使用playbook实现一键部署nfs

环境准备

主机名	安装服务	wan	lan
web01	nfs客户端	10.0.0.7	172.16.1.7
web02	nfs客户端	10.0.0.8	172.16.1.8
nfs	nfs服务端	10.0.0.9	172.16.1.9
backup	backup服务端	10.0.0.41	172.16.1.41

流程分析

1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户

    1.安装nfs-utils
    2.拷贝nfs配置文件
    3.创建共享目录
    4.启动nfs服务端
    	1.在nfs服务端安装sersync
    	2.拷贝sersync配置文件到nfs服务端
    	3.nfs服务端配置rsync密码文件
    	4.启动sersync

主机清单

mkdir /root/ansible/nfs -p && 
vim ansible/nfs/hosts

[web_group]
web01 ansible_ssh_host=172.16.1.7 asible_ssh_user=root ansible_ssh_port=22
web02 ansible_ssh_host=172.16.1.8 asible_ssh_user=root ansible_ssh_port=22

[nfs_group]
nfs ansible_ssh_host=172.16.1.31 asible_ssh_user=root ansible_ssh_port=22

[backup_group]
backup ansible_ssh_host=172.16.1.41 asible_ssh_user=root ansible_ssh_port=22

nfs配置文件

vim /root/ansible/nfs/exports

/wordpress_backup 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)

sersync配置文件

[root@nfs ~]# vim /root/ansible/nfs/sersync.conf

<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
    <host hostip="localhost" port="8008"></host>
    <debug start="false"/>
    <fileSystem xfs="false"/>
    <filter start="false">
	<exclude expression="(.*).svn"></exclude>
	<exclude expression="(.*).gz"></exclude>
	<exclude expression="^info/*"></exclude>
	<exclude expression="^static/*"></exclude>
    </filter>
    <inotify>
	<!-- inotify监控的事件，true为监控，false为不监控 -->
	<delete start="true"/>
	<createFolder start="true"/>
	<createFile start="true"/>
	<closeWrite start="true"/>
	<moveFrom start="true"/>
	<moveTo start="true"/>
	<attrib start="true"/>
	<modify start="true"/>
    </inotify>

    <sersync>
	<!-- 监控的目录和rsync服务器的IP地址，rsync的模块名称 -->
	<localpath watch="/data">
	    <remote ip="172.16.1.41" name="backup"/>
	    <!--<remote ip="192.168.8.39" name="tongbu"/>-->
	    <!--<remote ip="192.168.8.40" name="tongbu"/>-->
	</localpath>
	<rsync>
	    <!--rsync推送的选项-->
	    <commonParams params="-az"/>
	    <!--是否开启认证,认证模块的用户名,用于认证的本地密码配置文件-->
	    <auth start="true" users="backup" passwordfile="/etc/rsync.passwd"/>
	    <userDefinedPort start="false" port="874"/><!-- port=874 -->
	    <timeout start="false" time="100"/><!-- timeout=100 -->
	    <ssh start="false"/>
	</rsync>
	<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
	<crontab start="false" schedule="600"><!--600mins-->
	    <crontabfilter start="false">
		<exclude expression="*.php"></exclude>
		<exclude expression="info/*"></exclude>
	    </crontabfilter>
	</crontab>
	<plugin start="false" name="command"/>
    </sersync>

    <plugin name="command">
	<param prefix="/bin/sh" suffix="" ignoreError="true"/>	<!--prefix /opt/tongbu/mmm.sh suffix-->
	<filter start="false">
	    <include expression="(.*).php"/>
	    <include expression="(.*).sh"/>
	</filter>
    </plugin>

    <plugin name="socket">
	<localpath watch="/opt/tongbu">
	    <deshost ip="192.168.138.20" port="8009"/>
	</localpath>
    </plugin>
    <plugin name="refreshCDN">
	<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
	    <cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
	    <sendurl base="http://pic.xoyo.com/cms"/>
	    <regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
	</localpath>
    </plugin>
</head>

yml

vim /root/ansible/nfs/nfs.yml

- hosts: all
  tasks:

    - name: Install nfs nfs-utils
      yum:
        name: nfs-utils
        state: present
      when: ansible_fqdn is match 'nfs*'

    - name: Install web nfs-utils
      yum:
        name: nfs-utils
        state: present
      when: ansible_fqdn is match 'web*'


    - name: content NFS Server
      copy:
        content: "/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
"
        dest: /etc/exports
        owner: root
        group: root
        mode: 0644
      when: ansible_fqdn is match 'nfs*'

    - name: Create data Directory
      file:
        path: "{{ item }}"
        state: directory
        owner: www
        group: www
        mode: 0755
        recurse: yes
      with_items:
        - "/data"
        - "/data/wordpress"
        - "/data/WeCenter"
      when: ansible_fqdn is match 'nfs*'
    
    - name: wget rsync
      shell: "wget http://test.driverzeng.com/other/sersync2.5.4_64bit_binary_stable_final.tar.gz"

    - name: jieya sersync
      unarchive:
        src: /root/sersync2.5.4_64bit_binary_stable_final.tar.gz
        dest: /root
        copy: no
      when: ansible_fqdn is match 'nfs*'

    - name: gaiming
      shell: "mv /root/GNU-Linux-x86 /usr/local/sersync"
      when: ansible_fqdn is match 'nfs*'
      ignore_errors: yes

    - name: copy sersync.conf
      copy:
        src: /root/ansible/nfs/sersync.conf
        dest: /usr/local/sersync/confxml.xml
        backup: yes
      when: ansible_fqdn is match 'nfs*'

    - name: Start NFS Server
      systemd:
        name: nfs-server
        state: started
        enabled: yes
      when: ansible_fqdn is match 'nfs*'

    - name: Start NFS Server
      systemd:
        name: nfs-server
        state: started
        enabled: yes
      when: ansible_fqdn is match 'web*'

    - name: content NFS Server
      copy:
        content: "123
"
        dest: /etc/rsync.passwd
        owner: root
        group: root
        mode: 0600
      when: ansible_fqdn is match 'nfs*'

    - name: start sersync
      shell: /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
      when: ansible_fqdn is match 'nfs*'

    - name: Mount NFS Server
      mount:
        path: /opt
        src: 172.16.1.31:/data
        fstype: nfs
        opts: defaults
        state: mounted
      when: ansible_fqdn is match 'web*'
    

执行

1.执行base.yml
[root@m01 ~]# ansible-playbook ansible/base.yml 

2.执行rsync.yml
[root@m01 ~]# ansible-playbook ansible/nfs/nfs.yml -i /root/ansible/nfs/hosts