该博客详细介绍了如何使用Ansible创建角色来安装和配置HTTPD服务。内容包括创建角色目录结构,定义任务文件如package.yml用于安装依赖,group.yml和useradd.yml用于管理用户和组,以及build.yml用于编译源码。此外,还涉及了服务模板httpd.service.j2的创建,以及设置启动脚本和变量定义。在执行过程中需要注意变量命名规则和提前创建目录。
项目结构图
[root@ubuntu20 /data/ansible/roles/httpd]#pwd
/data/ansible/roles/httpd
# 创建角色相关的目录(注意:目录名必须这样定义,不允许自定义)
[root@ubuntu20 /data/ansible/roles/httpd]#mkdir -pv /data/ansible/roles/httpd/{tasks,handlers,files,templates,vars}
[root@ubuntu20 /data/ansible/roles/httpd]#tree
.
├── files
│ ├── apr-1.7.0.tar.gz
│ ├── apr-util-1.6.1.tar.gz
│ └── httpd-2.4.48.tar.gz
├── handlers
│ └── main.yml
├── tasks
│ ├── build.yml
│ ├── group.yml
│ ├── main.yml
│ ├── package.yml
│ ├── set_httpd_group.yml
│ ├── set_httpd_user.yml
│ ├── start.yml
│ └── useradd.yml
├── templates
│ └── httpd.service.j2
└── vars
└── main.yml
5 directories, 14 files
# 创建角色相关的文件
[root@ubuntu20 /data/ansible/roles/httpd]#cat handlers/main.yml
---
- name: restart httpd
service: name=httpd state=restarted
- debug: msg="httpd start succesfull"
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/package.yml
---
- name: install packages for CentOS
yum: name=gcc,make,pcre-devel,openssl-devel,expat-devel,bzip2,gzip state=installed
when: ansible_facts['distribution'] == "CentOS"
- name: install packages for Ubuntu
apt: name=gcc,make,libapr1-dev,libaprutil1-dev,libpcre3,libpcre3-dev,libssl-dev,bzip2,gzip
when: ansible_facts['distribution'] == "Ubuntu"
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/group.yml
---
- name: delete {{ prefix }}
file: path={{ prefix }} state=absent
ignore_errors: True
- name: create {{ prefix }}
file: path={{ prefix }} state=directory owner=root group=root mode=755
- name: create group
group: name={{ group }} gid={{ gid }} system=yes
ignore_errors: True
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/useradd.yml
---
- name: create user
user: name={{ user }} uid={{ uid }} group={{ group }} shell=/sbin/nologin system=yes create_home=no home={{ prefix }}/conf/httpd
ignore_errors: True
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/build.yml
---
- name: delete {{ dest_dir }}
file: path={{ dest_dir }} state=absent
ignore_errors: True
- name: create {{ dest_dir }}
file: path={{ dest_dir }} state=directory owner=root group=root mode=755
- name: unarchive httpd file
unarchive: src="files/{{ httpd_version }}{{ compression_type }}" dest={{ dest_dir }} owner=root remote_src=no
- name: unarchive apr-util file
unarchive: src="files/{{ apr_util_version }}{{ compression_type }}" dest={{ dest_dir }} owner=root remote_src=no
- name: unarchive apr file
unarchive: src="files/{{ apr_version }}{{ compression_type }}" dest={{ dest_dir }} owner=root remote_src=no
- name: prepare apr dir
shell: chdir={{ dest_dir }} mv {{ apr_version }} {{ dest_dir }}/{{ httpd_version }}/srclib/apr
- name: prepare apr_util dir
shell: chdir={{ dest_dir }} mv {{ apr_util_version }} {{ dest_dir }}/{{ httpd_version }}/srclib/apr-util
- name: build httpd
shell: chdir={{ dest_dir }}/{{ httpd_version }} ./configure --prefix={{ prefix }} --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-included-apr --enable-modules=most --enable-mpms-shared=all && make -j {{ ansible_processor_vcpus }} && make install
register: build_resule
- debug: msg="apache build successfull"
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/set_httpd_group.yml
---
- name: set httpd group
lineinfile: path={{ prefix }}/conf/httpd.conf regexp='^Group' line='Group apache'
[root@ubuntu20 /data/ansible/roles/httpd/tasks]#cat set_httpd_user.yml
---
- name: set httpd user
lineinfile: path={{ prefix }}/conf/httpd.conf regexp='^User' line='User apache'
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/start.yml
---
- name: set variable PATH
shell: echo PATH={{ prefix }}/bin:$PATH >> /etc/profile.d/httpd.sh
- name: prepare service file
template: src=httpd.service.j2 dest=/usr/lib/systemd/system/httpd.service
notify: restart httpd
- name: start service
service: name=httpd state=started enabled=yes
- debug: msg="httpd start succesfull"
# main.yml 是 task 的入口文件,请注意 include 顺序,ansible-playbook会依照此顺序依次执行
[root@ubuntu20 /data/ansible/roles/httpd]#cat tasks/main.yml
- include: package.yml
- include: group.yml
- include: useradd.yml
- include: build.yml
- include: set_httpd_group.yml
- include: set_httpd_user.yml
- include: start.yml
# 模块定义
[root@ubuntu20 /data/ansible/roles/httpd]#cat templates/httpd.service.j2
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
ExecStart={{ prefix }}/bin/apachectl start
ExecReload={{ prefix }}/bin/apachectl graceful
ExecStop={{ prefix }}/bin/apachectl stop
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@ubuntu20 /data/ansible/roles/httpd]#
# 变量定义
[root@ubuntu20 /data/ansible/roles/httpd]#cat vars/main.yml
prefix: /apps/httpd
dest_dir: /usr/local/src
httpd_version: httpd-2.4.48
apr_version: apr-1.7.0
apr_util_version: apr-util-1.6.1
compression_type: .tar.gz
user: apache
group: apache
uid: 80
gid: 80
[root@ubuntu20 /data/ansible/roles/httpd]#
运行playbook
[root@ubuntu20 /data/ansible/roles]#pwd
/data/ansible/roles
# 在playbook中调用角色
[root@ubuntu20 /data/ansible/roles]#cat /data/ansible/roles/httpd.yml
---
- hosts: web
serial: 2 # 每次只同时处理2个主机,将所有task执行完成后,再选下2个主机再执行所有task,直至所有主机
remote_user: root
roles:
- role: httpd
# 运行playbook
[root@ubuntu20 /data/ansible/roles]#ansible-playbook httpd.yml
有坑
-
变量定义不能使用中线,如
apr-util_version: apr-util-1.6.1,这样会报错,必须使用下划线,如:apr_util_version: apr-util-1.6.1 -
编译目录需要提前创建,如:
prefix: /apps/httpd
1058
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
