Ansible_playbook a key to build the cluster architecture

Source: Internet
Author: User
Tags rsync ssh port aliyun

Directory

    • Basic optimization
    • SSH, Ansible, batch Management Service project
    • The script began ... 10 minutes or so ......
      • Mail.yaml
      • Base.yaml
      • Rsync.yaml
      • Nfs.yaml
      • Web.yaml
      • Tweb.yaml
      • Lb.yaml
      • Keepalived.yaml
      • Keepalived2.yaml
      • Mysql.yaml
    • Aftercare operations

Server host name and IP planning reference template

Host name eth0 Nic eth1 Nic Service Introduction
lb01 10.0.0.5/24 172.16.1.5/24 Load service
lb02 10.0.0.6/24 172.16.1.6/24 Load service
W EB01 10.0.0.7/24 172.16.1.7/24 phpwww service
web02 10.0.0.8/24 172.16.1.8/24 php www service
tweb01 10.0.0.9/24 172.16.1.9/24 tomcat www service
db01 10.0.0.51/24 172.16.1.51/24 Database Services
nfs01 10.0.0.31/24 172.16.1.31/24 Storage Services
backup 10.0.0.41/24 172.16.1.41/24 backup service
m01 10.0.0.61/24 172.16.1.61/24 Administrative Services
Basic optimization
修改ip地址sed -i ‘s#222#61#g‘ /etc/sysconfig/network-scripts/ifcfg-eth[01]永久修改主机名[[email protected] ~]# hostnamectl set-hostname oldboyedu-cc7[[email protected] data]# vim /etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4::1         localhost localhost.localdomain localhost6 localhost6.localdomain6172.16.1.5  lb01172.16.1.6  lo02172.16.1.7  web01172.16.1.8  web02172.16.1.9  sweb172.16.1.31  nfs172.16.1.41  backup172.16.1.51  db#批量推送其他主机[[email protected] data]# scp -rp /etc/hosts [email protected]:/etc///2.关闭firewalld防火墙systemctl disable firewalldsystemctl stop firewalldsystemctl status firewalld//3.关闭selinux# 方式一sed -ri ‘s#(^SELINUX=).*#\1disabled#g‘ /etc/selinux/config# 方式二sed -i ‘/^SELINUX=/c SELINUX=disabled‘ /etc/selinux/config# 方式三vim /etc/selinux/config# 临时生效setenforce 0  //4.优化ulimitecho ‘* - nofile 65535‘ >> /etc/security/limits.conf//5 重启快照
SSH, Ansible, batch Management Service project
1. Create a key pair [[[email protected] ~]# ssh-keygen-t rsa-c xuliangwei.com #一路回车即可 [[email protected] ~]# ls ~/.ssh/id_r SA (key) id_rsa.pub (lock) * Send the key to the user who needs to log in [[email protected] ~]# ssh-copy-id-i ~/.ssh/id_rsa.pub [email  protected]# Test # Telnet-to-end host mode [[email protected] ~]# ssh [email protected]# do not log in to host command [[email protected] ~] # SSH [email protected] "hostname-i". Ansible with Public key batch Management # Bulk distribution of public key and batch management servers with non-switching tools [[email protected] ~]# Ssh-copy-id-i ~/.ssh/id_rsa.pub [email protected][[email protected] ~]# yum install ansible-y//check ansible version [[email protected] ~]# ansible--versionansible 2.6.1 configuration ansible host list [[email protected] ~]# vim/etc/ansible/ HOSTS[LB]172.16.1.5172.16.1.6[WEB]172.16.1.7172.16.1.8[SWEB]172.16.1.9[NFS]172.16.1.31[BACKUP]172.16.1.41[DB] 172.16.1.51 Test # Ansible is probe communication via SSH port [[[email protected] ~]# ansible all-m ping# Batch Execution command [[email protected] ~]# Ansible all-m command-a "Df-h" [[email protected] ~]# ansible all-m commaND-A "hostname" 
The script began ... 10 minutes or so, Mail.yaml, ....
