文章目錄
1.ansible-playbook yml檔案部署zabbix
實作步驟
2.ansible-playbook roles角色部署zabbix
實作步驟
角色優化
1.ansible-playbook yml檔案部署zabbix
實作步驟
(1)基礎配置
[[email protected] ansible]$ pwd
/home/devops/ansible
[[email protected] ansible]$ cat hosts
[db]
172.25.3.1
[server]
172.25.3.2
[web]
172.25.3.3
[agent:children]
web
server
[zabbix:children]
db
server
web
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
(2)配置檔案準備
[[email protected] ansible]$ cd zabbix/
[[email protected] zabbix]$ pwd
/home/devops/ansible/zabbix
[[email protected] zabbix]$ ls
create.sql.gz my.cnf zabbix.conf
deplay.yml zabbix_agented.conf.j2 zabbix_server.conf
[[email protected] zabbix]$ vi zabbix_agented.conf.j2
98 Server=172.25.3.2
139 ServerActive=172.25.3.2
150 Hostname={{ ansible_hostname }}
[[email protected] zabbix]$ vi zabbix.conf
20 php_value date.timezone Asia/Shanghai
[[email protected] zabbix]$ vi my.cnf
10 character_set_server=utf8
[[email protected] zabbix]$ vi zabbix_server.conf
124 DBPassword=zabbix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
(3)yml檔案編寫
[[email protected] zabbix]$ vim deplay.yml
[[email protected] zabbix]$ cat deplay.yml
---
- hosts: db ##資料庫伺服器
tasks:
- name: install mariadb
yum:
name: mariadb-server,MySQL-python
state: present
- name: config mariadb
copy:
src: my.cnf
dest: /etc/my.cnf
notify: restart mariadb
- name: start mariadb
service:
name: mariadb
state: started
- name: create database zabbix
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: present
- name: create user
mysql_user:
login_user: root
login_password: westos
name: zabbix
password: zabbix
host: "%"
priv: "zabbix.*:ALL"
state: present
- name: copy create.sql
copy:
src: create.sql.gz
dest: /tmp/create.sql.gz
- name: import create.sql
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: import
target: /tmp/create.sql.gz
- hosts: server ##zabbix-server服務端
tasks:
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-server
yum:
name: zabbix-server-mysql,zabbix-agent
state: present
- name: config zabbix-server
copy:
src: zabbix_server.conf
dest: /etc/zabbix/zabbix_server.conf
owner: root ##所有人
group: zabbix ##所有組
mode: 640 ##檔案權限
notify: restart zabbix-server
- name: start zabbix-server
service:
name: "{{ item }}"
state: started
loop:
- zabbix-server
- zabbix-agent
handlers:
- name: restart zabbix-server
service:
name: zabbix-server
state: restarted
- hosts: web ##web前端頁面
tasks:
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: add centos repo
yum_repository:
name: centos
description: centos 7
baseurl: https://mirrors.aliyun.com/centos/7/os/x86_64/
gpgcheck: no
- name: install zabbix-web
yum:
name: zabbix-web-mysql,httpd
state: present
- name: config zabbix-web
copy:
src: zabbix.conf
dest: /etc/httpd/conf.d/zabbix.conf
notify: restart httpd
- name: start httpd
service:
name: httpd
state: started
handlers:
- name: restart httpd
service:
name: httpd
state: restarted
- hosts: agent ##zabbix-agent代理端
tasks:
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-agent
yum:
name: zabbix-agent
state: present
- name: config zabbix-agent
template:
src: zabbix_agented.conf.j2
dest: /etc/zabbix/zabbix_agentd.conf
owner: root
group: root
mode: 644
notify: restart zabbix-agent
- name: start zabbix-agent
service:
name: zabbix-agent
state: started
handlers:
- name: restart zabbix-agent
service:
name: zabbix-agent
state: restarted
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
(4)執行效果
2.ansible-playbook roles角色部署zabbix
實作步驟
(1)根據需求建立5個role
ansible-galaxy init apache ##建立角色
1
[[email protected] roles]$ pwd
/home/devops/ansible/roles
[[email protected] roles]$ ls
apache mariadb zabbix-agent zabbix-server-mysql zabbix-web-mysql
1
2
3
4
5
(2)分别配置5個role
apache
[[email protected] roles]$ cd apache/
[[email protected] apache]$ ls
defaults files handlers meta README.md tasks templates tests vars
[[email protected] apache]$ cat ./tasks/main.yml
---
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
service:
name: httpd
state: started
1
2
3
4
5
6
7
8
9
10
11
12
13
14
mariadb
[[email protected] roles]$ cd mariadb/
[[email protected] mariadb]$ cat tasks/main.yml
---
- name: install mariadb
yum:
name: mariadb-server,MySQL-python
state: present
- name: config mariadb
copy:
src: my.cnf
dest: /etc/my.cnf
notify: restart mariadb
- name: start mariadb
service:
name: mariadb
state: started
- name: create database zabbix
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: present
- name: create user
mysql_user:
login_user: root
login_password: westos
name: zabbix
password: zabbix
host: "%"
priv: "zabbix.*:ALL"
state: present
- name: copy create.sql
copy:
src: create.sql.gz
dest: /tmp/create.sql.gz
- name: import create.sql
mysql_db:
login_user: root
login_password: westos
name: zabbix
state: import
target: /tmp/create.sql.gz
[[email protected] mariadb]$ cat handlers/main.yml
---
- name: restart mariadb
service:
name: maridb
state: restarted
[[email protected] mariadb]$ ll files/
total 1292
-rw-r--r-- 1 devops devops 1316758 Nov 24 00:46 create.sql.gz
-rw-r--r-- 1 devops devops 595 Nov 24 00:45 my.cnf
[[email protected] mariadb]$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
zabbix-agent
[[email protected] roles]$ cd zabbix-agent
[[email protected] zabbix-agent]$ cat tasks/main.yml
---
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-agent
yum:
name: zabbix-agent
state: present
- name: config zabbix-agent
template:
src: zabbix_agented.conf.j2
dest: /etc/zabbix/zabbix_agentd.conf
owner: root
group: root
mode: 644
notify: restart zabbix-agent
- name: start zabbix-agent
service:
name: zabbix-agent
state: started
[[email protected] zabbix-agent]$ cat handlers/main.yml
---
- name: restart zabbix-agent
service:
name: zabbix-agent
state: restarted
[[email protected] zabbix-agent]$ ll files/
total 0
[[email protected] zabbix-agent]$ ll templates/
total 12
-rw-r--r-- 1 devops devops 10956 Nov 24 01:19 zabbix_agented.conf.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
zabbix-server-mysql
[[email protected] roles]$ cd zabbix-server-mysql
[[email protected] zabbix-server-mysql]$ ls
defaults files handlers meta README.md tasks templates tests vars
[[email protected] zabbix-server-mysql]$ cat tasks/main.yml
---
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: install zabbix-server
yum:
name: zabbix-server-mysql
state: present
- name: config zabbix-server
copy:
src: zabbix_server.conf
dest: /etc/zabbix/zabbix_server.conf
owner: root ##所有人
group: zabbix ##所有組
mode: 640 ##檔案權限
notify: restart zabbix-server
- name: start zabbix-server
service:
name: "{{ item }}"
state: started
loop:
- zabbix-server
- zabbix-agent
[[email protected] zabbix-server-mysql]$ cat handlers/main.yml
---
- name: restart zabbix-server
service:
name: zabbix-server
state: restarted
[[email protected] zabbix-server-mysql]$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
zabbix-web-mysql
[[email protected] roles]$ cd zabbix-web-mysql
[[email protected] zabbix-web-mysql]$ ls
defaults files handlers meta README.md tasks templates tests vars
[[email protected] zabbix-web-mysql]$ cat tasks/main.yml
---
- name: add zabbix repo
yum_repository:
name: zabbix
description: zabbix 4.0
baseurl: https://mirrors.aliyun.com/zabbix/zabbix/4.0/rhel/7/x86_64/
gpgcheck: no
- name: add update repo
yum_repository:
name: update
description: non-supported
baseurl: https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/x86_64/
gpgcheck: no
- name: add centos repo
yum_repository:
name: centos
description: centos 7
baseurl: https://mirrors.aliyun.com/centos/7/os/x86_64/
gpgcheck: no
- name: install zabbix-web
yum:
name: zabbix-web-mysql
state: present
- name: config zabbix-web
copy:
src: zabbix.conf
dest: /etc/httpd/conf.d/zabbix.conf
notify: restart httpd
[[email protected] zabbix-web-mysql]$ cat handlers/main.yml
---
- name: restart httpd
service:
name: httpd
state: restarted
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
(3)yml檔案編寫
[[email protected] ansible]$ pwd
/home/devops/ansible
[[email protected] ansible]$ ls
ansible.cfg hosts lin.repo roles test_roles.yml zabbix
[[email protected] ansible]$ cat test_roles.yml
---
- hosts: db
roles:
- mariadb
- hosts: server
roles:
- zabbix-server-mysql
- zabbix-agent
- hosts: web
roles:
- zabbix-web-mysql
- apache
- hosts: agent
roles:
- zabbix-agent
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
(4)執行效果
監控頁面
添加自動發現規則
自動發現監控主機
角色優化
(1)添加火牆角色
由于每一個hosts對象需要的firewalld政策都不相同,此時再多建立一個角色可能不能滿足需求;是以,不如直接在相應角色的tasks下建立firewalld任務,再導入main.yml
db端需要firewalld允許mysql
[[email protected] tasks]$ ls
firewalld.yml main.yml
[[email protected] tasks]$ pwd
/home/devops/ansible/roles/mariadb/tasks
[[email protected] tasks]$ cat firewalld.yml
---
- name: start firewalld
service:
name: firewalld
state: started
- name: config firewalld
firewalld:
service: mysql
permanent: yes
state: enabled
immediate: yes
[[email protected] tasks]$ ls
firewalld.yml main.yml
[[email protected] tasks]$ head -n 3 main.yml
---
- import_tasks: firewalld.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
server端需要firewalld允許zabbix-server
[[email protected] tasks]$ ls
firewalld.yml main.yml
[[email protected] tasks]$ pwd
/home/devops/ansible/roles/zabbix-server-mysql/tasks
[[email protected] tasks]$ cat firewalld.yml
---
- name: start firewalld
service:
name: firewalld
state: started
- name: config firewalld
firewalld:
port: 10051/tcp
permanent: yes
state: enabled
immediate: yes
[[email protected] tasks]$ head -n 3 main.yml
---
- import_tasks: firewalld.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
agent端需要firewalld允許zabbix-agent
[[email protected] tasks]$ pwd
/home/devops/ansible/roles/zabbix-agent/tasks
[[email protected] tasks]$ ls
firewalld.yml main.yml
[[email protected] tasks]$ cat firewalld.yml
---
- name: start firewalld
service:
name: firewalld
state: started
- name: config firewalld
firewalld:
port: 10050/tcp
permanent: yes
state: enabled
immediate: yes
[[email protected] tasks]$ head -n 3 main.yml
---
- import_tasks: firewalld.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
web端需要firewalld允許http
[[email protected] tasks]$ ls
firewalld.yml main.yml
[[email protected] tasks]$ pwd
/home/devops/ansible/roles/apache/tasks
[[email protected] tasks]$ cat firewalld.yml
---
- name: start firewalld
service:
name: firewalld
state: started
- name: config firewalld
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
[[email protected] tasks]$ head -n 3 main.yml
---
- import_tasks: firewalld.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
(2)添加tags
為每一個hosts對象添加一個tags,當我們測試時,可以将各個hosts對象子產品化分割開來,一塊一塊測試,十分友善
[[email protected] ansible]$ pwd
/home/devops/ansible
[[email protected] ansible]$ cat test_roles.yml
---
- hosts: db
roles:
- role: mariadb
tags: db
- hosts: server
roles:
- role: zabbix-server-mysql
- role: zabbix-agent
tags: server
- hosts: web
roles:
- role: zabbix-web-mysql
- role: apache
tags: web
- hosts: agent
roles:
- role: zabbix-agent
tags: agent
[[email protected] ansible]$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
(3)變量優化
将配置檔案可替換的參數替換為變量,再将變量統一寫在vars目錄下或者直接寫在主yml檔案中聲明,将變量統一管理,提高通用性。
server端
agent端
————————————————
版權聲明:本文為CSDN部落客「lllyr(ฅ>ω<*ฅ)」的原創文章,遵循CC 4.0 BY-SA版權協定,轉載請附上原文出處連結及本聲明。
原文連結:https://blog.csdn.net/llllyr/article/details/103220991
![小技巧 (十一) ansible普通使用者執行[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)