ansible的使用
Posted 会飞de冬瓜
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ansible的使用相关的知识,希望对你有一定的参考价值。
1.ansible-playbook实现MySQL的二进制部署
(1)安装ansible
yum -y install ansible
(2)配置主机清单文件
# vi /etc/ansible/hosts
[local]
10.0.0.7 ansible_connection=local #指定连接类型为本地,无需通过ssh连接
[mysql]
10.0.0.17
10.0.0.27
10.0.0.37
(3)mysql配置文件
# cat /apps/mysql/my.cnf
[mysqld]
user=mysql
datadir=/data/mysql
socket=/data/mysql/mysql.sock
innodb_file_per_table=on
skip_name_resolve = on #禁止主机名解析,建议使用
[client]
port=3306
socket=/data/mysql/mysql.sock
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/data/mysql/mysql.pid
(4)ssh免密授权# bash ssh_key.sh
(5)ssh健康性检查
# ansible mysql -m ping
(6)批量安装mysql
# cat install-bin-mysql5.6.yml
---
# 批量安装二进制mysql5.6
# 将配置文件my.cnf放到目录/apps/mysql下
- hosts: mysql
remote_user: root
gather_facts: no
tasks:
- name: install packages
yum : name=libaio,perl-Data-Dumper,autoconf state=installed
- name: create group mysql
group:
name: mysql
gid: 306
system: yes
- name: create user mysql
user:
name: mysql
uid: 306
group: mysql
shell: /sbin/nologin
system: yes
home: /data/mysql
- name: download mysql_file
unarchive :
src: "http://mirrors.163.com/mysql/Downloads/MySQL-5.6/mysql-5.6.51-linux-glibc2.12-x86_64.tar.gz"
dest: "/usr/local"
owner: root
remote_src: yes
- name: prepare Soft links
shell: ln -s mysql-5.6.51-linux-glibc2.12-x86_64/ mysql
args:
chdir: "/usr/local"
- name: bash mysql_instll_db
shell: ./scripts/mysql_install_db --user=mysql --datadir=/data/mysql --basedir=/usr/local/mysql/
args:
chdir: "/usr/local/mysql"
- name: prepare my.cnf
copy:
src: "/apps/mysql/my.cnf"
dest: "/etc/my.cnf"
- name: prepare service file
shell: cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld && chkconfig --add mysqld && chkconfig mysqld on
- name: add path
shell: echo PATH=/usr/local/mysql/bin:$PATH > /etc/profile.d/mysql.sh && . /etc/profile.d/mysql.sh
- name: start mysql
shell: service mysqld start
# ansible-playbook --syntax-check install-bin-mysql5.6.yml #检查语法
# ansible-playbook install-bin-mysql5.6.yml #运行
2.Ansible playbook实现apache批量部署,并对不同主机提供以各自IP地址为内容的index.html
(1)生成kekgen
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory /root/.ssh.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6XyhlugUDjs1ntsb4GCu0fPuwBCSEOhrPjU56RJ6xxE root@8-2
The keys randomart image is:
+---[RSA 3072]----+
|+. |
|o. |
|+ . |
| o .E . |
| o *.= S . |
| + %.O O o . |
|+ =.@.B B . |
|.+.+oB + o |
| .+. o* o. |
+----[SHA256]-----+
(2)复制到远程客户端
# ssh-copy-id root@10.0.0.8
# ssh-copy-id root@10.0.0.18
# ssh-copy-id root@10.0.0.17
# ssh-copy-id root@10.0.0.27
# ssh-copy-id root@10.0.0.37
(3) 配置主机清单
# vi /etc/ansible/hosts
[local]
10.0.0.7 ansible_connection=local #指定连接类型为本地,无需通过ssh连接
[webserver]
10.0.0.17
10.0.0.27
10.0.0.37
10.0.0.8
10.0.0.18
(4)检查服务端到远程主机的健康性
# ansible all -m ping #显示绿色表示健康
10.0.0.7 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
10.0.0.37 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
10.0.0.8 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
10.0.0.18 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
10.0.0.27 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
10.0.0.17 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
(5)准备工作
# cd /apps/httpd
# wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.51.tar.bz2 --no-check-certificate
# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-1.7.0.tar.bz2 --no-check-certificate
# wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-util-1.6.1.tar.bz2 --no-check-certificate
# vi /apps/httpd/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
ExecStart=/apps/httpd/bin/apachectl start
ExecReload=/apps/httpd/bin/apachectl graceful
ExecStop=/apps/httpd/bin/apachectl stop
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable --now httpd.service
# ls #最终准备好四个文件
apr-1.7.0.tar.bz2 apr-util-1.6.1.tar.bz2 httpd-2.4.51.tar.bz2 httpd.service
(6) 准备playbook
# cat install_httpd.yml
---
# install httpd
# 需要将相关文件放到如下目录
# tree /apps/httpd/
# apps/httpd/
# ├── apr-1.7.0.tar.bz2
# ├── apr-util-1.6.1.tar.bz2
# ├── httpd-2.4.51.tar.bz2
# └── httpd.service
- hosts: webserver
remote_user: root
gather_facts: no
vars:
data_dir: /usr/local/src
base_dir : /apps/httpd
install_dir: /apps/httpd
httpd_version: httpd-2.4.51
apr_version: apr-1.7.0
apr_util_version: apr-util-1.6.1
httpd_url: https://mirrors.tuna.tsinghua.edu.cn/apache/httpd
apr_url: https://mirrors.tuna.tsinghua.edu.cn/apache/apr
tasks :
- name : install packages
yum : name=gcc,make,pcre-devel,openssl-devel,expat-devel,bzip2 state=installed
- name : download httpd file
unarchive :
src: " base_dir / httpd_version .tar.bz2"
dest: " data_dir "
owner: root
copy: yes
- name : download apr file
unarchive :
src: " base_dir / apr_version .tar.bz2"
dest: " data_dir "
owner: root
copy: yes
- name : download apr_util file
unarchive :
src: " base_dir / apr_util_version .tar.bz2"
dest: " data_dir "
owner: root
copy: yes
- name : prepare apr dir
shell: mv apr_version httpd_version /srclib/apr
args:
chdir: " data_dir "
- name : prepare apr_util dir
shell : mv apr_util_version httpd_version /srclib/apr-util
args:
chdir: " data_dir "
- name : build httpd
shell : ./configure --prefix= install_dir --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-included-apr --enable-modules=most --enable-enablempms-shared=all --with-mpm=prefork && make -j && make install
args:
chdir: " data_dir / httpd_version "
- name : create group
group : name=apache gid=80 system=yes
- name : create user
user : name=apache uid=80 group=apache shell=/sbin/nologin system=yes create_home=no home= install_dir /conf/httpd
- name : set httpd user
lineinfile : path= install_dir /conf/httpd.conf regexp=^User line=User apache
- name : set httpd group
lineinfile : path= install_dir /conf/httpd.conf regexp=^Group line=Group apache
- name : set variable PATH
shell : echo PATH= install_dir /bin:$PATH >> /etc/profile.d/httpd.sh
- name : copy service file to remote
copy:
src: " base_dir /httpd.service"
dest: /usr/lib/systemd/system/httpd.service
- name : start service
service : name=httpd state=started enabled=yes
(7) 批量安装
# ansible-playbook install_httpd.yml
PLAY [webserver] ****************************************************************************************************************************************************************************
TASK [install packages] *********************************************************************************************************************************************************************
changed: [10.0.0.8]
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.27]
changed: [10.0.0.18]
TASK [download httpd file] ******************************************************************************************************************************************************************
changed: [10.0.0.17]
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [download apr file] ********************************************************************************************************************************************************************
changed: [10.0.0.17]
changed: [10.0.0.37]
changed: [10.0.0.27]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [download apr_util file] ***************************************************************************************************************************************************************
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.27]
changed: [10.0.0.8]
changed: [10.0.0.18]
TASK [prepare apr dir] **********************************************************************************************************************************************************************
changed: [10.0.0.37]
changed: [10.0.0.27]
