ansible分离部署LNMP

环境说明：

系统	主机名	IP	服务
centos8	ansible	192.168.111.141	ansible主控机
centos8	nginx	192.168.111.142	nginx受控机
centos8	mysql	192.168.111.143	mysql受控机
centos8	php	192.168.111.144	php受控机

1.准备工作

修改默认清单文件位置，构建清单

[root@ansible ~]# vim /etc/ansible/ansible.cfg 
inventory = /etc/ansible/inventory
[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# touch inventory
[root@ansible ansible]# vim inventory 
[lnmp]
nginx ansible_user=root ansible_password=123456
mysql ansible_user=root ansible_password=123456
php ansible_user=root ansible_password=123456

[root@ansible ~]# vim /etc/hosts 
192.168.111.142 nginx
192.168.111.143 mysql
192.168.111.144 php

//列出主机
[root@ansible ~]# ansible lnmp --list-hosts
  hosts (3):
    nginx
    mysql
    php

//设置密钥连接
[root@ansible ~]# ssh nginx
[root@nginx ~]# exit
logout
[root@ansible ~]# ssh mysql
[root@mysql ~]# exit
logout
[root@ansible ~]# ssh php
[root@php ~]# exit
logout
[root@ansible ~]# 

//测试连通性
[root@ansible ~]# ansible lnmp -m ping
nginx | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
php | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
mysql | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

2.部署nginx

//关闭selinux和防火墙
[root@ansible ~]# ansible nginx -m service -a 'name=firewalld state=stopped enabled=no'
[root@ansible ~]# ansible nginx -a 'setenforce 0'
[root@ansible ~]# ansible nginx -a "sed -ri 's/^(SELINUX=).*/\1disabled/g'/etc/selinux/config"

//创建用户
[root@ansible ~]# ansible nginx -m user -a 'name=nginx system=yes create_home=no shell=/sbin/nologin state=present'

//安装依赖包
[root@ansible ~]# ansible nginx -m yum -a 'name=pcre-devel,openssl,openssl-devel,gd-devel,gcc,gcc-c++,make state=present'

//下载软件包并解压
[root@ansible ~]# ansible nginx -a 'wget http://nginx.org/download/nginx-1.20.2.tar.gz'
[root@ansible ~]# ansible nginx -a 'tar -xf nginx-1.20.2.tar.gz'

//进入目录编译安装
[root@ansible ~]# mkdir -p /etc/ansible/scripts/
[root@ansible ~]# cd /etc/ansible/scripts/
[root@ansible scripts]# vim configure.sh
#!/bin/bash

cd nginx-1.20.2

./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module && \

make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install

root@ansible scripts]# ll
total 4
-rw-r--r-- 1 root root 470 Oct 23 22:04 configure.sh
[root@ansible scripts]# ansible nginx -m script -a '/etc/ansible/scripts/configure.sh'

//安装完成
[root@ansible ~]# ansible nginx -a 'ls /usr/local/nginx'
nginx | CHANGED | rc=0 >>
conf
html
logs
sbin

//配置环境变量
[root@ansible ~]# ansible nginx -m shell -a 'echo "export PATH=$PATH: