编写Linux初始化剧本

初始化剧本环节,主要用户实现关闭Selinux关闭防火墙,一起配置一下阿里云的YUM源地址,和安装EPEL源,为后期的zabbix安装做好铺垫工作.

1.在安装Zabbix之前,我们需要创建一些东西,也就是一些初始化工作,首先我们先来同步一下密钥对.

[root@localhost ~]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:xZxM9bunwBsS03gGT5HGT4LvOnJHdr5Bwl/Iit7qQN8 root@localhost.localdomain

The keys randomart image is:

+---[RSA 2048]----+

|          .+o.   |

|         =..=o.  |

|          Bo.+.  |

|         . B...o |

|        S +.B = .|

|       . . O+=.o |

|        . ++Eo+ .|

|        .o+o.+.+ |

|         +++o o. |

+----[SHA256]-----+

[root@localhost ~]# ssh-copy-id root@192.168.10.20

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host 192.168.10.20 (192.168.10.20) can t be established.

ECDSA key fingerprint is SHA256:2kWFaV72YVvAl2EU2Zop4uAjP3Gy2jW92d0Va/HrSMM.

ECDSA key fingerprint is MD5:fc:6c:91:b0:02:e6:7e:98:52:af:0d:b3:47:d4:69:ef.

Are you sure you want to continue connecting (yes/no)? yes

root@192.168.10.20 s password: 

[root@localhost ~]# ssh-copy-id root@192.168.10.30

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host 192.168.10.30 (192.168.10.30) cant be established.

ECDSA key fingerprint is SHA256:2kWFaV72YVvAl2EU2Zop4uAjP3Gy2jW92d0Va/HrSMM.

ECDSA key fingerprint is MD5:fc:6c:91:b0:02:e6:7e:98:52:af:0d:b3:47:d4:69:ef.

Are you sure you want to continue connecting (yes/no)? yes

root@192.168.10.30's password:

2.其次创建一个目录用于存放剧本中需要用到的数据文件等,如果你有一些配置文件需要拷贝,此时应该放在本目录下方便剧本调用.

[root@localhost ~]# mkdir playbook

[root@localhost ~]# cd playbook/

[root@localhost playbook]# ls -lh

total 8.0K

-rw-r--r--. 1 root root 30 Dec  3 10:45 hosts

-rw-r--r--. 1 root root 30 Dec  3 10:45 main.yml

3.接着创建一个用户主机列表,这里我们就在当前目录下创建一个Hosts文件即可,如果有很多太主机可以使用简写.

[root@localhost playbook]# vim hosts

[root@localhost playbook]# cat hosts 

[zabbix_server]

192.168.10.20

192.168.10.30

#[test]               #此处注释,只做说明,定义从20-100网段的主机

#192.168.10.2[0:100]

4.其次我们开始编写一个剧本,用户给目标主机初始化工作,下面我们来看一下代码片段:

---

#----------------------------------------------------------

# 初始化,关闭防火墙,和SELinux

 - hosts: zabbix_server

   tasks:

     - name: off selinux

       shell: setenforce 0

     - name: seline modify enforcing

       lineinfile:

           dest: /etc/selinux/config

           regexp: '^SELINUX='

           line: 'SELINUX=disabled'

     - name: off iptables

       shell: iptables -F

     - name: off iptables

       lineinfile:

           dest: /etc/bashrc

           line: 'iptables -F'

#----------------------------------------------------------

# 安装部署LAMP环境,通过YUM模块快速安装

 - hosts: zabbix_server

   tasks:

    - name: install LAMP

      yum: name={{item}} state=installed

      with_items:

          - httpd

          - httpd-devel

          - mariadb

          - mariadb-server

          - php

          - php-mysql

    - name: start httpd

      shell: systemctl restart httpd

    - name: start mariadb

      shell: systemctl restart mariadb

#----------------------------------------------------------

以上片段,有几个关键地方需要说明一下:

name: seline modify enforcing这个标签下方,lineinfile语句主要实现了,正则替换的目的,如果在/etc/selinux/config目录下搜索到开头是SELINUX=的字母,则自动替换成SELINUX=disabled

name: off iptables这个标签下方,lineinfile语句主要实现了,在/etc/bashrc最下面添加一个新字段iptables -F,目的是开机后自动清除防火墙规则.

好了,上方的剧本片段就可以实现初始化工作,关闭防火墙等,接着安装LAMP环境.

编写Zabbix服务端剧本

zabbix-Server 安装的 tasks 比较多,因为它涉及数据库的安装以及配置,这里就不介绍了,还有 MySQL 没有使用 Ansible 自带的模块进行 MySQL 数据库和用户的管理,建议编写 task 的时候尽量使用 Ansible 自带的模块进行配置管理,不仅仅是方便使用,而且 Ansible 官方的模块对整个状态管理做得很好.

# 下载YUM源地址,更新EPEL源,安装Zabbix

 - hosts: zabbix_server

   tasks:

     - name: clear YUM

       shell: rm -fr /etc/yum.repos.d/*

     - name: install YUM EPEL

       get_url: 'url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo'

     - name: yum install EPEL

       yum: name=epel-release state=installed

     - name: install zabbix.repo

       shell: rpm -i http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-2.el7.noarch.rpm

     - name: install zabbix

       yum: name={{item}} state=installed

       with_items:

           - zabbix-server-mysql

           - zabbix-web-mysql

           - zabbix-agent

     - name: start zabbix-server

       shell: systemctl restart zabbix-server

     - name: start zabbix-agent

       shell: systemctl restart zabbix-agent

#----------------------------------------------------------

# 安装配置数据库权限,导入zabbix数据库.

 - hosts: zabbix_server

   tasks:

     - name: set mariadb password

       shell: mysqladmin -u root password 'ansible'

     - name: create zabbix master databases

       shell: mysql -uroot -pansible -e 'create database zabbix character set utf8 collate utf8_bin;'

     - name: set zabbix master databases grant

       shell: mysql -uroot -pansible -e 'grant all privileges on zabbix.* to zabbix@localhost identified by "zabbix";'

     - name: import zabbix initial data SQL shell

       shell: zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -pzabbix zabbix

最后一部分内容,配置Zabbix配置文件,和配置相关的操作,比如PHP的调优等.

#----------------------------------------------------------

# 修改并拷贝配置文件,给予权限

---

 - hosts: zabbix_server

   tasks:

     - name: edit zabbix dbhost

       lineinfile:

          dest: /etc/zabbix/zabbix_server.conf

          regexp: '# DBHost=localhost'

          line: 'DBHost=localhost'

     - name: edit zabbix dbpasswd

       lineinfile:

           dest: /etc/zabbix/zabbix_server.conf

           regexp: '# DBPassword='

           line: 'DBPassword=zabbix'

     - name: cp zabbix web

       shell: cp -a /usr/share/zabbix/* /var/www/html/

     - name: chmod web

       shell: chmod 755 -R /var/www/html/*

     - name: chown web

       shell: chown apache.apache -R /var/www/html/*

     - name: set php

       shell: echo "date.timezone = Asia/Shanghai" >> /etc/php.ini

     - name: set php

       shell: echo "max_execution_time = 300" >> /etc/php.ini

     - name: set php

       shell: echo "max_input_time = 300" >> /etc/php.ini

     - name: set php

       shell: echo "post_max_size = 32M" >> /etc/php.ini

     - name: set php

       shell: echo "memory_limit = 128M" >> /etc/php.ini

     - name: set php

       shell: echo "mbstring.func_overload = 0" >> /etc/php.ini

     - name: start http mysql zabbix

       shell: systemctl restart httpd ; systemctl restart mariadb

     - name: start http mysql zabbix

       shell: systemctl restart zabbix-server ; systemctl restart zabbix-agent

     - name: enabled http mysql zabbix

       shell: systemctl enable httpd ; systemctl enable mariadb

     - name: start http mysql zabbix

       shell: systemctl enable zabbix-server ; systemctl enable zabbix-agent

好了,最后我们把这三块内容整合到一起就是一个完整的剧本啦,这里需要说明的是,本人并没有按照标准化流程来编写剧本,因为如果那样的话看上去反而不容易入门,毕竟生产环境中,下面这些东西相信也足够使用啦.

