Ansible部署LNMP 環境介紹: | 系統|ip|主機名|服務| | : : | : : | : : | : : | |centos8|192.168.222.250|ansible| ansinle| |ceotos8|192.168.222.137|nginx|nginx| |centos ...
Ansible部署LNMP
目錄
環境介紹:
| 系統 | ip | 主機名 | 服務 |
|---|---|---|---|
| centos8 | 192.168.222.250 | ansible | ansinle |
| ceotos8 | 192.168.222.137 | nginx | nginx |
| centos8 | 192.168.222.138 | mysql | mysql |
| centos8 | 192.168.222.139 | php | php |
nginx-1.22.0
mysql-8.0.30
php-8.1.11
基礎準備工作
[root@localhost ~]# hostnamectl set-hostname ansible
[root@localhost ~]# bash
//下載阿裡源
[root@ansible ~]# cd /etc/yum.repos.d/
[root@ansible yum.repos.d]# rm -rf *
[root@ansible yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2495 100 2495 0 0 3574 0 --:--:-- --:--:-- --:--:-- 3574
[root@ansible yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@ansible yum.repos.d]# cd
//安裝ansible
[root@ansible ~]# dnf -y install platform-python
[root@ansible ~]# dnf -y install centos-release-ansible-29
[root@ansible ~]# ansible --version //查看版本
ansible 2.9.27
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, Sep 10 2021, 09:13:53) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
[root@ansible ~]# ssh-keygen -t rsa //生成一對公鑰一對私鑰
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:egpQ3eohggaGw65/rQd3/DVnLCKZwJr89+4VpC7obsU root@ansible
The key's randomart image is:
+---[RSA 3072]----+
| |
|o . . |
|+o ... . . |
|+o . o. o |
|.oo..oo+So. .. |
|o o=o.+E.. +.+ |
|. .=+ooo.o.= |
| . .o=o.... |
| ...=+. ++ |
+----[SHA256]-----+
[root@ansible ~]# ssh-copy-id 192.168.222.137 //與nginx受控機互信
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.222.137 (192.168.222.137)' can't be established.
ECDSA key fingerprint is SHA256:jJ7HFCOrVQKPjfacavF08vxsn4hSKTG3q9SV78ApryQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.222.137'"
and check to make sure that only the key(s) you wanted were added.
[root@ansible ~]# ssh-copy-id 192.168.222.138 //與mysql受控機互信
[root@ansible ~]# ssh-copy-id 192.168.222.139 //與php受控機互信
//將受控主機加入ansible清單
[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# ls
ansible.cfg hosts roles
[root@ansible ansible]# touch inventory
[root@ansible ansible]# ls
ansible.cfg hosts inventory roles
[root@ansible ansible]# vim ansible.cfg
#inventory = /etc/ansible/hosts //取消註釋並修改為下麵這樣
inventory = /etc/ansible/inventory
[root@ansible ansible]# vim inventory
[root@ansible ansible]# cat inventory
[web] //受控主機
192.168.222.137
192.168.222.138
192.168.222.139
[nginx]
192.168.222.137
[mysql]
192.168.222.138
[php]
192.168.222.139
[root@ansible ansible]# cd
[root@ansible ~]# ansible all --list-hosts
hosts (3):
192.168.222.137
192.168.222.138
192.168.222.139
//檢查機器節點是否連通
[root@ansible ~]# ansible web -m ping
192.168.222.139 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.222.137 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
192.168.222.138 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
//將設置好的阿裡源傳到受控主機
[root@ansible ~]# ansible nginx -m template -a 'src=/etc/yum.repos.d/CentOS-Base.repo dest=/etc/yum.repos.d/CentOS-Base.repo'
192.168.222.137 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "8bbf30b2d80c3b97292ca7b32f33ef494269a5b8",
"dest": "/etc/yum.repos.d/CentOS-Base.repo",
"gid": 0,
"group": "root",
"md5sum": "ed031c350da2532e6a8d09a4d9b05278",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:system_conf_t:s0",
"size": 1653,
"src": "/root/.ansible/tmp/ansible-tmp-1666511143.7368824-130351-128775339422969/source",
"state": "file",
"uid": 0
}
[root@ansible ~]# ansible mysql -m template -a 'src=/etc/yum.repos.d/CentOS-Base.repo dest=/etc/yum.repos.d/CentOS-Base.repo'
192.168.222.138 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "8bbf30b2d80c3b97292ca7b32f33ef494269a5b8",
"dest": "/etc/yum.repos.d/CentOS-Base.repo",
"gid": 0,
"group": "root",
"md5sum": "ed031c350da2532e6a8d09a4d9b05278",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:system_conf_t:s0",
"size": 1653,
"src": "/root/.ansible/tmp/ansible-tmp-1666511161.8907917-130929-57801171367377/source",
"state": "file",
"uid": 0
}
[root@ansible ~]# ansible php -m template -a 'src=/etc/yum.repos.d/CentOS-Base.repo dest=/etc/yum.repos.d/CentOS-Base.repo'
192.168.222.139 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": "8bbf30b2d80c3b97292ca7b32f33ef494269a5b8",
"dest": "/etc/yum.repos.d/CentOS-Base.repo",
"gid": 0,
"group": "root",
"md5sum": "ed031c350da2532e6a8d09a4d9b05278",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:system_conf_t:s0",
"size": 1653,
"src": "/root/.ansible/tmp/ansible-tmp-1666511167.7952082-131147-42422946741004/source",
"state": "file",
"uid": 0
}
//查看受控機上是否有阿裡源
[root@nginx ~]# ls /etc/yum.repos.d/
CentOS-Base.repo
[root@mysql ~]# ls /etc/yum.repos.d/
CentOS-Base.repo
[root@php ~]# ls /etc/yum.repos.d/
CentOS-Base.repo
//給受控主機安裝epel源
[root@ansible ~]# ansible web -m yum -a 'name=epel-release state=present'
192.168.222.137 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
192.168.222.139 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
192.168.222.138 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"msg": "Nothing to do",
"rc": 0,
"results": []
}
//檢查受控是否安裝
[root@nginx ~]# rpm -qa|grep epel-release
epel-release-8-11.el8.noarch
[root@mysql ~]# rpm -qa|grep epel-release
epel-release-8-11.el8.noarch
[root@php ~]# rpm -qa|grep epel-release
epel-release-8-11.el8.noarch
[root@ansible ~]# systemctl stop firewalld.service
[root@ansible ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@ansible ~]# setenforce 0
[root@ansible ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//關閉受控主機的防火牆和selinux
[root@ansible ~]# ansible web -m service -a 'name=firewalld state=stopped enabled=no'
[root@ansible ~]# ansible web -m lineinfile -a "path=/etc/selinux/config regexp='SELINUX=.*' line='SELINUX=disabled'"
[root@ansible ~]# ansible web -m reboot //重啟受控主機
//檢查防火牆是否關閉
[root@nginx ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@mysql ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@php ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
管理nginx受管主機部署nginx服務
//創建系統用戶nginx
[root@ansible ansible]# ansible nginx -m user -a 'name=nginx system=yes shell=/sbin/nologin state=present'
//安裝依賴包
[root@ansible ansible]# ansible nginx -m yum -a 'name=pcre-devel,openssl,openssl-devel,gd-devel,gcc,gcc-c++,make,wget state=present'
//創建日誌存放目錄並修改目錄所屬主,組
[root@ansible ansible]# ansible nginx -m file -a 'path=/var/log/nginx state=directory'
[root@ansible ansible]# ansible nginx -m file -a 'path=/var/log/nginx state=directory owner=nginx group=nginx'
//下載nginx包並解壓
[root@ansible ansible]# ansible nginx -a 'wget http://nginx.org/download/nginx-1.22.0.tar.gz'
[root@ansible ansible]# ansible nginx -a 'tar xf nginx-1.22.0.tar.gz'
//編寫編譯腳本,然後進行編譯安裝
[root@ansible ansible]# mkdir scripts/
[root@ansible ansible]# vim scripts/nginx.sh
[root@ansible ansible]# cat scripts/nginx.sh
#!/bin/bash
cd nginx-1.22.0
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx
--with-debug --with-http_ssl_module --with-http_realip_module
--with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module
[root@ansible ansible]# chmod +x scripts/nginx.sh
[root@ansible ansible]# ansible nginx -m script -a '/etc/ansible/scripts/nginx.sh'
[root@ansible ansible]# ansible nginx -m shell -a 'cd nginx-1.22.0 && make && make install'
//配置環境變數
[root@ansible ansible]# ansible nginx -m shell -a 'echo "export PATH=/usr/local/nginx/sbin:$PATH" > /etc/profile.d/nginx.sh'
[root@ansible ansible]# ansible nginx -m shell -a '. /etc/profile.d/nginx.sh'
//開啟服務
[root@ansible ansible]# ansible nginx -a 'nginx'
//查看埠
[root@ansible ansible]# ansible nginx -a 'ss -antl'
192.168.222.137 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//關閉服務
[root@ansible ansible]# ansible nginx -a 'nginx -s stop'
192.168.222.137 | CHANGED | rc=0 >>
//查看埠
[root@ansible ansible]# ansible nginx -a 'ss -antl'
192.168.222.137 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//編寫腳本將其加入systemd服務中
[root@ansible ansible]# vim scripts/systemd.sh
[root@ansible ansible]# cat scripts/systemd.sh
#!/bin/bash
cat > /usr/lib/systemd/system/nginx.service <<EOF
[Unit]
Description=nginx server daemon
After=network.target sshd-keygen.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecStop=/usr/local/nginx/sbin/nginx -s stop
ExecReload=/usr/local/nginx/sbin/nginx -s reload
PrivateTmp= true
[Install]
WantedBy=multi-user.target
EOF
[root@ansible ansible]# chmod +x scripts/systemd.sh
//啟動服務並設置開機自啟
[root@ansible ansible]# ansible nginx -m service -a 'name=nginx state=started enabled=yes'
//查看埠
[root@ansible ansible]# ansible nginx -a 'ss -antl'
192.168.222.137 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//腳本寫入php網頁信息
[root@ansible ansible]# vim scripts/nginx.php.sh
[root@ansible ansible]# cat scripts/nginx.php.sh
#!/bin/bash
cat > /usr/local/nginx/html/index.php <<EOF
<?php
phpinfo();
?>
EOF
[root@ansible ansible]# chmod +x scripts/nginx.php.sh
//修改nginx服務的配置
[root@ansible ansible]# ansible nginx -m script -a '/etc/ansible/scripts/nginx.php.sh'
管理mysql受管主機部署mysql服務
//創建系統用戶msyql
[root@ansible ansible]# ansible mysql -m user -a 'name=mysql system=yes shell=/sbin/nologin state=present'
//安裝依賴包
[root@ansible ansible]# ansible mysql -m yum -a 'name=ncurses-compat-libs,perl,ncurses-devel,openssl-devel,openssl,cmake,mariadb-devel state=present'
//下載mysql包並解壓
[root@ansible ansible]# ansible mysql -a 'wget https://downloads.mysql.com/archives/get/p/23/file/mysql-8.0.30-linux-glibc2.12-x86_64.tar.xz'
[root@ansible ansible]# ansible mysql -a 'tar xf mysql-8.0.30-linux-glibc2.12-x86_64.tar.xz '
//修改mysql資料庫名稱
ansible mysql -a 'mv mysql-8.0.30-linux-glibc2.12-x86_64 mysql'
[root@ansible ansible]# ansible mysql -a 'mv mysql /usr/local/'
//修改目錄/usr/local/mysql的屬主屬組
[root@ansible ansible]# ansible mysql -m file -a 'path=/usr/local/mysql owner=mysql group=mysql'
//配置環境變數
[root@ansible ansible]# ansible mysql -m shell -a 'echo "export PATH=/usr/local/mysql/bin:$PATH" > /etc/profile.d/mysql.sh'
[root@ansible ansible]# ansible mysql -m shell -a 'source /etc/profile.d/mysql.sh'
//做頭文件
[root@ansible ansible]# ansible mysql -a 'ln -sv /usr/local/mysql/include/ /usr/include/mysql'
192.168.222.138 | CHANGED | rc=0 >>
'/usr/include/mysql/include' -> '/usr/local/mysql/include/'
//配置lib庫文件
[root@ansible ansible]# ansible mysql -m shell -a 'echo "/usr/local/mysql/lib/" > /etc/ld.so.conf.d/mysql.conf'
//編輯man文檔
[root@ansible ansible]# ansible mysql -a 'sed -i "22a MANDATORY_MANPATH /usr/local/mysql/man" /etc/man_db.conf'
//建立數據存放目錄
[root@ansible ansible]# ansible mysql -m file -a 'path=/opt/data state=directory owner=mysql group=mysql'
//初始化資料庫
[root@ansible ansible]# ansible mysql -m shell -a '/usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/'
192.168.222.138 | CHANGED | rc=0 >>
2022-10-23T12:55:05.564725Z 0 [System] [MY-013169] [Server] /usr/local/mysql/bin/mysqld (mysqld 8.0.30) initializing of server in progress as process 529198
2022-10-23T12:55:05.577111Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2022-10-23T12:55:06.494304Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2022-10-23T12:55:08.076144Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: :rg0o-At;Vop
