第九章 Ansible-playbook搭建wordpress部落格
阿新 • • 發佈:2021-12-23
一、環境準備
| 主機 | 外網IP | 內網IP | 部署服務 |
|---|---|---|---|
| m01 | 10.0.0.61 | 172.16.1.61 | ansible |
| lb01 | 10.0.0.4 | 172.16.1.4 | nginx |
| web01 | 172.16.1.7 | nginx+php+rpcbind | |
| web02 | 172.16.1.8 | nginx+php+rpcbind | |
| db01 | 172.16.1.51 | mariadb | |
| nfs | 172.16.1.31 | nfs+rpcbind+rsync+inotify+sersync | |
| backup | 172.16.1.41 | rsync |
二、安裝Ansible
1.安裝
[root@m01 ~]# yum install -y ansible
2.配置Ansible
[root@m01 ~]# vim /etc/ansible/ansible.cfg
host_key_checking = False
log_path = /var/log/ansible.log
3.配置主機清單
[root@m01 ~]# vim /etc/ansible/hosts [web_group] web01 ansible_ssh_pass='1' web02 ansible_ssh_pass='1' [slb] lb01 ansible_ssh_pass='1' [db_group] db01 ansible_ssh_pass='1' [nfs_server] nfs ansible_ssh_pass='1' [backup_server] backup ansible_ssh_pass='1' #配置hosts [root@m01 ~]# vim /etc/hosts 172.16.1.4 lb01 172.16.1.7 web01 172.16.1.8 web02 172.16.1.31 nfs 172.16.1.41 backup 172.16.1.51 db01
4.測試連線
[root@m01 ~]# ansible all -m ping
5.準備存放檔案的目錄
[root@m01 ~]# mkdir conf
[root@m01 ~]# mkdir package
三、進行伺服器優化
1.編寫劇本
[root@m01 ~]# cat lnmp.yml - hosts: all tasks: - name: Stop selinux selinux: state: disabled - name: Stop Firewalld systemd: name: firewalld state: stopped enabled: no - name: Install unzip yum: name: unzip state: present - name: Create www Group group: name: www gid: 666 - name: Create www User user: name: www uid: 666 group: www shell: /sbin/nologin create_home: no
四、安裝nginx
1.安裝nginx的方式
#方式1:原始碼包安裝
1.解壓
unarchive
2.生成
shell
3.編譯
shell
4.安裝
shell
#方式2:官方源安裝
1.推送yum源
copy
2.yum安裝nginx
yum
#方式3:rpm包安裝方式
1.推送rpm包
copy
2.安裝本地rpm包
yum
2.nginx安裝準備
1.準備nginx官方源
[root@m01 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[root@m01 ~]# cp /etc/yum.repos.d/nginx.repo ./conf/
2.準備nginx配置檔案
[root@m01 ~]# vim /etc/nginx/nginx.conf
user www;
http {
client_max_body_size 200m;
}
[root@m01 ~]# cp /etc/nginx/nginx.conf ./conf/
3.準備站點檔案
[root@m01 ~]# cd package/
[root@m01 ~/package]# rz wordpress-5.0.3-zh_CN.tar.gz
4.準備站點的配置檔案
[root@m01 ~]# vim conf/linux.wp.com.conf
server {
listen 80;
server_name linux.wp.com;
root /code/wordpress;
location / {
index index.php;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
5.準備負載均衡的配置檔案
[root@m01 ~]# vim conf/proxy.conf
upstream web {
server 172.16.1.7;
server 172.16.1.8;
}
server {
listen 80;
server_name linux.wp.com;
location / {
proxy_pass http://web;
include proxy_params;
}
}
6.準備負載均衡優化檔案
[root@m01 ~]# vim conf/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
7.準備wordpress連線資料庫配置
[root@m01 ~]# vim conf/wp-config.php
/** WordPress資料庫的名稱 */
define('DB_NAME', 'wordpress');
/** MySQL資料庫使用者名稱 */
define('DB_USER', 'wp');
/** MySQL資料庫密碼 */
define('DB_PASSWORD', '123456');
/** MySQL主機 */
define('DB_HOST', '172.16.1.51');
/** 建立資料表時預設的文字編碼 */
define('DB_CHARSET', 'utf8mb4');
3.編寫劇本
[root@m01 ~]# cat lnmp2.yml
- hosts: nginx_group
tasks:
- name: Copy nginx.repo
copy:
src: /root/conf/nginx.repo
dest: /etc/yum.repos.d/
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Config Nginx Server
copy:
src: /root/conf/nginx.conf
dest: /etc/nginx/
- hosts: slb
tasks:
- name: Config slb Server
copy:
src: /root/conf/proxy.conf
dest: /etc/nginx/conf.d
- name: Copy proxy_params
copy:
