ansible_playbook 一键搭建集群架构
目录
服务器主机名和 IP 规划参考模板
| 主机名 | eth0 网卡 | eth1 网卡 | 服务简介 |
|---|---|---|---|
| lb01 | 10.0.0.5/24 | 172.16.1.5/24 | 负载服务 |
| lb02 | 10.0.0.6/24 | 172.16.1.6/24 | 负载服务 |
| web01 | 10.0.0.7/24 | 172.16.1.7/24 | phpwww 服务 |
| web02 | 10.0.0.8/24 | 172.16.1.8/24 | php www 服务 |
| tweb01 | 10.0.0.9/24 | 172.16.1.9/24 | tomcat www 服务 |
| db01 | 10.0.0.51/24 | 172.16.1.51/24 | 数据库服务 |
| nfs01 | 10.0.0.31/24 | 172.16.1.31/24 | 存储服务 |
| backup | 10.0.0.41/24 | 172.16.1.41/24 | 备份服务 |
| m01 | 10.0.0.61/24 | 172.16.1.61/24 | 管理服务 |
基础优化
修改ip地址
sed -i 's#222#61#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
永久修改主机名
[root@oldboy-c7 ~]# hostnamectl set-hostname oldboyedu-cc7
[root@web01 data]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lo02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 sweb
172.16.1.31 nfs
172.16.1.41 backup
172.16.1.51 db
#批量推送其他主机
[root@web01 data]# scp -rp /etc/hosts root@172.16.1.31:/etc/
//2.关闭firewalld防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
//3.关闭selinux
# 方式一
sed -ri 's#(^SELINUX=).*#\1disabled#g' /etc/selinux/config
# 方式二
sed -i '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config
# 方式三
vim /etc/selinux/config
# 临时生效
setenforce 0
//4.优化ulimit
echo '* - nofile 65535' >> /etc/security/limits.conf
//5 重启快照
SSH、Ansible,批量管理服务项目
1.创建密钥对
[root@m01 ~]# ssh-keygen -t rsa -C xuliangwei.com #一路回车即可
[root@m01 ~]# ls ~/.ssh/
id_rsa(钥匙) id_rsa.pub(锁头)
2#发送密钥给需要登录的用户
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31
# 测试
#远程登录对端主机方式
[root@m01 ~]# ssh root@172.16.1.41
# 不登陆主机执行命令
[root@m01 ~]# ssh root@172.16.1.41 "hostname -i"
.ansible借助公钥批量管理
#利用非交换式工具实现批量分发公钥与批量管理服务器
[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41
[root@m01 ~]# yum install ansible -y
//检查ansible版本
[root@m01 ~]# ansible --version
ansible 2.6.1
配置ansible 主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[lb]
172.16.1.5
172.16.1.6
[web]
172.16.1.7
172.16.1.8
[sweb]
172.16.1.9
[nfs]
172.16.1.31
[backup]
172.16.1.41
[db]
172.16.1.51
测试
# ansible是通过ssh端口探测通信
[root@m01 ~]# ansible all -m ping
#批量执行命令
[root@m01 ~]# ansible all -m command -a "df -h"
[root@m01 ~]# ansible all -m command -a "hostname"
剧本开始…………….10分钟左右
mail.yaml
- import_playbook: base.yaml
- import_playbook: rsync.yaml
- import_playbook: nfs.yaml
- import_playbook: sersync.yaml
- import_playbook: web.yaml
- import_playbook: tweb.yaml
- import_playbook: lb.yaml
- import_playbook: keepalived.yaml
- import_playbook: keepalived02.yaml
- import_playbook: mysql.yaml
base.yaml
- hosts: all
tasks:
# - name: Clear yum.repos.d
# file: path=/etc/yum.repos.d/ state=absent
#
# - name: Create yum.repos.d
# file: path=/etc/yum.repos.d/ state=directory
# - name: install aliyun base
# get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo
#
# - name: install aliyun epel
# get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
- name: Push centos75
copy: src=./file/contos75.repo dest=/etc/yum.repos.d/
- name: Push ops
copy: src=./file/ops.repo dest=/etc/yum.repos.d/
# - name: Dns Client
# copy: src=./conf/resolv.conf dest=/etc/resolv.conf
- name: Install base soft
yum: name=rsync,nfs-utils,net-tools,vim,tree,htop,iftop,iotop,lrzsz,sl,wget,unzip,telnet,nmap,nc,psmisc,dos2unix,bash-completion,iotop,iftop,sysstat,screen,zip state=installed
- name: Create Group WWW
group: name=www gid=666
- name: Create User WWW
user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin
- name: Create Rsync_Client_Pass
