一、使用ansible的playbook实现自动化安装httpd
1、创建key
[root@backup ~]#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:vYxVOJHMjH/qrFkRI8TsCb6NciLduTRM2L3i2QqwxL8 root@backup
The key's randomart image is:
+---[RSA 2048]----+
| o.=.. |
| ..+ =o |
| + +.o= . |
| . . + +o.=. |
| +. + =S.+o |
| ..++ @ o+.o |
| ..o* *.o+ |
| o+ .oo |
| E ..o. |
+----[SHA256]-----+
2、拷贝到192.168.100.47
[root@backup ~]#ssh-copy-id 192.168.100.47
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.100.47 (192.168.100.47)' can't be established.
ECDSA key fingerprint is SHA256:cKzjRBY7k8/AlzznEd2bbhsJzmO02b6EovRBGDjJnzg.
ECDSA key fingerprint is MD5:a4:d9:34:aa:60:ab:29:ea:9a:bf:a0:00:23:da:3c:5f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.47's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.100.47'"
and check to make sure that only the key(s) you wanted were added.
3、验证
[root@backup ~]#ssh 192.168.100.47
Last login: Sat Oct 31 16:10:33 2020 from 192.168.100.1
[root@cilent ~]#
4.安装ansible
[root@backup ~]#yum install -y ansible
5.配置主机清单
vim /etc/ansible/hosts
[httpd]
192.168.100.47
6、编写playbook,注意使用的yml格式:
vim httpd.yml
- hosts: httpd
remote_user: root
tasks:
- name: install httpd
yum: name=httpd state=present
- name: copy config
copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/
- name: start httpd
service: name=httpd state=started enabled=yes
语法检查
[root@backup ~]#vim ansible_httpd.yml
[root@backup ~]#ansible-playbook -C ansible_httpd.yml
PLAY [httpd] *************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************
ok: [192.168.100.47]
TASK [install httpd] *****************************************************************************************************************
changed: [192.168.100.47]
TASK [copy config] *******************************************************************************************************************
changed: [192.168.100.47]
TASK [start httpd] *******************************************************************************************************************
changed: [192.168.100.47]
PLAY RECAP ***************************************************************************************************************************
192.168.100.47 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
使用ansible-playbook正式跑到脚本
[root@backup ~]#ansible-playbook ansible_httpd.yml
PLAY [httpd] *************************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************************
ok: [192.168.100.47]
TASK [install httpd] *****************************************************************************************************************
changed: [192.168.100.47]
TASK [copy config] *******************************************************************************************************************
changed: [192.168.100.47]
TASK [start httpd] *******************************************************************************************************************
changed: [192.168.100.47]
PLAY RECAP ***************************************************************************************************************************
192.168.100.47 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@backup2 ~]#ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:* users:(("rpcbind",pid=580,fd=8))
LISTEN 0 128 *:22 *:* users:(("sshd",pid=896,fd=3))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",pid=898,fd=12))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1004,fd=13))
LISTEN 0 128 127.0.0.1:6010 *:* users:(("sshd",pid=1195,fd=9))
LISTEN 0 128 127.0.0.1:6011 *:* users:(("sshd",pid=1195,fd=12))
LISTEN 0 128 :::9999 :::* users:(("httpd",pid=2621,fd=4),("httpd",pid=2620,fd=4),("httpd",pid=2619,fd=4),("httpd",pid=2617,fd=4),("httpd",pid=2616,fd=4),("httpd",pid=2614,fd=4))
LISTEN 0 128 :::111 :::* users:(("rpcbind",pid=580,fd=11))
LISTEN 0 128 :::22 :::* users:(("sshd",pid=896,fd=4))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",pid=898,fd=11))
LISTEN 0 100 ::1:25 :::* users:(("master",pid=1004,fd=14))
LISTEN 0 128 ::1:6010 :::* users:(("sshd",pid=1195,fd=8))
LISTEN 0 128 ::1:6011 :::* users:(("sshd",pid=1195,fd=11))
二、建立httpd服务器,要求提供两个基于名称的虚拟主机:
(1)www.X.com,页面文件目录为/web/vhosts/x;错误日志为
/var/log/httpd/x.err,访问日志为/var/log/httpd/x.access
(2)www.Y.com,页面文件目录为/web/vhosts/y;错误日志为 /var/log/httpd/www2.err,访问日志为/var/log/httpd/y.access
(3)为两个虚拟主机建立各自的主页文件index.html,内容分别为其对应的主机名
1.建立各自的目录
[root@xcdp17 ~]#mkdir /web/hosts/{x,y} -pv
mkdir: created directory ‘/web’
mkdir: created directory ‘/web/hosts’
mkdir: created directory ‘/web/hosts/x’
mkdir: created directory ‘/web/hosts/y’
2.建立各自主页面
[root@xcdp17 ~]#echo www.x.com > /web/hosts/x/index.xml
[root@xcdp17 ~]#echo www.y.com > /web/hosts/y/index.xml
[root@xcdp17 ~ /web]#tree
.
└── hosts
├── x
│ └── index.xml
└── y
└── index.xml
3.建立虚拟主机配置
vim /etc/httpd/conf.d/test.vim
<VirtualHost *:80>
ServerName www.x.com
DocumentRoot "/web/vhosts/x"
ErrorLog "/var/log/httpd/x.err_log" #错误日志
CustomLog "/var/log/httpd/x.access_log" combined #访问日志
<Directory "/web/vhosts/x">
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName www.y.com
DocumentRoot "/web/vhosts/y"
ErrorLog "/var/log/httpd/y.err_log" #错误日志
CustomLog "/var/log/httpd/y.access_log" combined #访问日志
<Directory "/web/vhosts/y">
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
~
4.配置本地虚拟机
vim /etc/hosts
192.168.100.17 www.x.com
192.168.100.17 www.y.xom
5.本地测试(确保防火墙关闭,seliunx关闭)
[root@cilent ~]#curl www.x.com
x
[root@cilent ~]#curl www.y.com
y
1、总结描述kubectl常用命令并用实例说明。
2、总结k8s的常见的volume使用。