playbook触发器 handler
handler用来执行某些条件下的任务,比如当配置文件发生变化的时候,通过notify触发handler去重启服务。
在saltstack中也有类似的触发器,写法相对Ansible简单,只需要watch,配置文件即可。
大白话:监控某一个步骤,一旦该步骤发生了变化,则立马触发该步骤的触发器,执行对应的步骤
注意:
# 1.无论多少个task通知了相同的handlers,handlers仅会在所有tasks结束后运行一次。
# 2.Handlers只有在其所在的任务被执行时,才会被运行;如果一个任务中定义了notify调用Handlers,但是由于条件判断等原因,该任务未被执行,那么Handlers同样不会被执行。
3.Handlers只会在每一个play的末尾运行一次;如果想在一个playbook中间运行Handlers,则需要使用meta模块来实现。例如: -meta: flush_handlers。(不要强制执行)
4.如果一个play在运行到调用Handlers的语句之前失败了,那么这个Handlers将不会被执行。我们可以使用meta模块的--force-handlers选项来强制执行Handlers,即使Handlers所在的play中途运行失败也能执行。(不要强制执行)
# 5.不能使用handlers替代tasks
触发器的写法:
- hosts: web01
task:
- name: Push Nginx PHP Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/web/nginx.conf",dest: "/etc/nginx/nginx.conf" }
- { src: "/ansible/web/www.zls.com.conf",dest: "/etc/nginx/conf.d/www.zls.com.conf" }
- { src: "/ansible/web/www.conf",dest: "/etc/php-fpm.d/www.conf" }
when: ansible_fqdn is match 'web*'
notify: Restart Nginx And PHP
handlers:
- name: Restart Nginx And PHP
service:
name: "{{ item }}"
state: restarted
with_items:
- nginx
- php-fpm
注意:tasks中的notify名字必须和handlers中的- name名字对应上,否则触发器和任务没有做任何关联
tag标签
默认情况下,Ansible在执行一个playbook时,会执行playbook中定义的所有任务,Ansible的标签(tag)功能可以给单独任务甚至整个playbook打上标签,然后利用这些标签来指定要运行playbook中的个别任务,或不执行指定的任务。
打标签的方式
1.对一个task打一个标签
我只想推送nginx的配置文件
- name: Push Nginx PHP Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/web/nginx.conf",dest: "/etc/nginx/nginx.conf" }
- { src: "/ansible/web/www.zls.com.conf",dest: "/etc/nginx/conf.d/www.zls.com.conf" }
- { src: "/ansible/web/www.conf",dest: "/etc/php-fpm.d/www.conf" }
when: ansible_fqdn is match 'web*'
notify: Restart Nginx And PHP
tags: config_nginx
## 运行:
[root@m01 ansible]# ansible-playbook lnmp.yml -t config_nginx
2.对一个task打多个标签
有一个功能任务,我安装nginx的时候需要创建www用户,安装nfs的时候,需要创建www用户,安装rsync的时候需要创建www用户
创建www用户这个功能,有多个任务都需要使用
tag: install_nginx
tag: install_nfs
tag: install_rsync
- name: Create {{ web_user_group }} Group
group:
name: "{{ web_user_group }}"
gid: 666
state: present
tags:
- install_nginx
- install_nfs
- install_rsync
[root@m01 ansible]# ansible-playbook lnmp.yml -t install_nginx
- name: Push Nginx PHP Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/web/nginx.conf",dest: "/etc/nginx/nginx.conf" }
- { src: "/ansible/web/www.zls.com.conf",dest: "/etc/nginx/conf.d/www.zls.com.conf" }
- { src: "/ansible/web/www.conf",dest: "/etc/php-fpm.d/www.conf" }
when: ansible_fqdn is match 'web*'
notify: Restart Nginx And PHP
tags:
- congfig_nginx
- install_nginx
3.对多个task打一个标签
我只想重新安装nginx
1.安装nginx
tag: install_nginx
2.配置nginx打一个标签
tag: install_nginx
- name: Unarchive Nginx and PHP
unarchive:
src: /ansible/web/nginx_php.tgz
dest: /root
when: ansible_fqdn is match 'web*'
tags: install_nginx
- name: Install Nginx and PHP
yum:
name: /root/nginx_php/{{ item }}
state: present
with_items: "{{ nginx_php_packages }}"
when: ansible_fqdn is match 'web*'
tags: install_nginx
- name: Push Nginx PHP Conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/web/nginx.conf",dest: "/etc/nginx/nginx.conf" }
- { src: "/ansible/web/www.zls.com.conf",dest: "/etc/nginx/conf.d/www.zls.com.conf" }
- { src: "/ansible/web/www.conf",dest: "/etc/php-fpm.d/www.conf" }
when: ansible_fqdn is match 'web*'
notify: Restart Nginx And PHP
tags:
- congfig_nginx
- install_nginx
- name: Create HTML Dir
file:
path: /code
owner: "{{ web_user_group }}"
group: "{{ web_user_group }}"
state: directory
when: ansible_fqdn is match 'web*'
tags: install_nginx
- name: Unarchive WordPress Package
unarchive:
src: /ansible/web/wordpress.tgz
dest: /code
owner: "{{ web_user_group }}"
group: "{{ web_user_group }}"
when: ansible_fqdn is match 'web*'
tags: install_nginx
- name: Start Nginx Server
service:
name: "{{ item }}"
state: started
enabled: true
with_items:
- nginx
- php-fpm
when: ansible_fqdn is match 'web*'
tags: install_nginx
- name: Mount NFS Share Directory
mount:
path: /code/wordpress/wp-content/uploads
src: 172.16.1.31:/{{ nfs_dir }}
fstype: nfs
state: mounted
when: ansible_fqdn is match 'web*'
tags: install_nginx
## 运行:
[root@m01 ansible]# ansible-playbook lnmp.yml -t install_nginx
-t:运行指定的tag
--skip-tags:跳过指定的tag
playbook的复用
只调用task:include_tasks
调用整个task文件:include (新版本:import_playbook)
在saltstack中,叫做top file入口文件。
示例一:
[root@m01 m01]# cat task.yml
- hosts: web_group
vars:
- http_port: 8080
tasks:
- include_tasks: task_install.yml
- include_tasks: task_configure.yml
- include_tasks: task_start.yml
handlers:
- name: Restart Httpd Server
systemd:
name: httpd
state: restarted
[root@m01 m01]# cat task_install.yml
- name: Install Http Server
yum:
name: httpd
state: present
[root@m01 m01]# cat task_configure.yml
- name: configure httpd server
template:
src: ./httpd.j2
dest: /etc/httpd/conf/httpd.conf
notify: Restart Httpd Server
[root@m01 m01]# cat task_start.yml
- name: start httpd server
service:
name: httpd
state: started
enabled: yes
示例二
- include: httpd.yml
- include: nfs.yml
- include: rsync.yml
示例三
- import_playbook: httpd.yml
- import_playbook: nfs.yml
- import_playbook: rsync.yml
忽略错误
默认playbook会检测task执行的返回状态,如果遇到错误则会立即终止playbook的后续task执行,然鹅有些时候playbook即使执行错误了也要让其继续执行。
加入参数:ignore_errors:yes 忽略错误
[root@m01 ~]# cat ignore.yml
- hosts: web_group
tasks:
- name: Ignore False
command: /bin/false
ignore_errors: yes
- name: touch new file
file:
path: /tmp/zls.txt
state: touch
错误处理(了解)
1.强制执行handlers
2.changed when 抑制变黄
作业:
1.使用变量优化 之前的作业
2.加上lb,加上keepalived
3.部署wordpress 和 wecenter(部署完就带内容)
4.该加触发器的地方,都加上
- rsync
- nfs
- sersync
- nginx
- php
环境准备
| 主机名 | wanIP | lanIP | 安装的服务 | 角色 |
|---|---|---|---|---|
| web01 | 10.0.0.7 | 172.16.1.7 | nginx,php | web |
| web02 | 10.0.0.8 | 172.16.1.8 | nginx,php | web |
| nfs | 10.0.0.31 | 172.16.1.31 | nfs,rsync | 共享存储 |
| backup | 10.0.0.41 | 172.16.1.41 | rsync | 备份机 |
| db01 | 10.0.0.51 | 172.16.1.51 | mariadb-server | 数据库 |
| m01 | 10.0.0.61 | 172.16.1.61 | ansible | 管理机 |
| lb01 | 10.0.0.5 | 172.16.1.5 | keepalived,nginx | 负载均衡 |
| lb02 | 10.0.0.6 | 172.16.1.6 | keepalived,nginx | 负载均衡 |
导数据库
# 之前准备好项目导出来
# 导出数据库
[root@db01 ~]# mysql -B wp > /root/wp.sql
[root@db01 ~]# mysql -B zh > /root/zh.sql
# 发送
[root@web01 ~]# rsync -az zh.sql 172.16.1.61:/root/ansible/mysql/
[root@web01 ~]# rsync -az wp.sql 172.16.1.61:/root/ansible/mysql/
# 移出共享图片
[root@web01 ~]# rsync -az /code/wordpress/wp-content/uploads/ 172.16.1.61:/root/ansible/mysql/
[root@web01 ~]# rsync -az /code/zh/uploads/ 172.16.1.61:/root/ansible/mysql/
# 打包项目
[root@web01 ~]# tar zcf code.tgz /code
# 发送
[root@web01 ~]# rsync -az code.tgz 172.16.1.61:/root/ansible/mysql/
准备主机清单
# ping通其他主机
#!/bin/bash
for i in 5 6 7 8 31 41 51 61;do
sshpass -p 1 ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no [email protected].$i
done
# 编辑主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[webs]
web01 ansible_ssh_host=172.16.1.7
web02 ansible_ssh_host=172.16.1.8
[lbs]
lb01 ansible_ssh_host=172.16.1.5
lb02 ansible_ssh_host=172.16.1.6
[nfss]
nfs ansible_ssh_host=172.16.1.31
[backups]
backup ansible_ssh_host=172.16.1.41
[mariadb]
db01 ansible_ssh_host=172.16.1.51
[install_nfs:children]
webs
nfss
[install_rsync:children]
nfss
backups
准备nginx,php,rsync,nfs配置文件
# 创建项目目录
[root@m01 ~]# mkdir ansible/{group_vars,host_vars,mysql,nfs,nginx,rsync,keeplive} -p
# 准备nginx主配置文件
[root@m01 ~]# vim ansible/nginx/nginx.conf
user {{ all_user }};
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
# 准备php主配置文件
[root@m01 ~]# vim ansible/nginx/www.conf
...
; Start a new pool named 'www'.
[www]
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = www
; RPM: Keep a group allowed to write in log dir.
group = www
...
# 准备rsync的主配置文件
[root@m01 ~]# vim ansible/rsync/rsyncd.conf
uid = {{ all_user }}
gid = {{ all_user }}
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
log file = /var/log/rsyncd.log
auth users = {{ rsync_user }}
secrets file = /etc/rsync_pass
[{{ rsync_dir }}]
comment = welcome to oldboyedu backup!
path = /{{ rsync_dir }}
# 准备nfs配置文件
[root@m01 ~]# vim ansible/nfs/exports
/data/wp 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
/data/zh 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
# 准备nginx配置文件
[root@m01 ~]# vim ansible/nginx/wp.conf
server {
listen 80;
server_name wp.com;
root /code/wordpress;
index index.php;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@m01 ~]# vim ansible/nginx/zh.conf
server {
listen 80;
server_name zh.com;
root /code/zh;
index index.php;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
## 准备nginx和rpm包
[root@m01 ~/ansible/nginx]# rz
nginx_php.tgz
准备sersync
[root@m01 ~/ansible/nfs]# rz
[root@m01 ~/ansible/nfs]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 ~/ansible/nfs]# mv GNU-Linux-x86/ sersync
[root@m01 ~/ansible/nfs]# cat sersync/confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="false"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="{{ nfs_dir }}">
<remote ip="172.16.1.41" name="{{ rsync_dir }}"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="{{ rsync_user }}" passwordfile="/etc/rsync.pas"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
[root@m01 ~/ansible/nfs]# tar zcf sersync.tgz sersync
准备keepalive配置文件
## nginx负载均衡配置文件
[root@m01 ~]# vim ansible/keepalive/lb.conf
upstream wb {
server 10.0.0.7;
server 10.0.0.8;
}
server {
server_name zh.com wp.com;
listen 80;
location / {
proxy_pass http://wb;
proxy_set_header Host $http_host;
}
}
## keepalive主配置文件
[root@m01 ~]# vim ansible/keepalive/keepalive.j2
global_defs {
# 主机名
router_id {{ ansible_fqdn }}
}
vrrp_script check_web {
script /root/panduan.sh
interval 5
}
vrrp_instance VI_1 {
# 当主机是lb01时
{% if ansible_fqdn == 'lb01' %}
state MASTER
priority 150
# 当主机是lb01时
{% elif ansible_fqdn == 'lb02' %}
state BACKUP
priority 100
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script {
check_web
}
}
## 判断nginx是否存活脚本
[root@m01 ~]# vim ansible/keepalive/panduan.sh
#!/bin/sh
nginx_statu=$(ps -C nginx --no-header|wc -l)
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginx_statu -eq 0 ];then
systemctl start nginx
sleep 3
#2.等待3秒后再次获取一次Nginx状态
nginx_statu=$(ps -C nginx --no-header|wc -l)
#3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本
if [ $nginx_statu -eq 0 ];then
systemctl stop keepalived
fi
fi
设置变量
[root@m01 ~/ansible]# cat group_vars/webs
nginx_php:
- autoconf-2.69-11.el7.noarch.rpm
- automake-1.13.4-3.el7.noarch.rpm
- libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
- libmcrypt-2.5.8-13.el7.x86_64.rpm
- libmemcached-1.0.16-5.el7.x86_64.rpm
- libX11-1.6.7-2.el7.x86_64.rpm
- libX11-common-1.6.7-2.el7.noarch.rpm
- libXau-1.0.8-2.1.el7.x86_64.rpm
- libxcb-1.13-1.el7.x86_64.rpm
- libXpm-3.5.12-1.el7.x86_64.rpm
- m4-1.4.16-10.el7.x86_64.rpm
- mod_php71w-7.1.33-1.w7.x86_64.rpm
- nginx-1.18.0-1.el7.ngx.x86_64.rpm
- pcre-devel-8.32-17.el7.x86_64.rpm
- perl-Data-Dumper-2.145-3.el7.x86_64.rpm
- perl-Test-Harness-3.28-3.el7.noarch.rpm
- perl-Thread-Queue-3.02-2.el7.noarch.rpm
- php71w-cli-7.1.33-1.w7.x86_64.rpm
- php71w-common-7.1.33-1.w7.x86_64.rpm
- php71w-devel-7.1.33-1.w7.x86_64.rpm
- php71w-embedded-7.1.33-1.w7.x86_64.rpm
- php71w-fpm-7.1.33-1.w7.x86_64.rpm
- php71w-gd-7.1.33-1.w7.x86_64.rpm
- php71w-mbstring-7.1.33-1.w7.x86_64.rpm
- php71w-mcrypt-7.1.33-1.w7.x86_64.rpm
- php71w-mysqlnd-7.1.33-1.w7.x86_64.rpm
- php71w-opcache-7.1.33-1.w7.x86_64.rpm
- php71w-pdo-7.1.33-1.w7.x86_64.rpm
- php71w-pear-1.10.4-1.w7.noarch.rpm
- php71w-pecl-igbinary-2.0.5-1.w7.x86_64.rpm
- php71w-pecl-memcached-3.0.4-1.w7.x86_64.rpm
- php71w-pecl-mongodb-1.5.3-1.w7.x86_64.rpm
- php71w-pecl-redis-3.1.6-1.w7.x86_64.rpm
- php71w-process-7.1.33-1.w7.x86_64.rpm
- php71w-xml-7.1.33-1.w7.x86_64.rpm
tuisong:
- { src: '/root/ansible/nginx/nginx.conf' , dest: '/etc/nginx/nginx.conf' }
- { src: '/root/ansible/nginx/wp.conf' , dest: '/etc/nginx/conf.d/wp.conf' }
- { src: '/root/ansible/nginx/zh.conf' , dest: '/etc/nginx/conf.d/zh.conf' }
[root@m01 ~/ansible]# cat group_vars/install_nfs
wp_nfs_dir: /data/wp
zh_nfs_dir: /data/zh
nfs_dir: /data
[root@m01 ~/ansible]# cat group_vars/install_rsync
rsync_user: jkz_bak
rsync_pass: 111
rsync_dir: backup
nfs_dir: /data
[root@m01 ~/ansible]# cat group_vars/all
all_user: www
## 查看项目
[root@m01 ~/ansible]# tree
.
├── group_vars
│ ├── all
│ ├── install_nfs
│ ├── install_rsync
│ └── webs
├── host_vars
│ ├── backup
│ ├── db01
│ ├── nfs
│ ├── web01
│ └── web02
├── keepalive
│ ├── keepalive.j2
│ ├── lb.conf
│ └── panduan.sh
├── lnmp.yml
├── mysql
│ ├── 2020
│ │ └── 06
│ │ ├── yyy-150x150.jpg
│ │ ├── yyy-213x300.jpg
│ │ └── yyy.jpg
│ ├── code.tgz
│ ├── questions
│ │ └── 20200615
│ │ ├── 170x110_34ce009e258fe9422c538325b8fab09f.png
│ │ ├── 34ce009e258fe9422c538325b8fab09f.png
│ │ └── 90x90_34ce009e258fe9422c538325b8fab09f.png
│ ├── wp.sql
│ └── zh.sql
├── nfs
│ ├── exports
│ ├── GNU-Linux-x86
│ │ ├── confxml.xml
│ │ └── sersync2
│ ├── sersync
│ │ ├── confxml.xml
│ │ └── sersync2
│ └── sersync.tgz
├── nginx
│ ├── nginx.conf
│ ├── nginx_php.tgz
│ ├── QQ.zip
│ ├── wp.conf
│ ├── www.conf
│ └── zh.conf
└── rsync
└── rsyncd.conf
编写剧本
[root@m01 ~/ansible]# cat lnmp.yml
- hosts: all
tasks:
- name: Create {{ web_user_group }} Group
group:
name: "{{ all_user }}"
gid: 666
state: present
- name: Create {{ web_user_group }} User
user:
name: "{{ all_user }}"
uid: 666
group: "{{ all_user }}"
shell: /sbin/nologin
create_home: False
- name: Start FireWalld Server
service:
name: firewalld
state: started
- name: open server
firewalld:
service: '{{ item }}'
state: enabled
permanent: no
with_items:
- https
- http
- rsyncd
- nfs
- mysql
- name: Stop Selinux
selinux:
state: disabled
### 部署rsync
- name: install rsync
yum:
name: rsync
state: present
when: ansible_fqdn == 'nfs' or ansible_fqdn == 'backup'
tags: install_rsync
- name: tuisong rsync
template:
src: /root/ansible/rsync/rsyncd.conf
dest: /etc/rsyncd.conf
when: ansible_fqdn == 'backup'
tags:
- rsync_peizhi
- rsync_file
- name: create rsync pass file
copy:
content: '{{ rsync_user }}:{{ rsync_pass }}'
dest: /etc/rsync_pass
mode: 0600
when: ansible_fqdn == 'backup'
tags:
- rsync_peizhi
- rsync_file
- name: create backup dir
file:
path: '/{{ rsync_dir }}'
owner: '{{ all_user }}'
group: '{{ all_user }}'
state: directory
when: ansible_fqdn == 'backup'
tags:
- rsync_peizhi
- rsync_file
- name: start rsync
service:
name: rsyncd
state: started
enabled: yes
when: ansible_fqdn == 'backup'
tags:
- rsync_peizhi
- rsync_file
### 部署nfs
- name: install nfs
yum:
name: nfs-utils
state: present
when: ansible_fqdn == 'nfs' or ansible_fqdn is match 'web*'
tags: install_nfs
- name: tuisong nfs peizhiwenjian
copy:
src: /root/ansible/nfs/exports
dest: /etc/exports
when: ansible_fqdn == 'nfs'
tags:
- nfs_peizhi
- nfs_file
- name: create {{ nfs_dir }}
file:
path: '{{ item }}'
state: directory
owner: '{{ all_user }}'
group: '{{ all_user }}'
with_items:
- '{{ zh_nfs_dir }}'
- '{{ wp_nfs_dir }}'
when: ansible_fqdn == 'nfs'
tags:
- nfs_peizhi
- nfs_file
- name: tuisong tupian
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
owner: '{{ all_user }}'
group: '{{ all_user }}'
with_items:
- { src: '/root/ansible/mysql/2020',dest: "{{ wp_nfs_dir }}" }
- { src: '/root/ansible/mysql/questions',dest: "{{ zh_nfs_dir }}" }
when: ansible_fqdn == 'nfs'
tags:
- nfs_peizhi
- nfs_file
- name: start nfs
service:
name: nfs
state: started
enabled: yes
when: ansible_fqdn == 'nfs'
tags:
- nfs_peizhi
- nfs_file
### 部署sersync
- name: install inotify-tools
yum:
name: inotify-tools
state: present
when: ansible_fqdn == 'nfs'
tags: install_inotify-tools
### 推送rsync
- name: tuisong sersync
unarchive:
src: /root/ansible/nfs/sersync.tgz
dest: /usr/local/
when: ansible_fqdn == 'nfs'
tags: sersync peizhi
- name: tuisong peizhiwenjian
template:
src: /root/ansible/nfs/sersync/confxml.xml
dest: /usr/local/sersync/confxml.xml
when: ansible_fqdn == 'nfs'
tags: sersync peizhi
- name: create rsync pass file
copy:
content: "{{ rsync_pass }}"
dest: /etc/rsync.pas
mode: 0600
when: ansible_fqdn == 'nfs'
tags: sersync peizhi
- name: start sersync
shell: "/usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml"
when: ansible_fqdn == 'nfs'
tags: sersync peizhi
### 配置数据库
- name: puth biaoge
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
with_items:
- { src: '/root/ansible/mysql/wp.sql' ,dest: '/tmp/' }
- { src: '/root/ansible/mysql/zh.sql' ,dest: '/tmp/' }
when: ansible_fqdn == 'db01'
tags: mysql_peizhi
- name: yum mariadb-server,MySQL-python
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_fqdn == 'db01'
tags: mysql_peizhi
- name: start mraiadb
service:
name: mariadb
state: started
enabled: yes
when: ansible_fqdn == 'db01'
tags: mysql_peizhi
- name: Create WordPress User
mysql_user:
name: php
password: '111'
host: '%'
priv: '*.*:ALL'
state: present
when: ansible_fqdn == 'db01'
tags: mysql_peizhi
- name: daorushujuk
mysql_db:
state: import
name: all
target: '{{ item }}'
with_items:
- /tmp/wp.sql
- /tmp/zh.sql
when: ansible_fqdn == 'db01'
tags: mysql_peizhi
### 部署nginx和php
- name: unarchive ngixn and php
unarchive:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
owner: '{{ all_user }}'
group: '{{ all_user }}'
with_items:
- { src: '/root/ansible/mysql/code.tgz' , dest: '/' }
- { src: '/root/ansible/nginx/nginx_php.tgz' , dest: '/root/' }
when: ansible_fqdn is match 'web*'
tags: install_nginx_php
- name: anzhuang
yum:
name: '/root/nginx_php/{{ item }}'
state: present
with_items: '{{ nginx_php }}'
when: ansible_fqdn is match 'web*'
tags: install_nginx_php
- name: tuisongpeizhiwenjian
template:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
with_items: '{{ tuisong }}'
when: ansible_fqdn is match 'web*'
tags: nginx_php_peizhi
notify: reload server
- name: aa
copy:
src: /root/ansible/nginx/www.conf
dest: /etc/php-fpm.d/www.conf
when: ansible_fqdn is match 'web*'
tags: nginx_php_peizhi
notify: reload server
- name: Start Nginx Server
service:
name: "{{ item }}"
state: started
enabled: yes
with_items:
- nginx
- php-fpm
when: ansible_fqdn is match 'web*'
tags: nginx_php_peizhi
- name: Mount NFS Share Directory
mount:
path: '{{ item.path }}'
src: '{{ item.src }}'
fstype: nfs
state: mounted
with_items:
- { path: '/code/wordpress/wp-content/uploads',src: '172.16.1.31:{{ wp_nfs_dir }}' }
- { path: '/code/zh/uploads',src: '172.16.1.31:{{ zh_nfs_dir }}' }
when: ansible_fqdn is match 'web*'
### 负载均衡配置
- name: peizhi fuzaijunheng
yum:
name:
- nginx
- keepalived
state: present
when: ansible_fqdn is match 'lb*'
tags: install nginx_keep
- name: tuisong jiaoben he peizhiwenjian
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
with_items:
- { src: '/root/ansible/keepalive/lb.conf',dest: '/etc/nginx/conf.d/lb.conf' }
- { src: '/root/ansible/keepalive/panduan.sh',dest: '/root/' }
when: ansible_fqdn is match 'lb*'
tags: keepalived_nginx
notify: reload nginx
- name: tuisong keepalived peizhi
template:
src: /root/ansible/keepalive/keepalive.j2
dest: /etc/keepalived/keepalived.conf
when: ansible_fqdn is match 'lb*'
tags: keepalived_nginx
notify: reload nginx
- name: start keepalived nginx
service:
name: '{{ item }}'
state: started
enabled: yes
with_items:
- nginx
- keepalived
when: ansible_fqdn is match 'lb*'
tags: keepalived_nginx
handlers:
- name: reload server
service:
name: "{{ item }}"
state: restarted
with_items:
- nginx
- php-fpm
when: ansible_fqdn is match 'web*'
handlers:
- name: reload server
service:
name: nginx
state: reloaded
when: ansible_fqdn is match 'lb*'
登入网站查看
wp.com
zh.com
查看挂载
查看sersync
无报错