ansible系列(32)--ansible实战之部署WEB集群架构(2)

1. 基础环境role编写

  • 创建基础环境role的相关目录:

    [root@xuzhichao cluster-roles]# mkdir base-module/{tasks,handlers,files,templates,meta} -p
    
  • 编写tasks的任务文件:

    [root@xuzhichao cluster-roles]# cat base-module/tasks/yum_repo.yml 
    #配置yum仓库
    #
    #1.配置base的yum仓库
    - name: Configuer Base Repo
      yum_repository:
        name: Base
        description: BASE YUM repo
        baseurl: file:///misc/cd
        gpgcheck: 1
        gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
    
    #2.配置epel的yum仓库
    - name: Configuer Eepl Repo
      yum_repository:
        name: Epel
        description: EPEL YUM REPO
        baseurl: https://mirrors.aliyun.com/epel/7/$basearch
        gpgcheck: 1
        gpgkey: http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
    
    #3.配置nginx的yum仓库
    #注释掉nginx的yum源是因为该yum源不稳定,影响安装其他软件,后期nginx采用编译方式进行安装
    #- name: Configuer Nginx Repo
    #  yum_repository:
    #    name: Nginx
    #    description: NGINX YUM REPO
    #    baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
    #    gpgcheck: 1
    #    gpgkey: https://nginx.org/keys/nginx_signing.key
    #  when: ( ansible_hostname is match ("web*") ) or ( ansible_hostname is match ("lb*") )
    
    #4.配置PHP的yum仓库,通过rpm方式进行安装
    - name: Configuer PHP Repo
      shell: 
        cmd: test -f /etc/yum.repos.d/webtatic.repo || ( rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm )
      when: (ansible_hostname is match ("web*"))
    
    [root@xuzhichao cluster-roles]# cat base-module/tasks/install_base_soft.yml 
    #安装基础软件包
    #
    - name: Install Base SoftWare
      yum:
        name: "{{ item }}"
        state: present
      loop:
        - wget
        - httpd-tools
        - lrzsz
        - nfs-utils
        - bind-utils
        - net-tools
        - unzip
        - vim
        - gcc
        - mariadb
        - MySQL-python
        - git 
        - autofs
        - bash-completion.noarch
        - expect
      ignore_errors: yes
                        
    [root@xuzhichao cluster-roles]# cat base-module/tasks/create_user.yml 
    #创建nginx的web账号
    #
    - name: Create Process Group
      group:
        name: "{{ web_group }}"
        gid: "{{ web_gid }}"
    
    - name: Create Process Group
      user:
        name: "{{ web_user }}"
        uid: "{{ web_uid }}"
        group: "{{ web_group }}"
        create_home: no
        system: yes
                     
    [root@xuzhichao cluster-roles]# cat base-module/tasks/disable_firewalld_selinux.yml 
    #关闭防火墙和selinux
    #
    - name: Disable Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: yes
    
    - name: Disable Selinux
      selinux:
        state: disabled
    
    [root@xuzhichao cluster-roles]# cat base-module/tasks/main.yml 
    - include: yum_repo.yml
    - include: install_base_soft.yml
    - include: create_user.yml
    - include: disable_firewalld_selinux.yml
    
  • 变量文件如下:

    [root@xuzhichao cluster-roles]# cat group_vars/all 
    #创建基础环境变量
    web_group: nginx
    web_gid: 887
    web_user: nginx
    web_uid: 887
    
  • 编写playbook主文件:

    [root@xuzhichao cluster-roles]# cat wordpress_site.yml 
    - hosts: all
      roles:
        - role: base-module
      tags: base-module
    
  • 运行palybook

    [root@xuzhichao cluster-roles]# ansible-playbook wordpress_site.yml
    
  • 遗留问题:每次执行palybook都会重复执行PHP仓库的安装任务,whenrun_once参数一起使用有问题。

上一篇:Ansible Jinja2 模板


下一篇:ansible系列(31)--ansible实战之部署WEB集群架构(1)