a23.ansible 生产实战案例 -- haproxy roles
案例 -- 实战 生产 Ansible haproxy roles
2023-09-14 09:15:22 时间
haproxy roles
源码下载地址:https://github.com/raymond999999/ansible
[root@ansible-server ansible]# mkdir -p roles/haproxy/{tasks,vars,files,templates}
[root@ansible-server ansible]# cd roles/haproxy/
[root@ansible-server haproxy]# ls
files tasks templates vars
[root@ansible-server haproxy]# wget http://www.lua.org/ftp/lua-5.4.3.tar.gz -P files/
[root@ansible-server haproxy]# wget https://www.haproxy.org/download/2.4/src/haproxy-2.4.10.tar.gz -P files/
[root@ansible-server haproxy]# vim files/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
[root@ansible-server haproxy]# vim vars/main.yml
SRC_DIR: /usr/local/src
LUA_FILE: lua-5.4.3.tar.gz
HAPROXY_FILE: haproxy-2.4.10.tar.gz
HAPROXY_INSTALL_DIR: /apps/haproxy
STATS_AUTH_USER: admin
STATS_AUTH_PASSWORD: 123456
[root@ansible-server haproxy]# vim templates/haproxy.cfg.j2
global
maxconn 100000
chroot {{ HAPROXY_INSTALL_DIR }}
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth {{ STATS_AUTH_USER }}:{{ STATS_AUTH_PASSWORD }}
[root@ansible-server haproxy]# vim tasks/install_package.yml
- name: install CentOS or Rocky depend on the package
yum:
name: gcc,make,gcc-c++,glibc,glibc-devel,pcre,pcre-devel,openssl,openssl-devel,systemd-devel,libtermcap-devel,ncurses-devel,libevent-devel,readline-devel
when:
- (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
- name: delete lock files
file:
path: "{{ item }}"
state: absent
loop:
- /var/lib/dpkg/lock
- /var/lib/apt/lists/lock
- /var/cache/apt/archives/lock
when:
- ansible_distribution=="Ubuntu"
- name: apt update
apt:
update_cache: yes
force: yes
when:
- ansible_distribution=="Ubuntu"
- name: install Ubuntu depend on the package
apt:
name: gcc,make,openssl,libssl-dev,libpcre3,libpcre3-dev,zlib1g-dev,libreadline-dev,libsystemd-dev
force: yes
when:
- ansible_distribution=="Ubuntu"
[root@ansible-server haproxy]# vim tasks/build_lua.yml
- name: unarchive lua package
unarchive:
src: "{{ LUA_FILE }}"
dest: "{{ SRC_DIR }}"
- name: get LUA_DIR directory
shell:
cmd: echo {{ LUA_FILE }} | sed -nr 's/^(.*[0-9]).([[:lower:]]).*/\1/p'
register: LUA_DIR
- name: Build and install lua
shell:
chdir: "{{ SRC_DIR }}/{{ LUA_DIR.stdout }}"
cmd: make all test
[root@ansible-server haproxy]# vim tasks/build_haproxy.yml
- name: unarchive haproxy package
unarchive:
src: "{{ HAPROXY_FILE }}"
dest: "{{ SRC_DIR }}"
- name: get HAPROXY_DIR directory
shell:
cmd: echo {{ HAPROXY_FILE }} | sed -nr 's/^(.*[0-9]).([[:lower:]]).*/\1/p'
register: HAPROXY_DIR
- name: make Haproxy
shell:
chdir: "{{ SRC_DIR }}/{{ HAPROXY_DIR.stdout }}"
cmd: make -j {{ ansible_processor_vcpus }} ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC={{ SRC_DIR }}/{{ LUA_DIR.stdout }}/src/ LUA_LIB={{ SRC_DIR }}/{{ LUA_DIR.stdout }}/src/ PREFIX={{ HAPROXY_INSTALL_DIR }}
- name: make install Haproxy
shell:
chdir: "{{ SRC_DIR }}/{{ HAPROXY_DIR.stdout }}"
cmd: make install PREFIX={{ HAPROXY_INSTALL_DIR }}
[root@ansible-server haproxy]# vim tasks/config.yml
- name: copy haproxy.service file
copy:
src: haproxy.service
dest: /lib/systemd/system
- name: create haproxy link
file:
src: "../..{{ HAPROXY_INSTALL_DIR }}/sbin/{{ item.src }}"
dest: "/usr/sbin/{{ item.src }}"
state: link
owner: root
group: root
mode: 755
force: yes
with_items:
- src: haproxy
- name: create /etc/haproxy directory
file:
path: /etc/haproxy
state: directory
- name: create /var/lib/haproxy/ directory
file:
path: /var/lib/haproxy/
state: directory
- name: copy haproxy.cfg file
template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
- name: Add the kernel
sysctl:
name: net.ipv4.ip_nonlocal_bind
value: "1"
- name: PATH variable
copy:
content: 'PATH={{ HAPROXY_INSTALL_DIR }}/sbin:$PATH'
dest: /etc/profile.d/haproxy.sh
- name: PATH variable entry
shell:
cmd: . /etc/profile.d/haproxy.sh
[root@ansible-server haproxy]# vim tasks/service.yml
- name: start haproxy
systemd:
name: haproxy
state: started
enabled: yes
daemon_reload: yes
[root@ansible-server haproxy]# vim tasks/main.yml
- include: install_package.yml
- include: build_lua.yml
- include: build_haproxy.yml
- include: config.yml
- include: service.yml
[root@ansible-server haproxy]# cd ../../
[root@ansible-server ansible]# tree roles/haproxy/
roles/haproxy/
├── files
│ ├── haproxy-2.4.10.tar.gz
│ ├── haproxy.service
│ └── lua-5.4.3.tar.gz
├── tasks
│ ├── build_haproxy.yml
│ ├── build_lua.yml
│ ├── config.yml
│ ├── install_package.yml
│ ├── main.yml
│ └── service.yml
├── templates
│ └── haproxy.cfg.j2
└── vars
└── main.yml
4 directories, 11 files
[root@ansible-server ansible]# vim haproxy_role.yml
---
- hosts: all
roles:
- role: haproxy
[root@ansible-server ansible]# ansible-playbook haproxy_role.yml
PLAY [all] ************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************
ok: [172.31.0.103]
ok: [172.31.0.104]
ok: [172.31.0.105]
ok: [172.31.0.101]
ok: [172.31.0.102]
TASK [haproxy : install CentOS or Rocky depend on the package] ********************************************************************************
skipping: [172.31.0.104]
skipping: [172.31.0.105]
changed: [172.31.0.103]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [haproxy : delete lock files] ************************************************************************************************************
skipping: [172.31.0.101] => (item=/var/lib/dpkg/lock)
skipping: [172.31.0.101] => (item=/var/lib/apt/lists/lock)
skipping: [172.31.0.101] => (item=/var/cache/apt/archives/lock)
skipping: [172.31.0.102] => (item=/var/lib/dpkg/lock)
skipping: [172.31.0.102] => (item=/var/lib/apt/lists/lock)
skipping: [172.31.0.102] => (item=/var/cache/apt/archives/lock)
skipping: [172.31.0.103] => (item=/var/lib/dpkg/lock)
skipping: [172.31.0.103] => (item=/var/lib/apt/lists/lock)
skipping: [172.31.0.103] => (item=/var/cache/apt/archives/lock)
changed: [172.31.0.104] => (item=/var/lib/dpkg/lock)
changed: [172.31.0.105] => (item=/var/lib/dpkg/lock)
changed: [172.31.0.104] => (item=/var/lib/apt/lists/lock)
changed: [172.31.0.105] => (item=/var/lib/apt/lists/lock)
changed: [172.31.0.104] => (item=/var/cache/apt/archives/lock)
changed: [172.31.0.105] => (item=/var/cache/apt/archives/lock)
TASK [haproxy : apt update] *******************************************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
TASK [haproxy : install Ubuntu depend on the package] *****************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
TASK [haproxy : unarchive lua package] ********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [haproxy : get LUA_DIR directory] ********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [haproxy : Build and install lua] ********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]
TASK [unarchive haproxy package] **************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [haproxy : get HAPROXY_DIR directory] ****************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [haproxy : make Haproxy] *****************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]
TASK [haproxy : make install Haproxy] *********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [copy haproxy.service file] **************************************************************************************************************
changed: [172.31.0.105]
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [create haproxy link] ********************************************************************************************************************
changed: [172.31.0.103] => (item={'src': 'haproxy'})
changed: [172.31.0.105] => (item={'src': 'haproxy'})
changed: [172.31.0.104] => (item={'src': 'haproxy'})
changed: [172.31.0.101] => (item={'src': 'haproxy'})
changed: [172.31.0.102] => (item={'src': 'haproxy'})
TASK [create /etc/haproxy directory] **********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [create /var/lib/haproxy/ directory] *****************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.101]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.102]
TASK [copy haproxy.cfg file] ******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [haproxy : Add the kernel] ***************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [haproxy : PATH variable] ****************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
TASK [haproxy : PATH variable entry] **********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.102]
changed: [172.31.0.101]
TASK [start haproxy] **************************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]
PLAY RECAP ************************************************************************************************************************************
172.31.0.101 : ok=18 changed=17 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.102 : ok=18 changed=17 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.103 : ok=18 changed=17 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
172.31.0.104 : ok=20 changed=19 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
172.31.0.105 : ok=20 changed=19 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
相关文章
- twitter推文案例
- docker安装redis集群--分布式存储案例
- php案例:判断IP地址是否合法+IP地址范围区间
- 详解springBoot集成activiti7,工作流实战案例(三)
- 从ObjectPool到CAS指令的案例分享
- C# WinForm实现自动更新程序的案例分享
- Web Spider案例 网洛者 第一题 JS混淆加密 - 反hook操作 练习(五)
- Python爬虫-爬取彼岸图库图片案例
- 故障分析 | redis cluster 从库无法自动恢复同步案例一则
- 杨校老师课堂之JavaScript定时器案例的红绿灯设计--原始写法
- 【rainbowzhou 面试11/101】技术提问--说说你做的大数据性能测试案例
- 【设计模式】装饰者模式 ( 概念 | 适用场景 | 优缺点 | 与继承对比 | 定义流程 | 运行机制 | 案例分析 )
- Mybatis动态SQL查询 --(附实战案例--8888个字--88质量分)
- Python爬虫案例--音乐网站mp3文件的提取
- MongoDB模糊查询操作案例详解(类关系型数据库的 like 和 not like)
- 实战案例:CentOS 7 利用清华yum源实现PHP-FPM的UDS模式
- Oracle付款方式实战一种高效支付模式(oracle付款方法案例)