- import_playbook: base.yaml- import_playbook: rsync.yaml- import_playbook: nfs.yaml- import_playbook: sersync.yaml- import_playbook: web.yaml- import_playbook: tweb.yaml- import_playbook: lb.yaml- import_playbook: keepalived.yaml- import_playbook: keepalived02.yaml- import_playbook: mysql.yaml
Base.yaml
-Hosts:all tasks:#-name:clear yum.repos.d# file:path=/etc/yum.repos.d/state=absent##-name:create Yum . repos.d# File:path=/etc/yum.repos.d/state=directory #-Name:install Aliyun base# Get_url:url=http://mi  Rrors.aliyun.com/repo/centos-7.repo dest=/etc/yum.repos.d/centos-base.repo##-Name:install Aliyun epel# Get_url: Url=http://mirrors.aliyun.com/repo/epel-7.repo Dest=/etc/yum.repos.d/epel.repo-name:push centos75 copy:src=./    File/contos75.repo dest=/etc/yum.repos.d/-Name:push ops Copy:src=./file/ops.repo dest=/etc/yum.repos.d/# -Name:dns client# copy:src=./conf/resolv.conf dest=/etc/resolv.conf-name:install Base Soft Yum:name=rs Ync,nfs-utils,net-tools,vim,tree,htop,iftop,iotop,lrzsz,sl,wget,unzip,telnet,nmap,nc,psmisc,dos2unix,    Bash-completion,iotop,iftop,sysstat,screen,zip state=installed-name:create Group WWW group:name=www gid=666 -Name:create User WWW user:name=wwwuid=666 group=666 create_home=no shell=/sbin/nologin-name:create rsync_client_pass copy:content= ' 1 ' dest=/etc /rsync.pass mode=600-name:create sripts Directory file:path=/server/scripts/recurse=yes state=directory-      Name:push Scripts copy:src=./scripts/rsync_backup_md5.sh dest=/server/scripts/-name:crontable Scripts Cron:name= "Backup Scripts" hour=01 minute=00 job= "/usr/bin/bash/server/scripts/rsync_backup_md5.sh &>/dev/    Null
Rsync.yaml
- hosts: backup  tasks:    - name: Install Rsync Server      yum: name=rsync,mailx state=installed    - name: Configure Rsync Server      copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf      notify: Restart Rsync Server    - name: Create Date      file: path=/data state=directory  owner=www group=www mode=755    - name: Create Backup      file: path=/backup state=directory  owner=www group=www  mode=755    - name: Create Virt User      copy: content=‘rsync_backup:1‘ dest=/etc/rsync.password mode=600    - name: Start RsyncServer      service: name=rsyncd state=started enabled=yes    - name: Push Check Scripts      copy: src=./scripts/rsync_check_backup.sh dest=/server/scripts/    - name: Crond Check Scripts      cron: name="check scripts" hour=05 minute=00 job="/usr/bin/bash /server/scripts/rsync_check_backup.sh &>/dev/null"  handlers:    - name: Restart Rsync Server      service: name=rsyncd state=restarted
Nfs.yaml
- hosts: nfs  tasks:    - name: Installed Nfs Server      yum: name=nfs-utils state=installed    - name: Configure Nfs Server      copy: src=./conf/exports dest=/etc/exports      notify: Restart Nfs Server    - name: Create Share Data      file: path=/data  state=directory owner=www group=www mode=755    - name: Create Share /data{}      shell: mkdir /data/{wordpress,wecenter,jpress} -p    - name: Chown -R www.www /data      file: path=/data recurse=yes owner=www group=www    - name: Start Nfs Server      service: name=nfs-server state=started enabled=yes  handlers:    - name: Restart Nfs Server       service: name=nfs-server  state=restarted

