使用Ansible安装并配置httpd服务

环境说明

控制节点：Redhat 8，安装Ansible和所需的python环境，手动关闭firewalld和SELINUX受控主机：Redhat 7，安装所需的python环境，关闭firewalld和SELINUX

详细步骤参考：Ansible的介绍与安装

---

需求

使用Ansible控制受管主机安装httpd服务，配置虚拟主机，并启动服务受管主机上需要安装yum源（推荐使用阿里云的yum源）

---

步骤

关闭firewalld和SELINUX [root@ansible ~]# systemctl stop firewalld [root@ansible ~]# systemctl disable firewalld [root@ansible ~]# vim /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled //把这里修改为disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted //保存并退出，然后重启机器即可 在控制节点的主机清单中添加受控主机 [root@ansible ~]# vim /etc/ansible/ansible.cfg #inventory = /etc/ansible/hosts //去掉注释并修改路径，这里我修改的路径为/etc/ansible/inventory，修改完毕后要手动创建清单文件 [root@ansible ~]# vim /etc/ansible/ansible.cfg 192.168.86.132 ansible_password=123456 //在清单中添加受管主机的IP地址以及远程登陆的密码，可以手动修改远登录的用户，如果不修改默认使用当前ansible主机的用户登录 测试连通性 [root@ansible ~]# ansible all -m ping 192.168.86.132 | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": false, "ping": "pong" } 创建项目目录，方便管理 [root@ansible ~]# tree httpd httpd ├── files │ └── httpd-vhosts.conf ├── group_vars ├── host_vars ├── playbook.yml └── vars ├── httpd_port1 └── httpd_port2

编写playbook

安装并配置yum源 [root@ansible playbook]# vim playbook.yml --- - name: download CentOS 7 yum hosts: 192.168.86.132 tasks: - name: download yum get_url: url: https://mirrors.aliyun.com/repo/Centos-7.repo dest: /etc/yum.repos.d 修改yum源的配置文件 - name: change CetnOS 7 yum file hosts: 192.168.86.132 tasks: - name: change CentOS 7 yum file command: sed -i 's/\$releasever/7/g' /etc/yum.repos.d/Centos-7.repo 安装httpd服务 - name: install httpd hosts: 192.168.86.132 tasks: - name: install httpd yum: name: httpd state: present 修改httpd的配置文件 - name: change configuration file hosts: 192.168.86.132 tasks: - name: change configuration file command: sed -i 's/#ServerName www.example.com:80/ServerName www.example.com:80/g' /etc/httpd/conf/httpd.conf 添加站点 - name: add index hosts: 192.168.86.132 tasks: - name: add index shell: cd /var/www/html/ && mkdir test xxx && cd test && echo "hello tom" > index.html && cd ../xxx && echo "helo cwt" > index.html 配置虚拟主机 - name: add VirtualHost hosts: 192.168.86.132 vars_files: - vars/httpd_port1 - vars/httpd_port2 tasks: - name: add VirtualHost template: src: files/httpd-vhosts.conf dest: /etc/httpd/conf.d/httpd-vhosts.conf //编写变量文件，变量文件要放在vars目录下，规范管理 [root@ansible vars]# cat httpd_port1 httpd_port1: 80 [root@ansible vars]# cat httpd_port2 httpd_port2: 81 //这一步需要在ansible主机上手动编写虚拟主机配置文件,并引用变量 <VirtualHost *:{{ httpd_port1 }}> DocumentRoot "/var/www/html/test" ServerName test.example.com ErrorLog "/var/log/httpd/test.example.com-error_log" CustomLog "/var/log/httpd/test.example.com-access_log" common </VirtualHost> Listen {{ httpd_port2 }} <VirtualHost *:{{ httpd_port2 }}> DocumentRoot "/var/www/html/xxx" ServerName xxx.example.com ErrorLog "/var/log/httpd/xxx.example.com-error_log" CustomLog "/var/log/httpd/xxx.example.com-access_log" common </VirtualHost> 启动服务 - name: start httpd hosts: 192.168.86.132 tasks: - name: start httpd service: name: httpd state: started enabled: yes

注：建议所有任务全部写在一个playbook中，避免文件太多

执行playbook [root@ansible playbook]# ansible-playbook playbook.yml PLAY [download CentOS 7 yum] ********************************************************************************************************************************************* ... ... 192.168.86.132 : ok=14 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 打开浏览器测试