copy: content='1' dest=/etc/rsync.pass mode=600
- name: Create Sripts Directory
file: path=/server/scripts/ recurse=yes state=directory
- name: Push Scripts
copy: src=./scripts/rsync_backup_md5.sh dest=/server/scripts/
- name: Crontable Scripts
cron: name="backup scripts" hour=01 minute=00 job="/usr/bin/bash /server/scripts/rsync_backup_md5.sh &>/dev/null"
rsync.yaml
- hosts: backup
tasks:
- name: Install Rsync Server
yum: name=rsync,mailx state=installed
- name: Configure Rsync Server
copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart Rsync Server
- name: Create Date
file: path=/data state=directory owner=www group=www mode=755
- name: Create Backup
file: path=/backup state=directory owner=www group=www mode=755
- name: Create Virt User
copy: content='rsync_backup:1' dest=/etc/rsync.password mode=600
- name: Start RsyncServer
service: name=rsyncd state=started enabled=yes
- name: Push Check Scripts
copy: src=./scripts/rsync_check_backup.sh dest=/server/scripts/
- name: Crond Check Scripts
cron: name="check scripts" hour=05 minute=00 job="/usr/bin/bash /server/scripts/rsync_check_backup.sh &>/dev/null"
handlers:
- name: Restart Rsync Server
service: name=rsyncd state=restarted
nfs.yaml
- hosts: nfs
tasks:
- name: Installed Nfs Server
yum: name=nfs-utils state=installed
- name: Configure Nfs Server
copy: src=./conf/exports dest=/etc/exports
notify: Restart Nfs Server
- name: Create Share Data
file: path=/data state=directory owner=www group=www mode=755
- name: Create Share /data{}
shell: mkdir /data/{wordpress,wecenter,jpress} -p
- name: Chown -R www.www /data
file: path=/data recurse=yes owner=www group=www
- name: Start Nfs Server
service: name=nfs-server state=started enabled=yes
handlers:
- name: Restart Nfs Server
service: name=nfs-server state=restarted
sersync.yaml
- hosts: nfs
tasks:
- name: Scp Sersync
copy: src=./file/sersync2.5.4_64bit_binary_stable_final.tar.gz dest=/usr/local/sersync.tar.gz
- name: Zip
shell: cd /usr/local && tar xf sersync.tar.gz && mv GNU-Linux-x86 sersync
args:
creates: /usr/local/sersync
- name: configure Sersync
copy: src=./conf/confxml.xml dest=/usr/local/sersync/confxml.xml
notify: kill old sersync and restart new sersync
- name: Start Sersync
shell: pgrep sersync;
[ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
handlers:
- name: kill old sersync and restart new sersync
shell: pegrep sersync | xargs kill -9;
/usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
web.yaml
- hosts: web
tasks:
# - name: Mount NFS Server Share Date
# mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted
- name: Install Mariadb
yum: name=mysql state=installed
- name: Install nginx
yum: name=nginx state=installed
- name: nginx.conf copy
copy: src=./conf/nginx.conf dest=/etc/nginx/nginx.conf
notify: Restart nginx
- name: install php7.1
yum: name=php71w,php71w-cli,php71w-common,php71w-devel,php71w-embedded,php71w-gd,php71w-mcrypt,php71w-mbstring,php71w-pdo,php71w-xml,php71w-fpm,php71w-mysqlnd,php71w-opcache,php71w-pecl-memcached,php71w-pecl-redis,php71w-pecl-mongodb state=installed
- name: Copy www.conf
copy: src=./conf/www.conf dest=/etc/php-fpm.d/www.conf
notify: Restart php-fpm
- name: Copy php.ini
copy: src=./conf/php.ini dest=/etc/php.ini
notify: Restart php-fpm
- name: Start php-fpm
service: name=php-fpm state=started enabled=yes
#- name: Unzip kaoshi.zip
# unarchive: src=./file/kaoshi.zip dest=/data/ creates=/data/index.html
- name: Start nginx
