翼度科技»论坛 云主机 LINUX 查看内容

ansible分离部署LNMP架构

2

主题

2

帖子

6

积分

新手上路

Rank: 1

积分
6
ansible分离部署LNMP

环境说明:
系统主机名IP服务centos8ansible192.168.111.141ansible主控机centos8nginx192.168.111.142nginx受控机centos8mysql192.168.111.143mysql受控机centos8php192.168.111.144php受控机1.准备工作

修改默认清单文件位置,构建清单
  1. [root@ansible ~]# vim /etc/ansible/ansible.cfg
  2. inventory = /etc/ansible/inventory
  3. [root@ansible ~]# cd /etc/ansible/
  4. [root@ansible ansible]# touch inventory
  5. [root@ansible ansible]# vim inventory
  6. [lnmp]
  7. nginx ansible_user=root ansible_password=123456
  8. mysql ansible_user=root ansible_password=123456
  9. php ansible_user=root ansible_password=123456
  10. [root@ansible ~]# vim /etc/hosts
  11. 192.168.111.142 nginx
  12. 192.168.111.143 mysql
  13. 192.168.111.144 php
  14. //列出主机
  15. [root@ansible ~]# ansible lnmp --list-hosts
  16.   hosts (3):
  17.     nginx
  18.     mysql
  19.     php
  20. //设置密钥连接
  21. [root@ansible ~]# ssh nginx
  22. [root@nginx ~]# exit
  23. logout
  24. [root@ansible ~]# ssh mysql
  25. [root@mysql ~]# exit
  26. logout
  27. [root@ansible ~]# ssh php
  28. [root@php ~]# exit
  29. logout
  30. [root@ansible ~]#
  31. //测试连通性
  32. [root@ansible ~]# ansible lnmp -m ping
  33. nginx | SUCCESS => {
  34.     "ansible_facts": {
  35.         "discovered_interpreter_python": "/usr/libexec/platform-python"
  36.     },
  37.     "changed": false,
  38.     "ping": "pong"
  39. }
  40. php | SUCCESS => {
  41.     "ansible_facts": {
  42.         "discovered_interpreter_python": "/usr/libexec/platform-python"
  43.     },
  44.     "changed": false,
  45.     "ping": "pong"
  46. }
  47. mysql | SUCCESS => {
  48.     "ansible_facts": {
  49.         "discovered_interpreter_python": "/usr/libexec/platform-python"
  50.     },
  51.     "changed": false,
  52.     "ping": "pong"
  53. }
复制代码
2.部署nginx
  1. //关闭selinux和防火墙
  2. [root@ansible ~]# ansible nginx -m service -a 'name=firewalld state=stopped enabled=no'
  3. [root@ansible ~]# ansible nginx -a 'setenforce 0'
  4. [root@ansible ~]# ansible nginx -a "sed -ri 's/^(SELINUX=).*/\1disabled/g'/etc/selinux/config"
  5. //创建用户
  6. [root@ansible ~]# ansible nginx -m user -a 'name=nginx system=yes create_home=no shell=/sbin/nologin state=present'
  7. //安装依赖包
  8. [root@ansible ~]# ansible nginx -m yum -a 'name=pcre-devel,openssl,openssl-devel,gd-devel,gcc,gcc-c++,make state=present'
  9. //下载软件包并解压
  10. [root@ansible ~]# ansible nginx -a 'wget http://nginx.org/download/nginx-1.20.2.tar.gz'
  11. [root@ansible ~]# ansible nginx -a 'tar -xf nginx-1.20.2.tar.gz'
  12. //进入目录编译安装
  13. [root@ansible ~]# mkdir -p /etc/ansible/scripts/
  14. [root@ansible ~]# cd /etc/ansible/scripts/
  15. [root@ansible scripts]# vim configure.sh
  16. #!/bin/bash
  17. cd nginx-1.20.2
  18. ./configure \
  19. --prefix=/usr/local/nginx \
  20. --user=nginx \
  21. --group=nginx \
  22. --with-debug \
  23. --with-http_ssl_module \
  24. --with-http_realip_module \
  25. --with-http_image_filter_module \
  26. --with-http_gunzip_module \
  27. --with-http_gzip_static_module \
  28. --with-http_stub_status_module && \
  29. make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
  30. root@ansible scripts]# ll
  31. total 4
  32. -rw-r--r-- 1 root root 470 Oct 23 22:04 configure.sh
  33. [root@ansible scripts]# ansible nginx -m script -a '/etc/ansible/scripts/configure.sh'
  34. //安装完成
  35. [root@ansible ~]# ansible nginx -a 'ls /usr/local/nginx'
  36. nginx | CHANGED | rc=0 >>
  37. conf
  38. html
  39. logs
  40. sbin
  41. //配置环境变量
  42. [root@ansible ~]# ansible nginx -m shell -a 'echo "export PATH=$PATH:/usr/local/nginx/sbin" > /etc/profile.d/nginx.sh'
  43. [root@ansible ~]# ansible nginx -a 'which nginx'
  44. nginx | CHANGED | rc=0 >>
  45. /usr/local/nginx/sbin/nginx
  46. //启动服务
  47. [root@ansible ~]# vim /etc/ansible/scripts/nginx_service.sh
  48. #!/bin/bash
  49. cat > /usr/lib/systemd/system/nginx.service << EOF
  50. [Unit]
  51. Description=nginx server daemon
  52. After=network.target
  53. [Service]
  54. Type=forking
  55. ExecStart=/usr/local/nginx/sbin/nginx
  56. ExecStop=/usr/local/nginx/sbin/nginx -s stop
  57. ExecReload=/bin/kill -HUP \$MAINPID
  58. [Install]
  59. WantedBy=multi-user.target
  60. EOF
  61. systemctl daemon-reload
  62. systemctl enable --now nginx
  63. [root@ansible ~]# ansible nginx -m script -a '/etc/ansible/scripts/nginx_service.sh'
  64. [root@ansible ~]# ansible nginx -a 'ss -antl'
  65. nginx | CHANGED | rc=0 >>
  66. State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
  67. LISTEN 0      128          0.0.0.0:80        0.0.0.0:*         
  68. LISTEN 0      128          0.0.0.0:22        0.0.0.0:*         
  69. LISTEN 0      128             [::]:22           [::]:*         
复制代码
3.部署mysql
  1. //关闭防火墙和selinux
  2. [root@ansible ~]# ansible mysql -m service -a 'name=firewalld state=stopped enabled=no'
  3. [root@ansible ~]# ansible mysql -a 'setenforce 0'
  4. [root@ansible ~]# ansible mysql -a "sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config"
  5. //创建用户
  6. [root@ansible ~]# ansible mysql -m user -a 'name=mysql system=yes create_home=no shell=/sbin/nologin state=present'
  7. //安装依赖包
  8. [root@ansible ~]# ansible mysql -m yum -a 'name=ncurses-devel,openssl-devel,openssl,cmake,mariadb-devel,ncurses-compat-libs state=present'
  9. //下载软件包解压重命名
  10. [root@ansible ~]# ansible mysql -a 'wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz'
  11. [root@ansible ~]# ansible mysql -a 'tar xf mysql-5.7.38-linux-glibc2.12-x86_64.tar.gz -C /usr/local/'
  12. [root@ansible ~]# ansible mysql -a 'mv /usr/local/mysql-5.7.38-linux-glibc2.12-x86_64 /usr/local/mysql'
  13. //修改属主属组
  14. [root@ansible ~]# ansible mysql -a 'chown -R mysql.mysql /usr/local/mysql'
  15. //配置环境
  16. [root@ansible ~]# ansible mysql -a 'ln -s /usr/local/mysql/include /usr/include/mysql'
  17. [root@ansible ~]# ansible mysql -m shell -a "echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf"
  18. [root@ansible ~]# ansible mysql -a "sed -i '22a MANDATORY_MANPATH    /usr/local/mysql/man' /etc/man_db.conf"
  19. [root@ansible ~]# ansible mysql -m shell -a "echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh"
  20. [root@ansible ~]# ansible mysql -a 'which mysql'
  21. [root@ansible ~]# ansible mysql -a 'which mysql'
  22. mysql | CHANGED | rc=0 >>
  23. /usr/local/mysql/bin/mysql
  24. //建立数据存放目录
  25. [root@ansible ~]# ansible mysql -a 'mkdir /opt/data'
  26. [root@ansible ~]# ansible mysql -a 'chown -R mysql.mysql /opt/data'
  27. //初始化数据库
  28. [root@ansible ~]# ansible mysql -a 'mysqld --initialize --user mysql --datadir /opt/data'
  29. mysql | CHANGED | rc=0 >>
  30. 2022-10-23T14:24:07.127784Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
  31. 2022-10-23T14:24:07.286100Z 0 [Warning] InnoDB: New log files created, LSN=45790
  32. 2022-10-23T14:24:07.314541Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
  33. 2022-10-23T14:24:07.383098Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 5a8e11ea-52de-11ed-b270-000c29c34b3e.
  34. 2022-10-23T14:24:07.383794Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
  35. 2022-10-23T14:24:07.600947Z 0 [Warning] A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher.
  36. 2022-10-23T14:24:07.600960Z 0 [Warning] A deprecated TLS version TLSv1.1 is enabled. Please use TLSv1.2 or higher.
  37. 2022-10-23T14:24:07.601238Z 0 [Warning] CA certificate ca.pem is self signed.
  38. 2022-10-23T14:24:07.640229Z 1 [Note] A temporary password is generated for root@localhost: y*rou<U9Om.c
  39. [root@ansible ~]# ansible mysql -m shell -a "echo 'y*rou<U9Om.c' > pass"
  40. //生成配置文件启动服务
  41. [root@ansible ~]# vim /etc/ansible/scripts/mysql_service.sh
  42. #!/bin/bash
  43. cat >> /etc/my.cnf <<EOF
  44. [mysqld]
  45. basedir = /usr/local/mysql
  46. datadir = /opt/data
  47. socket = /tmp/mysql.sock
  48. port = 3306
  49. pid-file = /opt/data/mysql.pid
  50. user = mysql
  51. skip-name-resolve
  52. EOF
  53. cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
  54. sed -ri 's#^(basedir=).*#\1/usr/local/mysql#g' /etc/init.d/mysqld
  55. sed -ri 's#^(datadir=).*#\1/opt/data#g' /etc/init.d/mysqld
  56. chmod +x /etc/init.d/mysqld
  57. cat > /usr/lib/systemd/system/mysqld.service <<EOF
  58. [Unit]
  59. Description=mysqld server daemon
  60. After=network.target
  61. [Service]
  62. Type=forking
  63. ExecStart=/etc/init.d/mysqld start
  64. ExecStop=/etc/init.d/mysqld stop
  65. ExecReload=/bin/kill -HUP \$MAINPID
  66. [Install]
  67. WantedBy=multi-user.target
  68. EOF
  69. systemctl daemon-reload
  70. systemctl enable --now mysqld
  71. [root@ansible ~]# ansible mysql -m script -a '/etc/ansible/scripts/mysql_service.sh'
  72. [root@ansible ~]# ansible mysql -a 'ss -antl'
  73. mysql | CHANGED | rc=0 >>
  74. State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
  75. LISTEN 0      128          0.0.0.0:22        0.0.0.0:*         
  76. LISTEN 0      80                 *:3306            *:*         
  77. LISTEN 0      128             [::]:22           [::]:*
复制代码
5.配置LNMP界面

[code]//修改nginx配置文件[root@ansible ~]# vim /etc/ansible/scripts/nginxconf.sh#!/bin/bashsed -i "45c                   index  index.php index.html index.htm;" /usr/local/nginx/conf/nginx.confsed -i "65c     location ~ \.php$ {" /usr/local/nginx/conf/nginx.confsed -i "66c     root      /var/www/html;" /usr/local/nginx/conf/nginx.confsed -i "67c     fastcgi_pass   192.168.111.144:9000;" /usr/local/nginx/conf/nginx.confsed -i "68c     fastcgi_index  index.php;" /usr/local/nginx/conf/nginx.confsed -i "69c     fastcgi_param  SCRIPT_FILENAME  \$document_root\$fastcgi_script_name;" /usr/local/nginx/conf/nginx.confsed -i "70c      include        fastcgi_params;" /usr/local/nginx/conf/nginx.confsed -i "71c      }" /usr/local/nginx/conf/nginx.conf[root@ansible ~]# ansible nginx -m script -a '/etc/ansible/scripts/nginxconf.sh'[root@ansible ~]# ansible nginx -a 'touch /usr/local/nginx/html/index.php'//在php端上配置网站[root@ansible ~]# vim /etc/ansible/scripts/phpindex.sh#!/bin/bashmkdir -p /var/www/htmlcat > /var/www/html/index.php

举报 回复 使用道具