企业运维篇——ansible部署mysql主从复制

[root@server1 ~]# ls
ansible-2.7.8-1.el7.noarch.rpm
ansible-tower-setup-bundle-3.4.2-1.el7.tar.gz
libtomcrypt-1.17-25.el7.x86_64.rpm
libtommath-0.42.0-5.el7.x86_64.rpm
python2-crypto-2.6.1-13.el7.x86_64.rpm
python2-jmespath-0.9.0-1.el7.noarch.rpm
python-httplib2-0.9.2-0.1.el7.noarch.rpm
python-keyczar-0.71c-2.el7.noarch.rpm
python-paramiko-2.1.1-0.9.el7.noarch.rpm
sshpass-1.06-1.el7.x86_64.rpm
[root@server1 ~]# yum install -y *

在这里插入图片描述

[root@server1 ~]# cd /etc/ansible/
[root@server1 ansible]# ls
ansible.cfg  hosts  roles
[root@server1 ansible]# vim hosts
[master]
server1

[slave]
server2

在这里插入图片描述

测试ping模块：先ping——>输入yes，再加-k参数

[root@server1 ansible]# ansible server1 -m ping
The authenticity of host 'server1 (172.25.70.1)' can't be established.
ECDSA key fingerprint is 23:30:b9:0b:bd:7e:c3:05:4e:9a:fb:6f:c5:d6:23:c9.
Are you sure you want to continue connecting (yes/no)? yes
server1 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'server1,172.25.70.1' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", 
    "unreachable": true
}
[root@server1 ansible]# ansible server1 -m ping -k
SSH password: 
server1 | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

在这里插入图片描述

  [root@server1 ansible]# ansible server2 -m ping
    The authenticity of host 'server2 (172.25.70.2)' can't be established.
    ECDSA key fingerprint is 23:30:b9:0b:bd:7e:c3:05:4e:9a:fb:6f:c5:d6:23:c9.
    Are you sure you want to continue connecting (yes/no)? yes
    server2 | UNREACHABLE! => {
        "changed": false, 
        "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'server2,172.25.70.2' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic,password).", 
        "unreachable": true
    }
    [root@server1 ansible]# ansible server2 -m ping -k
    SSH password: 
    server2 | SUCCESS => {
        "changed": false, 
        "ping": "pong"
    }

在这里插入图片描述

设置免密

[root@server1 ansible]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
51:e7:46:07:66:77:40:59:68:03:bb:21:e2:96:2e:4b root@server1
The key's randomart image is:
+--[ RSA 2048]----+
|          . B+==o|
|         . * +=. |
|        o . =. . |
|       . + o o   |
|        S   .    |
|       o         |
|      E .        |
|     . o         |
|      .          |
+-----------------+

在这里插入图片描述

[root@server1 ansible]# ssh-copy-id server1
[root@server1 ansible]# ssh-copy-id server2

在这里插入图片描述
免密连接测试

[root@server1 ansible]# ansible server1 -m ping
[root@server1 ansible]# ansible server2 -m ping
[root@server1 ansible]# ansible all -m ping 
[root@server1 ansible]# ansible master -m ping 
[root@server1 ansible]# ansible slave -m ping

在这里插入图片描述
列出所有模块

[root@server1 ansible]# ansible-doc -l

在这里插入图片描述

[root@server1 ~]# mkdir -p /etc/ansible/roles/mysql_repl/files
[root@server1 ~]# mkdir -p /etc/ansible/roles/mysql_repl2/files
[root@server1 ~]# cd /etc/ansible/
[root@server1 ansible]# ls
ansible.cfg  hosts  qfe  roles
[root@server1 ansible]# vim test.yml
- hosts: master
    roles:
          - role:mysql_repl
- hosts: slave
    roles:
          - role:mysql_repl2

在这里插入图片描述
在server2建立相同目录

[root@server2 ~]# mkdir -p /etc/ansible/roles/mysql_repl/files
[root@server2 ~]# mkdir -p /etc/ansible/roles/mysql_repl2/files

建立mysql_repl执行文件目录和变量目录

[root@server1 ansible]# cd roles/mysql_repl
[root@server1 mysql_repl]# mkdir tasks
[root@server1 mysql_repl]# mkdir vars
[root@server1 vars]# vim main.yml
mysql_version: mysql-5.7.24-1.el7.x86_64.rpm-bundle
mysql_dir: /etc/ansible/roles/mysql_repl/files

在这里插入图片描述

[root@server1 files]# pwd
/etc/ansible/roles/mysql_repl/files
[root@server1 files]# vim my.cnf
[mysqld]
server-id=1
log-bin=mysql-bin
gtid_mode=ON
enforce-gtid-consistency=true
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd

log-error=/var/log/mysqld.log
pid-file=/var/lib/mysqld/mysqld.pid

#
# include all files from the config directory

在这里插入图片描述
配置执行脚本

[root@server1 tasks]# pwd
/etc/ansible/roles/mysql_repl/tasks
[root@server1 tasks]# vim main.yml
   - name: copy package
   copy: src={{mysql_dir}}/{{mysql_version}}.tar dest={{mysql_dir}}/{{mysql_version}}.tar -C {{ mysql_dir }}/
- name: tar mysql.tar
  shell: tar -xvf {{mysql_dir}}/{{mysql_version}}.tar -C {{ mysql_dir }}/
- name: install mysql
  yum: name={{mysql_dir}}/mysql-community-client-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-common-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-libs-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-libs-compat-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-server-5.7.24-1.el7.x86_64.rpm,MySQL-python
- name: cp my.cnf
  copy: src={{mysql_dir}}/my.cnf dest=/etc/my.cnf
- name: start mysqld
  service:
      name: mysqld
      state: started
- name: init mysql
  shell: mysql -uroot -p`cat /var/log/mysqld.log | grep 'password is generated' | awk '{print $NF}'` --connect-expired-password -e "alter user root@localhost identified by 'Xiaojiujiu@666';"
- name: replication
  shell: mysql -uroot -pXiaojiujiu@666 --connect-expired-password -e "grant replication slave on *.* to rep@'172.25.70.%' identified by 'Xiaojiujiu@666';"

在这里插入图片描述

配置mysql_repl2

[root@server1 mysql_repl2]# pwd
/etc/ansible/roles/mysql_repl2
[root@server1 mysql_repl2]# mkdir tasks
[root@server1 mysql_repl2]# mkdir vars
[root@server1 mysql_repl2]# cd files/
[root@server1 files]# vim my.cnf
[mysqld]
server-id=2
gtid_mode=ON
enforce-gtid-consistency=true
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd

log-error=/var/log/mysqld.log
pid-file=/var/lib/mysqld/mysqld.pid

#
# include all files from the config directory
#

在这里插入图片描述

[root@server1 files]# cd ..
[root@server1 mysql_repl2]# cd vars/
[root@server1 vars]# vim main.yml
mysql_version: mysql-5.7.24-1.el7.x86_64.rpm-bundle
mysql_dir: /etc/ansible/roles/mysql_repl2/files
[root@server1 vars]# cd ..
[root@server1 mysql_repl2]# cd tasks/
[root@server1 tasks]# vim main.yml
- name: copy package
  copy: src={{mysql_dir}}/{{mysql_version}}.tar dest={{mysql_dir}}/{{mysql_version}}.tar -C {{ mysql_dir }}/
- name: tar mysql.tar
  shell: tar -xvf {{mysql_dir}}/{{mysql_version}}.tar -C {{ mysql_dir }}/
- name: install mysql
  yum: name={{mysql_dir}}/mysql-community-client-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-common-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-libs-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-libs-compat-5.7.24-1.el7.x86_64.rpm,{{mysql_dir}}/mysql-community-server-5.7.24-1.el7.x86_64.rpm,MySQL-python
- name: cp my.cnf
  copy: src={{mysql_dir}}/my.cnf dest=/etc/my.cnf
- name: start mysqld
  service:
        name: mysqld
        state: started
- name: init mysql
  shell: mysql -uroot -p`cat /var/log/mysqld.log | grep 'password is generated' | awk '{print $NF}'` --connect-expired-password -e "alter user root@localhost identified by 'Xiaojiujiu@666';"
- name: repl1
  shell: mysql -uroot -pXiaojiujiu@666 --connect-expired-password -e "stop slave;"
- name: repl2
  shell: mysql -uroot -pXiaojiujiu@666 --connect-expired-password -e "change master to master_host='172.25.70.1',master_user='rep',master_password='Xiaojiujiu@666',master_auto_position=1;"
- name: repl3
  shell: mysql -uroot -pXiaojiujiu@666 --connect-expired-password -e "start slave;"

在这里插入图片描述

[root@server1 tasks]# yum install -y tree
[root@server1 ~]# ls
ansible  mysql-5.7.24-1.el7.x86_64.rpm-bundle.tar
[root@server1 ~]# cp mysql-5.7.24-1.el7.x86_64.rpm-bundle.tar /etc/ansible/roles/mysql_repl/files/
[root@server1 ~]# cp mysql-5.7.24-1.el7.x86_64.rpm-bundle.tar /etc/ansible/roles/mysql_repl2/files/
[root@server1 ~]# cd /etc/ansible/
[root@server1 ansible]# tree
.
├── ansible.cfg
├── hosts
├── roles
│   ├── mysql_repl
│   │   ├── files
│   │   │   ├── my.cnf
│   │   │   └── mysql-5.7.24-1.el7.x86_64.rpm-bundle.tar
│   │   ├── tasks
│   │   │   └── main.yml
│   │   └── vars
│   │       └── main.yml
│   └── mysql_repl2
│       ├── files
│       │   ├── my.cnf
│       │   └── mysql-5.7.24-1.el7.x86_64.rpm-bundle.tar
│       ├── tasks
│       │   └── main.yml
│       └── vars
│           └── main.yml
└── test.yml

9 directories, 11 files


[root@server1 ansible]# ansible-playbook test.yml

在这里插入图片描述

[root@server1 ansible]# mysql -uroot -pXiaojiujiu@666

在这里插入图片描述

[root@server2 ~]# mysql -uroot -pXiaojiujiu@666

在这里插入图片描述

企业运维篇——ansible部署mysql主从复制

猜你喜欢