Directory
Server host name and IP planning reference template
| Host name | eth0 Nic | eth1 Nic | Service Introduction |
|---|---|---|---|
| lb01 | 10.0.0.5/24 | 172.16.1.5/24 | Load service |
| lb02 | 10.0.0.6/24 | 172.16.1.6/24 | Load service |
| W EB01 | 10.0.0.7/24 | 172.16.1.7/24 | phpwww service |
| web02 | 10.0.0.8/24 | 172.16.1.8/24 | php www service |
| tweb01 | 10.0.0.9/24 | 172.16.1.9/24 | tomcat www service |
| db01 | 10.0.0.51/24 | 172.16.1.51/24 | Database Services |
| nfs01 | 10.0.0.31/24 | 172.16.1.31/24 | Storage Services |
| backup | 10.0.0.41/24 | 172.16.1.41/24 | backup service |
| m01 | 10.0.0.61/24 | 172.16.1.61/24 | Administrative Services |
SSH, Ansible, batch Management Service project修改ip地址sed -i ‘s#222#61#g‘ /etc/sysconfig/network-scripts/ifcfg-eth[01]永久修改主机名[[email protected] ~]# hostnamectl set-hostname oldboyedu-cc7[[email protected] data]# vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6172.16.1.5 lb01172.16.1.6 lo02172.16.1.7 web01172.16.1.8 web02172.16.1.9 sweb172.16.1.31 nfs172.16.1.41 backup172.16.1.51 db#批量推送其他主机[[email protected] data]# scp -rp /etc/hosts [email protected]:/etc///2.关闭firewalld防火墙systemctl disable firewalldsystemctl stop firewalldsystemctl status firewalld//3.关闭selinux# 方式一sed -ri ‘s#(^SELINUX=).*#\1disabled#g‘ /etc/selinux/config# 方式二sed -i ‘/^SELINUX=/c SELINUX=disabled‘ /etc/selinux/config# 方式三vim /etc/selinux/config# 临时生效setenforce 0 //4.优化ulimitecho ‘* - nofile 65535‘ >> /etc/security/limits.conf//5 重启快照
1. Create a key pair [[[email protected] ~]# ssh-keygen-t rsa-c xuliangwei.com #一路回车即可 [[email protected] ~]# ls ~/.ssh/id_r SA (key) id_rsa.pub (lock) * Send the key to the user who needs to log in [[email protected] ~]# ssh-copy-id-i ~/.ssh/id_rsa.pub [email protected]# Test # Telnet-to-end host mode [[email protected] ~]# ssh [email protected]# do not log in to host command [[email protected] ~] # SSH [email protected] "hostname-i". Ansible with Public key batch Management # Bulk distribution of public key and batch management servers with non-switching tools [[email protected] ~]# Ssh-copy-id-i ~/.ssh/id_rsa.pub [email protected][[email protected] ~]# yum install ansible-y//check ansible version [[email protected] ~]# ansible--versionansible 2.6.1 configuration ansible host list [[email protected] ~]# vim/etc/ansible/ HOSTS[LB]172.16.1.5172.16.1.6[WEB]172.16.1.7172.16.1.8[SWEB]172.16.1.9[NFS]172.16.1.31[BACKUP]172.16.1.41[DB] 172.16.1.51 Test # Ansible is probe communication via SSH port [[[email protected] ~]# ansible all-m ping# Batch Execution command [[email protected] ~]# Ansible all-m command-a "Df-h" [[email protected] ~]# ansible all-m commaND-A "hostname" Base.yaml- import_playbook: base.yaml- import_playbook: rsync.yaml- import_playbook: nfs.yaml- import_playbook: sersync.yaml- import_playbook: web.yaml- import_playbook: tweb.yaml- import_playbook: lb.yaml- import_playbook: keepalived.yaml- import_playbook: keepalived02.yaml- import_playbook: mysql.yaml
-Hosts:all tasks:#-name:clear yum.repos.d# file:path=/etc/yum.repos.d/state=absent##-name:create Yum . repos.d# File:path=/etc/yum.repos.d/state=directory #-Name:install Aliyun base# Get_url:url=http://mi Rrors.aliyun.com/repo/centos-7.repo dest=/etc/yum.repos.d/centos-base.repo##-Name:install Aliyun epel# Get_url: Url=http://mirrors.aliyun.com/repo/epel-7.repo Dest=/etc/yum.repos.d/epel.repo-name:push centos75 copy:src=./ File/contos75.repo dest=/etc/yum.repos.d/-Name:push ops Copy:src=./file/ops.repo dest=/etc/yum.repos.d/# -Name:dns client# copy:src=./conf/resolv.conf dest=/etc/resolv.conf-name:install Base Soft Yum:name=rs Ync,nfs-utils,net-tools,vim,tree,htop,iftop,iotop,lrzsz,sl,wget,unzip,telnet,nmap,nc,psmisc,dos2unix, Bash-completion,iotop,iftop,sysstat,screen,zip state=installed-name:create Group WWW group:name=www gid=666 -Name:create User WWW user:name=wwwuid=666 group=666 create_home=no shell=/sbin/nologin-name:create rsync_client_pass copy:content= ' 1 ' dest=/etc /rsync.pass mode=600-name:create sripts Directory file:path=/server/scripts/recurse=yes state=directory- Name:push Scripts copy:src=./scripts/rsync_backup_md5.sh dest=/server/scripts/-name:crontable Scripts Cron:name= "Backup Scripts" hour=01 minute=00 job= "/usr/bin/bash/server/scripts/rsync_backup_md5.sh &>/dev/ NullNfs.yaml- hosts: backup tasks: - name: Install Rsync Server yum: name=rsync,mailx state=installed - name: Configure Rsync Server copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf notify: Restart Rsync Server - name: Create Date file: path=/data state=directory owner=www group=www mode=755 - name: Create Backup file: path=/backup state=directory owner=www group=www mode=755 - name: Create Virt User copy: content=‘rsync_backup:1‘ dest=/etc/rsync.password mode=600 - name: Start RsyncServer service: name=rsyncd state=started enabled=yes - name: Push Check Scripts copy: src=./scripts/rsync_check_backup.sh dest=/server/scripts/ - name: Crond Check Scripts cron: name="check scripts" hour=05 minute=00 job="/usr/bin/bash /server/scripts/rsync_check_backup.sh &>/dev/null" handlers: - name: Restart Rsync Server service: name=rsyncd state=restarted
- hosts: nfs tasks: - name: Installed Nfs Server yum: name=nfs-utils state=installed - name: Configure Nfs Server copy: src=./conf/exports dest=/etc/exports notify: Restart Nfs Server - name: Create Share Data file: path=/data state=directory owner=www group=www mode=755 - name: Create Share /data{} shell: mkdir /data/{wordpress,wecenter,jpress} -p - name: Chown -R www.www /data file: path=/data recurse=yes owner=www group=www - name: Start Nfs Server service: name=nfs-server state=started enabled=yes handlers: - name: Restart Nfs Server service: name=nfs-server state=restarted
Sersync.yaml
Web.yaml- hosts: nfs tasks: - name: Scp Sersync copy: src=./file/sersync2.5.4_64bit_binary_stable_final.tar.gz dest=/usr/local/sersync.tar.gz - name: Zip shell: cd /usr/local && tar xf sersync.tar.gz && mv GNU-Linux-x86 sersync args: creates: /usr/local/sersync - name: configure Sersync copy: src=./conf/confxml.xml dest=/usr/local/sersync/confxml.xml notify: kill old sersync and restart new sersync - name: Start Sersync shell: pgrep sersync; [ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml handlers: - name: kill old sersync and restart new sersync shell: pegrep sersync | xargs kill -9; /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
-Hosts:web tasks:#-name:mount NFS Server Share date# mount:src=172.16.1.31:/data path=/data Fstype=nfs opts =defaults state=mounted-name:install Mariadb yum:name=mysql state=installed-name:install nginx Yu M:name=nginx state=installed-name:nginx.conf Copy copy:src=./conf/nginx.conf dest=/etc/nginx/nginx.conf Notify:restart Nginx-name:install php7.1 yum:name=php71w,php71w-cli,php71w-common,php71w-devel,php71w-embed Ded,php71w-gd,php71w-mcrypt,php71w-mbstring,php71w-pdo,php71w-xml,php71w-fpm,php71w-mysqlnd,php71w-opcache, Php71w-pecl-memcached,php71w-pecl-redis,php71w-pecl-mongodb state=installed-name:copy www.conf Copy:src=./con f/www.conf dest=/etc/php-fpm.d/www.conf notify:restart php-fpm-name:copy php.ini copy:src=./conf/ PHP.ini dest=/etc/php.ini notify:restart php-fpm-name:start php-fpm service:name=php-fpm state=started E Nabled=yes #-Name:unzip KaoshI.zip # unarchive:src=./file/kaoshi.zip Dest=/data/creates=/data/index.html-name:start nginx Service:nam E=nginx state=started enabled=yes-name:del/etc/nginx/conf.d/default.conf File:path=/etc/nginx/conf.d/default. conf state=absent-name:copy conf.d/* Unarchive:src=./conf/conf.zip dest=/etc/nginx/conf.d/creates=/etc/nginx/ Conf.d/wecenter.conf-name:copy./file/ssl_key.zip Unarchive:src=./file/ssl_key.zip dest=/etc/nginx/create S=/etc/nginx/ssl_key/server.crt-name:create/code File:path=/code/recurse=yes state=directory mode=755 ow Ner=www group=www-name:copy/code.zip unarchive:src=./file/code.zip Dest=/code/creates=/code/wordpress/index. Php-name:chown www.www/code file:path=/code owner=www group=www mode=0755#-name:mount data# Mount: Src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted-name:mount WordPress mount:src=172.16 .1.31:/data/wordpress PATh=/code/wordpress/wp-content/uploads fstype=nfs opts=defaults state=mounted-name:mount wecenter mount:src=172 .16.1.31:/data/wecenter path=/code/wecenter/uploads fstype=nfs opts=defaults state=mounted-name:start nginx ser Vice:name=nginx state=started enabled=yes#-name:recovery data# shell:cp-rp/code/wecenter/uploads_bak/*/cod e/wecenter/uploads/&& cp-rp/code/wordpress/wp-content/uploads_bak/*/code/wordpress/wp-content/uploads/ Handlers:-Name:restart nginx service:name=nginx state=restarted enabled=yes-name:restart php-fpm SE RVICE:NAME=PHP-FPM state=restarted Enabled=yes-Hosts:sweb tasks:-name:install java jarjar yum:name=java,jarjar-maven-plugin state=installed-name : Create/server file:path=/server/scripts/recurse=yes state=directory-name:unzip tomcat8_1.zip Unarchiv E:src=./file/tomcat8_1.zip dest=/server/creates=/server/tomcat8_1/bin/startup.sh-name:configgurl Copy Copy:s Rc=./conf/server.xml dest=/server/tomcat8_1/conf/server.xml notify:restart Tomcat-name:chown www file:pa Th=/server/tomcat8_1 recurse=yes owner=www group=www-name:start tomcat8_1# command:/server/tomcat8_1/bin/sta rtup.sh Shell:/server/tomcat8_1/bin/startup.sh-name:mount NFS Server Share jpress mount:src=172.16.1.31: /data/jpress path=/server/tomcat8_1/webapps/jpress/attachment fstype=nfs opts=defaults state=mounted#-Name: Recovery data# shell:cd/server/tomcat8_1/webapps/jpress && cp-rp attachment_bak/* attachment/#-Name C Hown www# shell:chown-r WWW.www/server/tomcat8_1/webapps # handlers:#-name:restart tomcat# Shell:/server/tomcat8_1/bin/shutdown.sh &&/server/tomcat8_1/bin/startup.shKeepalived.yaml- hosts: lb tasks: - name: install nginx yum: name=nginx state=installed - name: Del /etc/nginx/conf.d/default.conf file: path=/etc/nginx/conf.d/default.conf state=absent - name: Copy ds.conf copy: src=./lb/ds.conf dest=/etc/nginx/conf.d/ds.conf notify: Restart nginx - name: Copy proxy-https.conf copy: src=./lb/proxy-https.conf dest=/etc/nginx/conf.d/proxy-https.conf notify: Restart nginx - name: Copy ./file/ssl_key.zip unarchive: src=./file/ssl_key.zip dest=/etc/nginx/ creates=/etc/nginx/ssl_key/server.crt - name: Copy proxy_params copy: src=./lb/proxy_params dest=/etc/nginx/proxy_params notify: Restart nginx - name: start nginx service: name=nginx state=started enabled=yes handlers: - name: Restart nginx service: name=nginx state=restarted enabled=yes
Keepalived2.yaml- hosts: lb tasks: - name: install keepalived yum: name=keepalived state=installed - name: Copy keepalived.conf copy: src=./lb/keepalived.conf dest=/etc/keepalived/keepalived.conf notify: Restart keepalived - name: start keepalived service: name=keepalived state=started enabled=yes handlers: - name: Restart keepalived service: name=keepalived state=restarted enabled=yes
Mysql.yaml- hosts: 172.16.1.6 tasks: - name: Copy keepalived2.conf copy: src=./lb/keepalived2.conf dest=/etc/keepalived/keepalived.conf notify: Restart keepalived - name: start keepalived service: name=keepalived state=started enabled=yes handlers: - name: Restart keepalived service: name=keepalived state=restarted enabled=yes
-hosts:db tasks:-Name:install mysql-community yum:name=mysql-community-server state=installed-name:st Art Mysqld service:name=mysqld state=started enabled=yes#-name:copy/etc/my.cnf# copy:src=./conf/my.cnf dest=/etc/my.cnf#-Name:restart mysqld# service:name=mysqld state=restarted enabled=yes#-name:modify mysq L passwd# shell:mysql-uroot-se "update mysql.user set Authentication_string=password (' ckh123.com ') where user= ' roo T '; " #-Name:modify my.cnf# shell:sed ' 20s#skip-grant-tables# #pg '/etc/my.cnf#-name:restart mysqld# Serv Ice:name=mysqld state=restarted enabled=yes#-name:grant All user # shell:mysql-uroot-pckh123.com Mysql-se "Update user set host = '% ' where user = ' root ';" #-Name:flush Privileges # shell:mysql-uroot-p ' ckh123.com '-se "flush privileges;" #-Name:create daabase # shell:mysql-uroot-p ' ckh123.com '-se "Create database WordPress;" -Name:copy BAckup.sql copy:src=./file/2018-10-0613-mysql-all.sql dest=/tmp/#-name:input mysql# shell:mysql-uroot-p ' Ckh123.com ' </root/2018-09-2417-mysql-all.sql#4.由于mysql5.7默认配置了默认密码, 需要过滤temporary password关键字查看对应登陆数据库密码[[email protected] ~]# grep ‘temporary password‘ /var/log/mysqld.log#5.登陆mysql数据库[password中填写上一步过滤的密码][[email protected] ~]# mysql -uroot -p$(awk ‘/temporary password/{print $NF}‘ /var/log/mysqld.log)#6.重新修改数据库密码mysql> ALTER USER ‘root‘@‘localhost‘ IDENTIFIED BY ‘Ckh123.com‘;# 服务器mysql允许远程用户连接 (授权法)grant all privileges on *.* to ‘all‘@‘%‘ identified by ‘Ckh123.com‘;flush privileges;1.老服务器操作#1.指定导出对应的数据库文件。[[email protected] ~]# mysqldump -uroot -p‘Ckh123.com‘ --all-databases --single-transaction > `date +%F%H`-mysql-all.sql#2.传输备份数据库文件至新服务器[[email protected] zh]# scp 2018-10-0613-mysql-all.sql [email protected]:/tmp2.新服务器操作#1.导入数据库[[email protected] ~]# cd /tmp && mysql -uroot -p‘Ckh123.com‘ < 2018-10-0613-mysql-all.sql# 手动启动tomcat8/usr/bin/sh /server/tomcat8_1/bin/startup.sh
The Extended Zip command uses
# 当前目录下 所有文件 压缩包[[email protected] conf.d]# zip conf.zip ./*# -r 递归所有目录[[email protected] conf.d]# zip -r conf.zip ./*2.unzipunzip -o -d /home/sunny myfile.zip把myfile.zip文件解压到 /home/sunny/-o:不提示的情况下覆盖文件;-d:-d /home/sunny 指明将文件解压缩到/home/sunny目录下;3.其他zip -d myfile.zip smart.txt删除压缩文件中smart.txt文件zip -m myfile.zip ./rpm_info.txt向压缩文件中myfile.zip中添加rpm_info.txt文件
Source
Link: https://pan.baidu.com/s/1KqE4sdDdQxhIHJyK4QFfuw Password: CWTN
Ansible_playbook a key to build the cluster architecture
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
