第十三周
Posted amy_itx_aps
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了第十三周相关的知识,希望对你有一定的参考价值。
第十三周
1.ansible-playbook实现mysql的二进制部署
实验环境
需要三台主机:CentOS Linux release 7.9.2009 (Core)
1台ansible主机安装ansible
ansible 192.168.80.103 (yum 安装ansible 需要epel源)
2台新安装的机器,配置yum源
node00.magedu.org 192.168.80.100
node01.magedu.org 192.168.80.101
ansible主机至2台新主机ssh免密
ansible主机
#ansible安装
[root@ansible ~]# yum install -y ansible
#创建mysql项目专用目录,将mysql项目相关的ansible文件都统一存放
[root@ansible ~]# mkdir -p ansible/mysql/{files,inventory,log}
#目录结构
[root@ansible ~]# tree ansible/mysql
ansible/mysql
├── ansible.cfg
├── files
│ ├── my.cnf
│ ├── mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
│ └── mysql-8.0.26-linux-glibc2.12-x86_64.tar.xz
├── install_mysql5.7or8.0.yml
├── inventory
│ └── hosts
├── key_ssh_expect.sh
└── log
└── ansible.log
3 directories, 8 files
#ansible
[root@ansible mysql]# ansible --version
ansible 2.9.27
config file = /root/ansible/mysql/ansible.cfg
configured module search path = [/root/.ansible/plugins/modules, /usr/share/ansible/plugins/modules]
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
#ansible.cfg
[root@ansible ~]# cp /etc/ansible/ansible.cfg ansible/mysql/ansible.cfg
[root@ansible mysql]# vim /root/ansible/mysql/ansible.cfg
#修改下面几行其他保持默认即可
[defaults]
# some basic default values...
#去掉# 修改hosts文件路径
inventory = ./inventory/hosts
#去掉# 修改日志路径
log_path = log/ansible.log
#直接去掉注释
host_key_checking = False
#my.cnf
[root@ansible ~]# vim ansible/mysql/files/my.cnf
[client]
socket=/data/datadb/mysql.sock
[mysql]
default-character-set=utf8mb4
prompt=(\\\\u@\\\\h) [\\\\d]>\\\\_
[mysqld]
character-set-server=utf8mb4
server-id=21
log-bin=/data/binlog/mysql-bin
datadir=/data/datadb/
socket=/data/datadb/mysql.sock
log-error=/data/datadb/mysql.log
pid-file=/data/datadb/mysql.pid
#hosts文件
[root@ansible ~]# vim ansible/mysql/hosts
[mysqldb]
192.168.80.100
192.168.80.101
#yml文件
#ansible-playbook 文件
[root@ansible ~]# cat ansible/mysql/install_mysql5.7or8.0.yml
---
#install_mysql5.7or8.0.yml
#install mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
- hosts: mysqldb
remote_user: root
gather_facts: no
vars:
mysql_version: 8.0.26
mysql_file: mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.xz
mysql_root_password: mysql#123456
tasks:
- name: install packages
yum:
name:
- libaio
- numactl-libs
- name: create mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no
- name: create /data/datadb
file: path=/data/datadb/ state=directory owner=mysql group=mysql mode=755
- name: create /data/binlog
file: path=/data/binlog/ state=directory owner=mysql group=mysql mode=755
- name: copy tar to remote host and file mode
unarchive: src=/root/ansible/mysql/files/{{mysql_file}} dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{ mysql_version }}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: initialize database
shell: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/data/datadb/
tags: data
- name: config my.cnf
copy: src=/root/ansible/mysql/files/my.cnf dest=/etc/my.cnf
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: PATH variable
copy: content=PATH=/usr/local/mysql/bin:$PATH dest=/etc/profile.d/mysql.sh
- name: enable service
shell: checkconfig --add mysqld; /etc/init.d/mysqld start;chkconfig mysqld on
tags: service
- name: change password
shell: /usr/local/mysql/bin/mysqladmin -uroot password {{mysql_root_password}}#ansible主机到目标主机ssh免密
[root@ansible ~]# cat key_ssh_expect.sh
#!/bin/bash
#=====================================================================================================
#File Name: key_ssh_expect.sh
#Date: 2021-12-02 00-20-20
#Author: Create by gonghairong
#Description: This script function is
#Shell Version: GNU bash version 4.1.2(2)-release x86_64-redhat-linux-gnu
#Copyright (C): 2021 All rights reserved
#=====================================================================================================
