playbook部署lamp（循环、事实、机密）

最新推荐文章于 2021-07-29 19:25:58 发布

Wangjingjing.

最新推荐文章于 2021-07-29 19:25:58 发布

阅读量161

点赞数

分类专栏：自动化运维

本文链接：https://blog.csdn.net/m0_46289146/article/details/119109675

版权

自动化运维专栏收录该内容

21 篇文章 0 订阅

订阅专栏

playbook部署lamp（循环、事实、机密）

- 一、环境准备
- 二、实验步骤

一、环境准备

主机	IP
ansible	192.168.47.128
node	192.168.47.129

二、实验步骤

开始之前先关闭防火墙和selinux

创建项目文件夹

[root@ansible ansible]# cd lamp/
[root@ansible lamp]# tree
.
├── conf
│   ├── httpd.conf
│   ├── httpd-vhosts.conf
│   ├── index.php
│   └── www.conf
├── install
│   └── index.php
└── vars
    ├── packages.yml
    ├── pa.yml
    ├── service.yml
    └── user.yml

3 directories, 9 files

把虚拟站点文件传输到node服务器上

[root@ansible lamp]# cat conf/httpd-vhosts.conf 
<VirtualHost *:80>
    DocumentRoot "/var/www/html"
    ServerName www.wjj.com
    ProxyRequests Off
    ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/var/www/html/$1 
    <Directory "/var/www/html">      
        Options none
        AllowOverride none
        Require all granted
    </Directory>
</VirtualHost>

编写需要传到部署机器的index.php文件

[root@ansible lamp]# cat conf/index.php 
<?php
    phpinfo();
?>

编写需要安装的服务的安装包文件、用户文件、服务文件

[root@ansible lamp]# cat vars/service.yml 
service:
  - httpd
  - mariadb
  - php-fpm
[root@ansible lamp]# cat vars/user.yml 
name:
 - apache
 - mysql
 - php

[root@ansible lamp]# cat vars/packages.yml 
tools:
  - httpd*
  - mariadb*
  - php*

编写部署lamp的lamp.yml

[root@ansible lamp]# cat install/lamp.yml 
---
- name: "install httpd* mariadb* php* service"
  hosts: 192.168.47.129
  gather_facts: no
  vars_files:
    - /etc/ansible/lamp/vars/packages.yml
    - /etc/ansible/lamp/vars/user.yml
    - /etc/ansible/lamp/vars/service.yml  
  tasks:
    - name: "install"
      yum: 
        name: "{{ item }}"
        state: present
      loop: "{{ tools }}"

    - name: "create user"
      user:
        name: "{{ item }}"
        state: present
        system: yes
        create_home: no
        shell: /sbin/nologin
      loop: "{{ name }}"  

    - name: "copy is httpd.conf "
      copy:
        src: /etc/ansible/lamp/conf/httpd.conf 
        dest: /etc/httpd/conf/httpd.conf

    - name: "copy is vhosts.conf"
      copy:
        src: /etc/ansible/lamp/conf/httpd-vhosts.conf
        dest: /etc/httpd/conf.d/httpd-vhosts.conf

    - name: "copy is index.php"
      copy:
        src: /etc/ansible/lamp/conf/index.php
        dest: /var/www/html/index.php

    - name: "copy is www.conf"
      copy:
        src: /etc/ansible/lamp/conf/www.conf
        dest: /etc/php-fpm.d/www.conf  

    - name: "stopped is firewalld"
      service: 
        name: firewalld
        state: stopped
        enabled: no
    - name: "setenforce 0"
      shell: "setenforce 0"

    - name: "httpd mariadb php is enabled"
      service:
        name: "{{ item }}"
        state: started
        enabled: yes
      loop: "{{ server }}"

运行结果

[root@ansible ansible]# ansible-playbook lamp/tasks/lamp.yml 
[WARNING]: Found variable using reserved name: name

PLAY [install httpd* mariadb* php* service] *******************************************************************************

TASK [install] ************************************************************************************************************
ok: [192.168.47.129] => (item=httpd*)
ok: [192.168.47.129] => (item=mariadb*)
ok: [192.168.47.129] => (item=php*)

TASK [create user] ********************************************************************************************************
ok: [192.168.47.129] => (item=apache)
ok: [192.168.47.129] => (item=mysql)
ok: [192.168.47.129] => (item=php)

TASK [copy is httpd.conf] *************************************************************************************************
changed: [192.168.47.129]

TASK [copy is vhosts.conf] ************************************************************************************************
changed: [192.168.47.129]

TASK [copy is index.php] **************************************************************************************************
changed: [192.168.47.129]

TASK [copy is www.conf] ***************************************************************************************************
changed: [192.168.47.129]

TASK [stopped is firewalld] ***********************************************************************************************
ok: [192.168.47.129]

TASK [setenforce 0] *******************************************************************************************************
changed: [192.168.47.129]

TASK [httpd mariadb php is enabled] ***************************************************************************************
changed: [192.168.47.129] => (item=httpd)
changed: [192.168.47.129] => (item=mariadb)
changed: [192.168.47.129] => (item=php-fpm)

PLAY RECAP ****************************************************************************************************************
192.168.47.129             : ok=9    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

给packages.yml加密

[root@ansible lamp]# ansible-vault encrypt vars/packages.yml
New Vault password: 
Confirm New Vault password: 
Encryption successful
[root@ansible lamp]# cat vars/packages.yml 
$ANSIBLE_VAULT;1.1;AES256
34366132373330363064316461396430333537373239633437663936343739323039393064326537
3538326134666537616331653337323536366262396635640a373437336436386237333535313866
66663361376631623532666438393039353335663462396538386636316435653861373965383962
3038323266313962610a393635303837386533653630376531633732653630376566323464616639
38333764333861373233613139363036363864386638633563356561343536306632616466376437
6261646436363864396139323362643931653361376539623532

//创建一个文件存放加密文件密码
[root@ansible lamp]# cat vars/pa.yml 
.pass=wangjingjing!

访问测试
在这里插入图片描述

Wangjingjing.

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
playbook部署lamp（循环、事实、机密）

playbook部署lamp（循环、事实、机密）一、环境准备二、实验步骤一、环境准备主机IPansible192.168.47.128node192.168.47.129二、实验步骤开始之前先关闭防火墙和selinux创建项目文件夹[root@ansible ansible]# cd lamp/[root@ansible lamp]# tree.├── conf│ ├── httpd.conf│ ├── httpd-vhosts.conf│
复制链接

扫一扫

专栏目录