Ansible-roles
一、roles作用
把playbook剧本里的各个play看作为角色,将各个角色的tasks任务、vars变量、templates模板、files文件等内容放置到角色的目录中统一管理,需要的时候可在playbook中直接使用roles调用,所以roles可以实现playbook代码的复用。
二、利用roles安装lnmp
ansible主机地址:192.168.111.10
vim /etc/ansible/hosts
[nginx]
192.168.111.20
[mysql]
192.168.111.30
[php]
192.168.111.40
1.在roles创建角色目录
mkdir /etc/ansible/roles/nginx/{files,templates,tasks,handlers,vars,defaults,meta} -p
mkdir /etc/ansible/roles/mysql/{files,templates,tasks,handlers,vars,defaults,meta} -p
mkdir /etc/ansible/roles/php/{files,templates,tasks,handlers,vars,defaults,meta} -p
2.创建角色的的配置文件
touch /etc/ansible/roles/nginx/{defaults,vars,tasks,meta,handlers}/main.yml
touch /etc/ansible/roles/mysql/{defaults,vars,tasks,meta,handlers}/main.yml
touch /etc/ansible/roles/php/{defaults,vars,tasks,meta,handlers}/main.yml
3.配置nginx角色
在file目录中添加配置文件
default.conf nginx.repo index.php
在tasks目录中创建main.yaml,ini.yaml文件
vim main.yaml
- include: "init.yml"
- name: copy nginx.repo
copy: src=nginx.repo dest=/etc/yum.repos.d/
- name: install nginx
yum: name=nginx
- name: copy
copy: src=default.conf dest=/etc/nginx/conf.d/default.conf
- name: index.php
copy: src=index.php dest=/usr/share/nginx/html
- name: start nginx
service: name=nginx state=started
vim init.yaml
- name: stop firewalld
service: name=firewalld state=stopped
- name: stop setenforce
command: '/usr/sbin/setenforce 0'
ignore_errors: True
4.配置mysql角色
在file目录中添加配置文件
vim mysql.sh
passd=$(grep "password" /var/log/mysqld.log | awk '{print $NF}'| head -1)
mysql -uroot -p"$passd" --connect-expired-password -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'Admin@123';"
mysql -uroot -pAdmin@123 -e "grant all privileges on *.* to root@'%' identified by 'Admin@123' with grant option;"
mysql-community.repo mysql-community-source.repo
在tasks目录中配置main.yaml文件
vim main.yaml
- include: "init.yml"
- name: copy mysql.repo
copy: src=mysql-community.repo dest=/etc/yum.repos.d/
- name: copy
copy: src=mysql-community-source.repo dest=/etc/yum.repos.d/
- name: install mysql-server
yum: name=mysql-server
- name: start mysql
service: name=mysqld.service state=started
- name: chushihua
script: mysql.sh
ignore_errors: True
5.配置php角色
在file目录中添加配置文件
vim index.php
<?php
phpinfo();
?>
在tasks目录中配置main.yaml文件
vim init.yaml
- name: stop firewalld
service: name=firewalld state=stopped
- name: stop setenforce
command: '/usr/sbin/setenforce 0'
ignore_errors: True
- include: "init.yml"
- name: install php.repo
shell: rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
ignore_errors: True
- name: install php
shell: yum -y install php72w php72w-cli php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-pdo php72w-xml php72w-fpm php72w-mysqlnd php72w-opcache
ignore_errors: True
- name: user
user: name=php
- name: web
file: name=/usr/share/nginx/html state=directory
#- name: index.php
# copy: src=index.php dest=/usr/share/nginx/html/
- name: modify php configuration file
replace: path=/etc/php.ini regexp=";date.timezone =" replace="date.timezone = Asia/Shanghai"
- name: modify username and groupname in www.conf
replace: path=/etc/php-fpm.d/www.conf regexp="apache" replace="php"
- name: modify listen addr in www.conf
replace: path=/etc/php-fpm.d/www.conf regexp="127.0.0.1:9000" replace="192.168.111.40:9000"
- name: modify allowed client in www.conf
replace: path=/etc/php-fpm.d/www.conf regexp="127.0.0.1" replace="192.168.111.20"
- name: start php-fpm
service: name=php-fpm state=started
6.配置主文件lnmp.yaml
vim lnmp.yaml
- name: nginx play
hosts: nginx
remote_user: root
roles:
- nginx
- name: mysql play
hosts: mysql
remote_user: root
roles:
- mysql
- name: php play
hosts: php
remote_user: root
roles:
- php