playbook实战优化
环境准备
| 主机名 |
外网IP |
内网IP |
角色 |
部署服务 |
| m01 |
10.0.0.61 |
172.16.1.61 |
ansible管理端 |
ansible |
| backup |
10.0.0.41 |
172.16.1.41 |
被管理端,rsync服务端,nfs备机 |
rsync、nfs |
| nfs |
10.0.0.31 |
172.16.1.31 |
被管理端,rsync客户端,nfs服务端 |
rsync、nfs、sersync |
| web01 |
10.0.0.7 |
172.16.1.7 |
被管理端,nfs客户端,web |
nginx、nfs、wordpress |
| web02 |
10.0.0.8 |
172.16.1.8 |
被管理端,nfs客户端,web |
nginx、nfs、wordpress |
| db01 |
10.0.0.51 |
172.16.1.51 |
被管理端,数据库 |
mariadb |
先决条件
1.首先在根目录下创建一个ansible_project 目录
[Tue Aug 17 04:17:56 root@m01 /]
# mkdir /ansible_project
2.进入到该目录下
[Tue Aug 17 04:17:56 root@m01 /]
# cd /ansible_project/
3.再该目录下分别创建需要准备的各项目的目录
[Tue Aug 17 04:19:25 root@m01 /ansible_project]
# mkdir sersync
mkdir mariadb
mkdir nfs
mkdir nginx
mkdir php
mkdir rsync
4.因为是先安装rsync 所以我们先配置rsync项目,进入到rsync目录中
[Tue Aug 17 04:38:50 root@m01 /ansible_project/rsync]
# cp /root/ansible/rsyncd.conf /ansible_project/rsync
[Tue Aug 17 05:31:21 root@m01 /ansible_project]
# vim rsync/install_rsync.yml
- name: Install Rsyncd
yum:
name: "{{ pkg }}"
state: present
when: ansible_hostname == 'backup' or ansible_ho
stname == 'nfs'
[Tue Aug 17 05:15:28 root@m01 /ansible_project/rsync]
# vim config_rsync.yml
- name: Configure Rsyncd Conf
copy:
src: /ansible_project/rsync/rsyncd.conf
dest: /etc/rsyncd.conf
notify: Restarted rsyncd
when: ansible_hostname == 'backup'
- name: Create Passwd File
copy:
content: rsync_backup:123
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == 'backup'
- name: Create backup Directory
file:
path: /backup
owner: www
group: www
state: directory
when: ansible_hostname == 'backup'
[Tue Aug 17 05:17:05 root@m01 /ansible_project/rsync]
# vim start_rsync.yml
- name: Start Rsync
service:
name: rsyncd
state: started
enabled: yes
when: ansible_hostname == 'backup'
[Tue Aug 17 05:13:39 root@m01 /ansible_project]
# vim task.yml
- hosts: all
tasks:
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
[Tue Aug 17 05:23:28 root@m01 /ansible_project]
# mkdir group_vars
mkdir host_vars
[Tue Aug 17 05:23:58 root@m01 /ansible_project]
# vim host_vars/backup
pkg: rsync
[Tue Aug 17 05:26:55 root@m01 /ansible_project]
# vim host_vars/nfs
pkg: rsync
nfs项目
[Tue Aug 17 05:38:51 root@m01 /ansible_project/nfs]
# vim install_nfs.yml
- name: Install NFS
yum:
name: nfs-utils
state: present
when:
- ansible_hostname == 'web01'
- ansible_hostname == 'web02'
- ansible_hostname == 'backup'
- ansible_hostname == 'nfs'
[Tue Aug 17 06:13:10 root@m01 /ansible_project/nfs]
# vim config_nfs.yml
- name: Configure NFS Server
copy:
content: /data 172.16.1.0/24(rw,sync,all_squas
h,anonuid=666,anongid=666)
dest: /etc/exports
notify: Restarted nfs-utils
when: ansible_hostname == 'nfs' or ansible_hostname == 'backup'
- name: Greate NFS Directory
file:
path: /data
state: directory
owner: www
group: www
mode: 0755
when: ansible_hostname == 'nfs' or ansible_hostn
ame == 'backup'
- name: Create App Dirctory
file:
path: /app
state: directory
when: ansible_hostname == 'nfs'
[Tue Aug 17 05:52:14 root@m01 /ansible_project/nfs]
# vim start_nfs.yml
- name: Start NFS Server
service:
name: nfs-server
state: started
enabled: yes
when: ansible_hostname == 'nfs' or ansible_hostname == 'backup'
[Tue Aug 17 06:00:48 root@m01 /ansible_project]
# vim task.yml
- hosts: all
tasks:
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
handlers:
- name: Restarted rsyncd
service:
name: rsyncd
state: restarted
- name: Restarted nfs-utils
service:
name: nfs-utils
state: restarted
sersync项目
[Tue Aug 17 06:17:25 root@m01 /ansible_project/sersync]
# cp /root/ansible/sersync2.5.4_64bit_binary_stable_final.tar.gz .
[Tue Aug 17 06:22:30 root@m01 /ansible_project/sersync]
# cp /root/ansible/conf.xml .
[Tue Aug 17 06:22:30 root@m01 /ansible_project/sersync]
cp /root/ansible/sersyncd.service .
