拓扑及IP地址说明:
host1-4:
ansible: host1-192.168.80.71
Nginx: host2-192.168.80.72
tomcat1: host3-192.168.80.73
tomcat1: host4-192.168.80.74
ansible---Nginx---tomcat1&2
host1:
ansible需要配置epel和extras源,推荐使用阿里源
yuminstallansible
编辑ansible的host解析文件:
#vi/etc/ansible/hosts [Nginx] 192.168.80.72 [tomcat] 192.168.80.73 192.168.80.74
配置ssh,分发pubkey到其他三台主机:
ssh-keygen-trsa-P'' ssh-copy-id-i~/.ssh/id_rsa.pubroot@192.168.80.72 ssh-copy-id-i~/.ssh/id_rsa.pubroot@192.168.80.73 ssh-copy-id-i~/.ssh/id_rsa.pubroot@192.168.80.74
验证hosts主机解析:
ansibleall--list-hosts ansibleNginx--list-hosts ansibletomcat--list-hosts
创建role:
cd/etc/ansible/roles ansible-galaxyinitNginx ansible-galaxyinittomcat mkdir-pv{Nginx,tomcat}/{templates,files}
目录结构如下
treeNginx Nginx ├──defaults │└──main.yml ├──files │└──lb.conf ├──handlers │└──main.yml ├──Meta │└──main.yml ├──README.md ├──tasks │└──main.yml ├──templates ├──tests │├──inventory │└──test.yml └──vars └──main.yml 8directories,9files
#cdNginx #vitasks/main.yml -name:installNginx yum:name=Nginxstate=latest when:ansible_os_family=="RedHat" -name:copyconfigfile copy:src=lb.confdest=/etc/Nginx/conf.d/ tags:configNginx notify:reloadNginx -name:startNginx service:name=Nginxstate=startedenabled=yes
#vihandlers/main.yml -name:reloadNginx command:Nginx-sreload tags:reloadNginx
#vitemplates/lb.conf upstreamtcsrvs{ server192.168.80.73:8080; server192.168.80.74:8080; } server{ listen80; server_name{{ansible_eth1.ipv4.address}}; location/{ proxy_passhttp://tcsrvs; } }
编辑tomcat配置文件:
#cd../tomcat #vitasks/main.yml -name:installopenjdk yum:name=java-1.8.0-openjdk-develstate=latest -name:installtomcatpackage yum:name={{item}}state=latest with_items: -tomcat -tomcat-webapps -tomcat-admin-webapps -tomcat-docs-webapp when:ansible_os_family=="RedHat" -name:copyindex template:src=index.jsp.j2dest=/var/lib/tomcat/webapps/sample/index.jsp -name:starttomcat service:name=tomcatstate=startedenabled=yes
#vitemplates/index.jsp.j2 HostIPis{{ansible_eth1.ipv4.address}}
编辑playbook文件:
#mkdir../playbook #viplaybook/Nginx-tomcat.yml -hosts:Nginx remote_user:root roles: -Nginx -hosts:tomcat remote_user:root roles: -tomcat
host1测试并部署playbook:
ansible-playbook-Cvplaybook/Nginx-tomcat.yml ansible-playbookplaybook/Nginx-tomcat.yml
验证Tomcat:
ansibletomcat-a'rpm-qajava*' ansibletomcat-a'rpm-qatomcat*' ansibletomcat-a'ss-tnl'
http://192.168.80.72/sample/index.jsp
host3上配置tomcat-admin-webapps:
#vi/etc/tomcat/tomcat-users.xml <rolerolename="admin-gui"/> <rolerolename="manager-gui"/> <userusername="tomcat"password="tomcat"roles="admin-gui,manager-gui"/>
host1下载配置文件:
ansible192.168.80.73-mfetch-a"src=/etc/tomcat/tomcat-users.xmldest=/etc/ansible/roles/tomcat/files/flat=yes"
ansible上再次编辑tomcat配置文件:
#cd../tomcat #vitasks/main.yml//增加如下内容 -name:tomcatmanage copy:src=files/tomcat-users.xmldest=/etc/tomcat/tomcat-users.xmlowner=rootgroup=tomcat notify:restarttomcat
vihandlers/main.yml -name:restarttomcat service:name=tomcatstate=restarted
host1测试并重新部署playbook
ansible-playbook-Cplaybook/Nginx-tomcat.yml ansible-playbookplaybook/Nginx-tomcat.yml
http://192.168.80.72/manager/html