1.安装ansible
yum -y install ansible
2.生成公钥
ssh-keygen
ssh-copy-id root@ip
3.编辑hosts
[root@c7-46 66]# cat /etc/ansible/hosts
[nk100]
10.0.0.41
[nk90]
10.0.0.42
[ts]
10.0.0.43
[zabbix]
10.0.0.45
[mm]
10.0.0.47
[ms]
10.0.0.48
[nr]
10.0.0.49
4.验证
ansible all -m ping
5.创文件夹
[root@c7-46 66]# ls
apache-tomcat-8.5.35.tar.gz jdk-8u131-linux-x64_.rpm keealived-90.sh mysql-slave.sh nfs-zhu.sh nginx.sh rsync-slave.sh tomcat.sh zabbix.sh
auto.yml keealived-100.sh mysql-master.sh nfs-cong.sh nginx-1.17.10.tar.gz rsync-master.sh supervisrod.sh zabbix-agent.sh
6.查看脚本
nginx
[root@c7-46 66]# cat nginx.sh
#!/bin/bash
yum -y install gcc pcre-devel zlib-devel
#wget http://nginx.org/download/nginx-1.17.10.tar.gz
#tar zxf nginx-1.17.10.tar.gz
cd nginx-1.17.10/
./configure && make && make install
sed -i '/#gzip/a upstream webs{' /usr/local/nginx/conf/nginx.conf
sed -i '/upstream webs{/a server 10.0.0.43:8080; ' /usr/local/nginx/conf/nginx.conf
sed -i '/server 10.0.0.43:8080;/a }' /usr/local/nginx/conf/nginx.conf
sed -i '48s/index index.html index.htm;/index index.html index.jsp index.htm;/' /usr/local/nginx/conf/nginx.conf
sed -i '/index index.html index.jsp index.htm;/a proxy_pass http://webs;' /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/sbin/nginx
keepalived-100
[root@c7-46 66]# cat keealived-100.sh
#!/bin/bash
yum -y install keepalived
rm -rf /etc/keepalived/keepalived.conf
cat>>/etc/keepalived/keepalived.conf<<\EOF
! Configuration File for keepalived
global_defs {
router_id 10.0.0.41
script_user root
enable_script_security
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_port.sh 80"
interval 2
weight -30
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 251
priority 100
advert_int 1
mcast_src_ip 10.0.0.41
nopreempt
authentication {
auth_type PASS
auth_pass 11111111
}
track_script {
chk_nginx
}
virtual_ipaddress {
10.0.0.100
}
}
EOF
cat>>/etc/keepalived/check_port.sh<<\EOF
CHK_PORT=$1
if [ -n "$CHK_PORT" ];then
PORT_PROCESS=`ss -lntp|grep $CHK_PORT|wc -l`
if [ $PORT_PROCESS -eq 0 ];then
echo "Port $CHK_PORT Is Not Used,End."
systemctl stop keepalived.service
fi
else
echo "Check Port Cant Be Empty!"
fi
EOF
sed -i 's/KillMode=process/#KillMode=process/' /usr/lib/systemd/system/keepalived.service
systemctl start keepalived.service
keepalived-90
[root@c7-46 66]# cat keealived-90.sh
#!/bin/bash
yum -y install keepalived
rm -rf /etc/keepalived/keepalived.conf
cat>>/etc/keepalived/keepalived.conf<<\EOF
! Configuration File for keepalived
global_defs {
router_id 10.0.0.42
script_user root
enable_script_security
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_port.sh 80"
interval 2
weight -30
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 251
priority 90
advert_int 1
mcast_src_ip 10.0.0.42
nopreempt
authentication {
auth_type PASS
auth_pass 11111111
}
track_script {
chk_nginx
}
virtual_ipaddress {
10.0.0.100
}
}
EOF
cat>>/etc/keepalived/check_port.sh<<\EOF
CHK_PORT=$1
if [ -n "$CHK_PORT" ];then
PORT_PROCESS=`ss -lntp|grep $CHK_PORT|wc -l`
if [ $PORT_PROCESS -eq 0 ];then
echo "Port $CHK_PORT Is Not Used,End."
systemctl stop keepalived.service
fi
else
echo "Check Port Cant Be Empty!"
fi
EOF
sed -i 's/KillMode=process/#KillMode=process/' /usr/lib/systemd/system/keepalived.service
systemctl start keepalived.service
tomcat
[root@c7-46 66]# cat tomcat.sh
#!/bin/bash
rpm -ivh jdk-8u131-linux-x64_.rpm
java -version
mkdir -p /opt/tomcat1
mkdir -p /opt/tomcat2
#tar zxf apache-tomcat-8.5.35.tar.gz
cp -rf apache-tomcat-8.5.35/* /opt/tomcat1
cp -rf apache-tomcat-8.5.35/* /opt/tomcat2
sed -i '22s/8005/8006/' /opt/tomcat2/conf/server.xml
sed -i '69s/8080/8081/' /opt/tomcat2/conf/server.xml
sed -i '116s/8009/8010/' /opt/tomcat2/conf/server.xml
supervisor
[root@c7-46 66]# cat supervisrod.sh
#!/bin/bash
yum -y install supervisor
systemctl enable supervisord.service
cat>>/etc/supervisord.d/app01.ini<<\EOF
[program:tomcat1]
command=/opt/tomcat1/bin/catalina.sh run
[program:tomcat2]
command=/opt/tomcat2/bin/catalina.sh run
EOF
systemctl start supervisord.service
supervisorctl start all
mysql-master
[root@c7-46 66]# cat mysql-master.sh
#!/bin/bash
yum -y install mariadb mariadb-server
sed -i '10i\server-id=1' /etc/my.cnf
sed -i '11i\log-bin=mysql-bin' /etc/my.cnf
sed -i '12i\binlog-ignore-db=information_schema' /etc/my.cnf
sed -i '13i\binlog-ignore-db=performance_schema' /etc/my.cnf
sed -i '14i\binlog-ignore=mysql' /etc/my.cnf
systemctl start mariadb
mysql -e "grant all on *.* to [email protected] identified by '123';"
mysql -e "flush privileges;"
mysql-slave
[root@c7-46 66]# cat mysql-slave.sh
#!/bin/bash
yum -y install mariadb mariadb-server
systemctl start mariadb
f=$(mysql -uslave -p123 -h10.0.0.47 -e 'show master status;' | sed -n '2p' | awk '{print $1}')
p=$(mysql -uslave -p123 -h10.0.0.47 -e 'show master status;' | sed -n '2p' | awk '{print $2}')
sed -i '10i\server-id=2' /etc/my.cnf
sed -i '11i\relay_log=relay-logs' /etc/my.cnf
sed -i '12i\log-bin=mysql-bin' /etc/my.cnf
systemctl restart mariadb
mysql -e "change master to master_host='10.0.0.47',master_user='slave',master_password='123',master_log_file='$f',master_log_pos=$p;"
mysql -e "start slave;"
mysql -e "show slave status \G;"
nfs-服务端
[root@c7-46 66]# cat nfs-zhu.sh
#!/bin/bash
yum -y install nfs-utils rpcbind
mkdir /backup
systemctl enable nfs
systemctl enable rpcbind
cat /etc/exports
echo "/backup/ 10.0.0.0/24(rw,sync,no_root_squash)" >/etc/exports
systemctl start rpcbind
systemctl start nfs
ss -ntlp | grep rpcbind
nfs客户端
[root@c7-46 66]# cat nfs-cong.sh
#!/bin/bash
yum -y install nfs-utils rpcbind
mkdir /backup
systemctl enable nfs
systemctl enable rpcbind
showmount -e 10.0.0.49
mkdir /backup
mount 10.0.0.49:/backup /backup
tail -1 /etc/mtab
rsync-服务端
[root@c7-46 66]# cat rsync-master.sh
#!/bin/bash
yum -y install rsync
rm -rf /etc/rsyncd.conf
cat>>/etc/rsyncd.conf<<\EOF
uid = root
gid = root
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
[backup]
path = /data
ignore errors
read only = false
list = false
hosts allow = 10.0.0.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
EOF
mkdir -p /data
useradd rsync -s /sbin/nologin -M
chown -R rsync.rsync /data/
echo "rsync_backup:123456" >/etc/rsync.password
chmod 600 /etc/rsync.password
systemctl restart rsyncd.service
systemctl enable rsyncd.service
rsync客户端
[root@c7-46 66]# cat rsync-slave.sh
#!/bin/bash
yum -y install rsync
echo "123456">/etc/rsync.password
chmod 600 /etc/rsync.password
echo 1708a>>aaa.txt
rsync -avz aaa.txt [email protected]::backup --password-file=/etc/rsync.password
rsync -avz [email protected]::backup --password-file=/etc/rsync.password /root
zabbbix-server
[root@c7-46 66]# cat zabbix.sh
#!/bin/bash
cat>>/etc/yum.repos.d/zabbix.repo<<\EOF
[root@localhost yum.repos.d]# cat zabbix.repo
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
gpgcheck=0
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=0
EOF
yum -y install zabbix-server-mysql zabbix-web-mysql zabbix-agent mariadb mariadb-server
systemctl enable mariadb
systemctl start mariadb
mysql -e "create database zabbix character set utf8 collate utf8_bin;"
mysql -e "grant all privileges on zabbix.* to zabbix@localhost identified by 'zabbix';"
mysql -e "flush privileges;"
zcat /usr/share/doc/zabbix-server-mysql-4.4.7/create.sql.gz | mysql -uzabbix -pzabbix zabbix
sed -i '91s/#/ /' /etc/zabbix/zabbix_server.conf
sed -i '124a\DBPassword=zabbix' /etc/zabbix/zabbix_server.conf
sed -i '878s/;date.timezone =/date.timezone = Asia\/\Shanghai/' /etc/php.ini
systemctl enable httpd zabbix-server zabbix-agent
systemctl start httpd zabbix-server zabbix-agent
yum -y install sendmail
systemctl enable sendmail.service
systemctl start sendmail.service
yum -y install mailx
sed -i '70i set [email protected]' /etc/mail.rc
sed -i '71i set smtp=smtp.163.com' /etc/mail.rc
sed -i '72i set set [email protected]' /etc/mail.rc
sed -i '73i set smtp-auth-password=USQWJYDSCQHTSUUG' /etc/mail.rc
sed -i '74i set smtp-auth=login' /etc/mail.rc
cat>>/usr/lib/zabbix/alertscripts/mail.sh<<\EOF
#!/bin/bash
echo "110" | mail -s "check" [email protected]
EOF
chmod +x /usr/lib/zabbix/alertscripts/mail.sh
zabbix-agent
[root@c7-46 66]# cat zabbix-agent.sh
#!/bin/bash
cat>>/etc/yum.repos.d/zabbix.repo<<\EOF
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/zabbix/4.4/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
gpgcheck=0
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=http://mirrors.aliyun.com/zabbix/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=0
EOF
yum -y install zabbix-agent
sed -i '98s/127.0.0.1/10.0.0.45/' /etc/zabbix/zabbix_agentd.conf
sed -i '139s/127.0.0.1/10.0.0.45/' /etc/zabbix/zabbix_agentd.conf
systemctl enable zabbix-agent
systemctl start zabbix-agent
playbook剧本
[root@c7-46 66]# cat auto.yml
---
- hosts: nr
tasks:
- name: "推送nfs-zhu"
template: src=nfs-zhu.sh dest=/root/
- name: "执行"
shell: chmod +x nfs-zhu.sh && ./nfs-zhu.sh
- name: "推送rsync-master"
template: src=rsync-master.sh dest=/root/
- name: "执行"
shell: chmod +x rsync-master.sh && ./rsync-master.sh
- hosts: ts
tasks:
- name: "传递zabbix-agent"
template: src=zabbix-agent.sh dest=/root/
- name: "执行"
shell: chmod +x zabbix-agent.sh && ./zabbix-agent.sh
- name: "传递jdk"
copy: src=jdk-8u131-linux-x64_.rpm dest=/root/
- name: "执行jdk"
shell: rpm -ivh jdk-8u131-linux-x64_.rpm && java -version
- name: "传递apach"
unarchive: src=apache-tomcat-8.5.35.tar.gz dest=/root/
- name: "传递tomcat脚本"
template: src=tomcat.sh dest=/root
- name: "执行"
shell: chmod +x tomcat.sh && ./tomcat.sh
- name: "supervisro脚本"
template: src=supervisrod.sh dest=/root
- name: "执行"
shell: chmod +x supervisrod.sh && ./supervisrod.sh
- hosts: nk100
tasks:
- name: "传递zabbix-agent"
template: src=zabbix-agent.sh dest=/root/
- name: "执行"
shell: chmod +x zabbix-agent.sh && ./zabbix-agent.sh
- name: "传递nginx"
unarchive: src=nginx-1.17.10.tar.gz dest=/root/
- name: "传递脚本"
template: src=nginx.sh dest=/root
- name: "执行"
shell: chmod +x nginx.sh && ./nginx.sh
- name: "传递脚本"
template: src=keealived-100.sh dest=/root
- name: "执行"
shell: chmod +x keealived-100.sh && ./keealived-100.sh
- hosts: nk90
tasks:
- name: "传递zabbix-agent"
template: src=zabbix-agent.sh dest=/root/
- name: "执行"
shell: chmod +x zabbix-agent.sh && ./zabbix-agent.sh
- name: "传递nginx"
unarchive: src=nginx-1.17.10.tar.gz dest=/root/
- name: "传递脚本"
template: src=nginx.sh dest=/root
- name: "执行"
shell: chmod +x nginx.sh && ./nginx.sh
- name: "传递脚本"
template: src=keealived-90.sh dest=/root
- name: "执行"
shell: chmod +x keealived-90.sh && ./keealived-90.sh
- hosts: zabbix
tasks:
- name: "传递zzbbix脚本"
template: src=zabbix.sh dest=/root
- name: "执行"
shell: chmod +x zabbix.sh && ./zabbix.sh
- hosts: mm
tasks:
- name: "传递zabbix-agent"
template: src=zabbix-agent.sh dest=/root/
- name: "执行"
shell: chmod +x zabbix-agent.sh && ./zabbix-agent.sh
- name: "传递脚本"
template: src=mysql-master.sh dest=/root/
- name: "执行"
shell: chmod +x mysql-master.sh && ./mysql-master.sh
- hosts: ms
tasks:
- name: "推送nfs-zhu"
template: src=nfs-cong.sh dest=/root/
- name: "执行"
shell: chmod +x nfs-cong.sh && ./nfs-cong.sh
- name: "推送rsync-master"
template: src=rsync-slave.sh dest=/root/
- name: "执行"
shell: chmod +x rsync-slave.sh && ./rsync-slave.sh
- name: "传递zabbix-agent"
template: src=zabbix-agent.sh dest=/root/
- name: "执行"
shell: chmod +x zabbix-agent.sh && ./zabbix-agent.sh
- name: "传递脚本"
template: src=mysql-slave.sh dest=/root/
- name: "执行"
shell: chmod +x mysql-slave.sh && ./mysql-slave.sh