【Ansible-playbook实现Apache(httpd)编译安装及批量部署】书到用时方恨少,事非经过不知难。这篇文章主要讲述Ansible-playbook实现Apache(httpd)编译安装及批量部署相关的知识,希望能为你提供帮助。
2.Ansible-playbook实现Apache批量部署,并创建以各自IP地址为内容的index.html任务内容:Ansible-playbook实现apache批量部署,并对不同主机提供以各自IP地址为内容的index.html
2.1架构及主机
五台服务器
1Ansible主控端:
节点1:(只设一个节点)
主机名:Ansible-PRI
CentOS 8.4
IP: 192.168.250.8/24
ansible 2.9.27
2Ansible被控端--CentOS7组:
节点1:
主机名:Ansible-IP17
CentOS 7.9
IP: 192.168.250.17/24
节点2:
主机名:Ansible-IP27
CentOS 7.9
IP: 192.168.250.27/24
3. Ansible被控端--CentOS8组:
节点1:
主机名:Ansible-IP18
CentOS 8.4
IP: 192.168.250.18/24
节点2:
主机名:Ansible-IP28
CentOS 8.4
IP: 192.168.250.28/24
4. Ansible被控端--DBS组:
节点1:
主机名:Ansible-IP58
CentOS 8.4
IP: 192.168.250.58/24
节点2:
主机名:Ansible-IP68
CentOS 8.4
IP: 192.168.250.68/24
# 说明:按照上面的架构图,准备好五台不同组别和操作系统的主机,将以此为基础环境完成ansible的参数等学习和案例实践
2.2Ansible 主控端准备
2.2.1主控端环境准备及软件包安装基本任务:同步时钟;安装ansible;查看版本并了解文件格式和基本语法等
# 主控端服务器CentOS8.4 上基本配置
[root@CentOS84 ]#hostnamectl set-hostname Ansible-PRI
[root@CentOS84 ]#exit
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#hostname -I
192.168.250.8
[root@Ansible-PRI ]#systemctl enable --nowchronyd.service
# Ansible 走的是EPEL源,如果没配置的话需要配置或者启用
[root@Ansible-PRI ]#yum repolist
repo idrepo name
AppStreamAppStream
BaseOSBaseOS
EPELEPEL
centospluscentosplus
extrasextras
[root@Ansible-PRI ]#
# 查看默认ansible的版本
[root@Ansible-PRI ]#yum info ansible
BaseOS4.6 kB/s | 3.9 kB00:00
AppStream6.8 kB/s | 4.3 kB00:00
EPEL30 kB/s | 4.7 kB00:00
EPEL326 kB/s |11 MB00:35
extras11 kB/s | 1.5 kB00:00
centosplus1.7 kB/s | 1.5 kB00:00
Available Packages
Name: ansible
Version: 2.9.27
Release: 1.el8
Architecture : noarch
Size: 17 M
Source: ansible-2.9.27-1.el8.src.rpm
Repository: EPEL
Summary: SSH-based configuration management, deployment, and task execution system
URL: http://ansible.com
License: GPLv3+
Description: Ansible is a radically simple model-driven configuration management,
: multi-node deployment, and remote task execution system. Ansible works
: over SSH and does not require any software or daemons to be installed
: on remote nodes. Extension modules can be written in any language and
: are transferred to managed machines automatically.
[root@Ansible-PRI ]#
# 安装ansible
[root@Ansible-PRI ]#yum -y install ansible
# 验证安装及查看版本
[root@Ansible-PRI ]#ansible --version
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = [/root/.ansible/plugins/modules, /usr/share/ansible/plugins/modules]
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Mar 19 2021, 05:13:41) [GCC 8.4.1 20200928 (Red Hat 8.4.1-1)]
[root@Ansible-PRI ]#whereis ansible
ansible: /usr/bin/ansible /etc/ansible /usr/share/ansible /usr/share/man/man1/ansible.1.gz
[root@Ansible-PRI ]#file /usr/bin/ansible
/usr/bin/ansible: Python script, ASCII text executable
# ansible是Python script
[root@Ansible-PRI ]#cat /usr/bin/ansible
........................
#!/usr/bin/python3.6
# 从文件内容可以考到是python3.6开发的
........................
[root@Ansible-PRI ]#
2.1.2主控端与被控端基于key验证基本任务:利用编写好的脚本实现与主控端相同网段内的所有主机之间基于key的SSH免密通信
# 修改SSH的配置文件
[root@Ansible-PRI ]#vim /etc/ssh/ssh_config
...............................
StrictHostKeyChecking no
...............................
