一、配置主机清单
[root@m01 ~]# cat /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
#web03 ansible_ssh_pass='1'
[slb]
lb01 ansible_ssh_pass='1'
lb02 ansible_ssh_pass='1'
[db_group]
db01 ansible_ssh_pass='1'
db03 ansible_ssh_pass='1'
[nfs_server]
nfs ansible_ssh_pass='1'
[backup_server]
backup ansible_ssh_pass='1'
[nginx_group:children]
web_group
slb
[nfs_group:children]
nfs_server
web_group
[nginx_group:vars]
web=host_vars
二、配置keepalived剧本
[root@m01 ~]# cat keepalived.yml
- hosts: slb
vars_files: upstream_vars.yml
tasks:
- name: Install keepalived
yum:
name: keepalived
state: present
- name: Config keepalive
template:
src: /root/conf/keepalived.j2
dest: /etc/keepalived/keepalived.conf
- name: Start keepalived
systemd:
name: keepalived
state: restarted
三、配置wordpress剧本
[root@m01 ~]# cat lnmp.yml
- hosts: all
vars_files: upstream_vars.yml
tasks:
- name: Stop selinux
selinux:
state: disabled
- name: Stop Firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: Install unzip
yum:
name: unzip
state: present
- name: Create www Group
group:
name: www
gid: 666
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
- name: Copy nginx.repo
copy:
src: /root/conf/nginx.repo
dest: /etc/yum.repos.d/
when: (ansible_fqdn is match "lb*") or (ansible_fqdn is match "web*")
- name: Install Nginx Server
yum:
name: nginx
state: present
when: (ansible_fqdn is match "lb*") or (ansible_fqdn is match "web*")
- name: Config Nginx Server
copy:
src: /root/conf/nginx.conf
dest: /etc/nginx/
when: (ansible_fqdn is match "lb*") or (ansible_fqdn is match "web*")
notify: restart_all_nginx
- name: Config slb Server
template:
src: /root/conf/proxy.j2
dest: /etc/nginx/conf.d/proxy.conf
when: ansible_fqdn is match "lb*"
notify: restart_slb
- name: Copy proxy_params
copy:
src: /root/conf/proxy_params
dest: /etc/nginx/
when: ansible_fqdn is match "lb*"
- name: Start slb Server
systemd:
name: nginx
state: started
when: ansible_fqdn is match "lb*"
- name: Config nginx Server
copy:
src: /root/conf/linux.wp.com.conf
dest: /etc/nginx/conf.d/
when: ansible_fqdn is match "web*"
notify: restart_code_nginx
- name: Mkdir Code
file:
path: /code
state: directory
when: ansible_fqdn is match "web*"
- name: Tar wordpress and php
unarchive:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: /root/package/wordpress-5.0.3-zh_CN.tar.gz, dest: /code/ }
- { src: /root/package/php.tar.gz, dest: /tmp/ }
when: ansible_fqdn is match "web*"
- name: Grant Code Dir
file:
path: /code
owner: www
group: www
recurse: yes
when: ansible_fqdn is match "web*"
- name: Start Web Nginx Server
systemd:
name: nginx
state: started
enabled: yes
when: (ansible_fqdn is match "web*") or (ansible_fqdn is match "lb*")
- name: Get PHP Install status
shell: "rpm -qa | grep php"
ignore_errors: yes
register: get_php_install_status
- name: Install PHP Server
shell: yum localinstall -y /tmp/*.rpm
when:
- ansible_fqdn is match "web*"
- get_php_install_status.rc != 0
- name: Config php Server
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: /root/conf/php.ini, dest: /etc/ }
- { src: /root/conf/www.conf, dest: /etc/php-fpm.d/ }
when: ansible_fqdn is match "web*"
notify: restart_php
- name: Start php and nginx Server
systemd:
name: "{{ item.name }}"
state: started
enabled: yes
with_items:
- { name: php-fpm }
- { name: nginx }
when: ansible_fqdn is match "web*"
- name: Install Mariadb Server
yum:
name: "{{ db }}"
state: present
vars:
db:
- mariadb-server
- MySQL-python
when: ansible_fqdn == "db01"
- name: Start Mariadb Server
systemd:
name: mariadb
state: started
enabled: yes
when: ansible_fqdn == "db01"
- name: Create wordpress Database
mysql_db:
name: wordpress
state: present
when: ansible_fqdn == "db01"
- name: Create wordpress Database User
mysql_user:
name: "wp"
host: "172.16.1.%"
password: '123456'
priv: "wordpress.*:ALL"
state: present
when: ansible_fqdn == "db01"
- name: Install nfs Server
yum:
name: "{{ nfs_server }}"
state: present
vars:
nfs_server:
- nfs-utils
- rpcbind
when: (ansible_fqdn == "nfs") or (ansible_fqdn is match "web*")
- name: Config nfs Server
copy:
content: /data/wp-content 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
when: ansible_fqdn == "nfs"
- name: Mkdir data
file:
path: /data
state: directory
owner: www
group: www
when: ansible_fqdn == "nfs"
- name: Start nfs Server
systemd:
name: nfs
state: started
when: ansible_fqdn == "nfs"
- name: Copy wp-content to NFS
copy:
src: /root/package/wp-content
dest: /data
owner: www
group: www
when: ansible_fqdn == "nfs"
- name: Start rpcbind Server
systemd:
name: rpcbind
state: started
when: (ansible_fqdn == "nfs") or (ansible_fqdn is match "web*")
- name: Mount nfs
mount:
src: 172.16.1.31:/data/wp-content
path: /code/wordpress/wp-content/
fstype: nfs
opts: defaults
state: mounted
when: ansible_fqdn is match "web*"
- name: Install rsync Server
yum:
name: rsync
state: present
when: ansible_fqdn == "backup"
- name: Config Rsync Server
copy:
src: /root/conf/rsyncd.conf
dest: /etc/
when: ansible_fqdn == "backup"
- name: Config rsync.passwd
copy:
content: rsync_backup:123456
dest: /etc/rsync.passwd
mode: 0600
when: ansible_fqdn == "backup"
- name: Mkdir backup Dir
file:
path: /backup
state: directory
owner: www
group: www
when: ansible_fqdn == "backup"
- name: Start rsync Server
systemd:
name: rsyncd
state: started
when: ansible_fqdn == "backup"
- name: Install rsync and Inotify-tools Server
yum:
name:
- rsync
- inotify-tools
state: present
when: ansible_fqdn == "nfs"
- name: Install sersync Server
copy:
src: /root/package/sersync
dest: /usr/local/
mode: 0755
when: ansible_fqdn == "nfs"
- name: Config rsync.pass
copy:
content: 123456
dest: /etc/rsync.pass
mode: 0600
when: ansible_fqdn == "nfs"
- name: Start sersync
script: /root/start_rsync.sh
when: ansible_fqdn == "nfs"
handlers:
- name: restart_slb
systemd:
name: nginx
state: restarted
when: ansible_fqdn is match "lb*"
- name: restart_code_nginx
systemd:
name: nginx
state: restarted
when: ansible_fqdn is match "web*"
- name: restart_php
systemd:
name: php-fpm
state: restarted
when: ansible_fqdn is match "web*"
- name: restart_all_nginx
systemd:
name: nginx
state: restarted
when: (ansible_fqdn is match "lb*") or (ansible_fqdn is match "web*")
四、使用到的变量文件
[root@m01 ~]# cat upstream_vars.yml
ip: 172.16.1
web: web
nginx_port: 80
server_name: linux.wp.com
五、使用的jinja2模板
[root@m01 ~]# cat conf/proxy.j2
upstream {{ server_name }} {
{% for i in range(7,9) %}
server {{ ip }}.{{ i }};
{% endfor %}
}
server {
listen {{ nginx_port }};
server_name {{ server_name }};
location / {
proxy_pass http://{{ server_name }};
include proxy_params;
}
}
[root@m01 ~]# cat conf/keepalived.j2
global_defs {
router_id {{ ansible_fqdn }}
}
vrrp_instance VI_1 {
{% if ansible_fqdn == "lb01" %}
state MASTER
priority 100
{% else %}
state BACKUP
priority 90
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}