安装环境
服务器 | IP |
---|
ansible | 192.168.47.128 |
Apache | 192.168.47.129 |
mysql | 192.168.47.130 |
php | 192.168.47.131 |
1、安装Ansible
[root@ansible ~]
[root@ansible ~]
- ssh设置免密登录
//先分别给三台主机创建一个用户
[root@apache ~]
[root@apache ~]
更改用户 wjj1 的密码 。
passwd:所有的身份验证令牌已经成功更新。
[root@mysql ~]
[root@mysql ~]
更改用户 wjj2 的密码 。
passwd:所有的身份验证令牌已经成功更新。
[root@php ~]
[root@php ~]
更改用户 wjj3 的密码 。
passwd:所有的身份验证令牌已经成功更新。
//设置免密登录
[root@ansible ~]
[root@ansible ~]
[root@ansible ~]
[root@ansible ~]
[root@ansible ~]
//在被管的host上启用sudo,添加sudo的用户
[root@ansible ~]
100 root ALL=(ALL) ALL
101 wjj1 ALL=(ALL) NOPASSWD
102 wjj2 ALL=(ALL) NOPASSWD
103 wjj3 ALL=(ALL) NOPASSWD
//修改清单文件
[root@ansible ~]
[root@ansible ansible]
10 [defaults]
11
12
13
14
15 inventory = /etc/ansible/inventory
16
17
18
19
20
21
22
23
24
25
26
27
341 [privilege_escalation] //去掉注释
342 become=True
343 become_method=sudo
344 become_user=root
345 become_ask_pass=False
346
347 [paramiko_connection]
[root@ansible ansible]
- 将被控机IP加入到主控机清单
[root@ansible ansible]
[apache]
192.168.47.129 ansible_user=root ansible_password=1
[mysql]
192.168.47.130 ansible_user=root ansible_password=1
[php]
192.168.47.131 ansible_user=root ansible_password=1
- 运用ping模块检查节点机
[root@ansible ansible]
192.168.47.130 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.47.131 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.47.129 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
- 使用shell模块和lineinfile模块为所有主机关闭防火墙和selinux
//关闭防火墙
[root@ansible ~]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "firewalld",
"state": "stopped",
"status": {
"ActiveEnterTimestamp": "Sat 2021-03-27 22:40:50 CST",
"ActiveEnterTimestampMonotonic": "10843417",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "polkit.service sysinit.target basic.target dbus.socket system.slice dbus.service",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
"AssertTimestamp": "Sat 2021-03-27 22:40:48 CST",
"AssertTimestampMonotonic": "9022029",
"Before": "shutdown.target network-pre.target multi-user.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
"BusName": "org.fedoraproject.FirewallD1",
"CPUAccounting": "no",
"CPUAffinity": "",
"CPUQuotaPerSecUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "[not set]",
//关闭selinux
[root@ansible ~]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
192.168.47.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
2、安装httpd、php、mysql
- 使用yum模块安装Apache服务、php服务、mysql服务
//httpd
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64",
"Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64",
"Installed: apr-1.6.3-9.el8.x86_64",
"Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: redhat-logos-httpd-81.1-1.el8.noarch",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64"
]
}
//mariadb
[root@ansible ansible]
192.168.47.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: openssl-devel-1:1.1.1c-15.el8.x86_64",
"Installed: libkadm5-1.17-18.el8.x86_64",
"Installed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64",
"Installed: libcom_err-devel-1.45.4-3.el8.x86_64",
"Installed: perl-Env-1.04-395.el8.noarch",
"Installed: unixODBC-2.3.7-1.el8.x86_64",
"Installed: pcre2-devel-10.32-1.el8.x86_64",
"Installed: pcre2-utf16-10.32-1.el8.x86_64",
"Installed: pcre2-utf32-10.32-1.el8.x86_64",
"Installed: copy-jdk-configs-3.7-1.el8.noarch",
"Installed: perl-Test-Simple-1:1.302135-1.el8.noarch",
"Installed: keyutils-libs-devel-1.5.10-6.el8.x86_64",
"Installed: zlib-devel-1.2.11-13.el8.x86_64",
"Installed: libverto-devel-0.3.0-5.el8.x86_64",
"Installed: krb5-devel-1.17-18.el8.x86_64",
"Installed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: Judy-1.0.5-18.module+el8+2765+cfa4f87b.x86_64",
"Installed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-connector-c-3.0.7-1.el8.x86_64",
"Installed: perl-Time-HiRes-1.9758-1.el8.x86_64",
"Installed: tzdata-java-2019c-1.el8.noarch",
"Installed: java-1.8.0-openjdk-headless-1:1.8.0.242.b08-4.el8.x86_64",
"Installed: mariadb-connector-c-devel-3.0.7-1.el8.x86_64",
"Installed: galera-25.3.26-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-connector-odbc-3.0.7-1.el8.x86_64",
