Shulou(Shulou.com)06/01 Report--

Editor to share with you if the Linux system to achieve ansible automation installation and configuration of httpd, I believe that most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

1. Use playbook of ansible to install httpd automatically.

1) first configure the hosts file of ansible so that its corresponding host can be controlled by ansible

Tip: we have configured the controlled host address on the host list, but directly use ansible's ping module to detect the survival of the host, but the permission is denied. From the prompt, let's specify what authentication to use. By default, ansible is verified by ssh's key, so it is not enough for us to configure ip to control hosts in the host list of ansible. We also need to configure ssh based on KEY authentication.

2) the configuration control host can be verified based on SSH key

[root@test ~] # ip as enp2s02: enp2s0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:30:18:51:af:3c brd ff:ff:ff:ff:ff:ff inet 192.168.0.99 scope global noprefixroute enp2s0 valid_lft forever preferred_lft forever inet 24 brd 192.168.0.255 scope global noprefixroute enp2s0 valid_lft forever preferred_lft forever inet 172.16.1.2 scope global noprefixroute enp2s0:0 valid_lft forever preferred_lft forever inet6 fe80::230 16 brd 172.16.255.255 : 18ff:fe51:af3c/64 scope link valid_lft forever preferred_lft forever [root@test ~] # ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/ root/.ssh/id_rsa): Created directory'/ root/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again:Your identification has been saved in / root/.ssh/id_rsa.Your public key has been saved in / root/.ssh/id_rsa.pub.The key fingerprint is:SHA256 UORxi5JhiKDBOhZP3FsbsZfyCjqUcjwqdl1qcnTyGsw root@testThe key's randomart image is:+--- [RSA 2048]-+ | + .oo =. | |. + .o.o. B. please.. | | o + * oyogo. | | o. + + | | .o * + oS. | | = B B. | | | .o = E o | | o. = o | |. | | +-[SHA256]-+ [root@test ~] # ssh-copy-id 192.168.0.99-p 41319/bin/ssh-copy-id: INFO: Source of key (s) to be installed: "/ root/.ssh/id_rsa.pub" The authenticity of host'[192.168.0.99]: 41319 ([192.168.0.99]: 41319) 'can't be established.ECDSA key fingerprint is SHA256:W2pD2PA2K9tGKGVK+weiINcVESkUaHjsTI263OVqBh5.ECDSA key fingerprint is MD5 | 3a:f8:c9:b1:63:c6:c1:ae:e0:6e:e2:ca:17:4a:20:7a.Are you sure you want to continue connecting (yes/no)? Yes/bin/ssh-copy-id: INFO: attempting to log in with the new key (s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key (s) remain to be installed-- if you are prompted now it is to install the new keysroot@192.168.0.99's password: Number of key (s) added: 1 Now try logging into the machine, with: "ssh- p '41319' '192.168.0.99'" and check to make sure that only the key (s) you wanted were added. [root@test] # scp-r. SSH 192.168.0.10:~/The authenticity of host '192.168.0.10 (192.168.0.10)' can't be established.ECDSA key fingerprint is SHA256:EG9nua4JJuUeofheXlgQeL9hX5H53JynOqf2vf53mII.ECDSA key fingerprint is MD5:57:83:e6:46:2c:4b:bb:33:13:56:17:f7:fd:76:71:cc.Are you sure you want to continue connecting (yes/no)? YesWarning: Permanently added '192.168.0.10' (ECDSA) to the list of known hosts.root@192.168.0.10's password:id_rsa 1675 677.0KB/s 00:00 id_rsa.pub 100 391 207.6KB/s 00:00 known_hosts 100 56 12.2KB/s 00:00 authorized_keys 100 12.6KB/s 00:00 [root@test ~] #

Tip: ssh-based key verification needs to be done on the ansible host. Above, I now generate a pair of ssh keys on the ansible host, then copy the public key to the local machine through ssh-copy-id to generate the authorized_keys file, and then copy the .ssh directory to the remote client, so that the ansible host can log in to the remote client based on key through ssh, and the remote client can also log in to the ansible host through ssh. This implements two-way ssh-based key authentication. If you only want to pass ssh one-way key-based authentication, you can generate a key pair on the ansible host and send the public key to the other party. For more information about ssh based on key authentication, please refer to my blog https://www.jb51.net/article/180381.htm.

Test: using an ansible host through a ssh remote client host

[root@test ~] # ssh 192.168.0.10Last login: Mon Jan 27 04:58:46 2020 from 192.168.0.99 [root@test-centos7-node1 ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00inet:: 1link/loopback 128 scope host valid_lft forever preferred_ Lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:f2:82:0c brd ff:ff:ff:ff:ff:ff inet 192.168.0.10 take 24 brd 192.168.0.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fef2:820c/64 scope link valid_lft forever preferred_lft forever [root@test-centos7-node1 ~] # exit log out Connection to 192.168.0.10 closed. [root@test ~] #

Tip: you can see that the ansible host can log in to the remote host normally without secret, and then we use the ping module of ansible to detect the survival of the controlled host.

Tip: you can see that the ping module of ansible is used to detect the survival of the remote host. The returned status is SUCCESS, and the data is pong indicating that the remote host is alive.

The environment of this ansible is ready, then write playbook to install httpd

[root@test ~] # cat install_httpd.yml----hosts: websers remote_user: root tasks:-name: copy epel file copy: src=/etc/yum.repos.d/CentOS-Base.repo dest=/etc/yum.repos.d/CentOS-Base.repo-name: install httpd yum: name=httpd-name: start httpd service: name=httpd state=started enabled=yes [root@test ~] # ansible-playbook-C install_httpd.yml PLAY [websers] * * TASK [copy epel file] * * changed: [192.168.0.10] TASK [install httpd] * * changed: [192.168.0.10] TASK [start httpd] * * changed: [192.168.0.10] PLAY RECAP * * * 192.168.0.10: ok=3 changed=3 unreachable=0 failed=0 [root@test ~] #

Tip: the main content of the above playbook is to copy the local yum source to the remote server, then install the httpd package through yum, and finally start httpd;. After writing the playbook, we use the ansible-playbook-C install_httpd.yml command to test the playbook we wrote. There is no problem. Next we use ansible-playbook to install httpd.

[root@test ~] # ansible-playbook install_httpd.yml PLAY [websers] * * TASK [copy epel file] * changed: [192. 168.0.10] TASK [install httpd] * changed: [192.168 .0.10] TASK [start httpd] * changed: [192. 168.0.10] PLAY RECAP * 192 .168.0.10: ok=3 changed=3 unreachable=0 failed=0 [root@test ~] #

Tip: judging from the execution status of ansible-playbook to playbook, we will directly use the browser to access 192.168.0.10 to see if httpd has been able to access normally. If it can be accessed normally, httpd has been installed.

Tip: we can see that we can directly access the test page of 192.168.0.10 using the browser, indicating that httpd was successfully installed on 192.168.0.10.

2. To set up a httpd server, two name-based virtual hosts are required:

(1) www.X.com, page file directory is / web/vhosts/x; error log is / var/log/httpd/x.err, access log is / var/log/httpd/x.access

Create a configuration file for the new virtual host www.X.com

[root@test ~] # cat x_com.conf ServerName www.X.com DocumentRoot "/ web/vhosts/x" Options None AllowOverride None Require all granted ErrorLog "logs/x.err" CustomLog "logs/x.access" combined [root@test ~] #

Tip: we have set up the configuration file on the ansible host, and we can use it later by directly using ansible to push the file to the corresponding directory of the corresponding host

(2) www.Y.com, page file directory is / web/vhosts/y; error log is / var/log/httpd/www2.err, access log is / var/log/httpd/y.access

Create a configuration file for the new virtual host www.Y.com

[root@test ~] # cat y_com.conf ServerName www.Y.com DocumentRoot "/ web/vhosts/y" Options None AllowOverride None Require all granted ErrorLog "logs/www2.err" CustomLog "logs/y.access" combined [root@test ~] # (3) create their respective home page files index.html for two virtual hosts with their corresponding hostnames

[root@test ~] # cat x_index.html www.X.com [root@test ~] # cat y_index.html www.Y.com [root@test ~] #

Tip: after the above files are ready on the ansible host, we can then write a playbook to push the corresponding files directly to the remote host.

[root@test ~] # cat set_virtualhost_conf_file.yml----hosts: websers remote_user: root tasks:-name: mkdir virtualhost documentroot directory shell: mkdir-p / web/vhosts/ {x Y}-name: copy x_com.conf to remotehost copy: src=/root/x_com.conf dest=/etc/httpd/conf.d/x_com.conf-name: copy x_com index file copy: src=/root/x_index.html dest=/web/vhosts/x/index.html-name: copy y_com.conf to remotehost copy: src=/root/y_com.conf dest=/etc/httpd/conf.d/y_com.conf-name: copy y_com index file copy: Src=/root/y_index.html dest=/web/vhosts/y/index.html [root@test ~] #

Tip: the contents of the above file mainly push the configuration file we have established to the corresponding directory of the corresponding host. Next, let's check whether the playbook we wrote is grammatical.

[root@test] # ansible-playbook-C set_virtualhost_conf_file.yml PLAY [websers] * * TASK [mkdir virtualhost documentroot directory] * skipping: [192.168.0.10] TASK [copy x_com.conf to remotehost] * * changed: [192.168.0.10] TASK [copy x_com index file] * * changed: [192.168.0.10] TASK [copy y_com.conf to remotehost] * * changed: [192.168.0.10] TASK [copy y_com index file] * * * changed: [192.168.0.10] PLAY RECAP * * * 192.168.0.10: ok=4 changed=4 unreachable=0 failed=0 [root@test ~] #

Tip: there is no problem with testing playbook. Next, let's run playbook, push the corresponding files to the httpd server, and then check on the server to see if the configuration file we wrote is correct.

[root@test ~] # ansible-playbook set_virtualhost_conf_file.yml PLAY [websers] * * TASK [mkdir virtualhost documentroot directory] * [WARNING]: Consider using file module with state=directory rather than running mkdir changed: [192.168.0.10] TASK [copy x_com.conf to remotehost] * changed: [192.168.0.10] TASK [copy x_com index file] * * changed: [192.168.0.10] TASK [copy y_com.conf to remotehost] * * changed: [192.168.0.10] TASK [copy y_com index file] * * changed: [192.168.0.10] PLAY RECAP * * * 192.168.0.10: ok=5 changed=5 unreachable=0 failed=0 [root@test ~] #

Tip: from the return status above, it is successful, but the first task prompts us to use the file module to create a directory. Next, we use ansible's shell module to check whether the syntax of the configuration file on the remote server is correct.

[root@test ~] # ansible websers-m shell-a'httpd-tasking 192.168.0.10 | SUCCESS | rc=0 > > AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fef2:820c. Set the 'ServerName' directive globally to suppress this messageSyntax OK [root@test ~] #

Tip: there is no problem for us to use ansible to check the configuration file syntax of httpd on the remote host. It tells us that there is no servername, and this prompt can ignore it. If you feel you have to deal with it, just find ServerName in the main configuration file of httpd and configure the corresponding servername. Next, we restart httpd, and then access two virtual hosts on the client.

[root@test ~] # ansible websers-m shell-a 'systemctl restart httpd'192.168.0.10 | SUCCESS | rc=0 > > [root@test ~] #

Change the / etc/hosts file on the client to access www.X.com and www.Y.com to resolve to the remote host

[root@test ~] # cat / etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.0.10 www.X.com www.Y.com [root@test ~] #

Test: use curl to visit two virtual hosts to see if the contents of the corresponding home page files are different

[root@test ~] # curl http://www.X.com/index.html www.X.com [root@test ~] # curl http://www.Y.com/index.html www.Y.com [root@test ~] #

Note: we can use curl to access the home page file of their respective virtual hosts, and we can see the corresponding home page file content. Of course, you can also change the hosts file of Windows, write the corresponding parsed content in it, and then use the Windows browser, as shown below:

Tip: find the hosts file on windows and add the corresponding record, as follows

Tip: next, we use Windows's browser to access the next two virtual hosts.

Next we'll see if all the logs on the httpd server have been generated.

[root@test] # ansible websers-m shell-a'ls-l / var/log/httpd' 192.168.0.10 | SUCCESS | rc=0 > > Total dosage 16kw / r. 1 root root 2668 January 27 06:30 access_log-rw-r--r--. 1 root root 2940 January 27 07:34 error_log-rw-r--r--. 1 root root 0 January 27 07:38 www2.err-rw-r--r--. 1 root root 500 January 27 07:52. Accessory RW Murray RW Murray Rafael. 1 root root January 27 07:38 x.errmurr Rwmuri Rafael Murray. 1 root root 500 January 27 07:52 y.access [root@test ~] # ansible websers-m shell-a 'cat / var/log/httpd/x.access'192.168.0.10 | SUCCESS | rc=0 > > 192.168.0.99-[27/Jan/2020:07:39:15-0500] "GET / index.html HTTP/1.1" 200 20 "-" curl/7.29.0 "192.168.0.232-- [27/Jan "GET / HTTP/1.1" 200 20 "-"Mozilla/5.0" (Windows NT 0500) WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 "192.168.0.232-[27/Jan/2020:07:52:31-0500]" GET / favicon.ico HTTP/1.1 "404 209" http://www.x.com/"Mozilla/5.0 (Windows NT 6.1) WOW64) AppleWebKit/537.36 (KHTML Like Gecko) Chrome/69.0.3497.100 Safari/537.36 "[root@test ~] # ansible websers-m shell-a 'cat / var/log/httpd/y.access'192.168.0.10 | SUCCESS | rc=0 > > 192.168.0.99-[27/Jan/2020:07:39:19-0500]" GET / index.html HTTP/1.1 "200 20"-"curl/7.29.0" 192.168.0.232- -[27/Jan/2020:07:52:48-0500] "GET / HTTP/1.1" 200 20 "-" Mozilla/5.0 (Windows NT WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 "192.168.0.232-- [27/Jan/2020:07:52:48-0500]" GET / favicon.ico HTTP/1.1 "404 209" http://www.y.com/"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" [root@test] #

Tip: you can see that log files with corresponding names have been generated on the httpd server.

What is Linux system Linux is a free-to-use and free-spread UNIX-like operating system, is a POSIX-based multi-user, multi-task, multi-threaded and multi-CPU operating system, using Linux can run major Unix tools, applications and network protocols.

The above is all the content of this article "if the Linux system implements ansible automation installation and configuration httpd", thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.