Sersync.yaml

- hosts: nfs  tasks:     - name: Scp Sersync      copy: src=./file/sersync2.5.4_64bit_binary_stable_final.tar.gz dest=/usr/local/sersync.tar.gz    - name: Zip      shell: cd /usr/local && tar xf sersync.tar.gz && mv GNU-Linux-x86 sersync      args:        creates: /usr/local/sersync    - name: configure Sersync      copy: src=./conf/confxml.xml dest=/usr/local/sersync/confxml.xml      notify: kill old sersync and restart new sersync    - name: Start Sersync      shell: pgrep sersync;              [ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml  handlers:    - name:  kill old sersync and restart new sersync      shell: pegrep sersync | xargs kill -9;             /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
Web.yaml
-Hosts:web tasks:#-name:mount NFS Server Share date# mount:src=172.16.1.31:/data path=/data Fstype=nfs opts =defaults state=mounted-name:install Mariadb yum:name=mysql state=installed-name:install nginx Yu      M:name=nginx state=installed-name:nginx.conf Copy copy:src=./conf/nginx.conf dest=/etc/nginx/nginx.conf Notify:restart Nginx-name:install php7.1 yum:name=php71w,php71w-cli,php71w-common,php71w-devel,php71w-embed Ded,php71w-gd,php71w-mcrypt,php71w-mbstring,php71w-pdo,php71w-xml,php71w-fpm,php71w-mysqlnd,php71w-opcache, Php71w-pecl-memcached,php71w-pecl-redis,php71w-pecl-mongodb state=installed-name:copy www.conf Copy:src=./con f/www.conf dest=/etc/php-fpm.d/www.conf notify:restart php-fpm-name:copy php.ini copy:src=./conf/ PHP.ini dest=/etc/php.ini notify:restart php-fpm-name:start php-fpm service:name=php-fpm state=started E Nabled=yes #-Name:unzip KaoshI.zip # unarchive:src=./file/kaoshi.zip Dest=/data/creates=/data/index.html-name:start nginx Service:nam E=nginx state=started enabled=yes-name:del/etc/nginx/conf.d/default.conf File:path=/etc/nginx/conf.d/default. conf state=absent-name:copy conf.d/* Unarchive:src=./conf/conf.zip dest=/etc/nginx/conf.d/creates=/etc/nginx/ Conf.d/wecenter.conf-name:copy./file/ssl_key.zip Unarchive:src=./file/ssl_key.zip dest=/etc/nginx/create S=/etc/nginx/ssl_key/server.crt-name:create/code File:path=/code/recurse=yes state=directory mode=755 ow Ner=www group=www-name:copy/code.zip unarchive:src=./file/code.zip Dest=/code/creates=/code/wordpress/index.  Php-name:chown www.www/code file:path=/code owner=www group=www mode=0755#-name:mount data# Mount: Src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted-name:mount WordPress mount:src=172.16 .1.31:/data/wordpress PATh=/code/wordpress/wp-content/uploads fstype=nfs opts=defaults state=mounted-name:mount wecenter mount:src=172 .16.1.31:/data/wecenter path=/code/wecenter/uploads fstype=nfs opts=defaults state=mounted-name:start nginx ser Vice:name=nginx state=started enabled=yes#-name:recovery data# shell:cp-rp/code/wecenter/uploads_bak/*/cod  e/wecenter/uploads/&& cp-rp/code/wordpress/wp-content/uploads_bak/*/code/wordpress/wp-content/uploads/ Handlers:-Name:restart nginx service:name=nginx state=restarted enabled=yes-name:restart php-fpm SE RVICE:NAME=PHP-FPM state=restarted Enabled=yes
Tweb.yaml
-Hosts:sweb tasks:-name:install java jarjar yum:name=java,jarjar-maven-plugin state=installed-name : Create/server file:path=/server/scripts/recurse=yes state=directory-name:unzip tomcat8_1.zip Unarchiv E:src=./file/tomcat8_1.zip dest=/server/creates=/server/tomcat8_1/bin/startup.sh-name:configgurl Copy Copy:s Rc=./conf/server.xml dest=/server/tomcat8_1/conf/server.xml notify:restart Tomcat-name:chown www file:pa Th=/server/tomcat8_1 recurse=yes owner=www group=www-name:start tomcat8_1# command:/server/tomcat8_1/bin/sta rtup.sh Shell:/server/tomcat8_1/bin/startup.sh-name:mount NFS Server Share jpress mount:src=172.16.1.31: /data/jpress path=/server/tomcat8_1/webapps/jpress/attachment fstype=nfs opts=defaults state=mounted#-Name: Recovery data# shell:cd/server/tomcat8_1/webapps/jpress && cp-rp attachment_bak/* attachment/#-Name C Hown www# shell:chown-r WWW.www/server/tomcat8_1/webapps # handlers:#-name:restart tomcat# Shell:/server/tomcat8_1/bin/shutdown.sh       &&/server/tomcat8_1/bin/startup.sh
Lb.yaml
- hosts: lb  tasks:    - name: install nginx      yum: name=nginx state=installed    - name: Del /etc/nginx/conf.d/default.conf      file: path=/etc/nginx/conf.d/default.conf state=absent    - name: Copy  ds.conf      copy: src=./lb/ds.conf dest=/etc/nginx/conf.d/ds.conf      notify: Restart nginx     - name: Copy  proxy-https.conf      copy: src=./lb/proxy-https.conf dest=/etc/nginx/conf.d/proxy-https.conf      notify: Restart nginx     - name: Copy ./file/ssl_key.zip      unarchive: src=./file/ssl_key.zip dest=/etc/nginx/ creates=/etc/nginx/ssl_key/server.crt    - name: Copy  proxy_params      copy: src=./lb/proxy_params dest=/etc/nginx/proxy_params      notify: Restart nginx     - name: start nginx      service: name=nginx state=started enabled=yes  handlers:    - name: Restart nginx      service: name=nginx state=restarted enabled=yes
Keepalived.yaml
- hosts: lb  tasks:    - name: install keepalived      yum: name=keepalived state=installed    - name: Copy  keepalived.conf      copy: src=./lb/keepalived.conf dest=/etc/keepalived/keepalived.conf      notify: Restart keepalived     - name: start keepalived      service: name=keepalived state=started enabled=yes  handlers:    - name: Restart keepalived      service: name=keepalived state=restarted enabled=yes
Keepalived2.yaml
- hosts: 172.16.1.6  tasks:    - name: Copy  keepalived2.conf      copy: src=./lb/keepalived2.conf dest=/etc/keepalived/keepalived.conf      notify: Restart keepalived     - name: start keepalived      service: name=keepalived state=started enabled=yes  handlers:    - name: Restart keepalived      service: name=keepalived state=restarted enabled=yes
Mysql.yaml
-hosts:db tasks:-Name:install mysql-community yum:name=mysql-community-server state=installed-name:st Art Mysqld service:name=mysqld state=started enabled=yes#-name:copy/etc/my.cnf# copy:src=./conf/my.cnf dest=/etc/my.cnf#-Name:restart mysqld# service:name=mysqld state=restarted enabled=yes#-name:modify mysq L passwd# shell:mysql-uroot-se "update mysql.user set Authentication_string=password (' ckh123.com ') where user= ' roo T '; " #-Name:modify my.cnf# shell:sed ' 20s#skip-grant-tables# #pg '/etc/my.cnf#-name:restart mysqld# Serv Ice:name=mysqld state=restarted enabled=yes#-name:grant All user # shell:mysql-uroot-pckh123.com Mysql-se "Update user set host = '% ' where user = ' root ';" #-Name:flush Privileges # shell:mysql-uroot-p ' ckh123.com '-se "flush privileges;"    #-Name:create daabase # shell:mysql-uroot-p ' ckh123.com '-se "Create database WordPress;" -Name:copy BAckup.sql copy:src=./file/2018-10-0613-mysql-all.sql dest=/tmp/#-name:input mysql# shell:mysql-uroot-p  ' Ckh123.com ' </root/2018-09-2417-mysql-all.sql
Aftercare operations
#4.由于mysql5.7默认配置了默认密码, 需要过滤temporary password关键字查看对应登陆数据库密码[[email protected] ~]# grep ‘temporary password‘ /var/log/mysqld.log#5.登陆mysql数据库[password中填写上一步过滤的密码][[email protected] ~]# mysql -uroot -p$(awk ‘/temporary password/{print $NF}‘ /var/log/mysqld.log)#6.重新修改数据库密码mysql> ALTER USER ‘root‘@‘localhost‘ IDENTIFIED BY ‘Ckh123.com‘;# 服务器mysql允许远程用户连接 (授权法)grant all privileges on *.* to ‘all‘@‘%‘ identified by ‘Ckh123.com‘;flush privileges;1.老服务器操作#1.指定导出对应的数据库文件。[[email protected] ~]# mysqldump -uroot -p‘Ckh123.com‘ --all-databases --single-transaction > `date +%F%H`-mysql-all.sql#2.传输备份数据库文件至新服务器[[email protected] zh]# scp 2018-10-0613-mysql-all.sql  [email protected]:/tmp2.新服务器操作#1.导入数据库[[email protected] ~]# cd /tmp && mysql -uroot -p‘Ckh123.com‘ < 2018-10-0613-mysql-all.sql# 手动启动tomcat8/usr/bin/sh /server/tomcat8_1/bin/startup.sh

The Extended Zip command uses

# 当前目录下 所有文件 压缩包[[email protected] conf.d]# zip conf.zip ./*# -r  递归所有目录[[email protected] conf.d]# zip -r conf.zip ./*2.unzipunzip -o -d /home/sunny myfile.zip把myfile.zip文件解压到 /home/sunny/-o:不提示的情况下覆盖文件;-d:-d /home/sunny 指明将文件解压缩到/home/sunny目录下;3.其他zip -d myfile.zip smart.txt删除压缩文件中smart.txt文件zip -m myfile.zip ./rpm_info.txt向压缩文件中myfile.zip中添加rpm_info.txt文件

Source

Link: https://pan.baidu.com/s/1KqE4sdDdQxhIHJyK4QFfuw Password: CWTN

Ansible_playbook a key to build the cluster architecture

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.