lnmp部署&&Ansible部署zabbix6.0版本

目录标题

• • • • • lnmp 架构
        • • 准备工作
          • 部署nginx
          • 部署 mysql
          • 部署 PHP
        • 使用Ansible 部署 zabbix6.0版本
        • • 准备工作
          • ansible 操作
          • 配置关闭防火墙跟SElinux的playbook
          • 部署nginx 的playbook
          • 部署 MySQL8.0版本
          • 部署PHP
          • 部署zabbix
          • 部署zabbix服务端
          • 部署客户端

lnmp 架构

LNMP是指一组通常一起使用来运行动态网站或者服务器的自由软件名称首字母缩写。L指Linux，N指Nginx，M一般指MySQL，也可以指MariaDB，P一般指PHP，也可以指Perl或Python。

---

Nginx是一个高性能的HTTP和反向代理服务器，也是一个IMAP 、 POP3、SMTP 代理服务器。

Mysql是一个小型关系型数据库管理系统

PHP是一种在服务器端执行的嵌入HTML文档的脚本语言

这四种软件均为免费开源软件，组合到一起，成为一个免费、高效、扩展性强的网站服务系统

---

nginx官网

---

mysql官网

---

PHP官网

---

部署lnmp 环境

准备工作

## 配置 yum源[root@localhost ~]# cd /etc/yum.repos.d/[root@localhost yum.repos.d]# rm -rf *[root@localhost yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo[root@localhost yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo## 清除 缓存[root@localhost yum.repos.d]# dnf clean all0 files removed## 建立缓存[root@localhost yum.repos.d]# dnf makecache[root@localhost yum.repos.d]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm[root@localhost yum.repos.d]# sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*[root@localhost yum.repos.d]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*## 清除 缓存[root@localhost yum.repos.d]# dnf clean all0 files removed## 建立缓存[root@localhost yum.repos.d]# dnf makecache## 关闭防火墙跟SElinux[root@localhost ~]# sed -i '/SELINUX=enforcing/c SELINUX=disabled' /etc/selinux/config[root@localhost ~]# grep '^SELINUX=' /etc/selinux/configSELINUX=disabled[root@localhost ~]# systemctl disable --now firewalldRemoved /etc/systemd/system/multi-user.target.wants/firewalld.service.Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.## 重启[root@localhost ~]# reboot

部署nginx

## 下载 nginx[root@localhost ~]# cd /usr/src/[root@localhost src]# wget https://nginx.org/download/nginx-1.22.0.tar.gz## 下载 依赖包[root@localhost ~]# dnf -y install  boost-devel --allowerasing pcre-devel openssl openssl-devel gd-devel  gcc gcc-c++ make[root@localhost ~]# yum -y groups mark install 'Development Tools'## 创建系统用户[root@localhost ~]# useradd -r -M -s /sbin/nologin nginx[root@localhost ~]# id nginxuid=995(nginx) gid=992(nginx) groups=992(nginx) ## 创建日志存放目录[root@localhost ~]# mkdir -p /var/log/nginx[root@localhost ~]# chown -R nginx.nginx /var/log/nginx/[root@localhost ~]# ll -d /var/log/nginx/drwxr-xr-x 2 nginx nginx 6 Aug 31 10:21 /var/log/nginx/## 编译安装[root@localhost ~]# cd /usr/src/[root@localhost src]# lsdebug  kernels  nginx-1.22.0.tar.gz[root@localhost src]# tar xf nginx-1.22.0.tar.gz[root@localhost src]# cd nginx-1.22.0[root@localhost nginx-1.22.0]# ./configure \ --prefix=/usr/local/nginx \ --user=nginx \ --group=nginx \ --with-debug \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_image_filter_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --http-log-path=/var/log/nginx/access.log \ --error-log-path=/var/log/nginx/error.log[root@localhost nginx-1.22.0]# nproc  ## 查看核心数2[root@localhost nginx-1.22.0]# make -j 2 && make install## 设置环境变量[root@localhost ~]# echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh[root@localhost ~]# source /etc/profile.d/nginx.sh[root@localhost ~]# which nginx/usr/local/nginx/sbin/nginx## 启动 nginx[root@localhost ~]# nginx[root@localhost ~]# ss -antlState   Recv-Q  Send-Q    Local Address:Port     Peer Address:Port  ProcessLISTEN  0       128             0.0.0.0:80            0.0.0.0:*LISTEN  0       128             0.0.0.0:22            0.0.0.0:*LISTEN  0       128                [::]:22               [::]:*//服务控制方式，使用nginx命令    -t  //检查配置文件语法    -v  //输出nginx的版本    -c  //指定配置文件的路径    -s  //发送服务控制信号，可选值有{stop|quit|reopen|reload}        #location ~ \.php$ {        #    root           html;        #    fastcgi_pass   127.0.0.1:9000;        #    fastcgi_index  index.php;        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;        #    include        fastcgi_params;        #}// 还没有开启 反向代理之前## 开启反向代理[root@localhost ~]# sed -i '/pass the PHP/{N;/#/{n;s/#//g}}'  /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/^        location ~ \\.php/{N;s/#//g}' /usr/local/nginx/conf/nginx.conf [root@localhost ~]# sed -i '/fastcgi_pass/{s/#//g}' /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/fastcgi_index/{s/#//g}' /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/SCRIPT_FILENAME/c \            fastcgi_param  SCRIPT_FILENAME  /$document_root$fastcgi_script_name;' /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/fastcgi_params/{s/#//g}' /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/fastcgi_params/{n;s/#//g}' /usr/local/nginx/conf/nginx.conf[root@localhost ~]# sed -i '/^            index/c \            index index.php index.html index.htm;' /usr/local/nginx/conf/nginx.conf### 修改之后的内容        location ~ \.php$ {            root           html;            fastcgi_pass   127.0.0.1:9000;            fastcgi_index  index.php;            fastcgi_param  SCRIPT_FILENAME  /$document_root$fastcgi_script_name;            include        fastcgi_params;        }配置 PHP 网页[root@localhost ~]# cd /usr/local/nginx/html/[root@localhost html]# cat index.php ## 停掉之后立马启动[root@localhost ~]# nginx -s stop;nginx[root@localhost ~]# nginx -s reload   // 推荐使用## 设置开机自启[root@localhost ~]# cd /usr/lib/systemd/system[root@localhost system]# cp sshd.service nginxd.service[root@localhost system]# vim nginxd.service[Unit]Description=nginx server daemonAfter=network.target sshd-keygen.target[Service]Type=forkingExecStart=/usr/local/nginx/sbin/nginxExecStop=/usr/local/nginx/sbin/nginx -s stopExecReload=/bin/kill -HUP $MAINPID[Install]WantedBy=multi-user.target[root@localhost system]# systemctl daemon-reload[root@localhost ~]# systemctl enable --now nginxd

---

访问 nginx

---

部署 mysql

# 安装依赖包[root@localhost ~]# dnf -y install ncurses-compat-libs openssl-devel openssl cmake mariadb-devel# 创建mysql系统用户[root@localhost ~]# useradd -r -M -s /sbin/nologin mysql[root@localhost ~]# id mysqluid=994(mysql) gid=991(mysql) groups=991(mysql)# 下载二进制格式的mysql软件包[root@localhost ~]# cd /usr/src/[root@localhost src]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.37-linux-glibc2.12-x86_64.tar.gz[root@localhost src]# lsdebug  kernels  mysql-5.7.37-linux-glibc2.12-x86_64.tar.gz  nginx-1.22.0  nginx-1.22.0.tar.gz# 解压软件至/usr/local/[root@localhost src]# tar xf mysql-5.7.37-linux-glibc2.12-x86_64.tar.gz -C /usr/local/[root@localhost src]# cd /usr/local/[root@localhost local]# mv mysql-5.7.37-linux-glibc2.12-x86_64 mysql  # 重命名为 mysql[root@localhost local]# ll -d mysql/drwxr-xr-x 9 root root 129 Aug 31 12:49 mysql/                        # 修改目录/usr/local/mysql的属主属组[root@localhost local]# chown -R mysql.mysql mysql/[root@localhost local]# ll -d mysql/drwxr-xr-x 9 mysql mysql 129 Aug 31 12:49 mysql/# 添加环境变量[root@localhost ~]# echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh[root@localhost ~]# . /etc/profile.d/mysql.sh[root@localhost ~]# which mysqld/usr/local/mysql/bin/mysqld# 配置include## 软链接到/usr/include/mysql，叫mysql[root@localhost ~]# ln -s /usr/local/mysql/include /usr/include/mysql# 配置 man 文档[root@localhost ~]# sed -i '/MANDATORY_MANPATH.*.\/local\/share\/man/a MANDATORY_MANPATH\t\t\t/usr/local/mysql/man' /etc/man_db.conf\t 表示一个tab# 映射库文件[root@localhost ~]# echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf[root@localhost ~]# ldconfig # 让其生效# 建立数据存放目录[root@localhost ~]# mkdir -p /opt/data[root@localhost ~]# chown -R mysql.mysql /opt/data/[root@localhost ~]# ll /opt/data/ -ddrwxr-xr-x 2 mysql mysql 6 Aug 31 12:59 /opt/data/# 初始化数据库[root@localhost ~]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --datadir=/opt/data/......省略root@localhost: zzWcsjwx9:-B# 请注意，这个命令的最后会生成一个临时密码，此处密码是 zzWcsjwx9:-B# 再次注意，这个密码是随机的，你的不会跟我一样，一定要记住这个密码，因为一会登录时会用到# 生成配置文件[root@localhost ~]# cat  /etc/my.cnf[mysqld]basedir = /usr/local/mysqldatadir = /opt/datasocket = /tmp/mysql.sockport = 3306pid-file = /opt/data/mysql.piduser = mysqlskip-name-resolve# 配置服务启动脚本[root@localhost ~]# cd /usr/local/mysql/support-files/[root@localhost support-files]# cp mysql.server /etc/init.d/mysqld[root@localhost support-files]# ll /etc/init.d/mysqld-rwxr-xr-x 1 root root 10576 Aug 31 13:04 /etc/init.d/mysqld# 设置所有者所属组为mysql[root@localhost support-files]# chown -R mysql.mysql  /etc/init.d/mysqld[root@localhost support-files]# ll /etc/init.d/mysqld-rwxr-xr-x 1 mysql mysql 10576 Aug 31 13:04 /etc/init.d/mysqld[root@localhost ~]# grep '^basedir=' /etc/init.d/mysqldbasedir=    // 需要添加MySQL 路径[root@localhost ~]# grep '^datadir=' /etc/init.d/mysqlddatadir=    // 数据存放路径[root@localhost ~]# sed -i '/^basedir=/c basedir=/usr/local/mysql' /etc/init.d/mysqld[root@localhost ~]# sed -i '/^datadir=/c datadir=/opt/data' /etc/init.d/mysqld[root@localhost ~]# grep '^basedir=' /etc/init.d/mysqldbasedir=/usr/local/mysql[root@localhost ~]# grep '^datadir=' /etc/init.d/mysqlddatadir=/opt/data# 启动mysql 、 并开机自启[root@localhost ~]# chkconfig --add mysqld[root@localhost ~]# chkconfig mysqld on[root@localhost ~]# service mysqld start[root@localhost ~]# ss -antlState   Recv-Q  Send-Q    Local Address:Port     Peer Address:Port  ProcessLISTEN  0       128             0.0.0.0:80            0.0.0.0:*LISTEN  0       128             0.0.0.0:22            0.0.0.0:*LISTEN  0       80                    *:3306                *:*LISTEN  0       128                [::]:22               [::]:*[root@localhost ~]### 查看mysql 进程[root@localhost ~]# ps -ef | grep mysqldroot       33663   33589  0 13:06 pts/0    00:00:00 vim /etc/init.d/mysqldroot       33695       1  0 13:09 pts/2    00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/opt/data --pid-file=/opt/data/mysql.pidmysql      33883   33695  0 13:09 pts/2    00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/opt/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=localhost.localdomain.err --pid-file=/opt/data/mysql.pid --socket=/tmp/mysql.sock --port=3306root       33914   10200  0 13:09 pts/2    00:00:00 grep --color=auto mysqld[root@localhost ~]## 修改密码# 使用临时密码登录[root@localhost ~]# mysql -uroot -p'zzWcsjwx9:-B'mysql: [Warning] Using a password on the command line interface can be insecure.Welcome to the MySQL monitor.  Commands end with ; or \g.Your MySQL connection id is 2Server version: 5.7.37Copyright (c) 2000, 2022, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> set password = password('runtime123!');  # 设置新密码mysql> quitBye# 退出登录验证密码[root@localhost ~]# mysql -uroot -pruntime123!mysql: [Warning] Using a password on the command line interface can be insecure.Welcome to the MySQL monitor.  Commands end with ; or \g.Your MySQL connection id is 3Server version: 5.7.37 MySQL Community Server (GPL)Copyright (c) 2000, 2022, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql>

