ansible部署httpd
本文已参与「新人创作礼」活动,一起开启掘金创作之路。
1. 准备工作
先在ansible主机上创建一个名为file的目录用来存放软件包
[root@node1 apache]# mkdir file/
[root@node1 apache]# ls
file inventory playbook
[root@node1 apache]#
进入file目录,用wget命令在ansible主机中下载所需要的软件包
[root@node1 apache]# cd file/
[root@node1 file]# wget https://downloads.apache.org//apr/apr-1.7.0.tar.gz
[root@node1 file]# https://downloads.apache.org//apr/apr-util-1.6.1.tar.gz
[root@node1 file]# wget https://downloads.apache.org//httpd/httpd-2.4.48.tar.gz
[root@node1 file]# ls
apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.48.tar.gz
配置免密登录
[root@node1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:0hlA47rthbuBHTE73hXCeZD0fcprOEj9+oiXKZGVBZI root@node1
The key's randomart image is:
+---[RSA 3072]----+
| .+.+o.. |
| . +E= .. |
| + = +o. . |
| . = *oo o |
| . = Soo o |
| * Boo o . |
| o * +.oo+ |
| . +..+= |
| +..oo.. |
+----[SHA256]-----+
//将密钥传输到远程主机
[root@node1 ~]# ssh-copy-id root@node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@node2'"
and check to make sure that only the key(s) you wanted were added.
测试ansible主机与远程主机之间是否互通
[root@node1 ~]# ansible all -m ping
node2 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
关闭受控主机的防火墙和selinux
[root@node1 playbook]# vim firewalld_stop.yml
---
- hosts: node2
gather_facts: no
tasks:
- name: firewall stop
service:
name: firewalld
state: stopped
enabled: no
- name: configure selinux
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=disabled
//执行这个playbook
[root@node1 playbook]# ansible-playbook firewalld_stop.yml
[root@node1 playbook]# ansible-playbook firewalld_stop.yml
PLAY [node2] *******************************************************************
TASK [firewall stop] ***********************************************************
changed: [node2]
TASK [configure selinux] *******************************************************
changed: [node2]
PLAY RECAP *********************************************************************
node2 : ok=2 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2. 传输软件包
传输并解压缩下载的软件包,并安装所需的依赖包
[root@node1 playbook]# vim copy_ruanjianbao.yml
---
- hosts: node2
gather_facts: no
tasks:
- name: unarchive a file
unarchive:
src: ~/apache/file/{{ item }}
dest: /opt
with_items:
- apr-1.7.0.tar.gz
- apr-util-1.6.1.tar.gz
- httpd-2.4.48.tar.gz
- name: install pcre and pcre-devel
yum:
name: "{{ item }}"
state: present
with_items:
- pcre
- pcre-devel
- expat-devel
- gcc
- gcc-c++
- openssl-devel
执行playbook
[root@node1 playbook]# ansible-playbook copy_ruanjianbao.yml
PLAY [node2] **********************************************************************************************************************************
TASK [unarchive a file] ***********************************************************************************************************************
changed: [node2] => (item=apr-1.7.0.tar.gz)
changed: [node2] => (item=apr-util-1.6.1.tar.gz)
changed: [node2] => (item=httpd-2.4.48.tar.gz)
TASK [install pcre and pcre-devel] ************************************************************************************************************
changed: [node2] => (item=['pcre', 'pcre-devel', 'expat-devel'])
PLAY RECAP ************************************************************************************************************************************
node2 : ok=2 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
3. 编译安装
//编写playbook
---
- hosts: node2
gather_facts: no
tasks:
- name: install apr
shell: cd /opt/apr-1.7.0 && ./configure --prefix=/usr/local/apr && make && make install
- name: install apr-util
shell: cd /opt/apr-util-1.6.1 && ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && make && make install
- name: install httpd
shell: cd /opt/httpd-2.4.48 && ./configure --prefix=/usr/local/httpd --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ && make && make install
//执行playbook
[root@node1 playbook]# ansible-playbook make_install.yml
PLAY [node2] **********************************************************************************************************************************
TASK [install apr] ****************************************************************************************************************************
changed: [node2]
TASK [install apr-util] ***********************************************************************************************************************
changed: [node2]
TASK [install httpd] **************************************************************************************************************************
changed: [node2]
PLAY RECAP ************************************************************************************************************************************
node2 : ok=3 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4. 重启httpd
//编写playbook
[root@node1 playbook]# vim httpd_restart.yml
---
- hosts: node2
gather_facts: no
tasks:
- name: restart httpd
shell: '/usr/local/httpd/bin/apachectl start'
//执行playbook
[root@node1 playbook]# ansible-playbook httpd_restart.yml
PLAY [node2] **********************************************************************************************************************************
TASK [restart httpd] **************************************************************************************************************************
changed: [node2]
PLAY RECAP ************************************************************************************************************************************
node2 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
访问IP进行测试
