Ansible【自动部署phpmyadmin】

ansible	10.0.0.20
lbserver	10.0.0.10
web01	10.0.0.30
web02	10.0.0.31
redis	10.0.0.50
mysql	10.0.0.60

【1】环境准备

[root@ansible ~]# mkdir phpmyadmin
[root@ansible ~]# cd phpmyadmin/
[root@ansible phpmyadmin]# cp /etc/ansible/ansible.cfg ./
[root@ansible phpmyadmin]# cp /etc/ansible/hosts ./
[defaults]
inventory      = ./hosts
......[root@ansible phpmyadmin]# vim /etc/hosts
.....
.....
10.0.0.10 lbserver
10.0.0.30 web01
10.0.0.31 web02
10.0.0.50 redis
10.0.0.60 mysql[root@ansible phpmyadmin]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.10
[root@ansible phpmyadmin]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.30
[root@ansible phpmyadmin]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.31
[root@ansible phpmyadmin]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.50
[root@ansible phpmyadmin]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.60## 主机清单
[webserver]
web01 ansible_ssh_host=10.0.0.30
web02 ansible_ssh_host=10.0.0.31[lbserver]
lbserver ansible_ssh_host=10.0.0.10[redis]
redis ansible_ssh_host=10.0.0.50[mysql]
mysql ansible_ssh_host=10.0.0.60

【2】准备web01、web02配置文件

nginx.conf.j2

user  www;
worker_processes  auto;error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;events {worker_connections  1024;
}http {include       /etc/nginx/mime.types;default_type  application/octet-stream;log_format  main  '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log  /var/log/nginx/access.log  main;sendfile        on;keepalive_timeout  65;include /etc/nginx/conf.d/*.conf;
}

phpmy.conf.j2

server {listen 80;server_name www.php-myadmin.org;root /code/phpmy;location / {index index.php;}location ~ \.php$ {fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}
}

php.ini.j2

;session.save_handler = files
session.save_handler = redis
session.save_path = "tcp://10.0.0.50:6379?&weight=1&timeout=2.5"

www.conf.j2

;php_value[session.save_handler] = files
;php_value[session.save_path]    = /var/lib/php/session
php_value[soap.wsdl_cache_dir]  = /var/lib/php/wsdlcache

【3】准备lb-server配置文件

nginx.conf.j2

user  www;
worker_processes  auto;error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;events {worker_connections  1024;
}http {include       /etc/nginx/mime.types;default_type  application/octet-stream;log_format  main  '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log  /var/log/nginx/access.log  main;sendfile        on;keepalive_timeout  65;include /etc/nginx/conf.d/*.conf;
}

lb-phpmy.conf.j2

upstream phpmy {server 10.0.0.30:80;server 10.0.0.31:80;
}
server {listen 80;server_name www.php-myadmin.org;location / {proxy_pass http://phpmy;include proxy_params;}
}

proxy_params.j2

proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_connect_timeout 60s;      # nginx连接后端的超时时间
proxy_read_timeout 60s;         # 响应头部超时时间
proxy_send_timeout 60s;         # 响应数据主体的超时时间
proxy_buffering on;             # 开启缓冲区
proxy_buffer_size 8k;           # 缓冲区Header大小
proxy_buffers 4 64k;            # 缓冲区数量 * 大小 = 最大接收

【4】准备redis配置文件

redis.conf.j2

bind 127.0.0.1 10.0.0.50

【5】准备mysql配置文件

my.cnf.j2

[mysqld]
user=mysql
basedir=/usr/local/mysql
log-bin=mysql_bin
datadir=/usr/local/mysql/data
socket=/tmp/mysql.sock
server_id=6
port=3306
[mysql]
socket=/tmp/mysql.sock

mysqld.service.j2

[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000

profile.j2

# /etc/profile# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc# It's NOT a good idea to change this file unless you know what you
# are doing. It's much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.pathmunge () {case ":${PATH}:" in*:"$1":*);;*)if [ "$2" = "after" ] ; thenPATH=$PATH:$1elsePATH=$1:$PATHfiesac
}if [ -x /usr/bin/id ]; thenif [ -z "$EUID" ]; then# ksh workaroundEUID=`/usr/bin/id -u`UID=`/usr/bin/id -ru`fiUSER="`/usr/bin/id -un`"LOGNAME=$USERMAIL="/var/spool/mail/$USER"
fi# Path manipulation
if [ "$EUID" = "0" ]; thenpathmunge /usr/sbinpathmunge /usr/local/sbin
elsepathmunge /usr/local/sbin afterpathmunge /usr/sbin after
fiHOSTNAME=`/usr/bin/hostname 2>/dev/null`
HISTSIZE=1000
if [ "$HISTCONTROL" = "ignorespace" ] ; thenexport HISTCONTROL=ignoreboth
elseexport HISTCONTROL=ignoredups
fiexport PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL# By default, we want umask to get set. This sets it for login shell
# Current threshold for system reserved uid/gids is 200
# You could check uidgid reservation validity in
# /usr/share/doc/setup-*/uidgid file
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; thenumask 002
elseumask 022
fifor i in /etc/profile.d/*.sh ; doif [ -r "$i" ]; thenif [ "${-#*i}" != "$-" ]; then . "$i"else. "$i" >/dev/nullfifi
doneunset i
unset -f pathmunge
export PATH=/usr/local/mysql/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

【5】编写playbook

- hosts: mysqltasks:- name: Install Mysqlunarchive:src: ./file/mysql-5.7.22-linux-glibc2.12-x86_64.tar.gzdest: /usr/local/owner: rootgroup: rootmode: '0755'creates: /usr/local/mysql- name: aliasshell:cmd: mv /usr/local/mysql-5.7.22-linux-glibc2.12-x86_64 /usr/local/mysqlcreates: /usr/local/mysql- name: Configure Exportcopy:src: ./file/profile.j2dest: /etc/profileowner: rootgroup: rootmode: '644'- name: Sourceshell: source /etc/profile- name: Groupaddgroup:name: mysqlgid: '777'state: present- name: Useradduser:name: mysqluid: '777'group: '777'shell: /sbin/nologincreate_home: falsesystem: truestate: present- name: Data Dirfile:path: /usr/local/mysql/dataowner: mysqlgroup: mysqlstate: directorymode: '0755'recurse: yes- name: Init Mysqlshell:cmd: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/datacmd: echo "111" >> /usr/local/mysql/data/111creates: /usr/local/mysql/data/111- name: Cp Commandshell:cmd: cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqldcreates: /etc/init.d/mysqld- name: Configure Mysqlcopy:src: ./file/my.cnf.j2dest: /etc/my.cnfowner: rootgroup: rootmode: '0644'notify: Restart Mysql- name: System Mysqlcopy:src: ./file/mysqld.service.j2dest: /etc/systemd/system/mysqld.serviceowner: rootgroup: rootmode: '0644'notify: Daemon-reload- name: Start Mysqlsystemd:name: mysqldstate: startedenabled: yeshandlers:- name: Restart Mysqlsystemd:name: mysqldstate: restarted- name: Daemon-reloadsystemd:state: daemon-reload- hosts: redistasks:- name: Install Redis yum:name: redisstate: present- name: Configure Rediscopy:src: ./file/redis.conf.j2dest: /etc/redis.confowner: redisgroup: redismode: '0640'notify: Restart Redis- name: Start Redissystemd:name: redisstate: startedenabled: yeshandlers:- name: Restart Redissystemd:name: redisstate: restarted- hosts: webservertasks:- name: Nginx Repoyum_repository:name: ansible_nginxdescription: ansible_nginx_repobaseurl: http://nginx.org/packages/centos/$releasever/$basearch/gpgcheck: nogpgkey: https://nginx.org/keys/nginx_signing.key- name: PHP Repoyum_repository:name: ansible_phpdescription: ansible__php_repobaseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/gpgcheck: no- name: Install Nginx PHPyum:name: "{{ packages }}"state: presentvars:packages:- nginx- php71w- php71w-cli- php71w-common- php71w-devel- php71w-embedded- php71w-gd- php71w-mcrypt- php71w-mbstring- php71w-pdo- php71w-xml- php71w-fpm- php71w-mysqlnd- php71w-opcache- php71w-pecl-memcached- php71w-pecl-redis- php71w-pecl-mongodb- name: Configure Nginx.confcopy:src: ./file/nginx.conf.j2dest: /etc/nginx/nginx.confowner: rootgroup: rootmode: '0644'notify: Restart Nginx      - name: Configure Nginx phpmy.confcopy:src: ./file/phpmy.conf.j2dest: /etc/nginx/conf.d/phpmy.confowner: rootgroup: rootmode: '0644'notify: Restart Nginx- name: Configure PHP WWW.CONFcopy:src: ./file/www.conf.j2dest: /etc/php-fpm.d/www.confowner: rootgroup: rootmode: '0644'notify: Restart PHP- name: Configure PHP.inicopy: src: ./file/php.ini.j2dest: /etc/php.iniowner: rootgroup: rootmode: '0644'notify: Restart PHP- name: Groupadd wwwgroup:name: wwwgid: 666state: present- name: Useradd wwwuser:name: wwwuid: 666group: 666shell: /sbin/nologincreate_home: falsesystem: truestate: present- name: Code Dirfile:path: /codeowner: wwwgroup: wwwstate: directorymode: '0755'- name: Unzip phpmyadminunarchive:src: ./file/phpMyAdmin-4.9.11-all-languages.zipdest: /code/owner: wwwgroup: wwwmode: '0755'creates: /code/phpMyAdmin-4.9.11-all-languages- name: Linkshell:cmd: ln -s /code/phpMyAdmin-4.9.11-all-languages /code/phpmycreates: /code/phpmy- name: Configure phpmycopy:src: ./file/config.sample.inc.php.j2dest: /code/phpmy/config.inc.phpowner: wwwgroup: wwwmode: '0644'- name: Sessionshell:cmd: chown -R www.www /var/lib/php/session/- name: Start Nginxsystemd:name: nginxstate: startedenabled: yes- name: Start PHPsystemd:name: php-fpmstate: startedenabled: yeshandlers:- name: Restart Nginxsystemd:name: nginxstate: restarted- name: Restart PHPsystemd:name: php-fpmstate: restarted- hosts: lbservertasks:- name: Nginx Repoyum_repository:name: ansible_nginxdescription: ansible_nginx_repobaseurl: http://nginx.org/packages/centos/$releasever/$basearch/gpgcheck: nogpgkey: https://nginx.org/keys/nginx_signing.key- name: Install Nginxyum:name: nginxstate: present- name: Configure Nginxcopy:src: ./file/nginx.conf.j2dest: /etc/nginx/nginx.confowner: rootgroup: rootmode: '0644'notify: Restart Nginx- name: Configure lbcopy:src: ./file/lb-phpmy.conf.j2dest: /etc/nginx/conf.d/lb-phpmy.confowner: rootgroup: rootmode: '0644'notify: Restart Nginx- name: Configure Paramscopy:src: ./file/proxy_params.j2dest: /etc/nginx/proxy_paramsowner: rootgroup: rootmode: '0644'notify: Restart Nginx- name: Groupadd wwwgroup:name: wwwgid: 666state: present- name: Useradd wwwuser:name: wwwuid: 666group: 666shell: /sbin/nologincreate_home: falsesystem: truestate: present- name: Start Nginxsystemd:name: nginxstate: startedenabled: yeshandlers:- name: Restart Nginxsystemd:name: nginxstate: restarted