1、ansible-playbook实现MySQL的二进制部署
1)环境装备:
centos8目前没有sshpass包,而ansible依赖此包导致ansible安装不了,全程在centos7上操作
2)安装软件并创建软件目录,添加并修改相关配置文件
1.安装ansible
[root@ansible:~]#
yum -y install ansible
2.查看版本
[root@ansible:~]#
ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Oct 14 2020, 14:45:30) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
3.新建/data/ansible 文件夹
[root@ansible:~]#
mkdir -pv /data/ansible
4.拷贝清单文件和主配置文件
[root@ansible:/data/ansible]#
cp /etc/ansible/hosts .&& cp /etc/ansible/ansible.cfg .
#更改PATH环境变量
[root@ansible:/data/ansible]#
export ANSIBLE_CONFIG=/opt/ansible.cfg
#更改hosts文件路径
[root@ansible:/data/ansible]#
vim ansible.cfg inventory = ./hosts #去掉注释,并设置当前目录下的hosts文件。
5.添加host清单文件
[root@ansible:/data/ansible]#
vim hosts
[websrvs]
10.0.0.18
10.0.0.7
[dbsrvs]
10.0.0.8
10.0.0.7
3)基于key验证
上传准备好的脚本,执行脚本
[root@ansible:~]#
bash ssh_key.sh
4)准备角色文件
1.创建角色文件夹
[root@ansible:/data/ansible]#
mkdir -pv /data/ansible/roles/mysql/{files,tasks,vars}
mkdir: created directory ‘/data/ansible/roles/mysql’
mkdir: created directory ‘/data/ansible/roles/mysql/files’
mkdir: created directory ‘/data/ansible/roles/mysql/tasks’
mkdir: created directory ‘/data/ansible/roles/mysql/vars’
2.创建my.conf文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/files/my.cnf
[mysqld]
server-id=1
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
3.创建变量文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/vars/main.yml
mysql_version: 8.0.23
mysql_file: mysql-{{mysql_version}}-linux-glibc2.12-x86_64.tar.xz
mysql_root_password: 123456
4.创建tasks/main.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: linkfile.yml
- include: data.yml
- include: config.yml
- include: script.yml
- include: path.yml
- include: service.yml
- include: secure.yml
5.创建install.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/install.yml
- name: install packages
yum:
name:
- libaio
- numactl-libs
6.创建group.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/group.yml
- name: create mysql group
group: name=mysql gid=306
7.创建user.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/user.yml
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
8.创建unarchive.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/unarchive.yml
- name: copy tar to remote host and file mode
unarchive: src={{mysql_file}} dest=/usr/local/ owner=root group=root
9.创建linkfile.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/linkfile.yml
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-{{ mysql_version }}-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
ignore_errors: yes
10.创建data.yml文件
vim /data/ansible/roles/mysql/tasks/data.yml
- name: data dir
shell: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/data/mysql
tags: data
ignore_errors: yes
11.创建config.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/config.yml
- name: config my.cnf
copy: src=/data/ansible/roles/mysql/files/my.cnf dest=/etc/my.cnf
12.创建script.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/script.yml
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
13.创建path.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/path.yml
- name: PATH variable
copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
14.创建service.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/service.yml
- name: enable service
shell: chkconfig --add mysqld;/etc/init.d/mysqld start
tags: service
15.创建secure.yml文件
[root@ansible:/data/ansible]#
vim /data/ansible/roles/mysql/tasks/secure.yml
- name: change password
shell: /usr/local/mysql/bin/mysqladmin -uroot password {{mysql_root_password}}
16.创建角色playbook
[root@ansible:/data/ansible]#
vim /data/ansible/role_mysql.yml
---
- hosts: dbsrvs
remote_user: root
gather_facts: no
roles:
- mysql
17.下载MySQL8.0.23到/data/ansible/roles/files/
[root@ansible:/data/ansible/roles/mysql/files]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
18.下看所有文件
[root@ansible:/data/ansible/roles/mysql/files]#
tree /data/ansible/roles/mysql/
/data/ansible/roles/mysql/
├── files
│ ├── my.cnf
│ └── mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
├── tasks
│ ├── config.yml
│ ├── data.yml
│ ├── group.yml
│ ├── install.yml
│ ├── linkfile.yml
│ ├── main.yml
│ ├── path.yml
│ ├── script.yml
│ ├── secure.yml
│ ├── service.yml
│ ├── unarchive.yml
│ └── user.yml
└── vars
└── main.yml
3 directories, 15 files
5)执行playbook文件
[root@ansible:/data/ansible]#
ansible-playbook role_mysql.yml
_______________
< PLAY [dbsrvs] >
---------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
_________________________________
< TASK [mysql : install packages] >
---------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
___________________________
< TASK [create mysql group] >
---------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
__________________________
< TASK [create mysql user] >
--------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
< TASK [mysql : copy tar to remote host and file mode] >
------------------------------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
_________________________________________
< TASK [create linkfile /usr/local/mysql] >
-----------------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
_________________________
< TASK [mysql : data dir] >
-------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
< TASK [mysql : config my.cnf] >
------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
< TASK [mysql : service script] >
-------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
______________________________
< TASK [mysql : PATH variable] >
------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
_______________________________
< TASK [mysql : enable service] >
-------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
________________________________
< TASK [mysql : change password] >
--------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.8]
____________
< PLAY RECAP >
------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
10.0.0.8 : ok=11 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=1
6)安装主机检测
[root@centos8:~]#
mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 8.0.23 MySQL Community Server - GPL
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
2、Ansible playbook实现apache批量部署,并对不同主机提供以各自IP地址为内容的index.html
环境装备:在上题的环境中直接操作
1)编写plabook
[root@ansible:/data/ansible]#
vim install_httpd.yml
---
#install httpd
- hosts: websrvs
remote_user: root
gather_facts: no
tasks:
- name: Install httpd
yum: name=httpd state=present
- name: Modify config list port
lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^Listen'
line: 'Listen 8080'
- name: Modify web page
copy: content='{{ ansible_eth0.ipv4.address }}\n' dest=/var/www/html/index.html
- name: Start service
service: name=httpd state=started enable=yes
2)安装net-tools,编写脚本,生成index.html文件
1.安装net-tools
[root@ansible:/data/ansible]#
ansible websrvs -m yum -a 'name=net-tools state=present'
10.0.0.18 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: net-tools-2.0-0.52.20160912git.el8.x86_64"
]
}
10.0.0.7 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"net-tools"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: \n * epel: repo.huaweicloud.com\n * extras: mirrors.cloud.tencent.com\nResolving Dependencies\n--> Running transaction check\n---> Package net-tools.x86_64 0:2.0-0.25.20131004git.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n net-tools x86_64 2.0-0.25.20131004git.el7 base 306 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 306 k\nInstalled size: 917 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : net-tools-2.0-0.25.20131004git.el7.x86_64 1/1 \n Verifying : net-tools-2.0-0.25.20131004git.el7.x86_64 1/1 \n\nInstalled:\n net-tools.x86_64 0:2.0-0.25.20131004git.el7 \n\nComplete!\n"
]
}
2.编写脚本
[root@ansible:/data/ansible]#
vim ip.sh
#!/bin/bash
#****************************************************
#Date: 2022-05-26
#Author: wwzroom
#FileName: ip.sh
#Description: The test script
#QQ: 896517050
#****************************************************
echo `ifconfig eth0 |grep inet |grep -Eo '([0-9]{1,3}.){3}[0-9]{1,3}'|head -1` > /var/www/html/index.html
3.执行脚本,生成IP地址为内容的index.html
[root@ansible:/data/ansible]#
ansible websrvs -m script -a '/data/ansible/ip.sh'
10.0.0.7 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 10.0.0.7 closed.\r\n",
"stderr_lines": [
"Shared connection to 10.0.0.7 closed."
],
"stdout": "",
"stdout_lines": []
}
10.0.0.18 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 10.0.0.18 closed.\r\n",
"stderr_lines": [
"Shared connection to 10.0.0.18 closed."