service: name=nginx state=started enabled=yes
- name: Del /etc/nginx/conf.d/default.conf
file: path=/etc/nginx/conf.d/default.conf state=absent
- name: Copy conf.d/*
unarchive: src=./conf/conf.zip dest=/etc/nginx/conf.d/ creates=/etc/nginx/conf.d/wecenter.conf
- name: Copy ./file/ssl_key.zip
unarchive: src=./file/ssl_key.zip dest=/etc/nginx/ creates=/etc/nginx/ssl_key/server.crt
- name: Create /code
file: path=/code/ recurse=yes state=directory mode=755 owner=www group=www
- name: Copy /code.zip
unarchive: src=./file/code.zip dest=/code/ creates=/code/wordpress/index.php
- name: chown www.www /code
file: path=/code owner=www group=www mode=0755
# - name: Mount data
# mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted
- name: Mount wordpress
mount: src=172.16.1.31:/data/wordpress path=/code/wordpress/wp-content/uploads fstype=nfs opts=defaults state=mounted
- name: Mount wecenter
mount: src=172.16.1.31:/data/wecenter path=/code/wecenter/uploads fstype=nfs opts=defaults state=mounted
- name: Start nginx
service: name=nginx state=started enabled=yes
# - name: recovery data
# shell: cp -rp /code/wecenter/uploads_bak/* /code/wecenter/uploads/ && cp -rp /code/wordpress/wp-content/uploads_bak/* /code/wordpress/wp-content/uploads/
handlers:
- name: Restart nginx
service: name=nginx state=restarted enabled=yes
- name: Restart php-fpm
service: name=php-fpm state=restarted enabled=yes
tweb.yaml
- hosts: sweb
tasks:
- name: Install java jarjar
yum: name=java,jarjar-maven-plugin state=installed
- name: Create /server
file: path=/server/scripts/ recurse=yes state=directory
- name: Unzip tomcat8_1.zip
unarchive: src=./file/tomcat8_1.zip dest=/server/ creates=/server/tomcat8_1/bin/startup.sh
- name: Configgurl copy
copy: src=./conf/server.xml dest=/server/tomcat8_1/conf/server.xml
notify: Restart tomcat
- name: chown www
file: path=/server/tomcat8_1 recurse=yes owner=www group=www
- name: Start tomcat8_1
# command: /server/tomcat8_1/bin/startup.sh
shell: /server/tomcat8_1/bin/startup.sh
- name: Mount NFS Server Share jpress
mount: src=172.16.1.31:/data/jpress path=/server/tomcat8_1/webapps/jpress/attachment fstype=nfs opts=defaults state=mounted
# - name: Recovery data
# shell: cd /server/tomcat8_1/webapps/jpress && cp -rp attachment_bak/* attachment/
# - name chown www
# shell: chown -R www.www /server/tomcat8_1/webapps
# handlers:
# - name: Restart tomcat
# shell: /server/tomcat8_1/bin/shutdown.sh && /server/tomcat8_1/bin/startup.sh
lb.yaml
- hosts: lb
tasks:
- name: install nginx
yum: name=nginx state=installed
- name: Del /etc/nginx/conf.d/default.conf
file: path=/etc/nginx/conf.d/default.conf state=absent
- name: Copy ds.conf
copy: src=./lb/ds.conf dest=/etc/nginx/conf.d/ds.conf
notify: Restart nginx
- name: Copy proxy-https.conf
copy: src=./lb/proxy-https.conf dest=/etc/nginx/conf.d/proxy-https.conf
notify: Restart nginx
- name: Copy ./file/ssl_key.zip
unarchive: src=./file/ssl_key.zip dest=/etc/nginx/ creates=/etc/nginx/ssl_key/server.crt
- name: Copy proxy_params
copy: src=./lb/proxy_params dest=/etc/nginx/proxy_params
notify: Restart nginx
- name: start nginx
service: name=nginx state=started enabled=yes
handlers:
- name: Restart nginx
service: name=nginx state=restarted enabled=yes
keepalived.yaml
- hosts: lb
tasks:
- name: install keepalived
yum: name=keepalived state=installed
- name: Copy keepalived.conf
copy: src=./lb/keepalived.conf dest=/etc/keepalived/keepalived.conf