//配置服務啟動腳本
[root@ansible ansible]# ansible mysql -a 'cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld'
[root@ansible ansible]# ansible mysql -a 'sed -i "46cbasedir=/usr/local/mysql" /etc/init.d/mysqld'
[root@ansible ansible]# ansible mysql -a 'sed -i "47cdatadir=/opt/data" /etc/init.d/mysqld'
//編寫腳本添加mysql配置文件和mysql的service文件
[root@ansible ansible]# vim scripts/mysql.sh
[root@ansible ansible]# cat scripts/mysql.sh
#!/bin/bash
cat > /etc/my.cnf <<EOF
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
EOF
cat > /usr/lib/systemd/system/mysqld.service <<EOF
[Unit]
Description=mysql server daemon
After=network.target sshd-keygen.target
[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
EOF
[root@ansible ansible]# chmod +x scripts/mysql.sh
[root@ansible ansible]# ansible mysql -m script -a '/etc/ansible/scripts/mysql.sh'
//重新載入配置
[root@ansible ansible]# ansible mysql -a 'systemctl daemon-reload'
//開啟服務並設置開機自啟
[root@ansible ansible]# ansible mysql -m service -a 'name=mysqld state=started enabled=yes'
//查看埠
[root@ansible ansible]# ansible mysql -a 'ss -antl'
192.168.222.138 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 70 *:33060 *:*
LISTEN 0 128 *:3306 *:*
//修改資料庫密碼
[root@ansible ansible]# ansible mysql -a 'mysqladmin -uroot -p":rg0o-At;Vop" password 123456'
192.168.222.138 | CHANGED | rc=0 >>
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety.
//重啟mysql服務
[root@ansible ansible]# ansible mysql -m service -a 'name=mysqld state=restarted'
//查看埠
[root@ansible ansible]# ansible mysql -a 'ss -antl'
192.168.222.138 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 70 *:33060 *:*
LISTEN 0 128 *:3306 *:*
管理php受管主機部署php服務
//編寫腳本安裝依賴包
[root@ansible ansible]# vim scripts/php_install.sh
[root@ansible ansible]# cat scripts/php_install.sh
#!/bin/bash
yum -y install pcre-devel openssl openssl-devel gd-devel gcc gcc-c++ wget make
--allowerasing
yum -y install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel pcre-devel freetype freetype-devel gmp gmp-devel readline readline-devel libxslt libxslt-devel php-mysqlnd libxml2-devel sqlite-devel https://vault.centos.org/centos/8/PowerTools/x86_64/os/Packages/onigurumadevel-6.8.2-2.el8.x86_64.rpm
yum -y install https://vault.centos.org/centos/8/AppStream/x86_64/os/Packages/libzip-devel1.5.1-2.module_el8.2.0+313+b04d0a66.x86_64.rpm --nobest
yum install libxml2-devel -y
yum install sqlite-devel -y
yum -y install libcurl-devel
yum -y install gmp-devel
yum install net-snmp-devel -y
wget https://libzip.org/download/libzip-1.3.2.tar.gz
yum -y install libzip libzip-devel
[root@ansible ansible]# chmod +x scripts/php_install.sh
[root@ansible ansible]# ansible php -m script -a '/etc/ansible/scripts/php_install.sh'
//下載PHP並解壓
[root@ansible ansible]# ansible php -a 'wget https://www.php.net/distributions/php-8.1.11.tar.gz'
[root@ansible ansible]# ansible php -a 'tar xf php-8.1.11.tar.gz -C /usr/src'
//編寫腳本編譯安裝php
root@ansible ansible]# vim scripts/php.sh
[root@ansible ansible]# cat scripts/php.sh
#!/bin/bash
cd /usr/src/php-8.1.11/
./configure --prefix=/usr/local/php8 --with-config-file-path=/usr/local/php8/etc --enable-fpm --enable-mysqlnd --with-mysqli --with-pdo-mysql --enable-gd --with-jpeg --with-freetype --with-gettext --with-curl --with-openssl --enable-sockets --enable-mbstring --enable-xml --with-zip --with-zlib --with-snmp --with-mhash --enable-ftp --enable-bcmath --enable-soap --enable-shmop --enable-sysvsem --enable-pcntl --with-gmp
[root@ansible ansible]# chmod +x scripts/php.sh
[root@ansible ansible]# ansible php -m script -a '/etc/ansible/scripts/php.sh'
...
"+--------------------------------------------------------------------+",
"| License: |",
"| This software is subject to the PHP License, available in this |",
"| distribution in the file LICENSE. By continuing this installation |",
"| process, you are bound by the terms of this license agreement. |",
"| If you do not agree with the terms of this license, you must abort |",
"| the installation process at this point. |",
"+--------------------------------------------------------------------+",
"",
"Thank you for using PHP.",
""
]
}
[root@ansible ansible]# ansible php -m shell -a 'cd /usr/src/php-8.1.11/ && make && make install'
//安裝後配置環境變數
[root@ansible ansible]# ansible php -m shell -a 'echo "export PATH=/usr/local/php8/bin/:$PATH" > /etc/profile.d/php8.sh'
[root@ansible ansible]# ansible php -m shell -a 'source /etc/profile.d/php8.sh'
//查看版本
[root@ansible ansible]# ansible php -a 'php -v'
192.168.222.139 | CHANGED | rc=0 >>
PHP 8.1.11 (cli) (built: Oct 24 2022 00:39:21) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.11, Copyright (c) Zend Technologies
//配置php-fpm
[root@ansible ansible]# ansible php -a '\cp /usr/src/php-8.1.11/php.ini-production /etc/php.ini'
[root@ansible ansible]# ansible php -a '\cp /usr/src/php-8.1.11/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm'
[root@ansible ansible]# ansible php -m file -a 'path=/etc/init.d/php-fpm mode=755'
[root@ansible ansible]# ansible php -a '\cp /usr/local/php8/etc/php-fpm.conf.default /usr/local/php8/etc/php-fpm.conf'
[root@ansible ansible]# ansible php -a '\cp /usr/local/php8/etc/php-fpm.d/www.conf.default /usr/local/php8/etc/php-fpm.d/www.conf'
//啟動php-fpm
[root@ansible ansible]# ansible php -a 'service php-fpm start'
192.168.222.139 | CHANGED | rc=0 >>
Starting php-fpm done
//查看埠
[root@ansible ansible]# ansible php -a 'ss -anlt'
192.168.222.139 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
//連接nginx和php,生成php測試頁面
[root@ansible ansible]# ansible php -m file -a 'path=/usr/local/nginx state=directory'
[root@ansible ansible]# ansible php -m file -a 'path=/usr/local/nginx/html state=directory'
//編寫腳本添加php測試頁面
[root@ansible ansible]# vim scripts/php.nginx.sh
[root@ansible ansible]# cat scripts/php.nginx.sh
#!/bin/bash
cat > /usr/local/nginx/html/index.php << EOF
<?php
phpinfo();
?>
EOF
[root@ansible ansible]# chmod +x scripts/php.nginx.sh
[root@ansible ansible]# ansible php -m script -a '/etc/ansible/scripts/php.nginx.sh'
//修改php/usr/local/php8/etc/php-fpm.d/www.conf文件的clisten和clisten.allowed_clients指向
[root@ansible ansible]# ansible php -a 'sed -i "36clisten = 192.168.222.139:9000" /usr/local/php8/etc/php-fpm.d/www.conf'
[root@ansible ansible]# ansible php -a 'sed -i "63clisten.allowed_clients = 192.168.222.137" /usr/local/php8/etc/php-fpm.d/www.conf'
//修改nginx配置文件
[root@ansible ansible]# ansible nginx -a 'sed -i "45c index index.php index.html index.htm;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "65c location ~ \.php$ {" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "66c root html;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "67c fastcgi_pass 192.168.222.139:9000;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "68c fastcgi_index index.php;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "69c fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "70c include fastcgi_params;" /usr/local/nginx/conf/nginx.conf'
[root@ansible ansible]# ansible nginx -a 'sed -i "71c }" /usr/local/nginx/conf/nginx.conf'
//重啟nginx和php服務
[root@ansible ansible]# ansible nginx -m service -a 'name=nginx state=restarted'
[root@ansible ansible]# ansible php -a 'service php-fpm restart'
192.168.222.139 | CHANGED | rc=0 >>
Gracefully shutting down php-fpm warning, no pid file found - php-fpm is not running ?
Starting php-fpm done
//查看埠
[root@ansible ansible]# ansible nginx -a 'ss -antl'
192.168.222.137 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[root@ansible ansible]# ansible php -a 'ss -antl'
192.168.222.139 | CHANGED | rc=0 >>
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0 128 192.168.222.139:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
訪問:
