.149(172.20.200.149:3306)
Thu Apr 22 11:51:05 2021 - [info] Alive Slaves:
Thu Apr 22 11:51:05 2021 - [info] 172.20.200.148(172.20.200.148:3306) Version=10.3.28-MariaDB-log (oldest major version between slaves) log-bin:enabled
Thu Apr 22 11:51:05 2021 - [info] Replicating from 172.20.200.147(172.20.200.147:3306)
Thu Apr 22 11:51:05 2021 - [info] 172.20.200.149(172.20.200.149:3306) Version=10.3.28-MariaDB-log (oldest major version between slaves) log-bin:enabled
Thu Apr 22 11:51:05 2021 - [info] Replicating from 172.20.200.147(172.20.200.147:3306)
Thu Apr 22 11:51:05 2021 - [info] Current Alive Master: 172.20.200.147(172.20.200.147:3306)
Thu Apr 22 11:51:05 2021 - [info] Checking slave configurations..
Thu Apr 22 11:51:05 2021 - [info] Checking replication filtering settings..
Thu Apr 22 11:51:05 2021 - [info] binlog_do_db= , binlog_ignore_db=
Thu Apr 22 11:51:05 2021 - [info] Replication filtering check ok.
Thu Apr 22 11:51:05 2021 - [info] GTID (with auto-pos) is not supported
Thu Apr 22 11:51:05 2021 - [info] Starting SSH connection tests..
Thu Apr 22 11:51:08 2021 - [info] All SSH connection tests passed successfully.
Thu Apr 22 11:51:08 2021 - [info] Checking MHA Node version..
Thu Apr 22 11:51:09 2021 - [info] Version check ok.
Thu Apr 22 11:51:09 2021 - [info] Checking SSH publickey authentication settings on the current master..
Thu Apr 22 11:51:09 2021 - [info] HealthCheck: SSH to 172.20.200.147 is reachable.
Thu Apr 22 11:51:09 2021 - [info] Master MHA Node version is 0.56.
Thu Apr 22 11:51:09 2021 - [info] Checking recovery script configurations on 172.20.200.147(172.20.200.147:3306)..
Thu Apr 22 11:51:09 2021 - [info] Executing command: save_binary_logs --command=test --start_pos=4 --binlog_dir=/var/lib/mysql,/var/log/mysql --output_file=/data/mastermha/app1//save_binary_logs_test --manager_version=0.56 --start_file=mariadb-bin.000002
Thu Apr 22 11:51:09 2021 - [info] Connecting to root@172.20.200.147(172.20.200.147:22)..
Creating /data/mastermha/app1 if not exists.. Creating directory /data/mastermha/app1.. done.
ok.
Checking output directory is accessible or not..
ok.
Binlog found at /var/lib/mysql, up to mariadb-bin.000002
Thu Apr 22 11:51:10 2021 - [info] Binlog setting check done.
Thu Apr 22 11:51:10 2021 - [info] Checking SSH publickey authentication and checking recovery script configurations on all alive slave servers..
Thu Apr 22 11:51:10 2021 - [info] Executing command : apply_diff_relay_logs --command=test --slave_user=‘mhauser‘ --slave_host=172.20.200.148 --slave_ip=172.20.200.148 --slave_port=3306 --workdir=/data/mastermha/app1/ --target_version=10.3.28-MariaDB-log --manager_version=0.56 --relay_log_info=/var/lib/mysql/relay-log.info --relay_dir=/var/lib/mysql/ --slave_pass=xxx
Thu Apr 22 11:51:10 2021 - [info] Connecting to root@172.20.200.148(172.20.200.148:22)..
Creating directory /data/mastermha/app1/.. done.
Checking slave recovery environment settings..
Opening /var/lib/mysql/relay-log.info ... ok.
Relay log found at /var/lib/mysql, up to mariadb-relay-bin.000002
Temporary relay log file is /var/lib/mysql/mariadb-relay-bin.000002
Testing mysql connection and privileges.. done.
Testing mysqlbinlog output.. done.
Cleaning up test file(s).. done.
