ansible自动化部署nginx+keepalived+mysql负载均衡集群
一、目的使用ansible自动化部署nginx+keepalived+mysql负载均衡集群。
二、拓扑规划
三、详细步骤
1、环境的搭建
(1)、安装ansible,同时配置私钥免密码进行通信
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# ssh-keygen-t rsa #-t表示使用的加密类型,其中rsa1表示version1版本,rsa、dsa、ecdsa的加密对于的是version2版本
Generating public/private rsa key pair.
#这里询问你要把生成的密钥文件保存在哪里,默认是在家目录下的.ssh文件夹中,回车保存默认目录
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
#这里是对密钥文件加密,不输入则表示不加密
Enter passphrase (empty for no passphrase):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
04:9f:cb:9c:9d:1e:47:d7:e1:d4:c1:87:71:c3:a4:22 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| . =O+|
| o . ===|
| +E .....o|
| + +.o.. |
| S + . |
| . o |
| . |
| |
| |
+-----------------+
-
(2)查看已经成功生成了一对密钥
1
2
# ls /root/.ssh
id_rsaid_rsa.pub#其中id_rsa为私钥,id_rsa.pub为公钥
-
(3)在生成完密钥对之后将公钥上传给服务器对应用户的家目录
1
2
3
4
5
# ssh-copy-id -i .ssh/id_rsa.pub root@10.1.252.215
# ssh-copy-id -i .ssh/id_rsa.pub root@10.1.252.235
# ssh-copy-id -i .ssh/id_rsa.pub root@10.1.253.107
# ssh-copy-id -i .ssh/id_rsa.pub root@10.1.249.75
# ssh-copy-id -i .ssh/id_rsa.pub root@10.1.249.75
(4)编辑ansible的hosts文件,定义后所有的主机
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
root@centos6.8/etc/ansible]# cat hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
10.1.252.215
10.1.252.235
10.1.253.107 state=MASTER priority=100
10.1.249.75state=BACKUP priority=90
10.1.252.36
(5)OK,环境已经搭配好,所有主机同步下时间:
1
2
3
4
5
6
7
8
9
10
11
root@centos6.8/etc/ansible]# ansible all -a 'ntpdate 10.1.0.1'
10.1.252.215 | success | rc=0 >>
3 Nov 19:34:30 ntpdate: adjust time server 10.1.0.1 offset -0.003936 sec
10.1.252.36 | success | rc=0 >>
3 Nov 19:34:30 ntpdate: adjust time server 10.1.0.1 offset 0.200434 sec
10.1.252.235 | success | rc=0 >>
3 Nov 19:34:36 ntpdate: adjust time server 10.1.0.1 offset -0.001469 sec
10.1.253.107 | success | rc=0 >>
3 Nov 19:34:37 ntpdate: adjust time server 10.1.0.1 offset -0.001905 sec
10.1.249.75 | success | rc=0 >>
3 Nov 19:34:37 ntpdate: adjust time server 10.1.0.1 offset 0.018952 sec
2、下面来进行ansible的roles和playbook的定义:
(1)在/etc/ansible/roles目录下创建相关的角色目录:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
root@centos6.8/etc/ansible/roles]# mkdir -pv {mysql,web,nginx}/{files,tasks,templates,variables,handlers,meta,defult}
mkdir: created directory `mysql'
mkdir: created directory `mysql/files'
mkdir: created directory `mysql/tasks'
mkdir: created directory `mysql/templates'
mkdir: created directory `mysql/variables'
mkdir: created directory `mysql/handlers'
mkdir: created directory `mysql/meta'
mkdir: created directory `mysql/default'
mkdir: created directory `web'
mkdir: created directory `web/files'
mkdir: created directory `web/tasks'
mkdir: created directory `web/templates'
mkdir: created directory `web/variables'
mkdir: created directory `web/handlers'
mkdir: created directory `web/meta'
mkdir: created directory `web/default'
mkdir: created directory `nginx'
mkdir: created directory `nginx/files'
mkdir: created directory `nginx/tasks'
mkdir: created directory `nginx/templates'
mkdir: created directory `nginx/variables'
mkdir: created directory `nginx/handlers'
mkdir: created directory `nginx/meta'
mkdir: created directory `nginx/default'
root@centos6.8/etc/ansible/roles]# tree
.