"/etc/ssh/ssh_config" 53L, 1795C written
[root@Ansible-PRI ]#cat /etc/ssh/ssh_config | grep StrictHostKeyChecking
#StrictHostKeyChecking ask
StrictHostKeyChecking no
# 编写脚本实现Ansible 主控端与被控端的基于key的绵密SSH登录
[root@Ansible-PRI ]#vim ssh_key_iplist.sh
[root@Ansible-PRI ]#cat ssh_key_iplist.sh
#!/bin/bash
#
#********************************************************************************************<
strong>
#Author:WuDongWuXia
#QQ:1050572574@qq.com
#Date:2022-03-02
#FileName:ssh_key_iplist.sh
#URL:www.shoneinfo.cn
#Description:The Test Script
#Copyright (C):2022 All rights reserved
#<
/strong>
*******************************************************************************************
IPLIST="
192.168.250.17
192.168.250.27
192.168.250.8
192.168.250.18
192.168.250.28
192.168.250.58
192.168.250.68"
rpm -q sshpass &
>
/dev/null || yum -y install sshpass
[ -f /root/.ssh/id_rsa ] || ssh-keygen -f /root/.ssh/id_rsa-P
export SSHPASS=2XXXX8
for IP in $IPLIST;
do
sshpass -e ssh-copy-id -o StrictHostKeyChecking=no $IP
done
[root@Ansible-PRI ]#
# 运行脚本
[root@Ansible-PRI ]#bash ssh_key_iplist.sh
# 查看SSH KEY认证的主机信息
[root@Ansible-PRI ]#cat /root/.ssh/known_hosts
2.1.3主控端 ansbile 基础配置基本任务:配置好ansible的主机信息;并测通方可进入下一步骤。
# 配置ansible的主机组等,这样为整个ansible 的实验统一准备好环境,本次仅针对 [dbs] 组实践数据库的安装
[root@Ansible-PRI ]#cat /etc/ansible/hosts
........................
[local]
192.168.250.8ansible_connection=local
[centos7]
192.168.250.17
192.168.250.27
[centos8]
192.168.250.18
192.168.250.28
# 本次数据库安装仅针对[dbs]组
[dbs]
192.168.250.58
192.168.250.68
........................
[root@Ansible-PRI ]#ansible all --list-hosts
hosts (7):
192.168.250.8
192.168.250.17
192.168.250.27
192.168.250.18
192.168.250.28
192.168.250.58
192.168.250.68
[root@Ansible-PRI ]#ansible dbs --list-hosts
hosts (2):
192.168.250.58
192.168.250.68
# ansible 的主控端和被控端之间通信检测,确保pong
[root@Ansible-PRI ]#ansible all -m ping
192.168.250.8 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
192.168.250.27 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
192.168.250.17 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/bin/python"
,
"changed": false,
"ping": "pong"
192.168.250.28 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
192.168.250.18 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
192.168.250.58 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
192.168.250.68 | SUCCESS =>
"ansible_facts":
"discovered_interpreter_python": "/usr/libexec/platform-python"
,
"changed": false,
"ping": "pong"
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#ll
total 1168604
-rw-r--r-- 1 root root 1196633756 Mar2 18:42 mysql-8.0.27-linux-glibc2.12-x86_64.tar.xz
-rw-r--r-- 1 root root781 Mar2 17:57 ssh_key_iplist.sh
[root@Ansible-PRI ]#
2.3准备httpd源码包、依赖包及httpd运行文件
# 创建目录
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#pwd
/data/ansible
[root@Ansible-PRI ]#mkdir -p /apps/httpd/
[root@Ansible-PRI ]#tree /apps/
/apps/
└── httpd
1 directory, 0 files
[root@Ansible-PRI ]#pwd
/data/ansible
[root@Ansible-PRI ]#cd /apps/httpd/
[root@Ansible-PRI ]#wget https://mirrors.tuna.tsinghua.edu.cn/apache/httpd/httpd-2.4.52.tar.bz2
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-1.7.0.tar.bz2
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#wget https://mirrors.tuna.tsinghua.edu.cn/apache/apr/apr-util-1.6.1.tar.bz2
[root@Ansible-PRI ]#
[root@Ansible-PRI ]#vim /apps/httpd/httpd.service
[root@Ansible-PRI ]#cat /apps/httpd/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=forking
#EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/apps/httpd/bin/apachectl start
#ExecStart= install_dir /bin/httpd $OPTIONS -k start
ExecReload=/apps/httpd/bin/apachectl graceful
#ExecReload= install_dir /bin/httpd $OPTIONS -k graceful
ExecStop=/apps/httpd/bin/apachectl stop
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@Ansible-PRI ]#
# 下面是需要准备的几个文件
[root@Ansible-PRI ]#tree /apps
/
推荐阅读
- zookeeper集群+kafka集群 部署
- 一文带你入门Docker容器服务 #yyds干货盘点#
- 如何在 Linux 中将主目录移动到新分区或磁盘()
- windows系统常用CMD快捷命令
- Linux运维必知(如何从其 PID 中查找进程名称)
- #yyds干货盘点#如何写好Dockerfile
- 期待!Fedora 36 发布日期和新功能
- Squid代理服务器应用
- Veeam Backup & Replication 之 数据加密