Thu Apr 22 11:51:10 2021 - [info] Executing command : apply_diff_relay_logs --command=test --slave_user=‘mhauser‘ --slave_host=172.20.200.149 --slave_ip=172.20.200.149 --slave_port=3306 --workdir=/data/mastermha/app1/ --target_version=10.3.28-MariaDB-log --manager_version=0.56 --relay_log_info=/var/lib/mysql/relay-log.info --relay_dir=/var/lib/mysql/ --slave_pass=xxx
Thu Apr 22 11:51:10 2021 - [info] Connecting to root@172.20.200.149(172.20.200.149:22)..
Creating directory /data/mastermha/app1/.. done.
Checking slave recovery environment settings..
Opening /var/lib/mysql/relay-log.info ... ok.
Relay log found at /var/lib/mysql, up to mariadb-relay-bin.000002
Temporary relay log file is /var/lib/mysql/mariadb-relay-bin.000002
Testing mysql connection and privileges.. done.
Testing mysqlbinlog output.. done.
Cleaning up test file(s).. done.
Thu Apr 22 11:51:11 2021 - [info] Slaves settings check done.
Thu Apr 22 11:51:11 2021 - [info]
172.20.200.147(172.20.200.147:3306) (current master)
+--172.20.200.148(172.20.200.148:3306)
+--172.20.200.149(172.20.200.149:3306)
Thu Apr 22 11:51:11 2021 - [info] Checking replication health on 172.20.200.148..
Thu Apr 22 11:51:11 2021 - [info] ok.
Thu Apr 22 11:51:11 2021 - [info] Checking replication health on 172.20.200.149..
Thu Apr 22 11:51:11 2021 - [info] ok.
Thu Apr 22 11:51:11 2021 - [warning] master_ip_failover_script is not defined.
Thu Apr 22 11:51:11 2021 - [warning] shutdown_script is not defined.
Thu Apr 22 11:51:11 2021 - [info] Got exit code 0 (Not master dead).
MySQL Replication Health is OK.
1.7 管理端启动MHA
#后台启动
# nohup masterha_manager --conf=/etc/mastermha/app1.cnf &> /dev/null
#查看MHA运行状态
# masterha_check_status --conf=/etc/mastermha/app1.cnf
app1 (pid:32608) is running(0:PING_OK), master:172.20.200.147
#此时在master端
MariaDB root@(none):mysql> show processlist;
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
| Id | User | Host | db | Command | Time | State | Info | Progress |
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
| 1 | system user | | <null> | Daemon | <null> | InnoDB purge coordinator | <null> | 0.0 |
| 2 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 3 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 4 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 5 | system user | | <null> | Daemon | <null> | InnoDB shutdown handler | <null> | 0.0 |
| 11 | repluser | 172.20.200.148:57292 | <null> | Binlog Dump | 6627 | Master has sent all binlog to slave; waiting for binlog to be updated | <null> | 0.0 |
| 12 | repluser | 172.20.200.149:41556 | <null> | Binlog Dump | 6605 | Master has sent all binlog to slave; waiting for binlog to be updated | <null> | 0.0 |
| 15 | root | localhost | mysql | Query | 0 | Init | show processlist | 0.0 |
| 33 | mhauser | 172.20.200.150:42856 | <null> | Sleep | 0 | | <null> | 0.0 |
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
1.8 手动关闭Mariadb Master,观察MHA能否自动提升slave1成为新的master
#在master端
#systemctl stop mariadb
#等待一段时间,在slave1端
MariaDB root@(none):(none)> show processlist;
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
| Id | User | Host | db | Command | Time | State | Info | Progress |
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
| 1 | system user | | <null> | Daemon | <null> | InnoDB purge coordinator | <null> | 0.0 |
| 2 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 3 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 4 | system user | | <null> | Daemon | <null> | InnoDB shutdown handler | <null> | 0.0 |
| 5 | system user | | <null> | Daemon | <null> | InnoDB purge worker | <null> | 0.0 |
| 33 | repluser | 172.20.200.149:34368 | <null> | Binlog Dump | 31 | Master has sent all binlog to slave; waiting for binlog to be updated | <null> | 0.0 |
| 34 | root | localhost | <null> | Query | 0 | Init | show processlist | 0.0 |
+----+-------------+----------------------+--------+-------------+--------+-----------------------------------------------------------------------+------------------+----------+
MariaDB root@(none):(none)> create database db1;
Query OK, 1 row affected
Time: 0.003s
#在slave2端
MariaDB root@(none):(none)> show databases;
+--------------------+
| Database |
+--------------------+
| db1 |
| information_schema |
| mysql |
| performance_schema |
+--------------------+
4 rows in set
Time: 0.025s
MariaDB root@(none):(none)>
MariaDB root@(none):(none)> show slave status\G;
***************************[ 1. row ]***************************
Slave_IO_State | Waiting for master to send event
Master_Host | 172.20.200.148
Master_User | repluser
Master_Port | 3306
Connect_Retry | 60
Master_Log_File | mariadb-bin.000002
Read_Master_Log_Pos | 471
Relay_Log_File | mariadb-relay-bin.000002
Relay_Log_Pos | 684
Relay_Master_Log_File | mariadb-bin.000002
Slave_IO_Running | Yes
Slave_SQL_Running | Yes
Slave1已经成功提升为新的Master,Slave2已经指向新的Master。
二、Ansible常用模块
2.1 获得ansible模块帮助途径
操作系统:CentOS Linux release 8.3.2011 APP:ansible 2.9.18
#列出所有模块
# ansible-doc -l | less
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices‘ se...
