用playbook部署lamp
环境说明:
| 主机IP | 需要安装的服务 | 系统平台 |
|---|---|---|
| 192.168.100.1 | ansible | redhat8 |
| 192.168.100.2 | httpd | redhat8 |
| 192.168.100.3 | mysql | redhat8 |
| 192.168.100.4 | php | redhat8 |
本次环境YUM源(centos和epel)为:"阿里云官方镜像站"
准备工作:
//映射主机名
[root@ansible ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.1 ansible
192.168.100.2 httpd
192.168.100.3 mysql
192.168.100.4 php
//配置centos源
[root@ansible ~]# rm -rf /etc/yum.repos.d/*
[root@ansible ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
[root@ansible ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@ansible ~]# sed -i 's|$releasever|8|' /etc/yum.repos.d/CentOS-Base.repo
//配置epel源
[root@ansible ~]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
[root@ansible ~]# sed -i 's|^#baseurl=https://download.fedoraproject.org/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
[root@ansible ~]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
[root@ansible ~]# sed -i 's|$releasever|8|' /etc/yum.repos.d/epel*
[root@ansible ~]# yum clean all
[root@ansible ~]# yum makecache
//安装ansible
[root@ansible ~]# yum -y install ansible
//编写清单
[root@ansible ~]# vim /etc/ansible/inventory
httpd
mysql
php
//更改配置文件
[root@ansible ~]# vim /etc/ansible/ansible.cfg
inventory = /etc/ansible/inventory //取消注释并把路径改成inventory
/使用ssh-keygen生成私钥和公钥
[root@ansible ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //直接回车
Enter passphrase (empty for no passphrase): //直接回车
Enter same passphrase again: //直接回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:8uEqvn1A0Ef392b9TJsW818mjZHhD5zHLHNhs1A0dOs root@ansible
The key's randomart image is:
+---[RSA 3072]----+
| . .. . o=.|
| . . .. . . +|
| . . ..o= |
| . ++B=|
| .. S XE@|
| .+ . /B|
| .o o+O|
| .. .. .oo|
| .ooo. .|
+----[SHA256]-----+
//给httpd、mysql、php三台主机设置免密登录
[root@ansible ~]# ssh-copy-id root@httpd
[root@ansible ~]# ssh-copy-id root@mysql
[root@ansible ~]# ssh-copy-id root@php
//测试是否连通
[root@ansible ~]# ansible all -m ping
php | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
httpd | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
mysql | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
//下载httpd源码包
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.46.tar.bz2
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-1.7.0.tar.gz
[root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-util-1.6.1.tar.gz
//下载mysql源码包
[root@ansible ~]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
编写yum的playbook
[root@ansible ~]# mkdir lamp
[root@ansible ~]# vim /root/lamp/yum.yml
---
- hosts: all
tasks:
- name: copy yum
copy:
src: /etc/yum.repos.d
dest: /etc/
- name: copy key
copy:
src: /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
dest: /etc/pki/rpm-gpg/
- name: yum clean
command: yum clean all
- name: yum makecache
command: yum makecache
编写安装httpd的playbook
[root@ansible ~]# vim /root/lamp/httpd.yml
---
- hosts: httpd
tasks:
- name: install tools
yum:
name: "@Development tools"
state: present
- name: create user apache
user:
name: apache
system: yes
create_home: no
shell: /sbin/nologin
state: present
- name: install package
yum:
name: bzip2,make,openssl-devel,pcre-devel,expat-devel,libtool,gcc,gcc-c++,libxml2-devel
state: present
- name: copy apr package
copy:
src: /root/apr-1.7.0.tar.gz
dest: /root/
- name: copy apr-util package
copy:
src: /root/apr-util-1.6.1.tar.gz
dest: /root
- name: copy httpd package
copy:
src: /root/httpd-2.4.46.tar.bz2
dest: /root/
- name: unzip apr
shell: tar xf /root/apr-1.7.0.tar.gz
- name: delete notes
shell: sed -i 's|$RM "$cfgfile"|#$RM "$cfgfile"|' /root/apr-1.7.0/configure
- name: install apr
shell: cd /root/apr-1.7.0 && ./configure --prefix=/usr/local/apr && make && make install
- name: unzip apr-util
shell: tar xf /root/apr-util-1.6.1.tar.gz
- name: install apr-util
shell: cd /root/apr-util-1.6.1 && ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && make && make install
- name: unzip httpd
shell: tar xf /root/httpd-2.4.46.tar.bz2
- name: install httpd
shell: cd /root/httpd-2.4.46 && ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork && make && make install
- name: path config
shell: echo "export PATH=/usr/local/apache/bin:$PATH" > /etc/profile.d/httpd.sh
- name: source path
shell: source /etc/profile.d/httpd.sh
- name: include config
shell: cd /usr/local/apache/ && ln -s include apache
- name: man config
lineinfile:
path: /etc/man_db.conf
line: 'MANDATORY_MANPATH /usr/local/apache/man'
state: present
- name: start apache
shell: apachectl start
编写安装mysql的playbook
[root@ansible ~]# vim /root/lamp/mysql.yml
---
- hosts: mysql
tasks:
- name: install package
yum:
name: ncurses-devel,openssl-devel,openssl,cmake,mariadb-devel,ncurses-compat-libs
state: present
- name: create user mysql
user:
name: mysql
system: yes
create_home: no
shell: /sbin/nologin
state: present
- name: copy mysql package
copy:
src: /root/mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz
dest: /root/
- name: check
file:
path: /usr/local/mysql
state: absent
- name: unzip mysql
shell: tar xf mysql-5.7.31-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
- name: soft link
shell: cd /usr/local/ && ln -s mysql-5.7.31-linux-glibc2.12-x86_64 mysql
- name: change owner
shell: "chown -R mysql.mysql /usr/local/mysql*"
- name: path config
shell: echo "export PATH=/usr/local/mysql/bin:$PATH" > /etc/profile.d/mysql.sh
- name: source path
shell: source /etc/profile.d/mysql.sh
- name: check
file:
path: /opt/data
state: absent
- name: create database
file:
path: /opt/data
state: directory
owner: mysql
group: mysql
mode: 755
- name: initialize mysql
shell: mysqld --initialize --user=mysql --datadir=/opt/data > /root/sql 2>&1
- name: sql password
shell: "pass=$(grep root@localhost /root/sql |awk '{print $NF}')"
- name: mysql config
lineinfile:
path: /etc/my.cnf
line: |
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
state: present
- name: start shell config(1)
shell: cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: start shell config(2)
lineinfile:
path: /etc/init.d/mysqld
regexp: "^basedir="
line: basedir=/usr/local/mysql
- name: start shell config(3)
lineinfile:
path: /etc/init.d/mysqld
regexp: "^datadir="
line: datadir=/opt/data
- name: start mysql
shell: service mysqld start
- name: set new password
shell: mysql -uroot -p"$pass" -e "set password = password('123456');"
- name: man config
lineinfile:
path: /etc/man_db.conf
line: 'MANDATORY_MANPATH /usr/local/mysql/man'
state: present
- name: lib config(1)
shell: echo "/usr/local/mysql/lib" > /etc/ld.so.conf.d/mysql.conf
- name: lib config(2)
shell: ldconfig