ansible部署lnmp架构_办公生活

ansible部署lnmp架构

创始人

2024-01-13 00:31:12

环境准备：

主机名	IP	服务	系统
ansible	192.168.160.131	ansible	CentOS-8.5
nginx	192.168.160.132	nginx	CentOS-8.5
mysql	192.168.160.137	mysql	CentOS-8.5
php	192.168.160.139	php	CentOS-8.5

1、生成私钥，对另外三台主机进行免密登入

[root@ansible ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? yes
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Ny1q6A+oJY8ZDV3+eX0hpKzOYWvrtR5/FipNa7DWj+0 root@ansible
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|                 |
|      .     .    |
|   . o   . +     |
|  . . . S * o .  |
|   o . o =.+.... |
|  o + o O +*.o.. |
|   O . *.=++*+o  |
|  + . .+B+ooo=E  |
+----[SHA256]-----+
[root@ansible ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.160.132
[root@ansible ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.160.137
[root@ansible ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.160.139

2.构建Ansible清单

[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# vim hosts 
//添加受管主机
192.168.160.132
192.168.160.137
192.168.160.139

3. 受管主机安装python3

[root@nginx ~]# yum -y install python3
[root@mysql ~]# yum -y install python3
[root@php ~]# yum -y install python3

4. 管理nginx受管主机部署nginx服务

//创建系统用户nginx
[root@ansible ansible]# ansible 192.168.160.132 -m user -a 'name=nginx system=yes shell=/sbin/nologin state=present'//安装依赖包
[root@ansible ansible]# ansible 192.168.160.132 -m yum -a 'name=pcre-devel,openssl,openssl-devel,gd-devel,gcc,gcc-c++,make,wget state=present'//创建日志存放目录
[root@ansible ansible]# ansible 192.168.160.132 -m file -a 'path=/var/log/nginx state=directory'
[root@ansible ansible]# ansible 192.168.160.132 -m file -a 'path=/var/log/nginx state=directory owner=nginx group=nginx'//下载nginx并解压
[root@ansible ansible]# ansible 192.168.160.132 -a 'wget http://nginx.org/download/nginx-1.20.2.tar.gz'
[root@ansible ansible]# ansible 192.168.160.132 -a 'tar xf nginx-1.20.2.tar.gz'//编写编译脚本，然后进行编译安装
[root@ansible ansible]# mkdir scripts/
[root@ansible ansible]# vim scripts/a.sh 
#!/bin/bashcd nginx-1.20.2
./configure --prefix=/usr/local/nginx
--user=nginx --group=nginx --with-debug 
--with-http_ssl_module
--with-http_realip_module
--with-http_image_filter_module
--with-http_gunzip_module
--with-http_gzip_static_module
--with-http_stub_status_module
--http-log-path=/var/log/nginx/access.log
--error-log-path=/var/log/nginx/error.log
[root@ansible ansible]# chmod +x scripts/a.sh 
[root@ansible ansible]# ansible 192.168.160.132 -m script -a '/etc/ansible/scripts/a.sh'[root@ansible ansible]# ansible 192.168.160.132 -m shell -a 'cd nginx-1.20.2 && make && make install '//配置环境变量
[root@ansible ansible]# ansible 192.168.160.132 -m shell -a 'echo "export PATH=/usr/local/nginx/sbin:$PATH" > /etc/profile.d/nginx.sh'
[root@ansible ansible]# ansible 192.168.160.132 -m shell -a '. /etc/profile.d/nginx.sh'[root@ansible ansible]# ansible 192.168.160.132  -a 'nginx'
[root@ansible ansible]# ansible 192.168.160.132  -a 'ss -anlt'
192.168.160.132 | CHANGED | rc=0 >>
State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0      128          0.0.0.0:80        0.0.0.0:*          
LISTEN 0      128          0.0.0.0:22        0.0.0.0:*          
LISTEN 0      128             [::]:22           [::]:* //编写service文件
[root@ansible ansible]# vim scripts/nginx.sh
#!/bin/bashcat > /usr/lib/systemd/system/nginx.service <>
State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0      128          0.0.0.0:80        0.0.0.0:*          
LISTEN 0      128          0.0.0.0:22        0.0.0.0:*          
LISTEN 0      128             [::]:22           [::]:* //创建存放网站名称,写入php网页信息
[root@ansible ansible]# ansible 192.168.160.132 -a 'rm -rf /usr/local/nginx/html/*'[root@ansible ansible]# vim scripts/nginx.php.sh#!/bin/bash
cat > /usr/local/nginx/html/index.php <
EOF
[root@ansible ansible]# chmod +x scripts/nginx.php.sh 
[root@ansible ansible]# ansible 192.168.160.132 -m script -a '/etc/ansible/scripts/nginx.php.sh'//修改nginx服务的配置