---

#----------------------------------------------------------

# 初始化,关闭防火墙,和SELinux

 - hosts: zabbix_server

   tasks:

     - name: off selinux

       shell: setenforce 0

     - name: seline modify enforcing

       lineinfile:

           dest: /etc/selinux/config

           regexp: '^SELINUX='

           line: 'SELINUX=enforcing'

     - name: off iptables

       shell: iptables -F

     - name: off iptables

       lineinfile:

           dest: /etc/bashrc

           line: 'iptables -F'

#----------------------------------------------------------

# 安装部署LAMP环境,通过YUM模块快速安装

 - hosts: zabbix_server

   tasks:

    - name: install LAMP

      yum: name={{item}} state=installed

      with_items:

          - httpd

          - httpd-devel

          - mariadb

          - mariadb-server

          - php

          - php-mysql

    - name: start httpd

      shell: systemctl restart httpd

    - name: start mariadb

      shell: systemctl restart mariadb

#----------------------------------------------------------

# 下载YUM源地址,更新EPEL源,安装Zabbix

 - hosts: zabbix_server

   tasks:

     - name: clear YUM

       shell: rm -fr /etc/yum.repos.d/*

     - name: install YUM EPEL

       get_url: 'url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo'

     - name: yum install EPEL

       yum: name=epel-release state=installed

     - name: install zabbix.repo

       shell: rpm -i http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-2.el7.noarch.rpm

     - name: install zabbix

       yum: name={{item}} state=installed

       with_items:

           - zabbix-server-mysql

           - zabbix-web-mysql

           - zabbix-agent

     - name: start zabbix-server

       shell: systemctl restart zabbix-server

     - name: start zabbix-agent

       shell: systemctl restart zabbix-agent

#----------------------------------------------------------

# 安装配置数据库权限,导入zabbix数据库.

 - hosts: zabbix_server

   tasks:

     - name: set mariadb password

       shell: mysqladmin -u root password 'ansible'

     - name: create zabbix master databases

       shell: mysql -uroot -pansible -e 'create database zabbix character set utf8 collate utf8_bin;'

     - name: set zabbix master databases grant

       shell: mysql -uroot -pansible -e 'grant all privileges on zabbix.* to zabbix@localhost identified by "zabbix";'

     - name: import zabbix initial data SQL shell

       shell: zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -pzabbix zabbix

#----------------------------------------------------------

# 修改并拷贝配置文件,给予权限

 - hosts: zabbix_server

   tasks:

     - name: edit zabbix dbhost

       lineinfile:

          dest: /etc/zabbix/zabbix_server.conf

          regexp: '# DBHost=localhost'

          line: 'DBHost=localhost'

     - name: edit zabbix dbpasswd

       lineinfile:

           dest: /etc/zabbix/zabbix_server.conf

           regexp: '# DBPassword='

           line: 'DBPassword=zabbix'

