ansible分离部署LNMP
环境说明:
系统 | 主机名 | IP | 服务 |
---|---|---|---|
centos8 | ansible | 192.168.111.141 | ansible主控机 |
centos8 | nginx | 192.168.111.142 | nginx受控机 |
centos8 | mysql | 192.168.111.143 | mysql受控机 |
centos8 | php | 192.168.111.144 | php受控机 |
1.准备工作
修改默认清单文件位置,构建清单
[root@ansible ~]# vim /etc/ansible/ansible.cfg
inventory = /etc/ansible/inventory
[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# touch inventory
[root@ansible ansible]# vim inventory
[lnmp]
nginx ansible_user=root ansible_password=123456
mysql ansible_user=root ansible_password=123456
php ansible_user=root ansible_password=123456
[root@ansible ~]# vim /etc/hosts
192.168.111.142 nginx
192.168.111.143 mysql
192.168.111.144 php
//列出主机
[root@ansible ~]# ansible lnmp --list-hosts
hosts (3):
nginx
mysql
php
//设置密钥连接
[root@ansible ~]# ssh nginx
[root@nginx ~]# exit
logout
[root@ansible ~]# ssh mysql
[root@mysql ~]# exit
logout
[root@ansible ~]# ssh php
[root@php ~]# exit
logout
[root@ansible ~]#
//测试连通性
[root@ansible ~]# ansible lnmp -m ping
nginx | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
php | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
mysql | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
2.部署nginx
//关闭selinux和防火墙
[root@ansible ~]# ansible nginx -m service -a 'name=firewalld state=stopped enabled=no'
[root@ansible ~]# ansible nginx -a 'setenforce 0'
[root@ansible ~]# ansible nginx -a "sed -ri 's/^(SELINUX=).*/\1disabled/g'/etc/selinux/config"
//创建用户
[root@ansible ~]# ansible nginx -m user -a 'name=nginx system=yes create_home=no shell=/sbin/nologin state=present'
//安装依赖包
[root@ansible ~]# ansible nginx -m yum -a 'name=pcre-devel,openssl,openssl-devel,gd-devel,gcc,gcc-c++,make state=present'
//下载软件包并解压
[root@ansible ~]# ansible nginx -a 'wget http://nginx.org/download/nginx-1.20.2.tar.gz'
[root@ansible ~]# ansible nginx -a 'tar -xf nginx-1.20.2.tar.gz'
//进入目录编译安装
[root@ansible ~]# mkdir -p /etc/ansible/scripts/
[root@ansible ~]# cd /etc/ansible/scripts/
[root@ansible scripts]# vim configure.sh
#!/bin/bash
cd nginx-1.20.2
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module && \
make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
root@ansible scripts]# ll
total 4
-rw-r--r-- 1 root root 470 Oct 23 22:04 configure.sh
[root@ansible scripts]# ansible nginx -m script -a '/etc/ansible/scripts/configure.sh'
//安装完成
[root@ansible ~]# ansible nginx -a 'ls /usr/local/nginx'
nginx | CHANGED | rc=0 >>
conf
html
logs
sbin
//配置环境变量
[root@ansible ~]# ansible nginx -m shell -a 'echo "export PATH=$PATH: