Ansible与Apache练习

最新推荐文章于 2025-03-16 00:15:00 发布

原创最新推荐文章于 2025-03-16 00:15:00 发布 · 316 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#linux #apache

基础作业专栏收录该内容

29 篇文章

订阅专栏

练习：使用ansible的playbook实现自动化安装httpd

第一步：基于key验证

[21:34:39 root@Ansible ~]#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Us6YpJvQsZa2CPpmn4IMDKAXY3ZMRAG5UM0go5rCj9s root@Ansible
The key's randomart image is:
+---[RSA 3072]----+
|o.+@=.           |
|+o* =            |
|++ =. . .        |
|=.o. * *         |
|Bo. B + S        |
|+oo= + .         |
|+o..+            |
|.o*  .           |
| +.Eo            |
+----[SHA256]-----+

将公钥拷贝至对应主机192.168.33.131

[21:36:07 root@Ansible ~]#ssh-copy-id 192.168.33.131
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@192.168.33.131's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.33.131'"
and check to make sure that only the key(s) you wanted were added.

验证：

[21:39:10 root@Ansible ~]#ssh 192.168.33.131
Activate the web console with: systemctl enable --now cockpit.socket

Last failed login: Tue Sep  8 21:37:11 CST 2020 from 192.168.33.129 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Tue Sep  8 21:31:07 2020 from 192.168.33.1

在运行playbook之前要将管理主机写入ansible的hosts文件中

[21:44:20 root@Ansible /etc/ansible]#vim hosts
[webservers]
192.168.33.131

# 测试
[21:43:57 root@Ansible /etc/ansible]#ansible webservers -m ping
192.168.33.131 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}
# 对方主机可以ping通

编写playbook

[21:50:33 root@Ansible ~]#cat http_install.yml 
---
  - hosts: webservers
    remote_user: root

    tasks:
      - name: 安装http包
        yum: name=httpd
      - name: 运行httpd
        service: name=httpd state=started enabled=yes

检查语法

[21:51:35 root@Ansible ~]#ansible-playbook -C http_install.yml 

PLAY [webservers] ***************************************************************************

TASK [Gathering Facts] **********************************************************************
ok: [192.168.33.131]

TASK [安装http包] ******************************************************************************
changed: [192.168.33.131]

TASK [运行httpd] ******************************************************************************
changed: [192.168.33.131]

PLAY RECAP **********************************************************************************
192.168.33.131             : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

运行playbook

[21:55:58 root@Ansible ~]#ansible-playbook http_install.yml 

PLAY [webservers] ***************************************************************************

TASK [Gathering Facts] **********************************************************************
ok: [192.168.33.131]

TASK [安装http包] ******************************************************************************
ok: [192.168.33.131]

TASK [运行httpd] ******************************************************************************
changed: [192.168.33.131]

PLAY RECAP **********************************************************************************
192.168.33.131             : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

检查目标主机httpd的80端口是否打开

[21:55:21 root@centos8 ~]#ss -ntl
LISTEN      0           128                           *:80                        *:*

成功

2、建立httpd服务器，要求提供两个基于名称的虚拟主机:

(1)www.X.com，页面文件目录为/web/vhosts/x;错误日志为/var/log/httpd/x.err，访问日志为/var/log/httpd/x.access

第一步：建立对应的文件路径

[00:10:55 root@centos8 /etc/httpd]#mkdir /web/vhosts/{x,y} -p
[00:13:08 root@centos8 /var/log/httpd]#touch x.{err,access}

(2)www.Y.com，页面文件目录为/web/vhosts/y;错误日志为 /var/log/httpd/www2.err，访问日志为/var/log/httpd/y.access

第一步：建立对应的文件路径

[00:10:55 root@centos8 /etc/httpd]#mkdir /web/vhosts/{x,y} -p
[00:13:29 root@centos8 /var/log/httpd]#touch www2.err y.access

(3)为两个虚拟主机建立各自的主页文件index.html，内容分别为其对应的主机名

第一步：将主机名写入对应主页文件

[00:15:31 root@centos8 /etc/httpd]#echo www.X.com > /web/vhosts/x/index.html
[00:15:55 root@centos8 /etc/httpd]#echo www.Y.com > /web/vhosts/y/index.html

第二步：在目录/etc/httpd/conf.d路径下建立配置文件vhosts.conf

<VirtualHost *:80>
ServerName www.X.com
DocumentRoot "/web/vhosts/x"
CustomLog "/var/log/httpd/x.access" combined
ErrorLog "/var/log/httpd/x.err"
<Directory "/web/vhosts/x">
 Require all granted
</Directory>
</VirtualHost>


<VirtualHost *:80>
ServerName www.Y.com
DocumentRoot "/web/vhosts/y"
CustomLog "/var/log/httpd/y.access" combined
ErrorLog "/var/log/httpd/www2.err"
<Directory "/web/vhosts/y">
 Require all granted
</Directory>
</VirtualHost>

测试配置文件语法

[00:23:21 root@centos8 /etc/httpd/conf.d]#httpd -t
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using centos8.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK

重启服务

[00:23:27 root@centos8 /etc/httpd/conf.d]#systemctl restart httpd

检测：在另一台主机上通过配置hosts文件，将www.X.com 和 www.Y.com 都解析到httpd服务器ip上

[00:26:23 root@Ansible ~]#vim /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.33.131 www.X.com www.Y.com

测试：

[00:27:30 root@Ansible ~]#curl www.X.com
www.X.com
[00:27:38 root@Ansible ~]#curl www.Y.com
www.Y.com
# 成功