     - name: cp zabbix web

       shell: cp -a /usr/share/zabbix/* /var/www/html/

     - name: chmod web

       shell: chmod 755 -R /var/www/html/*

     - name: chown web

       shell: chown apache.apache -R /var/www/html/*

     - name: set php

       shell: echo "date.timezone = Asia/Shanghai" >> /etc/php.ini

     - name: set php

       shell: echo "max_execution_time = 300" >> /etc/php.ini

     - name: set php

       shell: echo "max_input_time = 300" >> /etc/php.ini

     - name: set php

       shell: echo "post_max_size = 32M" >> /etc/php.ini

     - name: set php

       shell: echo "memory_limit = 128M" >> /etc/php.ini

     - name: set php

       shell: echo "mbstring.func_overload = 0" >> /etc/php.ini

     - name: start http mysql zabbix

       shell: systemctl restart httpd ; systemctl restart mariadb

     - name: start http mysql zabbix

       shell: systemctl restart zabbix-server ; systemctl restart zabbix-agent

     - name: enabled http mysql zabbix

       shell: systemctl enable httpd ; systemctl enable mariadb

     - name: start http mysql zabbix

       shell: systemctl enable zabbix-server ; systemctl enable zabbix-agent

接着写完了这些配置以后,我们运行下面的几条命令,检查一下上面的文件是否有语法错误,和检查主机列表是否生效了.

[root@localhost playbook]# ansible-playbook -i hosts main.yml --syntax-check

playbook: main.yml

[root@localhost playbook]# ansible-playbook -i hosts main.yml --list-task

playbook: main.yml

[root@localhost playbook]# ansible-playbook -i hosts main.yml --list-hosts

playbook: main.yml

    pattern: [u'zabbix_server']

    hosts (2):

      192.168.10.20

      192.168.10.30

执行剧本: 确认过以后,直接使用下面的命令一键部署,我们写好的PlayBook剧本,此时我们等它一会.

[root@localhost playbook]# ansible-playbook -i hosts main.yml

PLAY [zabbix_server] *********************************************************************

TASK [Gathering Facts] *******************************************************************

ok: [192.168.10.30]

ok: [192.168.10.20]

....省略....

PLAY RECAP *******************************************************************************

192.168.10.20              : ok=5    changed=4    unreachable=0    failed=0

192.168.10.30              : ok=5    changed=4    unreachable=0    failed=0

本笔记介绍了如何使用 Ansible 去快速部署 Zabbix 监控系统,从中你是不是学到了很多部署方面的技巧了呢,其实ansible也就这样.

编写Zabbix被控端剧本

1.在安装Zabbix客户端之前,我们需要创建一些东西,也就是一些初始化工作,首先我们先来同步一下密钥对.

[root@localhost ~]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:xZxM9bunwBsS03gGT5HGT4LvOnJHdr5Bwl/Iit7qQN8 root@localhost.localdomain

The keys randomart image is:

+---[RSA 2048]----+

|          .+o.   |

|         =..=o.  |

|          Bo.+.  |

|         . B...o |

|        S +.B = .|

|       . . O+=.o |

|        . ++Eo+ .|

|        .o+o.+.+ |

|         +++o o. |

+----[SHA256]-----+

[root@localhost ~]# ssh-copy-id root@192.168.10.20

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host 192.168.10.20 (192.168.10.20) can t be established.

ECDSA key fingerprint is SHA256:2kWFaV72YVvAl2EU2Zop4uAjP3Gy2jW92d0Va/HrSMM.

ECDSA key fingerprint is MD5:fc:6c:91:b0:02:e6:7e:98:52:af:0d:b3:47:d4:69:ef.

Are you sure you want to continue connecting (yes/no)? yes

root@192.168.10.20 s password: 

[root@localhost ~]# ssh-copy-id root@192.168.10.30

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host 192.168.10.30 (192.168.10.30) cant be established.

ECDSA key fingerprint is SHA256:2kWFaV72YVvAl2EU2Zop4uAjP3Gy2jW92d0Va/HrSMM.

ECDSA key fingerprint is MD5:fc:6c:91:b0:02:e6:7e:98:52:af:0d:b3:47:d4:69:ef.

Are you sure you want to continue connecting (yes/no)? yes

root@192.168.10.30's password:

2.其次创建一个目录用于存放剧本中需要用到的数据文件等,如果你有一些配置文件需要拷贝,此时应该放在本目录下方便剧本调用.