5. 管理mysql受管主机部署mysql服务

//创建系统用户msyql
[root@ansible ansible]# ansible 192.168.160.137 -m user -a 'name=mysql system=yes shell=/sbin/nologin state=present'//安装依赖包
[root@ansible ansible]# ansible 192.168.160.137 -m yum -a 'name=ncurses-compat-libs,perl,ncurses-devel,openssl-devel,openssl,cmake,mariadb-devel state=present'//下载nginx并解压
[root@ansible ansible]# ansible 192.168.160.137 -a 'wget https://mirrors.aliyun.com/mysql/MySQL-8.0/mysql-8.0.28-linux-glibc2.12-x86_64.tar.xz?spm=a2c6h.25603864.0.0.7a2e70b2GVOPCU'
[root@ansible ansible]# ansible 192.168.160.137 -a 'tar xf mysql-8.0.28-linux-glibc2.12-x86_64.tar.xz'//修改MySQL数据库名称
[root@ansible ansible]# ansible 192.168.160.137 -a 'mv mysql-8.0.28-linux-glibc2.12-x86_64 mysql'
[root@ansible ansible]# ansible 192.168.160.137 -a 'mv mysql /usr/local/'//修改目录/usr/local/mysql的属主属组
[root@ansible ansible]# ansible 192.168.160.137 -m file -a 'path=/usr/local/mysql owner=mysql group=mysql'//添加环境变量
[root@ansible ansible]# ansible 192.168.160.137 -m shell -a 'echo "export PATH=/usr/local/mysql/bin:$PATH" > /etc/profile.d/mysql.sh'
[root@ansible ansible]# ansible 192.168.160.137 -m shell -a 'source /etc/profile.d/mysql.sh'//头文件
[root@ansible ansible]# ansible 192.168.160.137 -a 'ln -sv /usr/local/mysql/include/ /usr/include/mysql'//库文件
[root@ansible ansible]# ansible 192.168.160.137 -m shell -a 'echo "/usr/local/mysql/lib/" > /etc/ld.so.conf.d/mysql.conf'//man文档
[root@ansible ansible]# ansible 192.168.160.137 -a 'sed -i "22a MANDATORY_MANPATH                         /usr/local/mysql/man" /etc/man_db.conf'//建立数据存放目录
[root@ansible ansible]# ansible 192.168.160.137 -m file -a 'path=/opt/data state=directory owner=mysql group=mysql'//初始化数据库 
[root@ansible ansible]# ansible 192.168.160.137 -m shell -a '/usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/'
192.168.160.137 | CHANGED | rc=0 >>
2022-10-22T10:16:43.715352Z 0 [System] [MY-013169] [Server] /usr/local/mysql/bin/mysqld (mysqld 8.0.28) initializing of server in progress as process 42021
2022-10-22T10:16:43.729133Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2022-10-22T10:16:44.704775Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2022-10-22T10:16:46.845493Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: 1eP>h#nRO&;7//配置服务启动脚本
[root@ansible ansible]# ansible 192.168.160.137 -a 'cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld'
[root@ansible ansible]# ansible 192.168.160.137 -a 'sed  -i "46cbasedir=/usr/local/mysql" /etc/init.d/mysqld'
[root@ansible ansible]# ansible 192.168.160.137 -a 'sed  -i "47cdatadir=/opt/data" /etc/init.d/mysqld'//编写mysql配置文件和service文件
[root@ansible ansible]# vim scripts/mysql.sh 
#!/bin/bashcat > /etc/my.cnf < /usr/lib/systemd/system/mysqld.service <>
State  Recv-Q Send-Q Local Address:Port  Peer Address:PortProcess
LISTEN 0      128          0.0.0.0:22         0.0.0.0:*          
LISTEN 0      128                *:3306             *:*          
LISTEN 0      128             [::]:22            [::]:* //修改数据库密码
[root@ansible ansible]# ansible 192.168.160.137 -a 'mysqladmin -uroot -p"1eP>h#nRO&;7" password 123456'
192.168.160.137 | CHANGED | rc=0 >>
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety.//重启mysql服务
[root@ansible ansible]# ansible 192.168.160.137 -m service -a 'name=mysqld state=restarted'
[root@ansible ansible]# ansible 192.168.160.137 -a 'ss -anlt'
192.168.160.137 | CHANGED | rc=0 >>
State  Recv-Q Send-Q Local Address:Port  Peer Address:PortProcess
LISTEN 0      128          0.0.0.0:22         0.0.0.0:*          
LISTEN 0      128                *:3306             *:*          
LISTEN 0      128             [::]:22            [::]:*

5. 管理php受管主机部署php服务

//安装依赖包
[root@ansible ansible]# ansible 192.168.160.139 -m yum -a 'name=gcc,gcc-c++,vim,make,wget,libxml2,libxml2-devel,openssl,openssl-devel,bzip2,bzip2-devel,libcurl,libcurl-devel,libicu-devel,libjpeg,libjpeg-devel,libpng,libpng-devel,openldap-devel,pcre-devel,freetype,freetype-devel,gmp,gmp-devel,libmcrypt,libmcrypt-devel,readline,readline-devel,libxslt,libxslt-devel,mhash,mhash-devel,php-mysqlnd state=present'
[root@ansible ansible]# ansible 192.168.160.139 -a 'yum -y install  http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm'//下载PHP并解压
[root@ansible ansible]# ansible 192.168.160.139 -a 'wget https://www.php.net/distributions/php-8.1.11.tar.gz'
[root@ansible ansible]# ansible 192.168.160.139 -a 'tar xf php-8.1.11.tar.gz -C /usr/src'//编译安装php
#编译脚本
[root@ansible ansible]# vim scripts/php.sh
#!/bin/bashcd /usr/src/php-8.1.11/
./configure --prefix=/usr/local/php8 --with-config-file-path=/etc --enable-fpm --enable-inline-optimization --disable-debug --disable-rpath --enable-shared --enable-soap --with-openssl --enable-bcmath --with-iconv --with-bz2 --enable-calendar --with-curl --enable-exif --enable-ftp --enable-gd --with-jpeg --with-zlib-dir --with-freetype --with-gettext --enable-json --enable-mbstring --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-readline --enable-shmop --enable-simplexml --enable-sockets --with-zip --enable-mysqlnd-compression-support --with-pear --enable-pcntl --enableposix 
[root@ansible ansible]# chmod +x scripts/php.sh 
[root@ansible ansible]# ansible 192.168.160.139 -m script -a '/etc/ansible/scripts/php.sh'
[root@ansible ansible]# ansible 192.168.160.139 -m shell -a 'cd /usr/src/php-8.1.11/ && make && make install'//安装后配置
[root@ansible ansible]# ansible 192.168.160.139 -m shell -a 'echo "export PATH=/usr/local/php8/bin/:$PATH" > /etc/profile.d/php8.sh
[root@ansible ansible]# ansible 192.168.160.139 -m shell -a 'source /etc/profile.d/php8.sh'
[root@ansible ansible]# ansible 192.168.160.139 -a 'php -v'
192.168.160.139 | CHANGED | rc=0 >>
PHP 8.1.11 (cli) (built: Oct 22 2022 09:23:40) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.11, Copyright (c) Zend Technologies//配置php-fpm
[root@ansible ansible]# ansible 192.168.160.139 -a '\cp /usr/src/php-8.1.11/php.ini-production /etc/php.ini'
[root@ansible ansible]# ansible 192.168.160.139 -a '\cp /usr/src/php-8.1.11/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm'
[root@ansible ansible]# ansible 192.168.160.139 -m file -a 'path=/etc/init.d/php-fpm mode=755'
[root@ansible ansible]# ansible 192.168.160.139 -a '\cp /usr/local/php8/etc/php-fpm.conf.default  /usr/local/php8/etc/php-fpm.conf'
[root@ansible ansible]# ansible 192.168.160.139 -a '\cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf'//启动php-fpm
[root@ansible ansible]# ansible 192.168.160.139 -a 'service php-fpm start'
192.168.160.139 | CHANGED | rc=0 >>
Starting php-fpm  done
[root@ansible ansible]# ansible 192.168.160.139 -a 'ss -anlt'
192.168.160.139 | CHANGED | rc=0 >>
State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0      128        127.0.0.1:9000      0.0.0.0:*          
LISTEN 0      128          0.0.0.0:22        0.0.0.0:*          
LISTEN 0      128             [::]:22           [::]:*//连接nginx和php
##生成php测试页面
[root@ansible ansible]# ansible 192.168.160.139 -m file -a 'path=/usr/local/nginx state=directory'
[root@ansible ansible]# ansible 192.168.160.139 -m file -a 'path=/usr/local/nginx/html state=directory'[root@ansible ansible]# vim scripts/n-p.sh
#!/bin/bashcat > /usr/local/nginx/html/index.php << EOF

EOF[root@ansible ansible]# chmod +x scripts/n-p.sh 
[root@ansible ansible]# ansible 192.168.160.139 -m script -a '/etc/ansible/scripts/n-p.sh' //修改nginx配置文件
[root@ansible ansible]# ansible 192.168.160.139 -a 'sed -i "36clisten = 192.168.160.139:9000" /usr/local/php8/etc/php-fpm.d/www.conf'
[root@ansible ansible]# ansible 192.168.160.139 -a 'sed -i "63clisten.allowed_clients = 192.168.160.132" /usr/local/php8/etc/php-fpm.d/www.conf'[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "45c                   index  index.php index.html index.htm;" /usr/local/nginx/conf/nginx.conf' 
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "65c     location ~ \.php$ {" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "66c     root           html;" /usr/local/nginx/conf/nginx.conf' 
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "67c     fastcgi_pass   192.168.160.139:9000;" /usr/local/nginx/conf/nginx.conf
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "68c     fastcgi_index  index.php;" /usr/local/nginx/conf/nginx.conf' 
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "69c     fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "70c      include        fastcgi_params;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible 192.168.160.132 -a 'sed -i "71c      }" /usr/local/nginx/conf/nginx.conf'//重启nginx和php服务
[root@ansible ansible]# ansible 192.168.160.132 -m service -a 'name=nginx state=restarted'
[root@ansible ansible]# ansible 192.168.160.139 -a 'service php-fpm restart'

访问web
在这里插入图片描述

上一篇：机器学习（周志华）课后习题

下一篇：C++ 【UVA488】Triangle Wave

ansible部署lnmp架构

1、生成私钥，对另外三台主机进行免密登入

2.构建Ansible清单

3. 受管主机安装python3

4. 管理nginx受管主机部署nginx服务

5. 管理mysql受管主机部署mysql服务

5. 管理php受管主机部署php服务

相关内容

热门资讯