Ansible之roles模块--lnmp分布式部署
Ansible之roles模块--lnmp分布式部署
1. role模块的作用
Ansible为了层次化、结构化地组织Playbook,使用了角色(roles),roles可以根据层次型结构自动装载变量文件、task以及handlers等。简单来讲,roles就是通过分别将变量、文件、任务、模块及处理器放置于单独的目录中,并可以便捷地include它们。roles一般用于基于主机构建服务的场景中,但也可以用于构建守护进程等场景中。
2. roles的目录结构
[root@ansible ansible]# tree /etc/ansible/roles/
/etc/ansible/roles/
├── mysql
│ ├── defaults
│ │ └── main.yml
│ ├── files
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── vars
│ └── main.yml
├── nginx
│ ├── defaults
│ │ └── main.yml
│ ├── files
│ │ ├── default.conf
│ │ ├── index.php
│ │ ├── mysql.php
│ │ └── nginx.repo
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── vars
│ └── main.yml
└── php
├── defaults
│ └── main.yml
├── files
│ ├── php-ini
│ └── www.conf
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
└── vars
└── main.yml
3. roles内个目录含义解释
●files
用来存放由 copy 模块或 script 模块调用的文件。
●templates
用来存放 jinjia2 模板,template 模块会自动在此目录中寻找 jinjia2 模板文件。
●tasks
此目录应当包含一个 main.yml 文件,用于定义此角色的任务列表,此文件可以使用 include 包含其它的位于此目录的 task 文件。
●handlers
此目录应当包含一个 main.yml 文件,用于定义此角色中触发条件时执行的动作。
●vars
此目录应当包含一个 main.yml 文件,用于定义此角色用到的变量。
●defaults
此目录应当包含一个 main.yml 文件,用于为当前角色设定默认变量。
●meta
此目录应当包含一个 main.yml 文件,用于定义此角色的特殊设定及其依赖关系。
4. roles创建lamp
4.1 创建以roles命名的目录
yum装完默认已创建
[root@ansible ansible]# ls
ansible.cfg hosts roles
[root@ansible ansible]# pwd
/etc/ansible
[root@ansible ansible]# cd roles
[root@ansible roles]# ll
总用量 0
4.2 创建全局变量目录
[root@ansible roles]# mkdir -p /etc/ansible/group_vars/
[root@ansible roles]# touch /etc/ansible/group_vars/all
#文件名自己定义,使用的时候需注意
4.3 在roles目录中分别创建以个角色名称命令的目录
[root@ansible roles]# mkdir /etc/ansible/roles/nginx
[root@ansible roles]# mkdir /etc/ansible/roles/mysql
[root@ansible roles]# mkdir /etc/ansible/roles/php
4.4 在每个角色命令的目录中创建工作目录
在每个角色命令的目录中分别创建files、handlers、tasks、templates、meta、defaults和vars目录,用不到的目录可以创建为空目录,也可以不创建
[root@ansible roles]# mkdir /etc/ansible/roles/nginx/{files,templates,tasks,handlers,vars,defaults,meta}
[root@ansible roles]# mkdir /etc/ansible/roles/mysql/{files,templates,tasks,handlers,vars,defaults,meta}
[root@ansible roles]# mkdir /etc/ansible/roles/php/{files,templates,tasks,handlers,vars,defaults,meta}
4.5 创建main.yml文件
在每个角色的 handlers、tasks、meta、defaults、vars 目录下创建 main.yml 文件,千万不能自定义文件名
[root@ansible roles]# touch /etc/ansible/roles/nginx/{defaults,vars,tasks,meta,handlers}/main.yml
[root@ansible roles]# touch /etc/ansible/roles/mysql/{defaults,vars,tasks,meta,handlers}/main.yml
[root@ansible roles]# touch /etc/ansible/roles/php/{defaults,vars,tasks,meta,handlers}/main.yml
4.6 修改site.yml文件,针对不用主机去调用不同的角色
[root@ansible roles]# vim /etc/ansible/site.yml
---
- hosts: webservers
remote_user: root
roles:
- nginx
- hosts: dbservers
remote_user: root
roles:
- mysql
- hosts: phpservers
remote_user: root
roles:
- php
4.7 修改主机清单
[webservers]
192.168.122.11
[dbservers]
192.168.122.12
[phpservers]
192.168.122.13
4.8 nginx模块
4.8.1 编写任务脚本
[root@ansible ansible]# vim /etc/ansible/roles/nginx/tasks/main.yml
---
- name: create nginx_yum
copy: src=/etc/ansible/roles/nginx/files/nginx.repo dest=/etc/yum.repos.d/nginx.repo
- name: install apache
yum: name={{pkg}} state=latest
- name: modify configuration file
