ansible部署分离部署LAMP架构
环境
主机名 | IP地址 |
---|---|
ansible | 192.168.35.135 |
apache | 192.168.35.136 |
mysql | 192.168.35137 |
php | 192.168.35.138 |
在ansible主机上添加受管主机清单
[root@ansible ansible]# cat inventory
[apache]
192.168.35.136
[mysql]
192.168.35.137
[php]
192.168.35.138
创建免密登陆
[root@ansible ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:s6eZWPGMdgrRXVy4lQSFOjqA1N7i8vMcRImhP/+hHro root@ansible
The key's randomart image is:
+---[RSA 3072]----+
| .. .*+. |
| ...o . .o.o |
| ..o..o .oo |
| ..+o..o.. |
| .+oS... |
| . .=oB |
| o. O.* |
| oB % . |
| E=X . |
+----[SHA256]-----+
[root@ansible ~]# ssh-copy-id 192.168.35.136
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.35.136's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.35.136'"
and check to make sure that only the key(s) you wanted were added.
[root@ansible ~]# ssh-copy-id 192.168.35.137
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.35.137 (192.168.35.137)' can't be established.
ECDSA key fingerprint is SHA256:/S+IR3rxguljU7xUg9RM410Ziz2Y31yUmeaPoEubINs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.35.137's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.35.137'"
and check to make sure that only the key(s) you wanted were added.
[root@ansible ~]# ssh-copy-id 192.168.35.137
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)
[root@ansible ~]# ssh-copy-id 192.168.35.138
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.35.138 (192.168.35.138)' can't be established.
ECDSA key fingerprint is SHA256:/S+IR3rxguljU7xUg9RM410Ziz2Y31yUmeaPoEubINs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.35.138's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.35.138'"
and check to make sure that only the key(s) you wanted were added.
[root@ansible ~]#
使用ping模块测试受控主机是否连通
[root@ansible ~]# ansible all -m ping
192.168.35.136 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.35.137 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.35.138 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
使用shell模块和lineinfile模块为所有主机关闭防火墙和selinux
//关闭防火墙
[root@ansible ~]# ansible all -m shell -a 'systemctl stop firewalld && systemctl disable firewalld '
192.168.35.138 | CHANGED | rc=0 >>
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
192.168.35.137 | CHANGED | rc=0 >>
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
192.168.35.136 | CHANGED | rc=0 >>
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//关闭selinux
[root@ansible ~]# ansible all -m lineinfile -a 'path=/etc/selinux/config regexp="^SELINUX=" line="SELINUX=disabled"'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
192.168.35.137 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
[root@ansible ~]#
使用yum模块为Apache主机安装Apache
[root@ansible ~]# ansible apache -m yum -a "name=httpd"
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: apr-1.6.3-9.el8.x86_64",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: redhat-logos-httpd-81.1-1.el8.noarch",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64",
"Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch",
"Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64",
"Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64"
]
}
使用yum模块为mysql主机安装mysql服务
[root@ansible ~]# ansible mysql -m yum -a 'name=mariadb*'
192.168.35.137 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: perl-Env-1.04-395.el8.noarch",
"Installed: unixODBC-2.3.7-1.el8.x86_64",
"Installed: copy-jdk-configs-3.7-1.el8.noarch",
"Installed: perl-Test-Simple-1:1.302135-1.el8.noarch",
"Installed: tzdata-java-2019c-1.el8.noarch",
"Installed: mariadb-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-backup-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: Judy-1.0.5-18.module+el8+2765+cfa4f87b.x86_64",
"Installed: mariadb-common-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-connector-c-3.0.7-1.el8.x86_64",
"Installed: mariadb-connector-c-config-3.0.7-1.el8.noarch",
"Installed: perl-Time-HiRes-1.9758-1.el8.x86_64",
"Installed: java-1.8.0-openjdk-headless-1:1.8.0.242.b08-4.el8.x86_64",
"Installed: mariadb-connector-c-devel-3.0.7-1.el8.x86_64",
"Installed: galera-25.3.26-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-connector-odbc-3.0.7-1.el8.x86_64",
"Installed: mariadb-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-embedded-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-embedded-devel-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-errmsg-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-gssapi-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-java-client-2.2.5-2.el8.noarch",
"Installed: mariadb-oqgraph-engine-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: lksctp-tools-1.0.18-3.el8.x86_64",
"Installed: mariadb-server-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: javapackages-filesystem-5.3.0-1.module+el8+2447+6f56d9a6.noarch",
"Installed: libaio-devel-0.3.112-1.el8.x86_64",
"Installed: mariadb-server-galera-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-server-utils-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: mariadb-test-3:10.3.17-1.module+el8.1.0+3974+90eded84.x86_64",
"Installed: perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64",
"Installed: perl-Memoize-1.03-416.el8.noarch"
]
}
使用yum模块为php主机安装php服务
[root@ansible ~]# ansible php -m yum -a "name=php*"
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: mariadb-connector-c-3.0.7-1.el8.x86_64",