],
"stdout": "",
"stdout_lines": []
}
3)执行playbook
[root@ansible:/data/ansible]#
ansible-playbook install_httpd.yml
________________
< PLAY [websrvs] >
----------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
________________________
< TASK [Gathering Facts] >
------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
ok: [10.0.0.7]
ok: [10.0.0.18]
_______________________
< TASK [instsall httpd] >
-----------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
ok: [10.0.0.7]
ok: [10.0.0.18]
___________________________
< TASK [modify config port] >
---------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
ok: [10.0.0.7]
ok: [10.0.0.18]
____________________
< TASK [start httpd] >
--------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [10.0.0.7]
changed: [10.0.0.18]
____________
< PLAY RECAP >
------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
10.0.0.18 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.7 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
5)测试
[root@ansible:/data/ansible]#
curl 10.0.0.7:8080
10.0.0.7
[root@ansible:/data/ansible]#
curl 10.0.0.18:8080
10.0.0.18
[root@ansible:/data/ansible]#
3、http的报文结构和状态码总结
HTTP的报文分为请求报文和响应报文
request报文格式 :三部分组成,开始行,首部行,实体主体,GET时,数据实体是空的,POST是上传,是有有数据的。
<method> <request-URL> <version>
<headers>
<entity-body>
request报文格式 :三部分组成,开始行,首部行,实体主体,GET时,数据实体是空的,POST是上传,是有有数据的。
<method> <request-URL> <version>
<headers>
<entity-body>
范例:
GET / HTTP/1.1 #请求行,与报文头一一对应,/是根url
Accept: */*
Accept-Encoding: gzip, deflate
Connection: keep-alive
Host: www.magedu.com #请求报文头,键值对
User-Agent: HTTPie/0.9.4
范例:用telnet模拟
[root@centos8:/etc/httpd/conf.d]#
telnet 10.0.0.8 80
Trying 10.0.0.8...
Connected to 10.0.0.8.
Escape character is '^]'.
GET / HTTP/1.1
HOST:www.magedu.org
#GET无实体,不用添加,这里最后一个是空行,因此输入完之后敲两次回车,才会返回信息。
HTTP响应报文
response报文格式 :三部分组成,开始行,首部行,实体主体,实体主体,包含了响应的数据
<version> <status> <reason-phrase>
<headers>
<entity-body>
范例:
[root@ansible:/etc/pki/tls/certs]#
curl -v www.magedu.org
* About to connect() to www.magedu.org port 80 (#0)
* Trying 10.0.0.8...
* Connected to www.magedu.org (10.0.0.8) port 80 (#0)
> GET / HTTP/1.1 #开始行,与报文结构一一对应
> User-Agent: curl/7.29.0
> Host: www.magedu.org
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Fri, 27 May 2022 08:59:13 GMT
< Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
< Location: https://www.magedu.org/
< Content-Length: 207
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.magedu.org/">here</a>.</p>
</body></html>
* Connection #0 to host www.magedu.org left intact
#>为请求报文,<为响应报文,相应报文中空行隔开后面的为实体。
状态码:
1xx:信息提示
2xx:成功
3xx:重定向
4xx:错误类信息,客户端错误
5xx:错误类信息,服务器端错误
http协议常用状态码:
200: 成功,请求数据通过响应报文的entity-body部分发送;OK
301: 请求的资源的 URL 已永久更改。响应中会给出新的 URL;Moved Permanently
302: 此响应代码表示请求的资源的 URI 已临时更改。将来可能会对 URI 进行进一步的更改。因此,客户端应在将来的请求中使用相同的 URI。Found
304: 客户端发出了条件式请求,但服务器上的资源未曾发生改变,则通过响应此响应状态码通知客户端;Not Modified
307: 服务器发送此响应以指示客户端使用与先前请求中使用的相同方法在另一个 URI 处获取请求的资源;Temporary Redirect
401: 需要输入账号和密码认证方能访问资源;Unauthorized
403: 客户对内容没有访问权限;Forbidden
404: 服务器无法找到客户端请求的资源;Not Found
500: 服务器内部错误;Internal Server Error
502: 代理服务器从后端服务器收到了一条伪响应,如无法连接到网关;Bad Gateway
503: 服务不可用,临时服务器维护或过载,服务器无法处理请求;Service Unavailable
504: 网关超时;Gateway Timeout