角色的作用
角色其实就是每个功能模块,它是对原先playbook的一种优化方法,就拿zabbix来说,如果将zabbix四个部分写在一个playbook中,文本会十分冗长,不方便阅读也不方便维护。可以考虑将其分解,它需要zabbix_server
zabbix_agent
zabbix数据库
以及web前端
,也就是说如果用角色的方式来优化zabbix的部署,那么至少需要四个角色,将冗长的文本按功能拆分,这样会更简洁。
部署
现在我们就来尝试部署:
部署前准备
1.在部署之前我们要先确保ansible工作状态良好,并且已经完成免密
下面文件是之前直接书写playbook时所用过的,这里可以直接拿来拷贝到对应的files目录中
[devops@server10 ansible]$ ls
ansible.cfg hosts roles ssh.yml zabbix zabbix.yml
[devops@server10 ansible]$ ll zabbix
total 1352
-rw-r--r-- 1 devops devops 952 Nov 23 20:53 agent.yml
-rw-r--r-- 1 devops devops 1316758 Nov 23 20:46 create.sql.gz
-rw-r--r-- 1 devops devops 1358 Nov 23 20:55 db.yml
-rw-r--r-- 1 devops devops 4729 Nov 23 21:09 deploy.yml
-rw-r--r-- 1 devops devops 596 Nov 23 20:53 my.cnf
-rw-r--r-- 1 devops devops 1234 Nov 23 20:46 server.yml
-rw-r--r-- 1 devops devops 1241 Nov 23 20:46 web.yml
-rw-r--r-- 1 devops devops 10962 Nov 23 20:56 zabbix_agentd.conf.j2
-rw-r--r-- 1 devops devops 870 Nov 23 20:46 zabbix.conf
-rw-r--r-- 1 devops devops 17395 Nov 23 20:54 zabbix_server.conf
运行ssh.yml
可以进行免密操作
[devops@server10 ansible]$ cat ssh.yml
---
- hosts: all
tasks:
- name: Set up authorized keys
authorized_key:
user: devops
state: present
key: '{
{ item }}'
with_file:
- ~/.ssh/id_rsa.pub
2.在普通用户家目录下的ansible
目录下role目录
.四个角色都将放在这个目录下
[devops@server10 ansible]$ mkdir roles
[devops@server10 ansible]$ ls
ansible.cfg hosts roles ssh.yml zabbix
将角色默认路径改为当前路径
[devops@server10 ansible]$ cat ansible.cfg
[defaults]
inventory = ./hosts
roles_path = ./roles
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
如果不是在ansible
目录下,会读取到/home/devops/.ansible/roles
[devops@server10 roles]$ ansible-galaxy list
# /usr/share/ansible/roles
# /etc/ansible/roles
[WARNING]: - the configured path /home/devops/.ansible/roles does not exist.
[devops@server10 ansible]$ ansible-galaxy list
# /home/devops/ansible/roles
3.现在开始真正的部署
zabbix-mysqld的部署
- zabbix-mysql的
tasks
[devops@server10 roles]$ ansible-galaxy init zabbix_db
- Role zabbix_server was created successfully
[devops@server10 roles]$ ls
zabbix_db zabbix_server
[devops@server10 roles]$ cd zabbix_server/
[devops@server10 zabbix_server]$ ls
defaults files handlers meta README.md tasks templates tests vars
[devops@server10 zabbix_db]$ cd tasks
[devops@server10 tasks]$ ls
main.yml
[devops@server10 tasks]$ vim main.yml
---
- name: install mariadb
yum:
name: mairadb-server,MySQL-python
state: present
- name: config mariadb
copy:
src: my.cnf
dest: /etc/my.cnf
notify: restart mariadb
- name: start mariadb
service:
name: '{
{ item }}'
state: started
loop:
- mariadb
- firewalld
- name: create database zabbix
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: present
notify:import create.sql
- name: create user
mysql_user:
login_user: root ##在这里要注意,此时root是有密码的,即已经进行过安全初始化,但是安全初始化的时候不能拒绝root远程连接
login_password: westos
name: zabbix
password: zabbix
host: '%'
priv: 'zabbix.*:ALL'
state: present
- name: copy create.sql
copy:
src: create.sql.gz
dest: /tmp/create.sql.gz
- name: config firewalld
firewalld: