美文网首页
DHCP、Ansible

DHCP、Ansible

作者: 请叫我飘哥 | 来源:发表于2019-05-22 15:20 被阅读0次

    1、搭建DHCP服务,为局域网内用户提供192.168.100.0/24网段的IP,且租约期默认为48小时

    • 网络拓扑


      网络拓扑
    • 环境说明
      dhcp-server:Centos7、192.168.100.10 安装dhcp服务
      dhcp-client:Centos6,通过dhclient -d 查看获取IP地址状态

    • dhcp服务搭建及配置

    option domain-name "peaoguo.com";
    option domain-name-servers 192.168.0.1;
    
    default-lease-time 86400;    #默认续期为48小时
    max-lease-time 172800;    #最大续期为72小时
    
    log-facility local7;
    
    subnet 192.168.100.0  netmask 255.255.255.0 {
            range 192.168.100.100 192.168.100.120;  #IP地址池
            option routers 192.168.100.254;           #网关
            filename "pxelinux.0";                   #网络引导文件
            next-server 192.168.100.10;      # dhcp服务IP地址
    }
    
    • dhcp-client 获取ip 地址测试


      dhcp获取IP过程
    • dhcp-server服务器日志
    [root@localhost dhcpd]# tail /var/log/messages
    May 13 14:32:07 localhost dhcpd: DHCPREQUEST for 192.168.100.100 from 00:50:56:ae:70:49 (localhost) via ens34
    May 13 14:32:07 localhost dhcpd: DHCPACK on 192.168.100.100 to 00:50:56:ae:70:49 (localhost) via ens34
    May 13 14:33:23 localhost dhcpd: DHCPDISCOVER from 00:50:56:ae:70:49 (localhost) via ens34
    May 13 14:33:23 localhost dhcpd: Abandoning IP address 192.168.100.100: pinged before offer
    May 13 14:33:25 localhost dhcpd: DHCPDISCOVER from 00:50:56:ae:70:49 via ens34
    May 13 14:33:26 localhost dhcpd: DHCPOFFER on 192.168.100.101 to 00:50:56:ae:70:49 via ens34
    May 13 14:33:26 localhost dhcpd: DHCPREQUEST for 192.168.100.101 (192.168.100.10) from 00:50:56:ae:70:49 via ens34
    May 13 14:33:26 localhost dhcpd: DHCPACK on 192.168.100.101 to 00:50:56:ae:70:49 via ens34
    May 13 14:39:26 localhost dhcpd: DHCPREQUEST for 192.168.100.101 from 00:50:56:ae:70:49 via ens34
    May 13 14:39:26 localhost dhcpd: DHCPACK on 192.168.100.101 to 00:50:56:ae:70:49 via ens34
    
    

    2、在上述实验基础上,实现DHCP中继

    • 网络拓扑


      dhcp中继网络拓扑
    • 环境准备
      dhcp-server:Centos7、192.168.100.10 安装dhcp服务
      dhcp-relay:Centos7、eth0:192.168.100.25、eth1:10.1.1.1 安装dhcp服务
      dhcp-client:Centos6,通过dhclient -d 查看获取IP地址状态
    • dhcp-server 配置
    网卡配置:
    TYPE=Ethernet
    PROXY_METHOD=none
    BROWSER_ONLY=no
    BOOTPROTO=static
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=yes
    IPV6INIT=no
    IPV6_AUTOCONF=yes
    IPV6_DEFROUTE=yes
    IPV6_FAILURE_FATAL=no
    IPV6_ADDR_GEN_MODE=stable-privacy
    NAME=ens32
    UUID=db2dbbd8-a363-4249-a3cf-7d2a42de81f2
    DEVICE=ens32
    ONBOOT=yes
    IPADDR=192.168.100.10
    NETMASK=255.255.255.0
    GATEWAY=192.168.100.254   #指向dhcp-relay服务器eth0
    PREFIX=24
    ---------------------------------------------------------          
    dhcp服务配置:
    option domain-name "peaoguo.com";
    option domain-name-servers 192.168.0.1;
    
    default-lease-time 43200;
    max-lease-time 86400;
    
    log-facility local7;
    
    subnet 192.168.100.0  netmask 255.255.255.0 {
            range 192.168.100.100 192.168.100.120;
            option routers 192.168.100.254;
    }
    
    subnet 10.1.1.0  netmask 255.255.255.0 {
            range 10.1.1.100 10.1.1.254;
            option routers 10.1.1.1;
    }
    
    启动dhcp服务
    system start dhcpd
    
    • dhcp-relay服务器配置
    eth0网卡配置:
    TYPE=Ethernet
    BOOTPROTO=static
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=no
    IPV6INIT=yes
    IPV6_AUTOCONF=yes
    IPV6_DEFROUTE=yes
    IPV6_FAILURE_FATAL=no
    IPV6_ADDR_GEN_MODE=stable-privacy
    NAME=ens34
    UUID=f570d8a2-908c-4b0b-9d1c-38524549e0d4
    DEVICE=ens34
    ONBOOT=yes
    PROXY_METHOD=none
    BROWSER_ONLY=no
    IPADDR=192.168.100.254       
    PREFIX=24
    GATEWAY=192.168.100.10  #指向dhcp服务器IP地址
    
    eth1网卡配置:
    
    TYPE=Ethernet
    BOOTPROTO=static
    DEFROUTE=yes
    IPV4_FAILURE_FATAL=no
    IPV6INIT=yes
    IPV6_AUTOCONF=yes
    IPV6_DEFROUTE=yes
    IPV6_FAILURE_FATAL=no
    IPV6_ADDR_GEN_MODE=stable-privacy
    NAME=ens35
    UUID=0f082b61-0afd-4294-a62a-313e2f5b394e
    DEVICE=ens35
    ONBOOT=yes
    PROXY_METHOD=none
    BROWSER_ONLY=no
    IPADDR=10.1.1.1   #指向dhcp地址池默认网关
    PREFIX=24
    
    dhcrelay配置
    [root@node1 ~]# dhcrelay 192.168.100.10
    Dropped all unnecessary capabilities.
    Internet Systems Consortium DHCP Relay Agent 4.2.5
    Copyright 2004-2013 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/
    Listening on LPF/ens35/00:50:56:84:33:f0
    Sending on   LPF/ens35/00:50:56:84:33:f0
    Listening on LPF/ens34/00:50:56:84:0f:10
    Sending on   LPF/ens34/00:50:56:84:0f:10
    Listening on LPF/ens32/00:50:56:84:34:a6
    Sending on   LPF/ens32/00:50:56:84:34:a6
    Sending on   Socket/fallback
    
    
    [root@node1 ~]# ss -tunlp |grep dhcrelay
    udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4092551,fd=7))
    udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4091950,fd=7))
    udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4090021,fd=7))
    
    • dhcp-client测试


      image.png
    • dhcp-server日志
    [root@localhost ~]# tailf /var/log/messages
    May 13 17:53:24 localhost dhcpd: DHCPREQUEST for 10.1.1.101 (192.168.100.10) from 00:50:56:ae:76:2b via 10.1.1.1
    May 13 17:53:24 localhost dhcpd: DHCPACK on 10.1.1.101 to 00:50:56:ae:76:2b via 10.1.1.1
    May 13 17:54:15 localhost dhcpd: DHCPREQUEST for 10.1.1.101 from 00:50:56:ae:76:2b via 10.1.1.1
    May 13 17:54:15 localhost dhcpd: DHCPACK on 10.1.1.101 to 00:50:56:ae:76:2b via 10.1.1.1
    
    

    3、借助Ansible Playbook自动化搭建LNMP环境(可借助yum)

    • 网络拓扑


      网络拓扑
    • 环境说明
      ansible服务器:安装ansible、免密登录LNMP服务器
      LNMP:安装nginx、php-fpm、php-mysql、mariadb-service(采用yum安装)
    • ansible服务器配置
    编辑hosts文件添加LNMP主机
    [root@localhost ansible]# vim hosts
    [LNMP]
    10.192.1.158
    
    准备各服务配置及WordPress安装文件
    nginx.conf
    wordpress-5.0.3-zh_CN.tar.gz
    wp-config.php
    
    编写playbook
    [root@localhost playbook]# vim lnmp.yaml 
    
    
    - hosts: LNMP
      remote_user: root
      tasks:
      - name: install rpms         #安装软件包
        yum: name={{ item }}  state=present
        with_items:
        - nginx
        - php-fpm
        - php-mysql
        - mariadb-server
        tags: rpm
    
