前言:
如今我们对“php主控”都比较着重,我们都想要剖析一些“php主控”的相关内容。那么小编也在网上网罗了一些对于“php主控””的相关文章,希望咱们能喜欢,你们快快来了解一下吧!技能目标:
· 了解什么是Ansible
· 学会如何使用Ansible部署Docker应用
· 学会如何使用Ansible部署Zabbix
5.1 案例分析
5.1.1案例概述
目前市场上有许多的运维自动化工具( 配置管理 ),例如:Ansible、SaltStack、Puppet、Fabric 等。其中,Ansible一种集成 IT 系统的配置管理、应用部署、执行特定任务的开源平台,是 AnsibleWorks 公司名下的项目,该公司由 Cobbler 及 Func 的作者于 2012 年创建成立。
Ansible 基于 Python 语言实现,由 Paramiko 和 PyYAML 两个关键模块构建,具备如下特点:
· 部署简单,只需在主控端部署 Ansible 环境,被控端无需做任何操作。
· 默认使用 SSH(Secure Shell)协议对设备进行管理。
· 主从集中化管理。
· 配置简单、功能强大、扩展性强。
· 支持 API 及自定义模块,可通过 Python 轻松扩展。
· 通过 Playbooks 来定制强大的配置、状态管理。
· 对云计算平台、大数据都有很好的支持。
· 提供一个功能强大、操作性强的 Web 管理界面和 REST API 接口 ---- AWX 平台。
本案例将展示如何使用Ansible部署一台Apache + MySQL服务器,以及如何使用Ansible部署Zabbix服务端及Zabbix客户端。
5.1.2案例前置知识点
1. Ansible主要组成部分功能说明
· PLAYBOOKS:任务剧本(任务集),编排定义Ansible任务集的配置文件,由Ansible顺序依次执行,通常是JSON格式的YML文件
· INVENTORY:Ansible管理主机的清单/etc/anaible/hosts
· MODULES:Ansible执行命令的功能模块,多数为内置的核心模块,也可自定义,ansible-doc –l 可查看模块
· PLUGINS:模块功能的补充,如连接类型插件、循环插件、变量插件、过滤插件等,该功能不常用
· API:供第三方程序调用的应用程序编程接口
· ANSIBLE:组合INVENTORY、 API、 MODULES、PLUGINS的绿框,可以理解为是ansible命令工具,其为核心执行工具
2. 注意事项
· 执行ansible的主机一般称为主控端,中控,master或堡垒机
· 主控端Python版本需要2.6或以上
· 被控端Python版本小于2.4需要安装python-simplejson
· 被控端如开启SELinux需要安装libselinux-python
· windows不能做为主控端
5.1.2案例环境
1. 本案例实验环境
本案例中环境如表5-1所示。
表5-1 创建并管理Ansible部署Docker网络案例环境
创建并管理本实验网络,具体的拓扑如图5.1所示。
图5.1 实验网络拓扑
2. 案例需求
· 安装Ansible及其依赖
· 编写Playbook
· 实施部署
· 结果验证
3. 案例实现思路
· 安
5.2 案例实施
5.2.1 主机配置
1. 环境初始化
· 推荐安装 CentOS 7.3 及以上版本 Linux 操作系统。
· 配置 root 用户免密码 ssh 登录到受控主机。
[root@bogon ~]# hostnamectl set-hostname master
[root@bogon ~]# bash
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
[root@master ~]# getenforce
Disabled
[root@master ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
08:c9:5b:df:13:51:04:3d:f8:24:43:1b:c8:e8:02:54 root@master
The key's randomart image is:
+--[ RSA 2048]----+
| ...E o o=*o |
| .. .. o +++ |
| .+.. o= . |
| .+.o . .. |
| ... S o |
| . |
| |
| |
| |
+-----------------+
[root@master ~]# ssh-copy-id root@192.168.9.168
[root@bogon ~]# hostnamectl set-hostname client
[root@bogon ~]# bash
[root@client ~]# systemctl stop firewalld
[root@client ~]# systemctl disable firewalld
[root@client ~]# getenforce
Disabled
2. 安装Ansible及其依赖
[root@master ~]# rpm -Uvh
[root@master ~]# yum install -y ansible
5.2.2 Ansible部署Docker
建立roles目录
首先创建一个ansible目录,之后所有操作均在此目录下进行。
[root@master ~]# mkdir ansible
[root@master ~]# cd ansible
[root@master ansible]# ansible-galaxy init --init-path roles common
- common was created successfully
[root@master ansible]# ansible-galaxy init --init-path roles webserver
- webserver was created successfully
[root@master ansible]# ansible-galaxy init --init-path roles dbserver
- dbserver was created successfully
创建production文件,内容为hosts和groups信息。
[root@master ansible]# vim production
[webservers]
192.168.9.168
[dbservers]
192.168.9.168
建common role任务,主要包含基础环境设置
[root@master ansible]# vim roles/common/tasks/main.yml
---
# tasks file for common
- name: add epel repository
yum_repository:
name: epel
description: EPEL YUM repo
baseurl:
gpgcheck: no
tags: epel
- name: add docker-ce repository
yum_repository:
name: docker-ce
description: docker-ce YUM repo
baseurl:
gpgcheck: no
tags: docker
- name: make sure ntp is installed
yum: pkg=ntp state=installed
tags: ntp
- name: make sure docker-ce is installed
yum: pkg=docker-ce state=installed
tags: docker
- name: make sure python-pip is installed
yum: pkg=python-pip state=installed
tags: pip
- name: make sure ntp is configured
template: src=ntp.conf.j2 dest=/etc/ntp.conf
notify:
- restart ntpd
tags: ntp
- name: make sure ntpd is running and enabled
service: name=ntpd state=started enabled=yes
tags: ntp
- name: make sure firewalld is stopped and disabled
service: name=firewalld state=stopped enabled=no
tags: firewalld
- name: make sure docker-py is installed
pip:
name: docker-py
- name: make sure docker is installed
yum: pkg=docker-ce state=installed
tags: docker
- name: make sure docker is running and enabled
service: name=docker state=started enabled=yes
tags: docker
[root@master ansible]# vim roles/common/handlers/main.yml
---
# handlers file for common
- name: restart ntpd
service: name=ntpd state=restarted
[root@master ansible]# mkdir group_vars
[root@master ansible]# vim group_vars/all
ntpserver: cn.ntp.org.cn
[root@master ansible]# vim roles/common/templates/ntp.conf.j2
driftfile /var/lib/ntp/drift
pidfile /var/run/ntpd.pid
logfile /var/log/ntp.log
# Access Control Support
restrict default ignore
restrict -6 default ignore
restrict 127.0.0.1
server {{ ntpserver }}
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
创建webserver role任务,主要包含httpd容器的启动
[root@master ansible]# vim roles/webserver/tasks/main.yml
---
# tasks file for webserver
- name: create httpd container
docker_container:
name: apache
image: httpd
state: started
restart: yes
ports:
- "80:80"
tags: httpd
创建dbserverrole任务,主要包含mysql容器的启动
[root@master ansible]# vim roles/dbserver/tasks/main.yml
[root@master ansible]# /root/ansible/roles/dbserver/tasks/main.yml
---
# tasks file for dbserver
- name: create mysql container
docker_container:
name: mysql
image: mysql
state: started
restart: yes
ports:
- "3306:3306"
env:
MYSQL_ROOT_PASSWORD: mysql@135
tags: mysql
创建webservers.yml
[root@master ansible]# vim webservers.yml
---
- hosts: webservers
roles:
- common
- webserver
创建dbservers.yml
[root@master ansible]# vim dbservers.yml
---
- hosts: dbservers
roles:
- common
- dbserver
创建site.yml
[root@master ansible]# vim site.yml
---
- import_playbook: webservers.yml
- import_playbook: dbservers.yml
运行部署命令
[root@master ansible]# ansible-playbook site.yml -i production
。。。。。。 //省略部分内容
TASK [dbserver : create mysql container] ****************************************************
changed: [192.168.9.168]
PLAY RECAP **********************************************************************************
192.168.9.168 : ok=27 changed=10 unreachable=0 failed=0
验证结果
登录受控主机,执行"docker ps"命令,查看docker容器是否运行。
[root@client ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39ef95a4e3f4 mysql "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:3306->3306/tcp, 33060/tcp mysql
b22c957feb4c httpd "httpd-foreground" 6 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp apache
5.2.3 Ansible部署Zabbix
建立roles目录
首先创建一个ansible目录,之后所有操作均在此目录下进行。
[root@master ansible]# mkdir zabbix
[root@master ansible]# cd zabbix/
[root@master zabbix]# ansible-galaxy init --init-path roles common
- common was created successfully
[root@master zabbix]# ansible-galaxy init --init-path roles zbxserver
- zbxserver was created successfully
[root@master zabbix]# ansible-galaxy init --init-path roles zbxagent
- zbxagent was created successfully
创建production文件,内容为hosts和groups信息
[root@master zabbix]# vim production-zabbix
[zbxservers]
192.168.9.168
[zbxagents]
192.168.9.168
创建common role任务,主要包含基础环境设置
[root@master zabbix]# vim roles/common/tasks/main.yml
---
# tasks file for common
- name: add epel repository
yum_repository:
name: epel
description: EPEL YUM repo
baseurl:
gpgcheck: no
tags: epel
- name: add zabbix repository
yum_repository:
name: zabbix
description: Zabbix YUM repo
baseurl:
gpgcheck: no
tags: zabbix
- name: add non-support zabbix repository
yum_repository:
name: zabbix-non-supported
description: Zabbix-non-supported YUM repo
baseurl:
gpgcheck: no
tags: zabbix
- name: make sure ntp is installed
yum: pkg=ntp state=installed
tags: ntp
- name: make sure python-pip is installed
yum: pkg=python-pip state=installed
tags: pip
- name: make sure ntp is configured
template: src=ntp.conf.j2 dest=/etc/ntp.conf
notify:
- restart ntpd
tags: ntp
- name: make sure ntpd is running and enabled
service: name=ntpd state=started enabled=yes
tags: ntp
- name: make sure firewalld is stopped and disabled
service: name=firewalld state=stopped enabled=no
tags: firewalld
[root@master zabbix]# vim roles/common/handlers/main.yml
---
# handlers file for common
- name: restart ntpd
service: name=ntpd state=restarted
[root@master zabbix]# mkdir group_vars
[root@master zabbix]# vim group_vars/all
ntpserver: cn.ntp.org.cn
[root@master zabbix]# vim roles/common/templates/ntp.conf.j2
driftfile /var/lib/ntp/drift
pidfile /var/run/ntpd.pid
logfile /var/log/ntp.log
# Access Control Support
restrict default ignore
restrict -6 default ignore
restrict 127.0.0.1
server {{ ntpserver }}
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
创建zbxserver role任务,主要包含httpd、php、mariadb-server、zabbix-server和zabbix-web的安装、配置及启动操作
[root@master zabbix]# vim roles/zbxserver/tasks/main.yml
---
# tasks file for zbxserver
- name: make sure httpd/php/mariadb-server/zabbix-server/zabbix-web are installed
yum: pkg={{ item }} state=installed
with_items:
- httpd
- php
- mariadb-server
- zabbix-server-mysql
- zabbix-web-mysql
- name: make sure php is configured
template: src=php.ini.j2 dest=/etc/php.ini
- name: make sure zabbix-server is configured
template: src=zabbix_server.conf.j2 dest=/etc/zabbix/zabbix_server.conf
- name: make sure httpd & mariadb & zabbix-server are running and enabled
service: name={{ item }} state=started enabled=yes
with_items:
- httpd
- mariadb
- zabbix-server
在主控端手动安装php,然后拷贝现有/etc/php.ini文件至roles/zbxserver/templates/php.ini.j2,并修改以下配置项
[root@master zabbix]# yum install -y php
[root@master zabbix]# cp /etc/php.ini roles/zbxserver/templates/php.ini.j2
[root@master zabbix]# vim roles/zbxserver/templates/php.ini.j2
post_max_size = 16M
max_execution_time = 300
max_input_time = 300
memory_limit = 128M
upload_max_filesize = 2M
date.timezone = Asia/Shanghai
在主控端手动安装zabbix-server,然后拷贝现有/etc/zabbix/zabbix_server.conf文件至roles/zbxserver/templates/zabbix_server.conf.j2,并修改以下配置项
[root@master zabbix]# rpm -Uvh
[root@master zabbix]# yum install -y zabbix-server
[root@master zabbix]# cp /etc/zabbix/zabbix_server.conf roles/zbxserver/templates/zabbix_server.conf.j2
[root@master zabbix]# vim roles/zbxserver/templates/zabbix_server.conf.j2
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=123.com
创建zbxagent role任务,主要包含zabbix-agent的安装、配置及启动操作
[root@master zabbix]# vim roles/zbxagent/tasks/main.yml
---
# tasks file for zbxagent
- name: make sure zabbix-agent is installed
yum: pkg=zabbix-agent state=installed
- name: make sure zabbix-agent is configured
template: src=zabbix_agent.conf.j2 dest=/etc/za bbix/zabbix_agent.conf
- name: make sure zabbix-agent is running and enabled
service: name=zabbix-agent state=started enabled=yes
在主控端手动安装zabbix-agent,然后拷贝现有/etc/zabbix/zabbix_agentd.conf文件至roles/zbxagent/templates/zabbix_agentd.conf.j2,并修改以下配置项
[root@master zabbix]# yum install -y zabbix-agent
[root@master zabbix]# cp /etc/zabbix/zabbix_agentd.conf roles/zbxagent/templates/zabbix_agentd.conf.j2
[root@master zabbix]# vim roles/zbxagent/templates/zabbix_agent.conf.j2
Server=192.168.9.168
ServerActive=192.168.9.168
Hostname=Zabbix server #Agent本地的名称,此名称需要与将来在server端的WEB页面上的主机名称一致,名称自定义
创建zbxservers.yml
[root@master zabbix]# vim zbxservers.yml
---
- hosts: zbxservers
roles:
- common
- zbxserver
创建zbxagents.yml
[root@master zabbix]# vim zbxagents.yml
---
- hosts: zbxagents
roles:
- common
- zbxagent
创建site.yml
[root@master zabbix]# vim site.yml
---
- import_playbook: zbxservers.yml
- import_playbook: zbxagents.yml
运行部署命令
[root@master zabbix]# ansible-playbook site.yml -i production-zabbix
登录受控主机完成数据库设置
[root@client ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 4714
Server version: 5.5.60-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE zabbix character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'localhost' IDENTIFIED BY '123.com';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> quit
Bye
结果验证
浏览器访问进入Zabbix 安装界面,如图5.2所示,按步骤完成Zabbix安装操作即可。
图5.2
标签: #php主控