ansible-playbook: Centos 环境下用Ansible批量安装部署Tomcat

最新推荐文章于 2022-08-25 21:52:29 发布

Yuki-He

最新推荐文章于 2022-08-25 21:52:29 发布

阅读量485

点赞数

分类专栏： Ansible 文章标签： ansible 自动化运维 ansible-playbook

本文链接：https://blog.csdn.net/yuki5233/article/details/96989149

版权

Ansible 专栏收录该内容

6 篇文章 0 订阅

订阅专栏

- hosts:  #这里根据自己的需要修改成要被操作的远程主机

#备注: 目前公司tomcat用了3个版本，根据自己的需求修改参数；
# apache-tomcat-7.0.78.tar.gz  		--对应的解压包名：apache-tomcat-7.0.78
# apache-tomcat-8.5.15.tar.gz		--对应的解压包名：apache-tomcat-8.5.15
# apache-tomcat-8.5.41-new.tar.gz  	--对应的解压包名：apache-tomcat-8.5.41

# 我们这里以安装第三个版本为例
  vars:
    tomcat_tar_verion: apache-tomcat-8.5.41-new.tar.gz 
    tomcat_untar_version: apache-tomcat-8.5.41	
    tomcat_home: /usr/local/apache-tomcat-8.5.41

  tasks: 

  - name: copy and unzip the tar.gz #解压安装
    unarchive: src="/home/tools/{{tomcat_tar_verion}}" dest=/usr/local

  - name: modify its server.xml of first step. #根据需求对telnet管理端口进行保护 
    lineinfile: 
      path: "{{tomcat_home}}/conf/server.xml"  
      regexp: '^(.*)\<Server port=\"8005\" shutdown=\"SHUTDOWN\"\>' 
      line: <Server port="8805" shutdown="SHUTDOWN">   #修改默认的8005管理端口为不易猜测的端口（大于1024）；修改SHUTDOWN指令为其他字符串；

  - name: modify its server.xml of second step. #根据需求对ajp连接端口进行保护 
    lineinfile: 
      path: "{{tomcat_home}}/conf/server.xml" 
      regexp: '^(.*)\<Connector port=\"8009\" protocol=\"AJP\/1.3\" redirectPort=\"8443\" \/\>' 
      line: <Connector port="8809" protocol="AJP/1.3" redirectPort="8443" /> #1.修改默认的ajp 8009端口为不易冲突的大于1024端口；2.通过iptables规则限制ajp端口访问的权限仅为线上机器

  - name: delete the defalut files TOMCAT_HOME/conf/tomcat-users.xml #根据需求禁用管理端
    file: dest="{{tomcat_home}}/conf/tomcat-users.xml"  state=absent

  - name: delete all the defalut files under the TOMCAT_HOME/webapps/docs  #根据需求禁用管理端
    file: dest="{{tomcat_home}}/webapps/docs"  state=absent
    
  - name: delete all the defalut files under the TOMCAT_HOME/webapps/examples  #根据需求禁用管理端
    file: dest="{{tomcat_home}}/webapps/examples"  state=absent

  - name: delete all the defalut files under the TOMCAT_HOME/webapps/host-manager  #根据需求禁用管理端
    file: dest="{{tomcat_home}}/webapps/host-manager"  state=absent

  - name: delete all the defalut files under the TOMCAT_HOME/webapps/manager  #根据需求禁用管理端
    file: dest="{{tomcat_home}}/webapps/manager"  state=absent

  - name: delete all the defalut files under the TOMCAT_HOME/webapps/ROOT  #根据需求禁用管理端
    file: dest="{{tomcat_home}}/webapps/ROOT"  state=absent

  - name: startup tomcat service #启动刚刚部署的tomcat
    shell: nohup "{{tomcat_home}}/bin/catalina.sh"

  - name: check install tomcat successfully or not. #检查tomcat安装部署启动是否成功
    shell: ps -ef |grep "{{tomcat_untar_version}}"