24.1 ansible批量管理与维护作业

1.写出ansible部署rsync服务的playbook剧本内容。

回答：
剧本文件：
[root@m01 playbook]# vim rsync_server.yml
[root@m01 playbook]# cat rsync_server.yml
- hosts: 10.0.0.41 #backup作为服务器端部署
tasks:
- name: install rsync # 安装rsync
shell: yum install -y rsync

- name: install sshpass #安装密钥软件
shell: yum install -y sshpass

- name: create a directory for config.sh #创建所在配置文件
shell: mkdir -p /server/scripts/

- name: configuration config.sh #拷贝配置脚本文件
copy: src=/server/scripts/config.sh dest=/server/scripts/config.sh

- name: action script config.sh #远程运行脚本
script: /server/scripts/config.sh

- name: create rsync user #创建rsync虚拟用户
shell: useradd rsync -s /sbin/nologin -M

- name: create secrets file #创建密码文件
shell: echo 'rsync_backup:123456' >/etc/rsync.password

- name: grant for rsync.password #赋予密码文件权限
shell: chmod 600 /etc/rsync.password

- name: grant for diretory /backup #赋予所有者和所属组
shell: mkdir /backup && chown -R rsync.rsync /backup/

- name: rsync --daemon #运行rsync服务守护进程
shell: rsync --daemon

- hosts: 10.0.0.31 #nfs01作为客户端部署
tasks:
- name: install rsync # 安装rsync
shell: yum install -y rsync

- name: create secrets #创建密码文件并赋予权限
shell: echo '123456' >/etc/rsync.password && chmod 600 /etc/rsync.password

- name: create a directory for config.sh #创建所在配置文件
shell: mkdir -p /server/scripts/

创建配置文件：
[root@m01 playbook]# vim /server/scripts/config.sh
[root@m01 playbook]# cat /server/scripts/config.sh
#!/bin/sh
cat >>/etc/rsyncd.conf<<EOF
######rsync_config_______________start
#created by crmn at 2018
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

ignore errors
read only = false
list = false
#hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
#rsync_config_______________end
[backup]
path = /backup/
EOF

2.通过ansible剧本部署nfs客户端与服务端。
要求
服务端分享/data目录
客户端backup服务器把/data目录挂载到/nfsbackup目录中
回答：
剧本文件：
[root@m01 playbook]# vim nfs_server.yml
[root@m01 playbook]# cat nfs_server.yml
- hosts: 10.0.0.31 #nfs01作为nfs服务器端部署
tasks:
- name: install nfs-utils rpcbind # 安装nfs-utils rpcbind
shell: yum install -y nfs-utils

- name: install sshpass #安装密钥软件
shell: yum install -y sshpass

- name: start rpcbind & nfs #开启rpcbind & nfs服务
shell: /etc/init.d/rpcbind start && /etc/init.d/nfs start

- name: create directory /data & grant #创建/data并赋予所属主和所属组
shell: mkdir -p /data && chown -R nfsnobody.nfsnobody /data/

- name: create a directory for nfs-config.sh #创建配置nfs服务文件
shell: mkdir -p /server/scripts/
- name: copy nfs-config.sh #拷贝配置nfs服务脚本文件
copy: src=/server/scripts/nfs-config.sh dest=/server/scripts/nfs-config.sh

- name: reload nfs #重新加载NFS配置生效，优雅重启
shell: /etc/init.d/nfs reload
- name: action script nfsconfig.sh #远程运行脚本
script: /server/scripts/nfs-config.sh

- name: setup start from start #设置开机自启动
shell: chkconfig rpcbind on && chkconfig nfs on

- hosts: 10.0.0.41 #backup作为客户端部署
tasks:
- name: install nfs-utils rpcbind # 安装nfs-utils rpcbind
shell: yum install -y nfs-utils rpcbind

- name: start nfs& close rpcbind #开启nfs,关闭rpcbind服务
shell: /etc/init.d/rpcbind start && /etc/init.d/nfs stop
- name: setup start from start #设置开机自启动
shell: chkconfig rpcbind on && chkconfig nfs off

- name: create a directory for config.sh #创建所在配置文件
shell: mkdir -p /server/scripts/

- name: create mount file & mount #创建挂载目录并进行挂载
shell: mkdir -p /nfsbackup && mount -t nfs 10.0.0.31:/data /nfsbackup/

创建配置文件：
[root@m01 playbook]# vim /server/scripts/nfs-config.sh
[root@m01 playbook]# cat /server/scripts/nfs-config.sh
#!/bin/sh

cat >>/etc/exports <<EOF
#share /data to 172.16.1.0/24
/data 10.0.0.0/24(rw,sync)
EOF

3.通过剧本部署配置sersync数据同步服务。

回答：
剧本文件：
[root@m01 playbook]# vim sersync_server.yml
[root@m01 playbook]# cat sersync_server.yml
- hosts: 10.0.0.31 #nfs01作为服务器端部署,需要提前配置rsync支持，此处略。
tasks:
- name: install sersync tools # 解压和使用sersync安装包
shell: cd /opt/ && unzip sersync_installdir_64bit.zip

- name: install sshpass #安装密钥软件
shell: yum install -y sshpass

- name: add to global variables #加入全局变量
shell: cp sersync_installdir_64bit/sersync/ /usr/local/ -a
- name: grant +x for /usr/local/sersync/bin/sersyn # 赋予/usr/local/sersync/bin/sersyn权限
shell: chmod +x /usr/local/sersync/bin/sersync
- name: create flexible connection #创建软链接
shell: ln -s /usr/local/sersync/bin/sersync /usr/local/bin/

- name: bak comfxml.xml #备份源文件
shell: cp /usr/local/sersync/conf/confxml.xml{,.ori}

- name: sed /data #修改配置文件
shell: sed -i ‘s#watch="/opt/tongbu"#watch="/data"#g’ /usr/local/sersync/conf/confxml.xml
- name: sed -artuz --delete #修改配置文件
shell: sed -i ‘s#params="-artuz"#params="-artuz --delete"#g’ /usr/local/sersync/conf/confxml.xml
- name: sed rsync_backup #修改配置文件
shell: sed -i ‘s#<auth start="false" users="root" passwordfile="/etc/rsync.pas"/>#<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.password"/>#g’ /usr/local/sersync/conf/confxml.xml
- name: sed rsync_fail_log #修改配置文件
shell: sed -i ‘s#path="/tmp/rsync_fail_log.sh"#path="/var/log/rsync_fail_log"#g’ /usr/local/sersync/conf/confxml.xml

- name: start sersync #启动sersync服务
shell: sersync -d -r -o /usr/local/sersync/conf/confxml.xml

#backup 10.0.0.41 作为客户端