a10_server_axapi3 Manage A10 Networks AX/SoftAX/Thunder/vThunder devices
a10_service_group Manage A10 Networks AX/SoftAX/Thunder/vThunder devices‘ se...
a10_virtual_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices‘ vi...
aci_aaa_user Manage AAA users (aaa:User)
#查看模块帮助,例如user模块
# ansible-doc user
> USER (/usr/lib/python3.6/site-packages/ansible/modules/system/user.py)
Manage user accounts and user attributes. For Windows targets, use the [win_user] module
instead.
* This module is maintained by The Ansible Core Team
OPTIONS (= is mandatory):
- append
If `yes‘, add the user to the groups specified in `groups‘.
If `no‘, user will only be added to the groups specified in `groups‘, removing them from all
other groups.
Mutually exclusive with `local‘
[Default: False]
type: bool
# ansible-doc -s user
- name: Manage user accounts
user:
append: # If `yes‘, add the user to the groups specified in `groups‘. If `no‘, user will only be added
to the groups specified in `groups‘, removing them from all
other groups. Mutually exclusive with `local‘
authorization: # Sets the authorization of the user. Does nothing when used with other platforms. Can set
multiple authorizations using comma separation. To delete all
authorizations, use `authorization=‘‘‘. Currently supported on
Illumos/Solaris.
https://docs.ansible.com/ansible/2.9/modules/modules_by_category.html ansible模块帮助文档,可以列出所有模块,按字母顺序排列,下图以user模块为例。
2.2 ansible常用模块总结
Ansible管理端配置文件
# vim /etc/ansible/hosts
[test]
172.20.200.142
172.20.200.143
2.2.1 Command 模块
在远程主机执行命令,此命令不支持 $VARNAME < > | ; & 等,此为默认模块,建议更改用shell模块。
# vim /etc/ansible/ansible.cfg
# default module name for /usr/bin/ansible
module_name = shell
#执行ansible临时命令
# ansible all -a hostname
172.20.200.142 | CHANGED | rc=0 >>
slave
172.20.200.143 | CHANGED | rc=0 >>
centos8
2.2.2 Script 模块
在远程主机上运行ansible服务器上的脚本(无需执行权限)。
# cd /data
# vim hostname.sh
#!/bin/bash
echo $HOSTNAME
# ansible all -m script -a /data/hostname.sh
172.20.200.142 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 172.20.200.142 closed.\r\n",
"stderr_lines": [
"Shared connection to 172.20.200.142 closed."
],
"stdout": "slave\r\n",
"stdout_lines": [
"slave"
]
}
172.20.200.143 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 172.20.200.143 closed.\r\n",
"stderr_lines": [
"Shared connection to 172.20.200.143 closed."
],
"stdout": "centos8\r\n",
"stdout_lines": [
"centos8"
]
}
2.2.3 Copy 模块
从ansible控制端复制文件到远程主机。
# ansible all -m copy -a "src=/data/hostname.sh dest=/tmp/abcd.sh"
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"dest": "/tmp/abcd.sh",
"gid": 0,
"group": "root",
"md5sum": "2b9854338cd858ad0f86eb55423c3f03",
"mode": "0644",
"owner": "root",
"size": 27,
"src": "/root/.ansible/tmp/ansible-tmp-1619072830.6868668-3308-48849927800398/source",
"state": "file",
"uid": 0
}
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"dest": "/tmp/abcd.sh",
"gid": 0,
"group": "root",
"md5sum": "2b9854338cd858ad0f86eb55423c3f03",
"mode": "0644",
"owner": "root",
"size": 27,
"src": "/root/.ansible/tmp/ansible-tmp-1619072830.684148-3310-41305677788448/source",
"state": "file",
"uid": 0
}
# ansible all -a ‘ls -l /tmp/abcd.sh‘
172.20.200.143 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 27 Apr 22 14:27 /tmp/abcd.sh
172.20.200.142 | CHANGED | rc=0 >>
-rw-r--r-- 1 root root 27 Apr 22 14:27 /tmp/abcd.sh
2.2.4 Fetch 模块
# ansible all -m fetch -a ‘src=/tmp/abcd.sh dest=/data‘
172.20.200.142 | CHANGED => {
"changed": true,
"checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"dest": "/data/172.20.200.142/tmp/abcd.sh",
"md5sum": "2b9854338cd858ad0f86eb55423c3f03",
"remote_checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"remote_md5sum": null
}
172.20.200.143 | CHANGED => {
"changed": true,
"checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"dest": "/data/172.20.200.143/tmp/abcd.sh",
"md5sum": "2b9854338cd858ad0f86eb55423c3f03",
"remote_checksum": "25a5e82036293f48d4a117c91855a16c2d36e0de",
"remote_md5sum": null
}
2.2.5 File模块
创建、删除文件、文件夹,设置文件、文件夹属性
#创建文件夹
# ansible 172.20.200.143 -m file -a ‘path=/data state=directory‘
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/data",
"size": 6,
"state": "directory",
"uid": 0
}
#创建文件
# ansible all -m file -a ‘path=/data/test.txt state=touch‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/data/test.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"size": 0,
"state": "file",
"uid": 0
}
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/data/test.txt",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"size": 0,
"state": "file",
"uid": 0
}
#变更文件属性
# ansible 172.20.200.142 -m file -a ‘path=/data/test.txt owner=mysql group=mysql‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 27,
"group": "mysql",
"mode": "0644",
"owner": "mysql",
"path": "/data/test.txt",
"size": 0,
"state": "file",
"uid": 27
}
#删除文件
# ansible 172.20.200.142 -m file -a ‘path=/data/test.txt state=absent‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"path": "/data/test.txt",
"state": "absent"
}
2.2.6 Archive模块
打包压缩保存在被管理节点。
# ansible all -m archive -a ‘path=/data/test.txt dest=/data/text.bz2 format=bz2‘
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"archived": [
"/data/test.txt"
],
"arcroot": "/data/",
"changed": true,
"dest": "/data/text.bz2",
"expanded_exclude_paths": [],
"expanded_paths": [
"/data/test.txt"
],
"gid": 0,
"group": "root",
"missing": [],
"mode": "0644",
"owner": "root",
"size": 14,
"state": "file",
"uid": 0
}
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"archived": [
"/data/test.txt"
],
"arcroot": "/data/",
"changed": true,
"dest": "/data/text.bz2",
"expanded_exclude_paths": [],
"expanded_paths": [
"/data/test.txt"
],
"gid": 0,
"group": "root",
"missing": [],
"mode": "0644",
"owner": "root",
"size": 14,
"state": "file",
"uid": 0
}
2.2.7 Unarchive模块
解包解压缩。
# ansible all -m unarchive -a ‘src=/data/httpd-2.4.46.tar.gz dest=/data copy=no‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/data",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/data",
"-z",
"-f",
"/data/httpd-2.4.46.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 27,
"group": "mysql",
"handler": "TgzArchive",
"mode": "0755",
"owner": "mysql",
"size": 4096,
"src": "/data/httpd-2.4.46.tar.gz",
"state": "directory",
"uid": 27
}
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/data",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/data",
"-z",
"-f",
"/data/httpd-2.4.46.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0755",
"owner": "root",
"size": 69,
"src": "/data/httpd-2.4.46.tar.gz",
"state": "directory",
"uid": 0
}
2.2.8 ym模块
管理软件包,只支持RHEL,CentOS,fedora,不支持Ubuntu其它版本。
# ansible all -m yum -a ‘name=unzip state=present‘
172.20.200.143 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
