Ansible部署主从+读写分离
1、节点规划
| IP | 主机名 | 节点 |
|---|---|---|
| 192.168.11.3 | ansible | ansible-server节点 |
| 192.168.11.15 | master | mariadb数据库集群主节点 |
| 192.168.11.14 | slave | mariadb数据库集群从节点 |
| 192.168.11.8 | mycat | mycat中间件服务节点 |
2、Ansible节点基础环境搭建
- 关闭防火墙
[root@ansible ~]# systemctl stop firewalld && systemctl disable firewalld
- Selinux
[root@ansible ~]# setenforce 0 && sed -i 's/enforcing/disabled/g' /etc/selinux/config
- iptables
[root@ansible ~]# iptables -F && iptables -X && iptables -Z && iptables-save
- 域名解析
[root@ansible ~]# [root@ansible ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.10 controller
192.168.11.15 master
192.168.11.14 slave
192.168.11.8 mycat
- 无密钥登录
[root@ansible ~]# ssh-keygen -t rsa
[root@ansible ~]# ssh-copy-id master/slave/mycat
- 配置yum源
[root@ansible ~]# rm -rf /etc/yum.repos.d/*
[root@ansible ~]# cat /etc/yum.repos.d/local.repo
[centos]
name=centos
gpgcheck=0
enabled=1
baseurl=http://controller/centos
[Ansible]
name=Ansible-repo
gpgcheck=0
enabled=1
baseurl=http://controller/Ansible
- 安装Ansible
[root@ansible ~]# yum install -y ansible
- 修改/etc/ansible/hosts文件
[root@ansible ~]# cat /etc/ansible/hosts
[db]
master
slave
[middleware]
mycat
- master、slave、mycat节点自行修改主机名
# hostnamectl set-hostname master
# hostnamectl set-hostname slave
# hostnamectl set-hostname mycat
- 测试
[root@ansible ~]# ssh master
[root@ansible ~]# ssh slave
[root@ansible ~]# ssh mycat
[root@ansible ~]# ansible all -m ping
mycat | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
master | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
slave | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
3、Ansible-playbook编写
- 创建playbook工作目录
# cd /etc/ansible/roles/
# mkdir read_write_separation
# cd read_write_separation/
- 创建局部变量、角色目录
[root@ansible read_write_separation]# mkdir {group_vars,roles}
- 创建局部变量文件
[root@ansible read_write_separation]# touch group_vars/all
- 创建playbook入口文件
[root@ansible read_write_separation]# touch install_read_write_separation.yaml
- 构建角色目录
[root@ansible read_write_separation]# mkdir roles/init/{files,tasks,templates}
[root@ansible read_write_separation]# mkdir roles/db/{tasks,templates}
[root@ansible read_write_separation]# mkdir roles/mycat/{files,tasks,templates}
- 编辑变量声明文件group_vars/all
[root@ansible read_write_separation]# cat group_vars/all
hostip1: 192.168.11.15
hostip2: 192.168.11.14
hostip3: 192.168.11.8
hostname1: master
hostname2: slave
hostname3: mycat
DB_PASS: 123456
logic_library: USERDB
- 编辑安装入口文件
[root@ansible read_write_separation]# cat install_read_write_separation.yaml
---
- hosts: all
remote_user: root
roles:
- init
- hosts: db
remote_user: root
roles:
- db
- hosts: middleware
remote_user: root
roles:
- mycat
1、roles-init
- 编辑初始化环境主任务
[root@ansible read_write_separation]# cat roles/init/tasks/main.yaml
---
- name: copy hosts.j2 template
template:
src: hosts.j2
dest: /etc/hosts
- name: copy gpmall-repo package to remote server
unarchive:
src: gpmall-repo.tar.gz
dest: /opt/
- name: delete remote server local repos
file:
path: /etc/yum.repos.d/*
state: absent
- name: edit remote server gpmall repos
yum_repository:
name: gpmall
description: gpmall-repo
baseurl: file:///opt/gpmall-repo
gpgcheck: false
enabled: true
- name: edit remote server centos repos
yum_repository:
name: centos
description: centos
baseurl: http://controller/centos
gpgcheck: false
enabled: true
- name: update yum cache
yum:
update_cache: true
...
- 上传gpmall-repo.tar.gz 文件到
/etc/ansible/roles/read_write_separation/roles/init/files/下 - 编辑``hosts.j2`文件
[root@ansible read_write_separation]# cat roles/init/templates/hosts.j2
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.10 controller
{
{
hostip1 }} {
{
hostname1 }}
{
{
hostip2 }} {
{
hostname2 }}
{
{
hostip3 }} {
{
hostname3 }}
2、roles-db
- 创建db角色的主任务文件
[root@ansible read_write_separation]# cat roles/db/tasks/main.yaml
---
- name: install mysql server
yum:
name: ['mariadb','mariadb-server','expect']
state: present
- name: copy my.cnf.j2 template
template:
src: my.cnf.j2
dest: /etc/my.cnf
- name: start mysql server
service:
name: mariadb
state: restarted
enabled: true
- name: mysql_secure_installation
template:
src: mysql_secure_installation.sh.j2
dest: /root/mysql_secure_installation.sh
- name: sh shell
shell: bash /root/mysql_secure_installation.sh
- name: grant master server privileges
shell: mysql -uroot -p{
{
DB_PASS }} -e "grant all privileges on *.* to 'root'@'%' identified by '{
{
DB_PASS }}';"
when: ansible_fqdn == "master"
- name: grant master server user privileges
shell: mysql -uroot -p{
{
DB_PASS }} -e "grant replication slave on *.* to 'user'@'slave' identified by '{
{
DB_PASS }}';"
when: ansible_fqdn == "master"
- name: change slave server master information
shell: mysql -uroot -p{
{
DB_PASS }} -e "change master to master_host='master',master_user='user',master_password='{
{
DB_PASS }}';"
when: ansible_fqdn == "slave"
- name: start slave
shell: mysql -uroot -p{
{
DB_PASS }} -e "start slave;"
when: ansible_fqdn == "slave"
...
