第十六周

一、使用ansible的playbook实现自动化安装httpd

 环境：

一台ansible主控端 192.168.37.100/24

三台被控端 192.168.37.101/24 、192.168.37.103/24、192.168.37.104/24

控制端操作：

1、配置基于key验证的ssh连接

ssh-keygen
ssh-copy-id 127.0.0.1
scp -r /root/.ssh 192.168.37.101:/root/
scp -r /root/.ssh 192.168.37.103:/root/
scp -r /root/.ssh 192.168.37.104:/root/

2、配置主机清单

[root@centos7 ansible]# cat /etc/ansible/hosts 
[webservers]
192.168.37.101 http_port=8001
192.168.37.103 http_port=8003
192.168.37.104 http_port=8004

3、安装httpd

yum -y install httpd
systemctl restart httpd

4、准备httpd配置文件的模板文件

cp  /etc/httpd/conf/httpd.conf  /etc/ansible/httpd.conf
[root@centos7 ansible]# cat httpd.conf |grep Listen
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to 
#Listen 12.34.56.78:80
Listen {{http_port}}

5、准备httpd.yml文件

[root@centos7 ansible]# cat httpd.yml 
#install httpd
- hosts: webservers
  remote_user: root

  tasks:
    - name: install package
      yum: name=httpd
    - name: config file
      template: src=/etc/ansible/httpd.conf dest=/etc/httpd/conf/ backup=yes
      notify: restart service  #当配置文件发生改变，讲触发下面handlers动作
    - name: service
      service: name=httpd state=started enabled=yes
  handlers:
    - name: restart service
      service: name=httpd state=restarted 
[root@centos7 ansible]# 

6、执行ansible-playbook命令

[root@centos7 ansible]# ansible-playbook httpd.yml 

PLAY [webservers] ***********************************************************************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [192.168.37.103]
ok: [192.168.37.104]
ok: [192.168.37.101]

TASK [install package] ******************************************************************************************************************************************************************************************
ok: [192.168.37.103]
ok: [192.168.37.101]
ok: [192.168.37.104]

TASK [config file] **********************************************************************************************************************************************************************************************
ok: [192.168.37.103]
ok: [192.168.37.104]
ok: [192.168.37.101]

TASK [service] **************************************************************************************************************************************************************************************************
ok: [192.168.37.101]
ok: [192.168.37.103]
ok: [192.168.37.104]

PLAY RECAP ******************************************************************************************************************************************************************************************************
192.168.37.101             : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.37.103             : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.37.104             : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

[root@centos7 ansible]#

7、被控制端验证，发现端口起来了。

[root@centos7 ~]# ss -ntl
State       Recv-Q Send-Q                                                           Local Address:Port                                                                          Peer Address:Port              
LISTEN      0      128                                                                          *:22                                                                                       *:*                  
LISTEN      0      128                                                                       [::]:22                                                                                    [::]:*                  
LISTEN      0      128                                                                       [::]:8001                                                                                  [::]:*                  
[root@centos7 ~]# ip a

　　

二、建立httpd服务器，要求提供两个基于名称的虚拟主机

1、www.X.com，页面文件目录为/web/vhosts/x;错误日志为/var/log/httpd/x.err，访问日志为/var/log/httpd/x.access

2、www.Y.com，页面文件目录为/web/vhosts/y;错误日志为 /var/log/httpd/www2.err，访问日志为/var/log/httpd/y.access

3、为两个虚拟主机建立各自的主页文件index.html，内容分别为其对应的主机名

#建立主机网页目录
[root@centos7 ~]# mkdir -p /web/vhosts/{x,y}
#授权apache用户访问
[root@centos7 ~]# chown -R root:apache /web

#建立各虚拟主机的主页文件index.html
[root@centos7 ~]# echo www.x.com > /web/vhosts/x/index.html
[root@centos7 ~]# echo www.y.com > /web/vhosts/y/index.html

#建立虚拟主机配置
[root@centos7 ~]# vim /etc/httpd/conf.d/vhosts.conf 
<VirtualHost *:80>
        ServerName www.x.com
        DocumentRoot "/web/vhosts/x"
        ErrorLog "/var/log/httpd/x.err"    #错误日志
        CustomLog "/var/log/httpd/x.access" combined    #访问日志
        <Directory "/web/vhosts/x">
                Options None
                AllowOverride None
                Require all granted
        </Directory>
</VirtualHost>

<VirtualHost *:80>
        ServerName www.y.com
        DocumentRoot "/web/vhosts/y"
        ErrorLog "/var/log/httpd/www2.err"    #错误日志
        CustomLog "/var/log/httpd/y.access" combined    #访问日志
        <Directory "/web/vhosts/y">
                Options None
                AllowOverride None
                Require all granted
        </Directory>
</VirtualHost>

#重启httpd服务
[root@centos7 ~]# systemctl restart httpd

#创建本地解析
[root@centos7 ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.27.17   www.x.com    #添加此行
192.168.27.17   www.y.com    #添加此行

#本地访问测试
[root@centos7 ~]# curl www.x.com
www.x.com
[root@centos7 ~]# curl www.y.com
www.y.com