一 haproxy角色
1 點睛
haproxy角色主要實現了haproxy平臺的部署、配置功能。
2 roles/haproxy/tasks
---
# This role installs HAProxy and configures it.
- name: Download and install haproxy and socat
yum: name={{ item }} state=present
with_items:
- haproxy
- socat
- name: Configure the haproxy cnf file with hosts
template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg
3 說明
任務(tasks)定義了兩個功能,一爲安裝,二爲同步配置文件, 安裝使用了yum模塊,循環安裝haproxy、socat兩個工具,同時根據配置參數渲染roles/haproxy/templates/haproxy.cfg.j2模板文件,完成後同步到目標
主機/etc/haproxy/haproxy.cfg位置,狀態發生變化時重啓haproxy 服務,使之生效。
4 roles/haproxy/templates/haproxy.cfg.j2
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user root
group root
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats level admin
defaults
mode {{ mode }}
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
backend app
{% for host in groups['lbservers'] %}
listen {{ daemonname }} {{ hostvars[host]['ansible_' + iface].ipv4.address }}:{{ listenport }}
{% endfor %}
balance {{ balance }}
{% for host in groups['webservers'] %}
server {{ hostvars[host].ansible_hostname }} {{ hostvars[host]['ansible_' + iface].ipv4.address }}:{{ httpd_port }}
{% endfor %}
{{hostvars[host]['ansible_'+iface].ipv4.address}}實現了獲取網卡名變量iface(group_vars/lbservers中定義)的IPv4 IP地址。
二 web角色
1 點睛
web角色主要實現了php、php-mysql、git平臺部署及SELinux的配 置功能。
2 roles/web/tasks/main.yml
---
# This will install nagios
- name: install nagios
yum: pkg={{ item }} state=present
with_items:
- nagios
- nagios-plugins
- nagios-plugins-nrpe
- nagios-plugins-ping
- nagios-plugins-ssh
- nagios-plugins-http
- nagios-plugins-mysql
- nagios-devel
notify: restart httpd
- name: create nagios config dir
file: path=/etc/nagios/ansible-managed state=directory
- name: configure nagios
copy: src=nagios.cfg dest=/etc/nagios/nagios.cfg
notify: restart nagios
- name: configure localhost monitoring
copy: src=localhost.cfg dest=/etc/nagios/objects/localhost.cfg
notify: restart nagios
- name: configure nagios services
copy: src=ansible-managed-services.cfg dest=/etc/nagios/
- name: create the nagios object files
template: src={{ item + ".j2" }}
dest=/etc/nagios/ansible-managed/{{ item }}
with_items:
- webservers.cfg
- dbservers.cfg
- lbservers.cfg
notify: restart nagios
- name: start nagios
service: name=nagios state=started enabled=yes
判斷sestatus變量(roles/common/tasks/main.yml中定義)返回的 rc(運行代碼)不等於0(失敗),則配置selinux httpd訪問遠程數據庫的權限,使用的是Ansible的seboolean模塊,該條語句等價於命令 行“setsebool httpd_can_network_connect_db 1”,其中“persistent=yes”表 示開機自啓動。
三 nagios角色
1 點睛
nagios角色主要實現了nagios監控平臺的部署。
2 roles/nagios/tasks/main.yml
---
# This will install nagios
- name: install nagios
yum: pkg={{ item }} state=present
with_items:
- nagios
- nagios-plugins
- nagios-plugins-nrpe
- nagios-plugins-ping
- nagios-plugins-ssh
- nagios-plugins-http
- nagios-plugins-mysql
- nagios-devel
notify: restart httpd
- name: create nagios config dir
file: path=/etc/nagios/ansible-managed state=directory
- name: configure nagios
copy: src=nagios.cfg dest=/etc/nagios/nagios.cfg
notify: restart nagios
- name: configure localhost monitoring
copy: src=localhost.cfg dest=/etc/nagios/objects/localhost.cfg
notify: restart nagios
- name: configure nagios services
copy: src=ansible-managed-services.cfg dest=/etc/nagios/
- name: create the nagios object files
template: src={{ item + ".j2" }}
dest=/etc/nagios/ansible-managed/{{ item }}
with_items:
- webservers.cfg
- dbservers.cfg
- lbservers.cfg
notify: restart nagios
- name: start nagios
service: name=nagios state=started enabled=yes
template分發多個模板文件時可以使用with_items來循環同步,變量與字符使用“+”號連接。