[toc]

示例:PlayBook一键部署wordpress

需求

使用PlayBook编写一键部署wordpress

环境准备

主机名 WanIP LanIP 角色 应用
m01 10.0.0.61 172.16.1.61 ansible管理机 ansible
web01 10.0.0.7 172.16.1.7 wordpress网站 nginx php nfs
web02 10.0.0.8 172.16.1.8 wordpress网站 nginx php nfs
nfs 10.0.0.31 172.16.1.31 共享存储 nfs rsync
backup 10.0.0.41 172.16.1.41 实时同步备份 nfs rsync
db01 10.0.0.51 172.16.1.51 数据库 mariadb MySQL-python

准备条件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 在此路径下准备以下文件,用于一键部署wordpress
/root/wordpress_ansible/
├── base
│ ├── hosts
│ └── ssh_key.sh
├── mariadb
│ ├── my.cnf
│ └── wp_ansible.sql
├── nfs
├── nginx_php
│ ├── blog.xxx.com.conf
│ ├── nginx.conf
│ ├── nginx_php.tgz
│ ├── ng_php
│ └── www.conf
├── rsync
│ └── rsyncd.conf
└── wordpress
└── wordpress.tgz

准备配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# 安装nginx和php
## 创建www用户组
groupadd www -g 666 && useradd www -u 666 -g 666 -s /sbin/nologin/ -M
## 将nginx_php压缩包上传到nginx_php目录并解压安装
rz -Erz waiting to receive.
tar -xf nginx_php.tgz
rpm -Uvh *.rpm

# 准备nginx主配置文件
## 修改统一用户nginx,并将主配置文件备份至nginx_php
vim /etc/nginx/nginx.conf
user = www
cp /etc/nginx/nginx.conf /root/wordpress_ansible/nginx_php/

# 准备php配置文件
## 修改统一用户php,套接字文件本地优化,并将主配置文件备份至nginx_php
vim /etc/php-fpm.d/www.conf
[www]
user = www
group = www
listen = /dev/shm/php.sock
listen.owner = www
listen.group = www
cp /etc/php-fpm.d/www.conf /root/wordpress_ansible/nginx_php/

# 准备nginx网站配置文件
## 修改nginx网页配置文件,并将配置文件备份至nginx_php
vim /etc/nginx/conf.d/blog.xxx.com.conf
server{
	listen 80;
	server_name blog.xxx.com;
	root /code/wordpress;
	index index.php index.html;

	location ~ \.php$ {
		fastcgi_pass unix:/dev/shm/php.sock;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		include fastcgi_params;
	}
}
cp /etc/nginx/conf.d/blog.xxx.com.conf /root/wordpress_ansible/nginx_php/
## 重启nginx php-fpm的服务
systemctl start nginx php-fpm
## 下载站点目录解压并修改属主和属组
wget https://cn.wordpress.org/latest-zh_CN.tar.gz -P /code/
tar -xf /code/latest-zh_CN.tar.gz
chown www.www /code/wordpress/ -R

# 配置数据库
## 安装数据库并创建账户和库
yum install -y mariadb-server
systemctl start mariadb && systemctl enable mariadb
mysqladmin -u root password '123'
mysql -uroot -p123
create database wordpress charset utf8;
grant all on *.* to wp_user@'%' identified by '123';

image-20230206212356505

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# 准备站点目录文件
## 将站点目录打包并备份
tar zcf wordpress.tgz wordpress/
cp /code/wordpress.tgz /root/wordpress_ansible/wordpress/

# 准备数据库导出文件
## 将数据库文件导出并备份至m01服务器
mysqldump -uroot -p123 wordpress > /opt/wp_ansible.sql
scp /opt/wp_ansible.sql root@172.16.1.61:/root/wordpress_ansible/mariadb

# 准备rsyncd配置文件
vim /root/wordpress_ansible/rsync/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
###############################
[backup]
comment = welcome
path = /backup

# 准备mysql优化配置文件
## 解决mysql的反向解析,不让IP解析成主机名
vim /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip_name_resolve
scp /etc/my.cnf root@172.16.1.61:/root/wordpress_ansible/mariadb

# 准备主机池
vim /root/wordpress_ansible/base/hosts

[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8

[rsyncd]
backup ansible_ssh_host=10.0.0.41

[nfs]
nfs ansible_ssh_host=10.0.0.31

[nfs_rsyncd]
nfs ansible_ssh_host=10.0.0.31
backup ansible_ssh_host=10.0.0.41

[db_group]
db01 ansible_ssh_host=10.0.0.51

执行playbook.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
vim /root/lnmp.yml

- hosts: all
  tasks:
  - name: 创建www组
    group:
      name: www
      gid: 666
  - name: 创建www用户
    user:
      name: www
      uid: 666
      group: 666
      shell: /sbin/nologin
      create_home: False

- hosts: nfs_rsyncd
  tasks:
  - name: 安装rsync和nfs服务
    yum:
      name:
        - rsync
        - nfs-utils
      state: present

- hosts: rsyncd
  tasks:
  - name: 推送rsync.conf文件
    copy:
      src: /root/wordpress_ansible/rsync/rsyncd.conf
      dest: /etc

  - name: 创建密码文件
    copy: 
      content: 'rsync_backup:123'
      dest: /etc/rsync.passwd
      mode: 0600

  - name: 创建backup目录
    file:
      name: /backup
      owner: www
      group: www
      mode: 0755
      state: directory

  - name: 启动rsync服务加入开机自启
    service:
      name: rsyncd
      state: started
      enabled: True

- hosts: nfs
  tasks:
  - name: 创建密码文件
    copy:
      content: '123'
      dest: /etc/rsync.passwd
      mode: 0600

  - name: 创建nfs配置文件
    copy:
      content: '/data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)'
      dest: /etc/exports

  - name: 创建data目录
    file:
      name: /data
      owner: www
      group: www
      mode: 0755
      state: directory

  - name: 启动nfs服务
    service:
      name: nfs
      state: started
      enabled: True

- hosts: web_group
  tasks:
  - name: 解压nginx和php包到web端
    unarchive:
      src: /root/wordpress_ansible/nginx_php/nginx_php.tgz
      dest: /opt

  - name: 安装nginx和php
    shell: cd /opt && yum localinstall -y *.rpm

  - name: 推送nginx主配置文件
    copy:
      src: /root/wordpress_ansible/nginx_php/nginx.conf
      dest: /etc/nginx

  - name: 推送php配置文件
    copy:
      src: /root/wordpress_ansible/nginx_php/www.conf
      dest: /etc/php-fpm.d

  - name: 推送wordpress网页配置文件
    copy:
      src: /root/wordpress_ansible/nginx_php/blog.xxx.com.conf
      dest: /etc/nginx/conf.d

  - name: 启动nginx
    service:
      name: nginx
      state: started
      enabled: True

  - name: 启动php
    service:
      name: php-fpm
      state: started
      enabled: True

  - name: 创建站点目录
    file:
      name: /code
      owner: www
      group: www
      mode: 0755
      state: directory

  - name: 部署wordpress
    unarchive:
      src: /root/wordpress_ansible/wordpress/wordpress.tgz
      dest: /code
      owner: www
      group: www

  - name: 挂载nfs
    mount:
      src: 172.16.1.31:/data
      path: /code/wordpress/wp-content/uploads/
      fstype: nfs
      state: mounted

- hosts: db_group
  tasks:
  - name: 安装mariadb和连接插件
    yum:
      name:
        - mariadb-server
        - MySQL-python
      state: present

  - name: 推送数据库的配置文件
    copy:
      src: /root/wordpress_ansible/mariadb/my.cnf
      dest: /etc

  - name: 启动数据库
    service:
      name: mariadb
      state: started
      enabled: True

  - name: 创建wordpress数据库
    mysql_db:
      login_user: root
      login_password: '123'
      name: wordpress
      state: present

  - name: 创建wordpress用户
    mysql_user:
      login_user: root
      login_password: '123'
      name: test
      password: '123'
      host: '%'
      priv: '*.*:ALL'
      state: present

  - name: 推送sql文件
    copy:
      src: /root/wordpress_ansible/mariadb/wp_ansible.sql
      dest: /opt

  - name: 导入数据库
    mysql_db:
      login_user: root
      login_password: '123'
      name: wordpress
      state: import
      target: /opt/wp_ansible.sql