"Installed: httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64",
"Installed: httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch",
"Installed: mariadb-connector-c-config-3.0.7-1.el8.noarch",
"Installed: httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64",
"Installed: automake-1.16.1-6.el8.noarch",
"Installed: net-snmp-1:5.8-14.el8.x86_64",
"Installed: php-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: net-snmp-agent-libs-1:5.8-14.el8.x86_64",
"Installed: php-bcmath-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-cli-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-common-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-dba-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-dbg-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-devel-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-embedded-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-snmp-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-enchant-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-fpm-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-gd-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: mod_http2-1.11.3-3.module+el8.2.0+4377+dc421495.x86_64",
"Installed: nginx-filesystem-1:1.14.1-9.module+el8.0.0+4108+af250afe.noarch",
"Installed: php-gmp-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-intl-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-soap-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-json-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: recode-3.6-47.el8.x86_64",
"Installed: enchant-1:1.6.0-21.el8.x86_64",
"Installed: php-ldap-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-mbstring-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: tokyocabinet-1.4.48-10.el8.x86_64",
"Installed: php-mysqlnd-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-odbc-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-opcache-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-pdo-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-pear-1:1.10.5-9.module+el8.1.0+3202+af5476b9.noarch",
"Installed: php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: apr-1.6.3-9.el8.x86_64",
"Installed: php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.x86_64",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: php-pgsql-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: php-process-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: perl-Thread-Queue-3.13-1.el8.noarch",
"Installed: php-recode-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-IDNA_Convert-0.8.0-14.el8.noarch",
"Installed: php-adodb-5.20.6-9.el8.noarch",
"Installed: php-pear-Auth-SASL-1.1.0-6.el8.noarch",
"Installed: php-pear-Cache-Lite-1.8.3-1.el8.noarch",
"Installed: php-pear-Date-1.4.7-22.el8.noarch",
"Installed: php-pear-HTTP-Request-1.4.4-18.el8.noarch",
"Installed: php-pear-Mail-1.4.1-6.el8.noarch",
"Installed: php-pear-Net-SMTP-1.9.0-1.el8.noarch",
"Installed: php-pear-Net-Socket-1.2.2-6.el8.noarch",
"Installed: php-pear-Net-URL-1.0.15-20.el8.noarch",
"Installed: php-pear-Text-Diff-1.2.2-9.el8.noarch",
"Installed: php-xmpphp-0.1-0.23.rc2.r77.el8.noarch",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64",
"Installed: php-xml-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: php-xmlrpc-7.2.24-1.module+el8.2.0+4601+7c76a223.x86_64",
"Installed: unixODBC-2.3.7-1.el8.x86_64",
"Installed: lm_sensors-libs-3.4.0-21.20180522git70f7e08.el8.x86_64",
"Installed: redhat-logos-httpd-81.1-1.el8.noarch",
"Installed: libtool-2.4.6-25.el8.x86_64",
"Installed: autoconf-2.69-27.el8.noarch",
"Installed: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64",
"Installed: libpq-12.1-3.el8.x86_64",
"Installed: m4-1.4.18-7.el8.x86_64"
]
}
使用script模块为所有受管主机添加host解析
[root@ansible ansible]# cat host.sh
#!/bin/bash
echo 192.168.35.136 apache >> /etc/hosts
echo 192.168.35.137 mysql >> /etc/hosts
echo 192.168.35.138 php >> /etc/hosts
[root@ansible ansible]# ansible all -m script -a '/etc/ansible/host.sh'
192.168.35.136 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.35.136 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.35.136 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.35.138 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.35.138 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.35.138 closed."
],
"stdout": "",
"stdout_lines": []
}
192.168.35.137 | CHANGED => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.35.137 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.35.137 closed."
],
"stdout": "",
"stdout_lines": []
}
使用service模块启用apache、mysql、php服务,并设置开机自启
[root@ansible ~]# ansible apache -m service -a "name=httpd state=started enabled=yes"
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "basic.target system.slice tmp.mount network.target systemd-tmpfiles-setup.service remote-fs.target sysinit.target -.mount httpd-init.service nss-lookup.target systemd-journald.socket",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
.............
[root@ansible ~]# ansible php -m service -a "name=php-fpm state=started enabled=yes"
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "php-fpm",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "network.target syslog.target -.mount tmp.mount systemd-tmpfiles-setup.service systemd-journald.socket sysinit.target basic.target system.slice",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
..............
