Ansible介绍以及基于角色搭建LNMP和zabbix

萧瑟风雨中

1 ansible 常用指令总结，并附有相关示例。

• /usr/bin/ansible 主程序，临时命令执行工具
  
• /usr/bin/ansible-doc 查看配置文档，模块功能查看工具,相当于man
  
• /usr/bin/ansible-playbook 定制自动化任务，编排剧本工具,相当于脚本
  
• /usr/bin/ansible-pull 远程执行命令的工具
  
• /usr/bin/ansible-vault 文件加密工具
  
• /usr/bin/ansible-console 基于Console界面与用户交互的执行工具
  
• /usr/bin/ansible-galaxy 下载/上传优秀代码或Roles模块的官网平台
  

利用ansible实现管理的主要方式：

• Ansible Ad-Hoc 即利用ansible命令，主要用于临时命令使用场景
  
• Ansible playbook 主要用于长期规划好的，大型项目的场景，需要有前期的规划过程
  

ansible 使用前准备
ansible 相关工具大多数是通过ssh协议，实现对远程主机的配置管理、应用部署、任务执行等功能
建议：使用此工具前，先配置ansible主控端能基于密钥认证的方式联系各个被管理节点
1.1 ansible-doc

此工具用来显示模块帮助,相当于man
格式

1. ansible-doc [options] [module...]
2. -l, --list #列出可用模块
3. -s, --snippet #显示指定模块的playbook片段

复制代码

范例：

1. #列出所有模块
2. ansible-doc -l
3. #查看指定模块帮助用法
4. ansible-doc ping
5. #查看指定模块帮助用法
6. ansible-doc -s ping

复制代码

范例: 查看指定的插件

1. [13:38:40 root@ansible-rocky ~]$ ansible-doc -t connection -l
2. [13:39:08 root@ansible-rocky ~]$ ansible-doc -t lookup -l

复制代码

1.2 ansible

1.2.1 Ansible Ad-Hoc 介绍

Ansible Ad-Hoc 的执行方式的主要工具就是 ansible
特点: 一次性的执行,不会保存执行命令信息,只适合临时性或测试性的任务
1.2.2 ansible 命令用法

格式：

1. ansible <host-pattern> [-m module_name] [-a args]

复制代码

选项说明：

1. --version                               #显示版本
2. -m module                               #指定模块，默认为command
3. -v                                      #详细过程 -vv -vvv更详细
4. --list-hosts                            #显示主机列表，可简写 --list
5. -C, --check                             #检查，并不执行
6. -T, --timeout=TIMEOUT                   #执行命令的超时时间，默认10s
7. -k, --ask-pass                          #提示输入ssh连接密码，默认Key验证
8. -u, --user=REMOTE_USER                  #执行远程执行的用户,默认root
9. -b, --become                            #代替旧版的sudo实现通过sudo机制实现提升权限
10. --become-user=USERNAME                  #指定sudo的run as用户，默认为root
11. -K, --ask-become-pass                   #提示输入sudo时的口令
12. -f FORKS, --forks FORKS                 #指定并发同时执行ansible任务的主机数
13. -i INVENTORY, --inventory INVENTORY     #指定主机清单文件

复制代码

范例：

1. #先打通基于key验证
2. #以yanlinux用户执行ping存活检测
3. [14:28:30 yanlinux@ansible-rocky ~]$ ansible all -m ping -u yanlinux
4. 10.0.0.18 | SUCCESS => {
5.     "ansible_facts": {
6.         "discovered_interpreter_python": "/usr/libexec/platform-python"
7.     },
8.     "changed": false,
9.     "ping": "pong"
10. }
11. 10.0.0.102 | SUCCESS => {
12.     "ansible_facts": {
13.         "discovered_interpreter_python": "/usr/bin/python3"
14.     },
15.     "changed": false,
16.     "ping": "pong"
17. }
18. 10.0.0.7 | SUCCESS => {
19.     "ansible_facts": {
20.         "discovered_interpreter_python": "/usr/bin/python"
21.     },
22.     "changed": false,
23.     "ping": "pong"
24. }
26. #以yanlinux sudo至root执行命令
27. ##没有添加sudo授权之前
28. [14:36:46 yanlinux@ansible-rocky ~]$ ansible all -a 'ls /root'
29. 10.0.0.18 | FAILED | rc=2 >>
30. ls: cannot open directory '/root': Permission deniednon-zero return code
31. 10.0.0.102 | FAILED | rc=2 >>
32. ls: cannot open directory '/root': Permission deniednon-zero return code
33. 10.0.0.7 | FAILED | rc=2 >>
34. ls: cannot open directory /root: Permission deniednon-zero return code
35. ##在所有被控制主机上都加上suod授权
36. [14:30:46 root@ansible-rocky ~]$ echo "yanlinux    ALL=(ALL)   NOPASSWD: ALL" >> /etc/sudoers
37. [14:37:01 yanlinux@ansible-rocky ~]$ ansible all -a 'ls /root' -b
38. 10.0.0.102 | CHANGED | rc=0 >>
39. init_os.sh
40. snap
41. 10.0.0.7 | CHANGED | rc=0 >>
42. anaconda-ks.cfg
43. init_os.sh
44. 10.0.0.18 | CHANGED | rc=0 >>
45. anaconda-ks.cfg
46. init_os.sh
47. ##所有被管理主机上创建用户magedu
48. [14:37:05 yanlinux@ansible-rocky ~]$ ansible all -a 'useradd magedu' -b
49. 10.0.0.102 | CHANGED | rc=0 >>
51. 10.0.0.18 | CHANGED | rc=0 >>
53. 10.0.0.7 | CHANGED | rc=0 >>
55. [14:39:46 yanlinux@ansible-rocky ~]$ ansible all -a 'getent passwd magedu' -b
56. 10.0.0.7 | CHANGED | rc=0 >>
57. magedu:x:1002:1002::/home/magedu:/bin/bash
58. 10.0.0.102 | CHANGED | rc=0 >>
59. magedu:x:1001:1001::/home/magedu:/bin/sh
60. 10.0.0.18 | CHANGED | rc=0 >>
61. magedu:x:1001:1001::/home/magedu:/bin/bash

复制代码

范例: 并发执行控制

1. #并发是1一个主机一个主机的执行，一条条返回结果
2. [14:42:47 root@ansible-rocky ~]$ ansible all -a 'sleep 5' -f1
3. #并发是10，同时10个主机执行命令，返回结果
4. [14:42:47 root@ansible-rocky ~]$ ansible all -a 'sleep 5' -f10

复制代码

范例: 使用普通用户连接远程主机执行代替另一个用户身份执行操作

1. #在被管理主机上创建用户并sudo授权
2. [14:34:00 root@ubuntu2004 ~]$ useradd magedu
3. [14:34:29 root@ubuntu2004 ~]$ echo magedu:centos1 |chpasswd
5. #以yanlinux的用户连接用户并利用sudo代表magedu执行whoami命令
6. [14:58:37 yanlinux@ansible-rocky ~]$ ansible all -a 'whoami' -b --become-user=magedu
7. 10.0.0.18 | CHANGED | rc=0 >>
8. magedu
9. 10.0.0.7 | CHANGED | rc=0 >>
10. magedu

复制代码

1.3 ansible-console

此工具可交互执行命令，支持tab，ansible 2.0+新增
提示符格式：

1. 执行用户@当前操作的主机组 (当前组的主机数量)[f:并发数]$

复制代码

常用子命令：

• 设置并发数： forks n 例如： forks 10
  
• 切换组： cd 主机组 例如： cd web
  
• 列出当前组主机列表： list
  
• 列出所有的内置命令： ?或help
  

范例

1. [15:24:28 root@ansible-rocky ~]$ ansible-console
2. Welcome to the ansible console. Type help or ? to list commands.
4. root@all (3)[f:5]$ ping
5. 10.0.0.18 | SUCCESS => {
6.     "ansible_facts": {
7.         "discovered_interpreter_python": "/usr/libexec/platform-python"
8.     },
9.     "changed": false,
10.     "ping": "pong"
11. }
12. 10.0.0.102 | SUCCESS => {
13.     "ansible_facts": {
14.         "discovered_interpreter_python": "/usr/bin/python3"
15.     },
16.     "changed": false,
17.     "ping": "pong"
18. }
19. 10.0.0.7 | SUCCESS => {
20.     "ansible_facts": {
21.         "discovered_interpreter_python": "/usr/bin/python"
22.     },
23.     "changed": false,
24.     "ping": "pong"
25. }
26. root@all (3)[f:5]$ list
27. 10.0.0.18
28. 10.0.0.7
29. 10.0.0.102
30. root@all (3)[f:5]$ cd websrvs
31. root@websrvs (2)[f:5]$ list
32. 10.0.0.18
33. 10.0.0.7
34. root@websrvs (2)[f:5]$ forks 10
35. root@websrvs (2)[f:10]$ cd appsrvs
36. root@appsrvs (2)[f:10]$ list
37. 10.0.0.102
38. 10.0.0.18

复制代码

1.4 ansible-playbook

此工具用于执行编写好的 playbook 任务
范例：

1. [15:27:57 root@ansible-rocky ~]$ vi hello.yml
2. ---
3. #hello world yml file
4. - hosts: websrvs
5.   remote_user: root
6.   gather_facts: no
8.   tasks:
9.     - name: hello world
10.       command: /usr/bin/wall hello world
11. [15:30:12 root@ansible-rocky ~]$ ansible-playbook hello.yml
13. PLAY [websrvs] ****************************************************************************************
15. TASK [hello world] ************************************************************************************
16. changed: [10.0.0.18]
17. changed: [10.0.0.7]
19. PLAY RECAP ********************************************************************************************
20. 10.0.0.18                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
21. 10.0.0.7                   : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

复制代码

1.5 ansible-vault

此工具可以用于加密解密yml文件
格式：

1. ansible-vault [create|decrypt|edit|encrypt|rekey|view]

复制代码

范例:

1. #1 加密
2. [15:31:01 root@ansible-rocky ~]$ ansible-vault encrypt hello.yml
3. New Vault password:
4. Confirm New Vault password:
5. Encryption successful
6. ##查看文件内容
7. [15:38:15 root@ansible-rocky ~]$ cat hello.yml
8. $ANSIBLE_VAULT;1.1;AES256
9. 65323766623831636563636132623333623932633461396563383764333037396563633766363231
10. 3335646336346136626231353133623566626166626336380a306630643338353031353739353538
11. 62373930306636633430653537363534376231323839643131376335653366656634616365663063
12. 6236663364343461610a383365643534646564316261326166316233393039386134363436313138
13. 63323939663537666462646233613262646637306130626336336239323737623833393735666364
14. 36336334316666326265356166326163373039616533353564353964396266376637363037353338
15. 37623639656262303966363766356630376466666463363338353535623635633137616335383333
16. 65333263643762353264326563326362393663316538666530616664643438666435373162616164
17. 30313761323030343165666330326537653430333764363834326566333666316133386465663334
18. 63353035616266396366366662643839353431653736353465626261623433343735663534663831
19. 32636632653730323465366531353531633761623930303138643337613162613062333237633566
20. 39663562393535343165
22. #2 解密
23. [15:38:18 root@ansible-rocky ~]$ ansible-vault decrypt hello.yml
24. Vault password:
25. Decryption successful
26. [15:39:50 root@ansible-rocky ~]$ cat hello.yml
27. ---
28. #hello world yml file
29. - hosts: websrvs
30.   remote_user: root
31.   gather_facts: no
33.   tasks:
34.     - name: hello world
35.       command: /usr/bin/wall hello world
36.       
37. #3 查看加密后的yml文件内容
38. [15:41:44 root@ansible-rocky ~]$ ansible-vault view hello.yml
39. Vault password:
40. ---
41. #hello world yml file
42. - hosts: websrvs
43.   remote_user: root
44.   gather_facts: no
46.   tasks:
47.     - name: hello world
48.       command: /usr/bin/wall hello world
50. #4 编辑加密文件
51. [15:41:50 root@ansible-rocky ~]$ ansible-vault edit hello.yml
52. Vault password:             #输入密码后进入vim编辑器进行编辑
54. #5 修改口令
55. [15:44:53 root@ansible-rocky ~]$ ansible-vault rekey hello.yml
56. Vault password:    #先前的口令
57. New Vault password:  #修改为的口令
58. Confirm New Vault password:  #再确认一遍
59. Rekey successful
61. #6 创建加密新文件
62. [15:46:31 root@ansible-rocky ~]$ ansible-vault create new.yml
63. New Vault password:
64. Confirm New Vault password:
66. #7 交互式输入密码来执行加密文件
67. [15:46:46 root@ansible-rocky ~]$ ansible-playbook --ask-vault-pass hello.yml
68. Vault password:
70. PLAY [websrvs] ****************************************************************************************
72. TASK [hello world] ************************************************************************************
73. changed: [10.0.0.18]
74. changed: [10.0.0.7]
76. PLAY RECAP ********************************************************************************************
77. 10.0.0.18                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
78. 10.0.0.7                   : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
80. #8 从文件中读取密码
81. [15:52:56 root@ansible-rocky ~]$ ansible-playbook --vault-password-file pass.txt hello.yml
83. PLAY [websrvs] ****************************************************************************************
85. TASK [hello world] ************************************************************************************
86. changed: [10.0.0.18]
87. changed: [10.0.0.7]
89. PLAY RECAP ********************************************************************************************
90. 10.0.0.18                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
91. 10.0.0.7                   : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
93. #9 从配置文件中添加密码文件
94. [15:53:33 root@ansible-rocky ~]$ vi /etc/ansible/ansible.cfg
95. #添加以下一行信息
96. ault-password-file=pass.txt
97. [15:58:58 root@ansible-rocky ~]$ ansible-playbook hello.yml
99. PLAY [websrvs] ****************************************************************************************
101. TASK [hello world] ************************************************************************************
102. changed: [10.0.0.18]
103. changed: [10.0.0.7]
105. PLAY RECAP ********************************************************************************************
106. 10.0.0.18                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
107. 10.0.0.7                   : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

