Ansible 是一种自动化工具,可用于部署和管理大型企业的前后端应用。以下是使用 Ansible 部署企业前后端应用(HTTPD 和 Tomcat)的详细步骤。(如果不能实现就可能跟防火墙和安全模块有关)
安装 Ansible
准备yum源
1 yum -y install epel-release.noarch
EPEL(Extra Packages for Enterprise Linux)源是由Fedora社区维护的一个第三方软件仓库,提供了在RHEL/CentOS等发行版中不可用的免费软件包。
安装 Ansible
查看 Ansible 目录结构
1 2 yum -y install tree cd /etc/ansible/ && tree
配置主机清单
示例配置:
1 2 3 4 5 [webservers] 192.168.44.10 [dbservers] 192.168.44.11
配置免密登录
1 2 3 ssh-keygen -t rsa ssh-copy-id 192.168.44.20 ssh-copy-id 192.168.44.30
Ansible Playbook 示例 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 #!/bin/bash ansible-playbook mysql.yml ansible-playbook jdk.yml ansible-playbook tomcatcopy.yaml ansible-playbook jar-copy.yml ansible-playbook nginx.yml 这边是脚本代码 ``` bash ansible-playbook mysql.yml ansible-playbook jdk.yml ansible-playbook tomcatcopy.yaml ansible-playbook jar-copy.yml ansible-playbook nginx.yml
部署mysql数据库
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 --- - hosts: 192.168.44.20 become: yes vars: mysql_root_password: "your_desired_password" vars_files: - "/home/ansible/var.yml" tasks: - name: Install MySQL 8.0 repository yum: name: https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm state: present - name: Import MySQL GPG key rpm_key: key: https://repo.mysql.com/RPM-GPG-KEY-mysql-2023 state: present - name: Install MySQL 8.0 yum: name: mysql-community-server state: present - name: Start MySQL service service: name: mysqld state: started enabled: yes - name: Backup MySQL configuration file command : cp /etc/my.cnf /etc/my.cnf.bak ignore_errors: yes - name: Create bzd.sh script file copy: content: | echo "skip-grant-tables" >> /etc/my.cnf systemctl restart mysqld sleep 10 mysql -u root <<EOF FLUSH PRIVILEGES; ALTER USER 'root'@'localhost' IDENTIFIED BY 'name@123456'; UPDATE mysql.user SET host='%' WHERE user = 'root'; FLUSH PRIVILEGES; EOF sed -i '/skip-grant-tables/d' /etc/my.cnf systemctl restart mysqld echo "MySQL 服务已重启生效" dest: /tmp/bzd.sh mode: '0755' - name: Execute bzd.sh script to change MySQL root password command : /tmp/bzd.sh become: yes ignore_errors: yes - name: Check MySQL service status service_facts: register: service_status - name: Clean up bzd.sh script file: path: /tmp/bzd.sh state: absent
安装JDK
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 --- - hosts: 192.168.44.20 become: yes vars_files: "/home/ansible/var.yml" tasks: - name: jdk copy: src={{jdk_src_path}} dest={{jdk_dest_path}} - name: Unarchive the tarball into /usr/local/java unarchive: src: /root/jdk-8u401-linux-x64.tar.gz dest: /usr/local/java remote_src: yes - name: Append a block of configuration to a file blockinfile: path: /etc/profile block: | export JAVA_HOME=/usr/local/java/jdk1.8.0_401 export JRE_HOME=$JAVA_HOME /jre export PATH=$JAVA_HOME /bin:$JRE_HOME /bin:$PATH export CLASSPATH=$CLASSPATH :.:$JAVA_HOME /lib:$JRE_HOME /lib marker: "# {mark} ANSIBLE MANAGED BLOCK" - name: Source /etc/profile shell: source /etc/profile - hosts: 192.168.44.30 become: yes vars_files: "/home/ansible/var.yml" tasks: - name: jdk copy: src={{jdk_src_path}} dest={{jdk_dest_path}} - name: Unarchive the tarball into /usr/local/java unarchive: src: /root/jdk-11.0.22_linux-x64_bin.tar.gz dest: /usr/local/java remote_src: yes - name: Append a block of configuration to a file blockinfile: path: /etc/profile block: | export JAVA_HOME=/usr/local/java/jdk-11.0.22 export JRE_HOME=$JAVA_HOME /jre export PATH=$JAVA_HOME /bin:$JRE_HOME /bin:$PATH export CLASSPATH=$CLASSPATH :.:$JAVA_HOME /lib:$JRE_HOME /lib marker: "# {mark} ANSIBLE MANAGED BLOCK" - name: Source /etc/profile shell: source /etc/profile
