一、項目要求 1、創建role,通過role完成項目(可能需要多個role) 2、部署nginx調度器(node2主機) 3、部署2台lnmp伺服器(node3,node4主機) 4、部署mariadb資料庫(node5主機) 主要用的ansible實現自動化部署,ansible的安裝教程省略,控制 ...
一、項目要求
1、創建role,通過role完成項目(可能需要多個role)
2、部署nginx調度器(node2主機)
3、部署2台lnmp伺服器(node3,node4主機)
4、部署mariadb資料庫(node5主機)
主要用的ansible實現自動化部署,ansible的安裝教程省略,控制節點安裝ansible和Python,受控節點上只需要安裝相同版本Python(環境一致好些),所有主機間做免密登錄
二、項目實施
1、在控制節點上創建role部署lnmp平臺環境
[root@control ansible]# ansible-galaxy init ~/ansible/roles/lnmp
2、上傳或者下載lnmp_soft.tar.gz裡面的nginx-1.16-1.tar.gz軟體包到 /root/ansible/roles/lnmp/files/
# 下載Nginx安裝包:
[root@control ansible]# wget https://nginx.org/download/nginx-1.16.1.tar.gz
[root@control ansible]# tar -xf lnmp_soft.tar.gz
[root@control ansible]# cp lnmp_soft/nginx-1.16.1.tar.gz /root/ansible/roles/lnmp/files/
2、編寫部署lnmp的腳本,配置動靜分離
[root@control ansible]# vim /root/ansible/roles/lnmp/files/install_nginx.sh
稍後會使用copy模塊把nginx源碼包放到tmp目錄下,拷貝nginx源碼,執行編譯安裝
#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '65,71s/#//' $conf
sed -i '/SCRIPT_FILENAME/d' $conf
sed -i 's/fastcgi_params/fastcgi.conf/' $conf
3、部署網頁模板文件,通過template把包含變數的模板文件拷貝給目標主機node3 和 node4
[root@control ansible]# vim /root/ansible/roles/lnmp/templates/index.html
Welcome to {{ansible_hostname}} on {{ansible_all_ipv4_addresses}}
4、編寫tasks文件,定義任務
[root@control ansible]# vim /root/ansible/roles/lnmp/tasks/main.yml
---
# tasks file for /root/ansible/roles/lnmp
- name: copy nginx-1.16.1.tar.gz to webserver.
copy:
src: nginx-1.16.1.tar.gz
dest: /tmp/
- name: install nginx through shell script.
script: install_nginx.sh
args:
creates: /usr/local/nginx/sbin/nginx # 當nginx主程式文件存在時,不執行安裝腳本
- name: copy index.html to webserver. #拷貝首頁文件
template:
src: index.html
dest: /usr/local/nginx/html/index.html
- name: install php
yum:
name:
- php
- php-fpm
- php-mysqlnd
- mariadb-devel
- name: run all serveice
block:
- service:
name: php-fpm
state: started
- shell: /usr/local/nginx/sbin/nginx
args:
creates: /usr/local/nginx/logs/nginx.pid
#當nginx的進程號文件存在,說明nginx啟動了。則不執行啟動nginx
5、編寫playbook劇本
[root@control ansible]# vim ~/ansible/lnmp.yml
- hosts: webserver
roles:- lnmp
6、運行playbook,並驗證是否成功
[root@control ansible]# ansible-playbook lnmp.yml
# 控制節點上登錄node節點
[root@control ansible]# ssh node3
# 查看/usr/local/nginx/目錄下信息bin
[root@node3 ~]# ls /usr/local/nginx/
# 查看埠是否被監聽
[root@node3 ~]# ss -nultp | grep 80
# 查看是否安裝所需要包
[root@node3 ~]# rpm -q php-fpm
# 查看php的狀態
[root@node3 ~]# systemctl status php-fpm
# 查看預設主頁是否創建完成
[root@node3 ~]# cat /usr/local/nginx/html/index.html
Welcome to node3 on ['192.168.4.3']
7、使用nginx部署代理伺服器node2
[root@control ansible]# ansible-galaxy init ~/ansible/roles/proxy
[root@control ansible]# cp ~/ansible/roles/lnmp/files/* ~/ansible/roles/proxy/files/
8、編寫配置調度器的腳本,刪掉之前的sed語句,添加定義集群,調用集群的語句
[root@control ansible]# vim ~/ansible/roles/proxy/files/install_nginx.sh
#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '/^http/a upstream webs {\n server 192.168.4.3;\n server 192.168.4.4;\n }\n'
$conf
sed -i '49i proxy_pass http://webs;' $conf
/usr/local/nginx/sbin/nginx
9、編寫tasks文件,定義任務
[root@control ansible]# vim ~/ansible/roles/proxy/tasks/main.yml
---
# tasks file for /root/ansible/roles/proxy
- name: copy source file to node2
copy:
src: nginx-1.16.1.tar.gz
dest: /tmp/
- name: install nginx.
script: install_nginx.sh
args:
creates: /usr/local/nginx/sbin/nginx
10、編寫playbook劇本,調用任務
[root@control ansible]# vim proxy.yml
---
- hosts: node2
roles:
- proxy
- hosts: node5
tasks:
- name: install mariadb server. #部署資料庫伺服器
yum:
name:
- mariadb
- mariadb-server
- mariadb-devel
- name: run mariadb-server
service:
name: mariadb
state: started
11、運行playbook和測試節點
[root@control ansible]# ansible-playbook proxy.yml
node1測試訪問:
node2,node3,node4關閉防火牆,
[root@node2 ~]# systemctl stop firewalld.service 或者
firewall-cmd --add-service=http 允許http訪問都可以
[root@node3 ~]# systemctl stop firewalld.service
[root@node4 ~]# systemctl stop firewalld.service
[root@node1 ~]# curl http://192.168.4.2 #成功
-------------------------------------------
個性簽名:今天做了別人不想做的事,明天你就做得到別人做不到的事,嘗試你都不敢,你拿什麼贏!
如果覺得這篇文章對你有小小的幫助的話,記得在右下角點個“推薦”哦,博主在此感謝!