复制代码

1.6 ansible-galaxy

Galaxy 是一个免费网站, 类似于github网站, 网站上发布了很多的共享的roles角色。
Ansible 提供了ansible-galaxy命令行工具连接 https://galaxy.ansible.com 网站下载相应的roles, 进行init(初始化、search( 查拘、install(安装、 remove(移除)等操作。
范例

1. #搜索项目
2. [16:05:04 root@ansible-rocky ~]$ ansible-galaxy search lamp
4. Found 100 roles matching your search:
6. Name                                      Description
7. ----                                      -----------
8. abhiarun_94.apache_lamp                   your role description
9. adelaidearnauld.galaxy-lamp               your description
10. adelaidearnauld.lamp_compose              your description
11. ajish_antony.ansible_lamp                 your role description
12. AlexanderAllen.Liara                      The sexiest toolkit for LAMP hackers.
13. alphinaugustine.ansible_role              your description
14. amtega.horde                              Setup horde
15. ......
18. #2 列出所有已安装的galaxy
19. [16:06:32 root@ansible-rocky ~]$ ansible-galaxy list
20. # /usr/share/ansible/roles
21. # /etc/ansible/roles
24. #3 安装galaxy，默认下载到~/.ansible/roles
25. [16:14:06 root@ansible-rocky ~]$ ansible-galaxy install 想要安装的galaxy
27. #删除
28. ansible-galaxy remove

复制代码

2 总结ansible role目录结构及文件用途。

roles目录结构：

1. ├── playbook1.yml
2. ├── playbook2.yml
3. ├── roles/
4. │   ├── project1/
5. │   │        ├── tasks/
6. │   │        ├── files/
7. │   │        ├── vars/
8. │   │        ├── templates/
9. │   │        ├── handlers/
10. │   │        ├── default/
11. │   │        └── meta/
12. │   ├── project2/
13. │   │        ├── tasks/
14. │   │        ├── files/
15. │   │        ├── vars/
16. │   │        ├── templates/
17. │   │        ├── handlers/
18. │   │        ├── default/
19. │   │        └── meta/

复制代码

Roles各目录作用
roles/project/ :项目名称,有以下子目录

• files/ ：存放由copy或script模块等调用的文件
  
• templates/：template模块查找所需要模板文件的目录
  
• tasks/：定义task,role的基本元素，至少应该包含一个名为main.yml的文件；其它的文件需要在此文件中通过include进行包含
  
• handlers/：至少应该包含一个名为main.yml的文件；此目录下的其它的文件需要在此文件中通过include进行包含
  
• vars/：定义变量，至少应该包含一个名为main.yml的文件；此目录下的其它的变量文件需要在此文件中通过include进行包含,也可以通过项目目录中的group_vars/all定义变量,从而实现角色通用代码和项目数据的分离
  
• meta/：定义当前角色的特殊设定及其依赖关系,至少应该包含一个名为main.yml的文件，其它文件需在此文件中通过include进行包含
  
• default/：设定默认变量时使用此目录中的main.yml文件，比vars的优先级低
  

3 使用ansible playbook实现一个mysql角色。

1. #mysql角色目录
2. [18:16:16 root@ansible-rocky opt]$ tree
3. .
4. ├── ansible.cfg
5. ├── hosts
6. ├── mysql_role.yml
7. └── roles
8.    └── mysql
9.        ├── files
10.        │   └── mysql-8.0.31-linux-glibc2.12-x86_64.tar.xz
11.        ├── tasks
12.        │   └── main.yml
13.        └── templates
14.            └── my.cnf.j2
15.            
16. #定义主机及变量
17. [18:22:50 root@ansible-rocky opt]$ tail -n9 hosts
18. [dbsrvs:vars]
19. db_group=mysql
20. db_gid=306
21. db_user=mysql
22. db_uid=306
23. db_version=8.0.31
24. db_file="mysql-{{db_version}}-linux-glibc2.12-x86_64.tar.xz"
25. db_data_dir="/data/mysql"
26. db_root_passwd="lgq123456**"
28. #下载准备mysql源文件包
29. [18:22:54 root@ansible-rocky opt]$ ls roles/mysql/files/
30. mysql-8.0.31-linux-glibc2.12-x86_64.tar.xz
32. #创建task文件
33. [18:24:40 root@ansible-rocky opt]$ cat roles/mysql/tasks/main.yml
34. - name: install dependent package
35.   yum:
36.     name: "{{ item }}"
37.   loop:
38.     - libaio
39.     - numactl-libs
41. - name: create mysql group
42.   group: name={{db_group}} gid={{db_gid}}
44. - name: create mysql user
45.   user: name={{db_user}} uid={{db_uid}} system=yes shell="/sbin/nologin" create_home=no group={{db_group}}
47. - name: copy tar to remote host and file mode
48.   unarchive:
49.     src: "{{ db_file }}"
50.     dest: "/usr/local/"
51.     owner: root
52.     group: root
54. - name: create lingfile /usr/local/mysql
55.   file:
56.     src: "/usr/local/mysql-{{ db_version }}-linux-glibc2.12-x86_64"
57.     dest: "/usr/local/mysql"
58.     state: link
60. - name: path file
61.   copy:
62.     content: "PATH=/usr/local/mysql/bin:$PATH"
63.     dest: "/etc/profile.d/mysql.sh"
65. - name: config file
66.   template:
67.     src: my.cnf.j2
68.     dest: "/etc/my.cnf"
70. - name: create directory
71.   file:
72.     name: "/data"
73.     state: directory
75. - name: init mysql data
76.   shell:
77.     cmd: "/usr/local/mysql/bin/mysqld --initialize-insecure --user={{ db_user }} --datadir={{ db_data_dir }}"
78.   tags:
79.     - init
81. - name: service script
82.   copy:
83.     src: "/usr/local/mysql/support-files/mysql.server"
84.     dest: "/etc/init.d/mysqld"
85.     remote_src: yes
86.     mode: '+x'
88. - name: start service
89.   shell:
90.     cmd: chkconfig --add mysqld;chkconfig mysqld on;service mysqld start
92. - name: change root password
93.   shell:
94.     cmd: "/usr/local/mysql/bin/mysqladmin -uroot password {{ db_root_passwd }}"
95.    
96.    
97. #准备MySQL 配置文件模板
98. [18:25:25 root@ansible-rocky opt]$ cat roles/mysql/templates/my.cnf.j2
99. [mysqld]
100. server-id=1
101. log-bin
102. datadir={{ db_data_dir }}
103. socket={{ db_data_dir }}/mysql.sock
104. log-error={{ db_data_dir }}/mysql.log
105. pid-file={{ db_data_dir }}/mysql.pid
107. [client]
108. socket={{ db_data_dir }}/mysql.sock
110. #准备MySQL角色playbook文件
111. [18:25:38 root@ansible-rocky opt]$ cat mysql_role.yml
112. - hosts: dbsrvs
113.   remote_user: root
114.   gather_facts: no
116.   roles:
117.     - mysql
118.    
119. #部署MySQL
120. [18:26:34 root@ansible-rocky opt]$ ansible-playbook -i hosts mysql_role.yml
121. PLAY [dbsrvs] *****************************************************************************************
123. TASK [mysql : install dependent package] **************************************************************
124. ok: [10.0.0.38] => (item=libaio)
125. ok: [10.0.0.38] => (item=numactl-libs)
127. TASK [mysql : create mysql group] *********************************************************************
128. changed: [10.0.0.38]
130. TASK [mysql : create mysql user] **********************************************************************
131. changed: [10.0.0.38]
133. TASK [mysql : copy tar to remote host and file mode] **************************************************
134. changed: [10.0.0.38]
136. TASK [mysql : create lingfile /usr/local/mysql] *******************************************************
137. changed: [10.0.0.38]
139. TASK [mysql : path file] ******************************************************************************
140. changed: [10.0.0.38]
142. TASK [mysql : config file] ****************************************************************************
143. changed: [10.0.0.38]
145. TASK [mysql : create directory] ***********************************************************************
146. ok: [10.0.0.38]
148. TASK [mysql : init mysql data] ************************************************************************
149. changed: [10.0.0.38]
151. TASK [mysql : service script] *************************************************************************
152. changed: [10.0.0.38]
154. TASK [mysql : start service] **************************************************************************
155. changed: [10.0.0.38]
157. TASK [mysql : change root password] *******************************************************************
158. changed: [10.0.0.38]
160. PLAY RECAP ********************************************************************************************
161. 10.0.0.38                  : ok=12   changed=10   unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

复制代码

4 基于角色完成部署LNMP架构，并支持一键发布，回滚应用。同时基于zabbix角色批量部署zabbix。

4.1 部署LNMP架构

4.1.1 目录结构

1. [18:57:47 root@ansible-rocky opt]$ tree /opt/
2. /opt/
3. ├── ansible.cfg
4. ├── hosts
5. ├── lnmp_role.yml
6. ├── mysql_role.yml
7. ├── nginx_role.yml
8. ├── php-fpm_role.yml
9. ├── roles
10. │   ├── mysql
11. │   │   ├── files
12. │   │   │   └── mysql-8.0.31-linux-glibc2.12-x86_64.tar.xz
13. │   │   ├── tasks
14. │   │   │   └── main.yml
15. │   │   └── templates
16. │   │       └── my.cnf.j2
17. │   ├── nginx
18. │   │   ├── handlers
19. │   │   │   └── main.yml
20. │   │   ├── tasks
21. │   │   │   └── main.yml
22. │   │   └── templates
23. │   │       ├── nginx.conf.j2
24. │   │       └── nginx.service.j2
25. │   ├── php-fpm
26. │   │   ├── files
27. │   │   │   ├── test.php
28. │   │   │   └── www.conf
29. │   │   ├── handlers
30. │   │   │   └── main.yml
31. │   │   ├── tasks
32. │   │   │   └── main.yml
33. │   │   └── templates
34. │   │       ├── php-fpm.conf.j2
35. │   │       └── php.ini.j2
36. │   └── wordpress
37. │       ├── files
38. │       │   └── wordpress-6.1.1-zh_CN.zip
39. │       └── tasks
40. │           └── main.yml
41. └── wordpress_role.yml
43. 17 directories, 22 files

复制代码

4.1.2 LNMP架构所需主机清单以及变量设置

1. [18:58:15 root@ansible-rocky opt]$ cat hosts
2. [websrvs]
3. 10.0.0.18
4. 10.0.0.28
6. [websrvs:vars]
7. version="1.20.2"
8. url="http://nginx.org/download/nginx-{{ version }}.tar.gz"
9. install_dir="/apps/nginx"
10. fqdn="www.yanlinux.org"
11. root_path="/data/wordpress"
12. app="wordpress-6.1.1-zh_CN"
14. [dbsrvs]
15. 10.0.0.38
17. [dbsrvs:vars]
18. db_group=mysql
19. db_gid=306
20. db_user=mysql
21. db_uid=306
22. db_version=8.0.31
23. db_file="mysql-{{db_version}}-linux-glibc2.12-x86_64.tar.xz"
24. db_data_dir="/data/mysql"
25. db_root_passwd="lgq123456**"

复制代码

4.1.2 实现编译安装nginx角色

1. #task文件
2. [17:55:17 root@ansible-rocky roles]$ cat nginx/tasks/main.yml
3. - name: add group nginx
4.   group: name=nginx system=yes gid=80
6. - name: add user nginx
7.   user: name=nginx group=nginx uid=80 system=yes shell="/sbin/nologin" create_home=no
9. - name: install dependent package
10.   yum: name={{item}} state=latest
11.   loop:
12.     - gcc
13.     - make
14.     - pcre-devel
15.     - openssl-devel
16.     - zlib-devel
17.     - perl-ExtUtils-Embed
19. - name: get nginx source
20.   unarchive:
21.     src: "{{ url }}"
22.     dest: "/usr/local/src"
23.     remote_src: yes
25. - name: compile and install
26.   shell:
27.     cmd: "./configure --prefix={{install_dir}} --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module && make && make install"
28.     chdir: "/usr/local/src/nginx-{{ version }}"
29.     creates: "{{install_dir}}/sbin/nginx"
31. - name: config file
32.   template:
33.     src: nginx.conf.j2
34.     dest: "{{install_dir}}/conf/nginx.conf"
35.     owner: nginx
36.     group: nginx
37.   notify: restart service
38.   tags:
39.     - config
41. - name: create directory
42.   file:
43.     path: "{{install_dir}}/conf/conf.d"
44.     state: directory
45.     owner: nginx
46.     group: nginx
48. - name: change install directory owner
49.   file:
50.     path: "{{install_dir}}"
51.     owner: nginx
52.     group: nginx
53.     recurse: yes
55. - name: copy service file
56.   template:
57.     src: nginx.service.j2
58.     dest: "/lib/systemd/system/nginx.service"
60. - name: check config
61.   shell:
62.     cmd: "{{install_dir}}/sbin/nginx -t"
63.   register: check_nginx_config
64.   changed_when:
65.     - check_nginx_config.stdout.find('successful')
66.     - false
68. - name: start service
69.   systemd:
70.     daemon_reload: yes
71.     name: nginx.service
72.     state: started
73.     enabled: yes
74.       
75. #创建handler文件
76. [17:59:27 root@ansible-rocky roles]$ cat nginx/handlers/main.yml
77. - name: restart service
78.   service:
79.     name: nginx
80.     state: restarted
82. #准备两个template文件
83. [17:59:51 root@ansible-rocky roles]$ cat nginx/templates/nginx.conf.j2
85. #user  nobody;
86. user nginx;
87. worker_processes  {{ ansible_processor_vcpus*2 }};
88. events {
89.     worker_connections  1024;
90. }
91. http {
92.     include       mime.types;
93.     default_type  application/octet-stream;
94.     log_format  access_json '{"@timestamp":"$time_iso8601",'
95.         '"host":"$server_addr",'
96.         '"clientip":"$remote_addr",'
97.         '"size":$body_bytes_sent,'
98.         '"responsetime":$request_time,'
99.         '"upstreamtime":"$upstream_response_time",'
100.         '"upstreamhost":"$upstream_addr",'
101.         '"http_host":"$host",'
102.         '"uri":"$uri",'
103.         '"xff":"$http_x_forwarded_for",'
104.         '"referer":"$http_referer",'
105.         '"tcp_xff":"$proxy_protocol_addr",'
106.         '"http_user_agent":"$http_user_agent",'
107.         '"status":"$status"}';
108.     # logging                                                                                          
109.     access_log {{install_dir}}/logs/access-json.log access_json;
110.     error_log {{install_dir}}/logs/error.log warn;
112.     keepalive_timeout  65;
113.     include {{install_dir}}/conf/conf.d/*.conf;
114. }
115. [18:00:28 root@ansible-rocky roles]$ cat nginx/templates/nginx.service.j2
116. [Unit]
117. Description=The nginx HTTP and reverse proxy server
118. After=network.target remote-fs.target nss-lookup.target
120. [Service]
121. Type=forking
122. PIDFile={{install_dir}}/logs/nginx.pid
123. ExecStartPre=/bin/rm -f {{install_dir}}/logs/nginx.pid
124. ExecStartPre={{install_dir}}/sbin/nginx -t
125. ExecStart={{install_dir}}/sbin/nginx
126. ExecReload=/bin/kill -s HUP \$MAINPID
127. KillSignal=SIGQUIT
128. TimeoutStopSec=5
129. KillMode=process
130. PrivateTmp=true                                                                                       
131. LimitNOFILE=100000
133. [Install]
134. WantedBy=multi-user.target
136. #总入口playbook文件
137. [18:09:50 root@ansible-rocky opt]$ cat /opt/nginx_role.yml
138. - hosts: websrvs
139.   remote_user: root
141.   roles:
142.     - nginx