      - name: install conf       #拷贝nginx配置文件,如果配置文件发生改变触发nginx重启
        copy: src=/etc/ansible/playbook/nginx.conf  dest=/etc/nginx/nginx.conf
        notify: restartnginx
      - name: start service  #启动服务
        service: name={{ item }} state=started enabled=yes
        with_items:
        - mariadb
        - php-fpm
        - nginx
      - name: create wordress databases    #创建WordPress数据库
        mysql_db: login_user=root name=wordpress
      - name: mariadb conf   #给数据库授权
        mysql_user: login_user=root name=wordpress host=localhost password='wordpress' priv='wordpress.*:ALL' state=present
        tags: db
      - name: mkdir   #创建WordPress安装目录
        file: path=/data state=directory mode=0755
      - name: uncompress    #解压
        unarchive: src=/etc/ansible/playbook/wordpress-5.0.3-zh_CN.tar.gz dest=/data/
        tags: up
      - name: wordpress config  #拷贝WordPress配置文件
        copy: src=/etc/ansible/playbook/wp-config.php dest=/data/wordpress/
        tags: cpwp
      handlers:
      - name: restartnginx
        service: name=nginx state=restarted
    
    • 运行playbook
      • 测试语法是playbook语法
        [root@localhost playbook]# ansible-playbook --syntax-check lnmp.yaml 
        
        playbook: lnmp.yaml
        [root@localhost playbook]#
        
      • 干跑测试下
        [root@localhost playbook]# ansible-playbook -C lnmp.yaml


        测试
      • 运行
        [root@localhost playbook]# ansible-playbook lnmp.yaml


        运行
    • 浏览器访问
      http://www.peaoguo.wp.com/wp-admin/install.php
    访问初始化WordPress

    4、采用Ansible Role方式自动化搭建LNMP

    • 创建目录结构
      mkdir -pv {nginx,php,mariadb,wordpress}/{tasks,vars,templates,files,meta,defaults}
    • nginx角色编排
    编排nginx角色tasks
    cd  /etc/ansible/roles/nginx/tasks
    vim main.yml
    - name: install nginx
      yum: name=nginx state=latest
      when: ansible_os_family == "RedHat"
    - name: copy config
      copy: src=nginx.conf  dest=/etc/nginx/nginx.conf
      notify: restart nginx
    - name: start
      service: name=nginx  state=started enabled=yes
    
    编排触发重启
    cd  /etc/ansible/roles/nginx/handlers
    vim main.yml
    - name: restart nginx
      service: name=nginx state=restarted
    
    准备nginx.conf配置文件
    cd  /etc/ansible/roles/nginx/files
    cp /etc/nginx/nginx.conf .
    
    • php角色编排
    cd /etc/ansible/roles/php/tasks
    vim main.yml
    - name: install php
      yum: name={{ item }}  state=present
      with_items:
      - php-fpm
      - php-mysql
    - name: start php
      service: name=php-fmp state=started enabled=yes
    
    
    • mariadb角色编排
    cd /etc/ansible/roles/mariadb/tasks
    vim main.yml 
    - name: install mariadb-server
      yum: name=mariadb-server
    - name: start service
      service: name=mariadb state=started enabled=yes
    - name: create wordress databases
      mysql_db: login_user=root name=wordpress
    - name: mariadb conf
      mysql_user: login_user=root name=wordpress host=localhost password='wordpress' priv='wordpress.*:ALL' state=present
      tags: db
    
    

    wordpress角色编排

    cd /etc/ansible/roles/wordpress/tasks
    vim main.yml
    - name: mkdir
      file: path=/data state=directory mode=0755
    - name: uncompress
      unarchive: src=/etc/ansible/playbook/wordpress-5.0.3-zh_CN.tar.gz dest=/data/
      tags: up
    - name: wordpress config
      copy: src=/etc/ansible/playbook/wp-config.php dest=/data/wordpress/
      tags: cpwp
    
    准备WordPress安装文件
    cd /etc/ansible/roles/wordpress/files
    cp /root/wordpress-5.0.3-zh_CN.tar.gz  .  
    
    • playbook编写
    - name: install nginx
      hosts: LNMP
      remote_user: root
      roles:
        - nginx
        - php
        - mariadb
        - wordpress
    
    • playbook语法测试
    [root@localhost ansible]# ansible-playbook --syntax-check lnmp.yaml 
    playbook: lnmp.yaml
    [root@localhost ansible]# 
    
    • 运行
      [root@localhost ansible]# ansible-playbook lnmp.yaml


      运行

    相关文章

      网友评论

          本文标题:DHCP、Ansible

          本文链接:https://www.haomeiwen.com/subject/efblaqtx.html