上一篇介绍了使用playbook批量部署zabbix客户端,当时所有的任务全部都是写在一个playbook中,比较臃肿,且代码不可复用。这篇文章我们将介绍通过ansible的roles、include等模块实现批量安装nginx。
以下为具体实现步骤:
1、目录结构:
[root@deploy playbook-test]# tree . ├── nginx.yml └── roles └── nginx ├── files │ ├── nginx-1.8.0.tar.gz │ ├── nginx.service │ ├── openssl-1.0.1h.tar.gz │ ├── pcre-8.12.tar.gz │ └── zlib-1.2.11.tar.gz ├── handlers │ └── main.yml ├── tasks │ ├── copy.yml │ ├── group.yml │ ├── install.yml │ ├── main.yml │ ├── service.yml │ ├── template.yml │ ├── unarchive.yml │ └── user.yml ├── templates │ ├── nginx.conf.j2 │ └── temp.conf.j2 └── vars └── main.yml
2、代码内容:
cat nginx.yml
[root@deploy playbook-test]# cat nginx.yml --- - hosts: web remote_user: root roles: - nginx
cat tasks/group.yml
[root@deploy nginx]# cat tasks/group.yml --- - name: 创建nginx组 group: name: nginx gid: 202 system: yes state: present
cat tasks/user.yml
[root@deploy nginx]# cat tasks/user.yml --- - name: 创建nginx用户 user: name: nginx uid: 202 group: nginx shell: /sbin/nologin
cat tasks/copy.yml
[root@deploy nginx]# cat tasks/copy.yml
---
- name: 拷贝源码包
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "nginx-1.8.0.tar.gz", dest: "/tmp/nginx-1.8.0.tar.gz" }
- { src: "openssl-1.0.1h.tar.gz", dest: "/tmp/openssl-1.0.1h.tar.gz" }
- { src: "pcre-8.12.tar.gz", dest: "/tmp/pcre-8.12.tar.gz" }
- { src: "zlib-1.2.11.tar.gz", dest: "/tmp/zlib-1.2.11.tar.gz" }
cat tasks/unarchive.yml
---
- name: 解压源码包
unarchive:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
remote_src: yes
with_items:
- { src: "/tmp/nginx-1.8.0.tar.gz",dest: "/opt/" }
- { src: "/tmp/openssl-1.0.1h.tar.gz",dest: "/opt/" }
- { src: "/tmp/pcre-8.12.tar.gz",dest: "/opt/" }
- { src: "/tmp/zlib-1.2.11.tar.gz",dest: "/opt/" }
cat tasks/install.yml
--- - name: Start Install NGINX shell: cd /opt/nginx-1.8.0 && ./configure --prefix=/opt/nginx --with-pcre=/opt/pcre-8.12 --with-openssl=/opt/openssl-1.0.1h --with-zlib=/opt/zlib-1.2.11 --with-http_stub_status_module --with-http_ssl_module --user=nginx --group=nginx && make && make install
cat tasks/template.yml
---
- name: 拷贝配置文件
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "nginx.conf.j2",dest: "/opt/nginx/conf/nginx.conf" }
#- { src: "temp.conf.j2",dest: "/opt/nginx/vhosts/temp.conf" }
notify:
- restart nginx
cat tasks/service.yml
--- - name: 拷贝启动脚本 copy: src="nginx.service" dest="/lib/systemd/system/nginx.service"
cat tasks/main.yml
--- - include: group.yml - include: user.yml - include: copy.yml - include: unarchive.yml - include: install.yml - include: template.yml tags: [conf] - include: service.yml
cat vars/main.yml
root@deploy nginx]# cat vars/main.yml --- ngxport: "8000" server_name: "www.xxx.com" root_dir: "/web"
cat nginx.conf.j2
user nginx;
worker_processes {{ ansible_processor_vcpus }};
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 2048;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen {{ ngxport }};
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
include /opt/nginx/vhosts/*.conf;
}
3、批量安装
[root@deploy playbook-test]# ansible-playbook nginx.yml
[root@deploy playbook-test]# ansible-playbook nginx.yml
PLAY [web] **************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
ok: [192.168.131.15]
ok: [192.168.131.10]
TASK [nginx : 创建nginx组] *************************************************************************************************************************************
ok: [192.168.131.15]
ok: [192.168.131.10]
TASK [nginx : 创建nginx用户] ************************************************************************************************************************************
ok: [192.168.131.10]
ok: [192.168.131.15]
TASK [nginx : 开始拷贝源码包] **************************************************************************************************************************************
changed: [192.168.131.10] => (item={u'dest': u'/tmp/nginx-1.8.0.tar.gz', u'src': u'nginx-1.8.0.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/tmp/nginx-1.8.0.tar.gz', u'src': u'nginx-1.8.0.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/tmp/openssl-1.0.1h.tar.gz', u'src': u'openssl-1.0.1h.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/tmp/openssl-1.0.1h.tar.gz', u'src': u'openssl-1.0.1h.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/tmp/pcre-8.12.tar.gz', u'src': u'pcre-8.12.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/tmp/pcre-8.12.tar.gz', u'src': u'pcre-8.12.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/tmp/zlib-1.2.11.tar.gz', u'src': u'zlib-1.2.11.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/tmp/zlib-1.2.11.tar.gz', u'src': u'zlib-1.2.11.tar.gz'})