"Installed: mariadb-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-embedded-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-embedded-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-java-client-2.2.5-2.el8.noarch",
"Installed: mariadb-oqgraph-engine-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: lksctp-tools-1.0.18-3.el8.x86_64",
"Installed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: libaio-devel-0.3.112-1.el8.x86_64",
"Installed: javapackages-filesystem-5.3.0-1.module+el8+2447+6f56d9a6.noarch",
"Installed: libselinux-devel-2.9-3.el8.x86_64",
"Installed: mariadb-server-galera-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-test-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: libsepol-devel-2.9-1.el8.x86_64",
"Installed: perl-Memoize-1.03-416.el8.noarch"
]
}
//php
[root@ansible ansible]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: lm_sensors-libs-3.4.0-21.20180522git70f7e08.el8.x86_64",
"Installed: glibc-devel-2.28-101.el8.x86_64",
"Installed: glibc-headers-2.28-101.el8.x86_64",
"Installed: libtool-2.4.6-25.el8.x86_64",
"Installed: autoconf-2.69-27.el8.noarch",
"Installed: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: libpq-12.1-3.el8.x86_64",
"Installed: m4-1.4.18-7.el8.x86_64",
"Installed: pcre-cpp-8.42-4.el8.x86_64",
"Installed: pcre-devel-8.42-4.el8.x86_64",
"Installed: pcre-utf16-8.42-4.el8.x86_64",
"Installed: automake-1.16.1-6.el8.noarch",
"Installed: pcre-utf32-8.42-4.el8.x86_64",
"Installed: net-snmp-1:5.8-14.el8.x86_64",
"Installed: net-snmp-agent-libs-1:5.8-14.el8.x86_64",
"Installed: php-bcmath-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-dba-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-dbg-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-devel-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-embedded-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-enchant-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: cpp-8.3.1-5.el8.x86_64",
"Installed: php-gd-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-gmp-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-intl-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-json-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: enchant-1:1.6.0-21.el8.x86_64",
"Installed: isl-0.16.1-6.el8.x86_64",
"Installed: php-ldap-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-mbstring-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: kernel-headers-4.18.0-193.el8.x86_64",
"Installed: php-mysqlnd-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-odbc-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: tokyocabinet-1.4.48-10.el8.x86_64",
"Installed: php-opcache-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-pdo-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-pear-1:1.10.5-9.module+el8.1.0+3202+af5476b9.noarch",
"Installed: php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.x86_64",
"Installed: php-pgsql-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-process-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: perl-Thread-Queue-3.13-1.el8.noarch",
"Installed: php-recode-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: mariadb-connector-c-3.0.7-1.el8.x86_64",
"Installed: libxcrypt-devel-4.1.1-4.el8.x86_64",
"Installed: mariadb-connector-c-config-3.0.7-1.el8.noarch",
"Installed: php-snmp-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-soap-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-xml-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: recode-3.6-47.el8.x86_64",
"Installed: php-xmlrpc-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: gcc-8.3.1-5.el8.x86_64",
"Installed: gcc-c++-8.3.1-5.el8.x86_64",
"Installed: unixODBC-2.3.7-1.el8.x86_64",
"Installed: libstdc++-devel-8.3.1-5.el8.x86_64"
]
}
- 用script模块为所有受管主机添加host解析
[root@ansible ansible]
[root@ansible ansible]
echo 192.168.47.129 apache >> /etc/hosts
echo 192.168.47.130 mysql >> /etc/hosts
echo 192.168.47.131 php >> /etc/hosts
[root@ansible ansible]
192.168.47.131 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.47.131 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.47.131 closed."
],
"stdout": "",
"stdout_lines": []
}
- 用service模块启用apache、mysql、php服务,并设置开机自启
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "network.target tmp.mount httpd-init.service systemd-tmpfiles-setup.service nss-lookup.target basic.target sysinit.target remote-fs.target system.slice -.mount systemd-journald.socket",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
[root@ansible ansible]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "php-fpm",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "-.mount systemd-tmpfiles-setup.service sysinit.target systemd-journald.socket network.target tmp.mount syslog.target basic.target system.slice",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Before": "shutdown.target",
"BlockIOAccounting": "no",
[root@ansible ansible]
192.168.47.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "mariadb",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "system.slice systemd-journald.socket sysinit.target systemd-tmpfiles-setup.service tmp.mount -.mount basic.target network.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
3、配置apache和php
- 配置apache
[root@ansible ansible]
[WARNING]: Consider using the replace, lineinfile or template module rather than running 'sed'. If you need to use
command because replace, lineinfile or template is insufficient you can add 'warn: false' to this command task or set
'command_warnings=False' in ansible.cfg to get rid of this message.
192.168.47.129 | CHANGED | rc=0 >>
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@apache ~]
58 LoadModule proxy_module modules/mod_proxy.so //短命令在上面
59 LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
- 把虚拟站点文件传输到apache服务器上
[root@ansible ansible]
[root@ansible ansible]
<VirtualHost *:80>
DocumentRoot "/var/www/html/"
ServerName www.wjj.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.47.131:9000/www/html/$1
</VirtualHost>
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "bfdf58b5a30724a80d6a430dd1ce458bf9cf63ee",
"dest": "/etc/httpd/conf.d/httpd.conf",
"gid": 0,
"group": "root",
"md5sum": "b3c4a73f7999946b5d6b82bbda7debc3",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:httpd_config_t:s0",
"size": 188,
"src": "/root/.ansible/tmp/ansible-tmp-1626689817.6103313-354229-132995721238803/source",
"state": "file",
"uid": 0
}
- 配置php
[root@ansible ansible]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
- 把php测试文件index.php放到php服务器上
//在ansible主机上编写测试文件index.php,然后把编写好的index.php传到php主机上
[root@ansible ~]
<?php
phpinfo();
?>
[root@ansible ~]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "012ee25cceff745e681fbb3697a06f3712f55554",
"dest": "/var/www/html/index.php",
"gid": 0,
"group": "root",
"md5sum": "9dccf462d245f55ac3e0cdb0e5401f5b",
"mode": "0644",
"owner": "root",
"size": 20,
"src": "/root/.ansible/tmp/ansible-tmp-1626734523.551665-67399-99980070728137/source",
"state": "file",
"uid": 0
}
[root@ansible ~]
192.168.47.131 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "b3297c8ddc22e97b622dace5e84c4e990bac811b",
"dest": "/www/html/index.php",
"gid": 0,
"group": "root",
"md5sum": "24f1084a4efde84a9884c917c92e80da",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:default_t:s0",
"size": 682,
"src": "/root/.ansible/tmp/ansible-tmp-1626691553.5397842-411699-272699504467767/source",
"state": "file",
"uid": 0
}
- httpd服务配置添加远程调用php服务
[root@apache ~]
288 AddType application/x-compress .Z
289 AddType application/x-gzip .gz .tgz
290 AddType application/x-httpd-php-source .phps
291 AddType application/x-httpd-php .php
292 Proxyrequests Off
293 ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.47.131:9000/var/www/html/$1 //此目录是php服务端站点的存放位置
- 修改php监听方式
[root@php ~]
38 ;listen = /run/php-fpm/www.sock
39 listen = 9000
- 重启服务
[root@ansible ansible]
192.168.47.129 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Mon 2021-07-19 18:43:16 CST",
"ActiveEnterTimestampMonotonic": "12302981966",
"ActiveExitTimestamp": "Mon 2021-07-19 18:43:15 CST",
"ActiveExitTimestampMonotonic": "12301763890",
"ActiveState": "active",
"After": "remote-fs.target system.slice basic.target httpd-init.service nss-lookup.target -.mount network.target systemd-journald.socket tmp.mount systemd-tmpfiles-setup.service sysinit.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
[root@ansible ansible]
192.168.47.130 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "mariadb",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Mon 2021-07-19 18:15:00 CST",
"ActiveEnterTimestampMonotonic": "10828740940",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "system.slice systemd-journald.socket systemd-tmpfiles-setup.service basic.target network.target -.mount tmp.mount sysinit.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "yes",
"AssertTimestamp": "Mon 2021-07-19 18:14:57 CST",
4、访问
![在这里插入图片描述](https://i-blog.csdnimg.cn/blog_migrate/c75dba33d88a11cbe0c346e4dba02b66.png)