Ansible实现LAMP架构的分离部署
环境说明:
主机名 | ip |
---|---|
node1(Ansible控制主机) | 192.168.200.152 |
node2(受管主机apache) | 192.168.200.153 |
node3(受管主机MySQL) | 192.168.200.154 |
node4(受管主机PHP) | 192.168.200.155 |
在Ansible主机清单中将node1,node2,node3加人清单
[root@node1 ~]# vim /etc/ansible/inventory
[apache]
node2
192.168.200.153
[mysql]
node3
192.168.200.154
[php]
node4
192.168.200.155
对三天受管主机进行测试,看通过Ansible主机能否ping通
node2:
[root@node1 ~]# ansible node2 -m ping
node2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
node3:
[root@node1 ~]# ansible node3 -m ping
node3 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
node4:
[root@node1 ~]# ansible node4 -m ping
node4 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
1. 安装httpd
在node1上通过ansible执行以下命令为node2安装apache服务
[root@node1 ~]# ansible node2 -m yum -a 'name=httpd state=present'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: mod_http2-1.15.7-3.module_el8.4.0+778+c970deab.x86_64",
"Installed: centos-logos-httpd-85.8-1.el8.noarch",
"Installed: mailcap-2.1.48-3.el8.noarch",
"Installed: httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
"Installed: apr-1.6.3-11.el8.x86_64",
"Installed: httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch",
"Installed: apr-util-1.6.1-6.el8.x86_64",
"Installed: apr-util-bdb-1.6.1-6.el8.x86_64",
"Installed: httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64",
"Installed: apr-util-openssl-1.6.1-6.el8.x86_64"
]
}
启用apache服务并设置开机自启
[root@node1 ~]# ansible node2 -m service -a 'name=httpd state=started enabled=yes'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "httpd",
"state": "started",
"status": {
......略
}
配置防火墙放行httpd服务
[root@node1 ~]# ansible node2 -m firewalld -a 'service=http zone=public permanent=yes state=enabled'
node2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Permanent operation"
}
[root@node1 ~]# ansible node2 -m firewalld -a 'service=https zone=public permanent=yes state=enabled'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "Permanent operation, Changed service https to enabled"
}
//重新加载防火墙配置
[root@node1 ~]# ansible node2 -a 'firewall-cmd --reload'
node2 | CHANGED | rc=0 >>
success
完成后我们到浏览器访问一下
2. 安装MySQL数据库
在ansible主机中为node3安装数据库服务
//安装mariadb
[root@node1 ~]# ansible node3 -m yum -a 'name=mariadb state=present'
node3 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
......略
}
//安装mariadb-server
[root@node1 ~]# ansible node3 -m yum -a 'name=mariadb-server state=present'
node3 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
启动mariadb并设置开机自启动
[root@node1 ~]# ansible node3 -m service -a 'name=mariadb state=started enabled=yes'
node3 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"enabled": true,
"name": "mariadb",
"state": "started",
"status": {
......略
}
3.安装PHP及常用组件
//安装php
[root@node1 ~]# ansible node4 -m yum -a 'name=php state=present'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
......略
}
//安装php相关组件
[root@node1 ~]# ansible node4 -m yum -a 'name=php-* state=present'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
......略
}
[root@node1 ~]# ansible node4 -m yum -a 'name=curl state=present'
node4 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
[root@node1 ~]# ansible node4 -m yum -a 'name=curl-devel state=present'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"msg": "",
"rc": 0,
"results": [
"Installed: libcurl-7.61.1-18.el8.x86_64",
"Installed: libcurl-devel-7.61.1-18.el8.x86_64",
"Removed: libcurl-7.61.1-17.el8.x86_64"
4. 配置apache和php
httpd服务器配置
[root@node1 ~]# ansible node2 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf line="<VirtualHost 192.168.200.152:80>\nDocumentRoot "/var/www/html/www1"\nServerName www.node2.com\nProxyRequests off\nProxyPassMatch ^/(.*\.php)$ fcgi://192.168.200.155:9000/var/www/html/www1/$1\n<Directory "/var/www/html/www1">\nOptions None\nAllowOverride None\nOrder allow,deny\nAllow from all\n</Directory>\n</VirtualHost>"'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@node1 ~]# ansible node2 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^AddType " insertafter="^AddType application/x-" line="AddType application/x-httpd-php .php"'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
[root@node1 ~]# ansible node2 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^AddType " insertafter="^AddType application/x-" line="AddType application/x-httpd-php-source .phps"'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
[root@node1 ~]# ansible node2 -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^DirectoryIndex" line="DirectoryIndex index.html index.php"'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line added"
}
php服务端配置:
[root@node1 ~]# ansible node4 -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="^listen =" line="listen = 192.168.200.155:9000"'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
[root@node1 ~]# ansible node4 -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="^listen.allowed_clients =" line="listen.allowed_clients = 192.168.200.152"'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"backup": "",
"changed": true,
"msg": "line replaced"
}
//创建根目录
[root@node1 ~]# ansible node4 -a 'mkdir /var/www/html/'
node2 | CHANGED | rc=0 >>
重启php服务和apache服务
//重启apache服务
[root@node1 ~]# ansible node2 -m service -a 'name=httpd state=restarted'
node2 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "httpd",
"state": "started",
"status": {
......略
}
//重启php服务
[root@node1 ~]# ansible node4 -m service -a 'name=php-fpm state=restarted'
node4 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"name": "php-fpm",
"state": "started",
"status": {
......略
}
访问测试