changed: [10.0.0.17]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [prepare apr_util dir] *****************************************************************************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [build httpd] **************************************************************************************************************************************************************************
changed: [10.0.0.17]
changed: [10.0.0.37]
changed: [10.0.0.27]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [create group] *************************************************************************************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [create user] **************************************************************************************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.8]
changed: [10.0.0.18]
TASK [set httpd user] ***********************************************************************************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.17]
changed: [10.0.0.37]
changed: [10.0.0.8]
changed: [10.0.0.18]
TASK [set httpd group] **********************************************************************************************************************************************************************
changed: [10.0.0.37]
changed: [10.0.0.27]
changed: [10.0.0.17]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [set variable PATH] ********************************************************************************************************************************************************************
changed: [10.0.0.17]
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [copy service file to remote] **********************************************************************************************************************************************************
changed: [10.0.0.27]
changed: [10.0.0.37]
changed: [10.0.0.17]
changed: [10.0.0.18]
changed: [10.0.0.8]
TASK [start service] ************************************************************************************************************************************************************************
changed: [10.0.0.17]
changed: [10.0.0.8]
changed: [10.0.0.18]
changed: [10.0.0.37]
changed: [10.0.0.27]
PLAY RECAP **********************************************************************************************************************************************************************************
10.0.0.17 : ok=14 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.18 : ok=14 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.27 : ok=14 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.37 : ok=14 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.8 : ok=14 changed=14 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
(8)测试
# curl 10.0.0.17
<html><body><h1>It works!</h1></body></html>
# curl 10.0.0.27
<html><body><h1>It works!</h1></body></html>
# curl 10.0.0.37
<html><body><h1>It works!</h1></body></html>
# curl 10.0.0.8
<html><body><h1>It works!</h1></body></html>
# curl 10.0.0.18
<html><body><h1>It works!</h1></body></html>
# 测试完成,批量安装成功
3.http的报文结构和状态码总结
(1)在TCP/IP协议簇中的位置
位于四层协议的应用层。基于运输层的TCP协议实现。
(2)请求报文结构
包括报文首部、空行、报文主体3部分。
报文首部: 第一行:请求行,请求方法,请求路径,HTTP版本 后续为各个首部:包括请求首部字段、通用首部字段和实体首部字段
空行:
报文主体: 向服务器发送的数据。如get请求中的各个参数。post请求中的参数。
(3)响应报文结构
也是包括报文首部、空行、报文主体3部分。
报文首部: 第一行:状态行,包括HTTP版本 状态码 原因短语 后续为首部字段:响应首部字段、通用首部字段、实体首部字段
报文主体:服务器返回的响应体。如HTTM页面。
(4)常见状态码
2xx
2开头的状态码表示成功
200 OK
正常处理并返回了
204 No Content
正常处理了,但响应中不含主体。 用于需要从客户端往服务器发送数据但不需要响应内容的情况。
206 Partial Content
客户端进行了范围请求,服务器正常返回了。请求时通过Content-Range指定范围。
3xx
重定向相关
301 Moved Permanently
永久性重定向。表示请求的资源已经永久性分配了新的URI,以后应该使用该新的URI。 使用Location首部字段表示新URI地址。浏览器会重新请求一次该URI。
302 Found
临时重定向,希望用户本次使用的新分配的URI。 和301非常类似,浏览器也会根据Location字段重新进行请求。 在实际开发中常用于页面跳转。
303 See Other
和302功能相同,只是明确表明客户端应该使用get请求。
304 Not Modified
和重定向没有关系。表示资源没有改变,可直接使用客户端未过期的缓存。在请求附带条件时有可能返回这个状态码。
4xx
客户端错误
400 Bad Request
请求中有语法错误。如参数拼接的的问题等。
401 Unauthorized
未认证
403
禁止访问
404 Not Found
5xx
服务器错误
500
服务器内部错误
503
服务不可用
host首部的作用
区分不同的主机。有些服务器运行多个网站,每个网站有不同的域名。当接收请求时如果不指定域名则无法知道需要哪个网站响应。
以上是关于ansible的使用的主要内容,如果未能解决你的问题,请参考以下文章