---

部署 PHP

# 下载 PHP[root@localhost ~]# cd /usr/src/[root@localhost src]#  wget https://www.php.net/distributions/php-7.4.29.tar.xz........省略[root@localhost src]# lsdebug    mysql-5.7.37-linux-glibc2.12-x86_64.tar.gz  nginx-1.22.0.tar.gzkernels  nginx-1.22.0    php-7.4.29.tar.xz[root@localhost src]# tar xf php-7.4.29.tar.xz  # 解压# 这是查找MySQL跟PHP打交道的包名[root@localhost ~]# dnf list all | grep mysql | grep phpphp-mysqlnd.x86_64                    7.2.24-1.module_el8.2.0+313+b04d0a66                   AppStream# 安装依赖包[root@localhost ~]# dnf -y install  libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel  pcre-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel sqlite-devel libzip-devel php-mysqlnd安装过程略....# 安装 oniguruma 包[root@localhost ~]# dnf -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm# 编译安装php[root@localhost ~]# cd /usr/src/php-7.4.29[root@localhost php-7.4.29]# ./configure --prefix=/usr/local/php7  \--with-config-file-path=/etc \--enable-fpm \--enable-inline-optimization \--disable-debug \--disable-rpath \--enable-shared \--enable-soap \--with-openssl \--enable-bcmath \--with-iconv \--with-bz2 \--enable-calendar \--with-curl \--enable-exif  \--enable-ftp \--enable-gd \--with-jpeg \--with-zlib-dir \--with-freetype \--with-gettext \--enable-json \--enable-mbstring \--enable-pdo \--with-mysqli=mysqlnd \--with-pdo-mysql=mysqlnd \--with-readline \--enable-shmop \--enable-simplexml \--enable-sockets \--with-zip \--enable-mysqlnd-compression-support \--with-pear \--enable-pcntl \--enable-posix# make[root@localhost php-7.4.29]# make编译过程略[root@localhost php-7.4.29]# make install安装过程略# 安装后配置[root@localhost ~]# echo 'export PATH=/usr/local/php7/bin:$PATH' > /etc/profile.d/php7.sh[root@localhost ~]# source /etc/profile.d/php7.sh[root@localhost ~]# which php/usr/local/php7/bin/php# 配置头文件[root@localhost ~]# ln -s /usr/local/php7/include /usr/include/php7# 配置库文件[root@localhost ~]# echo '/usr/local/php7/lib' > /etc/ld.so.conf.d/php7.conf[root@localhost ~]# ldconfig# 查看版本[root@localhost ~]# php -vPHP 7.4.29 (cli) (built: Jul  4 2022 21:07:32) ( NTS )Copyright (c) The PHP GroupZend Engine v3.4.0, Copyright (c) Zend Technologies# 配置php-fpm[root@localhost ~]# cd /usr/src/php-7.4.29[root@localhost php-7.4.29]# \cp php.ini-production /etc/php.ini  # 这个文件已存在所以要加上\表示覆盖[root@localhost php-7.4.29]# cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm[root@localhost php-7.4.29]# ll -d /etc/init.d/php-fpm-rw-r--r-- 1 root root 2402 Aug 31 13:41 /etc/init.d/php-fpm[root@localhost php-7.4.29]# chmod +x /etc/init.d/php-fpm[root@localhost php-7.4.29]# ll -d /etc/init.d/php-fpm-rwxr-xr-x 1 root root 2402 Aug 31 13:41 /etc/init.d/php-fpm[root@localhost ~]# cd /usr/local/php7/etc[root@localhost etc]# cp php-fpm.conf.default php-fpm.conf[root@localhost etc]# cd  php-fpm.d[root@localhost php-fpm.d]# cp www.conf.default www.conf[root@localhost ~]# grep '^user =' /usr/local/php7/etc/php-fpm.d/www.confuser = nobody[root@localhost ~]# grep '^group =' /usr/local/php7/etc/php-fpm.d/www.confgroup = nobody[root@localhost ~]# sed -i '/^user = nobody/c user = nginx' /usr/local/php7/etc/php-fpm.d/www.conf[root@localhost ~]# sed -i '/^group = nobody/c group = nginx' /usr/local/php7/etc/php-fpm.d/www.conf[root@localhost ~]# grep '^user =' /usr/local/php7/etc/php-fpm.d/www.confuser = nginx[root@localhost ~]# grep '^group =' /usr/local/php7/etc/php-fpm.d/www.confgroup = nginx# 编辑php-fpm的配置文件（/usr/local/php7/etc/php-fpm.conf）：# 配置fpm的相关选项为你所需要的值：[root@localhost ~]# vim /usr/local/php7/etc/php-fpm.conf..........pm.max_children = 50    ;最多同时提供50个进程提供50个并发服务pm.start_servers = 5    ;启动时启动5个进程pm.min_spare_servers = 2    ;最小空闲进程数pm.max_spare_servers = 8    ;最大空闲进程数[root@localhost ~]# tail /usr/local/php7/etc/php-fpm.conf; file.; Relative path can also be used. They will be prefixed by:;  - the global prefix if it's been set (-p argument);  - /usr/local/php7 otherwiseinclude=/usr/local/php7/etc/php-fpm.d/ 到zabbix 查看是否能用新密码登录。不登录的情况下查看里面的数据库[root@zabbix ~]# /usr/local/mysql/bin/mysql -uroot -p'runtime123' -e 'show databases' 2> /dev/null+--------------------+| Database           |+--------------------+| information_schema || mysql              || performance_schema || sys                |+--------------------+####  2> /dev/null 意思是把错误的输出丢到黑洞里// 也可以在控制主机上查看[root@ansible zabbix]# ansible zabbix -m shell -a "/usr/local/mysql/bin/mysql -uroot -p'runtime123' -e 'show databases' 2> /dev/null"zabbix | CHANGED | rc=0 >>Databaseinformation_schema   // 跟第一个数据库是一样的mysqlperformance_schemasys// 查看的内容是一样的

