- hosts: #這裏根據自己的需要修改成要被操作的遠程主機
#備註: 目前公司tomcat用了3個版本,根據自己的需求修改參數;
# apache-tomcat-7.0.78.tar.gz --對應的解壓包名:apache-tomcat-7.0.78
# apache-tomcat-8.5.15.tar.gz --對應的解壓包名:apache-tomcat-8.5.15
# apache-tomcat-8.5.41-new.tar.gz --對應的解壓包名:apache-tomcat-8.5.41
# 我們這裏以安裝第三個版本爲例
vars:
tomcat_tar_verion: apache-tomcat-8.5.41-new.tar.gz
tomcat_untar_version: apache-tomcat-8.5.41
tomcat_home: /usr/local/apache-tomcat-8.5.41
tasks:
- name: copy and unzip the tar.gz #解壓安裝
unarchive: src="/home/tools/{{tomcat_tar_verion}}" dest=/usr/local
- name: modify its server.xml of first step. #根據需求對telnet管理端口進行保護
lineinfile:
path: "{{tomcat_home}}/conf/server.xml"
regexp: '^(.*)\<Server port=\"8005\" shutdown=\"SHUTDOWN\"\>'
line: <Server port="8805" shutdown="SHUTDOWN"> #修改默認的8005管理端口爲不易猜測的端口(大於1024);修改SHUTDOWN指令爲其他字符串;
- name: modify its server.xml of second step. #根據需求對ajp連接端口進行保護
lineinfile:
path: "{{tomcat_home}}/conf/server.xml"
regexp: '^(.*)\<Connector port=\"8009\" protocol=\"AJP\/1.3\" redirectPort=\"8443\" \/\>'
line: <Connector port="8809" protocol="AJP/1.3" redirectPort="8443" /> #1.修改默認的ajp 8009端口爲不易衝突的大於1024端口;2.通過iptables規則限制ajp端口訪問的權限僅爲線上機器
- name: delete the defalut files TOMCAT_HOME/conf/tomcat-users.xml #根據需求禁用管理端
file: dest="{{tomcat_home}}/conf/tomcat-users.xml" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/docs #根據需求禁用管理端
file: dest="{{tomcat_home}}/webapps/docs" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/examples #根據需求禁用管理端
file: dest="{{tomcat_home}}/webapps/examples" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/host-manager #根據需求禁用管理端
file: dest="{{tomcat_home}}/webapps/host-manager" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/manager #根據需求禁用管理端
file: dest="{{tomcat_home}}/webapps/manager" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/ROOT #根據需求禁用管理端
file: dest="{{tomcat_home}}/webapps/ROOT" state=absent
- name: startup tomcat service #啓動剛剛部署的tomcat
shell: nohup "{{tomcat_home}}/bin/catalina.sh"
- name: check install tomcat successfully or not. #檢查tomcat安裝部署啓動是否成功
shell: ps -ef |grep "{{tomcat_untar_version}}"
ansible-playbook: Centos 環境下用Ansible批量安裝部署Tomcat
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.