172.20.200.142 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
2.2.9 hostname模块
管理主机名
# ansible 172.20.200.142 -m hostname -a ‘name=node1‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"ansible_domain": "",
"ansible_fqdn": "node1",
"ansible_hostname": "node1",
"ansible_nodename": "node1",
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "node1"
}
2.2.10 cron模块
计划任务
# ansible all -m cron -a ‘hour=1 minute=30 name="backup" job="/date/backup.sh"‘
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"# ansible all -m unarchive -a ‘src=/data/httpd-2.4.46.tar.gz dest=/data copy=no‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/data",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/data",
"-z",
"-f",
"/data/httpd-2.4.46.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
},
"changed": true,
"envs": [],
"jobs": [
"backup"
]
}
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"envs": [],
"jobs": [
"backup"
]
}
2.2.11 service模块
管理服务
# ansible 172.20.200.142 -m service -a ‘name=mysqld state=stopped‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "mysqld",
"state": "stopped",
"status": {
"ActiveEnterTimestamp": "Thu 2021-04-22 13:10:42 CST",
"ActiveEnterTimestampMonotonic": "10880641",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "sysinit.target network.target syslog.target system.slice -.mount systemd-journald.socket tmp.mount systemd-tmpfiles-setup.service basic.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
"AssertTimestamp": "Thu 2021-04-22 13:10:38 CST",
"AssertTimestampMonotonic": "6728889",
"Before": "multi-user.target shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
2.2.12 User模块
用户管理
# ansible all -m user -a ‘name=user1 comment="test user" uid=2048 home=/app/user1 group=root‘
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "test user",
"create_home": true,
"group": 0,
"home": "/app/user1",
"name": "user1",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 2048
}
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"comment": "test user",
"create_home": true,
"group": 0,
"home": "/app/user1",
"name": "user1",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n",
"stderr_lines": [
"useradd: warning: the home directory already exists.",
"Not copying any file from skel directory into it."
],
"system": false,
"uid": 2048
}
2.2.13 Group组件
组管理
# ansible all -m group -a ‘name=nginx gid=88 system=yes‘
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 88,
"name": "nginx",
"state": "present",
"system": true
}
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"gid": 88,
"name": "nginx",
"state": "present",
"system": true
}
2.2.14 lineinfile模块
类似sed进行行替换
# ansible all -m lineinfile -a "path=/etc/selinux/config regexp=‘^SELINUX=‘ line=‘SELINUX=disabled‘"
172.20.200.143 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": false,
"msg": ""
}
172.20.200.142 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": false,
"msg": ""
}
2.2.15 replace模块
功能同lineinfile
# ansible all -m replace -a ‘path=//etc/selinux/config regexp="^#.*" replace=""‘
172.20.200.142 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "9 replacements made"
}
172.20.200.143 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "9 replacements made"
}
2.2.16 setup模块
收集系统信息
# ansible 172.20.200.142 -m setup
172.20.200.142 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.122.1",
"172.20.200.142"
],
"ansible_all_ipv6_addresses": [
"fe80::ae58:efd3:cc0e:8bdd"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "02/27/2020",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"BOOT_IMAGE": "(hd0,msdos1)/vmlinuz-4.18.0-240.el8.x86_64",
"biosdevname": "0",
"crashkernel": "auto",
"net.ifnames": "0",
"quiet": true,
"resume": "UUID=bfe5f24e-cbd2-4fa1-a3d8-1a2c85f1832b",
"rhgb": true,
三、Ansible playbook实现zabbix-agent批量部署
在ansible控制端,下载程序
#下载zabbix-agent
# mkdir -pv /data/ansible/roles/zabbix-agent/{tasks,handlers,files}
# cd /data/ansible/roles/zabbix-agent/files
# wget http://repo.zabbix.com/zabbix/5.2/rhel/8/x86_64/zabbix-agent-5.2.6-1.el8.x86_64.rpm
--2021-04-22 18:46:32-- http://repo.zabbix.com/zabbix/5.2/rhel/8/x86_64/zabbix-agent-5.2.6-1.el8.x86_64.rpm
Resolving repo.zabbix.com (repo.zabbix.com)... 178.128.6.101, 2604:a880:2:d0::2062:d001
Connecting to repo.zabbix.com (repo.zabbix.com)|178.128.6.101|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 485760 (474K) [application/x-redhat-package-manager]
Saving to: ‘zabbix-agent-5.2.6-1.el8.x86_64.rpm’
zabbix-agent-5.2.6-1.el8.x86_64 100%[====================================================>] 474.38K 253KB/s in 1.9s
2021-04-22 18:46:34 (253 KB/s) - ‘zabbix-agent-5.2.6-1.el8.x86_64.rpm’ saved [485760/485760]
创建zabbix-agent playbook
# cd /data/
# tree ansible
ansible
├── roles
│?? └── zabbix-agent
│?? ├── files
│?? │?? ├── zabbix-agent-5.2.6-1.el8.x86_64.rpm
│?? │?? └── zabbix-agent.sh
│?? ├── handlers
│?? └── tasks
│?? ├── chserver.yml
│?? ├── copy-conf.yml
│?? ├── copy.yml
│?? ├── host.yml
│?? ├── install.yml
│?? ├── main.yml
│?? ├── serveract.yml
│?? └── start.yml
└── zabbix-agent.yml
5 directories, 11 files
# cd /data/ansible
# vim zabbix-agent.yml
- hosts: 172.20.200.143
remote_user: root
roles:
- role: zabbix-agent
# cd /data/ansible/roles/zabbix-agent/tasks
# vim main.yml
- include: copy.yml
- include: install.yml
- include: copy-conf.yml
- include: chserver.yml
- include: serveract.yml
- include: host.yml
- include: start.yml
# vim copy.yml
- name: Copy zabbix-agent.rpm
copy: src=/data/ansible/roles/zabbix-agent/zabbix-agent-5.2.6-1.el8.x86_64.rpm dest=/data
# vim install.yml
- name: Install
yum: name=/data/zabbix-agent-5.2.6-1.el8.x86_64.rpm state=present disable_gpg_check=yes
# vim copy-conf.yml
- name: Backup Conf
shell: chdir=/etc/zabbix/ /bin/cp /etc/zabbix/zabbix_agentd.conf /etc/zabbix/zabbix_agentd.conf.bak
# vim chserver.yml
- name: Change Server
lineinfile: path=/etc/zabbix/zabbix_agentd.conf regexp=‘Server=127.0.0.1‘ line=‘Server=172.20.200.141‘
# vim serveract.yml
- name: Change ServerActive
lineinfile: path=/etc/zabbix/zabbix_agentd.conf regexp=‘ServerActive=127.0.0.1‘ line=‘ServerActive=172.20.200.141‘
# vim host.yml
- name: Change Hostname
lineinfile: path=/etc/zabbix/zabbix_agentd.conf regexp=‘Hostname=Zabbix server‘ line=‘Server={{ansible_hostname}}‘
# vim start.yml
- name: Start Service
service: name=zabbix-agent state=restarted
运行playbook
# ansible-playbook /data/ansible/zabbix-agent.yml
PLAY [172.20.200.143] *******************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************
ok: [172.20.200.143]
TASK [Copy zabbix-agent.rpm] ************************************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Install] ***********************************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Backup Conf] *******************************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Change Server] *****************************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Change ServerActive] ***********************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Change Hostname] ***************************************************************************************
changed: [172.20.200.143]
TASK [zabbix-agent : Start Service] *****************************************************************************************
changed: [172.20.200.143]
PLAY RECAP ******************************************************************************************************************
172.20.200.143 : ok=8 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
查看Zabbix Agent运行状态
# ansible 172.20.200.143 -a "systemctl status zabbix-agent"
172.20.200.143 | CHANGED | rc=0 >>
● zabbix-agent.service - Zabbix Agent
Loaded: loaded (/usr/lib/systemd/system/zabbix-agent.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2021-04-22 21:07:40 CST; 7min ago
Process: 14394 ExecStart=/usr/sbin/zabbix_agentd -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 14396 (zabbix_agentd)
Tasks: 6 (limit: 11220)
Memory: 4.3M
CGroup: /system.slice/zabbix-agent.service
├─14396 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
├─14397 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
├─14398 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
├─14399 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
├─14400 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
└─14401 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
Apr 22 21:07:40 centos8 systemd[1]: Starting Zabbix Agent...
Apr 22 21:07:40 centos8 systemd[1]: zabbix-agent.service: Can‘t open PID file /run/zabbix/zabbix_agentd.pid (yet?) after start: No such file or directory
Apr 22 21:07:40 centos8 systemd[1]: Started Zabbix Agent.
Zabbix Agen已成功部署并启动。