通过ansible部署klnmp

实战目标:通过ansible部署

(1) 主/备模型的keepalived+nginx; 

(2) httpd+php+php-mysql; 

(3) mysql-server或mariadb-server;

拥有testdb库,并允许testuser对其拥有所有权限;

本实验基于centos7.2

本实验仅供参考

拓扑图

blob.png

blob.png

1,先安装ansible服务端

yum install ansible

2,修改配置文件

vim /etc/ansible/hosts

blob.png

[webs]
192.168.153.129 ansible_ssh_user='root' ansible_ssh_pass='root'  statetype='MASTER' priority='100' # keepalived master 
192.168.153.130 ansible_ssh_user='root' ansible_ssh_pass='root'  statetype='BACKUP' priority='98' # keepalived backup
192.168.153.131 ansible_ssh_user='root' ansible_ssh_pass='root'    # httpd  master
192.168.153.132 ansible_ssh_user='root' ansible_ssh_pass='root'    # httpd backup
192.168.153.133 ansible_ssh_user='root' ansible_ssh_pass='root'    # mysql

2,创建角色及其目录

cd /etc/ansible/roles
mkdir keepalived-nginx
cd keepalived-nginx
mkdir tasks handlers templates files vars

blob.png

3,创建主文件

vim /etc/ansible/roles/keepalived_nginx/keepalived.yaml

blob.png

4,编写task文件

vim /etc/ansible/roles/keepalived_nginx/tasks/main.yml

- name: stop selinux firewall
  shell: iptables -F;setenforce 0;yum install -y libselinux-python
- name: install keepalived-nginx
  shell: yum install -y wget  keepalived psmisc ; wget ftp://10.1.0.1/pub/Sources/7.x86_64/nginx/nginx-1.10.0-1.el7.ngx.x86_64.rpm ; yum install ./nginx-1.10.0-1.el7.ngx.x86_64.rpm -y
  with_items: ansible_all_ipv4_addresses
  when: ( item  ==  "{{ keepalived_master }}"  or item == "{{  keepalived_backup }}" ) and ansible_distribution_major_version == "7"
- name: copy keepalived config
  template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ keepalived_master }}"  or item == "{{  keepalived_backup }}"
- name: copy nginx config
  template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ keepalived_master }}"  or item == "{{  keepalived_backup }}"
- name: start keepalived
  shell: systemctl start keepalived nginx
  with_items: ansible_all_ipv4_addresses
  when: ( item  ==  "{{ keepalived_master }}"  or item == "{{  keepalived_backup }}" ) and ansible_distribution_major_version == "7"
- name: install mariadb
  shell: yum install -y mariadb-server nfs-utils
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}" and ansible_distribution_major_version == "7"
- name: copy web_files
  template: src=web.sh.j2 dest=/tmp/web.sh
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}"
- name: copy config
  copy: src=my.cnf dest=/etc/my.cnf
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}"
- name: start mariadb
  shell: systemctl start mariadb rpcbind ;bash /tmp/web.sh;systemctl start nfs
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}" and ansible_distribution_major_version == "7"
- name: cp database
  template: src=mysql.j2 dest=/tmp/mysql
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}"
- name: creta database
  shell: mysql < /tmp/mysql
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ mysql }}"
- name: install httpd_php
  shell: yum install -y php php-mysql php-mbstring php-gd php-mcrypt httpd nfs-utils
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ php_master }}"  or item == "{{  php_backup }}"
- name: mount webs
  shell: mount -t nfs {{ mysql }}:/web/apps/dz /var/www/html
  with_items: ansible_all_ipv4_addresses
  when: item  == "{{ php_master }}"  or item == "{{  php_backup }}"
- name: start httpd
  shell: systemctl start httpd
  with_items: ansible_all_ipv4_addresses
when: ( item  ==  "{{ php_master }}"  or item == "{{  php_backup }}" ) and ansible_distribution_major_version == "7"

5,编写var变量

vim /etc/ansible/roles/keepalived_nginx/vars/main.ym

 keepalived_master: 192.168.153.129
 keepalived_backup: 192.168.153.130
 php_master: 192.168.153.131
 php_backup: 192.168.153.132
 mysql: 192.168.153.133
 virtual_ip: 192.168.153.100
 vrrp_mcast: 224.0.41.41
 iface: eno33554984

blob.png

6,编写file文件

vim /etc/ansible/roles/keepalived_nginx/files/my.cnf

blob.png

7,编写template文件

blob.png

7.1

vim keepalived.conf.j2

 