---

部署PHP

[root@ansible ~]# cd zabbix/[root@ansible zabbix]# vim php.yml- name: provide software pkg  // 提供软件包  copy:    src: files/php-8.0.23.tar.gz    dest: /usr/src/- name: exec script  // 执行脚本  script: files/php.sh  // 脚本内容[root@ansible ~]# cd zabbix/files/[root@ansible files]# vim php.sh#!/bin/bashdnf -y install  libxml2-devel  bzip2 bzip2-devel libcurl libcurl-devel libicu-devel libjpeg libjpeg-devel libpng libpng-devel openldap-devel   freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-devel mhash mhash-devel sqlite-devel libzip-devel php-mysqlnd http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm &> /dev/nullif [ ! -d /usr/local/php8 ];then     cd /usr/src     tar xf php-8.0.23.tar.gz     cd /usr/src/php-8.0.23     ./configure --prefix=/usr/local/php8  \        --with-config-file-path=/etc \        --enable-fpm \        --enable-inline-optimization \        --disable-debug \        --disable-rpath \        --enable-shared \        --enable-soap \        --with-openssl \        --enable-bcmath \        --with-iconv \        --with-bz2 \        --enable-calendar \        --with-curl \        --enable-exif  \        --enable-ftp \        --enable-gd \        --with-jpeg \        --with-zlib-dir \        --with-freetype \        --with-gettext \        --enable-json \        --enable-mbstring \        --enable-pdo \        --with-mysqli=mysqlnd \        --with-pdo-mysql=mysqlnd \        --with-readline \        --enable-shmop \        --enable-simplexml \        --enable-sockets \        --with-zip \        --enable-mysqlnd-compression-support \        --with-pear \        --enable-pcntl \        --enable-posix     make && make installfiecho 'export PATH=/usr/local/php8/bin:$PATH' > /etc/profile.d/php8.shln -s /usr/local/php8/include /usr/include/php8 &> /dev/nullecho '/usr/local/php8/lib' > /etc/ld.so.conf.d/php8.confldconfigif [ ! -f /etc/init.d/php-fpm ];then    cd /usr/src/php-8.0.23    \cp php.ini-production /etc/php.ini    cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm    chmod +x /etc/init.d/php-fpmfiif [ ! -f /usr/local/php7/etc/php-fpm.d/www.conf ];then    cd /usr/local/php8/etc    cp php-fpm.conf.default php-fpm.conf    cd  php-fpm.d    cp www.conf.default www.conf    sed -i '/^user = nobody/c user = nginx' /usr/local/php8/etc/php-fpm.d/www.conf    sed -i '/^group = nobody/c group = nginx' /usr/local/php8/etc/php-fpm.d/www.conffiservice php-fpm startchkconfig --add php-fpmchkconfig php-fpm on[root@ansible files]# chmod +x php.sh[root@ansible zabbix]# vim mail.yml---- hosts: zabbix  vars_files:    - vars/nginx.yml    - vars/mysql.yml  tasks:    - include_tasks: yum.yml    - include_tasks: firewalld.yml    - include_tasks: selinux.yml    - include_tasks: nginx.yml    - include_tasks: mysql.yml    - include_tasks: php.yml  // 引用// 执行playbook[root@ansible ~]# cd zabbix/[root@ansible zabbix]# ansible-playbook mail.yml...省略N// 验证[root@ansible zabbix]# ansible zabbix -m shell -a "ss -antl"zabbix | CHANGED | rc=0 >>State  Recv-Q Send-Q Local Address:Port  Peer Address:PortProcessLISTEN 0      128        127.0.0.1:9000       0.0.0.0:*  // 9000 端口已有LISTEN 0      128          0.0.0.0:80         0.0.0.0:*LISTEN 0      128          0.0.0.0:22         0.0.0.0:*LISTEN 0      70                 *:33060            *:*LISTEN 0      128                *:3306             *:*LISTEN 0      128             [::]:22            [::]:*

现在把这几行的注释取消掉

# 开启反向代理#sed -i '/pass the PHP/{N;/#/{n;s/#//g}}'  $nginx_install_dir/conf/nginx.conf#sed -i '/^        location ~ \\.php/{N;s/#//g}' $nginx_install_dir/conf/nginx.conf#sed -i '/fastcgi_pass/{s/#//g}' $nginx_install_dir/conf/nginx.conf#sed -i '/fastcgi_index/{s/#//g}' $nginx_install_dir/conf/nginx.conf#sed -i '/SCRIPT_FILENAME/c \            fastcgi_param  SCRIPT_FILENAME  /$document_root$fastcgi_script_name;' $nginx_install_dir/conf/nginx.conf#sed -i '/fastcgi_params/{s/#//g}' $nginx_install_dir/conf/nginx.conf#sed -i '/fastcgi_params/{n;s/#//g}' $nginx_install_dir/conf/nginx.conf#sed -i '/^            index/c \            index index.php index.html index.htm;' $nginx_install_dir/conf/nginx.conf//  把注释取消后执行 playbook[root@ansible zabbix]# ansible-playbook mail.yml.... 省略N// 如果访问不到是因为你还没有让其的nginx.conf 配置文件没有生效

---

访问 192.168.229.148

---

---

zabbix官网

部署zabbix

在上面的基础上部署zabbix6.0版本

环境

部署zabbix服务端

[root@ansible ~]# cd zabbix/[root@ansible zabbix]# cat zabbix_server.yml- name: create user zabbix  user:    name: zabbix    state: present    create_home: no    system: yes    shell: /sbin/nologin- name: copy software zabbix-6.0.8.tar.gz  copy:    src: files/zabbix-6.0.8.tar.gz    dest: /usr/src/- name: exec script  script: files/zabbix_server.sh[root@ansible ~]# cd zabbix/files/[root@ansible files]# vim zabbix_server.sh#!/bin/bashdnf -y install net-snmp-devel libevent-devel &> /dev/nullif [ ! -d /usr/local/zabbix ];then    cd /usr/src/    tar xf zabbix-6.0.8.tar.gz    mv zabbix-6.0.8 /usr/local/zabbixfiif [ ! -d /usr/lib/zabbix ];then    mkdir -p /usr/lib/zabbix    chmod 770 /usr/lib/zabbix    chown -R zabbix.zabbix /usr/lib/zabbix/fi/usr/local/mysql/bin/mysql -uroot -pruntime123 -e "show databases;" 2> /dev/null|grep 'zabbix'if [ $? -ne 0 ];then    /usr/local/mysql/bin/mysql -uroot -pruntime123 -e "create database zabbix character set utf8mb4 collate utf8mb4_bin;create user 'zabbix'@'localhost' identified by 'zabbix123';grant all privileges on zabbix.* to 'zabbix'@'localhost';flush privileges;" 2> /dev/nullfizabbix_result=$(/usr/local/mysql/bin/mysql -uzabbix -pzabbix123 -e "use zabbix;show tables;")if [ $zabbix_result -lt 2 ];then    cd /usr/local/zabbix/database/mysql/    /usr/local/mysql/bin/mysql -uzabbix -pzabbix123 zabbix < schema.sql 2> /dev/null    /usr/local/mysql/bin/mysql -uzabbix -pzabbix123 zabbix < images.sql 2> /dev/null    /usr/local/mysql/bin/mysql -uzabbix -pzabbix123 zabbix < data.sql 2> /dev/null    cd /usr/local/zabbix    ./configure --enable-server --enable-agent --with-mysql  --with-net-snmp --with-libcurl --with-libxml2 --with-openipmi    make installfised -i '/^DBUser=/c DBUser=zabbix'  /usr/local/etc/zabbix_server.confsed -i '/DBPassword=/c DBPassword=zabbix123'  /usr/local/etc/zabbix_server.confsed -i '/DBSocket=/c DBSocket=/tmp/mysql.sock' /usr/local/etc/zabbix_server.confsed -i '/post_max_size =/s/8M/16M/g' /etc/php.inised -i '/max_execution_time/c max_execution_time = 300' /etc/php.inised -i '/max_input_time =/c max_input_time = 300' /etc/php.inigrep 'Asia/Shanghai' /etc/php.iniif [ $? -ne 0 ];then    sed -i '/;date.timezone/a date.timezone = Asia/Shanghai' /etc/php.inifiif [ ! -f /usr/local/nginx/html/conf ];then    cd /usr/local/nginx/html    rm -rf *    cp -a /usr/local/zabbix/ui/ 服务端已开机自启[root@ansible zabbix]# ansible zabbix -m shell -a 'systemctl status zabbix-server'zabbix | CHANGED | rc=0 >>● zabbix-server.service - zabbix-server server daemon   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; enabled; vendor preset: disabled)   Active: active (running) since Sun 2022-09-04 20:25:49 CST; 1min 25s ago  Process: 2173 ExecStart=/usr/local/sbin/zabbix_server (code=exited, status=0/SUCCESS)....省略N// 客户端已开机自启[root@ansible zabbix]# ansible zabbix -m shell -a 'systemctl status zabbix-agentd'zabbix | CHANGED | rc=0 >>● zabbix-agentd.service - zabbix-server server daemon   Loaded: loaded (/usr/lib/systemd/system/zabbix-agentd.service; enabled; vendor preset: disabled)   Active: active (running) since Sun 2022-09-04 20:19:38 CST; 8min ago....省略N

访问验证 192.168.229.148

---

---

---

---

---

---

---

部署客户端

// 设置免密登录[root@ansible ~]# ssh-copy-id root@slave/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"The authenticity of host 'slave (192.168.229.150)' can't be established.ECDSA key fingerprint is SHA256:BSCsrBDXmOy0vQCzkxthvFwA+8EIkoMVyeVV45QrFdM.Are you sure you want to continue connecting (yes/no/[fingerprint])? yes/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysroot@slave's password:Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'root@slave'"and check to make sure that only the key(s) you wanted were added.// 清单文件[root@ansible ~]# cd zabbix/[root@ansible zabbix]# cat inventory[web]zabbix[slave]slave// 测试[root@ansible zabbix]# ansible slave -m pingslave | SUCCESS => {    "ansible_facts": {        "discovered_interpreter_python": "/usr/libexec/platform-python"    },    "changed": false,    "ping": "pong"}// 查看对面受控主机是否有 yum源[root@ansible zabbix]# ansible slave -m shell -a 'ls /etc/yum.repos.d/' 2> /dev/nullslave | CHANGED | rc=0 >>CentOS-Stream-AppStream.repoCentOS-Stream-BaseOS.repoCentOS-Stream-Debuginfo.repoCentOS-Stream-Extras.repoCentOS-Stream-HighAvailability.repoCentOS-Stream-Media.repoCentOS-Stream-NFV.repoCentOS-Stream-PowerTools.repoCentOS-Stream-RealTime.repoCentOS-Stream-ResilientStorage.repoCentOS-Stream-Sources.repo[root@ansible zabbix]# vim zabbix_slave.yml- name: create user zabbix  user:    name: zabbix    state: present    create_home: no    system: yes    shell: /sbin/nologin- name: copy software pkg  copy:    src: files/zabbix-6.0.8.tar.gz    dest: /usr/src/- name: exec script  script: files/zabbix_slave.sh    // 脚本内容[root@ansible ~]# cd zabbix/files/[root@ansible files]# cat zabbix_slave.sh#!/bin/bashdnf -y install gcc gcc-c++ make vim wget pcre-devel &> /dev/nullif [ ! -d  /usr/local/zabbix ];then    cd /usr/src    tar xf /usr/src/zabbix-6.0.8.tar.gz    mv zabbix-6.0.8 /usr/local/zabbix    cd /usr/local/zabbix    ./configure --enable-agent    make installfised -i "/^Server=/c Server=192.168.229.152" /usr/local/etc/zabbix_agentd.confsed -i "/^ServerActive=/c ServerActive=192.168.229.152" /usr/local/etc/zabbix_agentd.confsed -i "/^Hostname=/c Hostname=zabbix_slave"  /usr/local/etc/zabbix_agentd.confcat > /usr/lib/systemd/system/zabbix_agentd.service < /dev/nullslave | CHANGED | rc=0 >>State  Recv-Q Send-Q Local Address:Port  Peer Address:PortProcessLISTEN 0      128          0.0.0.0:22         0.0.0.0:*LISTEN 0      128          0.0.0.0:10050      0.0.0.0:*LISTEN 0      128             [::]:22            [::]:*// 已开机自启[root@ansible zabbix]# ansible slave -m shell -a 'systemctl status zabbix_agentd' 2> /dev/nullslave | CHANGED | rc=0 >>● zabbix_agentd.service - zabbix_agentd server daemon   Loaded: loaded (/usr/lib/systemd/system/zabbix_agentd.service; enabled; vendor preset: disabled)   Active: active (running) since Mon 2022-09-05 21:26:06 CST; 2min 4s ago  Process: 20730 ExecStart=/usr/local/sbin/zabbix_agentd (code=exited, status=0/SUCCESS) Main PID: 20732 (zabbix_agentd)

---

来源地址：https://blog.csdn.net/m0_58805648/article/details/126736325