【自动化运维】编写LNMP分布式剧本

DDD嘀嘀嘀2023-08-04 18:30

目录

一 playbook编写LNMP

1.1环境设置

ip 服务
192.168.243.100 ansible
192.168.243.102 nginx
192.168.243.103 PHP
192.168.243.104 mysql

1.2编写Nginx剧本

1.编写Nginx源

bash 复制代码 
mkdir -p /etc/ansible/playbook/nginx
cd /etc/ansible/playbook/nginx
vim nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

2.准备配置文件开放PHP的访问路径

bash 复制代码 
vim default.conf 
...
location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm index.php;# 添加Nginx.php匹配项
    }
....
location ~ \.php$ {
        root           html;
        fastcgi_pass   192.168.243.103:9000;  #执行php的服务器和端口
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html$fastcgi_script_name;
        include        fastcgi_params;


3.php测试页面

bash 复制代码 
vim /etc/ansible/playbook/nginx/index.php
<?php
phpinfo();
?>

4.nginx剧本

bash 复制代码 
vim /etc/ansible/playbook/nginx/nginx.yml 
- name: LAMP nginx
  hosts: webservers
  remote_user: root
  tasks:
  - name: stop firewalld #关闭防火墙
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux #关闭selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: nginx.repo #准备Nginx的yum源
    copy: src=/etc/ansible/playbook/nginx/nginx.repo dest=/etc/yum.repos.d/nginx.repo

  - name: install nginx #下载nginx
    yum: name=nginx

  - name: start nginx #启动Nginx
    service: name=nginx state=started enabled=yes

  - name: copy nginx.conf #修改配置文件
    copy: src=/etc/nginx/conf.d/default.conf dest=/etc/nginx/conf.d/default.conf
    notify: "restart nginx" #指定触发器

  - name: index.php #准备网页测试王建
    copy: src=/etc/ansible/playbook/nginx/index.php dest=/usr/share/nginx/html

  handlers:
  - name: restart nginx #触发器任务,重启Nginx
    service: name=nginx state=restarted

1.3、编写Mysql剧本

1.编写密码获取脚本

bash 复制代码 
mkdir -p /etc/ansible/playbook/mysql
vim /etc/ansible/playbook/mysql/passwd.sh

#!/bin/bash
#获取Mysql的密码
passd=$(grep "password" /var/log/mysqld.log | awk '{print $NF}' | head -1)
#更改密码
mysql -uroot -p"$passd" --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Admin@123';"
#授权
mysql -uroot -pAdmin@123 -e "grant all privileges on *.* to root@'%' identified by 'Admin@123' with grant option;


2.准备Mysql的yum源

bash 复制代码 
sed -i 's/gpgcheck=1/gpgcheck=0/' /etc/yum.repos.d/mysql-community.repo

2.编写mysql剧本

bash 复制代码 
vim /etc/ansible/playbook/mysql/mysql.yml
- name: LAMP mysql
  hosts: mysql
  remote_user: root
  tasks:
  - name: stop firewalld
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: install mysql.repo #转变mysql瞎子啊源
    shell: wget https://repo.mysql.com/mysql57-community-release-el7-11.noarch.rpm && rpm -ivh mysql57-community-release-el7-11.noarch.rpm
    ignore_errors: true

  - name: mysql.repo #修改yum源,把仓库打开
    copy: src=/etc/yum.repos.d/mysql-community.repo dest=/etc/yum.repos.d/mysql-community.repo

  - name: install mysql #下载mysql
    yum: name=mysql-server

  - name: start msql #启动mysql
    service: name=mysqld state=started enabled=yes

  - name: grep passwd #指定修改密码脚本,修改密码并授权
    script: /etc/ansible/playbook/mysql/passwd.sh

1.4准备PHP剧本

1.两个配置文件php.ini

bash 复制代码 
#添加修改时时区
date.timezone = Asia/Shanghai

2.www.conf文件

bash 复制代码 
user = php
group = php
listen = 192.168.243.103:9000
listen.allowed_clients = 192.168.243.102

3.编写php剧本

bash 复制代码 
vim //etc/ansible/playbook/php.yml
- name: LAMP nginx
  hosts: dbservers
  remote_user: root
  tasks:
  - name: stop firewalld
    service: name=firewalld state=stopped enabled=no

  - name: stop selinux
    command: '/usr/sbin/setenforce 0'
    ignore_errors: true

  - name: install php1 #准备php下载源
    shell: rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
    ignore_errors: true

  - name: install php2 #下载PHP及依赖包
    shell: yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-pdo php72w-xml php72w-fpm php72w-mysqlnd php72w-opcache
    ignore_errors: true

  - name: start php #开启php
    service: name=php-fpm state=started enabled=yes

  - name: user php #创建运行用户
    user: name=php create_home=no shell=/sbin/nologin

  - name: php.ini #修改配置文件
    copy: src=/etc/ansible/playbook/php.ini dest=/etc/php.ini

  - name: www.conf
    copy: src=/etc/ansible/playbook/www.conf dest=/etc/php-fpm.d/www.conf
  - name: create nginx
    file: name=/usr/share/nginx state=directory

  - name: create nginx
    file: name=/usr/share/nginx/html state=directory

  - name: index.php #准备测试页面
    copy: src=/etc/ansible/playbook/nginx/index.php dest=/usr/share/nginx/html


相关推荐
AI服务老曹3 分钟前
成为一种国家战略范畴的新基建的智慧园区开源了
运维·人工智能·学习·开源·能源
陈奕迅本讯1 小时前
操作系统 4.4-从生磁盘到文件
linux·运维·服务器
杰克逊的日记1 小时前
kafka的topic扩容分区会对topic任务有什么影响么
分布式·kafka
落笔画忧愁e1 小时前
BGP路由协议
运维·服务器
渲染101专业云渲染2 小时前
Lumion 与 Enscape 怎么选?附川翔云电脑适配指南
服务器·分布式·电脑·blender·houdini
MarkHD2 小时前
第十七天 - Jenkins API集成 - 流水线自动化 - 练习:CI/CD流程优化
ci/cd·自动化·jenkins
BBM的开源HUB2 小时前
Debian/Ubuntu Server高效禁用海外IP访问的一种方法
运维·服务器
黄鹂绿柳3 小时前
自己搭建cesium应用程序
运维·服务器
开发小能手-roy3 小时前
如何设置Ubuntu服务器版防火墙
linux·运维·ubuntu
IT成长日记3 小时前
【Kafka基础】监控与维护:动态配置管理,灵活调整集群行为
分布式·kafka·动态配置管理
热门推荐
01我决定放弃搞 Java 了02RAG 实践- Ollama+RagFlow 部署本地知识库03从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑04DeepSeek RAGFlow构建本地知识库系统05汽车上的各种质量:整备质量、总质量、装载质量、簧上质量、簧下质量06DeepSeek各版本说明与优缺点分析07Vue环境搭建:vue+idea08生活电子常识--删除谷歌浏览器搜索记录09如何在WPS和Word/Excel中直接使用DeepSeek功能10Vue3 + TypeScript 的 Hooks 实用示例