ansbile--playbook剧本案例

通过ansible批量管理三台服务器,使三台服务器实现备份,web01、nfs、backup,把web和nfs上的重要文件被分到backup上,主机ip地址分配如下

Character

IP地址

IP地址

主机名

Rsync--server

172.16.1.41

10.0.0.41

backup-rsync-41

NFS-client

172.16.1.31

10.0.0.31

Nfs01-31

Web01

172.16.1.7

10.0.0.7

web01-7

在m01上操作,编写ansible清单和剧本 目录规划: 我们把所有的yaml文件都放在/playbook目录下,配置文件都放在/paly/conf目录下,脚本都放在/playbook/scripts目录下。

[root@m01-61 /]# mkdir /playbook/{conf,scripts}
[root@m01-61 /]# cat /etc/ansible/hosts     ---主机清单
[nfs]
172.16.1.31 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa

[web]
172.16.1.7 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa

[backup]
172.16.1.41 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa

[host:children]
nfs
web
backup

构建基础的剧本,所有的服务器都应用这个剧本

1,基础的额优化,关闭firewalld和selinux,修改ssh,修改dns的文件

2,安装构建epel源

3,安装nfs和rsyn服务

4,创建UID和GID为666的www用户

5,创建rsync推送使用的密钥文件

6,创建一个共同存放脚本的路径

7,创建备份的脚本,编写定时任务

[root@m01-61 /]# cd /playbook/
[root@m01-61 playbook]# cat base.yaml 
#zhe shi yi ge ji chu
- hosts: all
  tasks:

#    - name: stop firewall
    - name: Install Epel repos
      get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
# ssh firewall selinux hosts
    - name: Dns client file
      copy: src=./conf/resolv.conf dest=/etc/resolv.conf

    - name: Install service rsync nfs-utils
      yum: name=rsync,nfs-utils state=installed

    - name: create group 
      group: name=www gid=666

    - name: creat user
      user: name=www uid=666 group=www create_home=no shell=/sbin/nologin

    - name: rsync passwd file
      copy: content='1' dest=/etc/rsync.pass mode=0600

    - name: creat /server/scripts
      file: path=/server/scripts state=directory recurse=yes 

    - name: copy scripts
      copy: src=./scripts/client_rsync_backup.sh dest=/server/scripts/client_rsync_backup.sh

    - name: crontab sh /server/scripts/client_rsync_backup.sh
      cron: name="backup scripts" minute=0 hour=1 job="/usr/bin/bash /server/scripts/client_rsync_backup.sh &> /dev/null "

关闭backup的剧本

1,配置邮件服务,推送校验客户端推送是否完整,并发送邮件

2,创建backup和data目录

3,生成rsync的配置文件, 和密码文件

4,当rsync配置文件修改的时候,自动重启服务

5,每天晚上校验托送过来的备份数据是不是完整

[root@m01-61 playbook]# cat rsync.yaml 
- hosts: backup
  tasks:

    - name: install mailx
      yum: name=mailx state=installed

    - name: configure rsync
      copy: src=conf/rsyncd.conf dest=/etc/rsyncd.conf
      notify: Restart rsync service

    - name: create dir /data
      file: path=/data state=directory owner=www group=www 

    - name: create dir /backup
      file: path=/backup state=directory owner=www group=www

    - name: create file rsync passwd
      copy: content='rsync_backup:1' dest=/etc/rsync.password motd=0600

    - name: configure mail
      copy: src=./conf/mail.rc dest=/etc/mail.rc

    - name: copt scripts check
      copy: src=./scripts/check_backup.sh dest=/server/scripts/check_backup.sh

    - name: cron root
      cron: name="check client backup" minute=0 hour=2 job='/usr/bin/bash /server/scripts/check_backup.sh &> /dev/null'

    - name: start rsync
      service: name=rsyncd state=started

  handlers:
    - name: Restart rsync service
      service: name=rsyncd state=restarted

[root@m01-61 playbook]# cat ./conf/rsyncd.conf 
uid = www
gid = www
port = 873
fake super = yes 
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.password
log file = /var/log/rsyncd.log
[backup]
comment = welcome to backup!
path = /backup
[data]
path = /data      

编写nfs的配置文件

1,配置nfs配置文件,然后编写一旦配置文件发生改变就重启服务

2,配置sersync服务,使一更改配置文件服务就杀死上次的进程,然后重启服务

[root@m01-61 playbook]# cat nfs.yaml 
- hosts: nfs
  tasks:

    - name: copy sersync
      copy: src=./conf/sersync dest=/usr/local recurse=yes mode=755 
      notify: statr sersync

    - name: create /data
      file: path=/data state=directory owner=www group=www

    - name: create nfs file
      copy: src=./conf/exports dest=/etc/exports
      notify: restart nfs service

    - name: start rpcbind rsync
      service: name=rpcbind state=started enabled=yes

    - name: statrt nfs start
      service: name=nfs-server state=started enabled=yes

  handlers:
    - name: restart nfs service
      service: name=nfs state=restarted

    - name: statr sersync
      shell: " ps aux | grep [s]ersync | awk '{print \"kill -9\"$2}' | bash && /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml"

配置web剧本

[root@m01-61 playbook]# cat web_nfs.yaml 
- hosts: web
  tasks:

    - name: mount nfs
      mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted

把所有的剧本合到一起来执行

[root@m01-61 playbook]# cat all.yaml 
- import_playbook: /playbook/base.yaml
- import_playbook: /playbook/rsync.yaml
- import_playbook: /playbook/nfs.yaml
- import_playbook: /playbook/web_nfs.yaml 

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

扫码关注云+社区

领取腾讯云代金券