copy: src=/etc/ansible/roles/nginx/files/default.conf dest=/etc/nginx/conf.d/default.conf
- name: start apache
service: enabled=true name={{svc}} state=started
- name: create php_test web
copy: src=/etc/ansible/roles/nginx/files/index.php dest=/usr/share/nginx/html/index.php
- name: create mysql_test web
copy: src=/etc/ansible/roles/nginx/files/mysql.php dest=/usr/share/nginx/html/mysql.php
- name: install nfs
yum: name=nfs-utils state=present
- name: nfs_share
copy: content="/usr/share/nginx/html/ 192.168.122.0/24(rw)" dest=/etc/exports
- name: start nfs
service: name=nfs state=restarted enabled=yes
4.8.2 定义变量
可以定义在全局变量中,也可以定义在roles角色变量中,一般定义在角色变量中
[root@ansible ansible]# vim /etc/ansible/roles/nginx/vars/main.yml
pkg: nginx
svc: nginx
4.8.3 准备nginx.repo文件
[root@ansible files]# vim /etc/ansible/roles/nginx/files/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
4.8.4 准备nginx配置文件default.conf
取消location ~ .php$域的注释,
修改fastcgi_pass为php的IP和端口
修改fastcgi_param为SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
[root@ansible files]# egrep -v ^' '*# /etc/ansible/roles/nginx/files/default.conf | grep -v '^$'
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root html;
fastcgi_pass 192.168.122.13:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
include fastcgi_params;
}
}
4.8.5 准备测试网页index.php
index.php(用于测试php与nginx的连接)
[root@ansible files]# vim /etc/ansible/roles/nginx/files/index.php
<?php
phpinfo();
?>
mysql.php(用于测试php与mysql的连接)
[root@ansible files]# vim /etc/ansible/roles/nginx/files/mysql.php
<?php
$link=mysqli_connect('192.168.122.12','root','Admin@123');
if($link) echo "<h1>Success!!</h1>";
else echo "Fail!!";
?>
4.9 mysql模块
编写任务脚本
[root@ansible ansible]# vim /etc/ansible/roles/mysql/tasks/main.yml
---
- name: clean mariadb
yum: name=mariadb state=absent
- name: get mysql download source
command: wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
#get_url: url=http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm dest=/etc/yum.repos.d/mysql57-community-release-el7-10.noarch.rpm
- name: install mysql5.7
yum: name=mysql57-community-release-el7-10.noarch.rpm
- name: install mysql-community-server
yum: name=mysql-community-server state=latest
- name: start mysql
service: enabled=true name=mysqld state=started
- name: change passwd
shell: mysqladmin -u root -p"$(grep "password" /var/log/mysqld.log | awk 'NR==1{print $NF}')" password 'Admin@123'
ignore_errors: yes
- name: grant pribileges
command: mysql -uroot -p"Admin@123" -e 'grant all privileges on *.* to root@"%" identified by "Admin@123" with grant option;'
- name: flush privileges
command: mysql -uroot -p"Admin@123" -e 'flush privileges;'
- name: stop auto-update
yum: name=mysql57-community-release-el7-10.noarch state=absent
- name: install nfs
yum: name=nfs-utils state=present
- name: nfs_share
copy: content="/var/lib/mysql/ 192.168.122.0/24(rw)" dest=/etc/exports
- name: start nfs
service: name=nfs state=restarted enabled=yes
4.10 php模块
4.10.1 编写任务脚本
[root@ansible ansible]# vim /etc/ansible/roles/php/tasks/main.yml
---
- name: get epel download source
command: rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
