ansible集中化自動管理(部署LAMP環境)
##ansible集中化自動管理
目標:1、生成公鑰,並上傳ssh的公鑰到被控端主機
2、在ansible的主控端配置本地yum源和網絡yum源
3、安裝ansible,用ansible上傳yum源目錄到被控端主機。
4、用ansible管理被控端主機的系統、軟件和服務。
5、用playbooks劇本(yaml腳本文件)來管理被控端。
各種網絡yum倉庫:
6zabbix-2.4: rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/6/x86_64/zabbix-release-2.4-1.el6.noarch.rpm
6zabbix-3.2(兼容性不好,可能無法安裝): http://repo.zabbix.com/zabbix/3.4/rhel/6/x86_64/
7zabbix-2.4: rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/7/x86_64/zabbix-release-2.4-1.el7.noarch.rpm
7zabbix-3.2: rpm -ivh http://repo.zabbix.com/zabbix/3.4/rhel/7/x86_64/zabbix-release-3.4-1.el7.centos.noarch.rpm
centos6: wget -O /etc/yum.repos.d/6CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
6epel源:wget -O /etc/yum.repos.d/6epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
centos7: wget -O /etc/yum.repos.d/7CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
7epel源:wget -O /etc/yum.repos.d/7epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
網絡環境:
asible主控端:192.168.10.1
ansible被控端:192.168.10.10~192.168.10.20
具體實施:
1、生成公鑰,並上傳ssh的公鑰到被控端主機
第1步,在asible主控端生成公鑰。
ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ‘‘
yum install -y expect
第2步,批量上傳公鑰到被控端。
for i in 11
do
ssh-copy-id [email protected]$i
ssh [email protected]$i ip a
done
ssh-add
sed -ri ‘/^#UseDNS/c\UseDNS no‘ /etc/ssh/sshd_config
sed -ri ‘/^GSSAPIAuthentication/c\GSSAPIAuthentication no‘ /etc/ssh/sshd_config
grep -En ‘^UseDNS|^GSSAPIAuth‘ /etc/ssh/sshd_config
2、在ansible的主控端配置本地yum源和網絡yum源。
cd /etc/yum.repos.d
mkdir -pv bak
mv -vf *.repo bak/
wget -O /etc/yum.repos.d/6epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
wget -O /etc/yum.repos.d/6CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
rpm -ivh http://repo.zabbix.com/zabbix/2.4/rhel/6/x86_64/zabbix-release-2.4-1.el6.noarch.rpm
sed -ri ‘s/\$releasever/6/g‘ 6CentOS-Base.repo
cat > rhel6.5.repo <<-EOF
[rhel6.5]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=file:///dvd
enabled=1
gpgcheck=0
EOF
yum clean all
yum makecache fast
yum list zabbix ansible
yum install zabbix-server-mysql zabbix-web-mysql zabbix-agent --enablerepo=zabbix -y
rpm -qa |grep zabbix
3、安裝ansible,用ansible上傳yum源到被控端主機。
yum install -y ansible
yum install -y curl elinks lynx createrepo
grep -b2 ‘^\[test\]‘ /etc/ansible/hosts || echo -e ‘[test]\n192.168.10.11\n192.168.10.12‘ >> /etc/ansible/hosts
ansible test -m ping
ansible test -m copy -a ‘src=/etc/ssh/sshd_config dest=/etc/ssh/‘
ansible test -m shell -a ‘service sshd restart‘
ansible test -m shell -a ‘rm -rf /etc/yum.repos.d/*;ls /etc/yum.repos.d/‘
ansible test -m copy -a ‘src=/etc/yum.repos.d/ dest=/etc/yum.repos.d/ force=yes mode=755‘
ansible test -m shell -a ‘ls /etc/yum.repos.d‘
4、用ansible管理被控端主機的系統、軟件和服務。
ansible test -m shell -a ‘rpm -q httpd mysql-server php‘
ansible test -m yum -a ‘name=httpd state=present‘
ansible test -m yum -a ‘name=mysql-server state=present‘
ansible test -m yum -a ‘name=php state=present‘
ansible test -m shell -a ‘rpm -q httpd mysql-server php‘
ansible test -m service -a ‘name=httpd state=restarted enabled=1‘
ansible test -m service -a ‘name=mysqld state=restarted enabled=1‘
ansible test -m shell -a ‘yum install -y curl elinks lynx createrepo --enablerepo=rhel6.5‘
ansible test -m shell -a ‘rpm -q curl elinks lynx createrepo‘
ansible test -m shell -a "echo ‘<?php phpinfo() ?>‘ > /var/www/html/p.php"
ansible test -m shell -a "echo ‘apache test‘ > /var/www/html/a.html"
ansible test -m shell -a ‘curl 127.0.0.1/a.html‘
ansible test -m shell -a ‘mysql -e "grant all on *.* to admin identified by ‘admin with grant option;flush privileges‘"‘
ansible test -m shell -a ‘mysql -uadmin -padmin -e "show databases;select user,host,password from mysql.user;"‘
5、用playbooks劇本(yaml腳本文件)來管理被控端。
目標1:編寫一個playbooks劇本install_lamp.yaml,實現全自動部署LAMP環境。
vim install_lamp.yaml
- hosts: all
vars:
http_port: 80
remote_user: root
tasks:
- name: apache
yum: pkg=httpd state=present
notify:
- apache restart
- name: mysql-server
yum: pkg=mysql-server state=present
notify:
- mysqld restart
- name: php
yum: pkg=php state=present
handlers:
- name: apache restart
service: name=httpd state=restarted
- name: mysqld restart
service: name=mysqld state=restarted
運行劇本:ansible-playbook install_lamp.yaml
驗證:ansible test -m shell -a ‘rpm -q httpd mysql-server php‘
目標2:編寫一個playbooks劇本remove_lamp.yaml,實現全自動卸載LAMP環境。
vim remove_lamp.yaml
- hosts: all
vars:
http_port: 80
remote_user: root
tasks:
- name: apache
yum: pkg=httpd state=absent
- name: mysql-server
yum: pkg=mysql-server state=absent
- name: php
yum: pkg=php state=absent
運行劇本:ansible-playbook remove_lamp.yaml
驗證:ansible test -m shell -a ‘rpm -q httpd mysql-server php‘
本文出自 “網絡技術天地” 博客,請務必保留此出處http://1364952.blog.51cto.com/1354952/1958483
ansible集中化自動管理(部署LAMP環境)