使用Ansible自动化服务器设置：DigitalOcean Workshop Kit

最新推荐文章于 2024-05-30 14:44:15 发布

cukw6666

最新推荐文章于 2024-05-30 14:44:15 发布

阅读量132

点赞数

文章标签：数据库 linux ubuntu 运维 php

原文链接：https://www.digitalocean.com/community/meetup_kits/automating-server-setup-with-ansible-a-digitalocean-workshop-kit

版权

Automating Server Setup with Ansible Workshop Kit Materials 使用Ansible Workshop套件材料自动化服务器设置

This workshop kit is designed to help a technical audience become familiar with configuration management concepts and how to use Ansible to automate server infrastructure setup.

该研讨会工具包旨在帮助技术人员熟悉配置管理概念以及如何使用Ansible自动化服务器基础结构设置。

The aim is to provide a complete set of resources for a speaker to host an event and deliver an introductory talk on Ansible. It includes:

目的是为演讲者提供一整套资源来主持活动并就Ansible进行介绍性演讲。这包括：

Slides and speaker notes including short demo videos and commands for running an optional live demo. This talk runs for roughly 50 minutes.
幻灯片和演讲者备注，包括简短的演示视频和用于运行可选现场演示的命令。这场演讲进行了大约50分钟。
A GitHub repository containing the demo app code and the necessary Ansible scripts to deploy that application to an Ubuntu server.
包含演示应用程序代码和必要的Ansible脚本的GitHub存储库 ，用于将该应用程序部署到Ubuntu服务器。
This tutorial, which walks a user through rolling out the Travellist demo Laravel application on a remote server.
本教程将引导用户逐步在远程服务器上推出Travellist演示Laravel应用程序。

This tutorial is intended to supplement the talk demo with additional detail and elucidation. It also serves as a reference for readers seeking to deploy a Laravel application to a remote Ubuntu server using Ansible.

本教程旨在通过其他细节和说明来补充演讲演示。它也为寻求使用Ansible将Laravel应用程序部署到远程Ubuntu服务器的读者提供参考。

介绍 (Introduction)

Server automation now plays an essential role in systems administration, due to the disposable nature of modern application environments. Configuration management tools such as Ansible are typically used to streamline the process of automating server setup by establishing standard procedures for new servers. This has the benefit of reducing human error associated with manual setups.

由于现代应用程序环境具有可处理性，因此服务器自动化现在在系统管理中起着至关重要的作用。配置管理工具(例如Ansible)通常用于通过为新服务器建立标准过程来简化服务器设置自动化的过程。这样做的好处是减少了与手动设置相关的人为错误。

Ansible offers a simplified architecture that doesn’t require special software to be installed on nodes. It also provides a robust set of features and built-in modules which facilitate writing automation scripts.

Ansible提供了一种简化的体系结构，不需要在节点上安装特殊软件。它还提供了一组功能强大的功能和内置模块，可帮助编写自动化脚本。

This tutorial, designed to accompany the Slides and speaker notes for the Automating Server Setup with Ansible Workshop Kit, will show you how to set up an inventory file and execute a set of provisioning scripts to fully automate the process of setting up a remote LEMP server (Linux, (E)Nginx, MariaDB and PHP-FPM) on Ubuntu 18.04 and to deploy a demo Laravel application to this system.

本教程旨在与使用Ansible Workshop Kit进行服务器自动设置的幻灯片和演讲者注释一起，向您展示如何设置清单文件并执行一组配置脚本以完全自动化设置远程LEMP服务器的过程(L inux下，(E)的Nginx 中，M ariaDB和P HP-FPM)在Ubuntu 18.04和部署演示Laravel应用到这个系统。

Note: This material is intended to demonstrate how to use playbooks to automate server setup with Ansible. Although our demo consists of a Laravel application running on a LEMP server, readers are encouraged to modify and adapt the included setup to suit their own needs.

注意：本材料旨在演示如何使用剧本通过Ansible自动化服务器设置。尽管我们的演示由在LEMP服务器上运行的Laravel应用程序组成，但仍鼓励读者修改和调整所包含的设置以适合他们自己的需求。

先决条件 (Prerequisites)

To follow this tutorial, you will need:

要遵循本教程，您将需要：

One Ansible control node: an Ubuntu 18.04 machine with Ansible installed and configured to connect to your Ansible hosts using SSH keys. Make sure the control node has a regular user with sudo permissions and a firewall enabled, as explained in our Initial Server Setup guide, and a set of valid SSH keys. To set up Ansible, please follow our guide on How to Install and Configure Ansible on Ubuntu 18.04.
一个Ansible控制节点 ：安装了Ansible并配置为使用SSH密钥连接到您的Ansible主机的Ubuntu 18.04计算机。确保控制节点具有sudo权限的常规用户和启用的防火墙(如我们的初始服务器设置指南中所述)，以及一组有效的SSH密钥。要设置Ansible，请遵循有关如何在Ubuntu 18.04上安装和配置Ansible的指南。
One or more Ansible Hosts: one or more remote Ubuntu 18.04 servers. Each host must have the control node’s public key added to its authorized_keys file, as explained in Step 2 of the How to Set Up SSH Keys on Ubuntu 18.04 guide. In case you are using DigitalOcean Droplets as nodes, you can use the control panel to add your public key to your Ansible hosts.
一台或多台Ansible主机 ：一台或多台远程Ubuntu 18.04服务器。每个主机必须将控制节点的公钥添加到其authorized_keys文件中，如《如何在Ubuntu 18.04上设置SSH密钥》指南的步骤2中所述。如果您使用DigitalOcean Droplets作为节点，则可以使用控制面板将您的公钥添加到Ansible主机。

第1步-克隆演示存储库 (Step 1 — Cloning the Demo Repository)

The first thing we need to do is clone the repository containing the Ansible provisioning scripts and the demo Laravel application that we’ll deploy to the remote servers. All the necessary files can be found at the do-community/ansible-laravel-demo Github repository.

我们需要做的第一件事是克隆包含Ansible设置脚本和将要部署到远程服务器的演示Laravel应用程序的存储库。所有必要的文件都可以在do-community / ansible-laravel-demo Github存储库中找到。

After logging in to your Ansible control node as your sudo user, clone the repository and navigate to the directory created by the git command:

以sudo用户身份登录到Ansible控制节点后，克隆存储库并导航到git命令创建的目录：

git clone https://github.com/do-community/ansible-laravel-demo.git
git clone https://github.com/do-community/ansible-laravel-demo.git
cd ansible-laravel-demo
cd ansible-laravel-demo

Now, you can run an ls command to inspect the contents of the cloned repository:

现在，您可以运行ls命令来检查克隆的存储库的内容：

ls -l --group-directories-first
ls -l --group-directories-first

You’ll see output like this:

您将看到如下输出：

ansible-laravel-demo

drwxrwxr-x 3 sammy sammy 4096 Mar 24 15:24 application
drwxrwxr-x 2 sammy sammy 4096 Mar 24 15:24 group_vars
drwxrwxr-x 7 sammy sammy 4096 Mar 24 15:24 roles
-rw-rw-r-- 1 sammy sammy  102 Mar 24 15:24 inventory-example
-rw-rw-r-- 1 sammy sammy 1987 Mar 24 15:24 laravel-deploy.yml
-rw-rw-r-- 1 sammy sammy  794 Mar 24 15:24 laravel-env.j2
-rw-rw-r-- 1 sammy sammy  920 Mar 24 15:24 readme.md
-rw-rw-r-- 1 sammy sammy  318 Mar 24 15:24 server-setup.yml

Here’s an overview of each of these folders and files and what they are:

以下是这些文件夹和文件及其各自的概述：

application/: This directory contains the demo Laravel application that is going to be deployed on the remote server by the end of the workshop.
application/ ：此目录包含演示Laravel应用程序，该应用程序将在研讨会结束时部署在远程服务器上。
group_vars/: This directory holds variable files containing custom options for the application setup, such as database credentials and where to store the application files on the remote server.
group_vars/ ：此目录包含包含用于应用程序设置的自定义选项的变量文件，例如数据库凭据以及在远程服务器上存储应用程序文件的位置。
roles/: This directory contains the different Ansible roles that handle the provisioning of an Ubuntu LEMP server.
roles/ ：此目录包含不同的Ansible角色，这些角色处理Ubuntu LEMP服务器的配置。
inventory-example: This file can be used as a base to create a custom inventory for your infrastructure.
inventory-example ：此文件可用作创建基础结构自定义库存的基础。
laravel-deploy.yml: This playbook will deploy the demo Laravel application to the remote server.
laravel-deploy.yml ：此剧本会将演示Laravel应用程序部署到远程服务器。
laravel-env.j2: This template is used by the laravel-deploy.yml playbook to set up the application environment file.
laravel-env.j2 ： laravel-deploy.yml剧本使用此模板来设置应用程序环境文件。
readme.md: This file contains general information about the provisioning contained in this repository.
readme.md ：此文件包含有关此存储库中包含的配置的一般信息。
server-setup.yml: This playbook will provision a LEMP server using the roles defined in the roles/ directory.
server-setup.yml ：该剧本将使用roles/目录中定义的角色来配置LEMP服务器。

第2步-设置清单文件并测试与节点的连接 (Step 2 — Setting Up the Inventory File and Testing Connection to Nodes)

We’ll now create an inventory file to list the hosts we want to manage using Ansible. First, copy the inventory-example file to a new file called hosts:

现在，我们将创建一个清单文件，以列出要使用Ansible管理的主机。首先，将inventory-example文件复制到名为hosts的新文件中：

cp inventory-example hosts
cp清单示例主机

Now, use your text editor of choice to open the new inventory file and update it with your own servers. Here, we’ll use nano:

现在，使用您选择的文本编辑器打开新的清单文件，并使用您自己的服务器对其进行更新。在这里，我们将使用nano ：

nano hosts
纳米主机

The example inventory that comes with the workshop kit contains two Ansible groups: dev and production. This is meant to demonstrate how to use group variables to customize deployment in multiple environments. If you wish to test this setup with a single node, you can use either the dev or the production group and remove the other one from the inventory file.

Workshop工具包随附的示例清单包含两个Ansible组： dev和production 。这旨在演示如何使用组变量在多个环境中自定义部署。如果希望使用单个节点测试此设置，则可以使用dev或production组，并从清单文件中删除另一个。

ansible-laravel-demo/hosts

ansible-laravel-demo /主机

[dev]
203.0.113.0.101

[prod]
203.0.113.0.102

[all:vars]
ansible_python_interpreter=/usr/bin/python3

Note: the ansible_python_interpreter variable defines the path to the Python executable on the remote host. Here, we’re telling Ansible to set this variable for all hosts in this inventory file.

注意： ansible_python_interpreter变量定义远程主机上Python可执行文件的路径。在这里，我们告诉Ansible为此清单文件中的所有主机设置此变量。

Save and close the file when you’re done. If you are using nano, you can do that by hitting CTRL+X, then Y and ENTER to confirm.

完成后，保存并关闭文件。如果您使用的是nano ，则可以通过按CTRL+X ，然后按Y和ENTER进行确认。

Once you’re done adjusting your inventory file, you can execute the ping Ansible module to test whether the control node is able to connect to the hosts:

调整清单文件后，可以执行ping Ansible模块来测试控制节点是否能够连接到主机：

ansible all -i hosts -m ping -u root
ansible all -i主机-m ping -u root

Let’s break down this command:

让我们分解一下这个命令：

all: This option tells Ansible to run the following command on all hosts from the designated inventory file.
all ：此选项告诉Ansible在指定清单文件中的所有主机上运行以下命令。
-i hosts: Specifies which inventory should be used. When this option is not provided, Ansible will try to use the default inventory, which is typically located at /etc/ansible/hosts.
-i hosts ：指定应使用的库存。如果未提供此选项，Ansible将尝试使用默认清单，该清单通常位于/etc/ansible/hosts 。
-m ping: This will execute the ping Ansible module, which will test connectivity to nodes and whether or not the Python executable can be found on the remote systems.
-m ping ：这将执行ping Ansible模块，该模块将测试与节点的连接以及是否可以在远程系统上找到Python可执行文件。
-u root: This option specifies which remote user should be used to connect to the nodes. We’re using the root account here as an example because this is typically the only account available on fresh new servers. Other connection options might be necessary depending on your infrastructure provider and SSH configuration.
-u root ：此选项指定应使用哪个远程用户连接到节点。我们此处以root帐户为例，因为通常这是新服务器上唯一可用的帐户。其他连接选项可能是必需的，具体取决于您的基础结构提供程序和SSH配置。

If your SSH connection to the nodes is properly set up, you’ll get the following output:

如果与节点的SSH连接正确设置，您将获得以下输出：


   
   
    
    Output
   
   203.0.113.0.101 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
203.0.113.0.102 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

The pong response means your control node is able to connect to your managed nodes, and that Ansible is able to execute Python commands on the remote hosts.

pong响应表示您的控制节点能够连接到您的受管节点，并且Ansible能够在远程主机上执行Python命令。

步骤3 —设置变量文件 (Step 3 — Setting Up Variable Files)

Before running the playbooks that are included in this workshop kit, you’ll first need to edit the variable file that contains settings such as the name of the remote user to create and the database credentials to set up with MariaDB.

在运行本研讨会工具包中包含的剧本之前，您首先需要编辑变量文件，该文件包含一些设置，例如要创建的远程用户的名称和要使用MariaDB设置的数据库凭据。

Open the group_vars/all file using your text editor of choice:

使用您选择的文本编辑器打开group_vars/all文件：

nano group_vars/all.yml
纳米组_vars / all.yml

ansible-laravel-demo/group_vars/all.yml

ansible-laravel-demo / group_vars / all.yml

---
# Initial Server Setup
remote_user: sammy

# MySQL Setup
mysql_root_password: MYSQL_ROOT_PASSWORD
mysql_app_db: travellist
mysql_app_user: travellist_user
mysql_app_pass: DB_PASSWORD

# Web Server Setup
http_host: " {{ ansible_facts.eth0.ipv4.address }} "
remote_www_root: /var/www
app_root_dir: travellist-demo
document_root: "{{ remote_www_root }}/{{ app_root_dir }}/public"

# Laravel Env Variables
app_name: Travellist
app_env: dev
app_debug: true
app_url: "http://{{ http_host }}"
db_host: localhost
db_port: 3306
db_database: "{{ mysql_app_db }}"
db_user: "{{ mysql_app_user }}"
db_pass: "{{ mysql_app_pass }}"

The variables that need your attention are:

需要注意的变量是：

remote_user: The specified user will be created on the remote server and granted sudo privileges.
remote_user ：将在远程服务器上创建指定的用户并授予sudo特权。
mysql_root_password: This variable defines the database root password for the MariaDB server. Note that this should be a secure password of your own choosing.
mysql_root_password ：此变量定义MariaDB服务器的数据库根密码。请注意，这应该是您自己选择的安全密码。
mysql_app_db: The name of the database to create for the Laravel application. You don’t need to change this value, but you are free to do so if you wish. This value will be used to set up the .env Laravel configuration file.
mysql_app_db ：为Laravel应用程序创建的数据库的名称。您无需更改此值，但可以随意更改。此值将用于设置.env Laravel配置文件。
mysql_app_user: The name of the database user for the Laravel application. Again, you are not required to change this value, but you are free to do so.
mysql_app_user ：Laravel应用程序的数据库用户名。同样，您不需要更改此值，但是您可以随意更改。
mysql_app_pass: The database password for the Laravel application. This should be a secure password of your choosing.
mysql_app_pass ：Laravel应用程序的数据库密码。这应该是您选择的安全密码。
http_host: The domain name or IP address of the remote host. Here, we’re using an Ansible fact that contains the ipv4 address for the eth0 network interface. In case you have domain names pointing to your remote hosts, you may want to create separate variable files for each of them, overwriting this value so that the Nginx configuration contains the correct hostname for each server.
http_host ：远程主机的域名或IP地址。在这里，我们使用的Ansible事实包含eth0网络接口的ipv4地址。如果您的域名指向您的远程主机，则可能需要为每个主机创建单独的变量文件，并覆盖此值，以便Nginx配置包含每个服务器的正确主机名。

When you are finished editing these values, save and close the file.

完成这些值的编辑后，保存并关闭文件。

为多个环境创建其他变量文件 (Creating additional variable files for multiple environments)

If you’ve set up your inventory file with multiple nodes, you might want to create additional variable files to configure each node accordingly. In our example inventory, we have created two distinct groups: dev and production. To avoid having the same database credentials and other settings in both environments, we need to create a separate variable file to hold production values.

如果已将清单文件设置为具有多个节点，则可能需要创建其他变量文件来相应地配置每个节点。在示例清单中，我们创建了两个不同的组： dev和production 。为了避免在两种环境中使用相同的数据库凭据和其他设置，我们需要创建一个单独的变量文件来保存生产值。

You might want to copy the default variable file and use it as base for your production values:

您可能要复制默认变量文件，并将其用作生产值的基础：

cp group_vars/all.yml group_vars/production.yml
cp group_vars / all.yml group_vars / production.yml
nano group_vars/production.yml
纳米组_vars / production.yml

Because the all.yml file contains the default values that should be valid for all environments, you can remove all the variables that won’t need changing from the new production.yml file. The variables that you should update for each environment are highlighted here:

因为all.yml文件包含对所有环境都有效的默认值，所以您可以从新的production.yml文件中删除所有不需要更改的变量。您应为每种环境更新的变量在此处突出显示：

ansible-laravel-demo/group_vars/production

ansible-laravel-demo / group_vars / production

---
# Initial Server Setup
remote_user: prod_user

# MySQL Setup
mysql_root_password: MYSQL_PROD_ROOT_PASSWORD
mysql_app_pass: MYSQL_PROD_APP_PASSWORD

# Laravel Env Variables
app_env: prod
app_debug: false

Notice that we’ve changed the app_env value to prod and set the app_debug value to false. These are recommended Laravel settings for production environments.

注意，我们已经将app_env值更改为prod ，并将app_debug值设置为false 。对于生产环境，建议使用这些Laravel设置。

Once you’re finished customizing your production variables, save and close the file.

完成自定义生产变量后，保存并关闭文件。

使用Ansible Vault加密变量文件 (Encrypting variable files with Ansible Vault)

If you plan on sharing your Ansible setup with other users, it is important to keep the database credentials and other sensitive data in your variable files safe. This is possible with Ansible Vault, a feature that is included with Ansible by default. Ansible Vault allows you to encrypt variable files so that only users with access to the vault password can view, edit or unencrypt these files. The vault password is also necessary to run a playbook or a command that makes use of encrypted files.

如果您打算与其他用户共享您的Ansible设置，请务必确保变量文件中的数据库凭据和其他敏感数据安全。 Ansible Vault可以实现此功能，Ansible默认包含此功能。 Ansible Vault允许您加密变量文件，以便只有有权使用Vault密码的用户才能查看，编辑或取消加密这些文件。 Vault密码对于运行剧本或使用加密文件的命令也是必需的。

To encrypt your production variable file, run:

要加密生产变量文件，请运行：

ansible-vault encrypt group_vars/production.yml
ansible-Vault加密group_vars / production.yml

You will be prompted to provide a vault password and confirm it. Once you’re finished, if you check the contents of that file, you’ll see that the data is now encrypted.

系统将提示您提供一个保管库密码并进行确认。完成后，如果检查该文件的内容，您将看到数据现在已加密。

If you want to view the variable file without changing its contents, you can use the view command:

如果要查看变量文件而不更改其内容，可以使用view命令：

ansible-vault view group_vars/production.yml
ansible-Vault视图group_vars / production.yml

You will be prompted to provide the same password you defined when encrypting that file with ansible-vault. After providing the password, the file’s contents will appear in your terminal. To exit the file view, type q.

使用ansible-vault加密该文件时，系统将提示您提供与定义的相同密码。提供密码后，文件的内容将出现在您的终端中。要退出文件视图，请输入q 。

To edit a file that was previously encrypted with Ansible Vault, use the edit vault command:

要编辑以前使用Ansible Vault加密的文件，请使用edit vault命令：

ansible-vault edit group_vars/production.yml
ansible-Vault编辑group_vars / production.yml

This command will prompt you to provide the vault password for that file. Your default terminal editor will then be used to open the file for editing. After making the desired changes, save and close the file, and it will be automatically encrypted again by Ansible Vault.

该命令将提示您提供该文件的文件库密码。然后，将使用您的默认终端编辑器打开文件进行编辑。进行所需的更改后，保存并关闭文件，Ansible Vault会再次对其进行自动加密。

You have now finished setting up your variable files. In the next step, we’ll run the playbook to set up Nginx, PHP-FPM, and MariaDB (which, along with a Linux-based operating system like Ubuntu, form the LEMP stack) on your remote server(s).

