# auto-install **Repository Path**: Sajor-Dino/auto-install ## Basic Information - **Project Name**: auto-install - **Description**: 自动化安装Linux中常见功能模块 - **Primary Language**: Unknown - **License**: Apache-2.0 - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 2 - **Forks**: 1 - **Created**: 2024-04-10 - **Last Updated**: 2024-05-06 ## Categories & Tags **Categories**: Uncategorized **Tags**: Python, Ansible ## README # Linux自动化安装 ### 模块介绍 ``` - playbook.yml # 主剧本,也可自己配置剧本,导入所需模块 - inventory.yml # 资产清单配置文件,配置服务器ip密码 - ansible.cfg # 通用配置 - roles # 中放各种模块 - common # 通用任务 - init-env # 初始化环境,创建目录等 - ... # 其他模块 ``` | Status | Module | Description | Link | CentOS x86 Support | CentOS ARM Support | Ubuntu x86 Support | Ubuntu ARM Support | |--------|------|-------------|------|---------------------|---------------------|---------------------|---------------------| | ✅ | change-hosts | 修改hosts文件 | [README](roles/change-hosts/README.md) | ✅ | ✅ | ✅ | ✅ | | ✅ | config-repo | 配置包管理工具源 | [README](roles/config-repo/README.md) | ✅ | | ✅ | | | ✅ | ~~config-yumrepo~~ | ~~配置yum源任务~~ | [README](roles/config-yumrepo/README.md) | ✅ | | | | | ✅ | disable-selinux | 禁用SELinux模块 | [README](roles/disable-selinux/README.md) | ✅ | ✅ | | | | ✅ | distribute-file | 分发文件到远程主机 | [README](roles/distribute-file/README.md) | ✅ | ✅ | ✅ | ✅ | | ✅ | download-file | 从远程主机获取文件 | [README](roles/download-file/README.md) | ✅ | ✅ | ✅ | ✅ | | | install-apisix | 安装Apisix | [README](roles/install-apisix/README.md) | | | | | | ✅ | install-chrony | 安装chrony | [README](roles/install-chrony/README.md) | ✅ | | ✅ | | | ✅ | install-common-tools | 安装其他常见模块 | [README](roles/install-common-tools/README.md) | ✅ | ✅ | ✅ | ✅ | | ✅ | install-docker | 安装Docker | [README](roles/install-docker/README.md) | ✅ | ✅ | | | | ✅ | install-firewalld | 安装防火墙firewalld | [README](roles/install-firewalld/README.md) | ✅ | ✅ | ✅ | ✅ | | | install-harbor | 安装harbor | [README](roles/install-harbor/README.md) | | | | | | ✅ | install-jdk8 | 安装jdk8 | [README](roles/install-jdk8/README.md) | ✅ | ✅ | | | | | install-grafana | 安装Grafana | [README](roles/install-grafana/README.md) | | | | | | | install-prometheus | 安装prometheus | [README](roles/install-prometheus/README.md) | | | | | | ✅ | install-mydumper | 安装MyDumper数据备份工具 | [README](roles/install-mydumper/README.md) | ✅ | | | | | | install-mysql5.7 | 安装MySQL5.7数据库 | [README](roles/install-mysql5.7/README.md) | | | | | | | install-nacos | 安装Nacos | [README](roles/install-nacos/README.md) | | | | | | | install-nextcloud | 安装NextCloud | [README](roles/install-nacos/README.md) | | | | | | | install-nfs | 安装文件服务 | [README](roles/install-nfs/README.md) | | | | | | ✅ | install-nginx | 安装Nginx | [README](roles/install-nginx/README.md) | ✅| ✅ | ✅ | ✅ | | | install-redis | 安装Reids数据库 | [README](roles/install-redis/README.md) | | | ✅ | install-repo-manager | 安装自建包管理工具源 | [README](roles/install-repo-manager/README.md) | ✅ | | ✅ | | | ✅ | ~~install-yumrepo~~ | ~~安装自建yum源~~ | [README](roles/install-yumrepo/README.md) | ✅ | | | | | | optimize-connect-num | 优化连接数 | [README](roles/optimize-connect-num/README.md) | | | | | | ✅ | sync-time | 修改时区并与时间服务器校准时间 | [README](roles/sync-time/README.md) | ✅ | ✅ | | | | | update-kernel | 升级内核 | [README](roles/update-kernel/README.md) | | | | | ### 安装ansible ``` cd ansible-install && bash install_ansible.sh ``` ### 使用 #### 资源配置 配置资源清单 inventory.yml ,将ip密码都写入文件中 ``` # 包管理工具源配置 repo_source: hosts: # CentOS 的x86架构机器,名称不能改 yumsource_x86: ansible_host: 172.38.160.13 ansible_password: "xxx" # 工具源 httpd端口自定义 repo_port: 80 # 工具源 存放httpd路径 repo_path: centos # arm 架构机器,没有可以不配 yumsource_arm: ansible_host: 172.38.160.13 ansible_password: "xxx" # Ubuntu 的x86机器 aptsource_x86: ansible_host: 172.38.160.13 ansible_user: "ubuntu" ansible_password: "xxx" # sudo密码要配置 ansible_sudo_pass: "xxx" # 工具源 httpd端口自定义 repo_port: 80 # 工具源 存放httpd路径 repo_path: repo aptsource_arm: ansible_host: 172.38.160.13 ansible_password: "xxx" ``` 创建一个文件,并将ansible-vault的密码写入其中: ``` echo "Your own password" > ~/my-ansible-vault-pw-file ``` 生成加密后的密码 ``` ansible-vault encrypt_string --vault-id my_user@~/my-ansible-vault-pw-file 'Your_SSH_password' --name 'ansible_password' ``` 密码贴入资产清单中 ``` ansible_password: !vault | $ANSIBLE_VAULT;1.2;AES256;my_user 32623763356265356663316661366136353464386134616130353639346232356632376561613538 6532343838666330363661376464393763616535326337380a323035363164666235646135396237 64646662306337373636316339626130393939633264383930363466316430323766313831336435 3566663161393938360a353039303832653964353464626333636361633838383031656336616536 33373437323239353133663864336331303837316261653735646166643532613337 ``` 启动时指定密码文件 ``` # ad-hoc ansible all -i inventory.yml --vault-id root@~/my-ansible-vault-pw-file -m yum -a "name=docker-ce state=removed" # playbook ansible-playbook -i inventory --vault-id my_user@~/my-ansible-vault-pw-file first_playbook.yml ``` #### 启动剧本 一键安装 ``` ansible-playbook -i inventory.yml playbook.yml ``` 跳过配置自建yum源步骤 ``` ansible-playbook -i inventory.yml playbook.yml --skip-tag=yumsource ``` ### 命令行模式 首先要维护好资产清单,这里提供了一个命令行的方式,可以指定主机组或单台主机 安装指定的模块 使用--help可以查看支持的模块。 ``` ╰─$ python command.py --help usage: command.py [-h] {change-hosts,distribute-file,download-file,firewall-whitelist,install-chrony,install-docker,install-firewalld,install-common-tools,install-yumrepo,install-mydumper,install-ntpdate,config-yumrepo,test,sync-time} ... 自动化安装Linux软件 positional arguments: {change-hosts,distribute-file,download-file,firewall-whitelist,install-chrony,install-docker,install-firewalld,install-common-tools,install-yumrepo,install-mydumper,install-ntpdate,config-yumrepo,test,sync-time} 可用模块 change-hosts 添加主机hosts模块,默认格式为 域名前缀+IP匹配+域名后缀 distribute-file 上传文件到远程主机 download-file 从远程主机下载文件到本地,默认下载history操作日志 firewall-whitelist 防火墙白名单互信模块 install-chrony 安装chrony模块 install-docker 安装Docker模块 install-firewalld 安装防火墙firewalld模块 install-common-tools 安装常用模块 install-yumrepo 安装yum源模块 install-mydumper 安装MyDumper模块 install-ntpdate 安装ntpdate模块 config-yumrepo 配置yum源模块 test test测试模块 sync-time 同步服务器时间模块 options: -h, --help show this help message and exit ``` 具体每个模块含有哪些参数也可以继续使用help帮助。 ``` ╰─$ python command.py change-hosts --help usage: command.py change-hosts [-h] [--hostname_prefix HOSTNAME_PREFIX] [--hostname_suffix HOSTNAME_SUFFIX] [--hostsname_matching_rule HOSTSNAME_MATCHING_RULE] hosts positional arguments: hosts 资产主机组-资产清单中维护 options: -h, --help show this help message and exit --hostname_prefix HOSTNAME_PREFIX 修改通用域名前缀 --hostname_suffix HOSTNAME_SUFFIX 修改通用域名后缀 --hostsname_matching_rule HOSTSNAME_MATCHING_RULE 修改通用IP匹配规则 ``` 示例 ``` ╰─$ python command.py test jdk-server --alias_hosts_domain=111 [WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details [DEPRECATION WARNING]: Specifying a list of dictionaries for vars is deprecated in favor of specifying a dictionary. This feature will be removed in version 2.18. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. PLAY [jdk-server] ************************************************************************************************************ TASK [test : Add hostnames and IPs to /etc/hosts] **************************************************************************** ok: [jdk-server01] => { "msg": " 111" } PLAY RECAP ******************************************************************************************************************* jdk-server01 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ```