CentOS7-自动化部署web集群

一、项目要求

1、创建role,通过role完成项目(可能需要多个role)
2、部署nginx调度器(node2主机)
3、部署2台lnmp服务器(node3,node4主机)
4、部署mariadb数据库(node5主机)

主要用的ansible实现自动化部署,ansible的安装教程省略,控制节点安装ansible和Python,受控节点上只需要安装相同版本Python(环境一致好些),所有主机间做免密登录

二、项目实施

1、在控制节点上创建role部署lnmp平台环境

[root@control ansible]# ansible-galaxy init ~/ansible/roles/lnmp

2、上传或者下载lnmp_soft.tar.gz里面的nginx-1.16-1.tar.gz软件包到 /root/ansible/roles/lnmp/files/

# 下载Nginx安装包:
[root@control ansible]# wget https://nginx.org/download/nginx-1.16.1.tar.gz
[root@control ansible]# tar -xf lnmp_soft.tar.gz
[root@control ansible]# cp lnmp_soft/nginx-1.16.1.tar.gz /root/ansible/roles/lnmp/files/

2、编写部署lnmp的脚本,配置动静分离

[root@control ansible]# vim /root/ansible/roles/lnmp/files/install_nginx.sh

稍后会使用copy模块把nginx源码包放到tmp目录下,拷贝nginx源码,执行编译安装

#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '65,71s/#//' $conf
sed -i '/SCRIPT_FILENAME/d' $conf
sed -i 's/fastcgi_params/fastcgi.conf/' $conf

3、部署网页模板文件,通过template把包含变量的模板文件拷贝给目标主机node3 和 node4

[root@control ansible]# vim /root/ansible/roles/lnmp/templates/index.html
Welcome to {{ansible_hostname}} on {{ansible_all_ipv4_addresses}}

4、编写tasks文件,定义任务

[root@control ansible]# vim /root/ansible/roles/lnmp/tasks/main.yml
---
# tasks file for /root/ansible/roles/lnmp
- name: copy nginx-1.16.1.tar.gz to webserver.
  copy:
    src: nginx-1.16.1.tar.gz
    dest: /tmp/
- name: install nginx through shell script.
  script: install_nginx.sh
  args:
    creates: /usr/local/nginx/sbin/nginx # 当nginx主程序文件存在时,不执行安装脚本
- name: copy index.html to webserver. #拷贝首页文件
template:
  src: index.html
  dest: /usr/local/nginx/html/index.html
- name: install php
yum:
  name:
    - php
    - php-fpm
    - php-mysqlnd
    - mariadb-devel
- name: run all serveice
block:
  - service:
      name: php-fpm
      state: started
  - shell: /usr/local/nginx/sbin/nginx
    args:
      creates: /usr/local/nginx/logs/nginx.pid 
#当nginx的进程号文件存在,说明nginx启动了。则不执行启动nginx

5、编写playbook剧本

[root@control ansible]# vim ~/ansible/lnmp.yml

  • hosts: webserver
    roles:
    • lnmp

6、运行playbook,并验证是否成功

[root@control ansible]# ansible-playbook lnmp.yml

# 控制节点上登录node节点
[root@control ansible]# ssh node3

# 查看/usr/local/nginx/目录下信息bin
[root@node3 ~]# ls /usr/local/nginx/

# 查看端口是否被监听
[root@node3 ~]# ss -nultp | grep 80

# 查看是否安装所需要包
[root@node3 ~]# rpm -q php-fpm

# 查看php的状态
[root@node3 ~]# systemctl status php-fpm

# 查看默认主页是否创建完成
[root@node3 ~]# cat /usr/local/nginx/html/index.html
Welcome to node3 on ['192.168.4.3']

7、使用nginx部署代理服务器node2

[root@control ansible]# ansible-galaxy init ~/ansible/roles/proxy
[root@control ansible]# cp ~/ansible/roles/lnmp/files/* ~/ansible/roles/proxy/files/

8、编写配置调度器的脚本,删掉之前的sed语句,添加定义集群,调用集群的语句

[root@control ansible]# vim ~/ansible/roles/proxy/files/install_nginx.sh
#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '/^http/a upstream webs {\n server 192.168.4.3;\n server 192.168.4.4;\n }\n'
$conf
sed -i '49i proxy_pass http://webs;' $conf
/usr/local/nginx/sbin/nginx

9、编写tasks文件,定义任务

[root@control ansible]# vim ~/ansible/roles/proxy/tasks/main.yml
---
# tasks file for /root/ansible/roles/proxy
- name: copy source file to node2
  copy:
    src: nginx-1.16.1.tar.gz
    dest: /tmp/
- name: install nginx.
  script: install_nginx.sh
  args:
    creates: /usr/local/nginx/sbin/nginx

10、编写playbook剧本,调用任务

[root@control ansible]# vim proxy.yml
---
- hosts: node2
roles:
- proxy
- hosts: node5
tasks:
- name: install mariadb server. #部署数据库服务器
yum:
name:
- mariadb
- mariadb-server
- mariadb-devel
- name: run mariadb-server
service:
name: mariadb
state: started

11、运行playbook和测试节点

[root@control ansible]# ansible-playbook proxy.yml
node1测试访问:
node2,node3,node4关闭防火墙,
[root@node2 ~]# systemctl stop firewalld.service 或者
firewall-cmd --add-service=http 允许http访问都可以
[root@node3 ~]# systemctl stop firewalld.service
[root@node4 ~]# systemctl stop firewalld.service
[root@node1 ~]# curl http://192.168.4.2 #成功

你可能感兴趣的:(自动化,前端,nginx,运维,linux)