ansible-playbook批量部署PHP

通过ansible-playbook，以源码编译方式部署php。

• 将所有部署php主机分为webserver组：

# vim /etc/ansible/hosts
[webserver]
192.168.30.128
192.168.30.129
192.168.30.130

• 创建管理目录：

#  mkdir -p php/roles/php_install/{files,handlers,meta,tasks,templates,vars}

# cd php/

说明：

files：存放需要同步到异地服务器的源码文件及配置文件； 
handlers：当资源发生变化时需要进行的操作，若没有此目录可以不建或为空； 
meta：存放说明信息、说明角色依赖等信息，可留空； 
tasks：php安装过程中需要进行执行的任务； 
templates：用于执行php安装的模板文件，一般为脚本； 
vars：本次安装定义的变量

# tree .
.
├── php.yml
└── roles
    └── php_install
        ├── files
        │   ├── libmcrypt-2.5.8.tar.gz              #可提前下载好包放到files下
        │   └── php-7.2.6.tar.gz
        ├── handlers
        ├── meta
        ├── tasks
        │   ├── copy.yml
        │   ├── install.yml
        │   ├── main.yml
        │   └── prepare.yml
        ├── templates
        │   └── php-fpm.conf
        └── vars
            └── main.yml

8 directories, 9 files

---

• 创建php入口文件，用来调用php_install：

# vim php.yml 

#用于批量安装PHP
- hosts: webserver
  remote_user: root
  gather_facts: True

  roles:
    - php_install

• 创建变量：

# vim roles/php_install/vars/main.yml

#定义php安装中的变量
PHP_VER: 7.2.6
DOWNLOAD_URL: http://mirrors.sohu.com/php/php-{{ PHP_VER }}.tar.gz
PHP_USER: php-fpm
PHP_PORT: 9000
SOURCE_DIR: /software
PHP_DIR: /usr/local/php7
MYSQL_DIR: /usr/local/mysql

• 创建模板文件：

php主配置文件php-fpm.conf

# vim roles/php_install/templates/php-fpm.conf

[global]
pid = {{ PHP_DIR }}/var/run/php-fpm.pid
error_log = {{ PHP_DIR }}/var/log/php-fpm.log
[www]
listen = 127.0.0.1:{{ PHP_PORT }}
listen.mode = 666
listen.owner = nobody
listen.group = nobody
user = {{ PHP_USER }}
group = {{ PHP_USER }}
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024

• 环境准备prepare.yml：

# vim roles/php_install/tasks/prepare.yml

- name: 关闭firewalld
  service: name=firewalld state=stopped enabled=no

- name: 临时关闭 selinux
  shell: "setenforce 0"
  failed_when: false

- name: 永久关闭 selinux
  lineinfile:
    dest: /etc/selinux/config
    regexp: "^SELINUX="
    line: "SELINUX=disabled"

- name: 添加EPEL仓库
  yum: name=epel-release state=latest

- name: 安装常用软件包
  yum:
    name:
      - vim
      - lrzsz
      - net-tools
      - wget
      - curl
      - bash-completion
      - rsync
      - gcc
      - gcc-c++
      - unzip
      - git
      - autoconf
      - cmake
      - openssl
      - openssl-devel
      - pcre 
      - pcre-devel 
      - zlib
      - zlib-devel
      - gd-devel
      - libxml2-devel
      - bzip2-devel
      - gnutls-devel
      - ncurses-devel 
      - bison
      - bison-devel
      - openldap  
      - openldap-devel
      - libcurl-devel 
      - libevent 
      - libevent-devel 
      - expat-devel
      - numactl
    state: latest

- name: 更新系统
  shell: "yum update -y"
  args:
    warn: False

• 文件拷贝copy.yml：

# vim roles/php_install/tasks/copy.yml

- name: 创建php用户组
  group: name={{ PHP_USER }}  state=present

- name: 创建php用户
  user: name={{ PHP_USER }}  group={{ PHP_USER }}  state=present create_home=False shell=/sbin/nologin

- name: 创建software目录
  file: name={{ SOURCE_DIR }} state=directory mode=0755 recurse=yes

#当前主机下没有libmcrypt依赖包
- name: 下载依赖包libmcrypt
  get_url: url=http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz dest={{ SOURCE_DIR }}

#当前主机file目录下已有libmcrypt依赖包
#- name: 拷贝现有libmcrypt依赖包到所有主机
#  copy: src=libmcrypt-2.5.8.tar.gz dest={{ SOURCE_DIR }}

#当前主机下没有php包
- name: 下载php包
  get_url: url={{ DOWNLOAD_URL }} dest={{ SOURCE_DIR }} owner={{ PHP_USER }} group={{ PHP_USER }}