[root@localhost ~]# mkdir playbook

[root@localhost ~]# cd playbook/

[root@localhost playbook]# ls -lh

total 8.0K

-rw-r--r--. 1 root root 30 Dec  3 10:45 hosts

-rw-r--r--. 1 root root 30 Dec  3 10:45 main.yml

-rw-r--r--. 1 root root 378908 Dec  4 07:04 zabbix-agent-4.0.0-1.1.el7.x86_64.rpm

3.接着创建一个用户主机列表,这里我们就在当前目录下创建一个Hosts文件即可,如果有很多太主机可以使用简写.

[root@localhost playbook]# vim hosts

[root@localhost playbook]# cat hosts 

[zabbix_client]

192.168.10.20

192.168.10.30

#[test]               #此处注释,只做说明,定义从20-100网段的主机

#192.168.10.2[0:100]

4.编写一个批量修改的PlayBook,这个剧本很小巧所以无需分开来介绍,直接一条道走到黑.

---

 - hosts: zabbix_client

   vars:

     - IP: 192.168.10.10

   tasks:

      - name: copy zabbix-agent-4.0.0-1.1.el7.x86_64.rpm

        copy: src=./zabbix-agent-4.0.0-1.1.el7.x86_64.rpm dest=/tmp/zabbix-agent.rpm

      - name: install zabbix-agent

        shell: rpm -i /tmp/zabbix-agent.rpm

      - name: edit zabbix_agentd.conf

        lineinfile:

           dest: /etc/zabbix/zabbix_agentd.conf

           regexp: 'Server=127.0.0.1'

           line: 'Server={{IP}}'

      - name: edit zabbix_agentd.conf

        lineinfile:

           dest: /etc/zabbix/zabbix_agentd.conf

           regexp: 'ServerActive=127.0.0.1'

           line: 'ServerActive={{IP}}'

      - name: edit zabbix_agentd.conf

        lineinfile:

           dest: /etc/zabbix/zabbix_agentd.conf

           regexp: 'Hostname=Zabbix server'

           line: 'Hostname={{IP}}'

      - name: start zabbix

        shell: /usr/sbin/zabbix_agentd

      - name: enable zabbix

        shell: echo "/usr/sbin/zabbix_agentd" >> /etc/bashrc

接着写完了这些配置以后,我们运行下面的几条命令,检查一下上面的文件是否有语法错误,和检查主机列表是否生效了.

[root@localhost playbook]# ansible-playbook -i hosts main.yml --syntax-check

playbook: main.yml

[root@localhost playbook]# ansible-playbook -i hosts main.yml --list-task

playbook: main.yml

[root@localhost playbook]# ansible-playbook -i hosts main.yml --list-hosts

playbook: main.yml

    pattern: [u'zabbix_client']

    hosts (2):

      192.168.10.20

      192.168.10.30

执行剧本: 确认过以后,直接使用下面的命令一键部署,我们写好的PlayBook剧本,此时我们等它一会.

[root@localhost playbook]# ansible-playbook -i hosts main.yml

PLAY [zabbix_client] *********************************************************************

TASK [Gathering Facts] *******************************************************************

ok: [192.168.10.30]

ok: [192.168.10.20]

....省略....

PLAY RECAP *******************************************************************************

192.168.10.20              : ok=5    changed=4    unreachable=0    failed=0

192.168.10.30              : ok=5    changed=4    unreachable=0    failed=0

参考文献:《Ansible自动化运维:技术与最佳实践》

通过PlayBook部署Zabbix的更多相关文章

  1. 通过ansible自动化部署zabbix应用

    zabbix在实际的应用中,可能需要监控的主机非常多,而每个主机的操作系统类型.版本也都不尽相同,在这种环境下,通过手动安装zabbix的agent端已经不现实了,此时就需要借助自动化工具完成zabb ...