├── mysql
│ ├── default
│ ├── files
│ ├── handlers
│ ├── meta
│ ├── tasks
│ ├── templates
│ └── variables
├── nginx
│ ├── default
│ ├── files
│ ├── handlers
│ ├── meta
│ ├── tasks
│ ├── templates
│ └── variables
└── web
├── default
├── files
├── handlers
├── meta
├── tasks
├── templates
└── variables
24 directories, 0 files
说明:
files/:存储由copy或script等模块调用的文件;
tasks/:此目录中至少应该有一个名为main.yml的文件,用于定义各task;其它的文件需要由main.yml进行“包含”调用;
handlers/:此目录中至少应该有一个名为main.yml的文件,用于定义各handler;其它的文件需要由main.yml进行“包含”调用;
vars/:此目录中至少应该有一个名为main.yml的文件,用于定义各variable;其它的文件需要由main.yml进行“包含”调用;
templates/:存储由template模块调用的模板文本;
meta/:此目录中至少应该有一个名为main.yml的文件,定义当前角色的特殊设定及其依赖关系;其它的文件需要由main.yml进行“包含”调用;
default/:此目录中至少应该有一个名为main.yml的文件,用于设定默认变量;
下面就是添加playbook了,首先设置web:
1、设置web的playbook
(1)Tasks:任务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
root@centos6.8/etc/ansible]# cat roles/web/tasks/main.yml
- name: install web pakgs
yum: name={{ item }}
with_items:
- httpd
- php
- php-mysql
- name: config the web
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: reload the service
- name: install wordpress
copy: src=wordpress dest=/var/www/html/wordpress/
- name: restart the service
service: name=httpd state=started
(2):handlers
1
2
3
root@centos6.8/etc/ansible]# cat roles/web/handlers/main.yml
- name: relaod the service
service: name=httpd state=restarted
(3)添加需要的file:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
root@centos6.8/etc/ansible]# ll roles/web/files/
total 40
-rw-r--r--. 1 root root 34419 Nov2 20:23 httpd.conf#主要是配置httpd的默认配置,要事先准备好
drwxr-xr-x. 5 nobody nfsnobody4096 Nov3 14:00 wordpress#wordpres的安装程序,注意这里的配置文件已经更改了后面的连接数据库
root@centos6.8/etc/ansible]#vimroles/web/files/wordpress/wp-config.php
/** WordPress数据库的名称 */
define('DB_NAME', 'wp');
/** MySQL数据库用户名 */
define('DB_USER', 'wpuser');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'wppass');
/** MySQL主机 */
define('DB_HOST', '10.1.252.109');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
(4)添加主剧本:
1
2
3
4
5
6
7
8
9
root@centos6.8/etc/ansible]# ll web.yml
-rw-r--r--. 1 root root 51 Nov2 20:22 web.yml
root@centos6.8/etc/ansible]# pwd
/etc/ansible
root@centos6.8/etc/ansible]# cat web.yml
- hosts: web
remote_user: root
roles:
- web
(5)检查语法没有问题:
1
2
root@centos6.8/etc/ansible]# ansible-playbook --syntax-check web.yml
playbook: web.yml
2、下面来部署前端的nginx调度起和keepalived配置:
(1)添加task任务:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
root@centos6.8/etc/ansible]#cat roles/nginx/tasks/main.yml
- name: install pkgs
yum: name={{ item }}
with_items:
- nginx
- keepalived
- name: config nginx&keepalived
template: src=nginx.j2 dest=/etc/nginx/nginx.conf
template: src=keepalived.j2 dest=/etc/keepalived/keepalived.conf
notify: reload the service
- name: start the service
service: name={{ item }} state=started
with_items:
- nginx
- keepalived
(2)添加handlers:
1
2
3
4
5
6
root@centos6.8/etc/ansible]#cat roles/nginx/handlers/mainx.yml
- name: reload the service
service: name={{ item }} state=restarted
with_items:
- nginx
- keepalived
(3)在hosts列表中复制变量:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
root@centos6.8/etc/ansible]# cat hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers.
10.1.252.215
10.1.49.29
10.1.253.107 state=MASTER priority=100
10.1.249.75state=BACKUP priority=90
10.1.49.31
(4)在template中使用了变量:
nginx配置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
root@centos6.8/etc/ansible]# cat roles/nginx/templates/nginx.j2
usernginx;
worker_processes{{ ansible_processor_vcpus}}; #使用变量,进程数为cpu数量:
error_log/var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections1024;
}
http {
include /etc/nginx/mime.types;
default_typeapplication/octet-stream;
log_formatmain'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log/var/log/nginx/access.logmain;
sendfile on;
#tcp_nopush on;
keepalive_timeout65;
#gzipon;
include /etc/nginx/conf.d/*.conf;
upstream web {
server 10.1.24.113;
server 10.1.24.114;
}
location / {
proxy_pass http://web;
}
}
keepalived配置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
root@centos6.8/etc/ansible]# cat roles/nginx/templates/keepalived.j2
! Configuration File for keepalived
global_defs {
notification_email {
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state {{ state }}#使用变量
interface eno16777746
virtual_router_id 55
priority {{ priority }} #使用变量
advert_int 1
authentication {
auth_type PASS
auth_pass 232332
}
virtual_ipaddress {
10.1.24.222
}
}
(5)添加主剧本:
1
2
3
4
5
root@centos6.8/etc/ansible]# cat nginx.yml
- hosts: nginx
remote_user: root
roles:
- nginx
(6)语法检测没有问题
1
2
root@centos6.8/etc/ansible]#ansible-playbook --syntax-check nginxx.yml
playbook: nginx.yml
3、设置mysql:
(1)设置task:
1
2
3
4
5
6
7
8
9
root@centos6.8/etc/ansible]# cat roles/mysql/tasks/main.yml
- name: install mysql
yum: name=mysql-server
- name: copy sql file
copy: src=mysql.sql dest=/tmp/mysql.sql
- name: start mysql service
service: name=mysqld state=started
- name: config mysql
shell: "mysql < /tmp/mysql.sql"
(2)设置files文件
1
2
3
4
5
6
root@centos6.8/etc/ansible]# ll roles/mysql/files/
total 4
-rw-r--r--. 1 root root 78 Nov3 15:41 mysql.sql
root@centos6.8/etc/ansible]# cat !$
cat roles/mysql/files/
cat: roles/mysql/files/: Is a directory
(3)添加主剧本:
1
2
3
4
5
root@centos6.8/etc/ansible]# cat mysql.yml
- hosts: mysql
remote_user: root
roles:
- mysql
(4)语法检查没有问题:
1
2
root@centos6.8/etc/ansible]# ansible-playbook --syntax-check mysql.yml
playbook: mysql.yml
mysql的ansible配置已经完成
至此,web、nginx+keepalived、mysql的配置都已经完成,下面来依次执行剧本
先来看下整个目录的结构:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
root@centos6.8/etc/ansible]# tree -L 4
.
├── ansible.cfg
├── ansible.cfg.bak
├── hosts
├── mysql.yml
├── nginx.yml
├── roles
│ ├── mysql
│ │ ├── default
│ │ ├── files
│ │ │ └── mysql.sql
│ │ ├── handlers
│ │ ├── meta
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ └── variables
│ ├── nginx
│ │ ├── default
│ │ ├── files
│ │ │ └── nginx-1.10.0-1.el7.ngx.x86_64.rpm
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ ├── keepalived.j2
│ │ │ └── nginx.j2
│ │ └── variables
│ └── web
│ ├── default
│ ├── files
│ │ ├── httpd.conf
│ │ └── wordpress
│ ├── handlers
│ │ └── main.yml
│ ├── meta
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── variables
├── test.yaml
└── web.yml
26 directories, 17 files
(1)执行web:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
root@centos6.8/etc/ansible]# ansible-playbookweb.yml
PLAY ********************************************************************
GATHERING FACTS ***************************************************************
ok:
ok:
TASK: ***********************************************
ok: => (item=httpd,php,php-mysql)
ok: => (item=httpd,php,php-mysql)
TASK: **************************************************
ok:
ok:
TASK: ***********************************************
changed:
changed:
TASK: *********************************************
ok:
ok:
PLAY RECAP ********************************************************************
10.1.252.215 : ok=5 changed=1 unreachable=0 failed=0
10.1.252.235 : ok=5 changed=1 unreachable=0 failed=0
(2)执行mysql:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
root@centos6.8/etc/ansible]# ansible-playbookmysql.yml
PLAY ******************************************************************
GATHERING FACTS ***************************************************************
ok:
TASK: *************************************************
ok:
TASK: *************************************************
ok:
TASK: *******************************************
ok:
TASK: **************************************************
skipping:
ok:
PLAY RECAP ********************************************************************
10.1.252.36 : ok=4 changed=0 unreachable=0 failed=0
(3)执行nginx:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
root@centos6.8/etc/ansible]# ansible-playbook nginx.yml
PLAY ******************************************************************
GATHERING FACTS ***************************************************************
ok:
ok:
TASK: ********************************************
ok:
ok:
TASK: ****************************************************
changed:
changed:
TASK: *************************************************
ok:
ok:
TASK: ******************************************
changed:
changed:
TASK: ***************************************
ok:
ok:
TASK: ***************************************
ok:
ok:
TASK: *********************************************
ok: => (item=keepalived)
ok: => (item=keepalived)
ok: => (item=nginx)
ok: => (item=nginx)
PLAY RECAP ********************************************************************
10.1.249.75 : ok=8 changed=2 unreachable=0 failed=0
10.1.253.107 : ok=8 changed=2 unreachable=0 failed=0
执行完成后,下面就是验证效果的时候:
激动的时刻,成功了!
个人在此过程中遇到的问题:在每个task中的name任务中不能有过多的任务,必须要分为多个步骤进行,如此例中的copy nginx然后在yum nginx,不能写在同一个name中,否则会报错!
页:
[1]