- 编辑
my.cnf.j2模板文件
[root@ansible read_write_separation]# cat roles/db/templates/my.cnf.j2
#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
[mysqld]
log_bin = mysql-bin
binlog_ignore_db = mysql
{
% if ansible_fqdn == "master" %}
server_id = 1
{
% else %}
server_id = 2
{
% endif %}
- 编辑
mysql_secure_installation.sh.j2模板文件
[root@ansible read_write_separation]# cat roles/db/templates/mysql_secure_installation.sh.j2
#!/bin/bash
#检查是否是 root 用户执行
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use root to install"
exit 1
fi
expect -c "
spawn /usr/bin/mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"\r\"
expect \"Set root password?\"
send \"y\r\"
expect \"New password:\"
send \"{
{ DB_PASS }}\r\"
expect \"Re-enter new password:\"
send \"{
{ DB_PASS }}\r\"
expect \"Remove anonymous users?\"
send \"y\r\"
expect \"Disallow root login remotely?\"
send \"n\r\"
expect \"Remove test database and access to it?\"
send \"y\r\"
expect \"Reload privilege tables now?\"
send \"y\r\"
expect eof
"
3、roles-mycat
-
上传
Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz文件到/etc/ansible/roles/read_write_separation/roles/mycat/files下 -
编辑mycat主任务文件
[root@ansible read_write_separation]# cat roles/mycat/tasks/main.yaml
---
- name: install java environment
yum:
name: ["java-1.8.0-openjdk","java-1.8.0-openjdk-devel"]
state: present
- name: unarchive mycat packages
unarchive:
src: Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz
dest: /usr/local/
mode: 777
owner: root
group: root
- name: add path environment
shell: echo "export MYCAT_HOME=/usr/local/mycat/ >> /etc/profile"
- name: source path environment
shell: source /etc/profile
- name: copy schema.xml template
template:
src: schema.xml.j2
dest: /usr/local/mycat/conf/schema.xml
owner: root
group: root
mode: 777
- name: copy server.xml template
template:
src: server.xml.j2
dest: /usr/local/mycat/conf/server.xml
owner: root
group: root
mode: 777
- name: start mycat service
shell: /bin/bash /usr/local/mycat/bin/mycat start
- 编辑
scheme.xml.j2模板文件
[root@ansible read_write_separation]# cat roles/mycat/templates/schema.xml.j2
DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
<schema name="{
{ logic_library }}" checkSQLschema="true" sqlMaxLimit="100" dataNode="dn1">
schema>
<dataNode name="dn1" dataHost="localhost1" database="test" />
<dataHost name="localhost1" maxCon="1000" minCon="10" balance="3"
writeType="0" dbType="mysql" dbDriver="native" switchType="1" slaveThreshold="100">
<heartbeat>select user()heartbeat>
<writeHost host="hostM1" url="{
{ hostip1 }}:3306" user="root"
password="{
{ DB_PASS }}">
<readHost host="hostS2" url="{
{ hostip2 }}:3306" user="root" password="{
{ DB_PASS }}" />
writeHost>
dataHost>
mycat:schema>
- 编辑
server.xml.j2模板文件
[root@ansible read_write_separation]# cat roles/mycat/templates/schema.xml.j2
DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
<schema name="{
{ logic_library }}" checkSQLschema="true" sqlMaxLimit="100" dataNode="dn1">
schema>
<dataNode name="dn1" dataHost="localhost1" database="test" />
<dataHost name="localhost1" maxCon="1000" minCon="10" balance="3"
writeType="0" dbType="mysql" dbDriver="native" switchType="1" slaveThreshold="100">
<heartbeat>select user()heartbeat>
<writeHost host="hostM1" url="{
{ hostip1 }}:3306" user="root"
password="{
{ DB_PASS }}">
<readHost host="hostS2" url="{
{ hostip2 }}:3306" user="root" password="{
{ DB_PASS }}" />
writeHost>
dataHost>
mycat:schema>
[root@ansible read_write_separation]# cat roles/mycat/templates/server.xml.j2
DOCTYPE mycat:server SYSTEM "server.dtd">
<mycat:server xmlns:mycat="http://io.mycat/">
<system>
<property name="useSqlStat">0property>
<property name="useGlobleTableCheck">0property>
<property name="sequnceHandlerType">2property>
<property name="processorBufferPoolType">0property>
<property name="handleDistributedTransactions">0property>
<property name="useOffHeapForMerge">1property>
<property name="memoryPageSize">1mproperty>
<property name="spillsFileBufferSize">1kproperty>
<property name="useStreamOutput">0property>
<property name="systemReserveMemorySize">384mproperty>
<property name="useZKSwitch">trueproperty>
system>
<user name="root">
<property name="password">{
{ DB_PASS }}property>
<property name="schemas">{
{ logic_library }}property>
user>
mycat:server>
整个项目的树状图如下:
整个部署流程图如下:
