ansible模块独立部署LAMP

前言:一般部署lamp是用源码安装的方式部署,ansible实现源码安装lamp一般是写入xxx.yml,但是由于它喵的老睡不着,就准备多熟悉熟悉ansible模块,于是就有了下面的基于模块安装的lamp,虽然是yum方式安装的包,但是修改的配置文件内容都差不多

因此取名:

ansible模块独立部署LAMP_第1张图片

1.环境准备
系统 ip地址 名字 安装服务
centos8 192.168.136.99 master ansible
centos8 192.168.136.100 slave01 httpd
centos8 192.168.136.101 slave02 mariadb
centos8 192.168.136.102 slave03 php

注意受管主机是最新环境。

2.安装ansible
#master主机
yum -y install epel-release
yum -y install ansible
#slave[01-03]主机
python3-libselinux
3.master主机进行anisble配置
#受管主机添加清单文件
[root@master ~]# cat /etc/ansible/ansible.cfg 
inventory      = /etc/ansible/hosts
[root@master ~]# vim /etc/ansible/hosts 
[web1]
192.168.136.100
[web2]
192.168.136.101
[web3]
192.168.136.102

#进行免密登录(全部依次做)
[root@master ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.136.101's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
[root@master ~]# ssh-agent bash
[root@master ~]# ssh-add
Enter passphrase for /root/.ssh/id_rsa: 
Identity added: /root/.ssh/id_rsa (root@master)
#其它俩个略 步骤一样
4.slave01安装httpd

确保每台机器上都有yum源仓库

利用shell模块进行安装,可以安装全部包

[root@master ~]# ansible web1 -m shell -a "yum -y install httpd*"
192.168.136.100 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: mod_http2-1.15.7-3.module_el8.4.0+778+c970deab.x86_64",
        "Installed: centos-logos-httpd-85.8-1.el8.noarch",
        "Installed: httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
        "Installed: apr-1.6.3-11.el8.x86_64",
        "Installed: httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch",
        "Installed: apr-util-1.6.1-6.el8.x86_64",
        "Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
        "Installed: httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
        "Installed: apr-util-openssl-1.6.1-6.el8.x86_64"
    ]
}
5.slave02安装mariadb
[root@master ~]# ansible web2 -m shell -a "yum -y install mariadb*"
192.168.136.101 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "changes": {
        "installed": [
            "mariadb"
        ]
    },
    "msg": "",
    "rc": 0,
    "results": [
        "Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\nResolving Dependencies\n--> Running transaction check\n---> Package mariadb.x86_64 1:5.5.68-1.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package          Arch            Version                   Repository     Size\n================================================================================\nInstalling:\n mariadb          x86_64          1:5.5.68-1.el7            RHCE          8.8 M\n\nTransaction Summary\n================================================================================\nInstall  1 Package\n\nTotal download size: 8.8 M\nInstalled size: 49 M\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n  Installing : 1:mariadb-5.5.68-1.el7.x86_64                                1/1 \n  Verifying  : 1:mariadb-5.5.68-1.el7.x86_64                                1/1 \n\nInstalled:\n  mariadb.x86_64 1:5.5.68-1.el7                                                 \n\nComplete!\n"
6.slave03安装php
[root@master ~]# ansible web3 -m shell -a "yum -y install php*"
192.168.136.102 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: mod_http2-1.15.7-3.module_el8.4.0+778+c970deab.x86_64",
        "Installed: nginx-filesystem-1:1.14.1-9.module_el8.0.0+184+e34fea82.noarch",
        "Installed: php-fpm-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: php-cli-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: apr-1.6.3-11.el8.x86_64",
        "Installed: httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
        "Installed: php-common-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64",
        "Installed: apr-util-1.6.1-6.el8.x86_64",
        "Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
        "Installed: httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch",
        "Installed: centos-logos-httpd-85.8-1.el8.noarch",
        "Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
        "Installed: httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
        "Installed: php-7.2.24-1.module_el8.2.0+313+b04d0a66.x86_64"
..
7.slave01主机(apache)创建用户改变属主(可做可不做)
[root@master ~]# ansible web1 -m user -a "name=apache system=yes create_home=no shell=/sbin/nologin"
192.168.136.100 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "append": false,
    "changed": false,
    "comment": "Apache",
    "group": 48,
    "home": "/usr/share/httpd",
    "move_home": false,
    "name": "apache",
    "shell": "/sbin/nologin",
    "state": "present",
    "uid": 48
}
[root@slave01 ~]# id apache 
uid=48(apache) gid=48(apache)=48(apache
                                 
[root@master ~]# ansible web1 -m shell -a "chown -R apache.apache /var/www/html"
192.168.136.100 | CHANGED | rc=0 >>
[root@slave01 ~]# ll -d /var/www//html/
drwxr-xr-x. 2 apache apache 6 630 04:11 /var/www//html/
8.slave02主机(mariadb)创建用户改变属主(可做可不做)
[root@master ~]# ansible web2 -m user -a "name=mysql system=yes create_home=no shell=/sbin/nologin"
192.168.136.101 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": true,
    "comment": "",
    "create_home": false,
    "group": 996,
    "home": "/home/mysql",
    "name": "mysql",
    "shell": "/sbin/nologin",
    "state": "present",
    "system": true,
    "uid": 998
}
#slave02改变属主
[root@master ~]# ansible web2 -m shell -a "chown -R mysql:mysql /opt/data"
192.168.136.101 | CHANGED | rc=0 >>                                   
[root@slave02 ~]# ll -d /opt/data/
drwxr-xr-x. 2 mysql mysql 6 717 10:52 /opt/data/  
9.slave01主机(apache)修改相关配置文件
1.模块功能开启(一般yum安装是开启的)
[root@master ~]# ansible web1 -m shell -a "sed -i '/proxy_module/s/#//g' /etc/httpd/conf.modules.d/00-proxy.conf"
192.168.136.100 | CHANGED | rc=0 >>
LoadModule proxy_module modules/mod_proxy.so
[root@master ~]# ansible web1 -m shell -a "sed -i '/proxy_fcgi_module/s/#//g' /etc/httpd/conf.modules.d/00-proxy.conf"
192.168.136.100 | CHANGED | rc=0 >>
2.取消监听端口注释以及域名注释
[root@master ~]# ansible web1 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^#Listen 80" line="Listen 80"'
192.168.136.100 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line replaced"
}
[root@master ~]# ansible web1 -m shell -a "sed -i '/www.example/s/#//g' /etc/httpd/conf/httpd.conf"
192.168.136.100 | CHANGED | rc=0 >>
3.添加俩行内容(\n:换行)
[root@master ~]# ansible web1 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^AddType" line="AddType application/x-httpd-php .php\nAddType application/x-httpd-php-source .phps"'
192.168.136.100 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}
4.index.html前面加index.php(其它的模块都试了不行,只有这个方式,晕)
[root@master ~]# ansible web1 -m shell -a "sed -i '/index.html/s/index.html/index.php index.html/g' /etc/httpd/conf/httpd.conf"
5.找到vhosts.conf文件复制到/etc/httpd/conf.d/[root@master ~]# ansible web1 -m shell -a "find / -name *vhosts.conf"
192.168.136.100 | CHANGED | rc=0 >>
/usr/share/doc/httpd/httpd-vhosts.conf
[root@master ~]# ansible web1 -m shell -a "mv /usr/share/doc/httpd/httpd-vhosts.conf /etc/httpd/conf.d/"
192.168.136.100 | CHANGED | rc=0 >>
6.修改虚拟配置文件
[root@master ~]# ansible web1 -m shell -a ">  /etc/httpd/conf.d/httpd-vhosts.conf"
192.168.136.100 | CHANGED | rc=0 >>                                 (先清空默认的配置文件内容)
[root@master ~]# ansible web1 -m lineinfile -a 'path=/etc/httpd/conf.d/httpd-vhosts.conf line="\n    DocumentRoot "/var/www/html"\n    ServerName clq.com\n    ProxyRequests Off\n    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.136.102:9000/data/php/$1\n    \n      Options none\n      AllowOverride none\n      Require all granted\n    \n"'
192.168.136.100 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}
#slave01上查看
[root@slave01 ~]#  cat /etc/httpd/conf.d/httpd-vhosts.conf 
<VirtualHost *:80>
    DocumentRoot "/var/www/html"
    ServerName www.clq.com
    ProxyRequests Off
    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.136.102:9000/data/php/$1
    <Directory "/data/php/">
        Options none
        AllowOverride none
        Require all granted
    </Directory>
</VirtualHost>

10.slave02mysql开机自启
#开启mariadb
[root@master ~]# ansible web2 -m service -a "name=mysql.service state=present enabled=yes"
11.slave03修改相关配置文件
#创建文件,并且输入如下内容
[root@master ~]# ansible web3-m lineinfile -a "path=/data/php/index.php line= create=yes"
#修改/etc/php-fpm.d/www.conf文件
[root@master ~]# ansible web3 -m shell -a "sed -i '/www.sock/s/listen/;listen/g' /etc/php-fpm.d/www.conf"
[root@master ~]# ansible web3 -m shell -a "sed -i '/clients/s/12.0.0.1/192.168.136.129/g' /etc/php-fpm.d/www.conf"
12.启动httpd和php
[root@master ~]# ansible web1 -m shell -a "systemctl start httpd.service"
[root@master ~]# ansible web3 -m shell -a "systemctl start php-fpm.service"
13.slave[1-3]关闭防火墙
[root@master ~]# ansible all -m shell -a "systemctl stop firewalld"
[root@master ~]# ansible all -m shell -a "systemctl disable firewalld"
[root@master ~]# ansible all -m shell -a "setenforce 0"

14.域名添加,查看效果

ansible模块独立部署LAMP_第2张图片
在这里插入图片描述
ansible模块独立部署LAMP_第3张图片

你可能感兴趣的:(自动化运维,LAMP,ruby,on,rails,后端,linux,运维,ssh)