Ansible部署LAMP架构

LAMP简介

LAMP是指一组通常一起使用来运行动态网站或者服务器的开源软件名称首字母缩写:

  • Linux
  • Apache
  • mariadb或者MySQL
  • PHP、Python或者Perl

实验环境

主机IP地址
ansible192.168.172.167
apache192.168.172.142
mysql192.168.172.143
php192.168.172.144

四台机器关闭防火墙和selinux

实验步骤

安装

1. 安装Ansible

[root@ansible ~]# yum -y install https://dl.fedoraproj
ect.org/pub/epel/epel-release-latest-8.noarch.rpm
[root@ansible ~]# yum -y install ansible
1.1 受控主机写入清单
[root@ansible ansible]# vim inventory  
[apache]
192.168.172.142

[mysql]
192.168.172.143

[php]
192.168.172.144
1.2 ssh免密登录
[root@ansible ansible]# ssh-keygen -t rsa
[root@ansible ansible]# ssh-copy-id root@192.168.172.142
[root@ansible ansible]# ssh-copy-id root@192.168.172.143
[root@ansible ansible]# ssh-copy-id root@192.168.172.144

2. 安装apache

[root@ansible ansible]# ansible http -m yum -a 'name=httpd state=present'
192.168.172.142 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "msg": "Nothing to do",
    "rc": 0,
    "results": []
}
2.1开启Apache服务并设置开机启动
[root@ansible ansible]# ansible http -m service -a 'name=httpd state=started enabled=yes'
192.168.172.142 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "enabled": true,
    "name": "httpd",
    "state": "started",
    "status": {

......
2.2 关闭防火墙及selinux
[root@ansible ansible]# ansible http -m service -a 'name=firewalld state=stopped enabled=no'
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "enabled": false,
    "name": "firewalld",
    "state": "stopped",
    "status": {
......
2.3 访问

在这里插入图片描述

3. 安装MySQL

//安装mariadb
[root@ansible ansible]# ansible mysql -m yum -a 'name=mariadb state=present'
192.168.172.143 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [

......


//安装mariadb-server
[root@ansible ansible]# ansible mysql -m yum -a 'name=mariadb-server state=present'
192.168.172.143 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [

......
3.1 启动MySQL并设置开机自启
[root@ansible ansible]# ansible mysql -m service -a 'name=mariadb state=started enabled=yes'
192.168.172.143 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "enabled": true,
    "name": "mariadb",
    "state": "started",
    "status": {

......

4. 安装php

//安装php
[root@ansible ansible]# 
[root@ansible ansible]# ansible php -m yum -a 'name=php state=present'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [

//安装php组件
[root@ansible ansible]# ansible php -m yum -a 'name=php-* state=present'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [

//安装curl
[root@ansible ansible]# ansible php -m yum -a 'name=curl state=present'
192.168.172.144 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "msg": "Nothing to do",
    "rc": 0,
    "results": []
}
[root@ansible ansible]# ansible php -m yum -a 'name=curl-devel state=present'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "msg": "",
    "rc": 0,
    "results": [
        "Installed: libcurl-devel-7.61.1-12.el8.x86_64"
    ]
}

......

配置

1. 配置httpd

1.1 编写httpd配置文件

先在ansible主机上将配置文件写好,再通过copy模块将配置文件传输到node2上

[root@ansible ansible]# cat hello.conf 
<VirtualHost 192.168.172.142:80>
    DocumentRoot "/etc/httpd/conf.d/"
    ServerName www.helloworld.com
    ProxyRequests off
    ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.172.144:9000/var/www/html/$1
    <Directory "/var/www/html/">
        Options none
        AllowOverride none
        Require all granted
    </Directory>
</VirtualHost>




[root@ansible ansible]# ansible http -m copy -a 'src=/etc/ansible/hello.conf dest=/etc/httpd/conf.d/ mode=0755'
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "a2fdf4f938ee147eab9867325ee00ae9c1194df0",
    "dest": "/etc/httpd/conf.d/hello.conf",
    "gid": 0,
    "group": "root",
    "md5sum": "9c9e850994228cfd3d1f324781558895",
    "mode": "0755",
    "owner": "root",
    "secontext": "system_u:object_r:httpd_config_t:s0",
    "size": 344,
    "src": "/root/.ansible/tmp/ansible-tmp-1626891082.2830656-129763-142187681487216/source",
    "state": "file",
    "uid": 0
}

