Ansible playbook实现apache批量部署

• 1. 免密授权
• • 1.1 生成kekgen
  • 1.2 将key复制到客户端
• 2. Ansible服务器文件准备
• • 2.1 安装包准备
  • 2.2 本地源准备
  • 2.3 Httpd service文件准备
  • 2.4 hosts 文件准备
• 3. Ansible-playbook文件
• 4. 执行批量安装

ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:4aqra2UsAQCj+4Ocl/bB97dmnrjRkmCjzFBwEuztvG8 root@centos-18
The key's randomart image is:
+---[RSA 3072]----+
|* .+..           |
|o. .+            |
|... ..  .        |
| ..... . .       |
|.  +o  +S        |
|.oo Xoo.o o      |
|.ooB *o. + .     |
|  +..ooE. ++.    |
| .ooooo. +*+.    |
+----[SHA256]-----+

这部分可以用expect实现批量自动应答

ssh-copy-id 192.168.31.8
ssh-copy-id 192.168.31.18
ssh-copy-id 192.168.31.28
ssh-copy-id 192.168.31.38
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.31.18 (192.168.31.18)' can't be established.
ECDSA key fingerprint is SHA256:aZUazuZyvuiNf55ChJy2bp5RfyZg4crLYyn09wu79fU.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.31.18's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.31.18'"
and check to make sure that only the key(s) you wanted were added.

mkdir httpd_install
cd httpd_install

wget wget https://downloads.apache.org/apr/apr-1.7.0.tar.bz2
wget https://downloads.apache.org//apr/apr-util-1.6.1.tar.bz2
wget wget https://downloads.apache.org/apr/apr-1.7.0.tar.bz2

cat > centos8.repo < 
2.3 Httpd service文件准备 
cat > httpd.service < 
2.4 hosts 文件准备 
cat > hosts << EOF
[httpd]
192.168.31.8
192.168.31.18
192.168.31.28
192.168.31.38
EOF
 
3. Ansible-playbook文件 
  - hosts: httpd
    remote_user: root
    gather_facts: no
    vars:
      httpd_file: httpd-2.4.46.tar.bz2
      arp_file: apr-1.7.0.tar.bz2
      arp_util_file: apr-util-1.6.1.tar.bz2

    tasks:
    - name: Ansible delete file /etc/yum.repos.d/*.repo
      find:
        paths: /etc/yum.repos.d/
        patterns: "*.repo"
      register: repos_to_del
    - name: yum repo file clean
      file: 
        path: "{{ item.path }}"
        state: absent
      with_items: "{{ repos_to_del.files }}"
    - name: copy repo file to remote
      copy:
        src: centos8.repo
        dest: /etc/yum.repos.d/
    - name: yum repo init
      mount:
        path: /media
        src: /dev/sr0
        fstype: iso9660
        opts: ro,noauto
        state: mounted
    - name: install packages
      yum:
        name:
          - gcc 
          - lrzsz
          - wget
          - make
          - pcre-devel
          - openssl-devel
          - expat-devel 
        state: present
    - name: Create a directory if it does not exist
      file:
        path: /apps
        state: directory
        mode: '0755'
    - name: Extract {{ httpd_file }} into /apps/httpd24
      unarchive:
        src: ./{{ httpd_file }}
        dest: /apps/
    - name: Extract {{ arp_file }} into /apps/apr/
      unarchive:
        src: ./{{ arp_file }}
        dest: /apps/httpd-2.4.46/srclib
    - name: Extract {{ arp_util_file }} into /apps/apr/
      unarchive:
        src: ./{{ arp_util_file }}
        dest: /apps/httpd-2.4.46/srclib
    - name: move directory /apps/httpd-2.4.46/srclib/apr
      shell: mv /apps/httpd-2.4.46/srclib/apr-1.7.0 /apps/httpd-2.4.46/srclib/apr
    - name: move directory /apps/httpd-2.4.46/srclib/apr-util
      shell: mv /apps/httpd-2.4.46/srclib/apr-util-1.6.1 /apps/httpd-2.4.46/srclib/apr-util  
    - name: Ensure group "apache" exists
      group:
        name: apache
        state: present
        gid: 80
    - name: Add the user 'apache' with a specific uid and a primary group of 'apache'
      user:
        name: apache
        comment: apache
        uid: 80
        group: apache
    - name: configure httpd
      shell: ./configure --prefix=/apps/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-included-apr --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork chdir=/apps/httpd-2.4.46/
    - name: make
      shell: make -j 2 chdir=/apps/httpd-2.4.46/
    - name: make install 
      shell: make install chdir=/apps/httpd-2.4.46/
    - name: make ln
      file:
        src: /apps/httpd24
        dest: /apps/httpd
        owner: apache
        group: apache
        state: link
    - name: copy http.service file to remote
      copy:
        src: httpd.service
        dest: /usr/lib/systemd/system/
      notify: start httpd service
    - name: config index.html
      shell: echo `hostname -I` > /apps/httpd/htdocs/index.html
    - name: Replace httpd config file
      replace:
        path: /apps/httpd/conf/httpd.conf
        regexp: '^#(ServerName).*$'
        replace: '1 :80'
    handlers:
    - name: start httpd service
      service:
        name: httpd
        state: started
        enabled: yes
 
4. 执行批量安装 
ansible-playbook -i hosts playbook.yaml