notify: Restart keepalived
- name: start keepalived
service: name=keepalived state=started enabled=yes
handlers:
- name: Restart keepalived
service: name=keepalived state=restarted enabled=yes
keepalived2.yaml
- hosts: 172.16.1.6
tasks:
- name: Copy keepalived2.conf
copy: src=./lb/keepalived2.conf dest=/etc/keepalived/keepalived.conf
notify: Restart keepalived
- name: start keepalived
service: name=keepalived state=started enabled=yes
handlers:
- name: Restart keepalived
service: name=keepalived state=restarted enabled=yes
mysql.yaml
- hosts: db
tasks:
- name: Install mysql-community
yum: name=mysql-community-server state=installed
- name: Start mysqld
service: name=mysqld state=started enabled=yes
# - name: copy /etc/my.cnf
# copy: src=./conf/my.cnf dest=/etc/my.cnf
# - name: Restart mysqld
# service: name=mysqld state=restarted enabled=yes
# - name: modify mysql passwd
# shell: mysql -uroot -se "update mysql.user set authentication_string=password('Ckh123.com') where user='root';"
# - name: modify my.cnf
# shell: sed '20s#skip-grant-tables##pg' /etc/my.cnf
# - name: Restart mysqld
# service: name=mysqld state=restarted enabled=yes
# - name: Grant all user
# shell: mysql -uroot -pCkh123.com mysql -se "update user set host = '%' where user = 'root';"
# - name: flush privileges
# shell: mysql -uroot -p'Ckh123.com' -se "flush privileges;"
# - name: Create daabase
# shell: mysql -uroot -p'Ckh123.com' -se "create database wordpress;"
- name: Copy backup.sql
copy: src=./file/2018-10-0613-mysql-all.sql dest=/tmp/
# - name: Input mysql
# shell: mysql -uroot -p'Ckh123.com'</root/2018-09-2417-mysql-all.sql
善后操作
#4.由于mysql5.7默认配置了默认密码, 需要过滤temporary password关键字查看对应登陆数据库密码
[root@nginx ~]# grep 'temporary password' /var/log/mysqld.log
#5.登陆mysql数据库[password中填写上一步过滤的密码]
[root@web02 ~]# mysql -uroot -p$(awk '/temporary password/{print $NF}' /var/log/mysqld.log)
#6.重新修改数据库密码
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Ckh123.com';
# 服务器mysql允许远程用户连接 (授权法)
grant all privileges on *.* to 'all'@'%' identified by 'Ckh123.com';
flush privileges;
1.老服务器操作
#1.指定导出对应的数据库文件。
[root@web02 ~]# mysqldump -uroot -p'Ckh123.com' --all-databases --single-transaction > `date +%F%H`-mysql-all.sql
#2.传输备份数据库文件至新服务器
[root@web02 zh]# scp 2018-10-0613-mysql-all.sql root@10.0.0.51:/tmp
2.新服务器操作
#1.导入数据库
[root@db01 ~]# cd /tmp && mysql -uroot -p'Ckh123.com' < 2018-10-0613-mysql-all.sql
# 手动启动tomcat8
/usr/bin/sh /server/tomcat8_1/bin/startup.sh
扩展 zip命令使用
# 当前目录下 所有文件 压缩包
[root@web01 conf.d]# zip conf.zip ./*
# -r 递归所有目录
[root@web01 conf.d]# zip -r conf.zip ./*
2.unzip
unzip -o -d /home/sunny myfile.zip
把myfile.zip文件解压到 /home/sunny/
-o:不提示的情况下覆盖文件;
-d:-d /home/sunny 指明将文件解压缩到/home/sunny目录下;
3.其他
zip -d myfile.zip smart.txt
删除压缩文件中smart.txt文件
zip -m myfile.zip ./rpm_info.txt
向压缩文件中myfile.zip中添加rpm_info.txt文件
源码下载地址
链接:https://pan.baidu.com/s/1KqE4sdDdQxhIHJyK4QFfuw 密码:cwtn
ansible_playbook 一键搭建集群架构的更多相关文章
- redis在Windows下以后台服务一键搭建集群(多机器)
redis在Windows下以后台服务一键搭建集群(多机器) 一.概述 此教程介绍如何在windows系统中多台机器之间布置redis集群,同时要以后台服务的模式运行.布置以脚本的形式,一键完成.多台 ...
- redis在Windows下以后台服务一键搭建集群(单机--伪集群)
redis在Windows下以后台服务一键搭建集群(单机--伪集群) 一.概述 此教程介绍如何在windows系统中同一台机器上布置redis伪集群,同时要以后台服务的模式运行.布置以脚本的形式,一键 ...
- MongoDB集群架构及搭建
MongoDB分布式集群 MongDB分布式集群能够对数据进行备份,提高数据安全性,以及提高集群提高读写服务的能力和数据存储能力.主要通过副本集(replica)对数据进行备份,通过分片(shardi ...
- 架构之路:nginx与IIS服务器搭建集群实现负载均衡(二)
[前言] 在<架构之路:nginx与IIS服务器搭建集群实现负载均衡(一)>中小编简单的讲解了Nginx的原理!俗话说:光说不练假把式.接下来,小编就和大家一起来做个小Demo来体会一下N ...