- name: get webtatic download source
command: rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
- name: install php7.2
command: yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-pdo php72w-xml php72w-fpm php72w-mysqlnd php72w-opcache php72w-redis
- name: modify www.conf
copy: src=/etc/ansible/roles/php/files/www.conf dest=/etc/php-fpm.d/www.conf
- name: modify php.ini
copy: src=/etc/ansible/roles/php/files/php-ini dest=/etc/php.ini
- name: create nginx directory
file: path=/usr/share/nginx/html/ state=directory mode=777 recurse=yes
- name: create mysql directory
file: path=/var/lib/mysql/ state=directory mode=777 recurse=yes
- name: mount nginx
mount: src=192.168.122.11:/usr/share/nginx/html/ path=/usr/share/nginx/html/ fstype=nfs state=mounted
- name: mounnt mysql
mount: src=192.168.122.12:/var/lib/mysql/ path=/var/lib/mysql/ fstype=nfs state=mounted
- name: start php
service: name=php-fpm enabled=true state=started
4.10.2 准备www.conf文件
修改listen监听IP和端口为0.0.0.0:9000
修改listen.allowed_clients = 192.168.122.11,设置为nginx的IP地址
[root@ansible files]# egrep -v "^;|^$" /etc/ansible/roles/php/files/www.conf
[www]
user = apache
group = apache
listen = 0.0.0.0:9000
listen.allowed_clients = 192.168.122.11
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
4.10.3 准备php.ini文件
877行,修改date.timezone = Asia/Shanghai
1097行,修改mysqli.default_socket = /var/lib/mysql/mysql.sock
[root@ansible files]# egrep -v "^;|^$" /etc/ansible/roles/php/files/php-ini
[PHP]
engine = On
short_open_tag = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
disable_functions =
disable_classes =
zend.enable_gc = On
expose_php = On
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
post_max_size = 8M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
enable_dl = Off
file_uploads = On
upload_max_filesize = 2M
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
[CLI Server]
cli_server.color = On
[Date]
date.timezone = Asia/Shanghai
[filter]
[iconv]
[intl]
[sqlite]
[sqlite3]
[Pcre]
[Pdo]
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
[mail function]
sendmail_path = /usr/sbin/sendmail -t -i
mail.add_x_header = On
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket = /var/lib/mysql/mysql.sock
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[Assertion]
zend.assertions = -1
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[mcrypt]
[dba]
[curl]
[openssl]
4.11 执行site.yml脚本
[root@ansible roles]# cd /etc/ansible
[root@ansible ansible]# ansible-playbook site.yml
4.12 访问测试网页
访问192.168.122.11/index.php,测试php与nginx的接连
访问192.168.122.11/mysql.php,测试php与mysql的连接
Ansible之roles模块--lnmp分布式部署的更多相关文章
- Docker之LNMP分布式容器部署
Docker之LNMP分布式容器部署 目录 Docker之LNMP分布式容器部署 一.项目模拟 1. 项目环境 2. 服务器环境 3. 任务需求 二.Linux系统基础镜像 三.Nginx 1. 建立 ...
- CentOS7.2非HA分布式部署Openstack Pike版 (实验)
部署环境 一.组网拓扑 二.设备配置 笔记本:联想L440处理器:i3-4000M 2.40GHz内存:12G虚拟机软件:VMware® Workstation 12 Pro(12.5.2 build ...
- Puppet基于Master/Agent模式实现LNMP平台部署
前言 随着IT行业的迅猛发展,传统的运维方式靠大量人力比较吃力,运维人员面对日益增长的服务器和运维工作,不得不把很多重复的.繁琐的工作利用自动化处理.前期我们介绍了运维自动化工具ansible的简单应 ...
- [Docker][ansible-playbook]3 持续集成环境之分布式部署
预计阅读时间: 30分钟 本期解决痛点如下:1. 代码版本的多样性,编译环境的多样性如何解决?答案是使用docker,将不同的编译环境images统统打包到私有仓库上,根据需求进行下载,从宿主机上挂载 ...
- Ansible的roles标准化与Jenkins持续集成(三)
Ansible的roles标准化与Jenkins持续集成(三) 链接:https://pan.baidu.com/s/1A3Iq3gGkGS27L_Gt37_I0g 提取码:ncy2 复制这段内容后打 ...
- Ansible Tower 3.5.1 平台部署和破解
原创 Ansible Tower 3.5.1 平台部署和破解 Ansible Tower (以前叫’AWX’)是能够帮助任何IT团队更容易使用Ansible的解决方案.该方案基于web. Tower允 ...
- Zabbix监控和分布式部署实施方案
最近在研究Zabbix监控,由于机房分布在多个城市,因此采用zabbix proxy做为监控方案,在每 个节点部署zabbix proxy,由zabbix proxy收集agentd数据,然后将采集到 ...
- 【G】开源的分布式部署解决方案文档 - 部署Console & 控制负载均衡 & 跳转持续集成控制台
G.系列导航 [G]开源的分布式部署解决方案 - 导航 设置项目部署流程 项目类型:选择Console,这个跟功能无关,只是做项目分类,后面会有后续功能 宿主:选择Console 部署方式:选择原始, ...
- Jenkins + Maven + Ansible + Tomcat 实现JAVA代码自动部署
自动部署过程: jenkins从svn拉取代码,调用maven去打war包,用ansible去解压war包,最后重启tomcat. 前情回顾:在前面的文章我的环境已经有Jenkins+ansible ...
随机推荐
- 【PowerShell】ASCII与Char之间的转换
1 [char[]][int[]]$char=65..90 2 $char -join ',' 3 [int[]][char[]]$ascii=$char 4 $ascii -join ',' A,B ...
- CentOS7防火墙firewalld 和 CentOS6防火墙iptables的一些配置命令
CentOS7 防火墙 一.防火墙的开启.关闭.禁用.查看状态命令 (1)启动防火墙:systemctl start firewalld (2)关闭防火墙:systemctl stop firewal ...
- elasticsearch算法之词项相似度算法(一)
一.词项相似度 elasticsearch支持拼写纠错,其建议词的获取就需要进行词项相似度的计算:今天我们来通过不同的距离算法来学习一下词项相似度算法: 二.数据准备 计算词项相似度,就需要首先将词项 ...
- 用Python实现一个Picgo图床工具
PyPicGo PyPicGo 是一款图床工具,是PicGo是Python版实现,并支持各种插件自定义插件,目前PyPicGo自带了gitee.github.SM.MS和七牛云图传,以及rename. ...
- 学习AJAX必知必会(4)~同源策略、解决跨域问题(JSONP、CORS)
一.同源策略(Same-Origin Policy),是浏览器的一种安全策略. 1.同源(即url相同):协议.域名.端口号 必须完全相同.(请求是来自同一个服务) 2.跨域:违背了同源策略,即跨域. ...
- python19day
内容回顾 软件开发规范 预计 递归函数1天 re模块2天 logging模块+包的导入+带参数的装饰器1-2天 面向对象6天 网络编程4天 并发编程5-6天 数据库5天 今日内容 模块和实际工作之间的 ...
- 在EntityFrameworkCore中记录EF修改日志,保存,修改字段的原始值,当前值,表名等信息
突发奇想,想把业务修改的所有字段原始值和修改后的值,做一个记录,然后发现使用EF可以非常简单的实现这个功能 覆盖父类中的 SaveShanges() 方法 public new int SaveCha ...
- Java 线程学习笔记
1.什么是线程 进程: 一个正在运行的程序就叫一个进程. 每个进程都有独立的内存空间. (进程是资源分派的基本单位) 线程: 一个进程中可以有很多线程.----> 常说的多线程 线程没有独立的内 ...
- jsp 中的绝对路径和相对路径 ./ 和 ../的区别?
原文地址! https://www.cnblogs.com/brucetie/p/4109913.html 1. 相对路径 相对路径,当前的文件,以根目录为基准,相对于另一个文件的位置. 2.绝对路径 ...
- WebAssembly编译
环境:centos 7.9 1.准备环境 sudo yum install docker sudo systemctl start docker.service sudo docker pull tr ...