[Tue Aug 17 06:17:56 root@m01 /ansible_project/sersync]
# vim install_sersync.yml
- name: Install Sersync Server
unarchive:
src: /ansible_project/sersync/sersync2.5.4_64b
it_binary_stable_final.tar.gz
dest: /app
when: ansible_hostname == 'nfs'
[Tue Aug 17 06:22:55 root@m01 /ansible_project/sersync]
# vim config_sersync.yml
- name: Configure Sersync Conf
copy:
src: /ansible_project/sersync/conf.xml
dest: /app/GNU-Linux-x86/confxml.xml
mode: 0755
notify: Restarted sersyncd
when: ansible_hostname == 'nfs'
- name: Push Sersync Start Shell
copy:
src:
/ansible_project/nfs/sersyncd.service
dest: /usr/lib/systemd/system
when: ansible_hostname == 'nfs'
- name: Create Rsyncd Password File
copy:
content: "123"
dest: /etc/rsync.passwd
mode: 0600
when: ansible_hostname == 'nfs'
[Tue Aug 17 06:32:08 root@m01 /ansible_project/sersync]
# vim start_sersync.yml
- name: Start Sersync
service:
name: sersyncd
state: started
enabled: yes
when: ansible_hostname == 'nfs'
[Tue Aug 17 06:35:00 root@m01 /ansible_project]
# vim task.yml
- hosts: all
tasks:
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
- include_tasks: sersync/install_sersync.yml
- include_tasks: sersync/config_sersync.yml
- include_tasks: sersync/start_sersync.yml
handlers:
- name: Restarted rsyncd
service:
name: rsyncd
state: restarted
- name: Restarted nfs-utils
service:
name: nfs-utils
state: restarted
- name: Restarted sersyncd
service:
name: sersyncd
state: restarted
db01
[Tue Aug 17 06:41:31 root@m01 /ansible_project/mariadb]
# vim install_db01.yml
- name: Install Maraidb
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_hostname == 'db01'
[Tue Aug 17 06:46:48 root@m01 /ansible_project/mariadb]
# vim start_db01.yml
- name: Start Maraidb
service:
name: mariadb
state: started
enabled: yes
when: ansible_hostname == 'db01'
- name: Create wordpress Database
mysql_db:
name: wordpress
state: present
encoding: utf8
when: ansible_hostname == 'db01'
- name: Create wordpress User
mysql_user:
name: wordpress
state: present
priv: "wordpress.*:ALL"
host: "%"
password: "123"
when: ansible_hostname == 'db01'
[Tue Aug 17 06:52:35 root@m01 /ansible_project]
# vim task.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
- include_tasks: sersync/install_sersync.yml
- include_tasks: sersync/config_sersync.yml
- include_tasks: sersync/start_sersync.yml
- include_tasks: mariadb/install_db01.yml
- include_tasks: mariadb/start_db01.yml
handlers:
- name: Restarted rsyncd
service:
name: rsyncd
state: restarted
- name: Restarted nfs-utils
service:
name: nfs-utils
state: restarted
- name: Restarted sersyncd
service:
name: sersyncd
nginx
[Tue Aug 17 06:58:37 root@m01 /ansible_project/nginx]
# vim install_nginx.yml
- name: Install nginx
yum:
name: nginx
state: present
when: ansible_hostname == 'web01' or ansib
le_hostname == 'web02'
[Tue Aug 17 07:23:06 root@m01 /ansible_project/nginx]
# cp /root/ansible/nginx.conf .
[Tue Aug 17 07:23:16 root@m01 /ansible_project/nginx]
# cp /root/ansible/blog.wk.com.conf .
[Tue Aug 17 07:46:34 root@m01 /ansible_project/nginx]
# vim push.yml
- name: Push All Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- {src: "/ansible_project/nginx/nginx.conf",dest: "/etc/nginx/nginx.conf"}
- {src: "/ansible_project/nginx/blog.wk.com.conf",dest: "/etc/nginx/conf.d/blog.drz.com.conf"}
- {src: "/ansible_project/php/www.conf",dest: "/etc/php-fpm.d/www.conf"}
tags:
- manager_nginx_server
notify: Restart nginx
when: ansible_hostname is match 'web*'
- name: Create Code Directory
file:
path: /code
state: directory
owner: www
group: www
mode: 0755
when: ansible_hostname is match 'web*'
- name: Push code
unarchive:
src: /ansible_project/nginx/wordpress-5.7.2-zh_CN.tar.gz
dest: /code
owner: www
group: www
when: ansible_hostname is match 'web*'
- name: Create uploads Directory
file:
path: /code/wordpress/wp-content/uploads
state: directory
owner: www
group: www
when: ansible_hostname is match 'web*'
[Tue Aug 17 07:46:59 root@m01 /ansible_project/nginx]
[Tue Aug 17 07:46:59 root@m01 /ansible_project/nginx]
# vim start_nginx.yml
- name: Start Nginx
sercive:
name: nginx
state: started
enabled: yes
when: ansible_hostname is match 'web*'
- name: Mount Code Dirctory
mount:
path: /code/wordpress/wp-content/uploads
src: 172.16.1.31:/data
fstype: nfs
state: mounted
when: ansible_hostname is match 'web*'
- name: Shouquan
file:
path: /var/lib/nginx
owner: www
group: www
recurse: yes
when: ansible_hostname is match 'web*'
[Tue Aug 17 08:04:33 root@m01 /ansible_project]
# cat task.yml
- hosts: all
tasks:
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
- include_tasks: sersync/install_sersync.yml
- include_tasks: sersync/config_sersync.yml
- include_tasks: sersync/start_sersync.yml
- include_tasks: mariadb/install_db01.yml
- include_tasks: mariadb/start_db01.yml
- include_tasks: nginx/install_nginx.yml
- include_tasks: nginx/start_nginx.yml
- include_tasks: nginx/push.yml
- include_tasks: php/install_php.yml
- include_tasks: php/push_php.yml
- include_tasks: php/start_php.yml
handlers:
- name: Restarted rsyncd
service:
name: rsyncd
state: restarted
- name: Restarted nfs-utils
service:
name: nfs-utils
state: restarted
- name: Restarted sersyncd
service:
name: sersyncd
state: restarted
- name: Restart nginx
service:
name: nginx
state: reloaded
php
[Tue Aug 17 07:03:00 root@m01 /ansible_project/php]
# vim push_php.yml
- name: Push PHP
unarchive:
src: /ansible_project/php/php.tgz
dest: /tmp
when: ansible_hostname == 'web01' or ansible_hostname == 'web02'
Tue Aug 17 07:06:28 root@m01 /ansible_project/php]
# vim install_php.yml
- name: Install PHP
shell: 'rpm -Uvh /tmp/*.rpm'
ignore_errors: yes
when: ansible_hostname == 'web01' or ansible_hostname == 'web02'
[Tue Aug 17 07:51:28 root@m01 /ansible_project/php]
# vim start_php.yml
- name: Start PHP
service:
name: php-fpm
state: started
enabled: yes
when: ansible_hostname is match 'web*'
- name: Chmod Sock
file:
path: /dev/shm/php71w.sock
owner: www
group: www
when: ansible_hostname is match 'web*'
创建统一用户关闭selinux和防火墙
[Tue Aug 17 08:13:23 root@m01 /ansible_project]
# mkdir youhua
cd youhua
[Tue Aug 17 08:09:55 root@m01 /ansible_project/youhua]
# vim youhua.yml
- name: Greate www Group
group:
name: www
gid: 666
state: present
- name: Greate www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
state: present
create_home: no
[Tue Aug 17 08:13:49 root@m01 /ansible_project]
# vim task.yml
- hosts: all
tasks:
- include_tasks: youhua/youhua.yml
- include_tasks: rsync/install_rsync.yml
- include_tasks: rsync/config_rsync.yml
- include_tasks: rsync/start_rsync.yml
- include_tasks: nfs/install_nfs.yml
- include_tasks: nfs/config_nfs.yml
- include_tasks: nfs/start_nfs.yml
- include_tasks: sersync/install_sersync.yml
- include_tasks: sersync/config_sersync.yml
- include_tasks: sersync/start_sersync.yml
- include_tasks: mariadb/install_db01.yml
- include_tasks: mariadb/start_db01.yml
- include_tasks: nginx/install_nginx.yml
- include_tasks: nginx/start_nginx.yml
- include_tasks: nginx/push.yml
- include_tasks: php/install_php.yml
- include_tasks: php/push_php.yml
- include_tasks: php/start_php.yml
handlers:
- name: Restarted rsyncd
service:
name: rsyncd
state: restarted
- name: Restarted nfs-utils
service:
name: nfs-utils
state: restarted
- name: Restarted sersyncd
service:
name: sersyncd
state: restarted
- name: Restart nginx
service:
name: nginx
state: reloaded