#当前主机file目录下已有php包
#- name: 拷贝现有php包到所有主机
#  copy: src=php-{{ PHP_VER }}.tar.gz dest={{ SOURCE_DIR }} owner={{ PHP_USER }} group={{ PHP_USER }}

- name: 解压依赖包libmcrypt
  unarchive: src={{ SOURCE_DIR }}/libmcrypt-2.5.8.tar.gz dest={{ SOURCE_DIR }}

- name: 编译安装libmcrypt
  shell: "cd {{ SOURCE_DIR }}/libmcrypt-2.5.8 && ./configure && make && make install"

- name: 解压php包
  unarchive: src={{ SOURCE_DIR }}/php-{{ PHP_VER }}.tar.gz dest={{ SOURCE_DIR }} owner={{ PHP_USER }} group={{ PHP_USER }}

• 编译安装install.yml：

# vim roles/php_install/tasks/install.yml

#编译php
- name: 编译php
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }} && ./configure --prefix={{ PHP_DIR }} --with-config-file-path={{ PHP_DIR }}/etc --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-mysql={{ MYSQL_DIR }} --with-mysql-sock={{ MYSQL_DIR }}/tmp/mysql.sock --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-bz2 --with-libxml-dir --with-curl --with-gd --with-openssl --with-mhash  --with-xmlrpc --with-pdo-mysql --with-libmbfl --with-onig --with-pear --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --enable-fpm --enable-mbstring --enable-pcntl --enable-sockets --enable-zip --enable-soap --enable-opcache --enable-pdo --enable-mysqlnd-compression-support --enable-maintainer-zts  --enable-session --with-fpm-user={{ PHP_USER }} --with-fpm-group={{ PHP_USER }}"
  
#安装php
- name: 安装php
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }} && make -j 2 && make -j 2 install"

- name: 创建php-fpm配置目录
  file: name={{ PHP_DIR }}/etc state=directory owner={{ PHP_USER }} group={{ PHP_USER }} mode=0755 recurse=yes

- name: 修改php-fpm配置_1
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }} && cp php.ini-production  {{ PHP_DIR }}/etc/php.ini"
  
- name: 修改php-fpm配置_2
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: "post_max_size = 8M"
    line: "post_max_size = 16M"

- name: 修改php-fpm配置_3
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: "max_execution_time = 30"
    line: "max_execution_time = 300"

- name: 修改php-fpm配置_4
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: "max_input_time = 60"
    line: "max_input_time = 300"
  
- name: 修改php-fpm配置_5
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: ";date.timezone ="
    line: "date.timezone = Asia/Shanghai"

#复制启动配置文件
- name: 拷贝启动配置文件
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }} && cp sapi/fpm/init.d.php-fpm  /etc/init.d/php-fpm && chmod +x /etc/init.d/php-fpm"
  
#复制php主配置文件
- name: 拷贝php主配置文件
  template: src=php-fpm.conf dest={{ PHP_DIR }}/etc/php-fpm.conf owner={{ PHP_USER }} group={{ PHP_USER }}

#编译安装ldap模块
- name: 编译安装ldap模块
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }}/ext/ldap && cp -af /usr/lib64/libldap* /usr/lib/ && {{ PHP_DIR }}/bin/phpize && ./configure --with-php-config={{ PHP_DIR }}/bin/php-config && make && make install"

- name: 修改php-fpm配置_6
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: ";extension=bz2"
    line: "aextension=ldap.so"
  
#编译安装gettext模块
- name: 编译安装gettext模块
  shell: "cd {{ SOURCE_DIR }}/php-{{ PHP_VER }}/ext/gettext && cp -af /usr/lib64/libldap* /usr/lib/ && {{ PHP_DIR }}/bin/phpize && ./configure --with-php-config={{ PHP_DIR }}/bin/php-config && make && make install"

- name: 修改php-fpm配置_7
  lineinfile:
    dest: "{{ PHP_DIR }}/etc/php.ini"
    regexp: ";extension=bz2"
    line: "aextension=gettext.so"

- name: 启动php并开机启动
  shell: "chkconfig --add php-fpm && chkconfig php-fpm on && /etc/init.d/php-fpm start"

• 引用文件main.yml：

# vim roles/php_install/tasks/main.yml

#引用prepare、copy、install模块
- include: prepare.yml
- include: copy.yml
- include: install.yml

• 执行安装：

# ansible-playbook php.yml

# netstat -lntp |grep 9000
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      76942/php-fpm: mast 

# chkconfig --list |grep php-fpm

php-fpm        	0:off	1:off	2:on	3:on	4:on	5:on	6:off

php安装目录是/usr/local/php7，日志存放目录是/usr/local/php7/var/log。

测试安装没有问题，如果本地没有下载好的php包，安装会慢一点。已存放至个人gitgub：ansible-playbook

---