Ansible项目实战搭建lnmp

Posted 礁之

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Ansible项目实战搭建lnmp相关的知识,希望对你有一定的参考价值。

一、项目规划

通过ansible的roles角色去配置lnmp环境,nginx、php、mysql都使用源码编译安装

二、项目步骤

(1)创建管理目录

******(1)生成密钥,安装ansible
[root@ansible ~]# ssh-keygen -t rsa  #生成密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:cR2NsH+QIDCIuw0n+EcVhFPfDGAR4eqOpqf+oDtLXCQ root@ansible
The key's randomart image is:
+---[RSA 2048]----+
|   . =%Bo o..o   |
|  . +o.o = +.o.  |
| E o o. o = +    |
|. * o.   o . .   |
| . O.   S   . .  |
|. +.o        .   |
| + ..            |
|+ +o             |
|BXo..            |
+----[SHA256]-----+
[root@ansible ~]# ssh-copy-id 192.168.100.204  #把密钥传给204
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.100.204 (192.168.100.204)' can't be established.
ECDSA key fingerprint is SHA256:VhTZ5YxS5af2rHtfCvyc6ehXh3PD2A8KY2MyE6rHjiU.
ECDSA key fingerprint is MD5:e8:41:d2:8a:7e:e9:a9:47:a3:f0:29:be:e9:6d:df:51.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.204's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.100.204'"
and check to make sure that only the key(s) you wanted were added.
[root@ansible ~]# vim /etc/yum.repos.d/centos.repo 
[aaa]
name=aaa
baseurl=file:///mnt
enabled=1
gpgcheck=0
[ansible]
name=ansible
baseurl=file:///root/ansible
enabled=1
gpgcheck=0
[root@ansible ~]# yum -y install ansible
。。。。。。完毕!
[root@ansible ~]# vim /etc/ansible/hosts  #添加主机到hosts文件
[web02]
192.168.100.204
[root@ansible ~]# ansible web02 -m shell -a 'ls'   #确认ansible可以免密登录204
192.168.100.204 | SUCCESS | rc=0 >>
anaconda-ks.cfg


******(2)创建管理目录
[root@ansible ~]# mkdir -p /etc/ansible/roles/lnmp/roles/mysql_install,nginx_install,php_install/files,handlers,meta,tasks,templates,vars
[root@ansible ~]# yum -y install tree  #安装tree
。。。。。。
完毕!
[root@ansible ~]# cd /etc/ansible/roles/
[root@ansible roles]# tree
.
└── lnmp
    └── roles
        ├── mysql_install
        │   ├── files
        │   ├── handlers
        │   ├── meta
        │   ├── tasks
        │   ├── templates
        │   └── vars
        ├── nginx_install
        │   ├── files
        │   ├── handlers
        │   ├── meta
        │   ├── tasks
        │   ├── templates
        │   └── vars
        └── php_install
            ├── files
            ├── handlers
            ├── meta
            ├── tasks
            ├── templates
            └── vars

23 directories, 0 files

(2)在各个角色的files目录上传源码包

[root@ansible roles]# cd lnmp/roles/mysql_install/files/  #注意要上传到files下
[root@ansible files]# ll   #上传源码包
总用量 54844
-rw-r--r-- 1 root root  5583905 625 17:14 cmake-2.8.6.tar.gz
-rw-r--r-- 1 root root 50571897 625 17:14 mysql-5.7.12.tar.gz
[root@ansible files]# cd ../../
[root@ansible roles]# cd nginx_install/files/
[root@ansible files]# ll
总用量 960
-rw-r--r-- 1 root root 980831 625 17:16 nginx-1.12.0.tar.gz
[root@ansible files]# cd ../../
[root@ansible roles]# cd php_install/files/
[root@ansible files]# ll
总用量 17372
-rw-r--r-- 1 root root 17785731 625 17:16 php-5.5.38.tar.gz
[root@ansible files]# cd ../../../
[root@ansible lnmp]# tree
.
└── roles
    ├── mysql_install
    │   ├── files
    │   │   ├── cmake-2.8.6.tar.gz
    │   │   └── mysql-5.7.12.tar.gz
    │   ├── handlers
    │   ├── meta
    │   ├── tasks
    │   ├── templates
    │   └── vars
    ├── nginx_install
    │   ├── files
    │   │   └── nginx-1.12.0.tar.gz
    │   ├── handlers
    │   ├── meta
    │   ├── tasks
    │   ├── templates
    │   └── vars
    └── php_install
        ├── files
        │   └── php-5.5.38.tar.gz
        ├── handlers
        ├── meta
        ├── tasks
        ├── templates
        └── vars

22 directories, 4 files

(3)先创建lnmp入口文件,用来调用角色

[root@ansible lnmp]# vim lnmp.yml  #创建的入口文件要和lnmp的角色目录是同级关系
---
- hosts: web02
  remote_user: root
  gather_facts: True     
  roles:                 #角色的顺序要排好
    - mysql_install    
    - php_install
    - nginx_install
[root@ansible lnmp]# pwd
/etc/ansible/roles/lnmp
[root@ansible lnmp]# ll
总用量 4
-rw-r--r-- 1 root root 128 624 20:31 lnmp.yml
drwxr-xr-x 5 root root  67 624 18:12 roles    

(4)先做mysql的部分

******先创建mysql的入口文件,用来调用mysql_install
[root@ansible lnmp]# vim mysql.yml
---
- hosts: web02
  remote_user: root
  gather_facts: True
  roles:
    - mysql_install
 
 
******创建变量文件 
[root@ansible lnmp]# vim roles/mysql_install/vars/main.yml    
mysql_ver: 5.7.12    #要注意上传的mysql的版本要和这样相同
mysql_user: mysql
mysql_port: 3306
mysql_passwd: 123123
source_dir: /usr/src
base_dir: /usr/local/mysql
data_dir: /usr/local/mysql/data


******创建模板文件
[root@ansible lnmp]# vim roles/mysql_install/templates/my.cnf.j2  #创建jinja2模板配置文件
[mysqld]
basedir =  base_dir 
datadir =  data_dir 
port =  mysql_port 
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
character_set_server=utf8
init_connect='SET NAMES utf8'
log-error= base_dir /logs/mysqld.log
pid-file= base_dir /data/ ansible_fqdn .pid
skip-name-resolve
explicit_defaults_for_timestamp=true
#保存退出


******创建mysql服务文件
[root@ansible lnmp]# vim roles/mysql_install/templates/mysqld.service.j2  #服务启动脚本
[Unit]
Description=mysql server
After=network.target

[Service]
User= mysql_user 		
Group= mysql_user 

Type=forking
ExecStart= base_dir /bin/mysqld.sh start
ExecStop= base_dir /bin/mysqld.sh stop
PIDFile= data_dir / ansible_fqdn .pid

[Install]
WantedBy=multi-user.target
PrivateTmp=false
#保存退出


******更改数据库root密码的脚本
[root@ansible lnmp]# vim roles/mysql_install/templates/change_passwd.sh
#!/bin/bash
#该脚本用于更改数据库root密码

passwd= mysql_passwd 
 base_dir /bin/mysql -uroot -D mysql -e "UPDATE user SET authentication_string=PASSWORD("$passwd") WHERE user='root';"

 base_dir /bin/mysql -uroot -e "FLUSH PRIVILEGES;"

 base_dir /bin/mysql -uroot -p$passwd -e "grant all privileges on *.* to root@'%'  identified by '$passwd';"
#保存退出


******环境准备,编写任务
[root@ansible lnmp]# vim roles/mysql_install/tasks/prepare.yml  #安装mysql依赖的剧本
- name: 安装常用软件包
  yum:
    name:
      - ncurses-devel
      - cmake
      - gd 
      - libxml2-devel
      - libjpeg-devel 
      - libpng-devel
      - pcre-devel
      - zlib-devel
#保存退出      


******编写源码安装MySQL的剧本
[root@ansible lnmp]# vim roles/mysql_install/tasks/copy.yml
- name: 创建mysql用户组
  group: name= mysql_user   state=present
- name: 创建mysql用户组
  group: name= mysql_user   state=present

- name: 创建mysql用户
  user: name= mysql_user   group= mysql_user   state=present create_home=False shell=/sbin/nologin

- name: 解压cmake源码包
  unarchive: src=cmake-2.8.6.tar.gz dest= source_dir 

- name: 解压mysql源码包
  unarchive: src=mysql-5.6.36.tar.gz dest= source_dir 

- name: 安装cmake
  shell: "cd /usr/src/cmake-2.8.6 && ./configure && gmake && gmake install"

- name: 安装mysql
  shell: "cd /usr/src/mysql-5.6.36/ && cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DSYSCONFDIR=/etc -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EXTRA_CHARSETS=all && make && make install && chown -R  mysql_user : mysql_user   base_dir  && rm -rf /etc/my.cnf && cp /usr/src/mysql-5.6.36/support-files/mysql.server /usr/local/mysql/bin/mysqld.sh && chmod +x /usr/local/mysql/bin/mysqld.sh"

- name: 拷贝mysql的配置文件
  template: src=my.cnf.j2 dest=/etc/my.cnf owner=root group=root

- name: 拷贝mysql服务文件
  template: src=mysqld.service.j2 dest=/usr/lib/systemd/system/mysqld.service owner=root group=root

- name: 创建mysql日志存放路径
  file: dest= base_dir /logs state=directory owner= mysql_user  group= mysql_user 
  #保存退出
  
  
******编写mysql初始化剧本
[root@ansible lnmp]# vim roles/mysql_install/tasks/install.yml
- name: mysql初始化
  shell: " base_dir /scripts/mysql_install_db --user= mysql_user  --basedir= base_dir   --datadir= data_dir "

- name: 配置环境变量
  shell: "ln -s /usr/local/mysql/bin/* /usr/local/bin/"

- name: 启动mysql并开机启动
  shell: "systemctl daemon-reload && systemctl enable mysqld && systemctl start mysqld"

- name: 拷贝更改密码脚本
  template: src=change_passwd.sh dest= source_dir /change_passwd.sh owner=root group=root
  #保存退出
  
  
******编写引用文件main.yml
[root@ansible lnmp]# vim roles/mysql_install/tasks/main.yml
- include: prepare.yml
- include: copy.yml
- include: install.yml


******查看mysql_install的树状结构
[root@ansible lnmp]# cd roles/mysql_install/
[root@ansible mysql_install]# tree
.
├── files
│   ├── cmake-2.8.6.tar.gz
│   └── mysql-5.7.12.tar.gz
├── handlers
├── meta
├── tasks
│   ├── copy.yml
│   ├── install.yml
│   ├── main.yml
│   └── prepare.yml
├── templates
│   ├── change_passwd.sh
│   ├── my.cnf.j2
│   └── mysqld.service.j2
└── vars
    └── main.yml
[root@ansible mysql_install]# cd ../../

(5)做php部分

******和mysql相同先做php入口文件
[root@ansible lnmp]# vim php.yml
---
- hosts: web02
  remote_user: root
  gather_facts: True
  roles:
    - php_install
#保存退出

    
******创建变量文件
[root@ansible lnmp]# vim roles/php_install/vars/main.yml  #定义php的变量
php_ver: 5.5.38
php_user: php
php_port: 9000
source_dir: /usr/src
php_dir: /usr/local/php5
mysql_dir: /usr/local/mysql
#保存退出


******创建模板文件
[root@ansible lnmp]# cd roles/php_install/files/
[root@ansible files]# ll
总用量 17372
-rw-r--r-- 1 root root 17785731 624 20:29 php-5.5.38.tar.gz
[root@ansible files]# ll   #先上传php的配置文件
总用量 17396
-rw-r--r-- 1 root root 17785731 624 20:29 php-5.5.38.tar.gz
-rw-r--r-- 1 root root    22561 624 21:11 php-fpm.conf
[root@ansible files]# cd ..
[root@ansible php_install]#  cd ..
[root@ansible roles]# cd ..


******编写php环境准备的剧本
[root@ansible lnmp]# vim roles/php_install/tasks/copy.yml
- name: 创建php用户组
  group: name= php_user   state=present

- name: 创建php用户
  user: name= php_user   group= php_user   state=present create_home=False shell=/sbin/nologin

- name: 解压php包
  unarchive: src=php- php_ver .tar.gz dest= source_dir 
#保存退出


******编写安装php的剧本
[root@ansible lnmp]# vim roles/php_install/tasks/install.yml
- name: 编译php
  shell: "cd /usr/src/php-5.5.38/ && ./configure --prefix=/usr/local/php5 --with-gd --with-zlib --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config  --with-config-file-path=/usr/local/php5 --enable-mbstring --enable-fpm --with-jpeg-dir=/usr/lib && make && make install && cp php.ini-development /usr/local/php5/php.ini && ln -s /usr/local/php5/bin/* /usr/local/bin/ && ln -s /usr/local/php5/sbin/* /usr/local/sbin/"

- name: 修改php-fpm配置_1
  copy: src=php-fpm.conf dest=/usr/local/php5/etc/php-fpm.conf

- name: 启动php
  shell: "/usr/local/sbin/php-fpm"
#保存退出


******编写php的引用文件
[root@ansible lnmp]# vim roles/php_install/tasks/main.yml
- include: copy.yml
- include: install.yml
#保存退出

(6)做nginx部分

******创建ngxin的入口文件
[root@ansible lnmp]# vim nginx.yml
---
- hosts: web02
  remote_user: root
  hather_facts: True
  roles:
    - nginx_install
#保存退出


******创建变量文件
[root@ansible lnmp]# vim roles/nginx_install/vars/main.yml
nginx_ver: 1.12.0
nginx_user: nginx
nginx_port: 80
source_dir: /usr/src
nginx_dir: /usr/local/nginx
#保存退出


******创建模板文件
[root@ansible lnmp]# vim roles/nginx_install/templates/nginx.j2 
#!/bin/bash
# chkconfig: - 99 20
# description: Nginx Server Control Script
NP=" nginx_dir /sbin/nginx"
NPF=" nginx_dir /logs/nginx.pid"
case "$1" in
  start)
    $NP;
    if [ $? -eq 0 ]
    then
      echo "nginx is starting!! "
    fi
  ;;
  stop)
    kill -s QUIT $(cat $NPF)
    if [ $? -eq 0 ]
    then
    echo "nginx is stopping!! "
    fi
  ;;
  restart)
    $0 stop
    $0 start
  ;;
  reload)
    kill -s HUP $(cat $NPF)
    if [ $? -eq 0 ]
    then
      echo "nginx config file is reload! "
    fi
  ;;
  *)
    echo "Usage: $0 start|stop|restart|reload"
    exit 1
esac
exit 0
#保存退出


******编写nginx环境准备剧本
[root@ansible lnmp]# vim roles/nginx_install/tasks/copy.yml
- name: 创建nginx用户
  user: name= nginx_user  state=present create_home=False shell=/sbin/nologin

- name: 解压nginx包
  unarchive: src=nginx- nginx_ver .tar.gz dest= source_dir 
#保存退出


******编写安装nginx的剧本
[root@ansible lnmp]# cd roles/nginx_install/templates/
[root@ansible templates]# ll   #因为下面的剧本使用的是template模块,所以把文件传到template目录下
总用量 16
-rw-r--r-- 1 root root 1243 624 23:14 nginx.conf
-rw-r--r-- 1 root root  604 624 21:25 nginx.j2
-rw-r--r-- 1 root root   23 624 23:14 testa.php
-rw-r--r-- 1 root root  116 624 23:14 testm.php
[root@ansible templates]# cd ../../../
[root@ansible lnmp]# vim roles/nginx_install/tasks/install.yml
- name: 编译nginx
  shell: "cd /usr/src/nginx-1.12.0/ && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && make && make install && ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/"
- name: 上传nginx启动脚本
  template: src=nginx.j2 dest=/etc/init.d/nginx mode=777

- name: 上传nginx配置文件
  template: src=nginx.conf dest=/usr/local/nginx/conf/nginx.conf

- name: 上传php测试页面
  template: src=testa.php dest=/usr/local/nginx/html

- name: 上传mysql测试页面
  template: src=testm.php dest=/usr/local/nginx/html

- name: 设置nginx为系统服务
  shell: chkconfig --add nginx

- name: 启动nginx
  service: name=nginx state=started
#保存退出


******编写nginx的引用文件
[root@ansible lnmp]# vim roles/nginx_install/tasks/main.yml
- include: /etc/ansible/roles/lnmp/roles/mysql_install/tasks/prepare.yml  #这里调用的是其他角色的文件,所以需要写绝对路径
- include: copy.yml
- include: install.yml

(7)检查语法

[root@ansible lnmp]# ansible-playbook -C lnmp.yml 

PLAY [web02] ****************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.100.204]

TASK [mysql_install : 安装常用软件包] **********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql用户组] *******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql用户组] *******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql用户] ********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 解压cmake源码包] *******************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 解压mysql源码包] *******************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 安装cmake] **********************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 安装mysql] **********************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 拷贝mysql的配置文件] *****************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 拷贝mysql服务文件] ******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql日志存放路径] ****************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : mysql初始化] *********************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 配置环境变量] ***********************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 启动mysql并开机启动] *****************************************************************************************************
skipping: [192.168.100.204]

TASK [mysql_install : 执行更改密码的脚本] ********************************************************************************************************
changed: [192.168.100.204]

TASK [php_install : 创建php用户组] ***********************************************************************************************************
changed: [192.168.100.204]

TASK [php_install : 创建php用户] ************************************************************************************************************
changed: [192.168.100.204]

TASK [php_install : 解压php包] *************************************************************************************************************
skipping: [192.168.100.204]

TASK [php_install : 编译php] **************************************************************************************************************
skipping: [192.168.100.204]

TASK [php_install : 修改php-fpm配置_1] ******************************************************************************************************
changed: [192.168.100.204]

TASK [php_install : 启动php] **************************************************************************************************************
skipping: [192.168.100.204]

TASK [nginx_install : 安装常用软件包] **********************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 创建nginx用户] ********************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 解压nginx包] *********************************************************************************************************
skipping: [192.168.100.204]

TASK [nginx_install : 编译nginx] **********************************************************************************************************
skipping: [192.168.100.204]

TASK [nginx_install : 上传nginx启动脚本] ******************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 上传nginx配置文件] ******************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 上传php测试页面] ********************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 上传mysql测试页面] ******************************************************************************************************
changed: [192.168.100.204]

TASK [nginx_install : 设置nginx为系统服务] *****************************************************************************************************
skipping: [192.168.100.204]

TASK [nginx_install : 启动nginx] **********************************************************************************************************
changed: [192.168.100.204]

PLAY RECAP ******************************************************************************************************************************
192.168.100.204            : ok=19   changed=18   unreachable=0    failed=0   

(8)执行剧本

[root@ansible lnmp]# ansible-playbook  lnmp.yml 

PLAY [web02] ****************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.100.204]

TASK [mysql_install : 安装常用软件包] **********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql用户组] *******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql用户组] *******************************************************************************************************
ok: [192.168.100.204]

TASK [mysql_install : 创建mysql用户] ********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 解压cmake源码包] *******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 解压mysql源码包] *******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 安装cmake] **********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 安装mysql] **********************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 拷贝mysql的配置文件] *****************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 拷贝mysql服务文件] ******************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : 创建mysql日志存放路径] ****************************************************************************************************
changed: [192.168.100.204]

TASK [mysql_install : mysql初始化] **************************

以上是关于Ansible项目实战搭建lnmp的主要内容,如果未能解决你的问题,请参考以下文章

LNMP项目实战-WordPress站点搭建

用ansible剧本搭建lnmp

项目实战1—LNMP的搭建nginx反向代理和缓存等的实现

使用Ansible搭建LNMP

keepalived高可用haproxy+varnish+lnmp实现站点搭建与ansible实现

LNMP平台搭建网站实战案例