- 架构之路:nginx与IIS服务器搭建集群实现负载均衡(三)
参考网址:https://blog.csdn.net/zhanghan18333611647/article/details/50811980 [前言] 在<架构之路:nginx与IIS服务器搭 ...
- Mongodb集群搭建之 Sharding+ Replica Sets集群架构(2)
参考http://blog.51cto.com/kaliarch/2047358 一.概述 1.1 背景 为解决mongodb在replica set每个从节点上面的数据库均是对数据库的全量拷贝,从节 ...
- Hadoop化繁为简-从安装Linux到搭建集群环境
简介与环境准备 hadoop的核心是分布式文件系统HDFS以及批处理计算MapReduce.近年,随着大数据.云计算.物联网的兴起,也极大的吸引了我的兴趣,看了网上很多文章,感觉还是云里雾里,很多不必 ...
- linux集群架构
Linux集群架构 根据功能划分为两大类:高可用和负载均衡 高可用集群通常为两台服务器,一台工作,另外一台作为冗余,当提供服务的机器宕机,冗余将接替继续提供服务 实现高可用的开源软件有:heart ...
- 网站集群架构(LVS负载均衡、Nginx代理缓存、Nginx动静分离、Rsync+Inotify全网备份、Zabbix自动注册全网监控)--技术流ken
前言 最近做了一个不大不小的项目,现就删繁就简单独拿出来web集群这一块写一篇博客.数据库集群请参考<MySQL集群架构篇:MHA+MySQL-PROXY+LVS实现MySQL集群架构高可用/高 ...
随机推荐
- Intellij Idea 无法启动项目的配置坑
1. run/debug configuration里面,tomcat的deployment点击添加不能自动创建war-explorded包: 方案:删除project libraries,重新mav ...
- 使用前端技术和MySQL+PHP制作自己的一个个人博客网站
源代码地址:https://github.com/YauCheun/BlogCode 我的博客网站地址:http://www.yublog.fun/ 制作前景: 想拥有一个自己独自开发的一个小型博客网 ...
- 安装Adobe时出现Adobe Application Manager丢失或损坏解决方法
很多朋友在安装Adobe系列产品时出现Adobe Application Manager丢失或损坏,这是由于上次安装的Adobe产品没有正确卸载,导致这次安装失败.那么如何解决这一问题呢? 1.下载安 ...
- 第一周 IP通信基础学习回顾
这周的课程首先让我们学习了计算机网络概述,了解计算机网络的定义和功能分别是:资源共享,信息传输与集中处理,负载均衡与分布处理,综合信息服务.同时也对计算机网络的演进,计算机网络的分类,计算机网络的性能 ...
- C# 《编写高质量代码改善建议》整理&笔记 --(三)泛型&委托&事件
1.泛型 基于泛型,我们可以将类型参数化,以便更大范围地进行代码复用.同时,它减少了泛型类及泛型方法中的转型, 确保类型安全. 1)总是优先考虑泛型 优点:可重用性,类型安全,高效率. 2)避免在泛型 ...
- 学习ASP.NET Core Razor 编程系列十六——排序
学习ASP.NET Core Razor 编程系列目录 学习ASP.NET Core Razor 编程系列一 学习ASP.NET Core Razor 编程系列二——添加一个实体 学习ASP.NET ...
- 【微信小程序项目实践总结】30分钟从陌生到熟悉
前言 我们之前对小程序做了基本学习: 1. 微信小程序开发07-列表页面怎么做 2. 微信小程序开发06-一个业务页面的完成 3. 微信小程序开发05-日历组件的实现 4. 微信小程序开发04-打造自 ...
- sql:常用函数
1.验证是否是null,是则替换ISNULL(Weight, 50) SELECT AVG(ISNULL(Weight, 50))FROM Production.Product; 2.连接多个字符串 ...
- [orleans2.1]这是你没玩过的船新版本
不知不觉orleans就发布到2.1版本的,但是说也奇怪orleans越是完善我发现园子相关的博客就越少,大概是大佬都在美滋滋用在生产环境,不屑于玩demo了吧. 但是小弟不才还是只会玩demo,所以 ...
- Less与TypeScript的简单理解与应用,并使用WebPack打包静态页面
既然选择了远方,便只顾风雨兼程 __ HANS许 系列:零基础搭建前后端分离项目 系列:零基础搭建前后端分离项目 创建空项目 使用Less 使用TypeScript 使用WebPack 开始写项目 总 ...