ansible-playbook部署lnmp
虽然没有什么高超技术含量,但是是真的实用
ansible的yaml部署文档,自改编于apache章节lnmp部署文档。
##基本文件及模板准备
##所有文件存放目录展示
[root@yulong-member1 lnmp]# pwd
/root/lnmp
##nginx镜像文件展示
[root@yulong-member1 lnmp]# cat cangku.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
##数据库初次更改密码脚本展示
[root@yulong-member1 lnmp]# cat mm.sh
my=`grep 'temporary password' /var/log/mysqld.log`
mysqls=${my:0-12}
mysql -uroot -p${mysqls} --connect-expired-password -e "alter user 'root'@'localhost' identified by 'Com.123!';"
##php-fpm原文件展示
[root@yulong-member1 lnmp]# cat www.conf | grep nginx
user = nginx #两项改为nginx,其他的都是默认的,太多了不便展示
group = nginx
##nginx主机配置模板展示
[root@yulong-member1 lnmp]# cat default.conf.j2 | grep -v "#"
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm index.php;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
include fastcgi_params;
}
}
##两个测试文件展示
[root@yulong-member1 lnmp]# cat index.php
<?php
phpinfo();
?>
[root@yulong-member1 lnmp]# cat mysql_test.php
<?PHP
$conn=mysqli_connect("localhost","dbadmin","Com.123!");
if($conn){
echo"ok";
}else{
echo"error";
}
?>
##ansible脚本展示
[root@yulong-member1 lnmp]# cat lnmp.yaml
---
- hosts: test
remote_user: root
tasks:
- name: "nginx仓库"
copy: src=/root/lnmp/cangku.repo dest=/etc/yum.repos.d/nginx.repo
- name: "epel源安装"
yum: name=epel-release state=installed
- name: "nginx安装"
yum: name=nginx state=installed
- name: "导入并解压mysql仓库包"
copy: src=/root/mysql80-community-release-el7-3.noarch.rpm dest=/root/mysql.repo.rpm
- name: "解压"
yum: name=mysql.repo.rpm
- name: "安装mysql"
yum: name=mysql-community-server state=installed
- name: "启动mysql"
service: name=mysqld state=restarted enabled=true
- name: "mysql初始密码过滤脚本拷贝"
copy: src=/root/lnmp/mm.sh dest=/root/mm.sh mode=777
# - name: "安装脚本中需要的工具"
# yum: name=expect state=latest
# - name: "执行脚本,变更初始密码(这个只能跑一次,若已经跑过,请注销)"
# shell: /root/mm.sh
# - name: "mysql创建授权用户(这个只能跑一次,若已经跑过,请注销)"
# shell: mysql -uroot -pCom.123! -e "create user 'dbadmin'@'%' identified with mysql_native_password by 'Com.123!'"
# - name: "授权用户(1)(这个只能跑一次,若已经跑过,请注销)"
# shell: mysql -uroot -pCom.123! -e "grant all on *.* to 'dbadmin'@'%'"
# - name: "授权用户(2)(这个只能跑一次,若已经跑过,请注销)"
# shell: mysql -uroot -pCom.123! -e "grant GRANT OPTION on *.* to 'dbadmin'@'%'"
- name: "关闭防火墙"
service: name=firewalld state=stopped enabled=false
- name: "关闭seliux"
shell: setenforce 0
- name: "下载php7的yum源"
get_url: url=https://mirror.webtatic.com/yum/el7/webtatic-release.rpm dest=/root/
- name: "安装php7源"
yum: name=webtatic-release.rpm
# - name: "如果安装报错,可能是这个包导致,鉴于环境而非必要(下载)"
# get_url: url=http://rpmfind.net/linux/fedora/linux/releases/30/Everything/x86_64/os/Packages/l/libargon2-20161029-8.fc30.x86_64.rpm
# - name: "如果安装报错,可能是这个包导致,鉴于环境而非必要(安装)"
# yum: name=libargon2-20161029-8.fc30.x86_64.rpm state=installed
- name: "安装php7.2"
yum: name=php72w,php72w-cli,php72w-common,php72w-gd,php72w-ldap,php72w-mbstring,php72w-mysql,php72w-pdo
- name: "安装php-fpm"
yum: name=php72w-fpm,php72w-opcache
- name: "启动php-fpm"
service: name=php-fpm state=restarted enabled=true
- name: "php-fpm配置文件"
copy: src=/root/lnmp/www.conf dest=/etc/php-fpm.d/www.conf
- name: "nginx配置文件"
template: src=/root/lnmp/default.conf.j2 dest=/etc/nginx/conf.d/default.conf
notify:
- "更改配置文件触发重启nginx(同名)"
- name: "启动nginx(注意端口冲突)"
service: name=nginx state=restarted enabled=true
- name: "写入测试nginx和php连接测试文件"
copy: src=/root/lnmp/index.php dest=/usr/share/nginx/html/
- name: "写入是否可以连接mysql数据库文件"
copy: src=/root/lnmp/mysql_test.php dest=/usr/share/nginx/html/
handlers: #tasks结束时触发
- name: "更改配置文件触发重启nginx(同名)"
service: name=nginx state=restarted
##查看访问结果(可以看出LNMP环境已经就绪)测试与部署分开,一目了然。
[root@yulong-member1 lnmp]# ansible test -m shell -a 'curl -I -s http://localhost/index.php | grep 200 warn=false'
192.168.136.112 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
192.168.136.113 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
[root@yulong-member1 lnmp]# ansible test -m shell -a 'curl -I -s http://localhost/mysql_test.php | grep 200 warn=false'
192.168.136.113 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
192.168.136.112 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
[root@yulong-member1 lnmp]# ansible test -m shell -a ‘curl -I -s http://localhost/mysql_test.php | grep 200 warn=false’
192.168.136.113 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
192.168.136.112 | CHANGED | rc=0 >>
HTTP/1.1 200 OK
``