[root@ansible ~]# ansible mysql -m service -a "name=mariadb state=started enabled=yes"
192.168.35.137 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "mariadb",
"state": "started",
"status": {
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "network.target systemd-tmpfiles-setup.service -.mount basic.target sysinit.target tmp.mount systemd-journald.socket system.slice",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
"AmbientCapabilities": "",
"AssertResult": "no",
使用shell、lineinfile、copy模块来修改apache的配置
[root@ansible ~]# ansible apache -m shell -a 'sed -i "/DirectoryIndex/s/index.html/index.php index.html/g" /etc/httpd/conf/httpd.conf'
192.168.35.136 | CHANGED | rc=0 >>
[root@ansible ~]# ansible apache -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="AddType application/x-gzip.gz.tgz" line="AddType application/x-httpd-php .php"'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]# ansible apache -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="AddType application/x-gzip .gz.tgz" line="AddType application/x-httpd-php-source.phps"'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ~]# ansible apache -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="# LoadModule foo_module modules/mod_foo.so" line="LoadModule proxy_module modules/mod_proxy.so"'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ~]# ansible apache -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="# LoadModule foo_module modules/mod_foo.so" line="LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so"'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
把虚拟站点文件传输到apache服务器上
[root@ansible ansible]# vim /root/httpd.conf
[root@ansible ansible]# cat /root/httpd.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html/"
ServerName www.ansible.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.35.138:9000/www/html/$1
</VirtualHost>
[root@ansible ansible]# ansible apache -m copy -a 'src=/root/httpd.conf dest=/etc/httpd/conf.d/'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "164d64c4d5a318e5f53b862be7f5f64757fa22e7",
"dest": "/etc/httpd/conf.d/httpd.conf",
"gid": 0,
"group": "root",
"md5sum": "8ba496e98726df0f1d5d6bdaf47ccaf6",
"mode": "0644",
"owner": "root",
"size": 184,
"src": "/root/.ansible/tmp/ansible-tmp-1626634125.713699-1366458-122833635380879/source",
"state": "file",
"uid": 0
}
[root@apache html]# vim /etc/httpd/conf/httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#Include conf.modules.d/*.conf
使用lineinfile模块来修改php的配置文件
[root@ansible ansible]# ansible php -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="listen = /usr" line="listen = 0.0.0.0:9000"'
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@ansible ansible]# ansible php -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="listen.allowed_clients = 127.0.0.1" line="listen.allowed_clients = 192.168.35.136"'
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
把php测试文件index.php放到php服务器上
[root@ansible ~]# ansible php -m copy -a 'src=index.php dest=/www/html/'
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "b3297c8ddc22e97b622dace5e84c4e990bac811b",
"dest": "/www/html/index.php",
"gid": 0,
"group": "root",
"md5sum": "24f1084a4efde84a9884c917c92e80da",
"mode": "0644",
"owner": "root",
"size": 682,
"src": "/root/.ansible/tmp/ansible-tmp-1626639490.1302476-1569650-63636623964637/source",
"state": "file",
"uid": 0
}
网站源码要放在php服务端的/var/www/html目录
httpd服务配置添加远程调用php服务
[root@apache html]# vim /etc/httpd/conf/httpd.conf
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php-source .phps
AddType application/x-httpd-php .php
Proxyrequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.35.138:9000/var/www/html/$1
|__此目录是php服务端站点的存放位置
#
修改php服务监听方式
[root@php ~]# vim /etc/php-fpm.d/www.conf
Note: This value is mandatory.
listen = /run/php-fpm/www.sock
listen = 9000
Set listen(2) backlog.
Default Value: 511
listen.backlog = 511
使用service模块重启服务
[root@ansible ~]# ansible apache -m service -a 'name=httpd state=restarted'
192.168.35.136 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "httpd",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Sun 2021-07-18 14:18:14 EDT",
"ActiveEnterTimestampMonotonic": "1687750076",
"ActiveExitTimestamp": "Sun 2021-07-18 14:56:07 EDT",
"ActiveExitTimestampMonotonic": "3960529872",
"ActiveState": "failed",
"After": "nss-lookup.target tmp.mount -.mount system.slice basic.target systemd-tmpfiles-setup.service sysinit.target network.target systemd-journald.socket remote-fs.target httpd-init.service",
"AllowIsolate": "no",
[root@ansible ansible]# ansible php -m service -a 'name=php-fpm state=restarted'
192.168.35.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "php-fpm",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Sun 2021-07-18 14:20:26 EDT",
"ActiveEnterTimestampMonotonic": "1818573356",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "-.mount network.target syslog.target systemd-tmpfiles-setup.service tmp.mount system.slice systemd-journald.socket basic.target sysinit.target",
"AllowIsolate": "no",
"AllowedCPUs": "",
"AllowedMemoryNodes": "",
[root@ansible ansible]# ansible mysql -m service -a 'name=mariadb state=restarted'
192.168.35.137 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "mariadb",
"state": "started",
"status": {
"ActiveEnterTimestamp": "Sun 2021-07-18 14:21:44 EDT",
"ActiveEnterTimestampMonotonic": "1896786251",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "active",
"After": "systemd-tmpfiles-setup.service -.mount sysinit.target tmp.mount network.target systemd-journald.socket basic.target system.slice",
"AllowIsolate": "no",
访问ip验证!