@ansible剧本(一键部署lnmp项目)

在这里插入图片描述

ansible剧本(一键部署lnmp项目)

ansible—hosts(ip+密码)

[backup]
172.16.1.41 ansible_ssh_pass=‘1’

[nfs]
172.16.1.31 ansible_ssh_pass=‘1’

[web]
172.16.1.7 ansible_ssh_pass=‘1’
172.16.1.8 ansible_ssh_pass=‘1’
172.16.1.9 ansible_ssh_pass=‘1’

[db]
172.16.1.51 ansible_ssh_pass=‘1’

[lb]
172.16.1.5 ansible_ssh_pass=‘1’
172.16.1.6 ansible_ssh_pass=‘1’

[prometheus]
172.16.1.71 ansible_ssh_pass=‘1’

基于秘钥(生成------>传输)
(生成)ssh-keygen
(传输)for i in 5 6 7 8 9 31 41 51 71;do sshpass -p1 ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.16.1.$i -o StrictHostKeyChecking=no;done

一、backup

#################ansible部署backup剧本编写:
---
- hosts: backup
  remote_user: root
  roles:
    - backup

1#安装rsync
- name: Install Rsyncd Server
  yum:
    name: rsync
    state: present


2#创建用户组
- name: Create www Group
  group:
    name: www
    gid: 1000
  #创建/用户
- name: Create www User
  user:
    name: www
    group: www
    uid: 1000
    create_home: false
    shell: /sbin/nologin

3#rsync配置文件推送
- name: Rsync Config
  template:
    src: rsyncd.conf.j2
    dest: /etc/rsynd.conf
    owner: root


4#推送密码文件
- name: Create Passwd File
  template:
    src: rsync.passwd.j2
    dest: /etc/rsync.passwd
    owner: root
    mode: 600

#推送配置文件
- name: Create conf File
  template:
    src: rsyncd.conf.j2
    dest: /etc/rsyncd.conf
    owner: root
    mode: 600


#配置文件授权
- name: chown rsync.passwd
  shell: chmod 600 /etc/rsync.passwd
- name: chown rsyncd.conf
  shell: chmod 600 /etc/rsyncd.conf
  



5#创建backup目录
- name: Create backup Directory
  file:
    path: /backup
    mode: 0755      
    owner: www
    group: www
    state: directory
    recurse: yes

- name: Create bac_database Directory
  file:
    path: /backup/database
    mode: 0755
    owner: www
    group: www
    state: directory
    recurse: yes


- name: Create bac_web  Directory
  file:
    path: /backup/web
    mode: 0755
    owner: www
    group: www
    state: directory
    recurse: yes
    
    
    
      
6#启动rsync服务
- name: Start Rsyncd Server
  systemd:
    name: rsyncd
    state: started

二、nfs

#################ansible部署nfs剧本编写:


- hosts: nfs
  remote_user: root
  roles:
    - nfs
    
1)#安装nfs
- name: install nfs-utils
  yum:
    name: nfs-utils
    state: present
#安装nfs
- name: install rpcbind
  yum:
    name: rpcbind
    state: present



2)#创建用户
- name: Create www User
  user:
    name: www
    uid: 1000
    create_home: false
    shell: /sbin/nologin
#推送配置文件
- name: create nfs conf_file
  template:
    src: exrorts.j2
    dest: /etc/exports
    owner: root



3)#推送密码文件
- name: create rsync passwd_file
  template:
    src: rsync.passwd.j2
    dest: /etc/rsync.passwd
    #owner: www
    #mode: 600
    #notify: restart rsyncd
#授权密码文件
- name: chmod rsync.passwd
  shell: chmod 600 /etc/rsync.passwd
- name: chown rsync.passwd
  shell: chown root.root /etc/rsync.passwd
#创建挂载目录并授权
- name: Create nfs Directory
  file:
    path: /nfs
    state: directory
    owner: www
    group: www
   #mode: 755
    recurse: yes


4#创建web目录
- name: Create nfs_web Directory
  file:
    path: /nfs/web
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#创建conf目录
- name: Create nfs_conf Directory
  file:
    path: /nfs/conf
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#常见database目录
- name: Create nfs_database Directory
  file:
    path: /nfs/database
    state: directory
    owner: www
    group: www
    #mode: 755
    recurse: yes
#创建download目录
- name: Create nfs_download Directory
  file:
    path: /nfs/download
    state: directory
    owner: www
    group: www
   # mode: 755
    recurse: yes
#清除web目录残留文件
- name: rm web file
  shell: rm -rf /nfs/web/*
#指定解压项目文件
- name: scp test_file
  unarchive:
    remote_src: no
    src: /hzl/hzl/test.zip
    dest: /nfs/web/
   # wner: www
   # mode: 755
#更改项目文件权限
- name: chown 
  shell: chown -R www.www /nfs/
  
  
  
5#启动nfs-server
- name: Start NFS Server
  systemd:
    name: nfs-server
    state: started
    enabled: yes
    
    
    
6)#推送解压指定的目录
- name: scp sersync file
  unarchive:
    src: sersync2.5.4_64bit_binary_stable_final.tar.gz   #使用软件包
    dest: /usr/local/
#推送sersync模板文件
- name: create sersync file
  template:
    src: confxml.xml.j2
    dest: /usr/local/GNU-Linux-x86/confxml.xml
    #force: yes
#启动sersync守护进程
- name: start sersync
  shell: /usr/local/GNU-Linux-x86/sersync2 -dro /usr/local/GNU-Linux-x86/confxml.xml

三、web

#####################ansible部署web剧本编写:


- hosts: web
  remote_user: root
  roles:
    - web

1#yum安装epel源
    - name: yum install epel
      yum:
        name: epel-release 
        state: present

    - name: yum repolist
      shell: yum repolist
#推送安装包     
    - name: scp php_rpm file
      unarchive:
        remote_src: no
        src: php.tar.gz    #安装php软件压缩包
        dest: /opt
        owner: root
#php源推送
    - name: scp php.repo file 
      copy:
        src: php.repo     #配置php的yum源
        dest: /etc/yum.repos.d/
        owner: root
        force: yes
#刷新repo源
    - name: yum makecache
      shell: yum makecache




2#安装nfs及rpcbind
    - name: install nfs-utils
      yum:
        name: nfs-utils
         state: present
       state: present
    - name: install rpcbind
      yum:
        name: rpcbind
        state: present     
#启动nfs-server
    - name: Start nfs Server
      shell: systemctl restart nfs rpcbind
#    - name: Start rpcbind  Server
#      systemd:
#        name: rpcbind                 
#        state: started
#        enabled: yes
#安装nginx 
    - name: install nginx    
      yum:
        name: nginx 
        state: present
#安装php
    - name: install php
      shell: yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71wxml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71wpecl-redis php71w-pecl-mongodb
#本地安装php
    - name: install php-fpm
      shell: yum localinstall -y /opt/*rpm    #使用本地软件包安装php



3#创建用户组       
    - name: create www group 
      group:
        name: www
        gid: 1000
 #创建用户
    - name: create www user
      user:
        name: www
        uid: 1000
        group: www




4#创建挂载目录
    - name: Create code  Directory
      file:
        path: /code
        state: directory
        owner: www
        group: www
       # mode: 755 
        recurse: yes
#使用nfs挂载web
    - name: Mount NFS Server
      mount:
        path: /code
        src: 172.16.1.31:/nfs/web
        fstype: nfs
        opts: defaults
        state: mounted
#使用nfs挂载conf
    - name: Mount conf_file  NFS Server
      mount:
        path: /etc/nginx/conf.d/
        src: 172.16.1.31:/nfs/conf
        fstype: nfs
        opts: defaults
        state: mounted


5#nginx配置文件推送
    - name: scp nginx_conf file  
      template:
        remote_src: no
        src: ./nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        owner: root
#推送配置文件
    - name: scp hzl_conf file
      copy:
        src: hzl.conf
        dest: /etc/nginx/conf.d/hzl.conf
        owner: www
        force: yes
#php配置文件推送
    - name: scp php_conf file
      copy:
        src: /hzl/hzl/www.conf
        dest: /etc/php-fpm.d/www.conf
        owner: root
        force: yes


6#启动nginx
    - name: Start nginx Server
      service:
        name: nginx
        state: started
        enabled: yes 
#启动php-server
    - name: Start php  Server
      service:
        name: php-fpm.service
        state: started
        enabled: yes

四、mariadb(数据库)

#####################ansible部署mariadb剧本编写:


- hosts: db
  remote_user: root
  roles:
    - db

1#安装epel源
- name: install epel repo
  shell: yum install -y  epel-release
#使用URL安装epel
# shell: yum install -y  https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmll




2#安装redis
- name: install redis    
  yum:
    name: redis
    state: present 
#安装mariadb
- name: install mariadb
  yum:
    name: mariadb,mariadb-server
    state: present
#安装nfs
- name: install nfs
  yum:
    name: nfs-utils,rpcbind
    state: present
#安装rpcbind
- name: install rpcbind
  yum:
    name: nfs-utils,rpcbind
    state: present
#启动nfs与rpcbind
- name: start nfs server
  service:
    name: nfs
    state: started
    enabled: yes
#启动nfs与rpcbind
- name: start rpcbind server
  service:
    name: rpcbind.service
    state: started
    enabled: yes



3#用户创建
- name: Create vhost User
  user:
    name: mysql
    group: mysql
    shell: /sbin/nologin
    system: yes





4#启动redis服务
- name: Start redis Service
  service: 
    name: redis
    state: started
#启动mariadb服务
- name: Start mariadb Server
  service: 
    name: mariadb
    state: started
    enabled: yes







5)#数据库登录
    - name: create mysql_admind user       
      shell: mysqladmin -uroot password '888'   #新安装的数据库首次登录

 #创建数据库管理用户并授权
    - name: create database user
      shell: mysql -uhzl -p888 -e "grant all on *.* to hzl@'%' identified by '888';"
     
#      shell: mysql -uroot -p123 -e "grant all privileges on *.* to 'hzl'@'%' identified by '888' with grant option;"  
#刷新用户权限
    - name: 
      shell: mysql -uhzl -p888 -e "flush privileges;"
#数据库库创建  
    - name: 
      shell: mysql -uhzl -p888 -e "create database word;"
      

五、lb&keepalived(负载均衡)

###########################ansible部署slb剧本编写:

- hosts: lb 
  remote_user: root
  roles:
    - lb


1#安装nginx 
- name: install nginx
  yum:
    name: nginx
    state: present
#安装keepalived
- name: install keepalived
  yum:
    name: keepalived
    state: present





2#创建用户组       
    - name: create www group 
      group:
        name: www
        gid: 1000
#创建用户
    - name: create www user
      user:
        name: www
        uid: 1000
        group: www





3#nginx配置文件推送
    - name: scp nginx Config 
      template:
        src: ./nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        owner: www   
    - name: scp nginx Config 
      template:
        src: ./hzl.conf.j2
        dest: /etc/nginx/conf.d/hzl.conf
        owner: www
#推送keepalived配置文件
    - name: scp 01keepalived conf_file
      template:
        src: ./keepalived.conf.j2
        dest:  /etc/keepalived/keepalived.conf

    - name: scp track_script 
      template:
        src: ./check_web.sh.j2
        dest:  /etc/keepalived/check_web.sh
#加入定时任务
    - name: create  crontab 
      cron:
        minute: '*'
        job: /etc/keepalived/
        name: check_web.sh
        disabled: yes




4#启动nginx
    - name: Start nginx Server
      service:
        name: nginx
        state: started
        enabled: yes         
#启动keepalived
    - name: start keepalived 
      service:
        name: keepalived.service
        state: started
        enabled: yes

六、prometheus

#prometheus链接地址https://download.csdn.net/download/weixin_55972781/19515183

#########################ansible部署prometheus剧本编写:

- hosts: prometheus
  remote_user: root
  roles:
    - prometheus

1)#下载ntpdate
- name: ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com




2#上传prometheus
- name: prometheus
  unarchive: 
    src: /hzl/hzl/prometheus-2.25.0.linux-amd64.tar.gz  
    dest: /usr/local/
#建立软连接
- name: ln 
  shell: ln -s /usr/local/prometheus-2.25.0.linux-amd64 /usr/local/prometheus




3#创建系统system启动项目
- name: create system
  template: 
    src: prometheus.service 
    dest: /etc/systemd/system

#system文件编写
[root@m01 /]# cat >> /etc/systemd/system/prometheus.service <<EOF
[Unit]
Description=Prometheus Monitoring System
Documentation=Prometheus Monitoring System
 
[Service]
ExecStart=/usr/local/prometheus/prometheus \
  --config.file=/usr/local/prometheus/prometheus.yml \
  --web.listen-address=:9090
 
[Install]
WantedBy=multi-user.target
EOF

#修改prometheus配置文件
- name: scp conf file
  template: 
    src: prometheus.yml 
    dest: /usr/local/prometheus
#重载系统文件
- name: daemon
  service: 
    daemon_reload: yes




4#启动prometheus服务
- name: restart
  service: 
    name: prometheus 
    state: started 
    enabled: yes




5#上传grafana
- name: scp  grafana 
  copy: 
    src: /hzl/hzl/grafana-7.3.6-1.x86_64.rpm 
    dest: /opt/
#安装grafana
- name: install grafana
  yum: 
    name: /opt/grafana-7.3.6-1.x86_64.rpm
#启动grafana
- name: start grafana-server
  service: 
    name: grafana-server 
    state: started 
    enabled: yes

七、prometheus(web)

#####################ansible部署prometheus_web剧本编写:

- hosts: web
  remote_user: root
  roles:
    - prometheus_web

1#下载ntpdate
- name: install ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com



2#使用node_exproter插件包
- name: scp node_exporter.tar.gz
  unarchive :
    src: node_exporter.tar.gz
    dest: /usr/local/


#添加系统system启动项
- name: scp node-exporter.service
  copy:
    src: node-exporter.service
    dest: /etc/systemd/system/

#启动node_exproter插件
- name: start node-exporter.service
  service:
    name: node-exporter.service
    state: started

八、prometheus(database)

#####################ansible部署prometheus_db剧本编写:


- hosts: db
  remote_user: root
  roles:
    - prometheus_db

1#下载ntpdate
- name: install ntpdate
  yum:
    name: ntpdate
    state: present
#同步time
- name: ntpdate time
  shell: ntpdate ntp.aliyun.com




2#上传mysqld_exproter插件包
- name: scp mysqld_exporter.tar.gz
  unarchive :
    src: mysqld_exporter.tar.gz
    dest: /usr/local/




3#添加系统system启动项
- name: scp mysqld_exporter.service
  copy:
    src: mysqld_exporter.service
    dest: /etc/systemd/system/
#配置文件
[root@m01 files]# cat > mysqld_exporter.service << EOF 
[Unit]
Description=Prometheus

[Service]
ExecStart=/usr/local/mysqld_exporter/mysqld_exporter \
 --config.my-cnf=/usr/local/mysqld_exporter/.my.cnf \
 --web.listen-address=:9104
Restart=on-failure 

[Install]
WantedBy=multi-user.target
EOF




4#mysqld.exproter配置文件修改
- name: scp conf file
  copy:
    src: .my.cnf
    dest: /usr/local/mysqld_exporter/ 
#添加mysqld.exproter配置文件
[root@m01 files]# cat .my.cnf 
[client]
host=172.16.1.51
user=hzl       #与database创建的用户及密码一致(获得所有权限)
password=888   





5#启动mysqld_exproter
- name: start mysqld_exporter.service
  service:
    name: mysqld_exporter.service
    state: started
posted @ 2021-06-11 20:10  ଲ小何才露煎煎饺  阅读(122)  评论(0)    收藏  举报