Ansible 批量部署

anseble role

bash 复制代码
[root@ubuntu24 ansible]$ tree
.
├── ansible.cfg
├── dns_master.yaml
├── dns_slave.yaml
├── hosts
├── LVS.yaml
├── mysql-discuz.yaml
├── mysql-jpress.yaml
├── nginx_php.yaml
├── roles
│   ├── LVS
│   │   ├── files
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   └── main.yaml
│   │   └── templates
│   ├── master_dns
│   │   ├── files
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── restart.yaml
│   │   └── templates
│   │       └── db.linux-magedu.com.j2
│   ├── mysql-discuz
│   │   ├── files
│   │   │   └── discuzer.sql
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── user.yaml
│   │   └── templates
│   ├── mysql-jpress
│   │   ├── files
│   │   │   └── jpresser.sql
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── user.yaml
│   │   └── templates
│   ├── nginx
│   │   ├── files
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── user.yaml
│   │   └── templates
│   │       └── www.linux-magedu.com.j2
│   ├── php
│   │   ├── files
│   │   │   └── Discuz_X3.5_SC_UTF8_20240520.zip
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── user.yaml
│   │   └── templates
│   ├── slave_dns
│   │   ├── files
│   │   ├── tasks
│   │   │   ├── configure.yaml
│   │   │   ├── install.yaml
│   │   │   ├── main.yaml
│   │   │   └── restart.yaml
│   │   └── templates
│   │       └── db.linux-magedu.com.j2
│   └── tomcat
│       ├── files
│       │   ├── apache-tomcat-9.0.89.tar.gz
│       │   └── jpress-v5.1.0.war
│       ├── tasks
│       │   ├── configure.yaml
│       │   ├── install.yaml
│       │   ├── main.yaml
│       │   └── user.yaml
│       └── templates
│           └── tomcat.service.j2
└── test.yaml

34 directories, 49 files

LVS

install.yaml

bash 复制代码
- name: install ipvsadm
  apt: name=ipvsadm state=present

configure.yaml

bash 复制代码
- name: ipv4.ip_forward
  shell: echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf

- name: Reload sysctl.conf
  shell: sysctl -p

- name: Create a cluster
  shell: ipvsadm -A -t 10.0.0.6:80 ; ipvsadm -A -t 10.0.0.16:80

- name: Add server
  shell: ipvsadm -a -t 10.0.0.6:80 -r 192.168.10.7:80 ; ipvsadm -a -t 10.0.0.16:80 -r 192.168.10.8:88

master_dns

install.yaml

bash 复制代码
- name: bind9
  apt: name=bind9 state=present

configure.yaml

bash 复制代码
- name: configure on named.conf.default-zones
  lineinfile:
    path: /etc/bind/named.conf.default-zones
    line: |
      zone "linux-magedu.com" IN {
          type master;
          file "/etc/bind/db.linux-magedu.com";
      };

- name: configure on db.linux-magedu.com
  template: src=db.linux-magedu.com.j2 dest=/etc/bind/db.linux-magedu.com

restart.yaml

bash 复制代码
- name: restart service
  service: name=named state=restarted

db.linux-magedu.com.j2

bash 复制代码
linux-magedu.com.       86400   IN      SOA     linux-magedu-dns. admin.linux-magedu.com. (143 3H 15M 1D 1W)
linux-magedu.com.       86400   IN      NS      dns1.linux-magedu.com.
linux-magedu.com.       86400   IN      NS      dns2.linux-magedu.com.

dns1.linux-magedu.com.  86400   IN      A       10.0.0.3
dns2.linux-magedu.com.  86400   IN      A       10.0.0.13

www.linux-magedu.com.   86400   IN      A       {{ targetIP }}

slave_dns

install.yaml

bash 复制代码
- name: bind9
  apt: name=bind9 state=present

configure.yaml

bash 复制代码
- name: configure on named.conf.default-zones
  lineinfile:
    path: /etc/bind/named.conf.default-zones
    line: >
      zone "linux-magedu.com" IN {
        type slave;
        masters {10.0.0.3;};
        file "/etc/bind/slaves/db.linux-magedu.com";
      };

- name: change apparmor
  lineinfile:
    path: /etc/apparmor.d/usr.sbin.named
    insertafter: "  /var/cache/bind/ rw,$"
    line: >
      /etc/bind/slaves/** rwk,
      /etc/bind/slaves/ rwk,

- name: restart apparmor
  service: name=apparmor state=restarted


- name: Create file
  file: path=/etc/bind/slaves state=directory mode=777

- name: configure on db.linux-magedu.com
  template: src=db.linux-magedu.com.j2 dest=/etc/bind/slaves/db.linux-magedu.com

restart.yaml

bash 复制代码
- name: restart service
  service: name=named state=restarted

db.linux-magedu.com.j2

bash 复制代码
linux-magedu.com.       86400   IN      SOA     linux-magedu-dns. admin.linux-magedu.com. (143 3H 15M 1D 1W)
linux-magedu.com.       86400   IN      NS      dns1.linux-magedu.com.
linux-magedu.com.       86400   IN      NS      dns2.linux-magedu.com.

dns1.linux-magedu.com.  86400   IN      A       10.0.0.3
dns2.linux-magedu.com.  86400   IN      A       10.0.0.13

www.linux-magedu.com.   86400   IN      A       {{ targetIP }}

nginx

user.yaml

bash 复制代码
- name: add-nginx-group
  group: name=nginx gid=800 system=yes

- name: add-nginx-user
  user: name=nginx group=800 system=yes uid=800 create_home=no

install.yaml

bash 复制代码
- name: install nginx
  apt: name=nginx state=present

configure.yaml

bash 复制代码
- name: add-configure
  template: src=www.linux-magedu.com.j2 dest=/etc/nginx/sites-enabled/www.linux-magedu.com

- name: Restart-service
  service: name=nginx state=restarted

<www.linux-magedu.com.j2>

bash 复制代码
server{

    listen 80;
    server_name www.linux-magedu.com;
    root /var/www/html/www.linux-magedu.com;
    index index.html index.php;


    location ~ \.php$ {
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            include fastcgi.conf;
    }
}

php

user.yaml

bash 复制代码
- name: add-php-user
  user:
    name: www-data
    group: 33
    system: yes
    uid: 33
    create_home: yes
    home: /var/www
    shell: /usr/sbin/nologin

install.yaml

bash 复制代码
- name: install-php
  apt: name=php-fpm,php-mysqlnd,php-json,php-gd,php-xml,php-mbstring,php-zip state=present

configure.yaml

bash 复制代码
- name: Change-Configuration1
  shell: sed -i 's/listen = \/run\/php\/php8.3-fpm.sock/;listen = \/run\/php\/php8.3-fpm.sock/g' /etc/php/8.3/fpm/pool.d/www.conf

- name: Change-Configuration2
  shell: sed -i '42i\ listen = 127.0.0.1:9000' /etc/php/8.3/fpm/pool.d/www.conf

- name: Restart-service
  service: name=php8.3-fpm state=restarted

- name: create-directory1
  file: path=/var/www/html/www.linux-magedu.com state=directory owner=www-data group=www-data

- name: copy-Discuz
  copy: src=files/Discuz_X3.5_SC_UTF8_20240520.zip dest=/root/

- name: create-directory2
  file: path=/root/discuz state=directory owner=www-data group=www-data

- name: install unzip
  apt: name=unzip state=present

- name: decompressing-files
  unarchive: src=/root/Discuz_X3.5_SC_UTF8_20240520.zip dest=/root/discuz

- name: copy-file
  shell: cp -r /root/discuz/upload/* /var/www/html/www.linux-magedu.com

- name: Switch-user-group
  shell: chown -R www-data:www-data /var/www/html/www.linux-magedu.com

tomcat

user.yaml

bash 复制代码
- name: add-group-tomcat
  group: name=tomcat system=yes

- name: add-user-tomcat
  user: name=tomcat group=999 system=yes shell=/usr/sbin/nologin

install.yaml

bash 复制代码
- name: install-java
  apt: name=openjdk-11-jdk state=present

- name: copy-tomcat.zip
  copy: src=files/apache-tomcat-9.0.89.tar.gz dest=/root/apache-tomcat-9.0.89.tar.gz

- name: unarchive-tomcat.zip
  shell: tar xf /root/apache-tomcat-9.0.89.tar.gz -C /usr/local/

- name: create-link
  file: src=/usr/local/apache-tomcat-9.0.89 path=/usr/local/tomcat state=lin

- name: environment-variable
  shell: ln -s /usr/local/tomcat/bin/* /usr/local/bin/

- name: alter-file
  file: path=/usr/local/tomcat/ state=directory recurse=yes owner=tomcat group=tomcat

- name: service-script
  template: src=tomcat.service.j2 dest=/lib/systemd/system/tomcat.service

- name: restart-service
  service: name=tomcat.service state=started

configure.yaml

bash 复制代码
- name: create-directory
  file: path=/data/ state=directory owner=tomcat group=tomcat recurse=yes

- name: copy-jpress.war
  copy: src=files/jpress-v5.1.0.war dest=/data/jpress.war