[root@ansible ansible]# ansible http -m  lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="^    AddType application/x-" line="    AddType application/x-httpd-php .php" '
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}


[root@ansible ansible]# ansible http -m  lineinfile -a 'path=/etc/httpd/conf/httpd.conf insertafter="^    AddType application/x-" line="    AddType application/x-httpd-php-source .phps" 
'
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line added"
}



[root@ansible ansible]# ansible http -m lineinfile -a 'path=/etc/httpd/conf/httpd.conf regexp="^    DirectoryIndex" line="    DirectoryIndex index.html index.php"'
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line replaced"
}

2. 配置php

2.1 编写php测试页
[root@ansible ansible]# cat index.php 
<?php
  phpinfo();
?>
2.2 编写修改php配置
[root@ansible ansible]# ansible php -m file -a  'path=/var/www/html mode=0777
> '
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0777",
    "owner": "root",
    "path": "/var/www/html",
    "secontext": "system_u:object_r:httpd_sys_content_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

[root@ansible ansible]# ansible php -m copy -a 'src=/etc/ansible/index.php dest=/var/www/html mode=0777'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": "26af88945e23289d15e128606a29932b3d78787c",
    "dest": "/var/www/html/index.php",
    "gid": 0,
    "group": "root",
    "md5sum": "62210a938d0199092c2d3976a45bf86d",
    "mode": "0777",
    "owner": "root",
    "secontext": "system_u:object_r:httpd_sys_content_t:s0",
    "size": 22,
    "src": "/root/.ansible/tmp/ansible-tmp-1626891809.6933286-152862-250210448981018/source",
    "state": "file",
    "uid": 0
}


[root@ansible ansible]# ansible php -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="^listen =" line="listen = 192.168.172.144:9000" '
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line replaced"
}

[root@ansible ansible]# ansible php -m lineinfile -a 'path=/etc/php-fpm.d/www.conf regexp="^listen.allowed_clients =" line="listen.allowed_clients = 192.168.172.142" '
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line replaced"
}
2.3 关闭防火墙及selinux
[root@ansible ansible]# ansible php -m  service -a 'name=firewalld state=stopped enabled=no'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "enabled": false,
    "name": "firewalld",
    "state": "stopped",
    "status": {
......


[root@ansible ansible]# ansible php -m lineinfile -a 'path=/etc/selinux/config regexp="^SELINUX=" line="SELINUX=disabled"'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "backup": "",
    "changed": true,
    "msg": "line replaced"
}

重启服务

//重启http
[root@ansible ansible]# ansible http -m service -a 'name=httpd state=restarted'
192.168.172.142 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "httpd",
    "state": "started",
    "status": {
......


//重启php
[root@ansible ansible]# ansible php -m service -a 'name=php-fpm  state=restarted'
192.168.172.144 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "name": "php-fpm",
    "state": "started",
    "status": {

测试

在这里插入图片描述

Logo
开放原子开发者工作坊

开放原子开发者工作坊旨在鼓励更多人参与开源活动,与志同道合的开发者们相互交流开发经验、分享开发心得、获取前沿技术趋势。工作坊有多种形式的开发者活动,如meetup、训练营等,主打技术交流,干货满满,真诚地邀请各位开发者共同参与!

更多推荐

操作系统大会&openEuler Summit 2024参会指南,请查收!

avatar 开放原子开发者工作坊

推动工业软件核心技术攻关,开源工业软件算法集成大赛正式启动!

推动工业软件核心技术攻关,开源工业软件算法集成大赛正式启动!

avatar 开放原子开发者工作坊

第二届openEuler生态大会(中国·湖南)成功举办

10月30日,第二届openEuler生态大会(中国·湖南)成功举办。

avatar 开放原子开发者工作坊