Ansible操作记录-part02
shell # 执行命令
service # 服务启动停止重启
yum # 安装工具
script # 运行本地脚本,实则是远端服务器执行
copy # 复制文件至远程服务器
file # 创建文件、目录、链接
mount # 挂载设备
user # 创建用户
group # 创建组
10.0.0.61 管理机 (使用ansible-playbook实现安装 rsync nfs sersync web01挂载)
10.0.0.31 nfs sersync
10.0.0.41 backup
10.0.0.7 web01
playbook
目的:一个任务,使用多个不同的模块,同时完成一件事情(先后顺序)
安装
配置
启动
- name: Install httpd
yum:
names:
- httpd
- httpd-tools
- rsync
- nfs
- name: config httpd
yum:
name: httpd
1.使用playbook安装Apache
- host: web #现在需要做一件事情,找谁更合适(web代表主机组)
task: # 任务
- name: Install Httpd Server #描述必须写,描述这个任务是干什么
yum: name=httpd,httpd-tools state=installed # 具体怎么做
[root@m01 ~]# cat httpd_install.yaml
- hosts: web
tasks:
- name: Install Httpd Server
yum: name=httpd,httpd-tools state=installed
- name: Config Httpd Server
copy: src=./httpd.conf dest=/etc/httpd/conf/httpd.conf
# notify用于监控配置文件是否变更,如果变更则调用handlers执行状态
notify: restart httpd
- name: Service Httpd Server
service: name=httpd state=started enabled=yes
handlers:
# * 当确认事件有被触发才会动作
# * 一个 handler 可被多个 task 通知 (notify),并于 tasks 跑完才会执行
- name: restart httpd
service: name=httpd state=restarted
1.规划
角色 外网IP(NAT) 内网IP(LAN) 安装工具
m01 eth0:10.0.0.61 eth1:172.16.1.61 ansible
backup eth0:10.0.0.41 eth1:172.16.1.41 rsync-server
nfs-server eth0:10.0.0.31 eth1:172.16.1.31 nfs、sersync
web01 eth0:10.0.0.7 eth1:172.16.1.7 nginx+php
m01上操作
2.配置ansible
[web]
172.16.1.7
[nfs]
172.16.1.31
[backup]
172.16.1.41
[ test:children]
nfs
backup
web
3.#确认主机组和规划的IP是否一致
[root@m01 ~]# ansible web --list-host
hosts (1):
172.16.1.7
[root@m01 ~]# ansible backup --list-host
hosts (1):
172.16.1.41
[root@m01 ~]# ansible nfs --list-host
hosts (1):
172.16.1.31
[root@m01 ~]# ansible test --list-host
hosts (3):
172.16.1.31
172.16.1.41
172.16.1.7
4.建立对应的目录站点,用于存放ansible-playbook
[root@m01 ~]# mkdir -p /etc/ansible/ansible_playbook/{conf,file} -p
[root@m01 ~]# cd /etc/ansible/ansible_playbook/
[root@m01 ansible_playbook]# ll
drwxr-xr-x 2 root root 6 Aug 1 10:30 conf
drwxr-xr-x 2 root root 6 Aug 1 10:30 file
5.编写基础模块的playbook
0.基础仓库准备
1.安装rsync
2.安装nfs-utils
3.创建www用户指定uid、gid
4.准备rsync客户端密码文件
准备rsync客户端密码文件
[root@m01 conf]# cat /etc/ansible/ansible_playbook/conf/rsync_client_pass
123456
建立base的yaml
[root@m01 ansible_playbook]# cat base.yaml
- hosts: test
tasks:
# 1.Install Pkg
- name: Installed Repo
- name: Installed Rsync Client
yum: name=rsync state=installed
- name: Installed Nfs-utils
yum: name=nfs-utils state=installed
# 2.Create User
- name: Create group www
group: name=www gid=666
- name: Create user www
user: name=www uid=666 group=www create_home=no shell=/sbin/nologin
#3.create rsync client pass
- name: Create rsync client pass
copy: src=./conf/rsync_client_pass dest=/etc/rsync.pass
#检测语法
[root@m01 ansible_playbook]# ansible-playbook --syntax-check base.yaml
playbook: base.yaml
# 模拟执行
[root@m01 ansible_playbook]# ansible-playbook -C base.yaml
5.编写应用模块-rsync-的palybook
1.安装rsync
2.配置rsync
3.启动rsync
4.准备对应数据存储仓库/backup /data 授权为www
5.准备虚拟用户和密码文件,权限600
6.变更配置,重载服务
1.准备对应的配置文件
[root@m01 conf]# cat /etc/ansible/ansible_playbook/conf/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.password
log file = /var/log/rsyncd.log
#####################################
[backup]
path = /backup
[data]
path = /data
# 2.准备服务端需要使用的虚拟用户与虚拟用户对应的密码
[root@m01 conf]# cat /etc/ansible/ansible_playbook/conf/rsync_server_pass
rsync_backup:123456
3.对应的yaml语法
[root@m01 ansible_playbook]# cat rsync.yaml
- hosts: backup
tasks:
- name: Installed Rsync Server
yum: name=rsync state=installed
- name: Copy Rsync Config
copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: restart rsyncd
- name: Service Rsyncd
service: name=rsyncd state=started enabled=yes
# Create Data Backup Directory
- name: Create data
file: path=/data state=directory recurse=yes owner=www group=www
- name: Create backup
file: path=/backup state=directory recurse=yes owner=www group=www
- name: create password file
copy: src=./conf/rsync_server_pass dest=/etc/rsync.password mode=0600
handlers:
- name: restart rsyncd
service: name=rsyncd state=restarted
6.编写应用模块-nfs-的palybook
1.安装nfs
2.配置nfs
3.启动nfs
4.准备对应数据存储仓库 /data 授权为www
5.变更配置,重载服务
1.准备nfs的exports文件
[root@m01 ansible_playbook]# cat /etc/ansible/ansible_playbook/conf/nfs_exports
/data/ 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
2.编写nfs的yaml
[root@m01 ansible_playbook]# cat nfs.yaml
- hosts: nfs
tasks:
- name: Copy Nfs Config
copy: src=./conf/nfs_exports dest=/etc/exports
notify: restart nfs-server
- name: service nfs server
service: name=nfs-server state=started enabled=yes
# Create data
- name: Create share nfs data
file: path=/data state=directory recurse=yes owner=www group=www
handlers:
- name: restart nfs-server
service: name=nfs-server state=restarted
6.编写应用模块-sersync-的palybook
1.安装sersync
2.配置sersync
3.启动sersync
1.下载软件包,并且重命名防止对应的目录
[root@m01 ansible_playbook]# ll /etc/ansible/ansible_playbook/file/
-rw-r--r-- 1 root root 727290 Aug 1 12:04 sersync.tar.gz
2.准备sersync的配置文件
[root@m01 ansible_playbook]# cat /etc/ansible/ansible_playbook/conf/confxml.xml.nfs
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="true"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="data"/>
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
</localpath>
</plugin>
</head>
3.编写sersync的yaml
[root@m01 ansible_playbook]# cat sersync.yaml
- hosts: nfs
tasks:
- name: Installed Sersync
copy: src=./file/sersync.tar.gz dest=/server/tools/
- name: Tar xf Sersync
shell: cd /server/tools/ && tar xf sersync.tar.gz && mv GNU-Linux-x86 /usr/local/sersync
args:
creates: /usr/local/sersync
- name: Config Sersync
copy: src=./conf/confxml.xml.nfs dest=/usr/local/sersync/confxml.xml
- name: Service Start Sersync
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
6.编写应用模块-web-的palybook
[root@m01 ansible_playbook]# cat web.yaml
- hosts: web
tasks:
- name: Create Nfs Client Data
file: path=/data state=directory
- name: Mount Nfs Server
mount: path=/data src=nfs01:/data fstype=nfs opts=defaults state=mounted
7.合并所有的yaml文件
[root@m01 ansible_playbook]# cat main.yaml
- include: base.yaml
- include: rsync.yaml
- include: nfs.yaml
- include: sersync.yaml
- include: web.yaml
8.测试
1.先测试web是否能同步数据至nfs存储
2.nfs是否实时同步至rsync的/data
3.使用客户端测试能否推送数据至rsync的backup
[root@web01 data]# rsync -avz web_ansible rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.pass
创建时间:2021-09-15 21:18
넶浏览量:0