部署Tomcat
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 --- - hosts: 192.168.44.20 become: yes vars_files: "/home/ansible/var.yml" tasks: - name: jdk copy: src={{jdk_src_path}} dest={{tomcat_dest_path}} - name: Unarchive the tarball into /usr/local/java unarchive: src: /usr/local/apache-tomcat-9.0.87.tar.gz dest: /usr/local/ remote_src: yes - name: Append a block of configuration to a file blockinfile: path: /usr/local/apache-tomcat-9.0.87/bin/catalina.sh block: | export JAVA_HOME=/usr/local/java/jdk1.8.0_401 export JRE_HOME=$JAVA_HOME /jre export PATH=$JAVA_HOME /bin:$JRE_HOME /bin:$PATH export CLASSPATH=$CLASSPATH :.:$JAVA_HOME /lib:$JRE_HOME /lib marker: "# {mark} ANSIBLE MANAGED BLOCK" insertbefore: BOF - name: start shell: nohup "{{copy_name}}/bin/startup.sh" &
部署后端服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 --- - hosts: 192.168.44.30 become: yes vars_files: "/home/ansible/var.yml" tasks: - name: 创建新目录 file: path: /home/financial state: directory - name: Upload jar package ansible.builtin.copy: src: /root/financial.jar dest: /home/financial - name: jdk copy: src: "{{ jdk_src_path }}" dest: "{{ jar_path }}" - name: 部署后端服务 shell: nohup /usr/local/java/jdk-11.0.22/bin/java -jar /home/financial/financial.jar > financial.log 2>&1&
部署前端服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 --- - hosts: 192.168.44.30 tasks: - name: yum install yum: name: - unzip - vim - bash-completion - net-tools - psmisc - gcc - make - pcre-devel - openssl-devel - name: 创建目录 file: path: /usr/local/nginx state: directory - name: Unarchive the tarball into /usr/local/nginx unarchive: src: /root/nginx-1.25.4.tar.gz dest: /usr/local/ remote_src: yes - name: 编译安装nginx shell: cd /usr/local/nginx-1.25.4 && ./configure --prefix=/usr/local/nginx && make && make install - name: 创建 nginx.service 文件所在目录 file: path: /usr/lib/systemd/system/ state: directory - name: 创建 nginx.service 文件 file: path: /usr/lib/systemd/system/nginx.service state: touch - name: Append a block of configuration to a file blockinfile: path: /usr/lib/systemd/system/nginx.service block: | [Unit] Description=nginx - high performance web server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf ExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/usr/local/nginx/sbin/nginx -s stop [Install] WantedBy=multi-user.target - name: 启动nginx systemd: name: nginx state: started enabled: yes - name: 创建目录 file: path: /home/web/nginx-data/ state: directory - name: 复制文件 copy: src=/root/financial_dist.zip dest=/root - name: Unarchive the tarball into /home/web/nginx-data/ unarchive: src: /root/financial_dist.zip dest: /home/web/nginx-data/ remote_src: yes - name: 复制文件夹里的文件 ansible.builtin.copy: src: /root/nginx.conf dest: /usr/local/nginx/conf/nginx.conf remote_src: yes - name: 重启nginx systemd: name: nginx state: restarted enabled: yes
脚本运行完之后需要在数据库中创建数据库然后拉入financial.sql到192.168.44.20
部署完成后,通过以下地址访问应用:http://192.168.44.20:8080 http://192.168.44.30 http://192.168.44.30:8080/doc.html
