ansible远程编译部署httpd和php

ansible远程编译部署httpd和php

说明：

参考：https://blog.51cto.com/14012942/2444580

应该是能跑得起来的，不过还差的很远…

模块可拆分红多个文件

不少都是shell模块实现的，yum装包，修改配置文件等

实现第一步：能用

远程执行shell脚本应使用script模块

src文件在远程主机，应使用copy模块的remote_src参数

httpd.conf应该配个域名

相关文件压缩包：下载:https://www.lanzous.com/i6xbouj 密码:6vub

修改后：下载:https://www.lanzous.com/i72hdcb 密码:gnbe

修改后的main.yml文件：

roles/httpd/tasks/main.yml

- name: create group
  group: 
    name: apache
    gid: 48
    system: yes
    state: present
- name: create user
  user: 
    name: apache
    uid: 48
    group: apache
    comment: "Apache"
    state: present
    createhome: no
    system: yes
    shell: /sbin/nologin
- name: yum install dependency package
  yum:
    name:
      - gcc
      - openssl-devel
      - pcre-devel
      - libnghttp2-devel
      - ncurses-devel
      - lbzip2
      - bzip2 
      - expat-devel
      - libtool
    state: present
- name: unarchive httpd.tar.gz to remote server
  unarchive: 
    src: roles/httpd/files/httpd-2.4.41.tar.gz
    dest: "{{ SRC }}"
- name: unarchive apr.util.tar.gz to remote server
  unarchive: 
    src: roles/httpd/files/apr-util-1.6.1.tar.gz
    dest: "{{ SRC }}/httpd-2.4.41/srclib/"
- name: unarchive apr.tar.gz to remote server
  unarchive: 
    src: roles/httpd/files/apr-1.7.0.tar.gz
    dest: "{{ SRC }}/httpd-2.4.41/srclib/"
- name: rename  
  shell: |
      mv {{ SRC }}/httpd-2.4.41/srclib/apr-1.7.0 {{ SRC }}/httpd-2.4.41/srclib/apr
      mv {{ SRC }}/httpd-2.4.41/srclib/apr-util-1.6.1 {{ SRC }}/httpd-2.4.41/srclib/apr-util
- name: configure
  shell: ./configure --prefix={{ PREFIX }} --sysconfdir={{ SYSCONFDIR }} --enable-http2 --enable-ssl --enable-so  --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-included-apr --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork
  args:
    chdir: "{{ SRC }}/httpd-2.4.41/"
- name: Build the default target
  make: 
    target: install
    chdir: "{{ SRC }}/httpd-2.4.41/"
- name: PATH
  shell: echo "PATH={{ PREFIX }}/bin:$PATH" >> /etc/profile.d/http.sh
- name: copy service file
  template: 
    src: roles/httpd/templates/httpd.service.j2
    dest: /usr/lib/systemd/system/httpd.service
- name: httpd conf
  shell: |
      sed  '/^Group/ s/daemon/apache/' {{ SYSCONFDIR }}/httpd.conf  -i
      sed  '/^User/ s/daemon/apache/' {{ SYSCONFDIR }}/httpd.conf  -i
      sed '$a LoadModule proxy_module modules/mod_proxy.so\nLoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so\nLoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so' {{ SYSCONFDIR }}/httpd.conf  -i
- name: systemreload
  systemd: 
    name: httpd
    state: started
    daemon_reload: yes
    enabled: yes

roles/php/tasks/main.yml

- name: create group
  group: 
    name: apache
    gid: 48
    system: yes
    state: present
- name: create user
  user: 
    name: apache
    uid: 48
    group: apache
    comment: "Apache"
    state: present
    createhome: yes
    system: yes
    shell: /sbin/noshell
- name: yum install
  yum: 
    name:
      - gcc
      - openssl-devel
      - pcre-devel
      - libnghttp2-devel
      - ncurses-devel
      - lbzip2
      - bzip2
      - expat-devel
      - libxml2-devel
      - libxml2
      - libtool
- name: copy php
  unarchive: 
    src: roles/php/files/php-7.3.10.tar.gz 
    dest: "{{ SRC }}"
- name: compile
  shell: |
    ./configure --prefix=/usr/local/php --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-config-file-path=/usr/loca/php/etc --with-config-file-scan-dir=/usr/local/php/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
  args: 
    chdir: "{{ SRC }}/php-7.3.10/"
- name: make install
  make: 
    target: install
    chdir: "{{ SRC }}/php-7.3.10/"
    params:
      NUM_THREADS: 4
- name: copy php-fpm.conf
  copy: 
    src: roles/php/files/php-fpm.conf 
    dest: /usr/local/php/etc/php-fpm.conf
- name: copy www.conf
  copy: 
    src: roles/php/files/www.conf 
    dest: /usr/local/php/etc/php-fpm.d/www.conf
- name: copy init file
  copy: 
    src: roles/php/files/php-fpm 
    dest: /etc/init.d/php-fpm 
    mode: 0755
- name: system reload
  systemd: 
    name: php-fpm 
    state: started 
    daemon_reload: yes 
    enabled: yes

---

---

目录结构：

入口文件

[root@node1 test_playbook]# cat deploy.yml - hosts: web
  gather_facts: true
  remote_user: root
  roles:
    - httpd
    - php

清单文件

[root@node1 test_playbook]# cat  inventory/testenv [web]
192.168.38.145

[web:vars]
PREFIX=/usr/local/httpd2.4.41
SYSCONFDIR=/etc/httpd
SRC=/usr/local/src
SYSCONFDIR=/etc/httpd

httpd主任务文件

[root@node1 test_playbook]# cat roles/httpd/tasks/main.yml 
- name: create group
  group: name=apache gid=48 system=yes state=present
- name: create user
  user: name=apache uid=48 group=apache comment="Apache" state=present createhome=no system=yes shell=/sbin/noshell
- name: yum install
  shell: yum install gcc openssl-devel pcre-devel libnghttp2-devel ncurses-devel  lbzip2  bzip2 expat-devel autoconf libtool -y
- name: copy httpd
  unarchive: src=roles/httpd/files/httpd-2.4.41.tar.gz  dest={{ SRC }}
- name: copy apr-utils
  unarchive: src=roles/httpd/files/apr-util-1.6.1.tar.gz dest={{ SRC }}/httpd-2.4.41/srclib/
- name: cpoy apr
  unarchive: src=roles/httpd/files/apr-1.7.0.tar.gz dest={{ SRC }}/httpd-2.4.41/srclib/
- name: rename  
  shell: |
      mv {{ SRC }}/httpd-2.4.41/srclib/apr-1.7.0 {{ SRC }}/httpd-2.4.41/srclib/apr
      mv {{ SRC }}/httpd-2.4.41/srclib/apr-util-1.6.1 {{ SRC }}/httpd-2.4.41/srclib/apr-util
- name: compile
  shell: |
      cd {{ SRC }}/httpd-2.4.41/     
      ./configure --prefix={{ PREFIX }} --sysconfdir={{ SYSCONFDIR }} --enable-http2 --enable-ssl --enable-so  --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-included-apr --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork
      make -j 4 && make install
#- name:  compile
#  shell: chdir=/usr/local/httpd-2.4.41/ make -j 4
#- name: install 
#  shell: make install 
#  PATH变量看状况处理下
- name: PATH
  shell: echo "PATH={{ PREFIX }}/bin:$PATH" >> /etc/profile.d/http.sh
- name: copy service file
  template: 'src=roles/httpd/templates/httpd.service.j2 dest=/usr/lib/systemd/system/httpd.service'
- name: httpd conf
  shell: |
      sed  '/^Group/ s/daemon/apache/' {{ SYSCONFDIR }}/httpd.conf  -i
      sed  '/^User/ s/daemon/apache/' {{ SYSCONFDIR }}/httpd.conf  -i
      sed '$a LoadModule proxy_module modules/mod_proxy.so\nLoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so\nLoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so' {{ SYSCONFDIR }}/httpd.conf  -i
- name: systemreload
  systemd: daemon_reload=yes name=httpd

httpd的service文件

[root@node1 test_playbook]# cat roles/httpd/files/httpd.service [Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=simple
EnvironmentFile=${SYSCONFDIR}/httpd.conf
ExecStart=${PREFIX}/bin/apachectl -k start  -DFOREGROUND
ExecReload=${PREFIX}/bin/apachectl  -k graceful
ExecStop=/usr/bin/kill -WINCH ${MAINPID}PrivateTmp=true[Install]
WantedBy=multi-user.target

php主任务文件

[root@node1 test_playbook]# cat roles/php/tasks/main.yml - name: create group
  group: name=apache gid=48 system=yes state=present
- name: create user
  user: name=apache uid=48 group=apache comment="Apache" state=present createhome=no system=yes shell=/sbin/noshell
- name: yum install
  shell: yum install gcc openssl-devel pcre-devel libnghttp2-devel ncurses-devel  lbzip2  bzip2 expat-devel libxml2-devel libxml2  autoconf libtool -y
- name: copy php
  unarchive: src=roles/php/files/php-7.3.10.tar.gz dest={{ SRC }}
- name: compile
  shell: |      cd {{ SRC }}/php-7.3.10/
      ./configure --prefix=/usr/local/php --enable-mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-openssl --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-config-file-path=/usr/loca/php/etc --with-config-file-scan-dir=/usr/local/php/etc/php.d --enable-mbstring --enable-xml --enable-sockets --enable-fpm --enable-maintainer-zts --disable-fileinfo
      make -j 4 && make install 
- name: copy php-fpm.conf
  copy: 'src=roles/php/files/php-fpm.conf dest=/usr/local/php/etc/php-fpm.conf'- name: copy www.conf
  copy: 'src=roles/php/files/www.conf dest=/usr/local/php/etc/php-fpm.d/www.conf'- name: copy init file
  copy: 'src=roles/php/files/php-fpm dest=/etc/init.d/php-fpm mode=0755'- name: system reload
  systemd: daemon_reload=yes name=php-fpm

php启动文件

#php程序生成的
[root@node1 test_playbook]# ll roles/php/files/php-fpm
-rwxr-xr-x 1 root root 2401 Oct 23 06:01 roles/php/files/php-fpm

php配置文件

改的东西很少：进程用户，监听套接字，php进程数量没改

安装完成，没太大问题

中途报错单步排错：

# php和httpd应该加入开机启动# httpd能够选择安装目录
# 编译php不建议改安装目录了，否则后面还要改脚本
# 例如
ansible web  -i ../../../inventory/testenv -m template -a 'src=../../httpd/templates/httpd.service.j2 dest=/usr/lib/systemd/system/httpd.service'
[root@node1 test_playbook]# ansible web -i inventory/testenv -m unarchive -a 'src=roles/php/files/php-7.3.10.tar.gz dest=/usr/local/src'
[root@node1 test_playbook]# ansible web -i inventory/testenv -m systemd -a 'name=httpd state=started daemon_reload=yes enabled=yes'
[root@node1 test_playbook]# ansible web -i inventory/testenv -m systemd -a 'name=php-fpm state=started daemon_reload=yes enabled=yes'
#使用ansible直接操做主机IP时主机应存在于/etc/ansible/hosts，#开启密钥验证就用-k了#playbook脚本中管道|能够多行执行shell命令

安装完成后测试

[root@node1 ~]# cat >> /etc/httpd/httpd.conf <<EOF
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ unix:/var/run/php-fpm.sock|fcgi://localhost/var/www/html
EOF
[root@node1 ~]# sed  's/DirectoryIndex index.html/DirectoryIndex index.php index.html/' /etc/httpd/httpd.conf -i
[root@node1 ~]# sed -r 's@/usr/local/httpd2.4.41/htdocs@/var/www/html@' /etc/httpd/httpd.conf -i
[root@node1 ~]# mkdir /var/www/html -p
[root@node1 ~]# cat > /var/www/html/index.php <<EOF
<?
    phpinfo();
?>
EOF
[root@node1 ~]# httpd -t[root@node1 ~]# systemctl restart httpd