【自动化运维】编写LNMP分布式剧本

目录

• [一 playbook编写LNMP](#一 playbook编写LNMP)
• 1.1环境设置
• 1.2编写Nginx剧本
• • 1.3、编写Mysql剧本
  • 1.4准备PHP剧本

一 playbook编写LNMP

1.1环境设置

ip	服务
192.168.243.100	ansible
192.168.243.102	nginx
192.168.243.103	PHP
192.168.243.104	mysql

1.2编写Nginx剧本

1.编写Nginx源

mkdir -p /etc/ansible/playbook/nginx
cd /etc/ansible/playbook/nginx
vim nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

2.准备配置文件开放PHP的访问路径

vim default.conf 
...
location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm index.php;# 添加Nginx.php匹配项
    }
....
location ~ \.php$ {
        root           html;
        fastcgi_pass   192.168.243.103:9000;  #执行php的服务器和端口
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html$fastcgi_script_name;
        include        fastcgi_params;

3.php测试页面

vim /etc/ansible/playbook/nginx/index.php
<?php
phpinfo();
?>

4.nginx剧本

vim /etc/ansible/playbook/nginx/nginx.yml 
- name: LAMP nginx
  hosts: webservers
  remote_user: root
  tasks:
  - name: stop firewalld #关闭防火墙
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux #关闭selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: nginx.repo #准备Nginx的yum源
    copy: src=/etc/ansible/playbook/nginx/nginx.repo dest=/etc/yum.repos.d/nginx.repo

  - name: install nginx #下载nginx
    yum: name=nginx

  - name: start nginx #启动Nginx
    service: name=nginx state=started enabled=yes

  - name: copy nginx.conf #修改配置文件
    copy: src=/etc/nginx/conf.d/default.conf dest=/etc/nginx/conf.d/default.conf
    notify: "restart nginx" #指定触发器

  - name: index.php #准备网页测试王建
    copy: src=/etc/ansible/playbook/nginx/index.php dest=/usr/share/nginx/html

  handlers:
  - name: restart nginx #触发器任务，重启Nginx
    service: name=nginx state=restarted

1.3、编写Mysql剧本

1.编写密码获取脚本

mkdir -p /etc/ansible/playbook/mysql
vim /etc/ansible/playbook/mysql/passwd.sh

#!/bin/bash
#获取Mysql的密码
passd=$(grep "password" /var/log/mysqld.log | awk '{print $NF}' | head -1)
#更改密码
mysql -uroot -p"$passd" --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Admin@123';"
#授权
mysql -uroot -pAdmin@123 -e "grant all privileges on *.* to root@'%' identified by 'Admin@123' with grant option;

2.准备Mysql的yum源

sed -i 's/gpgcheck=1/gpgcheck=0/' /etc/yum.repos.d/mysql-community.repo

2.编写mysql剧本

vim /etc/ansible/playbook/mysql/mysql.yml
- name: LAMP mysql
  hosts: mysql
  remote_user: root
  tasks:
  - name: stop firewalld
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: install mysql.repo #转变mysql瞎子啊源
    shell: wget https://repo.mysql.com/mysql57-community-release-el7-11.noarch.rpm && rpm -ivh mysql57-community-release-el7-11.noarch.rpm
    ignore_errors: true

  - name: mysql.repo #修改yum源，把仓库打开
    copy: src=/etc/yum.repos.d/mysql-community.repo dest=/etc/yum.repos.d/mysql-community.repo

  - name: install mysql #下载mysql
    yum: name=mysql-server

  - name: start msql #启动mysql
    service: name=mysqld state=started enabled=yes

  - name: grep passwd #指定修改密码脚本，修改密码并授权
    script: /etc/ansible/playbook/mysql/passwd.sh

1.4准备PHP剧本

1.两个配置文件php.ini

#添加修改时时区
date.timezone = Asia/Shanghai

2.www.conf文件

user = php
group = php
listen = 192.168.243.103:9000
listen.allowed_clients = 192.168.243.102

3.编写php剧本

vim //etc/ansible/playbook/php.yml
- name: LAMP nginx
  hosts: dbservers
  remote_user: root
  tasks:
  - name: stop firewalld
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: install php1 #准备php下载源
    shell: rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
    ignore_errors: true

  - name: install php2 #下载PHP及依赖包
    shell: yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-pdo php72w-xml php72w-fpm php72w-mysqlnd php72w-opcache
    ignore_errors: true

  - name: start php #开启php
    service: name=php-fpm state=started enabled=yes

  - name: user php #创建运行用户
    user: name=php create_home=no shell=/sbin/nologin

  - name: php.ini #修改配置文件
    copy: src=/etc/ansible/playbook/php.ini dest=/etc/php.ini

  - name: www.conf
    copy: src=/etc/ansible/playbook/www.conf dest=/etc/php-fpm.d/www.conf
  - name: create nginx
    file: name=/usr/share/nginx state=directory

  - name: create nginx
    file: name=/usr/share/nginx/html state=directory

  - name: index.php #准备测试页面
    copy: src=/etc/ansible/playbook/nginx/index.php dest=/usr/share/nginx/html