Ansible-playbook Bote
hostss文件
[master] 192.168.1.80 ansible_connection=local [master:vars] hostname=master01 [client] 192.168.1.81 hostname=node01 192.168.1.82 hostname=node02 [client:vars] hwf=123 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=123456 [total:children] master client
ntprpm.sh文件
#!/bin/bash cd ~ yum -y localinstall *.rpm
master_server.yaml文件
## modify date 2021/5/27 ## Name of creator Hwf - name: config yum and ntp server hosts: master vars: - ntp_server: "192.168.1.80" tasks: # 修改主机名为inventory中的主机名 - name: 01-set hostname shell: hostnamectl set-hostname {{ hostname }} # 停止并禁用firewalld - name: 02-disable firewalld service: name: firewalld state: stopped enabled: false # 停止并禁用iptables,若未安装iptables-services,则忽略错误 - name: 03-disable iptables service: name: iptables state: stopped enabled: false ignore_errors: true # 禁用selinux - name: 04-setenforce 0 shell: setenforce 0 ignore_errors: true - name: 05-disable selinux replace: path: /etc/selinux/config regexp: SELINUX=enforcing replace: SELINUX=disabled # 修改sysctl.conf文件 - name: 06-config sysctl.conf blockinfile: path: /etc/sysctl.conf block: | net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-arptables = 1 net.ipv4.ip_forward = 1 # for network connection track net.netfilter.nf_conntrack_max = 2097152 # net.netfilter.nf_conntrack_buckets = 525488 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 15 net.netfilter.nf_conntrack_tcp_timeout_established = 7200 # for kernel network parameters net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_max_tw_buckets = 36000 # net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 1024 65000 # net.ipv4.route.gc_timeout = 100 net.core.somaxconn = 65535 net.core.netdev_max_backlog = 16384 net.ipv4.tcp_max_orphans = 8192 # 将sysctl.conf配置生效 - name: 07-apply sysctl.conf shell: | modprobe bridge modprobe ip_conntrack modprobe br_netfilter echo 262144 > /sys/module/nf_conntrack/parameters/hashsize sysctl -p tags: - "modprobe" # 禁用交换分区 - name: 08-disable swap shell: swapoff -a tags: - "swap" - name: 09-comment /etc/fstab swap replace: path: /etc/fstab regexp: "(^/.*swap.*)" replace: '# ' # 安装ntp - name: 10-tar ntp ntpdate unarchive: src: ntp.tgz dest: /root tags: - "ntp" - name: 11-install ntp rpm from a local file script: ./ntprpm.sh # 注释默认server,添加本地ntp - name: 12-comment default server replace: path: /etc/ntp.conf regexp: "(server)(.*iburst)" replace: '# ' - name: 13-add local ntp server blockinfile: path: /etc/ntp.conf insertafter: "# (server)(.*3.*)" block: | server {{ ntp_server }} iburst server 127.127.1.0 fudge 127.127.1.0 stratum 10 # 重启ntp服务 - name: 14-restart ntpd service: name: ntpd state: restarted enabled: true
node_client.yaml文件
## modify date 2021/5/27 ## Name of creator Hwf - name: config yum and ntp server hosts: client vars: - ntp_server: "192.168.1.80" tasks: # 修改主机名为inventory中的主机名 - name: 01-set hostname shell: hostnamectl set-hostname {{ hostname }} # 停止并禁用firewalld - name: 02-disable firewalld service: name: firewalld state: stopped enabled: false # 停止并禁用iptables,若未安装iptables-services,则忽略错误 - name: 03-disable iptables service: name: iptables state: stopped enabled: false ignore_errors: true # 禁用selinux - name: 04-setenforce 0 shell: setenforce 0 ignore_errors: true - name: 05-disable selinux replace: path: /etc/selinux/config regexp: SELINUX=enforcing replace: SELINUX=disabled # 修改sysctl.conf文件,根据虚拟化和物理机修改conntrack_max值 - name: 06-config sysctl.conf blockinfile: path: /etc/sysctl.conf block: | net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-arptables = 1 net.ipv4.ip_forward = 1 # for network connection track # # net.netfilter.nf_conntrack_max = 1048576 #net.netfilter.nf_conntrack_max = 2097152 # # # net.netfilter.nf_conntrack_buckets = 525488 net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_time_wait = 30 net.netfilter.nf_conntrack_tcp_timeout_close_wait = 15 net.netfilter.nf_conntrack_tcp_timeout_established = 7200 # for kernel network parameters net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_probes = 3 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_synack_retries = 3 net.ipv4.tcp_syn_retries = 3 net.ipv4.tcp_max_tw_buckets = 36000 # net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 1024 65000 # net.ipv4.route.gc_timeout = 100 net.core.somaxconn = 65535 net.core.netdev_max_backlog = 16384 net.ipv4.tcp_max_orphans = 8192 # 将sysctl.conf配置生效,根据虚拟化和物理机修改hashsize值 - name: 07-apply sysctl.conf shell: | modprobe bridge modprobe ip_conntrack modprobe br_netfilter echo 262144 > /sys/module/nf_conntrack/parameters/hashsize sysctl -p tags: - "modprobe" # 禁用交换分区 - name: 08-disable swap shell: swapoff -a #因存在多次注释/etc/fstab问题,所以需要注释fstab时,指定--tags=never - name: 09-comment /etc/fstab swap replace: path: /etc/fstab regexp: "(^/.*swap.*)" replace: '# ' # 安装ntp - name: 10-tar ntp ntpdate unarchive: src: ntp.tgz dest: /root tags: - "ntp" - name: 11-install ntp rpm from a local file script: ./ntprpm.sh - name: 12-ntp.conf add configfile shell: | cat >/etc/ntp.conf<<EOF server {{ ntp_server }} EOF # 重启ntp服务 - name: 13-restart ntpd service: name: ntpd state: restarted enabled: true
继续阅读

我的微信
这是我的微信扫一扫
评论