#------------------------------------------------------------------------------------------------------------------
password=123456
port=22
user=root
ip_list="
192.168.80.100
192.168.80.101
"
#------------------------------------------------------------------------------------------------------------------
rpm -a expect &>/dev/null || yum install -y -q expect &>/dev/null
[ -f ~/.ssh/id_ecdsa ] && echo "id_ecdsa is ok " || ssh-keygen -q -t ecdsa -P -f ~/.ssh/id_ecdsa &>/dev/null
for i in $ip_list
do
{
/usr/bin/expect<<-eof
set time 60
spawn ssh-copy-id -f -i /root/.ssh/id_ecdsa.pub -p $port $user@$i
expect {
"yes/no" { send "yes\\n";exp_continue }
"password" { send "$password\\n"}
}
expect eof
eof
echo -e "${GREEN_COLOR}$i is ok ${RES}"
}&
done
wait
echo -e " key is ok "
#执行ssh免密脚本
[root@ansible ~]# sh key_ssh_expect.sh
id_ecdsa is ok
spawn ssh-copy-id -f -i /root/.ssh/id_ecdsa.pub -p 22 root@192.168.80.101
spawn ssh-copy-id -f -i /root/.ssh/id_ecdsa.pub -p 22 root@192.168.80.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_ecdsa.pub"
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_ecdsa.pub"
root@192.168.80.100s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p 22 root@192.168.80.101"
and check to make sure that only the key(s) you wanted were added.
192.168.80.101 is ok
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p 22 root@192.168.80.100"
and check to make sure that only the key(s) you wanted were added.
192.168.80.100 is ok
ansible-playbook 语法检
#ansible-playbook yml 文件语法检查
[root@ansible mysql]# cd /root/ansible/mysql
[root@ansible mysql]# ansible-playbook install_mysql5.7or8.0.yml --syntax-check
playbook: install_mysql5.7or8.0.yml
#语法检查没有问题ansible-playbook执行
[root@ansible mysql]# cd /root/ansible/mysql
#安装mysql8.0
[root@ansible ~]# ansible-playbook install_mysql5.7or8.0_v2.yml
PLAY [mysqldb] ******************************************************************************************************************************************
TASK [install packages] *********************************************************************************************************************************
ok: [192.168.80.101]
ok: [192.168.80.100]
TASK [create mysql group] *******************************************************************************************************************************
changed: [192.168.80.101]
changed: [192.168.80.100]
TASK [create mysql user] ********************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [create /data/datadb] ******************************************************************************************************************************
changed: [192.168.80.101]
changed: [192.168.80.100]
TASK [create /data/binlog] ******************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [copy tar to remote host and file mode] ************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [create linkfile /usr/local/mysql] *****************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [initialize database] ******************************************************************************************************************************
changed: [192.168.80.101]
changed: [192.168.80.100]
TASK [config my.cnf] ************************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [service script] ***********************************************************************************************************************************
changed: [192.168.80.101]
changed: [192.168.80.100]
TASK [PATH variable] ************************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [enable service] ***********************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [change password] **********************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
PLAY RECAP **********************************************************************************************************************************************
192.168.80.100 : ok=13 changed=12 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.80.101 : ok=13 changed=12 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#查看mysql安装效果
[root@ansible mysql]# ansible mysqldb -m shell -a /etc/init.d/mysqld status
192.168.80.100 | CHANGED | rc=0 >>
SUCCESS! MySQL running (74816)
192.168.80.101 | CHANGED | rc=0 >>
SUCCESS! MySQL running (74611)
2.Ansible playbook实现apache/nginx 批量部署,并对不同主机提供以各自IP地址为内容的index.html
实验环境
需要三台主机:CentOS Linux release 7.9.2009 (Core)
1台ansible 主机 安装ansible
ansible 192.168.80.103
2台新安装的机器
node00.magedu.org 192.168.80.100
node01.magedu.org 192.168.80.101
ansible主机至2台新主机ssh免密(参考1中的脚本)ansible主机
#ansible安装
[root@ansible ~]# yum install -y ansible
#创建 nginx 项目专用目录,将 nginx 项目相关的ansible文件都统一存放
[root@ansible ~]# mkdir -p ansible/nginx/{templates,log,inventory,files}
[root@ansible ~]# tree ansible/nginx
ansible/nginx
├── ansible.cfg
├── files
│ └── nginx-1.18.0.tar.gz
├── inventory
│ └── hosts
├── key_ssh_expect.sh
├── log
│ └── ansible.log
├── templates
│ ├── nginx.conf.j2
│ └── nginx.service.j2
└── v00.yml
4 directories, 8 files
#ansible.cfg
[root@ansible ~]# cp /etc/ansible/ansible.cfg ansible/mysql/ansible.cfg
[root@ansible mysql]# vim /root/ansible/mysql/ansible.cfg
#修改下面几行其他保持默认即可
[defaults]
# some basic default values...
#去掉# 修改路径
inventory = ./inventory/hosts
#去掉# 修改日志路径
log_path = log/ansible.log
#直接去掉注释
host_key_checking = False
#hosts文件
[root@ansible ~]# vim ansible/nginx/inventory/hosts
[mysqldb]
192.168.80.100 hostname=node1 domain=mgedu.org
192.168.80.101 hostname=node2 domain=mgedu.org
[mysqldb:vars]
mark="-"
[all:vars]
domain=mgedu.org
#模板文件 nginx.conf
#为了保持配置完整性注释的信息也保留
[root@ansible ~]# vim ansible/nginx/templates/nginx.conf.j2
#user nobody;
#worker_processes auto;
worker_processes {{ ansible_processor_vcpus+1 }};
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections {{ 1024*ansible_processor_vcpus }};
}
http {
include mime.types;
default_type application/octet-stream;
log_format main $remote_addr - $remote_user [$time_local] "$request"
$status $body_bytes_sent "$http_referer"
"$http_user_agent" "$http_x_forwarded_for";
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#server_tokens off ;
#gzip on;
server {
listen 80;
server_name www.magedu.org;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the php scripts to Apache listening on 127.0.0.1:80
#
#location ~ \\.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \\.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apaches document root
# concurs with nginxs one
#
#location ~ /\\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
#service 模板文件
[root@ansible ~]#vim ansible/nginx/templates/nginx.service.j2
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile={{ install_dir }}/logs/nginx.pid
ExecStartPre=/bin/rm -f {{ install_dir }}/logs/nginx.pid
ExecStartPre={{ install_dir }}/sbin/nginx -t
ExecStart={{ install_dir }}/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
ansible-playbook 语法检
#ansible-playbook 语法检
[root@ansible nginx]# ansible-playbook v00.yml --syntax-check
playbook: v00.yml
#检查语法正确ansible-playbook执行
#ansible-playbook执行
[root@ansible ~]# cd /root/ansible/nginx
[root@ansible nginx]# ansible-playbook v00.yml
PLAY [all] **************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************
ok: [192.168.80.101]
ok: [192.168.80.100]
TASK [install packages] *************************************************************************************************************************************
ok: [192.168.80.100]
ok: [192.168.80.101]
TASK [create nginx group] ***********************************************************************************************************************************
ok: [192.168.80.100]
ok: [192.168.80.101]
TASK [create nginx user] ************************************************************************************************************************************
ok: [192.168.80.101]