  2. CentOS 6.5安装部署Zabbix监控系统

    CentOS 6.5安装部署Zabbix监控系统 先说一点废话,我没有用centos7做实验,讲真,centos 7我也不常用,喜欢新版本的同学其实可以尝试下,注意一点的就是centos 6.5只支持 ...

  3. Docker部署Zabbix+Grafana监控

    Docker部署Zabbix+Grafana监控 环境 centos 7 ; Docker 17.12.0-ce ; docker-compose version 1.20.1 2018-4-1 当前 ...

  4. Centos7 nginx 虚拟主机、反向代理服务器及负载均衡,多台主机分离php-fpm实验,之强化篇,部署zabbix为例

    一.简介 1.由于zabbix是php得,所有lnmp环境这里测试用的上一个实验环境,请查看https://www.cnblogs.com/zhangxingeng/p/10330735.html : ...

  5. Docker部署Zabbix监控MariaDB主从同步(Percona Monitoring Plugins for Zabbix)

    一.安装Docker并部署Zabbix 建议先配置清华大学的docker-ce yum源,速度有保障:清华大学repo源 1.Zabbix Server节点配置 部署环境: [root@server0 ...

  6. 运维监控-基于yum的方式部署 Zabbix Agent 4.0 版本

    运维监控-基于yum的方式部署 Zabbix Agent 4.0 版本 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 上一篇博客我们分享了如何基于yum的方式部署zabbix 4. ...

  7. 运维监控-基于yum的方式部署Zabbix Server 4.0 版本

    运维监控-基于yum的方式部署Zabbix Server 4.0 版本 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.如何选择zabbix版本 1>.打开zabbix官方 ...

  8. centos6.5安装部署zabbix监控服务端和客户端

    部署zabbix服务端需要LNMP环境(nginx,mysql,php),其它数据库也可以,我这里使用mysql,关于LNMP环境部署,可以参考我的另一遍文章:http://www.cnblogs.c ...

  9. centos7.2 部署zabbix 3.2.7

    centos7.2 部署zabbix 3.2.7[zabbix@zabbixServer ~]$ cat /etc/redhat-release CentOS Linux release 7.2.15 ...

随机推荐

  1. (七)C语言之顺序结构

  2. Error:java: 错误: 不支持发行版本 5

    本文链接:https://blog.csdn.net/wo541075754/article/details/70154604 在Intellij idea中新建了一个Maven项目,运行时报错如下: ...

  3. State Threads之co-routine的创建和stack的管理

    1. 综述 协程库 State Threads Library 是一个基于 setjmp/longjmp 实现的 C 语言版用户线程库或协程库(user level thread). 基本协程例子: ...

  4. Liunx 命令之链接操作

    Linux 系统中有软链接和硬链接两种特殊的"文件". 软链接可以看作是Windows中的快捷方式,可以让你快速链接到目标档案或目录. 硬链接则透过文件系统的inode来产生新档名 ...

  5. react-redux 的总结

    第一步,我们将我们要使用的插件来先一步进行安装 create-react-app app  // 在这里我们使用了 react 的脚手架来搭建的项目 cd app // 进入我们的项目 npm i - ...

  6. Spring Annotations

    @Bean 这是一个方法注解,作用是实例化一个Bean并使用该方法的名臣命名.

  7. LC 932. Beautiful Array

    For some fixed N, an array A is beautiful if it is a permutation of the integers 1, 2, ..., N, such ...

  8. shell 部分语法

    语法: variable_name=${variable_name:-xxxx} 如果variable 已经有值,则不被新值覆盖,否则将新值赋给variable split命令切割文件

  9. python 学习笔记(三)根据字典中值的大小对字典中的项排序

    字典的元素是成键值对出现的,直接对字典使用sorted() 排序,它是根据字典的键的ASCII编码顺序进行排序,要想让字典根据值的大小来排序,可以有两种方法来实现: 一.利用zip函数将字典数据转化为 ...

  10. 在Linux上安装Python3.7.1

    一.安装依赖环境 输入命令:yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readlin ...