Get a new version of the Java project in Tomcat from the test environment to the production environment using Ansible-playbook

I. Description of the Environment

Server with Ansible installed: 192.168.13.45

Test environment server: 192.168.13.49

/home/app/api-tomcat/webapps/api.war a new version of the war package location for the test environment

Production Environment server: 192.168.13.51

/home/app/api-tomcat/webapps/api.war for production Environment War package location/HOME/APP/API-TOMCAT/WEBAPPS/API for production environment Project location/home/app/tomcat.bak/ api/webapps-timestamp for the old version WebApps backup location/home/app/newwar/api.war A temporary storage location for the new version of the war package obtained from the test environment/home/app/newwar/ Location of the API for temporary storage after decompression of the new version of the war package

All in app user execution

Ii. preparation of yml files for Ansible-playbook

1. Upgrade

all the note text at the beginning of the # is removed when used , because YML is not annotated

#生产环境主机的ip, this can also be a/etc/ansible/hosts defined group name- hosts: 192.168.13.51# variable, using variables in the Yml file allows the entire file to be upgraded on different hosts, A variable is used if a variable in a task must be preceded by a colon with a double quotation mark "" Because the Yml file automatically recognizes the contents of the curly braces after the colon as a list, such as the shell: "/bin/startup.sh"   vars:# Test environment IP Address     testip: 192.168.13.49# The location of the project in the test environment     testhome: / home/app/api-tomcat/webapps# the name of the project War package in the test environment     warname: api.war# the location of the project's Tomcat in the production environment     oldhome: /home/app/api-tomcat# the location of the WebApps backup directory for the old version of the project in the production environment      backupwebapps: /home/app/tomcat.bak# where the new version of the war package gets from the test environment     newwar: /home/app/ newwar# new version of the war package the name of the directory     zipname: api# the entire remote Automation operation of the account used, where the entire production environment from the test environment operation is performed by the app user   remote_user: app# Concrete Operation   tasks:    - name:  Production environment Delete/home/ App/newwar directory, ignore the error if the directory does not exist (the reason for deleting this directory is because you want to create a new directory, to ensure that the entire YML file can be executed more than once, ignore_errors to ignore the error return value)        file: p ath= state=absent      ignore_errors: yes    -  name:  production environment Create/home/app/newwar directory, change permissions, (where Recurse is a recursive creation directory, state is a file type directory)        file: path= recurse=yes mode=775 owner=app group=app state=directory     - name:  Copy the new version from the test environment 192.168.13.49/home/app/api-tomcat/webapps/ Api.war package to the/home/app/newwar directory of the production environment 192.168.13.51, the following operations are in the production environment       shell:  scp [email protected]:/     - name:  to/home/app/ Newwar Recursive permissions (because the corrective action is performed as an app user, so be sure to ensure that permissions are the permissions of the app)       file: dest=  recurse=yes mode=775 owner=app group=app    - name:  Decompression/home/app/ Newwar/api.war package in/home/app/newwar/api directory       shell: unzip -oq /  -d /    - name:  Give again/Home/app/newwar recursive permissions (to ensure the new version of the app's permissions)       file: dest= recurse=yes  mode=775 owner=app group=app    - name:  Create a directory to back up older versions of WebApps/home/app/ Tomcat.bak/api and change the recursive permissions       file: path=/ recurse=yes mode=775  owner=app group=app state=directory    - name:  Backup/home/app/api-tomcat/ WebApps to the directory/home/app/tomcat.bak/api/webapps-timestamp (this backup directory is used for rollback)       SHELL: CP  -a /webapps //webapps-' date +%y%m%d%h%m '     - name:  The kill process stops the service. Ignore the error return value (this way to ensure that the old version stops running, otherwise conflicts will occur)       shell: ps -ef  | grep  | grep -v grep | xargs kill     The   ignore_errors: yes    - name: kill process stops the service. Ignore the error return value (make sure the old version is no longer running again)       shell: ps -ef | grep  | grep -v grep |  Xargs kill      ignore_errors: yes    - name:   Kill process again to stop the service. Ignore error return value       shell: ps -ef | grep   | grep -v grep | xargs kill      ignore_ errors: yes    - name:  View the result of stopping the service, whether the process is still in        shell: ps -ef | grep     - name:  Delete old version of/home/app/ Api-tomcat/webapps/api.war Bag       file: path=/webapps/ state=absent       ignore_errors: yes    - name:  Delete old versions of/ HOME/APP/API-TOMCAT/WEBAPPS/API Program Directory       file: path=/webapps/ state= Absent      ignore_errors: yes    - name:  Copy the new version directory/home/app/newwar/api to/home/ App/api-tomcat/webapps directory under       shell: cp -a / /webapps/     - name:  Copy new version of war package/home/app/newwar/api.war package to/home/app/api-tomcat/webapps directory       shell: cp -a / /webapps/    -  name:  Start Service/home/app/api-tomcat/bin/startup.sh (source is to load the JDK environment variable, NOHUP is to ensure that yml run out of process still does not exit)        shell:  "source /etc/profile;nohup /bin/startup.sh &"     - name:  See if there is a service started in the process       shell: ps  -ef | grep

2. Rollback

#生产环境主机地址- hosts: 192.168.13.51# variable and upgrade the same   vars:    testIP:  192.168.13.49    testhome: /home/app/api-tomcat/webapps     warname: api.war    oldhome: /home/app/api-tomcat     backupwebapps: /home/app/tomcat.bak    newwar: /home/app/newwar     zipname: api# remote operation is still using the app user   remote_user: app# the following actions are   tasks in the production environment:     - name: kill process mode stop service. Ignore error return value       shell:  ps -ef | grep  | grep -v grep | xargs kill       ignore_errors: yes    - name: kill process mode stop service. Ignore error return value       shell: ps -ef | grep  | grep -v  grep | xargs kill      ignore_errors: yes    - name:  The kill process again stops the service. Ignore error return value       shell: ps -ef | grep   | grep -v grep | xargs kill      ignore_errors:  yes    - name:  View the results of the stop service. Is the process still in       shell:  ps -ef | grep     - name:  Delete/home/app/api-tomcat/ WebApps Catalogue       file: path=/webapps state=absent     - name:  Display the WebApps directory for the most recent backup in/home/app/tomcat.bak/api/, the directory name should be webapps-recent timestamp        shell: ls -r / | head -1    - name:  Copy the backup/home/app/tomcat.bak/api/webapps-latest timestamp to the project and rename it/home/app/api-tomcat/webapps       shell: cp -a //$ (lS -R / | HEAD -1)  /webapps    - name:  Start service/home/ app/api-tomcat/bin/startup.sh      shell:  "Source /etc/profile;nohup  /bin/startup.sh &     - name:  Delete the backup file that you just rolled back        shell: rm -rf //$ (ls -r /    - name:  See if there is a service started in the process       shell: ps -ef | grep

Third, upgrade operation and precautions

1. Free key operation before upgrade

Ansible host 192.168.13.45

#在app用户下生成密钥ssh-keygen-t rsa# Send the public key to the test environment ssh-copy-id-i. ssh/id_rsa.pub [email protected] #发送公钥到生产环境ssh-copy-id-i. ssh/ id_rsa.pub [email protected]

Production Environment Host 192.168.13.51

#在app用户下生成密钥ssh-keygen-t rsa# Send the public key to the test environment ssh-copy-id-i. ssh/id_rsa.pub [Email protected]

For business security, ansible host and production environment host, test environment host is interoperable. The production environment host can connect to the test environment host, but the test environment host cannot connect to the production environment host, so here the test environment host does not need to send the key to the production environment host

2. Upgrade and Rollback

Upgrade

Ansible-playbook/home/app/api.yml-v

Rolling back

Ansible-playbook/home/app/api-rollback.yml-v

Ansible-playbook followed by the Yml file path written earlier,-V is to display detailed execution information

3. Attention

If you perform an upgrade and rollback of the yml file in Jenkins, be sure to send the public key of the Jenkins user to the production environment host and the test environment host, otherwise the permissions error will be reported

The host to be operated on must be filled into the/etc/ansible/hosts

Two yml files have been validated in a production environment

This article from "Letter Wind" blog, reproduced please contact the author!

Get a new version of the Java project in Tomcat from the test environment to the production environment using Ansible-playbook