centos7.3上通过ansible配置nginx+tomcat环境

Posted 2020-10-08

拓扑及IP地址说明：

host1-4:

ansible: host1-192.168.80.71

nginx: host2-192.168.80.72

tomcat1: host3-192.168.80.73

tomcat1: host4-192.168.80.74

ansible---nginx---tomcat1&2

host1：

ansible需要配置epel和extras源，推荐使用阿里源

yum install ansible

编辑ansible的host解析文件：

# vi /etc/ansible/hosts
[nginx]
192.168.80.72
[tomcat]
192.168.80.73
192.168.80.74

配置ssh，分发pubkey到其他三台主机：

ssh-keygen -t rsa -P ‘‘
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

验证hosts主机解析:

ansible all --list-hosts
ansible nginx --list-hosts
ansible tomcat --list-hosts

创建role：

cd /etc/ansible/roles
ansible-galaxy init nginx
ansible-galaxy init tomcat
mkdir -pv {nginx,tomcat}/{templates,files}

目录结构如下

tree nginx
nginx
├── defaults
│   └── main.yml
├── files
│   └── lb.conf
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   └── main.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml
8 directories, 9 files

编辑nginx配置文件：

# cd nginx
# vi tasks/main.yml 
- name: install nginx
  yum: name=nginx state=latest
  when: ansible_os_family == "RedHat"
- name: copy config file
  copy: src=lb.conf dest=/etc/nginx/conf.d/
  tags: confignginx
  notify: reload nginx
- name: start nginx
  service: name=nginx state=started enabled=yes

# vi handlers/main.yml
- name: reload nginx
  command: nginx -s reload
  tags: reloadnginx

# vi templates/lb.conf
upstream tcsrvs {
server 192.168.80.73:8080;
server 192.168.80.74:8080;
}
server {
listen 80;
server_name {{ ansible_eth1.ipv4.address }};
location / {
proxy_pass http://tcsrvs;
}
}

编辑tomcat配置文件：

# cd ../tomcat
# vi tasks/main.yml
- name: install openjdk
  yum: name=java-1.8.0-openjdk-devel state=latest
- name: install tomcat package
  yum: name={{ item }} state=latest
  with_items:
  - tomcat
  - tomcat-webapps
  - tomcat-admin-webapps
  - tomcat-docs-webapp
  when: ansible_os_family == "RedHat"
- name: copy index
  template: src=index.jsp.j2 dest=/var/lib/tomcat/webapps/sample/index.jsp
- name: start tomcat
  service: name=tomcat state=started enabled=yes

# vi templates/index.jsp.j2
Host IP is {{ ansible_eth1.ipv4.address }}

编辑playbook文件：

# mkdir ../playbook
# vi playbook/nginx-tomcat.yml
- hosts: nginx
  remote_user: root
  roles:
  - nginx
- hosts: tomcat
  remote_user: root
  roles:
  - tomcat

host1测试并部署playbook：

ansible-playbook -Cv playbook/nginx-tomcat.yml
ansible-playbook playbook/nginx-tomcat.yml

验证Tomcat：

ansible tomcat -a ‘rpm -qa java*‘
ansible tomcat -a ‘rpm -qa tomcat*‘
ansible tomcat -a ‘ss -tnl‘

测试请使用Firefox浏览器，多次刷新测试nginx负载

http://192.168.80.72/sample/index.jsp

host3上配置tomcat-admin-webapps：

# vi /etc/tomcat/tomcat-users.xml
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="tomcat" password="tomcat" roles="admin-gui,manager-gui"/>

host1下载配置文件:

ansible 192.168.80.73 -m fetch -a "src=/etc/tomcat/tomcat-users.xml dest=/etc/ansible/roles/tomcat/files/ flat=yes"

ansible上再次编辑tomcat配置文件：

# cd ../tomcat
# vi tasks/main.yml  //增加如下内容
- name: tomcat manage
  copy: src=files/tomcat-users.xml dest=/etc/tomcat/tomcat-users.xml owner=root group=tomcat
  notify: restart tomcat

vi handlers/main.yml
- name: restart tomcat
  service: name=tomcat state=restarted

host1测试并重新部署playbook

ansible-playbook -C playbook/nginx-tomcat.yml
ansible-playbook playbook/nginx-tomcat.yml

测试nginx负载，请使用Firefox浏览器测试

http://192.168.80.72/manager/html

本文出自 “rackie” 博客，请务必保留此出处http://rackie386.blog.51cto.com/11279229/1967875