ansible里面有一个角色模块,初次学习,部署一个nginx服务器,然后可以进行管理:
先传送公钥给客户端:
[root@ansibleserver ~]# ssh-keygen [root@ansibleserver ~]# ssh-copy-id 192.168.40.147
同步时间:
[root@ansibleserver ~]# ntpdate 0.cn.pool.ntp.org 23 Oct 20:19:16 ntpdate[90632]: step time server 202.204.48.8 offset 62430.508769 sec [root@centos3 ~]# ntpdate 0.cn.pool.ntp.org 23 Oct 20:19:27 ntpdate[9383]: adjust time server 202.204.48.8 offset -0.012253 sec
首先定义安装nginx角色的路径:
[root@ansibleserver ~]# cat /etc/ansible/nginx.yaml - hosts: 192.168.40.147 remote_user: root roles: - nginx
然后进入role目录创建角色任务:
[root@ansibleserver ~]# cd /etc/ansible/roles/ [root@ansibleserver roles]# cd nginx [root@ansibleserver nginx]# ls files handlers tasks templates vars
files目录是存放软件安装包的;
handlers目录是定义其他main.yml文件里的触发器的,至少有一个main.yml文件;
tasks目录是定义安装过程的,至少有一个main.yml文件;
templates目录是定义推送到远端的配置文件的;
vars目录是定义变量的,至少有一个main.yml文件。
nginx安装包:
[root@ansibleserver nginx]# ls files/ nginx-1.12.0.tar.gz
定义触发器,当条件出发则nginx会被reload。
[root@ansibleserver nginx]# ls handlers/ main.yml [root@ansibleserver nginx]# cat handlers/main.yml - name: reload nginx shell: /opt/nginx/sbin/nginx -s reload
nginx安装过程:
[root@ansibleserver nginx]# ls tasks/ main.yml [root@ansibleserver nginx]# cat tasks/main.yml - name: sent nginx copy: src=nginx-1.12.0.tar.gz dest=/tmp/nginx-1.12.0.tar.gz ##将安装包推送到远端,会调用files目录下的安装包。 - name: tar nginx shell: cd /tmp;tar -xf nginx-1.12.0.tar.gz ##解压缩安装包。 - name: install packages yum: name={{ item }} state=latest ##使用with循环安装依赖包。 with_items: - openssl-devel - pcre-devel - name: install nginx shell: cd /tmp/nginx-1.12.0;./configure --user=nginx --group=nginx --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre;make && make install ##编译安装nginx - name: useradd nginx shell: useradd nginx -s /sbin/nologin ##添加nginx用户。 - name: copy nginx.conf template: src=nginx.conf dest=/opt/nginx/conf/nginx.conf ##将本地配置好的配置文件推送到远端,会调用templates目录下的文件。 tags: copynginx.conf ##打一个标签。 - name: start nginx shell: /opt/nginx/sbin/nginx ##开启nginx服务 notify: reload nginx ##触发器,当复制过去的文件有差异时便会出发handlers模块里的文件。 nginx配置文件,里面定义了一些变量,使得可以被用来安装多台nginx。 [root@ansibleserver nginx]# ls templates/ nginx.conf [root@ansibleserver nginx]# cat templates/nginx.conf #user nobody; worker_processes {{ ansible_processor_vcpus }}; ###ansible带的变量,可以通过命令ansible 192.168.40.147 -m setup 找到客户机相应的值。 #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘ # ‘$status $body_bytes_sent "$http_referer" ‘ # ‘"$http_user_agent" "$http_x_forwarded_for"‘; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen {{ nginx_port }}; ###监听端口,在vars模块中定义。 server_name {{ server_name }}; ###域名,在vars模块中定义。 #charset koi8-r; #access_log logs/host.access.log main; location / { root /web; index index.php index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # # location ~ \.php$ { # root /web; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # include fastcgi_params; # } # deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} include vhosts/*.conf; ###这里添加一条include,可以在安装nginx成功后方便管理时添加虚拟主机,或者模块。 }
定义传送给客户端nginx的配置文件的变量:
[root@ansibleserver nginx]# ls vars/ main.yml [root@ansibleserver nginx]# cat vars/main.yml nginx_port: "8080" server_name: "www.ls.com"
在/etc/ansible目录下执行。
[root@ansibleserver ansible]# ansible-playbook nginx.yaml PLAY [192.168.40.147] ********************************************************* GATHERING FACTS *************************************************************** ok: [192.168.40.147] TASK: [nginx | sent nginx] **************************************************** ok: [192.168.40.147] TASK: [nginx | tar nginx] ***************************************************** changed: [192.168.40.147] TASK: [nginx | install packages] ********************************************** ok: [192.168.40.147] => (item=openssl-devel,pcre-devel) TASK: [nginx | install nginx] ************************************************* changed: [192.168.40.147] TASK: [nginx | useradd nginx] ************************************************* changed: [192.168.40.147] TASK: [nginx | copy nginx.conf] *********************************************** ok: [192.168.40.147] TASK: [nginx | start nginx] *************************************************** changed: [192.168.40.147] NOTIFIED: [nginx | reload nginx] ********************************************** changed: [192.168.40.147] PLAY RECAP ******************************************************************** 192.168.40.147 : ok=9 changed=5 unreachable=0 failed=0
定义一个管理nginx的任务路径:
[root@ansibleserver ansible]# cat nginx_conf.yaml - hosts: 192.168.40.147 remote_user: root roles: - nginx_conf
配置和安装基本一样:
[root@ansibleserver nginx_conf]# cd /etc/ansible/roles/nginx_conf/ [root@ansibleserver nginx_conf]# tree . ├── files │ └── nginx-1.12.0.tar.gz ├── handlers │ └── main.yml ├── tasks │ └── main.yml ├── templates │ └── server.conf └── vars └── main.yml 5 directories, 5 files
只是在tasks里面利用客户端nginx配置文件里include添加一个虚拟主机:
[root@ansibleserver nginx_conf]# cat tasks/main.yml - name: mkdir vhosts shell: mkdir /opt/nginx/conf/vhosts - name: copy nginx.conf template: src=server.conf dest=/opt/nginx/conf/vhosts/{{ server_name }}.conf tags: copynginx.conf notify: reload nginx
然后按照相同的方式执行就可以了。
[root@ansibleserver ansible]# ansible-playbook nginx_conf.yaml PLAY [192.168.40.147] ********************************************************* GATHERING FACTS *************************************************************** ok: [192.168.40.147] TASK: [nginx_conf | mkdir vhosts] ********************************************* changed: [192.168.40.147] TASK: [nginx_conf | copy nginx.conf] ****************************************** changed: [192.168.40.147] NOTIFIED: [nginx_conf | reload nginx] ***************************************** changed: [192.168.40.147] PLAY RECAP ******************************************************************** 192.168.40.147 : ok=4 changed=3 unreachable=0 failed=0
本文出自 “运维小记” 博客,请务必保留此出处http://lsfandlinux.blog.51cto.com/13405754/1975373
原文地址:http://lsfandlinux.blog.51cto.com/13405754/1975373