通過ansible部署高可用LNAMMKP架構
主/備模式高可用keepalived+{nginx(proxy)|lvs}
兩臺主機:httpd+php+Discuz!+phpMyAdmin
一臺主機:memcached用來緩存php的session;
一臺主機:mysql-server或mariadb-server;
實驗規劃:
這裏我規劃用備用模式高可用兩臺keepalived+nginx(proxy)服務器作爲前端代理,兩臺主機httpd+php+MariaDB+Discuz作爲後端真實機,memcached放在第一臺director上用來緩存php的session,最後用一臺ansible主機實現對所有主機的部署調用。
ansible主機:172.16.1.7
director1(nginx+keepalived+memcached):172.16.1.10,虛擬ip:172.16.1.100
director2(nginx+keepalived):172.16.1.5
RS1(Apache+php+MariaDB):172.16.1.3
RS2(Apache+php+MariaDB):172.16.1.6
拓撲圖如下:
注意:
1.把所有節點的防火牆和SElinux關閉,避免對實驗干擾。
2.同步所有節點的時間。
當部署完所有的應用後,生成如下所以的文件和子文件。
[root@zj07 ansible]# tree . ├── ansible.cfg ├── files │ └── nginx.conf ├── hosts ├── playbooks │ ├── amp.yml │ ├── first.retry │ ├── first.yml │ ├── ngx.retry │ └── ngx.yml ├── roles │ ├── amp │ │ ├── default │ │ ├── files │ │ │ └── db.sh │ │ ├── handlers │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ └── vars │ ├── keepalived │ │ ├── default │ │ ├── files │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── keepalived.conf.j2 │ │ └── vars │ ├── memcached │ │ ├── default │ │ ├── files │ │ │ └── Discuz_X3.2_SC_UTF8.zip │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ ├── php.ini.j2 │ │ │ └── sessstore.php.j2 │ │ └── vars │ ├── memcached1 │ │ ├── default │ │ ├── files │ │ ├── handlers │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ └── vars │ └── nginx │ ├── default │ ├── files │ │ ├── default.conf.j2 │ │ └── ip_forward.sh │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ ├── nginx.conf.j2 │ │ └── nginx.repo.j2 │ └── vars ├── zrs.retry └── zrs.yml 36 directories, 29 files
下面開始部署
-------------------------------------------------------------------------------------------
配置ansible主機
1.yum -y install ansible
2.
vim /etc/ansible/hosts [knsrvs] 172.16.1.10 STATE=MASTER PRI=100 172.16.1.5 STATE=BACKUP PRI=98 [websrvs] 172.16.1.3 172.16.1.6 [memcached1] 172.16.1.10 [memcached] 172.16.1.3 172.16.1.6
3.建立免祕鑰登陸,發給所以主機
ssh-keygen -t rsa -f .ssh/id_rsa -P ''
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ssh-copy-id -i .ssh/id_rsa.pub [email protected]
ansible all -m ping測試連通性
4.在ansible主機上安裝nginx和keepalived和php-fpm,以便ansible過程中需要使用其配置文件
-------------------------------------------------------------------------------------------
keepalived配置
1.mkdir /etc/ansible/roles/keepalived/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/keepalived/tasks/main.yml
3.vim /etc/ansible/roles/keepalived/handlers/main.yml
- name: restart keepalived server service: name=keepalived state=restarted
4.複製剛纔安裝的keepalived主配置文件到指定目錄,並修改如下
vim /etc/ansible/roles/keepalived/template/keepalived.conf.j2
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id node1 vrrp_mcast_group4 224.0.43.100 } vrrp_script ngx_server { script "killal -0 nginx" interval 1 weight -5 } vrrp_instance VI_1 { state {{ STATE }} interface eno16777736 virtual_router_id 43 priority {{ PRI }} advert_int 1 track_script ngx_server authentication { auth_type PASS auth_pass zrs66zrs } virtual_ipaddress { 172.16.1.100/32 brd 172.16.1.100 dev eno16777736 label eno16777736:0 } }
-------------------------------------------------------------------------------------------
nginx的配置:
1.mkdir /etc/ansible/roles/nginx/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/nginx/tasks/main.yml
3.vim /etc/ansible/roles/nginx/templates/nginx.repo.j2
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 enabled=1
複製剛纔安裝的nginx主配置文件到指定目錄,並修改如下
vim /etc/ansible/roles/nginx/templates/nginx.conf.j2
user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; upstream amp { server 172.16.1.3; server 172.16.1.6; } server { listen 80; location / { proxy_pass http://amp; proxy_set_header X-Real-IP $remote_addr; } } sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; include /etc/nginx/conf.d/*.conf; }
4.複製剛纔安裝的nginx主配置文件到指定目錄,並修改如下
vim /etc/ansible/roles/nginx/files/default.conf.j2
server { listen 80 default_server; server_name localhost; include /etc/nginx/default.d/*.conf; location / { root /usr/share/nginx/html; proxy_pass http://amp; index index.html index.htm; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }
5.創建ip_forward腳本,開啓前端代理服務器的核心轉發功能
vim /etc/ansible/roles/nginx/files/ip_forward.sh
#!/bin/bash # echo > 1 /proc/sys/net/ipv4/ip_forward
-------------------------------------------------------------------------------------------
amp的配置:
1.mkdir /etc/ansible/roles/amp/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/amp/tasks/main.yml
3.創建testdb數據庫,和授權用戶訪問
vim /etc/ansible/roles/amp/files/db.sh
#!/bin/bash # mysql -u root -e " create database testdb; grant all on testdb.* TO 'testuser'@'localhost' IDENTIFIED BY '123456'; FLUSH PRIVILEGES;"
-------------------------------------------------------------------------------------------
memcached配置
memcached緩存服務器爲第一臺調度器即172.16.1.10服務器,所以單獨配置爲memcached1
1.mkdir /etc/ansible/roles/memcached1/{files,tasks,templates,handlers,vars,default} -pv
2.vim /etc/ansible/roles/memcached1/tasks/main.yml
後端服務器上的配置
3.mkdir /etc/ansible/roles/memcached/{files,tasks,templates,handlers,vars,default} -pv
4.vim /etc/ansible/roles/memcached/tasks/main.yml
說明:
第二個任務:在本機安裝php-fpm即可出現並修改/etc/php.ini該配置文件中的[Session]段中的緩存路徑爲如下,
session.save_handler = memcache
session.save_handler = "tcp://172.16.1.10:11211"
第四個任務:是建立一個緩存測試頁面
vim /etc/ansible/roles/memcached/templates/sessstore.php
<?php $mem = new Memcache; $mem->connect("172.16.1.10", 11211) or die("Could not connect"); $version = $mem->getVersion(); echo "Server's version: ".$version."<br/>\n"; $mem->set('hellokey', 'Hello World', 0, 600) or die("Failed to save data at the memcached server"); echo "Store data in the cache (data will expire in 600 seconds)<br/>\n"; $get_result = $mem->get('hellokey'); echo "$get_result is from memcached server."; ?>
第五個任務:將Discuz安裝包放置在該目錄下,傳送到後端主機的指定目錄。
第六個任務:解壓該壓縮包並賦予制定用戶的權限
-------------------------------------------------------------------------------------------
創建主配置文件,並且調用roles:
vim /etc/ansible/zrs.yml
配置完成
先測試運行一下ansible-playbook --check zrs.yml,因爲有的主機已經安裝了某些軟件,所以測試顯示的是changed或者ok或者skipping
[root@zj07 ansible]# ansible-playbook --check zrs.yml PLAY [knsrvs] ************************************************************************** TASK [Gathering Facts] ***************************************************************** ok: [172.16.1.10] ok: [172.16.1.5] TASK [keepalived : install keepalived] ************************************************* changed: [172.16.1.5] changed: [172.16.1.10] TASK [keepalived : install conf file] ************************************************** changed: [172.16.1.10] changed: [172.16.1.5] TASK [keepalived : start keepalived] *************************************************** changed: [172.16.1.10] changed: [172.16.1.5] TASK [nginx : copy nginx repo] ********************************************************* changed: [172.16.1.5] ok: [172.16.1.10] TASK [nginx : install nginx] *********************************************************** ok: [172.16.1.10] changed: [172.16.1.5] TASK [nginx : copy conf file] ********************************************************** changed: [172.16.1.10] changed: [172.16.1.5] TASK [nginx : reload nginx] ************************************************************ changed: [172.16.1.10] changed: [172.16.1.5] TASK [nginx : start nginx] ************************************************************* changed: [172.16.1.5] ok: [172.16.1.10] TASK [nginx : ip_forward] ************************************************************** changed: [172.16.1.5] changed: [172.16.1.10] RUNNING HANDLER [keepalived : restart keepalived server] ******************************* changed: [172.16.1.5] changed: [172.16.1.10] PLAY [websrvs] ************************************************************************* TASK [Gathering Facts] ***************************************************************** ok: [172.16.1.6] ok: [172.16.1.3] TASK [amp : install apache-php-mysql some package on CentOS 6] ************************* skipping: [172.16.1.3] => (item=[]) skipping: [172.16.1.6] => (item=[]) TASK [amp : install apache-php-mysql some package on CentOS 7] ************************* ok: [172.16.1.6] => (item=[u'httpd', u'mariadb-server', u'php-fpm', u'php-mysql']) changed: [172.16.1.3] => (item=[u'httpd', u'mariadb-server', u'php-fpm', u'php-mysql']) TASK [amp : start apm server] ********************************************************** skipping: [172.16.1.3] => (item=httpd) skipping: [172.16.1.3] => (item=mysqld) skipping: [172.16.1.6] => (item=httpd) skipping: [172.16.1.6] => (item=mysqld) TASK [amp : start apm server] ********************************************************** changed: [172.16.1.6] => (item=httpd) changed: [172.16.1.3] => (item=httpd) changed: [172.16.1.6] => (item=mariadb) changed: [172.16.1.3] => (item=mariadb) PLAY [memcached1] ********************************************************************** TASK [Gathering Facts] ***************************************************************** ok: [172.16.1.10] TASK [memcached1 : install memcached] ************************************************** ok: [172.16.1.10] TASK [memcached1 : start memcached] **************************************************** changed: [172.16.1.10] PLAY [memcached] *********************************************************************** TASK [Gathering Facts] ***************************************************************** ok: [172.16.1.6] ok: [172.16.1.3] TASK [memcached : install memcached php session] *************************************** ok: [172.16.1.3] ok: [172.16.1.6] TASK [memcached : transfer php session conf] ******************************************* changed: [172.16.1.3] changed: [172.16.1.6] TASK [memcached : reload httpd] ******************************************************** changed: [172.16.1.6] changed: [172.16.1.3] TASK [memcached : copy sessstore file] ************************************************* changed: [172.16.1.6] changed: [172.16.1.3] TASK [memcached : copy discuz file] **************************************************** changed: [172.16.1.6] changed: [172.16.1.3] TASK [memcached : tar discuz] ********************************************************** changed: [172.16.1.6] changed: [172.16.1.3] PLAY RECAP ***************************************************************************** 172.16.1.10 : ok=14 changed=8 unreachable=0 failed=0 172.16.1.3 : ok=10 changed=7 unreachable=0 failed=0 172.16.1.5 : ok=11 changed=10 unreachable=0 failed=0 172.16.1.6 : ok=10 changed=6 unreachable=0 failed=0
測試沒問題,查看緩存頁面是否成功,顯示沒問題。
開始運行
ansible-playbook zrs.yml
客戶端查看,成功。