TASK [nginx : 开始解压源码包] **************************************************************************************************************************************
changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/nginx-1.8.0.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/nginx-1.8.0.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/openssl-1.0.1h.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/openssl-1.0.1h.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/pcre-8.12.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/pcre-8.12.tar.gz'})
changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/zlib-1.2.11.tar.gz'})
changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/zlib-1.2.11.tar.gz'})
TASK [nginx : Start Install NGINX] **************************************************************************************************************************
changed: [192.168.131.15]
changed: [192.168.131.10]
TASK [nginx : 拷贝配置文件] ***************************************************************************************************************************************
changed: [192.168.131.10] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'})
changed: [192.168.131.15] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'})
TASK [nginx : 开始拷贝源码包] **************************************************************************************************************************************
changed: [192.168.131.10]
changed: [192.168.131.15]
RUNNING HANDLER [nginx : restart nginx] *********************************************************************************************************************
changed: [192.168.131.10]
changed: [192.168.131.15]
PLAY RECAP **************************************************************************************************************************************************
192.168.131.10 : ok=9 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.131.15 : ok=9 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4、验证客户端上nginx是否安装成功并启动
[root@deploy playbook-test]# ansible web -m shell -a "ps -ef | grep nginx|grep -v grep" 192.168.131.10 | CHANGED | rc=0 >> root 71714 1 0 01:25 ? 00:00:00 nginx: master process /opt/nginx/sbin/nginx nginx 71715 71714 0 01:25 ? 00:00:00 nginx: worker process 192.168.131.15 | CHANGED | rc=0 >> root 71654 1 0 01:25 ? 00:00:00 nginx: master process /opt/nginx/sbin/nginx nginx 71655 71654 0 01:25 ? 00:00:00 nginx: worker process
5、如果我们要增加nginx站点,可写好对应的模板,将之前template.yml文件中的注释打开,然后推送到vhosts目录,重载nginx配置文件即可生效。
cat temp.conf.j2
[root@deploy templates]# cat temp.conf.j2
server
{
listen 80;
server_name {{ server_name }};
index index.html index.php;
root {{ root_dir }};
}
重新下发nginx配置配置文件,添加新的nginx站点
[root@deploy playbook-test]# ansible-playbook nginx.yml --tags=conf
PLAY [web] **************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
ok: [192.168.131.15]
ok: [192.168.131.10]
TASK [nginx : 拷贝配置文件] ***************************************************************************************************************************************
ok: [192.168.131.10] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'})
ok: [192.168.131.15] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'})
changed: [192.168.131.15] => (item={u'dest': u'/opt/nginx/vhosts/temp.conf', u'src': u'temp.conf.j2'})
changed: [192.168.131.10] => (item={u'dest': u'/opt/nginx/vhosts/temp.conf', u'src': u'temp.conf.j2'})
RUNNING HANDLER [nginx : restart nginx] *********************************************************************************************************************
changed: [192.168.131.10]
changed: [192.168.131.15]
PLAY RECAP **************************************************************************************************************************************************
192.168.131.10 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.131.15 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
测试:
[root@deploy playbook-test]# ansible web -m shell -a "netstat -antlp | grep 80" 192.168.131.15 | CHANGED | rc=0 >> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 72534/nginx: master tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 72534/nginx: master 192.168.131.10 | CHANGED | rc=0 >> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 72596/nginx: master tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 72596/nginx: master