现在，您已经完成了变量文件的设置。下一步，我们将运行该剧本，以在远程服务器上设置Nginx，PHP-FPM和MariaDB(它们与基于Linux的操作系统(如Ubuntu)一起形成LEMP堆栈)。

步骤4 —运行LEMP Playbook (Step 4 — Running the LEMP Playbook)

Before deploying the demo Laravel app to the remote server(s), we need to set up a LEMP environment that will serve the application. The server-setup.yml playbook includes the Ansible roles necessary to set this up. To inspect its contents, run:

在将演示Laravel应用程序部署到远程服务器之前，我们需要设置一个可以为该应用程序提供服务的LEMP环境。 server-setup.yml剧本包含进行此设置所需的Ansible角色。要检查其内容，请运行：

cat server-setup.yml
cat server-setup.yml

ansible-laravel-demo/server-setup.yml

ansible-laravel-demo / server-setup.yml

---
- hosts: all
  become: true
  roles:
    - { role: setup, tags: ['setup'] }

    - { role: mariadb, tags: ['mysql', 'mariadb', 'db', 'lemp'] }

    - { role: php, tags: ['php', 'web', 'php-fpm', 'lemp'] }

    - { role: nginx, tags: ['nginx', 'web', 'http', 'lemp'] }

    - { role: composer, tags: ['composer'] }

Here’s an overview of all the roles included within this playbook:

以下是此剧本中所有角色的概述：

setup: Contains the tasks necessary to create a new system user and grant them sudo privileges, as well as enabling the ufw firewall.
setup ：包含创建新系统用户并向他们授予sudo权限以及启用ufw防火墙所需的任务。
mariadb: Installs the MariaDB database server and creates the application database and user.
mariadb ：安装MariaDB数据库服务器并创建应用程序数据库和用户。
php: Installs php-fpm and PHP modules that are necessary in order to run a Laravel application.
php ：安装运行Laravel应用程序所需的php-fpm和PHP模块。
nginx: Installs the Nginx web server and enables access on port 80.
nginx ：安装Nginx Web服务器并启用对端口80访问。
composer: Installs Composer globally.
composer ：全局安装Composer。

Notice that we’ve set up a few tags within each role. This is to facilitate re-running only parts of this playbook, if necessary. If you make changes to your Nginx template file, for instance, you might want to run only the Nginx role.

请注意，我们在每个角色中都设置了一些标签。如果需要，这是为了便于仅重新运行本手册的部分内容。例如，如果您对Nginx模板文件进行更改，则可能只想运行Nginx角色。

The following command will execute this playbook on all servers from your inventory file. The --ask-vault-pass is only necessary in case you have used ansible-vault to encrypt variable files in the previous step:

以下命令将从您的清单文件在所有服务器上执行此剧本。仅在上一步中使用ansible-vault加密变量文件的情况下，才需要--ask-vault-pass ：

ansible-playbook -i hosts server-setup.yml -u root --ask-vault-pass
ansible-playbook -i托管server-setup.yml -u root –ask-vault-pass

You’ll get output similar to this:

您将获得类似于以下的输出：


   
   
    
    Output
   
   PLAY [all] **********************************************************************************************

TASK [Gathering Facts] **********************************************************************************
ok: [203.0.113.0.101]
ok: [203.0.113.0.102]

TASK [setup : Install Prerequisites] ********************************************************************
changed: [203.0.113.0.101]
changed: [203.0.113.0.102]

...

RUNNING HANDLER [nginx : Reload Nginx] ******************************************************************
changed: [203.0.113.0.101]
changed: [203.0.113.0.102]

PLAY RECAP **********************************************************************************************
203.0.113.0.101             : ok=31   changed=27   unreachable=0    failed=0    skipped=0    rescued=0    ignored=1   
203.0.113.0.102            : ok=31   changed=27   unreachable=0    failed=0    skipped=0    rescued=0    ignored=1

Your node(s) are now ready to serve PHP applications using Nginx+PHP-FPM, with MariaDB as database server. In the next step, we’ll deploy the included demo Laravel app with the laravel-deploy.yml Ansible playbook.

您的节点现在可以使用MariaDB作为数据库服务器，使用Nginx + PHP-FPM服务PHP应用程序。下一步，我们将在laravel-deploy.yml Ansible剧本中部署随附的演示Laravel应用程序。

步骤5 —部署Laravel应用程序 (Step 5 — Deploying the Laravel Application)

Now that you have a working LEMP environment on your remote server(s), you can execute the laravel-deploy.yml playbook. This playbook will execute the following tasks:

现在，您的远程服务器上具有运行中的LEMP环境，您可以执行laravel-deploy.yml剧本了。该剧本将执行以下任务：

Create the application document root on the remote server, if it hasn’t already been created.
如果尚未创建应用程序文档根目录，请在远程服务器上创建它。
Synchronize the local application folder to the remote server using the sync module.
使用sync模块将本地应用程序文件夹同步到远程服务器。
Use the acl module to set permissions for the www-data user on the storage folder.
使用acl模块为存储文件夹上的www-data用户设置权限。
Set up the .env application file based on the laravel-env.j2 template.
根据laravel-env.j2模板设置.env应用程序文件。
Install application dependencies with Composer.
使用Composer安装应用程序依赖项。
Generate application security key.
生成应用程序安全密钥。
Set up a public link for the storage folder.
设置storage文件夹的公共链接。
Run database migrations and seeders.
运行数据库迁移和种子。

This playbook should be executed by a non-root user with sudo permissions. This user should have been created when you executed the server-setup.yml playbook in the previous step, using the name defined by the remote_user variable.

该剧本应由具有sudo权限的非root用户执行。在上一步执行server-setup.yml剧本时，应该使用remote_user变量定义的名称来创建此用户。

When you’re ready, run the laravel-deploy.yml playbook with:

准备就绪后，使用以下命令运行laravel-deploy.yml剧本：

ansible-playbook -i hosts laravel-deploy.yml -u sammy --ask-vault-pass
ansible-playbook -i托管laravel-deploy.yml -u sammy --ask-vault-pass

The --ask-vault-pass is only necessary in case you have used ansible-vault to encrypt variable files in the previous step.

仅在上一步中使用ansible-vault加密变量文件的情况下，才需要--ask-vault-pass 。

You’ll get output similar to this:

您将获得类似于以下的输出：


   
   
    
    Output
   
   PLAY [all] **********************************************************************************************

TASK [Gathering Facts] **********************************************************************************
ok: [203.0.113.0.101]
ok: [203.0.113.0.102]

TASK [Make sure the remote app root exists and has the right permissions] *******************************
ok: [203.0.113.0.101]
ok: [203.0.113.0.102]

TASK [Rsync application files to the remote server] *****************************************************
ok: [203.0.113.0.101]
ok: [203.0.113.0.102]

...

TASK [Run Migrations + Seeders] *************************************************************************
ok: [203.0.113.0.101]
ok: [203.0.113.0.102]

PLAY RECAP **********************************************************************************************
203.0.113.0.101             : ok=10   changed=9    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
203.0.113.0.102             : ok=10   changed=9    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

When the execution is finished, you can access the demo application by pointing your browser to your node’s domain name or IP address:

执行完成后，您可以通过将浏览器指向节点的域名或IP地址来访问演示应用程序：

http:// node_domain_or_IP

You will see a page like this:

您将看到如下页面：

结论 (Conclusion)

This tutorial demonstrates how to set up an Ansible inventory file and connect to remote nodes, and how to run Ansible playbooks to set up a LEMP server and deploy a Laravel demo application to it. This guide compliments the Automating Server Setup with Ansible Workshop Kit’s slides and speaker notes, and is accompanied by a demo GitHub repository containing all necessary files to follow up with the demo component of this workshop.

本教程演示了如何设置Ansible清单文件并连接到远程节点，以及如何运行Ansible剧本来设置LEMP服务器并向其部署Laravel演示应用程序。本指南补充了Ansible Workshop Kit的幻灯片服务器和演讲者注释中的“自动服务器设置”，并附带了一个GitHub演示存储库，其中包含所有必需的文件，以跟进该研讨会的演示组件。

翻译自: https://www.digitalocean.com/community/meetup_kits/automating-server-setup-with-ansible-a-digitalocean-workshop-kit

cukw6666

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
使用Ansible自动化服务器设置：DigitalOcean Workshop Kit

Automating Server Setup with Ansible Workshop Kit Materials使用Ansible Workshop套件材料自动化服务器设置 This workshop kit is designed to help a technical audience become familiar with configuration management con...
复制链接

扫一扫