ok: [192.168.80.100]
TASK [create /app] ******************************************************************************************************************************************
ok: [192.168.80.101]
ok: [192.168.80.100]
TASK [copy nginx file to remote host /tmp/] *****************************************************************************************************************
ok: [192.168.80.101]
ok: [192.168.80.100]
TASK [configure make make install] **************************************************************************************************************************
changed: [192.168.80.101]
changed: [192.168.80.100]
TASK [create linkfile /app/nginx-1.18.0 /app/nginx state=link] *****************************************************************************************
ok: [192.168.80.100]
ok: [192.168.80.101]
TASK [set PATH] *********************************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [index.html] *******************************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [prepare service file] *********************************************************************************************************************************
ok: [192.168.80.100]
ok: [192.168.80.101]
TASK [nginx.conf] *******************************************************************************************************************************************
ok: [192.168.80.100]
ok: [192.168.80.101]
TASK [systemctl daemon-reload] ******************************************************************************************************************************
changed: [192.168.80.100]
changed: [192.168.80.101]
TASK [start service] ****************************************************************************************************************************************
ok: [192.168.80.101]
changed: [192.168.80.100]
PLAY RECAP **************************************************************************************************************************************************
192.168.80.100 : ok=14 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.80.101 : ok=14 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#测试网页
[root@ansible ~]# curl http://192.168.80.100
nginx pages 192.168.80.100 node00.magedu.org
[root@ansible ~]# curl http://192.168.80.101
nginx pages 192.168.80.101 node01.magedu.org
3.http的报文结构和状态码总结
#常见http 状态码
200 服务器成功返回网页,这是成功的HTTP请求返回的标准状态码
301 Moved Permanently 永久重定向,所请求的网页将永久跳转到被设定的新位置,例如从www.qq.com 跳转至www.baidu.com
302 Moved Temporarily 临时重定向,响应报文Location指明资源临时新位置
304 Not Modified 客户端发出条件请求,但服务器上的资源未曾发生改变,则通过响应此响状态码通知客户端
401 Unauthorized 需要输入账号和密码认证方能访问资源
403 Forbidden 请求被禁止,禁止访问,虽然这个请求是合法的,但是服务器端因为匹配了预先设置的规则二拒绝响应客户端的请求,此类问题一般为服务器或服务器权限配置不当所致
404 Not Fount 服务器找不到客户端请求的指定页面,可能是客户但请求了服务器上不存在的资源所致
500 Internal Server Error 服务器内部错误,服务器遇到了意料不到的情况,不能完成客户端的请求。是一个笼统的报错,一般为服务器的设置或程序问题导致。例如 SELINUX 开启 而又没有为HTTP 设置规则许可,客户端访问就是500
502 Bad Gateway 代理服务器从后端服务器收到了一条伪响应,如无法连接到网关,一般是代理服务器请求后端服务器时候,后端服务器不可用或者没有完成响应网关服务器,这通常为反向代理服务器下面的节点出现问题所致
503 服务不可用,临时服务器维护或过载,服务器无法处理请求,或者是反向代理服务器后面没有可以提供服务的节点
504 网关超时,一般是网关代理服务器请求后端服务器时,后端服务没有在特定的时间内完成处理请求,多数是服务器过载导致没有在指定的时间内返回数据给前端代理服务器
#HTTP状态码的命令行查看
#可以通过 curl命令(附带相关参数)在linux 命令行查看 http 响应的数字状态吗
[root@ansible ~]# curl -I http://www.qq.com
HTTP/1.1 302 Moved Temporarily
Server: ias/1.4.2.4_1.17.3
Date: Wed, 01 Dec 2021 18:32:06 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
Location: https://www.qq.com/
[root@ansible ~]# curl -I https://www.qq.com
HTTP/1.1 200 OK
Date: Wed, 01 Dec 2021 18:34:38 GMT
Content-Type: text/html; charset=GB2312
Connection: keep-alive
Server: squid/3.5.24
Vary: Accept-Encoding
Vary: Accept-Encoding
Expires: Wed, 01 Dec 2021 18:35:38 GMT
Cache-Control: max-age=60
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Cache: HIT from shenzhen.qq.com
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors https://*.qq.com
X-Content-Type-Options: nosniff
以上是关于第十三周的主要内容,如果未能解决你的问题,请参考以下文章