Ansible 部署LNMP
Ansible 部署LNMP
1.环境准备
[wsh@controller ~ ?]$ mkdir LNMP
[wsh@controller ~ ?]$ ls
ansible LNMP
[wsh@controller ~ ?]$ cp ansible/ansible.cfg ansible/inventory LNMP/
[wsh@controller ~ ?]$ cd LNMP/
[wsh@controller LNMP ?]$ ls
ansible.cfg inventory[wsh@controller LNMP ✔]$ rz -E
rz waiting to receive.
[wsh@controller LNMP ✔]$ ls
ansible.cfg inventory wordpress-4.9.4-zh_CN.zip
#主机清单
[wsh@controller LNMP ✔]$ cat inventory
[lnmps]
lnmp ansible_host=node1[controllers]
controller[dev]
node1[test]
node2[prod]
node3
node4
# ansible 配置
[wsh@controller LNMP ✔]$ cat ansible.cfg
[defaults]
inventory = ./inventory
remote_user = wsh
vault_password_file=./secret.txt [privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False[wsh@controller LNMP ✔]$ cat secret.txt
redhat
2.准备Maria DB
1.变量配置
[wsh@controller LNMP ✔]$ mkdir -p host_vars/lnmp
[wsh@controller LNMP ✔]$ cat host_vars/lnmp/vars.yml
db_name: webapp
[wsh@controller LNMP ✔]$ ansible-vault view host_vars/lnmp/vaults.yml
mysql_root_password: wsh@123
app_user: wordpress
app_password: wsh@123
app_host: '%'
app_priv: '*.*:ALL'
[wsh@controller LNMP ✔]$ vim LNMP-playbook.yml
2.服务的安装启动与安全初始化
---
- name: deploy mariadb hosts: lnmp tasks: #安装 - name: install mariadb yum: name: - mariadb-server - python2-PyMySQL state: present # 启动 - name: enabled and start db service: name: mariadb enabled: yes state: started# 设置 root 密码 - name: set root@localhost passwordshell: mysqladmin password {{ mysql_root_password }}ignore_errors: yes - name: set root passwordmysql_user: name: root password: "{{ mysql_root_password }}"host: "{{ item }}"state: present login_user: rootlogin_password: "{{ mysql_root_password }}"with_items: - "{{ ansible_fqdn }}"- 127.0.0.1 - ::1 # 删除匿名用户 - name: delete user anonymousmysql_user: name: "" host_all: yes state: absent login_user: rootlogin_password: "{{ mysql_root_password }}"#login_unix_socket: /var/lib/mysql/mysql.sock# 删除测试数据库 - name: delete database testmysql_db: name: test state: absent login_user: rootlogin_password: "{{ mysql_root_password }}"
3.创建用户与数据库
#创建新用户和库
- name: prepare db for webapphosts: lnmp tasks: # 创建新用户- name: create user {{ user }}mysql_user:name: "{{ app_user }}"password: "{{ app_password }}"host: "{{ app_host }}"priv: "{{ app_priv }}"state: presentlogin_user: rootlogin_password: "{{ mysql_root_password }}"# 创建新库 - name: create database db_namemysql_db:name: "{{ db_name }}"state: presentlogin_user: root
3.准备nginx
安装和启动服务器
#准备web服务器
- name: deploy web server hosts: lnmp tasks:- name: install nginx yum: name: nginx state: present #启动服务 - name: enabled and started nginx services: name: nginx state: started enabled: yes - name: prepare test page copy: content: hello world from nginx dest: /usr/share/nginx/html/index.html
4.准备php
1.准备配置文档
[wsh@controller LNMP ✔]$ vim php.conf
location ~ \.php$ {try_files $uri =404;fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;
}
2.安装与启动php
#准备php服务
- name: phphosts: lnmptasks: - name: install phpyum:name: php,php-fpm,php-mysqlndstate: present#准备配置文件- name: modify running user for phplineinfile:path: /etc/php-fpm.d/www.confregexp: "{{ item }} = "line: "{{ item }} = nginx"loop:- user- group#启动php服务- name: enabled and start phpservices:name: php-fpmstate: startedenabled: yes#为nginx配置php- name: config php for nginxcopy:src: php.confdest: /etc/nginx/default.d/php.conf- name: restart nginxservice: nginxstate: restarted
5.准备webapp文件
1.准备配置文档
[wsh@controller LNMP ✔]$ vim vhost-wordpress.conf.j2server {listen 80;server_name {{ blog_vhost }};root /usr/share/nginx/html/{{ blog_vhost }}/wordpress;index index.php;# Load configuration files for the default server block.include /etc/nginx/default.d/*.conf;# log fileaccess_log /var/log/nginx/access-{{ blog_vhost }}.log;error_log /var/log/nginx/error-{{ blog_vhost }}.log;}
2.准备文件
#准备webapp文件
- name: deploy web app hosts: lnmpvars:blog_vhost: blog.wsh.cloud tasks:#准备虚拟主机 - name: prepare vhost template: src: vhost-wordpress.conf.j2 dest: /etc/nginx/conf.d/vhost-wordpress.conf #准备虚拟主机目录 - name: create /usr/share/nginx/html/{{ blog_vhost }}file:path: /usr/share/nginx/html/{{ blog_vhost }} state: directory #准备webapp文件- name: Unarchive a worepress fileunarchive:src: wordpress-4.9.4-zh_CN.zipdest: /usr/share/nginx/html/{{ blog_vhost }}/owner: nginxgroup: nginx#重启nginx- name: restart nginxservice:name: nginxstate: restarted
6.执行ansible
1.测试playbook
[wsh@controller LNMP ✔]$ ansible-playbook LNMP-playbook.yml --syntax-checkplaybook: LNMP-playbook.yml
2.执行测试
[wsh@controller LNMP ✔]$ ansible-playbook LNMP-playbook.ymlPLAY [deploy mariadb] *******************************************************************TASK [Gathering Facts] ******************************************************************
ok: [lnmp]TASK [install mariadb] ******************************************************************
changed: [lnmp]TASK [enabled and start db] *************************************************************
changed: [lnmp]TASK [set root@localhost password] ******************************************************
changed: [lnmp]TASK [set root password] ****************************************************************
changed: [lnmp] => (item=node1.wsh.cloud)
changed: [lnmp] => (item=127.0.0.1)
changed: [lnmp] => (item=::1)
[WARNING]: Module did not set no_log for update_passwordTASK [delete user anonymous] ************************************************************
changed: [lnmp]TASK [delete database test] *************************************************************
changed: [lnmp]PLAY [prepare db for webapp] ************************************************************TASK [Gathering Facts] ******************************************************************
ok: [lnmp]TASK [create user {{ user }}] ***********************************************************
changed: [lnmp]TASK [create database db_name] **********************************************************
changed: [lnmp]PLAY [deploy web server] ****************************************************************TASK [Gathering Facts] ******************************************************************
ok: [lnmp]TASK [install nginx] ********************************************************************
changed: [lnmp]TASK [enabled and started nginx] ********************************************************
changed: [lnmp]TASK [prepare test page] ****************************************************************
changed: [lnmp]PLAY [php] ******************************************************************************TASK [Gathering Facts] ******************************************************************
ok: [lnmp]TASK [install php] **********************************************************************
changed: [lnmp]TASK [modify running user for php] ******************************************************
changed: [lnmp] => (item=user)
changed: [lnmp] => (item=group)TASK [enabled and start php] ************************************************************
changed: [lnmp]TASK [config php for nginx] *************************************************************
changed: [lnmp]TASK [restart nginx] ********************************************************************
changed: [lnmp]PLAY [deploy web app] *******************************************************************TASK [Gathering Facts] ******************************************************************
ok: [lnmp]TASK [prepare vhost] ********************************************************************
changed: [lnmp]TASK [create /usr/share/nginx/html/blog.wsh.cloud] **************************************
changed: [lnmp]TASK [Unarchive a worepress file] *******************************************************
changed: [lnmp]TASK [restart nginx] ********************************************************************
changed: [lnmp]PLAY RECAP ******************************************************************************
lnmp : ok=25 changed=20 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 3.结果验证