src: /root/conf/proxy_params
dest: /etc/nginx/
- name: Start slb Server
systemd:
name: nginx
state: started
- hosts: web_group
tasks:
- name: Config nginx Server
copy:
src: /root/conf/linux.wp.com.conf
dest: /etc/nginx/conf.d/
- name: Mkdir Code
file:
path: /code
state: directory
- name: Config wordpress Code
unarchive:
src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
dest: /code/
- name: Config wordpress Connect Mysql
copy:
src: /root/conf/wp-config.php
dest: /code/wordpress/
- name: Grant Code Dir
file:
path: /code
owner: www
group: www
recurse: yes
- name: Start Web Nginx Server
systemd:
name: nginx
state: started
enabled: yes
五、安裝php
1.php安裝準備
1.上傳安裝包
[root@m01 ~]# cd package/
[root@m01 ~/package]# rz php.tar.gz
2.準備php配置
[root@m01 /tmp]# vim /etc/php.ini
upload_max_filesize = 200M
post_max_size = 200M
[root@m01 /tmp]# vim /etc/php-fpm.d/www.conf
user = www
group = www
[root@m01 ~]# cp /etc/php.ini ./conf/
[root@m01 ~]# cp /etc/php-fpm.d/www.conf ./conf/
2.編寫劇本
[root@m01 ~]# cat lnmp3.yml
- hosts: web_group
tasks:
- name: Tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp/
- name: Install PHP Server
shell: yum localinstall -y /tmp/*.rpm
- name: Config php Server
copy:
src: /root/conf/php.ini
dest: /etc/
- name: Config php Server
copy:
src: /root/conf/www.conf
dest: /etc/php-fpm.d/
- name: Start php Server
systemd:
name: php-fpm
state: started
enabled: yes
六、安裝mariadb
1.編寫劇本
[root@m01 ~]# cat lnmp4.yml
- hosts: db01
tasks:
- name: Install Mariadb Server
yum:
name: mariadb-server
state: present
- name: Install MySQL-python
yum:
name: MySQL-python
state: present
- name: Start Mariadb Server
systemd:
name: mariadb
state: started
enabled: yes
- name: Create wordpress Database
mysql_db:
name: wordpress
state: present
- name: Create wordpress Database User
mysql_user:
name: "wp"
host: "172.16.1.%"
password: 123456
priv: "wordpress.*:ALL"
state: present
七、NFS掛載
1.準備掛載目錄
[root@m01 ~/package]# tar xf wordpress-5.0.3-zh_CN.tar.gz
[root@m01 ~/package]# mv wordpress/wp-content ./
2.服務端劇本
[root@m01 ~]# cat lnmp5.yml
- hosts: nfs_group
tasks:
- name: Install nfs Server
yum:
name: nfs-utils
state: present
- name: Install rpcbind Server
yum:
name: rpcbind
state: present
- hosts: nfs_server
tasks:
- name: Config nfs Server
copy:
content: /data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
- name: Mkdir data
file:
path: /data
state: directory
owner: www
group: www
- name: Start nfs Server
systemd:
name: nfs
state: started
3.客戶端劇本
- hosts: nfs
tasks:
- name: Copy wp-content to NFS
copy:
src: /root/package/wp-content
dest: /data
owner: www
group: www
- hosts: web_group
tasks:
- name: Start rpcbind Server
systemd:
name: rpcbind
state: started
- name: Mount nfs
mount:
src: 172.16.1.31:/data/wp-content
path: /code/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted
八、實時備份
1.準備環境
1.準備rsync配置檔案
[root@m01 ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[root@m01 ~]# cp /etc/rsyncd.conf ./conf/
2.準備sersync包
[root@m01 ~/package]# rz sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 ~/package]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@m01 ~/package]# mv GNU-Linux-x86 sersync
3.準備sersync配置
[root@m01 ~]# vim package/sersync/confxml.xml
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="backup"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
4.準備啟動sersync指令碼
[root@m01 ~]# vim start_rsync.sh
#!/bin/bash
/usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
2.服務端劇本
[root@m01 ~]# vim lnmp6.yml
- hosts: backup
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Config Rsync Server
copy:
src: /root/conf/rsyncd.conf
dest: /etc/
- name: Config rsync.passwd
copy:
content: rsync_backup:123456
dest: /etc/rsync.passwd
mode: 0600
- name: Mkdir backup Dir
file:
path: /backup
state: directory
owner: www
group: www
- name: Start rsync Server
systemd:
name: rsyncd
state: started
3.客戶端指令碼
- hosts: nfs
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Install Inotify-tools Server
yum:
name: inotify-tools
state: present
- name: Install sersync Server
copy:
src: /root/package/sersync
dest: /usr/local/
mode: 0755
- name: Config rsync.pass
copy:
content: 123456
dest: /etc/rsync.pass
mode: 0600
- name: Start sersync
script: /root/start_rsync.sh
九、完整的劇本
[root@m01 ~]# cat lnmp.yml
- hosts: all
tasks:
- name: Stop selinux
selinux:
state: disabled
- name: Stop Firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: Install unzip
yum:
name: unzip
state: present
- name: Create www Group
group:
name: www
gid: 666
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
- hosts: nginx_group
tasks:
- name: Copy nginx.repo
copy:
src: /root/conf/nginx.repo
dest: /etc/yum.repos.d/
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Config Nginx Server
copy:
src: /root/conf/nginx.conf
dest: /etc/nginx/
- hosts: slb
tasks:
- name: Config slb Server
copy:
src: /root/conf/proxy.conf
dest: /etc/nginx/conf.d
- name: Copy proxy_params
copy:
src: /root/conf/proxy_params
dest: /etc/nginx/
- name: Start slb Server
systemd:
name: nginx
state: started
- hosts: web_group
tasks:
- name: Config nginx Server
copy:
src: /root/conf/linux.wp.com.conf
dest: /etc/nginx/conf.d/
- name: Mkdir Code
file:
path: /code
state: directory
- name: Config wordpress Code
unarchive:
src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
dest: /code/
- name: Grant Code Dir
file:
path: /code
owner: www
group: www
recurse: yes
- name: Start Web Nginx Server
systemd:
name: nginx
state: started
enabled: yes
- hosts: web_group
tasks:
- name: Tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp/
- name: Install PHP Server
shell: yum localinstall -y /tmp/*.rpm
- name: Config php Server
copy:
src: /root/conf/php.ini
dest: /etc/
- name: Config php Server
copy:
src: /root/conf/www.conf
dest: /etc/php-fpm.d/
- name: Start php Server
systemd:
name: php-fpm
state: started
enabled: yes
- hosts: db01
tasks:
- name: Install Mariadb Server
yum:
name: mariadb-server
state: present
- name: Install MySQL-python
yum:
name: MySQL-python
state: present
- name: Start Mariadb Server
systemd:
name: mariadb
state: started
enabled: yes
- name: Create wordpress Database
mysql_db:
name: wordpress
state: present
- name: Create wordpress Database User
mysql_user:
name: "wp"
host: "172.16.1.%"
password: '123456'
priv: "wordpress.*:ALL"
state: present
- hosts: nfs_group
tasks:
- name: Install nfs Server
yum:
name: nfs-utils
state: present
- name: Install rpcbind Server
yum:
name: rpcbind
state: present
- hosts: nfs_server
tasks:
- name: Config nfs Server
copy:
content: /data/wp-content 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
- name: Mkdir data
file:
path: /data
state: directory
owner: www
group: www
- name: Start nfs Server
systemd:
name: nfs
state: started
- hosts: nfs
tasks:
- name: Copy wp-content to NFS
copy:
src: /root/package/wp-content
dest: /data
owner: www
group: www
- hosts: web_group
tasks:
- name: Start rpcbind Server
systemd:
name: rpcbind
state: started
- name: Mount nfs
mount:
src: 172.16.1.31:/data/wp-content
path: /code/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted
- hosts: backup
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Config Rsync Server
copy:
src: /root/conf/rsyncd.conf
dest: /etc/
- name: Config rsync.passwd
copy:
content: rsync_backup:123456
dest: /etc/rsync.passwd
mode: 0600
- name: Mkdir backup Dir
file:
path: /backup
state: directory
owner: www
group: www
- name: Start rsync Server
systemd:
name: rsyncd
state: started
- hosts: nfs
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Install Inotify-tools Server
yum:
name: inotify-tools
state: present
- name: Install sersync Server
copy:
src: /root/package/sersync
dest: /usr/local/
mode: 0755
- name: Config rsync.pass
copy:
content: 123456
dest: /etc/rsync.pass
mode: 0600
- name: Start sersync
script: /root/start_rsync.sh
十、擴充套件web伺服器
1.將新機器新增到ansible主機清單
[root@m01 ~]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
web03 ansible_ssh_pass='1' #新新增的主機
[root@m01 ~]# vim /etc/hosts
172.16.1.9 web03
2.編寫劇本
[root@m01 ~]# vim add_web.yml
- hosts: web03
tasks:
- name: Stop selinux
selinux:
state: disabled
- name: Stop Firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: Install unzip
yum:
name: unzip
state: present
- name: Create www Group
group:
name: www
gid: 666
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
- name: Copy nginx.repo
copy:
src: /root/conf/nginx.repo
dest: /etc/yum.repos.d/
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Config Nginx Server
copy:
src: /root/conf/nginx.conf
dest: /etc/nginx/
- name: Tar php.tar.gz
unarchive:
src: /root/package/php.tar.gz
dest: /tmp/
- name: Install PHP Server
shell: yum localinstall -y /tmp/*.rpm
- name: Config php Server
copy:
src: /root/conf/php.ini
dest: /etc/
- name: Config php Server
copy:
src: /root/conf/www.conf
dest: /etc/php-fpm.d/
- name: Start php Server
systemd:
name: php-fpm
state: started
enabled: yes
- name: Config nginx Server
copy:
src: /root/conf/linux.wp.com.conf
dest: /etc/nginx/conf.d/
- name: Mkdir Code
file:
path: /code
state: directory
- name: Config wordpress Code
unarchive:
src: /root/package/wordpress-5.0.3-zh_CN.tar.gz
dest: /code/
- name: Config wordpress Connect Mysql
copy:
src: /root/conf/wp-config.php
dest: /code/wordpress/
- name: Grant Code Dir
file:
path: /code
owner: www
group: www
recurse: yes
- name: Start Web Nginx Server
systemd:
name: nginx
state: started
enabled: yes
- name: Install nfs Server
yum:
name: nfs-utils
state: present
- name: Install rpcbind Server
yum:
name: rpcbind
state: present
- name: Start rpcbind Server
systemd:
name: rpcbind
state: started
- name: Mount nfs
mount:
src: 172.16.1.31:/data/wp-content
path: /code/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted