playbooks 是一种简单的配置管理系统与多机器部署系统的基础。与现有的其他系统有不同之处,且非常适合于复杂应用的批量部署
Playbooks 的格式是YAML,语法做到最小化

这里讲述的是使用ansible-playbooks的roles安装PHP应用

结构目录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#目录结构
[root@Ansible ~]# tree /etc/ansible/
/etc/ansible/
├── ansible.cfg
├── hosts
├── roles
│   └── yum_php
│       ├── files
│       │   └── yum.repo
│       ├── handlers
│       │   └── main.yml
│       ├── tasks
│       │   └── main.yml
│       ├── templates
│       │   └── www.conf.j2
│       └── vars
│           └── main.yml
└── site.yml
7 directories, 8 files
[root@Ansible ~]#

Ansible之Yum安装PHP

环境:
   ansible 2.2.1.0
   Centos 6.6
   PHP 7.0.16 (fpm-fcgi) (built: Feb 18 2017 10:46:38) 

1
2
3
4
5
6
7
8
#入口文件
[root@Ansible ~]# cd /etc/ansible/
[root@Ansible ansible]# cat site.yml 
- hosts: test_hosts
  user: root
  roles:
    - yum_php
[root@Ansible ansible]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#tasks
[root@Ansible ansible]# cat roles/yum_php/tasks/main.yml 
- name: Install libselinux-python package
  yum: name=libselinux-python state=installed
- name: Check whether yum.repo file exist
  shell: ls /etc/yum.repos.d/yum.repo
  register: result
  ignore_errors: True
- name: Copy yum.repo file
  copy: src=yum.repo dest=/etc/yum.repos.d/ mode=0644 owner=root group=root
  when: result|failed
- name: Rebuild the yum cache
  shell: yum clean all && yum makecache
  when: result|failed
- name: Check whether nginx users exist
  shell: id nginx
  register: result
  ignore_errors: True
- name: The nginx user does not exist, so we need to create it.[The nginx user's password is 123456]
  user: name=nginx createhome=yes home=/home/nginx shell=/bin/bash password="$1$K28XAyId$YUKHvYzbbO9C8RkzGIzNo1" state=present
  when: result|failed
- name: Install PHP packages
  yum: name={{item.name}} state={{item.state|default("installed")}}
  with_items:
    - name: "php*"
      state: "absent"
    - name: "php70w"
    - name: "php70w-gd"
    - name: "libjpeg*"
    - name: "php70w-imap"
    - name: "php70w-ldap"
    - name: "php70w-odbc"
    - name: "php70w-pear"
    - name: "php70w-xml"
    - name: "php70w-xmlrpc"
    - name: "php70w-mbstring"
    - name: "php70w-mcrypt"
    - name: "php70w-bcmath"
    - name: "libmcrypt"
    - name: "libmcrypt-devel"
    - name: "php70w-fpm"
    - name: "php70w-cli"
    - name: "php70w-pdo"
    - name: "php70w-tidy"
    - name: "php70w-mysql"
- name: Configure PHP
  template: src="templates/www.conf.j2" dest="/etc/php-fpm.d/www.conf" owner=root group=root mode=0644
- name: Modify file permissions
  file: path="{{item.path}}" state="{{item.state|default("directory")}}" owner={{php_user}} group={{php_group}}
  with_items:
    - path: "/etc/httpd/conf.d/php.conf"
      state: "file"
    - path: "/var/lib/php/session"
    - path: "/var/lib/php/wsdlcache"
  notify: restart php-fpm
[root@Ansible ansible]#
1
2
3
4
5
#handlers
[root@Ansible ansible]# cat roles/yum_php/handlers/main.yml 
- name: restart php-fpm
  service: name="php-fpm" state=restarted enabled=yes
[root@Ansible ansible]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#执行结果
root@Ansible ~]# ansible-playbook /etc/ansible/site.yml 
PLAY [test_hosts] **************************************************************
TASK [setup] *******************************************************************
ok: [192.168.31.110]
TASK [yum_php : Install libselinux-python package] *****************************
changed: [192.168.31.110]
TASK [yum_php : Check whether yum.repo file exist] *****************************
fatal: [192.168.31.110]: FAILED! => {"changed": true, "cmd": "ls /etc/yum.repos.d/yum.repo", "delta": "0:00:00.004034", "end": "2017-03-20 10:01:53.732814", "failed": true, "rc": 2, "start": "2017-03-20 10:01:53.728780", "stderr": "ls: cannot access /etc/yum.repos.d/yum.repo: No such file or directory", "stdout": "", "stdout_lines": [], "warnings": []}
...ignoring
TASK [yum_php : Copy yum.repo file] ********************************************
changed: [192.168.31.110]
TASK [yum_php : Rebuild the yum cache] *****************************************
changed: [192.168.31.110]
 [WARNING]: Consider using yum module rather than running yum
TASK [yum_php : Check whether nginx users exist] *******************************
fatal: [192.168.31.110]: FAILED! => {"changed": true, "cmd": "id nginx", "delta": "0:00:00.004049", "end": "2017-03-20 10:06:02.226964", "failed": true, "rc": 1, "start": "2017-03-20 10:06:02.222915", "stderr": "id: nginx: No such user", "stdout": "", "stdout_lines": [], "warnings": []}
...ignoring
TASK [yum_php : The nginx user does not exist, so we need to create it.[The nginx user's password is 123456]] ***
changed: [192.168.31.110]
TASK [yum_php : Install PHP packages] ******************************************
ok: [192.168.31.110] => (item={u'state': u'absent', u'name': u'php*'})
changed: [192.168.31.110] => (item={u'name': u'php70w'})
changed: [192.168.31.110] => (item={u'name': u'php70w-gd'})
ok: [192.168.31.110] => (item={u'name': u'libjpeg*'})
changed: [192.168.31.110] => (item={u'name': u'php70w-imap'})
changed: [192.168.31.110] => (item={u'name': u'php70w-ldap'})
changed: [192.168.31.110] => (item={u'name': u'php70w-odbc'})
changed: [192.168.31.110] => (item={u'name': u'php70w-pear'})
ok: [192.168.31.110] => (item={u'name': u'php70w-xml'})
changed: [192.168.31.110] => (item={u'name': u'php70w-xmlrpc'})
changed: [192.168.31.110] => (item={u'name': u'php70w-mbstring'})
changed: [192.168.31.110] => (item={u'name': u'php70w-mcrypt'})
changed: [192.168.31.110] => (item={u'name': u'php70w-bcmath'})
ok: [192.168.31.110] => (item={u'name': u'libmcrypt'})
changed: [192.168.31.110] => (item={u'name': u'libmcrypt-devel'})
changed: [192.168.31.110] => (item={u'name': u'php70w-fpm'})
ok: [192.168.31.110] => (item={u'name': u'php70w-cli'})
ok: [192.168.31.110] => (item={u'name': u'php70w-pdo'})
changed: [192.168.31.110] => (item={u'name': u'php70w-tidy'})
changed: [192.168.31.110] => (item={u'name': u'php70w-mysql'})
TASK [yum_php : Configure PHP] *************************************************
changed: [192.168.31.110]
TASK [yum_php : Modify file permissions] ***************************************
changed: [192.168.31.110] => (item={u'path': u'/etc/httpd/conf.d/php.conf', u'state': u'file'})
changed: [192.168.31.110] => (item={u'path': u'/var/lib/php/session'})
changed: [192.168.31.110] => (item={u'path': u'/var/lib/php/wsdlcache'})
RUNNING HANDLER [yum_php : restart php-fpm] ************************************
changed: [192.168.31.110]
PLAY RECAP *********************************************************************
192.168.31.110             : ok=11   changed=10   unreachable=0    failed=0   
[root@Ansible ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
[root@Ansible ~]# ansible test_hosts -m shell -a 'netstat -tunlp | grep 9000'
192.168.31.110 | SUCCESS | rc=0 >>
tcp        0      0 127.0.0.1:9000              0.0.0.0:*                   LISTEN      2197/php-fpm        
[root@Ansible ~]# ansible test_hosts -m shell -a 'ps -ef | grep php-fpm | grep -v grep'
192.168.31.110 | SUCCESS | rc=0 >>
root       2197      1  0 17:22 ?        00:00:00 php-fpm: master process (/etc/php-fpm.conf)
nginx      2198   2197  0 17:22 ?        00:00:00 php-fpm: pool www            
nginx      2199   2197  0 17:22 ?        00:00:00 php-fpm: pool www            
nginx      2200   2197  0 17:22 ?        00:00:00 php-fpm: pool www            
nginx      2201   2197  0 17:22 ?        00:00:00 php-fpm: pool www            
nginx      2203   2197  0 17:22 ?        00:00:00 php-fpm: pool www            
[root@Ansible ~]#

image

Template遇到特殊字符处理

注:如果推送的配置文件里含有特殊字符,如:”;” “#”等,是不能用Template模块直接推送的,因为这些不能被解析会报错,如下:
image

解决办法一

使用jinja2的Comments,注释掉那些特殊字符,语法:“”,参考:http://jinja.pocoo.org/docs/2.9/templates/#comments

1
2
sed -i '/^;/s/^;/{#;/g' www.conf.j2
sed -i '/^{#/s/$/#}/g' www.conf.j2

Jinja2分隔符配置如下:

1
2
3
4
{% ... %} for Statements
{{ ... }} for Expressions
{# ... #} for Comments
# ... ## for Line Statements

参考:
Statements
Expressions to print to the template output
Comments not included in the template output
Line Statements

效果图:
image
image

解决办法二

使用jinja2的Escaping,把这些特殊字符转义,语法:“ ... ”,参考:http://jinja.pocoo.org/docs/2.9/templates/#escaping

1
2
sed -i '/^;/s/^;/{% raw %};/g' www.conf.j2
sed -i '/^{% raw %}/s/$/{% endraw %}\n/g' www.conf.j2

Jinja2转义符:

1
2
3
4
5
#被raw包含起来的部分被转义,不会被解析
{% raw %}
;aaa
#bbb
{% endraw %}

效果图:
image
image

image

附件:ansible_yum_install_php.tar.gz

本文出自”Jack Wang Blog”:http://www.yfshare.vip/2017/03/15/Ansible-Playbooks之安装PHP/