生产实践:服务迁移部署

时间:2021-04-07
本文章向大家介绍生产实践:服务迁移部署,主要包括生产实践:服务迁移部署使用实例、应用技巧、基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋友可以参考一下。

我们在运维生产环境中,经常会遇到服务的迁移部署,在完成服务初始化及免密登录之后,我们就需要将程序和数据同步到新的机器上,以下是我们在生产中使用 ansible playbook 编写的脚本,由于线上环境的复杂性,我们采用一对一进行新机器环境的部署工作,在实际使用 ansible playbook 的过程中,我们重点使用了 ansible 的变量,此文可能并非最优方案,只希望能做到抛砖引玉的作用,欢迎大佬指正

1. 目录结构如下

[@bjyf_50_20 roles]# pwd
/search/ansible/roles
[@bjyf_50_20 roles]# tree
.
|-- adtech
|   |-- files
|   |-- handlers
|   |-- tasks
|   |   |-- check.yml
|   |   |-- cron.yml
|   |   |-- group.yml
|   |   |-- hadoop_client.yml
|   |   |-- main.yml
|   |   |-- monitor.yml
|   |   |-- pkg_install.yml
|   |   |-- rsync_data.yml
|   |   |-- rsync_lib64.yml
|   |   |-- rsync_sysconf.yml
|   |   `-- user.yml
|   |-- templates
|   `-- vars
|       `-- main.yml
`-- init
    `-- tasks
        |-- main.yml
        `-- ssh_key.yml

8 directories, 14 files
[@bjyf_50_20 roles]#

2. task任务如下

2.1 环境检查

cat /search/ansible/roles/adtech/tasks/check.yml
---

- debug: msg="rsync {{ src_ip }}::root{{ item }}"
  with_items: "{{ src_path }}"

- name: Get IP address
  shell: hostname -I |awk '{print $1}'
  register: remoteIP

- name: Whether in Caesar or not
  shell: curl -s "http://www.test.com/php/ip_search_exec.php?user_name=zhao&search_ip={{ remoteIP.stdout }}"|grep -ow "{{ remoteIP.stdout }}"
  register: caesar
  failed_when: caesar.rc == 0

- name: check directory
  shell: "rsync {{ src_ip }}::root{{ item }}"
  with_items: "{{ src_path }}"
  register: result
  failed_when: result.rc != 0

- debug: msg="check ok"

2.2 创建组

cat /search/ansible/roles/adtech/tasks/group.yml
---
- name: create op_biz group
  group: name=op_biz system=yes state=present

- name: create hermes group
  group: name=hermes system=yes state=present

2.3 创建用户

cat /search/ansible/roles/adtech/tasks/user.yml
---
- name: Create a username and password
  user: name={{ item.name }} password={{ item.pass | password_hash('sha512') }} update_password=always group={{ item.group }} home={{ item.home }}
  with_items:
    - { name: 'op_biz', pass: 'op_biz2020', group: 'op_biz', home: '/search/odin' }
    - { name: 'hermes', pass: 'hermes2020', group: 'hermes', home: '/home/hermes' }
    - { name: 'adpc', pass: 'adpc2020', group: 'op_biz', home: '/home/adpc' }
    - { name: 'adwl', pass: 'adwl2020', group: 'op_biz', home: '/home/adwl' }

- name: rsync passwd file
  shell: rsync -aP {{ src_ip }}::root/etc/passwd /tmp
  register: passDone
  ignore_errors: True

- name: Check the user home directory
  shell: awk 'BEGIN{FS=":"}/op_biz/{print $6}' /tmp/passwd
  when: passDone.rc == 0
  register: userHome
  ignore_errors: True

#- name: print variable
#  debug: msg="{{ userHome }}"

- name: usermod op_biz
  shell: usermod -d {{ userHome.stdout }} op_biz
  register: result
  failed_when: result.rc != 0
  ignore_errors: True

- debug: msg="useradd done"

2.4 监控脚本

cat /search/ansible/roles/adtech/tasks/monitor.yml
---
- debug: msg="rsync -aP {{ src_ip }}::root/opt/monitor/ /opt/monitor/"

- name: rsync monitor
  shell: rsync -aP {{ src_ip }}::root/opt/monitor/ /opt/monitor/
  register: result
  failed_when: result.rc != 0

- debug: msg="rsync done"

2.5 cron任务

cat /search/ansible/roles/adtech/tasks/cron.yml
---
- name: Turn off the cron service
  service: name=crond state=stopped

- debug: msg="rsync -aP {{ src_ip }}::root/var/spool/cron/ /var/spool/cron/"

- name: rsync cron
  shell: rsync -aP {{ src_ip }}::root/var/spool/cron/ /var/spool/cron/
  register: result
  failed_when: result.rc != 0

- debug: msg="rsync done"

2.6 同步 hadoop 客户端

cat /search/ansible/roles/adtech/tasks/hadoop_client.yml
---
- debug: msg="rsync -aP {{ src_ip }}::root/opt/hadoop-client /opt/"

- name: rsync hadoop-client
  shell: rsync -aP {{ src_ip }}::root/opt/hadoop-client /opt/
  register: result
  failed_when: result.rc != 0

- name: insert op_biz slave user
  copy: content='slave,slave\n' dest=/search/odin/ugi_config

- name: insert root slave user
  copy: content='slave,slave\n' dest=/root/ugi_config

- debug: msg="rsync done"

2.7 同步数据+程序

cat /search/ansible/roles/adtech/tasks/rsync_data.yml
---
- debug: msg="rsync -aP {{ src_ip }}::root{{ item }} {{ item }}"
  with_items: "{{ src_path }}"

- name: rsync dir
  shell: rsync -aP {{ src_ip }}::root{{ item }} {{ item }} --include='*/' --exclude='*'
  with_items: "{{ src_path }}"
  register: result
  failed_when: result.rc != 0

- debug: msg="rsync -aP {{ src_ip }}::root{{ item }} {{ item }} --exclude={{ ext_data }}"
  with_items: "{{ src_path }}"

- name: rsync data
  shell: rsync -aP {{ src_ip }}::root{{ item }} {{ item }} --exclude={{ ext_data }}
  with_items: "{{ src_path }}"
  register: result
  failed_when: result.rc != 0

- debug: msg="rsync done"

2.8 拉取sysconf配置

cat /search/ansible/roles/adtech/tasks/rsync_sysconf.yml
---
- debug: msg="rsync -aP {{ src_ip }}::root/etc/sysctl.conf /etc/"

- name: rsync sysctl.conf
  shell: rsync -aP {{ src_ip }}::root/etc/sysctl.conf /etc/
  register: result
  failed_when: result.rc != 0

- name: reload sysconf
  shell: sysctl -p
  register: result
  failed_when: result.rc != 0
  ignore_errors: True   #忽略命令执行的错误

- debug: msg="rsync done"

2.9 拉取lib库文件(请注意不同的操作系统版本不能进行此操作,否则将会导致系统出现错误)

cat /search/ansible/roles/adtech/tasks/rsync_lib64.yml
---
- debug: msg="rsync -aP {{ src_ip }}::root/usr/lib64/{{ lib_file }} /usr/lib64/"

- name: Whether the biddingServer
  shell: /usr/bin/ls /search/odin/bin/lead_server
  register: isBidding
  ignore_errors: True

#- name: print isBidding
#  debug: msg="{{ isBidding }}"

- name: rsync /usr/lib64/{{ lib_file }}
  shell: rsync -aP {{ src_ip }}::root/usr/lib64/{{ lib_file }} /usr/lib64/
  when: isBidding.rc == 0
  register: result
  failed_when: result.rc != 0
  ignore_errors: True

- debug: msg="rsync done"

3. 入口文件(按顺序执行)

cat /search/ansible/roles/adtech/tasks/main.yml
- include: check.yml
- include: group.yml
- include: user.yml
- include: monitor.yml
- include: cron.yml
- include: hadoop_client.yml
- include: rsync_data.yml
- include: rsync_sysconf.yml
- include: rsync_lib64.yml

4. 变量定义

cat /search/ansible/roles/adtech/vars/main.yml
src_path: ["/search/", "/home/"]
ext_data: "{'log/*','bak/*','*core*','update_data/index/*','update_data/data/*','debug/*','backup/*'}"
lib_file: "{'libcurl*','libhiredis*','libboost_regex*','libboost_thread*','libboost_date*','libboost_filesystem*'}"
pkg_name: ["jemalloc", "htop"]

5. play-book运行

5.1 引入roles

cat /search/ansible/deployment.yml
---
- hosts: "{{ server }}"
  remote_user: root

  roles:
    - role: init      # init是免密文件夹名
    - role: adtech    # adtech是tasks文件夹名

5. 2 一对一同步hosts

cat /etc/ansible/hosts 
[bidding]
10.162.39.63 src_ip=10.134.57.126
10.162.42.59 src_ip=10.134.49.40
10.162.38.82 src_ip=10.134.49.41
10.162.39.84 src_ip=10.134.57.86
10.162.42.55 src_ip=10.134.57.34
10.162.42.54 src_ip=10.134.57.35

5.3 执行playbook

cd /search/ansible/roles

ansible-playbook deployment.yml -e 'server=bidding'

原文地址:https://www.cnblogs.com/wysxr/p/14629192.html