剧本---Ansible实现自动化安装MariaDB

创建剧本

构建思路,生成目录树

[[email protected] ansible]# tree
.
├── ansible.cfg
├── hostname.yml
├── hosts
├── mariadb.yml
├── role_mariadb.retry
├── role_mariadb_threng.yml
├── role_mariadb.yml
└── roles
    ├── mariadb
    │?? ├── files
    │?? │?? └── mariadb.tar.gz
    │?? └── tasks
    │??     ├── config1.yml
    │??     ├── config2.yml
    │??     ├── config3.yml
    │??     ├── data.yml
    │??     ├── dir.yml
    │??     ├── early.yml
    │??     ├── group.yml
    │??     ├── link.yml
    │??     ├── main.yml
    │??     ├── owner.yml
    │??     ├── path.yml
    │??     ├── source.yml
    │??     ├── start1.yml
    │??     ├── start2.yml
    │??     ├── start3.yml
    │??     ├── unpack.yml
    │??     └── user.yml
    └── mariadb_streng
        ├── files
        │?? └── mariadb.exp
        └── tasks
            ├── main.yml
            ├── streng.yml
            └── thening.yml

7 directories, 29 files

初期准备

1、创建好目录文件
   [[email protected] ansible]# mkdir roles/{mariadb/{files,tasks},mariadb_streng{files,tasks}}

2、将下载好的mariadb压缩包放在角色目录files下,以便ansible服务器可以通过copy模块拷贝到客户端

安装必要的包,避免出错:early.yml

[[email protected] mariadb]# cat tasks/early.yml
- name: on the early
  yum: name=expect,libaio

创建组:group.yml

[[email protected] mariadb]# cat tasks/group.yml
---
# Group mysql
- name: Group
  group: name=mysql gid=336 system=yes

创建用户:user.yml

[[email protected] mariadb]# cat tasks/user.yml
---
# User
- name: User
  user: name=mysql uid=336 group=mysql system=yes home=/data/mysql shell=/sbin/nologin

解压:unpack.yml

[[email protected] mariadb]# cat tasks/unpack.yml
---
# Unpack
- name: Unpack mariadb
  unarchive: src=/etc/ansible/roles/mariadb/files/mariadb.tar.gz dest=/usr/local copy=yes

创建硬链接:link.yml

[[email protected] mariadb]# cat tasks/link.yml
---
# Link
- name: create link
  file: src=/usr/local/mariadb-10.2.23-linux-x86_64/ dest=/usr/local/mysql state=link

给目录以及子文件添加属主属组:owner.yml

[[email protected] mariadb]# cat tasks/owner.yml
---
# owner group
- name: owner group
  file: path=/usr/local/mysql owner=root group=root recurse=yes state=directory

添加PATH变量:path.yml

[[email protected] mariadb]# cat tasks/path.yml
- name: PATH
  shell: echo PATH=/usr/local/mysql/bin:$PATH >/etc/profile.d/mysql.sh

PATH变量生成:source.yml

[[email protected] mariadb]# cat tasks/source.yml
- name: source
  shell: source /etc/profile.d/mysql.sh

准备数据库数据目录:dir.yml

[[email protected] mariadb]# cat tasks/dir.yml
- name: directory
  file: path=/data/mysql state=directory owner=mysql group=mysql

生成数据目录:data.yml

[[email protected] mariadb]# cat tasks/data.yml
- name: data
  shell: /usr/local/mysql/scripts/mysql_install_db --datadir=/data/mysql --user=mysql

生成配置文件:config{1,2,3}.yml

[[email protected] mariadb]# cat tasks/config1.yml
- name: config
  file: path=/etc/mysql state=directory

[[email protected] mariadb]# cat tasks/config2.yml
- name: config2
  copy: src=/usr/local/mysql/support-files/my-huge.cnf dest=/etc/mysql/my.cnf remote_src=yes

[[email protected] mariadb]# cat tasks/config3.yml
- name: config3
  lineinfile: dest=/etc/mysql/my.cnf insertafter="^\[mysqld\]"  line="datadir=/data/mysql"

启动剧本:start{1,2,3}.yml

[[email protected] mariadb]# cat tasks/start1.yml
- name: start1
  copy: src=/usr/local/mysql/support-files/mysql.server dest=/etc/init.d/mysqld remote_src=yes

[[email protected] mariadb]# cat tasks/start2.yml
- name: start2
  shell: chkconfig --add mysqld

[[email protected] mariadb]# cat tasks/start3.yml
- name: service
  service: name=mysqld state=started

主文件main.yml,对剧本任务进行排序

[[email protected] ansible]# cat roles/mariadb/tasks/main.yml
- include: early.yml
- include: group.yml
- include: user.yml
- include: unpack.yml
- include: link.yml
- include: owner.yml
- include: path.yml
- include: source.yml
- include: dir.yml
- include: data.yml
- include: config1.yml
- include: config2.yml
- include: config3.yml
- include: start1.yml
- include: start2.yml
- include: start3.yml

角色剧本

[[email protected] ansible]# cat role_mariadb.yml
---
- hosts: all

  roles:
    - role: mariadb

执行角色剧本,开始剧本表演

[[email protected] ansible]# ansible-playbook role_mariadb.yml

编写mysql安全加固剧本

编写expect脚本,实现一键安全加固

[[email protected] ~]# vim /etc/ansible/roles/mariadb_streng/files/mariadb.exp
#!/usr/bin/expect
set timeout 60
#set password [lindex $argv 0]
spawn mysql_secure_installation
expect {
        "enter for none" { send "\r"; exp_continue}
        "Change the root password" { send "\r"; exp_continue}
        "New password" { send "123456\r"; exp_continue}
        "Re-enter new password" { send "123456\r"; exp_continue}
        "Remove anonymous users" { send "\r"; exp_continue}
        "Disallow root login remotely" { send "\r"; exp_continue}
        "Remove test database and access to it" { send "\r"; exp_continue}
        "Reload privilege tables now" { send "\r"; exp_continue}
        "Cleaning up" { send "\r"}
}
interact ‘ > mysql_secure_installation.exp

部署剧本任务

[[email protected] ansible]# cat roles/mariadb_streng/tasks/streng.yml
---
# strengthening
- name: streng
  copy: src=mariadb.exp dest=/root mode=u+x

[[email protected] ansible]# cat roles/mariadb_streng/tasks/thening.yml
---
# strengthening
- name: thening
  shell: /root/mariadb.exp

对剧本任务进行排序

[[email protected] ansible]# cat roles/mariadb_streng/tasks/main.yml
- include: streng.yml
- include: thening.yml

剧本主程序

[[email protected] ansible]# cat role_mariadb_threng.yml
- hosts: 192.168.36.101

  roles:
    - role: mariadb_streng

执行剧本主程序,实现安全加固

[[email protected] ansible]# ansible-playbook role_mariadb_threng.yml

PLAY [192.168.36.101] *********************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.36.101]

TASK [mariadb_streng : streng] ************************************************************************************
changed: [192.168.36.101]

TASK [mariadb_streng : thening] ***********************************************************************************
changed: [192.168.36.101]

PLAY RECAP ********************************************************************************************************
192.168.36.101             : ok=3    changed=2    unreachable=0    failed=0

原文地址:https://blog.51cto.com/12980155/2385744

时间: 2024-11-02 22:22:46

剧本---Ansible实现自动化安装MariaDB的相关文章

ansible roles 自动化安装

例:  ansible roles 自动化安装memcached 文件目录结构如下: cat memcached_role.yml - hosts: memcached remote_user: root roles: - memcached cat roles/memcached/vars/main.yml username: memcached groupname: memcached memcached_port: 11211 cat roles/memcached/templates/m

Kubernetes 和 Swarm 两种docker集群,基于ansible的自动化安装部署(已测)

Git repo: https://git.oschina.net/yonchin/k8s-x86_64/tree/master/x86?dir=1 注:系统是基于CentOS_7.2,ansible:2.1 简介: kube-ansible-install: 除了安装Kubernetes的主从外,还包括Kubernetes的addons(如dashboard.dns.fluentd-elasticsearch-kibana.heapster-influxdb-grafana等),还包含zabb

ansible实现lnamp自动化安装

简介 ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet.cfengine.chef.func.fabric)的优点,实现了批量系统配置.批量程序部署.批量运行命令等功能.ansible是基于模块工作的,本身没有批量部署的能力.真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架. ansible特点: 模块化,调用特定的模块,完成特定的任务: 基于Python语言实现,由Paramiko.PyYAML和Jinja2三个关键模

自动化运维工具ansible源码安装方法

1.首先查看python版本 [[email protected] ~]# python -V Python 2.6.6 注意安装ansible的时候,必须python的版本为2.6以上. 2.安装ansible 2.1 安装pycrypto模块 https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz # tar xvzf pycrypto-2.6.1.tar.gz # cd pycrypto-2.6.1

ansible介绍以及安装

ansible是个啥? ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet.cfengine.chef.func.fabric)的优点,实现了批量系统配置.批量程序部署.批量运行命令等功能.ansible是基于模块工作的,本身没有批量部署的能力.真正具有批量部署的是ansible所运行的模块,ansible只是提供一种框架.主要包括: (1).连接插件connection plugins:负责和被监控端实现通信: (2).host inventory:

ansible示例,离线安装etcd

一.基础介绍 ========================================================================================== 1.简介 ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet.cfengine.chef.func.fabric)的优点,实现了批量系统配置.批量程序部署.批量运行命令等功能.ansible是基于模块工作的,本身没有批量部署的能力.真正具有批量部署的是ansi

ansible 初探nginx安装

我的配置: /etc/hosts: /etc/ansible/hosts: nglinx安装包: ansible自动化安装nginx: 1.安装ansible. 2.创建目录结构: mkdir -p /ansible/roles/nginx/{defaults,files,handlers,meta,tasks,templates,vars} 3.install_nginx.sh: #!/bin/bash yum -y install zlib zlib-devel openssl openss

shell + ansible + gateone 自动化运维管理

目的: shell + ansible + gateone 自动化运维管理:最少的人工干预下,结合运用脚本与第三方工具,保证业务系统7*24小时高效稳定运行: 1.安装环境涉及软件 本次操作系统:Centos 6.5 32/64 进行测试 项目安装软件 版本 Python 2.6.6 Tornado 2.4.1 2.环境部署 2.1 安装依赖包 yum install -y python python-pip gcc python-devel setuptool python-pam opens

centos7自动化安装

1.pxe简介 PXE(Pre-boot Execution Environment,预启动执行环境)是由Intel公司开发的最新技术,工作于Client/Server的网络模式,支持工作站通过网络从远端服务器下载映像,并由此支持通过网络启动操作系统,在启动过程中,终端要求服务器分配IP地址,再用TFTP(trivial file transfer protocol)或MTFTP(multicast trivial file transfer protocol)协议下载一个启动软件包到本机内存中