1、ansible-playbook实现MySQL的二进制部署
1.1安装ansible,主机之间免验证
#安装ansible
[root@centos8-1 ~]# yum install ansible
[root@centos8-1 ~]# vim /etc/ansible/hosts
#最后加上
[mysqlservers]
10.0.0.151
10.0.0.152
[root@centos8-1 ~]# ansible mysqlservers --list
hosts (2):
10.0.0.151
10.0.0.152
#主机之间免验证
[root@centos8-1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ou5Z0v3CjITAb+eaz2Yn6mBfLXJgEVFYVu+odPYg5x0 root@centos8-1
+---[RSA 3072]----+
| o=+.. |
| .o . |
| . . . |
| o . o |
| oo.+ S E |
| .+=o@ + . |
| o.++B++ o |
| . + X*.=. |
| oX*oo .. |
+----[SHA256]-----+
[root@centos8-1 ~]# ssh-copy-id 10.0.0.151
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.151 (10.0.0.151)' can't be established.
ECDSA key fingerprint is SHA256:c8KFZLIKWbi2ICVsC2y16cWPRk9KzxPoqHpm8c58xQs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.151's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.151'"
and check to make sure that only the key(s) you wanted were added.
[root@centos8-1 ~]# ssh-copy-id 10.0.0.152
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.152 (10.0.0.152)' can't be established.
ECDSA key fingerprint is SHA256:c8KFZLIKWbi2ICVsC2y16cWPRk9KzxPoqHpm8c58xQs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.152's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.152'"
and check to make sure that only the key(s) you wanted were added.
1.2创建二进制安装所需的文件
#创建二进制安装所需的文件
[root@centos8-1 ~]# mkdir -p /data/ansible/files
[root@centos8-1 ~]# #vim /data/ansible/files/my.cnf
[mysqld]
datadir=/data/mysql
skip_name_resolve=1
socket=/tmp/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
[root@centos8-1 ~]# vim /data/ansible/files/secure_mysql.sh
#!/bin/bash
passwd=`grep "temporary password" /data/mysql/mysql.log|sed -nr 's/^.*\: (.*)$/\1/p'`
mysqladmin -uroot -p`echo $passwd` password magedu
expect <<EOF
spawn /usr/local/mysql/bin/mysql_secure_installation
expect {
"Enter password for user root:" {send magedu\n;exp_continue}
"Press y|Y for Yes, any other key for No:" {send n\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
"Press y|Y for Yes, any other key for No" {send y\n;exp_continue}
}
expect eof
EOF
[root@centos8-1 ~]# tree /data/ansible/files/
/data/ansible/files/
├── my.cnf
├── mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz
└── secure_mysql.sh
0 directories, 3 files
1.3创建playbook
[root@ansible ~]#vim /data/ansible/install_mysql.yml
---
#insatll mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz
- hosts: dbservers
remote_user: root
gather_facts: no
tasks:
- name: istall packages
yum: name=mysql,libaio,perl-Data-Dumper,perl-Getopt-Long,expect,ncurses-compat-libs
- name: create mysql group
group: name=mysql gid=306
- name: create mysql user
user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
- name: copy tar to remote host and file mode
unarchive: src=/data/ansible/files/mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz dest=/usr/local/ owner=root group=root
- name: create linkfile /usr/local/mysql
file: src=/usr/local/mysql-8.0.19-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
- name: PATH variable
shell: echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh;source /etc/profile.d/mysql.sh
- name: config my.cnf
copy: src=/data/ansible/files/my.cnf dest=/etc/my.cnf
- name: data dir
shell: mysqld --initialize --user=mysql --datadir=/data/mysql
tags: data
- name: service script
shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
- name: enable service
shell: /etc/init.d/mysqld start;chkconfig --add mysqld;chkconfig mysqld on
tags: service
- name: secure script
script: /data/ansible/files/secure_mysql.sh
tags: script
1.4执行playbook并测试
[root@centos8-1 ~]# ansible-playbook /data/ansible/install_mysql.yml
PLAY [mysqlservers] ******************************************************************************************************************************************************************************
TASK [install package] ***************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [create mysql group] ************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [create mysql user] *************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [copy tar to remote host and file mode] *****************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [create linkfile /usr/local/mysql] **********************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [PATH variable] *****************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [config my.cnf] *****************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [data dir] **********************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [service script] ****************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [enable service] ****************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
TASK [secure script] *****************************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
PLAY RECAP ***************************************************************************************************************************************************************************************
10.0.0.151 : ok=11 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.152 : ok=11 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#验证
[root@centos8-2 ~]# mysql -uroot -pmagedu
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 8.0.19 MySQL Community Server - GPL
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
#验证
[root@centos8-3 ~]# mysql -uroot -pmagedu
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 8.0.19 MySQL Community Server - GPL
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
2、Ansible playbook实现apache批量部署,并对不同主机提供以各自IP地址为内容的index.html
2.1创建apache列表和httpd角色目录
[root@centos8-1 ~]# vim /etc/ansible/hosts
[apache]
10.0.0.151
10.0.0.152
[root@centos8-1 ~]# ansible apache --list
hosts (2):
10.0.0.151
10.0.0.152
[root@centos8-1 ~]# mkdir -pv /data/ansible/roles/httpd
mkdir: created directory '/data/ansible'
mkdir: created directory '/data/ansible/roles'
mkdir: created directory '/data/ansible/roles/httpd'
[root@centos8-1 ~]# mkdir -pv /data/ansible/roles/httpd/tasks
mkdir: created directory '/data/ansible/roles/httpd/tasks'
2.2 创建httpd角色相关文件
[root@centos8-1 ~]# cd /data/ansible/roles/httpd/tasks
[root@centos8-1 tasks]# vim main.yml
- include: group.yml
- include: user.yml
- include: install.yml
- include: index.yml
- include: service.yml
[root@centos8-1 tasks]# vim group.yml
- name: create group
group: name=apache system=yes gid=80
[root@centos8-1 tasks]# vim user.yml
- name: create apache-user
user: name=apache group=apache system=yes uid=80 shell=/sbin/nologin home=/var/www/
[root@centos8-1 tasks]# vim index.yml
- name: index.html
file: path=/var/www/html/index.html state=touch
- name: echo index.html
shell: echo `hostname -I` > /var/www/html/index.html
[root@centos8-1 tasks]# vim service.yml
- name: start service
service: name=httpd state= enable=yes
[root@centos8-1 tasks]# vim install.yml
- name: install httpd
yum: name=httpd
2.3 playbook调用httpd角色
[root@centos8-1 tasks]# cd /data/ansible/
[root@centos8-1 ansible]# vim httpd.yml
---
- hosts: apache
remote_user: root
gather_facts: no
roles:
- httpd
2.4 运行playbook
[root@centos8-1 ansible]# ansible-playbook httpd.yml
PLAY [apache] ************************************************************************************************************************************************************************************
TASK [httpd : create group] **********************************************************************************************************************************************************************
changed: [10.0.0.152]
changed: [10.0.0.151]
TASK [httpd : create apache-user] ****************************************************************************************************************************************************************
changed: [10.0.0.152]
changed: [10.0.0.151]
TASK [install httpd] *****************************************************************************************************************************************************************************
changed: [10.0.0.152]
changed: [10.0.0.151]
TASK [httpd : index.html] ************************************************************************************************************************************************************************
changed: [10.0.0.152]
changed: [10.0.0.151]
TASK [httpd : echo index.html] *******************************************************************************************************************************************************************
changed: [10.0.0.152]
changed: [10.0.0.151]
TASK [httpd : start service] *********************************************************************************************************************************************************************
changed: [10.0.0.151]
changed: [10.0.0.152]
PLAY RECAP ***************************************************************************************************************************************************************************************
10.0.0.151 : ok=6 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.0.0.152 : ok=6 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
2.5验证
[root@centos8-3 ~]# curl 10.0.0.151
10.0.0.151
[root@centos8-3 ~]# curl 10.0.0.152
10.0.0.152
3、http的报文结构和状态码总结
请求报文
开始行(即请求行):方法 URL 版本
首部行:首部字段名:值
空格
实体主体
响应报问
开始行(即状态行):HTTP版本 状态码 解释状态码的短语
首部行:首部字段名:值
空格
实体主体
状态码总结
1xx:100-101 信息提示
2xx:200-206 成功
3xx:300-307 重定向
4xx:400-415 错误类信息,客户端错误
5xx:500-505 错误类信息,服务器错误
常用状态码
200:成功,请求数据通过响应报文的entity-body部分发送;OK
310:请求的URL指向的资源已经被删除,但在响应报文中通过首部Location指明了资源现在所处的新位置;Moved Permanently
302:响应报文Location指明资源临时新位置;Moved Temporarily
304:客户端发出了条件式请求,但服务器上的资源未曾发生改变,则通过响应此响应状态码通知客户端;Not Modified
307:浏览器内部重定向
401:需要输入账号和密码认证方能访问资源;Unauthorized
403:请求被禁止;Forbidden
404:服务器无法找到客户端请求的资源;Not Found
500:服务器内部错误;Internal Server Error
502:代理服务器从后端服务器收到了一条伪响应,如无法连接到网关;Bad Gateway
503:服务器不可用,临死服务器维护或过载,服务器无法处理请求
504:网关超时