复制代码

4.1.4 实现php-fpm角色

1. #首先准备php.ini.j2和www.conf文件
2. #修改php上传限制配置
3. [17:04:11 root@ansible-rocky ~]$ vi /opt/roles/php-fpm/templates/php.ini.j2
4. post_max_size = 100M #将次行从8M修改为100M
5. upload_max_filesize = 100M #将此行从2M改为100M
7. #修改配置文件
8. [17:14:03 root@proxy ~]$ vi /opt/roles/php-fpm/files/www.conf
9. user = nginx #修改为nginx
10. group = nginx #修改为nginx
11. ;listen = /run/php-fpm/www.sock #注释此行
12. listen = 127.0.0.1:9000 #添加此行，监控本机的9000端口
14. #准备网页配置文件
15. [19:51:32 root@ansible-rocky opt]$ cat /opt/roles/php-fpm/templates/php-fpm.conf.j2
16. server {
17.     listen 80;
18.     server_name {{ fqdn }};
19.     location / {
20.         root           {{ root_path  }};
21.         fastcgi_pass   127.0.0.1:9000;
22.         fastcgi_index  index.php;
23.         fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
24.         include        fastcgi_params;
25.     }
26. }
28. #准备tasks文件
29. [19:40:32 root@ansible-rocky opt]$ cat /opt/roles/php-fpm/tasks/main.yml
30. - name: install package
31.   yum:
32.     name: "{{ item }}"
33.   loop:
34.     - php-fpm
35.     - php-mysqlnd
36.     - php-json
37.     - php-xml
38.     - php-gd
39.     - php-pecl-zip
41. - name: php path permissions
42.   file:
43.     path: /var/lib/php/
44.     owner: nginx
45.     group: nginx
46.     recurse: yes
48. - name: config php.ini
49.   template:
50.     src: php.ini.j2
51.     dest: /etc/php.ini
53. - name: config www.conf
54.   copy:
55.     src: www.conf
56.     dest: /etc/php-fpm.d/www.conf
58. - name: website config
59.   template:
60.     src: php-fpm.conf.j2
61.     dest: "{{ install_dir }}/conf/conf.d/php-fpm.conf"
62.     owner: nginx
63.     group: nginx
64.   notify: restart nginx
66. - name: start service
67.   service:
68.     name: php-fpm
69.     state: started
70.     enabled: yes
71.    
72. #准备handler文件
73. [19:53:47 root@ansible-rocky opt]$ cat /opt/roles/php-fpm/handlers/main.yml
74. - name: restart nginx
75.   service:
76.     name: nginx
77.     state: restarted
78.    
79. #准备总入口playbook文件
80. [19:54:48 root@ansible-rocky opt]$ cat /opt/php-fpm_role.yml
81. - hosts: websrvs
82.   remote_user: root
84.   roles:
85.     - php-fpm

复制代码

4.1.5 实现MySQL角色

注意：ansible playbook调用mysql系列模块需要依赖python3-mysql包和利用pip安装pymysql

1. #下载准备mysql源文件包
2. [18:22:54 root@ansible-rocky opt]$ ls roles/mysql/files/
3. mysql-8.0.31-linux-glibc2.12-x86_64.tar.xz
5. #创建task文件
6. [18:24:40 root@ansible-rocky opt]$ cat roles/mysql/tasks/main.yml
7. - name: install dependent package
8.   yum:
9.     name: "{{ item }}"
10.   loop:
11.     - libaio
12.     - numactl-libs
13.     - python39
14.     - python3-mysql
16. - name: install pymysql
17.   pip:
18.     name: pymysql
19.     state: present
20.    
21. - name: create mysql group
22.   group: name={{db_group}} gid={{db_gid}}
24. - name: create mysql user
25.   user: name={{db_user}} uid={{db_uid}} system=yes shell="/sbin/nologin" create_home=no group={{db_group}}
27. - name: copy tar to remote host and file mode
28.   unarchive:
29.     src: "{{ db_file }}"
30.     dest: "/usr/local/"
31.     owner: root
32.     group: root
34. - name: create lingfile /usr/local/mysql
35.   file:
36.     src: "/usr/local/mysql-{{ db_version }}-linux-glibc2.12-x86_64"
37.     dest: "/usr/local/mysql"
38.     state: link
40. - name: path file
41.   copy:
42.     content: "PATH=/usr/local/mysql/bin:$PATH"
43.     dest: "/etc/profile.d/mysql.sh"
45. - name: config file
46.   template:
47.     src: my.cnf.j2
48.     dest: "/etc/my.cnf"
50. - name: create directory
51.   file:
52.     name: "/data"
53.     state: directory
55. - name: init mysql data
56.   shell:
57.     cmd: "/usr/local/mysql/bin/mysqld --initialize-insecure --user={{ db_user }} --datadir={{ db_data_dir }}"
58.   tags:
59.     - init
61. - name: service script
62.   copy:
63.     src: "/usr/local/mysql/support-files/mysql.server"
64.     dest: "/etc/init.d/mysqld"
65.     remote_src: yes
66.     mode: '+x'
68. - name: start service
69.   shell:
70.     cmd: chkconfig --add mysqld;chkconfig mysqld on;service mysqld start
72. - name: change root password
73.   shell:
74.     cmd: "/usr/local/mysql/bin/mysqladmin -uroot password {{ db_root_passwd }}"
75.    
76. - name: create {{ wp_db_name }} database
77.   mysql_db:
78.     login_host: "localhost"
79.     login_user: "root"
80.     login_password: "{{ db_root_passwd }}"
81.     login_port: 3306
82.     login_unix_socket: "{{ db_data_dir }}/mysql.sock"
83.     name: "{{ wp_db_name }}"
84.     state: present
85.   when: "{{ wp_db_name }} is defined"
87. - name: create {{ wp_db_user }}
88.   mysql_user:
89.     login_host: "localhost"
90.     login_user: "root"
91.     login_password: "{{ db_root_passwd }}"
92.     login_port: 3306
93.     login_unix_socket: "{{ db_data_dir }}/mysql.sock"
94.     name: "{{ wp_db_user}}"
95.     password: "{{ wp_db_passwd }}"
96.     priv: "{{ wp_db_name }}.*:ALL"
97.     host: "10.0.0.%"
98.     state: present
99.   when: "{{ wp_db_user }} is defined"
100.    
101.    
102. #准备MySQL 配置文件模板
103. [18:25:25 root@ansible-rocky opt]$ cat roles/mysql/templates/my.cnf.j2
104. [mysqld]
105. server-id=1
106. log-bin
107. datadir={{ db_data_dir }}
108. socket={{ db_data_dir }}/mysql.sock
109. log-error={{ db_data_dir }}/mysql.log
110. pid-file={{ db_data_dir }}/mysql.pid
112. [client]
113. socket={{ db_data_dir }}/mysql.sock
115. #准备总入口playbook文件
116. [18:25:38 root@ansible-rocky opt]$ cat mysql_role.yml
117. - hosts: dbsrvs
118.   remote_user: root
119.   gather_facts: no
121.   roles:
122.     - mysql

复制代码

4.2 基于zabbix角色批量部署zabbix

依赖上面搭建好的LNMP架构实现
4.2.1 部署zabbix-server

1. #总体目录结构
2. [20:27:58 root@ansible-rocky opt]$ tree
3. .
4. ├── ansible.cfg
5. ├── hosts
6. ├── hosts_zabbix
7. ├── roles
8. │   ├── mysql
9. │   │   ├── files
10. │   │   │   ├── create.sql.gz
11. │   │   │   └── mysql-8.0.31-linux-glibc2.12-x86_64.tar.xz
12. │   │   ├── tasks
13. │   │   │   └── main.yml
14. │   │   └── templates
15. │   │       └── my.cnf.j2
16. │   ├── nginx
17. │   │   ├── files
18. │   │   ├── handlers
19. │   │   │   └── main.yml
20. │   │   ├── tasks
21. │   │   │   └── main.yml
22. │   │   └── templates
23. │   │       ├── nginx.conf.j2
24. │   │       └── nginx.service.j2
25. │   ├── php-fpm
26. │   │   ├── files
27. │   │   │   ├── test.php
28. │   │   │   └── www.conf
29. │   │   ├── handlers
30. │   │   │   └── main.yml
31. │   │   ├── tasks
32. │   │   │   └── main.yml
33. │   │   └── templates
34. │   │       ├── php-fpm.conf.j2
35. │   │       └── php.ini.j2
36. │   └── zabbix_server
37. │       ├── handlers
38. │       │   └── main.yml
39. │       ├── tasks
40. │       │   └── main.yml
41. │       └── templates
42. │           ├── zabbix.conf.j2
43. │           ├── zabbix_server.conf.j2
44. │           └── zabbix-server-ngx.conf.j2
45. └── zabbix_server.yml
47. 29 directories, 26 files
49. #主入口playbook
50. [20:24:45 root@ansible-rocky opt]$ cat zabbix_server.yml
51. - hosts: websrvs
52.   remote_user: root
53.   roles:
54.     - nginx
55.     - php-fpm
57. - hosts: dbsrvs
58.   remote_user: root
59.   roles:
60.     - mysql
62. - hosts: websrvs
63.   remote_user: root
64.   roles:
65.     - zabbix_server
68. #tasks文件
69. [20:30:01 root@ansible-rocky zabbix_server]$ cat /opt/roles/zabbix_server/tasks/main.yml
70. - name: config zabbix yum repo
71.   yum_repository:
72.     name: "ansible_zabbix"
73.     description: "zabbix repo"
74.     baseurl: "https://mirrors.aliyun.com/zabbix/zabbix/{{ zabbix_version }}/rhel/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/"
75.     gpgcheck: yes
76.     gpgkey: "https://mirrors.aliyun.com/zabbix/zabbix-official-repo.key"
78. - name: install zabbix-server
79.   yum:
80.     name: "{{ item }}"
81.   loop:
82.     - zabbix-server-mysql
83.     - zabbix-agent2
84.     - zabbix-get
85.     - zabbix-web-mysql
87. - name: copy zabbix_server.conf
88.   template:
89.     src: zabbix_server.conf.j2
90.     dest: /etc/zabbix/zabbix_server.conf
91.     mode: 0600
92.   notify:
93.     - restart zabbix-server
94.   tags: restart zabbix-server
96. - name: chown  zabbix-web
97.   file:
98.     path:  /etc/zabbix/web   
99.     state: directory
100.     owner: nginx
101.     group: nginx
102.     recurse: yes
104. - name: copy zabbix-server web conf
105.   template:
106.     src: zabbix-server-ngx.conf.j2
107.     dest: "{{ install_dir }}/conf/conf.d/zabbix_server_ngx.conf"
108.     owner: nginx
109.     group: nginx
110.   notify:
111.     - restart nginx
113. - name: copy zabbix.conf into php-fpm.d
114.   template:
115.     src: zabbix.conf.j2
116.     dest: "/etc/php-fpm.d/zabbix.conf"
117.   notify:
118.     - restart php-fpm
120. - name: start zabbix-server
121.   service:
122.     name: zabbix-server
123.     state: restarted
124.     enabled: yes
125.    
126. #查看handler
127. [20:34:11 root@ansible-rocky zabbix_server]$ cat /opt/roles/zabbix_server/handlers/main.yml
128. - name: restart zabbix-server
129.   service:
130.     name: zabbix-server
131.     state: restarted
133. - name: restart nginx
134.   service:
135.     name: nginx
136.     state: restarted
138. - name: restart php-fpm
139.   service:
140.     name: php-fpm
141.     state: restarted
142.    
143. #查看template文件
144. [20:34:15 root@ansible-rocky zabbix_server]$ cat /opt/roles/zabbix_server/templates/zabbix.conf.j2
145. [zabbix]
146. user = nginx
147. group = nginx
149. listen = /run/php-fpm/zabbix.sock
150. listen.acl_users = apache,nginx
151. listen.allowed_clients = 127.0.0.1
153. pm = dynamic
154. pm.max_children = 50
155. pm.start_servers = 5
156. pm.min_spare_servers = 5
157. pm.max_spare_servers = 35
158. pm.max_requests = 200
160. php_value[session.save_handler] = files
161. php_value[session.save_path]    = /var/lib/php/session
163. php_value[max_execution_time] = 300
164. php_value[memory_limit] = 128M
165. php_value[post_max_size] = 80M
166. php_value[upload_max_filesize] = 80M
167. php_value[max_input_time] = 300
168. php_value[max_input_vars] = 10000
169. php_value[date.timezone] = Asia/Shanghai
171. [20:38:05 root@ansible-rocky zabbix_server]$ grep -Ev '^$|#' /opt/roles/zabbix_server/templates/zabbix_server.conf.j2
172. LogFile=/var/log/zabbix/zabbix_server.log
173. LogFileSize=0
174. PidFile=/var/run/zabbix/zabbix_server.pid
175. SocketDir=/var/run/zabbix
176. DBHost=10.0.0.58
177. DBName=zabbix
178. DBUser=zabbix
179. DBPassword=lgq123456
180. SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
181. Timeout=4
182. AlertScriptsPath=/usr/lib/zabbix/alertscripts
183. ExternalScripts=/usr/lib/zabbix/externalscripts
184. LogSlowQueries=3000
185. StatsAllowedIP=127.0.0.1
186. ##zabbix网页配置文件
187. [20:39:05 root@ansible-rocky zabbix_server]$ cat /opt/roles/zabbix_server/templates/zabbix-server-ngx.conf.j2
188. server {
189.     listen 80;
190.     server_name {{ zabbix_fqdn }};
191.     root /usr/share/zabbix;
192.     index index.php;
193.     location = /favicon.ico {
194.         log_not_found   off;
195.     }
197.     location / {
198.         try_files       $uri $uri/ =404;
199.     }
201.     location /assets {
202.          access_log      off;
203.          expires         10d;
204.     }
206.     location ~ /\.ht {
207.          deny            all;
208.     }
210.     location ~ /(api\/|conf[^\.]|include|locale|vendor) {
211.          deny            all;
212.          return          404;
213.     }
214.     location ~ [^/]\.php(/|$) {
215.         fastcgi_pass   127.0.0.1:9000;
216.         #fastcgi_pass    unix:/run/php-fpm/zabbix.sock;
217.         fastcgi_split_path_info ^(.+\.php)(/.+)$;
218.         fastcgi_index   index.php;
220.         fastcgi_param   DOCUMENT_ROOT   /usr/share/zabbix;
221.         fastcgi_param   SCRIPT_FILENAME /usr/share/zabbix$fastcgi_script_name;
222.         fastcgi_param   PATH_TRANSLATED /usr/share/zabbix$fastcgi_script_name;
224.         include fastcgi_params;
225.         fastcgi_param   QUERY_STRING    $query_string;
226.         fastcgi_param   REQUEST_METHOD  $request_method;
227.         fastcgi_param   CONTENT_TYPE    $content_type;
228.         fastcgi_param   CONTENT_LENGTH  $content_length;
230.         fastcgi_intercept_errors        on;
231.         fastcgi_ignore_client_abort     off;
232.         fastcgi_connect_timeout         60;
233.         fastcgi_send_timeout            180;
234.         fastcgi_read_timeout            180;
235.         fastcgi_buffer_size             128k;
236.         fastcgi_buffers                 4 256k;
237.         fastcgi_busy_buffers_size       256k;
238.         fastcgi_temp_file_write_size    256k;
239.     }
241. }

复制代码

4.2.2 部署zabbix-agent

1. #目录结构
2. [22:59:31 root@ansible-rocky zabbix_agent2]$ tree
3. .
4. ├── files
5. │   └── zabbix_agnet2.d
6. │       ├── login.conf
7. │       ├── mem.conf
8. │       ├── mysql.conf
9. │       ├── mysql_repl_status.sh
10. │       ├── mysql.sh
11. │       ├── nginx_status.conf
12. │       ├── nginx_status.sh
13. │       └── tcp_state.conf
14. ├── handlers
15. │   └── main.yml
16. ├── tasks
17. │   └── main.yml
18. └── templates
19.     └── zabbix_agent2.conf.j2
21. 5 directories, 11 files
23. #task文件
24. [23:14:12 root@ansible-rocky opt]$ cat /opt/roles/zabbix_agent2/tasks/main.yml
25. - name: install repo
26.   yum_repository:
27.     name: "ansible_zabbix"
28.     description: "zabbix repo"
29.     baseurl: "https://mirrors.aliyun.com/zabbix/zabbix/{{ zabbix_version }}/rhel/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/"
30.     gpgcheck: yes
31.     gpgkey: "https://mirrors.aliyun.com/zabbix/zabbix-official-repo.key"
33. - name: install agent2 for centos or rocky
34.   yum:
35.     name: zabbix-agent2
36.   when:
37.     - ansible_distribution == "Rocky" or ansible_distribution == "Centos"
39. - name: install agent2 for centos or ubuntu
40.   apt:
41.     name: zabbix-agent2
42.     update_cache: yes
43.   when:
44.     - ansible_distribution == "Ubuntu"
46. - name: config file
47.   template:
48.     src: zabbix_agent2.conf.j2
49.     dest: "/etc/zabbix/zabbix_agent2.conf"
50.     mode: 0644
51.   notify:
52.     - restart zabbix-agent2
54. - name: copy zabbix-agent2.d content
55.   copy:
56.     src: zabbix_agent2.d
57.     dest: "/etc/zabbix"
58.   notify:
59.     - restart zabbix-agent2
60.   tags: zabbix_agent2.d
62. - name: start zabbix-agent2
63.   service:
64.     name: zabbix-agent2
65.     state: started
66.     enabled: yes
67.    
68. #handler文件
69. [23:14:14 root@ansible-rocky opt]$ cat /opt/roles/zabbix_agent2/handlers/main.yml
70. - name: restart zabbix_agent2
71.   service:
72.     name: zabbix-agent2
73.     state: restarted
74.    
75. #template文件
76. [23:14:43 root@ansible-rocky opt]$ cat /opt/roles/zabbix_agent2/templates/zabbix_agent2.conf.j2
77. PidFile=/var/run/zabbix/zabbix_agent2.pid
78. LogFile=/var/log/zabbix/zabbix_agent2.log
79. LogFileSize=0
80. Server={{ zabbix_server_ip }}
81. ServerActive={{ zabbix_server_ip }}
82. Hostname={{ ansible_default_ipv4.address }}
83. Include=/etc/zabbix/zabbix_agent2.d/*.conf
84. ControlSocket=/tmp/agent.sock

复制代码

4.2.3 测试

1. [23:15:29 root@rocky8 /etc/zabbix]$ zabbix_get -s 10.0.0.18 -k mem_use_percent
2. 20.1886
3. [23:16:51 root@rocky8 /etc/zabbix]$ zabbix_get -s 10.0.0.18 -k tcp_state[ESTABLISHED]
4. 32
5. [23:17:30 root@rocky8 /etc/zabbix]$ zabbix_get -s 10.0.0.28 -k tcp_state[ESTABLISHED]
6. 28
7. [23:17:35 root@rocky8 /etc/zabbix]$ zabbix_get -s 10.0.0.58 -k tcp_state[ESTABLISHED]
8. 55

复制代码

来源:https://www.cnblogs.com/yan-linux/p/17039200.html
免责声明：由于采集信息均来自互联网，如果侵犯了您的权益，请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容，谢谢合作！