文章目录
个人博客
https://blog.csdn.net/cPen_web
项目名称:使用ansible进行Nginx集群和MySQL集群的批量部署
项目环境:CentOS 7.8,ansible 2.9.15,Nginx 1.19.7,MySQL 5.7.32
项目描述:
使用ansible去批量部署6台Nginx服务器,1台NFS文件服务器,3台MySQL服务器,其中Nginx、MySQL采用源码编译安装,NFS采用yum安装。提前编写好Nginx、MySQL的编译安装脚本,通过ansible下发到Nginx和MySQL服务器上执行,全程采用playbook来实现批量自动化部署。
项目步骤:
1.部署好11台Linux虚拟机(1台ansible中控机,6台Nginx服务器,1台NFS服务器,3台MySQL服务器),全部采用1核2G内存的配置,安装好CentOS 7.8的系统;
[root@ansible ~]# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
2.然后在一台Linux系统里安装部署ansible,采用yum安装;
[root@ansible ~]# yum install epel-release
[root@ansible ~]# yum install ansible
3.编写好一键安装Nginx和MySQL的脚本;
一键安装Nginx的脚本
[root@ansible ~]# cat onekey_install_nginx.sh
#!/bin/bash
#解决软件的依赖关系,需要安装的软件包
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel gcc gcc-c++ autoconf automake make
#useradd cPen
id cPen || useradd -s /sbin/nologin cPen
#download nginx
mkdir -p /nginx
cd /nginx
curl -O http://nginx.org/download/nginx-1.19.7.tar.gz
#解压 下载的nginx的源码包
tar xf nginx-1.19.7.tar.gz
cd nginx-1.19.7
#生成编译前配置工作 --> Makefile
./configure --prefix=/usr/local/nginx --user=cPen --group=cPen --with-threads --with-http_ssl_module --with-http_realip_module --with-http_v2_module --with-file-aio --with-http_stub_status_module --with-stream
#编译
make -j 2
#编译安装 --> 将编译好的二进制程序安装到指定目录 /usr/local/nginx1
make install
#修改PATH变量
echo "PATH=$PATH:/usr/local/nginx/sbin" >>/root/.bashrc
#执行修改了环境变量的脚本
source /root/.bashrc
#启动nginx
/usr/local/nginx/sbin/nginx
#firewalld and selinux
#stop firewalld和设置下次开机不启动firewalld
service firewalld stop
systemctl disable firewalld
#临时停止selinux和永久停止selinux
setenforce 0
sed -i '/^SELINUX=/ s/enforcing/disabled/' /etc/sysconfig/selinux
#开机自启
echo "/usr/local/nginx/sbin/nginx" >>/etc/rc.local
chmod +x /etc/rc.d/rc.local
一键安装MySQL的脚本
[root@ansible ~]# vim onekey_install_mysql.sh
#/bin/bash
#author:cPen
#time:2021-02-11
#QQ:1533431376
#编译安装mysql 5.7.32
#os:centos7.8.2003
#下载mysql的源码包
yum install wget -y
wget https://downloads.mysql.com/archives/get/p/23/file/mysql-community-5.7.32-1.el7.src.rpm
#假定mysql的源码包已经上传到linux服务器里的当前目录下
#安装解决软件依赖关系的包
yum install cmake ncurses-devel gcc gcc-c++ vim lsof bzip2 openssl-devel -y
#解压src的rpm包
rpm -ivh mysql-community-5.7.32-1.el7.src.rpm
#新建用户
useradd -r -s /sbin/nologin mysql
#新建数据目录
mkdir -p /data/mysql
#修改数据目录的拥有者为mysql
chown mysql:mysql /data/mysql
#进入/root/rpmbuild/SOURCES目录
cd /root/rpmbuild/SOURCES
#解压真正的源码包
tar xf mysql-5.7.32.tar.gz
tar xf boost_1_59_0.tar.bz2
#将boost包移动到mysql解压的包里
mv boost_1_59_0 mysql-5.7.32
#进入解压后的目录
cd mysql-5.7.32
#编译前的配置
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DSYSCONFDIR=/etc -DMYSQL_USER=mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_BOOST=boost_1_59_0
##编译,启动2个进程去编译,加快速度
make -j 2
#安装编译好的二进制文件到指定的目录 --> 复制当前目录下编译好的二进制文件到当时指定的目录
make install
#备份原来的/etc/my.cnf文件,然后清空这个文件,这个文件是mariadb的配置文件,不是mysql的
cp /etc/my.cnf /root/mysql.cnf.bak
>/etc/my.cnf
#进入编译安装好的mysql的目录 --> 安装目录,开始初始化操作,并且把临时密码保存到一个文件里,方便后面登录使用
#初始化操作,其实是MySQL会去创建很多必须要的文件,会消耗磁盘空间
cd /usr/local/mysql/bin/
#执行mysqld这个程序,初始化mysql,并且将日志和临时密码重定向到/root/temp_password.txt文件里
./mysqld --initialize --user=mysql --basedir=/usr/local/mysql/ --datadir=/data/mysql &>/root/temp_password.txt
#修改PATH变量,让Linux系统里有mysql相关的命令
PATH=$PATH:/usr/local/mysql/bin
#/etc/profile /etc/bashrc /root/.bashrc /root/.bash_profile
echo 'PATH=$PATH:/usr/local/mysql/bin' >>/etc/bashrc
#拷贝mysqld的程序文件到指定的目录,方便后面设置mysqld服务开机启动 --> mysqld服务的启动、停止、重启的脚本
cp ../support-files/mysql.server /etc/init.d/mysqld
#关闭防火墙和selinux
#关闭防火墙firewalld服务
service firewalld stop
#设置firewalld服务开机不启动
systemctl disable firewalld
#临时关闭selinux
setenforce 0
#永久修改selinux配置文件里的内容
sed -i 's/=enforcing/=disabled/g' /etc/selinux/config
#设置mysql开机启动
chkconfig mysqld on
#启动MySQL
service mysqld start
#登录进去MySQL并且重新设置密码Sanchuang123#
#从保存的临时密码文件里,截取出临时密码,赋值给一个变量temp_pwd
temp_pwd=$(cat /root/temp_password.txt |tail -1|awk '{print $11}')
#给MySQL设置密码为Sanchuang123#
mysql -uroot -p$temp_pwd --connect-expired-password -e "set password='Sanchuang123#'"
echo 'onekey install mysql success'
4.在ansible服务器和所有的Nginx,MySQL,NFS服务器之间建立ssh免密通道;
[root@ansible ~]# ssh-keygen -t ecdsa # 生成密钥对
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.141
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.142
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.143
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.144
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.145
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.146
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.147
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.148
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.149
[root@ansible ~]# ssh-copy-id -i ~/.ssh/id_ecdsa.pub 192.168.31.150
5.最后编写ansible的playbook文件去统一部署Nginx,MySQL,NFS服务器。
[root@ansible ansible]# pwd
/etc/ansible
[root@ansible ansible]# cat hosts
[nfs]
192.168.31.141
[nginx]
192.168.31.142
192.168.31.143
192.168.31.144
192.168.31.145
192.168.31.146
192.168.31.147
[mysql]
192.168.31.148
192.168.31.149
192.168.31.150
[root@ansible ~]# cat ansible_playbook.yaml
- hosts: nginx
remote_user: root
tasks:
- name: deploy server-nginx
script: ~/onekey_install_nginx.sh
- hosts: mysql
remote_user: root
tasks:
- name: deploy server-mysql
script: ~/onekey_install_mysql.sh
- hosts: nfs
remote_user: root
tasks:
- name: deploy server-nfs
yum: name=nfs-utils state=installed
[root@ansible ~]# ansible-playbook ansible_playbook.yaml