上一篇介绍了使用playbook批量部署zabbix客户端,当时所有的任务全部都是写在一个playbook中,比较臃肿,且代码不可复用。这篇文章我们将介绍通过ansible的roles、include等模块实现批量安装nginx。
以下为具体实现步骤:
1、目录结构:
[root@deploy playbook-test]# tree . ├── nginx.yml └── roles └── nginx ├── files │ ├── nginx-1.8.0.tar.gz │ ├── nginx.service │ ├── openssl-1.0.1h.tar.gz │ ├── pcre-8.12.tar.gz │ └── zlib-1.2.11.tar.gz ├── handlers │ └── main.yml ├── tasks │ ├── copy.yml │ ├── group.yml │ ├── install.yml │ ├── main.yml │ ├── service.yml │ ├── template.yml │ ├── unarchive.yml │ └── user.yml ├── templates │ ├── nginx.conf.j2 │ └── temp.conf.j2 └── vars └── main.yml
2、代码内容:
cat nginx.yml
[root@deploy playbook-test]# cat nginx.yml --- - hosts: web remote_user: root roles: - nginx
cat tasks/group.yml
[root@deploy nginx]# cat tasks/group.yml --- - name: 创建nginx组 group: name: nginx gid: 202 system: yes state: present
cat tasks/user.yml
[root@deploy nginx]# cat tasks/user.yml --- - name: 创建nginx用户 user: name: nginx uid: 202 group: nginx shell: /sbin/nologin
cat tasks/copy.yml
[root@deploy nginx]# cat tasks/copy.yml --- - name: 拷贝源码包 copy: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - { src: "nginx-1.8.0.tar.gz", dest: "/tmp/nginx-1.8.0.tar.gz" } - { src: "openssl-1.0.1h.tar.gz", dest: "/tmp/openssl-1.0.1h.tar.gz" } - { src: "pcre-8.12.tar.gz", dest: "/tmp/pcre-8.12.tar.gz" } - { src: "zlib-1.2.11.tar.gz", dest: "/tmp/zlib-1.2.11.tar.gz" }
cat tasks/unarchive.yml
--- - name: 解压源码包 unarchive: src: "{{ item.src }}" dest: "{{ item.dest }}" remote_src: yes with_items: - { src: "/tmp/nginx-1.8.0.tar.gz",dest: "/opt/" } - { src: "/tmp/openssl-1.0.1h.tar.gz",dest: "/opt/" } - { src: "/tmp/pcre-8.12.tar.gz",dest: "/opt/" } - { src: "/tmp/zlib-1.2.11.tar.gz",dest: "/opt/" }
cat tasks/install.yml
--- - name: Start Install NGINX shell: cd /opt/nginx-1.8.0 && ./configure --prefix=/opt/nginx --with-pcre=/opt/pcre-8.12 --with-openssl=/opt/openssl-1.0.1h --with-zlib=/opt/zlib-1.2.11 --with-http_stub_status_module --with-http_ssl_module --user=nginx --group=nginx && make && make install
cat tasks/template.yml
--- - name: 拷贝配置文件 template: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - { src: "nginx.conf.j2",dest: "/opt/nginx/conf/nginx.conf" } #- { src: "temp.conf.j2",dest: "/opt/nginx/vhosts/temp.conf" } notify: - restart nginx
cat tasks/service.yml
--- - name: 拷贝启动脚本 copy: src="nginx.service" dest="/lib/systemd/system/nginx.service"
cat tasks/main.yml
--- - include: group.yml - include: user.yml - include: copy.yml - include: unarchive.yml - include: install.yml - include: template.yml tags: [conf] - include: service.yml
cat vars/main.yml
root@deploy nginx]# cat vars/main.yml --- ngxport: "8000" server_name: "www.xxx.com" root_dir: "/web"
cat handlers/main.yml
[root@deploy nginx]# cat handlers/main.yml --- - name: restart nginx service: name=nginx state=restarted enabled=yes
cat nginx.conf.j2
user nginx; worker_processes {{ ansible_processor_vcpus }}; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 2048; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen {{ ngxport }}; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} include /opt/nginx/vhosts/*.conf; }
3、批量安装
[root@deploy playbook-test]# ansible-playbook nginx.yml
[root@deploy playbook-test]# ansible-playbook nginx.yml PLAY [web] ************************************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************************** ok: [192.168.131.15] ok: [192.168.131.10] TASK [nginx : 创建nginx组] ************************************************************************************************************************************* ok: [192.168.131.15] ok: [192.168.131.10] TASK [nginx : 创建nginx用户] ************************************************************************************************************************************ ok: [192.168.131.10] ok: [192.168.131.15] TASK [nginx : 开始拷贝源码包] ************************************************************************************************************************************** changed: [192.168.131.10] => (item={u'dest': u'/tmp/nginx-1.8.0.tar.gz', u'src': u'nginx-1.8.0.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/tmp/nginx-1.8.0.tar.gz', u'src': u'nginx-1.8.0.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/tmp/openssl-1.0.1h.tar.gz', u'src': u'openssl-1.0.1h.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/tmp/openssl-1.0.1h.tar.gz', u'src': u'openssl-1.0.1h.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/tmp/pcre-8.12.tar.gz', u'src': u'pcre-8.12.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/tmp/pcre-8.12.tar.gz', u'src': u'pcre-8.12.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/tmp/zlib-1.2.11.tar.gz', u'src': u'zlib-1.2.11.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/tmp/zlib-1.2.11.tar.gz', u'src': u'zlib-1.2.11.tar.gz'}) TASK [nginx : 开始解压源码包] ************************************************************************************************************************************** changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/nginx-1.8.0.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/nginx-1.8.0.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/openssl-1.0.1h.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/openssl-1.0.1h.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/pcre-8.12.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/pcre-8.12.tar.gz'}) changed: [192.168.131.15] => (item={u'dest': u'/opt/', u'src': u'/tmp/zlib-1.2.11.tar.gz'}) changed: [192.168.131.10] => (item={u'dest': u'/opt/', u'src': u'/tmp/zlib-1.2.11.tar.gz'}) TASK [nginx : Start Install NGINX] ************************************************************************************************************************** changed: [192.168.131.15] changed: [192.168.131.10] TASK [nginx : 拷贝配置文件] *************************************************************************************************************************************** changed: [192.168.131.10] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'}) changed: [192.168.131.15] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'}) TASK [nginx : 开始拷贝源码包] ************************************************************************************************************************************** changed: [192.168.131.10] changed: [192.168.131.15] RUNNING HANDLER [nginx : restart nginx] ********************************************************************************************************************* changed: [192.168.131.10] changed: [192.168.131.15] PLAY RECAP ************************************************************************************************************************************************** 192.168.131.10 : ok=9 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.131.15 : ok=9 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4、验证客户端上nginx是否安装成功并启动
[root@deploy playbook-test]# ansible web -m shell -a "ps -ef | grep nginx|grep -v grep" 192.168.131.10 | CHANGED | rc=0 >> root 71714 1 0 01:25 ? 00:00:00 nginx: master process /opt/nginx/sbin/nginx nginx 71715 71714 0 01:25 ? 00:00:00 nginx: worker process 192.168.131.15 | CHANGED | rc=0 >> root 71654 1 0 01:25 ? 00:00:00 nginx: master process /opt/nginx/sbin/nginx nginx 71655 71654 0 01:25 ? 00:00:00 nginx: worker process
5、如果我们要增加nginx站点,可写好对应的模板,将之前template.yml文件中的注释打开,然后推送到vhosts目录,重载nginx配置文件即可生效。
cat temp.conf.j2
[root@deploy templates]# cat temp.conf.j2 server { listen 80; server_name {{ server_name }}; index index.html index.php; root {{ root_dir }}; }
重新下发nginx配置配置文件,添加新的nginx站点
[root@deploy playbook-test]# ansible-playbook nginx.yml --tags=conf PLAY [web] ************************************************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************************** ok: [192.168.131.15] ok: [192.168.131.10] TASK [nginx : 拷贝配置文件] *************************************************************************************************************************************** ok: [192.168.131.10] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'}) ok: [192.168.131.15] => (item={u'dest': u'/opt/nginx/conf/nginx.conf', u'src': u'nginx.conf.j2'}) changed: [192.168.131.15] => (item={u'dest': u'/opt/nginx/vhosts/temp.conf', u'src': u'temp.conf.j2'}) changed: [192.168.131.10] => (item={u'dest': u'/opt/nginx/vhosts/temp.conf', u'src': u'temp.conf.j2'}) RUNNING HANDLER [nginx : restart nginx] ********************************************************************************************************************* changed: [192.168.131.10] changed: [192.168.131.15] PLAY RECAP ************************************************************************************************************************************************** 192.168.131.10 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.131.15 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
测试:
[root@deploy playbook-test]# ansible web -m shell -a "netstat -antlp | grep 80" 192.168.131.15 | CHANGED | rc=0 >> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 72534/nginx: master tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 72534/nginx: master 192.168.131.10 | CHANGED | rc=0 >> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 72596/nginx: master tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 72596/nginx: master