- name: change-configure
  lineinfile:
    path: /usr/local/tomcat/conf/server.xml
    insertafter: ".*</Host>.*"
    line: |
       <Host name="jpress.linux-magedu.com"  appBase="/data/" unpackWARs="true" autoDeploy="true">
       </Host>

- name: restart-tomcat-service
  service: name=tomcat.service state=restarted

- name: chang-iptable
  shell: iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080

tomcat.service.j2

bash 复制代码
[Unit]
Description=Tomcat
After=syslog.target network.target

[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64/
ExecStart=/usr/local/tomcat/bin/startup.sh
ExecStop=/usr/local/tomcat/bin/shutdown.sh
PrivateTmp=true
User=tomcat
Group=tomcat

[Install]
WantedBy=multi-user.target

mysql-discuz

user.yaml

bash 复制代码
- name: add-mysql-group
  group: name=mysql gid=306 system=yes

- name: add-mysql-user
  user: name=mysql group=306 system=yes uid=306 create_home=no

install.yaml

bash 复制代码
- name: install-mysql
  apt: name=mysql-server state=present update_cache=yes

- name: Change-Configuration-mysql-1
  lineinfile: path=/etc/mysql/mysql.conf.d/mysqld.cnf backrefs=yes regexp='^(bind-address.*)$' line='#\1'

- name: Change-Configuration-mysql-2
  lineinfile:
    path: /etc/mysql/mysql.conf.d/mysqld.cnf
    line: |
      skip-name-resolve
      default-authentication-plugin=mysql_native_password

configure.yaml

bash 复制代码
- name: restart-service
  service: name=mysql.service state=restarted

- name: copy-mysql-file
  copy: src=files/discuzer.sql dest=/root/discuzer.sql

- name: mysql-client-init
  shell: mysql < /root/discuzer.sql

- name: create-directory-backup
  file: path=/backup/ state=directory

- name: Generate database backup
  cron:
    name: Database Backup Cron
    minute: 0
    hour: 5
    job: "backup_date=$(date +%Y%m%d%H%m%S) && mysqldump discuz > /backup/backup_${backup_date}.sql"

discuzer.sql

bash 复制代码
create database if not exists discuz;
create user 'discuzer'@'10.0.0.%' identified by '123456';
grant all on discuz.* to 'discuzer'@'10.0.0.%';
flush privileges;

mysql-jpress

user.yaml

bash 复制代码
- name: add-mysql-group
  group: name=mysql gid=306 system=yes

- name: add-mysql-user
  user: name=mysql group=306 system=yes uid=306 create_home=no

install.yaml

bash 复制代码
- name: install-mysql
  apt: name=mysql-server state=present update_cache=yes

- name: Change-Configuration-mysql-1
  lineinfile: path=/etc/mysql/mysql.conf.d/mysqld.cnf backrefs=yes regexp='^(bind-address.*)$' line='#\1'

- name: Change-Configuration-mysql-2
  lineinfile:
    path: /etc/mysql/mysql.conf.d/mysqld.cnf
    line: |
      skip-name-resolve
      default-authentication-plugin=mysql_native_password

configure.yaml

bash 复制代码
- name: restart-service
  service: name=mysql.service state=restarted

- name: copy-mysql-file
  copy: src=files/jpresser.sql dest=/root/jpresser.sql

- name: mysql-client-init
  shell: mysql < /root/jpresser.sql

- name: create-directory-backup
  file: path=/backup/ state=directory

- name: Generate database backup
  cron:
    name: Database Backup Cron
    minute: 0
    hour: 5
    job: "backup_date=$(date +%Y%m%d%H%m%S) && mysqldump jpress > /backup/backup_${backup_date}.sql"

jpresser.sql

bash 复制代码
create database if not exists jpress;
create user 'jpresser'@'10.0.0.%' identified by '123456';
grant all on jpress.* to 'jpresser'@'10.0.0.%';
flush privileges;
相关推荐
我就是全世界2 小时前
ansible详细介绍和具体步骤
ansible
福大大架构师每日一题2 小时前
27.9 调用go-ansible执行playbook拷贝json文件重载采集器
golang·json·ansible·prometheus
SG.xf2 小时前
Ansible
运维·ansible
避凉闲庭7 小时前
ansible开局配置-openEuler
linux·运维·ansible·脚本·openeuler·免密登录·批量化
peanutfish8 天前
Chapter 9 RH294 RHEL Automation with Ansible
linux·ansible·yaml
不喜欢就睡大觉8 天前
自动化工具:Ansible
运维·自动化·ansible
我要做计算机大神9 天前
Ansible概述
git·ansible
YCyjs9 天前
Ansible自动化运维管理工具
ansible
码农鑫哥的日常9 天前
【Ansiable】ansible的模块和主机清单
运维·ansible