- hosts: #这里根据自己的需要修改成要被操作的远程主机
#备注: 目前公司tomcat用了3个版本,根据自己的需求修改参数;
# apache-tomcat-7.0.78.tar.gz --对应的解压包名:apache-tomcat-7.0.78
# apache-tomcat-8.5.15.tar.gz --对应的解压包名:apache-tomcat-8.5.15
# apache-tomcat-8.5.41-new.tar.gz --对应的解压包名:apache-tomcat-8.5.41
# 我们这里以安装第三个版本为例
vars:
tomcat_tar_verion: apache-tomcat-8.5.41-new.tar.gz
tomcat_untar_version: apache-tomcat-8.5.41
tomcat_home: /usr/local/apache-tomcat-8.5.41
tasks:
- name: copy and unzip the tar.gz #解压安装
unarchive: src="/home/tools/{{tomcat_tar_verion}}" dest=/usr/local
- name: modify its server.xml of first step. #根据需求对telnet管理端口进行保护
lineinfile:
path: "{{tomcat_home}}/conf/server.xml"
regexp: '^(.*)\<Server port=\"8005\" shutdown=\"SHUTDOWN\"\>'
line: <Server port="8805" shutdown="SHUTDOWN"> #修改默认的8005管理端口为不易猜测的端口(大于1024);修改SHUTDOWN指令为其他字符串;
- name: modify its server.xml of second step. #根据需求对ajp连接端口进行保护
lineinfile:
path: "{{tomcat_home}}/conf/server.xml"
regexp: '^(.*)\<Connector port=\"8009\" protocol=\"AJP\/1.3\" redirectPort=\"8443\" \/\>'
line: <Connector port="8809" protocol="AJP/1.3" redirectPort="8443" /> #1.修改默认的ajp 8009端口为不易冲突的大于1024端口;2.通过iptables规则限制ajp端口访问的权限仅为线上机器
- name: delete the defalut files TOMCAT_HOME/conf/tomcat-users.xml #根据需求禁用管理端
file: dest="{{tomcat_home}}/conf/tomcat-users.xml" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/docs #根据需求禁用管理端
file: dest="{{tomcat_home}}/webapps/docs" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/examples #根据需求禁用管理端
file: dest="{{tomcat_home}}/webapps/examples" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/host-manager #根据需求禁用管理端
file: dest="{{tomcat_home}}/webapps/host-manager" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/manager #根据需求禁用管理端
file: dest="{{tomcat_home}}/webapps/manager" state=absent
- name: delete all the defalut files under the TOMCAT_HOME/webapps/ROOT #根据需求禁用管理端
file: dest="{{tomcat_home}}/webapps/ROOT" state=absent
- name: startup tomcat service #启动刚刚部署的tomcat
shell: nohup "{{tomcat_home}}/bin/catalina.sh"
- name: check install tomcat successfully or not. #检查tomcat安装部署启动是否成功
shell: ps -ef |grep "{{tomcat_untar_version}}"
ansible-playbook: Centos 环境下用Ansible批量安装部署Tomcat
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章