Ansible—通过role角色部署lnmp架构

标签：name php72w lnmp nginx state Ansible role php root

一、部署nginx

cd /opt
mkdir nginx
cd nginx/
上传nginx.repo、nginx.conf，并且修改nginx.conf为nginx.conf.j2
vim nginx.conf.j2
37、38行
listen       {{nginx_addr}}:{{nginx_port}};
         server_name  {{nginx_hostname}};
45行
root   {{root_dir}};
68行
fastcgi_pass   {{php_addr}}:{{php_port}};
70行
fastcgi_param  SCRIPT_FILENAME  {{root_dir}}$fastcgi_script_name;

vim lnmp-playbook.yaml
- name: nginx play
  hosts: webservers
  remote_user: root
  gather_facts: false
  vars:
  - nginx_addr: 192.168.80.101
  - nginx_port: 80
  - nginx_hostname: www.xy101.com
  - root_dir: /var/www/html
  - php_addr: 192.168.80.102
  - php_port: 9000
  tasks:
  - name: disable firewalld
    service: name=firewalld state=stopped enabled=no
  - name: disable selinux
    command: 'setenfoce 0'
    ignore_errors: true
  - name: copy nginx repo
    copy: src=/opt/nginx/nginx.repo dest=/etc/yum.repos.d/
  - name: install nginx
    yum: name=nginx state=latest
  - name: create root dir
    file: path={{root_dir}} state=directory
  - name: copy nginx config template file
    template: src=/opt/nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf
    notify: 'reload nginx'
  - name: create nfs config
    copy: content="{{root_dir}} 192.168.80.0/24(rw,sync,no_root_squash)" dest=/etc/exports
  - name: restart rpcbind,nfs,nginx
    service: name={{item}} state=restarted enabled=yes
    with_items:
    - rpcbind
    - nfs
    - nginx
 
  handlers:
  - name: reload nginx
    service: name=nginx state=reloaded
 
ansible-playbook lnmp-playbook.yaml

2.部署MySQL

- name: mysql play
  hosts: dbservers
  remote_user: root
  gather_facts: false
  tasks:
  - name: disable mysql_server firewalld
    service: name=firewalld  state=stopped  enabled=no
  - name: disable mysql_server selinux
    command: 'setenforce 0'
    ignore_errors: true
  - name: remove mariadb
    yum: name=mariadb*  state=absent
  - name: copy mysql repo
    copy: src=/opt/mysql/mysql-community.repo  dest=/etc/yum.repos.d/
  - name: modify mysql repo
    replace: path=/etc/yum.repos.d/mysql-community.repo  regexp="gpgcheck=1"  replace="gpgcheck=0"
  - name: install mysql
    yum: name=mysql-server state=present
  - name: start mysql
    service: name=mysqld  state=started  enabled=yes
  - name: init mysql
    script: '/opt/mysql/mysql-init.sh'

3.部署php

- name: php play
  hosts: phpservers
  remote_user: root
  gather_facts: false
  vars:
  - php_username: nginx
  - php_addr: 192.168.80.102:9000
  - nginx_addr: 192.168.80.101
  - root_dir: /var/www/html
  tasks:
  - name: disable php_server firewalld
    service: name=firewalld  state=stopped  enabled=no
  - name: disable php_server selinux
    command: 'setenforce 0'
  - name: unarchive php tar pkg
    unarchive: copy=yes  src=/opt/php/php.tar.gz  dest=/mnt/
  - name: copy local repo
    copy: src=/opt/php/local.repo  dest=/etc/yum.repos.d/
  - name: create repo
    shell: 'createrepo /mnt && yum clean all && yum makecache'
  - name: install php
    yum: name=php72w,php72w-cli,php72w-common,php72w-devel,php72w-embedded,php72w-gd,php72w-mbstring,php72w-pdo,php72w-xml,php72w-fpm,php72w-mysqlnd,php72w-opcache,php72w-ldap,php72w-bcmath  state=present
  - name: create php user
    user: name={{php_username}}  shell=/sbin/nologin  create_home=no
  - name: modify php.ini
    replace: path=/etc/php.ini  regexp=";date.timezone ="  replace="date.timezone = Asia/Shanghai"
  - name: modify user and group in www.conf
    replace: path=/etc/php-fpm.d/www.conf  regexp="apache"  replace="{{php_username}}"
    notify: "reload php-fpm"
  - name: modify listen in www.conf
    replace: path=/etc/php-fpm.d/www.conf  regexp="127.0.0.1:9000"  replace="{{php_addr}}"
    notify: "reload php-fpm"
  - name: modify listen.allowed_clients in www.conf
    replace: path=/etc/php-fpm.d/www.conf  regexp="127.0.0.1"  replace="{{nginx_addr}}"
    notify: "reload php-fpm"
  - name: start php-fpm
    service: name=php-fpm  state=started  enabled=yes
  - name: create www root dir
    file: path={{root_dir}}  state=directory
  - name: mount nfs
    mount: src="{{nginx_addr}}:{{root_dir}}"  path={{root_dir}}  fstype=nfs  state=mounted  opts="defaults,_netdev"
  handlers:
  - name: reload php-fpm
    service: name=php-fpm  state=reloaded

4.编写测试文件

cd /var/www/html
vim index.php
 
<?php
phpinfo();
?>

浏览器访问测试

二、Roles 模块

roles用于层次性、结构化地组织playbook。roles能够根据层次型结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook中使用include指令引入即可。
简单来讲，roles就是通过分别将变量、文件、任务、模板及处理器放置于单独的目录中，并可以便捷的include它们的一种机制。roles一般用于基于主机构建服务的场景中，但也可以是用于构建守护进程等场景中。主要使用场景代码复用度较高的情况下。

roles 内各目录含义解释

●files
用来存放由 copy 模块或 script 模块调用的文件。

●templates
用来存放 jinjia2 模板，template 模块会自动在此目录中寻找 jinjia2 模板文件。

●tasks
此目录应当包含一个 main.yml 文件，用于定义此角色的任务列表，此文件可以使用 include 包含其它的位于此目录的 task 文件。

●handlers
此目录应当包含一个 main.yml 文件，用于定义此角色中触发条件时执行的动作。

●vars
此目录应当包含一个 main.yml 文件，用于定义此角色用到的变量。

●defaults
此目录应当包含一个 main.yml 文件，用于为当前角色设定默认变量。这些变量具有所有可用变量中最低的优先级，并且可以很容易地被任何其他变量覆盖。所以生产中我们一般不在这里定义变量

●meta
此目录应当包含一个 main.yml 文件，用于定义此角色的元数据信息及其依赖关系。

标签：name,php72w,lnmp,nginx,state,Ansible,role,php,root
From： https://blog.csdn.net/aran2002/article/details/140695240