! Configuration File for keepalived
global_defs {
   notification_email {
        root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_mcast_group4 {{ vrrp_mcast }}
}
vrrp_script chk_nginx {
   script "killall -0 nginx && exit 0 || exit 1"
   interval 1
   weight -5
}
vrrp_script chk_downfile {
   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
   interval 1
   weight -5
}
vrrp_instance VI_1 {
    state {{ statetype }}
    interface {{ iface }}
    virtual_router_id 41
    priority {{ priority }}
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass oiejn78c
    }
    virtual_ipaddress {
        {{ virtual_ip }}
    }
    track_script {
        chk_nginx
        chk_downfile
    }
}

7.2

vim mysql.j2

create database testdb;
grant all on testdb.* to 'testuser'@'{{ php_master }}' identified by 'testpass';
grant all on testdb.* to 'testuser'@'{{ php_backup }}' identified by 'testpass';
flush privileges;

blob.png

7.3

vim nginx.conf.j2
user  nginx;
worker_processes  1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {
    worker_connections  1024;
}
stream {
        upstream webs {
                server {{ php_master }}:80;
                server {{ php_backup }}:80;
                hash $remote_addr;
        }
        server {
                listen 80;
                proxy_pass webs;
        }
}

blob.png

7.4

vim web.sh.j2
#/bin/bash
id apache || useradd -r -u 48 apache   &> /dev/null
yum install -y wget
wget ftp://10.1.0.1/pub/Sources/sources/php/Discuz_X3.2_SC_UTF8.zip
unzip -n  Discuz_X3.2_SC_UTF8.zip &> /dev/null
mkdir /web/apps/dz/ -p
mv -f  upload/* /web/apps/dz/  &> /dev/null
setfacl -R -m u:apache:rwx /web/apps/dz/
echo "/web/apps/dz/  {{ php_master }}(rw,sync) {{ php_backup }}(rw,sync)"  > /etc/exports

blob.png

8,测试

[root@localhost keepalived_nginx]# ansible-playbook  keepalived.yaml 
PLAY [webs] ******************************************************************* 
GATHERING FACTS *************************************************************** 
ok: [192.168.153.129]
ok: [192.168.153.130]
ok: [192.168.153.131]
ok: [192.168.153.132]
ok: [192.168.153.133]
TASK: [keepalived_nginx | stop selinux firewall] ****************************** 
changed: [192.168.153.129]
changed: [192.168.153.130]
changed: [192.168.153.131]
changed: [192.168.153.132]
changed: [192.168.153.133]
TASK: [keepalived_nginx | install keepalived-nginx] *************************** 
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
changed: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
TASK: [keepalived_nginx | copy keepalived config] ***************************** 
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
changed: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
TASK: [keepalived_nginx | copy nginx config] ********************************** 
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
changed: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
TASK: [keepalived_nginx | start keepalived] *********************************** 
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
changed: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
TASK: [keepalived_nginx | install mariadb] ************************************ 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | copy web_files] ************************************* 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | copy config] **************************************** 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | start mariadb] ************************************** 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | cp database] **************************************** 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | creta database] ************************************* 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
changed: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
TASK: [keepalived_nginx | install httpd_php] ********************************** 
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
changed: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
changed: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
TASK: [keepalived_nginx | mount webs] ***************************************** 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
changed: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
changed: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
TASK: [keepalived_nginx | start httpd] **************************************** 
skipping: [192.168.153.129] => (item=192.168.153.129)
skipping: [192.168.153.129] => (item=10.1.249.63)
skipping: [192.168.153.130] => (item=192.168.153.130)
skipping: [192.168.153.130] => (item=10.1.249.36)
skipping: [192.168.153.133] => (item=192.168.153.133)
skipping: [192.168.153.133] => (item=10.1.249.46)
changed: [192.168.153.131] => (item=192.168.153.131)
skipping: [192.168.153.131] => (item=10.1.253.90)
changed: [192.168.153.132] => (item=192.168.153.132)
skipping: [192.168.153.132] => (item=10.1.252.176)
PLAY RECAP ******************************************************************** 
192.168.153.129            : ok=15   changed=5    unreachable=0    failed=0   
192.168.153.130            : ok=15   changed=5    unreachable=0    failed=0   
192.168.153.131            : ok=15   changed=4    unreachable=0    failed=0   
192.168.153.132            : ok=15   changed=4    unreachable=0    failed=0   
192.168.153.133            : ok=15   changed=7    unreachable=0    failed=0

9,访问移动ip 192.168.153.100

blob.pngblob.png

blob.png

  • 通过ansible部署klnmp已关闭评论
  • 2,105 views
    A+
发布日期:2016年11月06日  所属分类:linux
标签: