ansible-role安装nginx，keepalived，tomcat

role下载地址
链接：https://pan.baidu.com/s/1DVdt1iykf8z9kqlaqW9p6Q 
提取码：cnkx 
复制这段内容后打开百度网盘手机App，操作更方便哦

架构

roles目录结构

[root@localhost roles]# tree
.
├── keepalived
│   ├── files
│   ├── handlers
│   │   └── main.yml
│   ├── tasks
│   │   └── main.yml
│   ├── templates
│   │   ├── backup_keepalived.conf.j2  #主keepalived配置文件
│   │   └── master_keepalived.conf.j2  #从keepalived配置文件
│   └── vars
│       └── main.yml
├── nginx
│   ├── default
│   │   └── main.yml
│   ├── files
│   │   ├── nginx-1.16.0.tar.gz    #nginx源码包
│   │   └── nginx.service            #systemctl接管nginx服务文件
│   ├── handlers
│   │   └── main.yml
│   ├── meta
│   │   └── main.yml
│   ├── tasks
│   │   └── main.yml
│   ├── templates
│   │   └── nginx.conf.ji2           #nginx配置文件
│   └── vars
│       └── main.yml
├── site.yml
└── tomcat
    ├── default
    │   └── main.yml
    ├── files
    │   ├── apache-tomcat-8.5.37.tar.gz   #tomcat二进制包
    │   └── jdk-8u144-linux-x64.gz          #jdk二进制包
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── tasks
    │   └── main.yml
    ├── templates
    │   ├── java.sh.j2                    #初始java环境变量文件
    │   ├── setclasspath.sh.j2        #tomcat设置java环境变量脚本
    │   └── tomcat.service.j2         #systemctl接管tomcat服务文件
    └── vars
        └── main.yml　　

site.xml

- hosts: lb
  remote_user: root
  roles:
  - nginx

- hosts: server
  remote_user: root
  roles:
  - tomcat

- hosts: lb
  remote_user: root
  roles:
  - keepalived　

nginx roles

• tasks/main.yml

#安装gcc环境
- name: install gcc env
  yum: name={{ item }} state=present 
  with_items:
  - gcc
  - patch
  - libffi-devel
  - python-devel
  - zlib-devel
  - bzip2-devel
  - openssl-devel 
  - ncurses-devel
  - sqlite-devel
  - readline-devel
  - tk-devel
  - gdbm-devel
  - libpcap-devel
  - xz-devel
  - openssl
  - openssl-devel

#拷贝nginx源码包到目标机器
- name: unarchive nginx.tar.gz
  unarchive: src=nginx-1.16.0.tar.gz dest=/tmp/
  tags:
  - jieya

#编译nginx
- name: bianyi nginx
  shell: cd /tmp/nginx-1.16.0 && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module && make && make install
  tags:
  - bianyi

#复制systemctl接管nginx的服务文件
- name: copy nginx.service
  copy: src=nginx.service dest=/usr/lib/systemd/system/nginx.service

#重载systemd
- name: systemctl daemon-reload  
  shell: /usr/bin/systemctl daemon-reload

#复制nginx配置文件
- name: copy nginx.conf
  template: src=nginx.conf.ji2 dest=/usr/local/nginx/conf/nginx.conf
  notify: 
  - reload-nginx
  tags:
  - reload nginx

#启动nginx
- name: start nginx
  service: name=nginx state=started enabled=true　　

• handlers/main.yml

- name: reload-nginx
  shell: name=nginx state=reloaded

• templates/main.yml：这个配置文件需要更具自己业务对应更改，不要复制下面的配置文件，主要是为了替换里面的内容

worker_processes  {{ ansible_processor_vcpus }};
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream tomcat {
        server {{ TOMCAT_SERVER1 }};
        server {{ TOMCAT_SERVER2 }};
    }
    server {
        listen       80;
        server_name  localhost;
        location / {
            proxy_pass http://tomcat;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

• vars/main.yml

TOMCAT_SERVER1: 192.168.2.5:8080
TOMCAT_SERVER2: 192.168.2.6:8080

　

Tomcat roles

• tasks/main.yml　

#复制jdk到目标主机
- name: cp jdk1.8
  unarchive: src=jdk-8u144-linux-x64.gz dest=/usr

#创建链接
- name: jdk setup
  file: src=/usr/jdk1.8.0_144 path={{ JAVA_HOME }} state=link

#配置java环境变量脚本
- name: jdk env
  template: src=java.sh.j2 dest=/etc/profile.d/java.sh 

#加载环境变量
- name: source java
  shell: source /etc/profile.d/java.sh

#复制tomcat到目标主机
- name: cp tomcat
  unarchive: src=apache-tomcat-8.5.37.tar.gz dest=/usr/

#创建链接
- name: tomcat setup
  file: src=/usr/apache-tomcat-8.5.37 path={{ CATALINA_HOME }} state=link

#配置tomcat环境变量
- name: tomcat env
  template: src=setclasspath.sh.j2 dest={{ CATALINA_HOME }}/bin/setclasspath.sh
  
#复制systemd接管tomcat的服务文件
- name: cp tomcat.service
  template: src=tomcat.service.j2 dest=/usr/lib/systemd/system/tomcat.service

#重载systemd
- name: daemonreload
  shell: /usr/bin/systemctl daemon-reload

#启动tomcat
- name: start tomcat
  service: name=tomcat state=started enabled=true

• templates/java.sh.j2

export JAVA_HOME={{ JAVA_HOME }}
export PATH=$JAVA_HOME/bin:$PATH

• /templates/setclasspath.sh.j2

#!/bin/sh
export JAVA_HOME={{ JAVA_HOME }}
# Licensed to the Apache Software Foundation (ASF) under one or more
#.....
#.....
#只需要配置java_home，其他的默认

• templates/tomcat.service.j2

[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart={{ CATALINA_HOME }}/bin/startup.sh
ExecStop={{ CATALINA_HOME }}/bin/shutdown.sh
PrivateTmp=true

[Install]
WantedBy=multi-user.target

• vars/main.yml

JAVA_HOME: /usr/java
CATALINA_HOME: /usr/tomcat

　　

 Keepalived roles

• tasks/main.yml

#安装keepalived
- name: install keepalived
  yum: name=keepalived state=present

#复制主配置文件
- name: copy master_conf
  template: src=master_keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
  when:  ansible_default_ipv4.address  == "192.168.2.3"
  notify:
  - restart keepalived

#复制从配置文件
- name: copy backup_conf
  template: src=backup_keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
  when:  ansible_default_ipv4.address  == "192.168.2.4"
  notify:
  - restart keepalived

#重启keepalived
- name: start keepalived
  service: name=keepalived state=started

• templates/master_keepalived.conf.j2

! Configuration File for keepalived
 
global_defs {
   #notification_email {
   #  acassen@firewall.loc
   #  failover@firewall.loc
   #  sysadmin@firewall.loc
   #}
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id {{ master_router_id }}
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
 
vrrp_instance VI_1 {
    state MASTER
    interface {{ ansible_default_ipv4.alias }}
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        {{ virtual_ipaddress }}
    }
}

• templates/backup_keepalived.conf.j2

! Configuration File for keepalived
 
global_defs {
   #notification_email {
   #  acassen@firewall.loc
   #  failover@firewall.loc
   #  sysadmin@firewall.loc
   #}
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id {{ backup_router_id }}
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
 
vrrp_instance VI_1 {
    state BACKUP
    interface {{ ansible_default_ipv4.alias }}
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        {{ virtual_ipaddress }}
    }
}

• vars/main.yml

virtual_ipaddress: 192.168.2.88

master_router_id: MA
master_priority: 100
master_ipaddress: 192.168.2.3
master_state: MASTER

backup_router_id: BA
backup_priority: 99
backup_ipaddress: 192.168.2.4
backup_state: BACKUP

• handlers/main.yml

- name: restart keepalived
  service: name=keepalived state=restarted