linux系统ansible一键完成三大服务器基础配置(剧本)

Posted wanglonglong

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了linux系统ansible一键完成三大服务器基础配置(剧本)相关的知识,希望对你有一定的参考价值。

ansible自动化管理剧本方式一键完成三大服务器基础配置

环境准备:五台服务器:管理机m01:172.16.1.61,两台web服务器172.16.1.7,172.16.1.8,nfs存储服务器172.16.1.31,备份服务器rsync172.16.1.41

要求实现:nfs服务器共享目录/data给两台web服务器

                  三台服务器可以通过定时任务 备份到备份服务器rsync

                实时监控nfs/data目录,并实时备份到备份服务器rsync

开整:

一、配置管理机m01

1.下载基本软件

cd /server/scripts

vim benjipeizhi.sh

#!/bin/sh

yum install oppenssh oppenssl -y &&\

systemctl restart sshd &&\

systemctl enable sshd &&\

yum install opel-releare -y &&\

yum install ansible -y &&\

yum install libselinux-python -y

 

3.编辑主机列表,方便批量管理(1代表服务端,2代表客户端)

vim /etc/ansible/hosts

[oldboy]

172.16.1.7

172.16.1.8

172.16.1.31

172.16.1.41

 

[rsync]

172.16.1.41

 

[rsync2]

172.16.1.7

172.16.1.8

172.16.1.41

 

[nfs1]

172.16.1.31

 

[nfs2]

172.16.1.7

172.16.1.8

 

[sersync]

172.16.1.31

 

4.创建并分发公钥,实现免密连接

vim fenfa.sh

#!/bin/sh

ssh-keygen -f ~/.ssh/id_rsa -P ‘‘ -q

for ip in 7 8 31 41

do

   sshpass -p123456 ssh-copy-id -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.$ip

done

 

5.下载sersync实时监控软件(本人是从桌面直接拉虚拟机的)

解压然后编辑配置文件(适当修改部分即可)这一个是通过copy模块远程复制过去的,在本机编辑好

vim /server/tools/appliction/sersync/conf

<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="false"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>

<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="backup"/>
<remote ip="172.16.1.41" name="oldboy"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>

 

rsync服务端配置文件也是通过copy模块远程推送,所以现在本机编辑好

vim /etc/rsyncd.conf

#!/bin/sh

uid = rsync

gid =  rsync

use chroot = no

fake super = yes

max connections =200

timeout = 600

pid file = /var/run/rsyncd.pid

lock file = /var/run/rsync.lock

log file = /var/log/rsyncd.log

ignore errors

read only = false

list = false

list = false

hosts allow = 172.16.1.0/24

auth users = rsync_backup

secrets file = /etc/rsync.password

[backup]

comment = welcome to oldboyedu backup!

path = /backup/

 

6.连接测试

sh fenfa.sh  执行创建并分发公钥的脚本

ansible oldboy -m command -a "ifconfig"  显示四台服务器IP说明远程连接成功

 

重点来啦,写剧本

在/etc/ansible下创建yaml目录,剧本名为one.yml

mkdir -p /etc/ansible/yaml

vim one.yml

- hosts: nfs1

  tasks:

    - name: 安装nfs

      yum: name=nfs-utils state=installed

 

    - name: 安装rpc

      yum: name=rpcbind state=installed

 

    - name: 编辑nfs共享目录为/data

      shell: echo "/data 172.16.1.0/24(rw,anync,all_squash)" >/etc/exports

 

    - name: 创建目录data

      file: name=/data state=dircetory mode=0755 owner=nfsnobody group=nfsnobody

 

    - name: 写入密码

      shell: echo "export RSYNC_PASSWORD=123456" >>/etc/bashrc

      shell: source /etc/bashrc

      shell: echo "123456" >/etc/rsync.password

 

    - name: 启动rpc并开机自启动

      systemd: name=rpcbind.service enabled=yes state=started

 

    - name: 启动nfs并开机自启动

      systemctl: name=nfs enbaled=yue state=started

- hosts: nfs2

  tasks

    - name: 安装nfs和rpc

      shell: yum install nfs-utils -y

      shell: yum install rpcbind -y

 

    - name: 启动prc并开机自启动

      systemd: name=rpcbind.service enabled=yes state=started

 

    -name: 启动nfs

      systemd: name=nfs enabled=yes start=started

 

    - name: 写入挂载目录到fstab

      mount: src=‘172.16.1.31:/data‘ path=/mnt fstype=nfs opts=rw state=present

    - name: 生效fstab

      shell: mount -a

 

    - name: 写入密码

      shell: echo "export RSYNC_PASSWORD=123456" >>/etc/bashrc

      shell:source /etc/bashrc

      shell: echo "123456" >/etc/rsync.password

 

- hosts:rsync1

  tasks:

    - name: 安装rsync

      yum: name=rsync state=installed

 

    - name: 把本地配置好的rsync服务端配置文件拷贝过去

      copy: src=/etc/rsyncd.conf dest=/etc/rsyncd.conf mode=0600 backup=yes

 

    - name: 写入密码

      shell: echo "rsync_backup:123456" >/etc/rsync.password

 

    - name: 设置密码权限

      file: path=/etc/rsync.password mode=0600

 

    - name: 创建用户

    user: name=rsync

 

    - name: 创建backup备份目录

      file: name=/backup state=directory mode=0755 recurse=yes owner=rsync group=rsync

 

    - name: 启动rsync服务

      systemd: name=rsync enabled=yes state=started

 

- hosts: rsync2

  tasks:

    - name: 安装rsync

      yum: name=rsync state=installed

 

    - name: 密码写入

      shell: echo "export RSYNC_PASSWORD=123456" >>/etc/bashrc

      shell: source /etc/bashrc

      shell: echo "123456" >/etc/rsync.password

 

    - name: 设置密码权限

      filse: name=/etc/rsync.password mode=0600

 

    - name: 启动rsync

      systemd: name=rsyncd enabled=yes state=started

 

- hosts: sersync

  tasks:

    - name:  下载监控机制

      yum: name=inotify-tools state=installed

 

    - name: 复制本地编辑好的配置文件

      copy: src=/server/tools dest=/server/tools

      copy: src=/server/tools/applicantion dest=/ mode=755

 

    - name: 启动监控

      shell: /application/sersync/bin/sersync -d -n 10 -o /application/sersync/conf/confxml.xml

 

测试执行:ansible-playbook -C one.yml

正式执行:ansible-playbook one.yml

 

以上是关于linux系统ansible一键完成三大服务器基础配置(剧本)的主要内容,如果未能解决你的问题,请参考以下文章

ansible-playbook一键化部署apache服务

Linux:综合架构批量管理服务(ansible)-- 下

我们喜欢Ansible的三大理由

Linux上一键部署KMS

Ansible Roles 一键完成LNMP

《Linux运维实战:Centos7.6基于ansible一键离线部署elasticsearch7.6.2容器版分布式集群》