CentOS7-自动化部署web集群
一、项目要求
1、创建role,通过role完成项目(可能需要多个role)
2、部署nginx调度器(node2主机)
3、部署2台lnmp服务器(node3,node4主机)
4、部署mariadb数据库(node5主机)
主要用的ansible实现自动化部署,ansible的安装教程省略,控制节点安装ansible和Python,受控节点上只需要安装相同版本Python(环境一致好些),所有主机间做免密登录
二、项目实施
1、在控制节点上创建role部署lnmp平台环境
[root@control ansible]# ansible-galaxy init ~/ansible/roles/lnmp
2、上传或者下载lnmp_soft.tar.gz里面的nginx-1.16-1.tar.gz软件包到 /root/ansible/roles/lnmp/files/
# 下载Nginx安装包:
[root@control ansible]# wget https://nginx.org/download/nginx-1.16.1.tar.gz
[root@control ansible]# tar -xf lnmp_soft.tar.gz
[root@control ansible]# cp lnmp_soft/nginx-1.16.1.tar.gz /root/ansible/roles/lnmp/files/
2、编写部署lnmp的脚本,配置动静分离
[root@control ansible]# vim /root/ansible/roles/lnmp/files/install_nginx.sh
稍后会使用copy模块把nginx源码包放到tmp目录下,拷贝nginx源码,执行编译安装
#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '65,71s/#//' $conf
sed -i '/SCRIPT_FILENAME/d' $conf
sed -i 's/fastcgi_params/fastcgi.conf/' $conf
3、部署网页模板文件,通过template把包含变量的模板文件拷贝给目标主机node3 和 node4
[root@control ansible]# vim /root/ansible/roles/lnmp/templates/index.html
Welcome to {{ansible_hostname}} on {{ansible_all_ipv4_addresses}}
4、编写tasks文件,定义任务
[root@control ansible]# vim /root/ansible/roles/lnmp/tasks/main.yml
---
# tasks file for /root/ansible/roles/lnmp
- name: copy nginx-1.16.1.tar.gz to webserver.
copy:
src: nginx-1.16.1.tar.gz
dest: /tmp/
- name: install nginx through shell script.
script: install_nginx.sh
args:
creates: /usr/local/nginx/sbin/nginx # 当nginx主程序文件存在时,不执行安装脚本
- name: copy index.html to webserver. #拷贝首页文件
template:
src: index.html
dest: /usr/local/nginx/html/index.html
- name: install php
yum:
name:
- php
- php-fpm
- php-mysqlnd
- mariadb-devel
- name: run all serveice
block:
- service:
name: php-fpm
state: started
- shell: /usr/local/nginx/sbin/nginx
args:
creates: /usr/local/nginx/logs/nginx.pid
#当nginx的进程号文件存在,说明nginx启动了。则不执行启动nginx
5、编写playbook剧本
[root@control ansible]# vim ~/ansible/lnmp.yml
- hosts: webserver
roles:- lnmp
6、运行playbook,并验证是否成功
[root@control ansible]# ansible-playbook lnmp.yml
# 控制节点上登录node节点
[root@control ansible]# ssh node3
# 查看/usr/local/nginx/目录下信息bin
[root@node3 ~]# ls /usr/local/nginx/
# 查看端口是否被监听
[root@node3 ~]# ss -nultp | grep 80
# 查看是否安装所需要包
[root@node3 ~]# rpm -q php-fpm
# 查看php的状态
[root@node3 ~]# systemctl status php-fpm
# 查看默认主页是否创建完成
[root@node3 ~]# cat /usr/local/nginx/html/index.html
Welcome to node3 on ['192.168.4.3']
7、使用nginx部署代理服务器node2
[root@control ansible]# ansible-galaxy init ~/ansible/roles/proxy
[root@control ansible]# cp ~/ansible/roles/lnmp/files/* ~/ansible/roles/proxy/files/
8、编写配置调度器的脚本,删掉之前的sed语句,添加定义集群,调用集群的语句
[root@control ansible]# vim ~/ansible/roles/proxy/files/install_nginx.sh
#!/bin/bash
conf="/usr/local/nginx/conf/nginx.conf"
yum -y install gcc pcre-devel openssl-devel make
cd /tmp/
tar -xf nginx-1.16.1.tar.gz
cd nginx-1.16.1
./configure --with-http_ssl_module
make && make install
sed -i '/^http/a upstream webs {\n server 192.168.4.3;\n server 192.168.4.4;\n }\n'
$conf
sed -i '49i proxy_pass http://webs;' $conf
/usr/local/nginx/sbin/nginx
9、编写tasks文件,定义任务
[root@control ansible]# vim ~/ansible/roles/proxy/tasks/main.yml
---
# tasks file for /root/ansible/roles/proxy
- name: copy source file to node2
copy:
src: nginx-1.16.1.tar.gz
dest: /tmp/
- name: install nginx.
script: install_nginx.sh
args:
creates: /usr/local/nginx/sbin/nginx
10、编写playbook剧本,调用任务
[root@control ansible]# vim proxy.yml
---
- hosts: node2
roles:
- proxy
- hosts: node5
tasks:
- name: install mariadb server. #部署数据库服务器
yum:
name:
- mariadb
- mariadb-server
- mariadb-devel
- name: run mariadb-server
service:
name: mariadb
state: started
11、运行playbook和测试节点
[root@control ansible]# ansible-playbook proxy.yml
node1测试访问:
node2,node3,node4关闭防火墙,
[root@node2 ~]# systemctl stop firewalld.service 或者
firewall-cmd --add-service=http 允许http访问都可以
[root@node3 ~]# systemctl stop firewalld.service
[root@node4 ~]# systemctl stop firewalld.service
[root@node1 ~]# curl http://192.168.4.2 #成功