diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..3faf6a7 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +*.tar.gz filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text diff --git a/roles/dependencies/tasks/main.yml b/roles/dependencies/tasks/main.yml new file mode 100644 index 0000000..24f8db5 --- /dev/null +++ b/roles/dependencies/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: 安装依赖 + yum: + name: + - gcc + - zlib-devel + - bzip2-devel + - openssl-devel + - ncurses-devel + - sqlite-devel + - readline-devel + - tk-devel + - gdbm-devel + - db4-devel + - libpcap-devel + - xz-libs + - xz-devel + - libffi-devel + - curl-devel + - expat-devel + - gettext-devel + - perl-ExtUtils-MakeMaker + - zlib* + state: present diff --git a/roles/gitinstall/files/git.tar.gz b/roles/gitinstall/files/git.tar.gz new file mode 100644 index 0000000..2091431 --- /dev/null +++ b/roles/gitinstall/files/git.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d13b1cd9ae1b63263adb15db0047496487d8b0ee112c0697cfb947ffd6fd9742 +size 9831137 diff --git a/roles/gitinstall/tasks/install.yml b/roles/gitinstall/tasks/install.yml new file mode 100644 index 0000000..0210d3b --- /dev/null +++ b/roles/gitinstall/tasks/install.yml @@ -0,0 +1,30 @@ +--- + +- name: 创建目录 + file: + path: /data/xdata_software + state: directory + +- name: 解压文件 + unarchive: + src: git.tar.gz + dest: /data/xdata_software + + + +- name: 编译 + shell: + chdir: /data/xdata_software/git + cmd: make prefix=/usr/local/git all + +- name: 安装 + shell: + chdir: /data/xdata_software/git + cmd: make prefix=/usr/local/git install + + + +- name: 添加软连接 + shell: + chdir: ~ + cmd: ln -s /usr/local/git/bin/git /usr/bin/git diff --git a/roles/gitinstall/tasks/main.yml b/roles/gitinstall/tasks/main.yml new file mode 100644 index 0000000..87d8715 --- /dev/null +++ b/roles/gitinstall/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: 检查是否升级git + stat: + path: /usr/local/git + register: git_stat_result + +- name: 安装 + include: install.yml + when: not git_stat_result.stat.exists \ No newline at end of file diff --git a/roles/mongodb/files/createmongouser.py b/roles/mongodb/files/createmongouser.py new file mode 100644 index 0000000..7687001 --- /dev/null +++ b/roles/mongodb/files/createmongouser.py @@ -0,0 +1,9 @@ +''' +创建MongoDB 用户 +''' +import pymongo +client = pymongo.MongoClient("127.0.0.1",27017) +client["admin"]["system.version"].update_one({"_id" : "authSchema"},{"$set":{"currentVersion":5}}) +client["admin"].command("createUser", "root", pwd="iamciniao", roles=["root"]) +print("Create MongoDB User Success ... ") + diff --git a/roles/mongodb/files/mongod b/roles/mongodb/files/mongod new file mode 100644 index 0000000..cded40a --- /dev/null +++ b/roles/mongodb/files/mongod @@ -0,0 +1,170 @@ +#!/bin/bash + +# mongod - Startup script for mongod + +# chkconfig: 35 85 15 +# description: Mongo is a scalable, document-oriented database. +# processname: mongod +# config: /etc/mongod.conf + +. /etc/rc.d/init.d/functions + +# NOTE: if you change any OPTIONS here, you get what you pay for: +# this script assumes all options are in the config file. +CONFIGFILE="/etc/mongod.conf" +OPTIONS=" -f $CONFIGFILE" + +mongod=${MONGOD-/usr/local/mongodb/bin/mongod} + +MONGO_USER=root +MONGO_GROUP=root + +# All variables set before this point can be overridden by users, by +# setting them directly in the SYSCONFIG file. Use this to explicitly +# override these values, at your own risk. +SYSCONFIG="/etc/sysconfig/mongod" +if [ -f "$SYSCONFIG" ]; then + . "$SYSCONFIG" +fi + +# Handle NUMA access to CPUs (SERVER-3574) +# This verifies the existence of numactl as well as testing that the command works +NUMACTL_ARGS="--interleave=all" +if which numactl >/dev/null 2>/dev/null && numactl $NUMACTL_ARGS ls / >/dev/null 2>/dev/null +then + NUMACTL="numactl $NUMACTL_ARGS" +else + NUMACTL="" +fi + +# things from mongod.conf get there by mongod reading it +PIDFILEPATH="`awk -F'[:=]' -v IGNORECASE=1 '/^[[:blank:]]*(processManagement\.)?pidfilepath[[:blank:]]*[:=][[:blank:]]*/{print $2}' \"$CONFIGFILE\" | tr -d \"[:blank:]\\"'\" | awk -F'#' '{print $1}'`" +PIDDIR=`dirname $PIDFILEPATH` + +start() +{ + # Make sure the default pidfile directory exists + if [ ! -d $PIDDIR ]; then + install -d -m 0755 -o $MONGO_USER -g $MONGO_GROUP $PIDDIR + fi + + # Make sure the pidfile does not exist + if [ -f "$PIDFILEPATH" ]; then + echo "Error starting mongod. $PIDFILEPATH exists." + RETVAL=1 + return + fi + + # Recommended ulimit values for mongod or mongos + # See https://docs.mongodb.com/manual/reference/ulimit/#recommended-ulimit-settings + # + ulimit -f unlimited + ulimit -t unlimited + ulimit -v unlimited + ulimit -n 64000 + ulimit -m unlimited + ulimit -u 64000 + ulimit -l unlimited + + echo -n $"Starting mongod: " + daemon --user "$MONGO_USER" --check $mongod "$NUMACTL $mongod $OPTIONS >/dev/null 2>&1" + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/mongod +} + +stop() +{ + echo -n $"Stopping mongod: " + mongo_killproc "$PIDFILEPATH" $mongod + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/mongod +} + +restart () { + stop + start +} + +# Send TERM signal to process and wait up to 300 seconds for process to go away. +# If process is still alive after 300 seconds, send KILL signal. +# Built-in killproc() (found in /etc/init.d/functions) is on certain versions of Linux +# where it sleeps for the full $delay seconds if process does not respond fast enough to +# the initial TERM signal. +mongo_killproc() +{ + local pid_file=$1 + local procname=$2 + local -i delay=300 + local -i duration=10 + local pid=`pidofproc -p "${pid_file}" ${procname}` + + if [ ! -f "${pid_file}" ]; then + echo "No PID file detected, nothing to stop" + return 0 + fi + + # Per the man page the process name should always be the second + # field. In our case mongod is wrapped in parens hence the parens in + # the if condition below. + local stat_procname=`cat /proc/$pid/stat | cut -d" " -f2` + # $procname is the full path to the mongod binary but the process + # name will only match the binary's file name. + local binary_name=`basename $procname` + if [ "($binary_name)" != "$stat_procname" ]; then + echo "PID file may have been tampered with, refusing to kill process" + echo "Expected (${binary_name}) but found ${stat_procname}" + return 1 + fi + + # This doesn't actually "daemonize" this process. All this function + # does (defined in /etc/init.d/function) is run a process as another + # user in a way that doesn't require sudo or other packages which + # are not guaranteed to exist on any given system. + # + # The check flag here can be ignored it doesn't do anything except + # prevent the daemon function's PID checking from throwing an error. + daemon --check "$mongod" --user "$MONGO_USER" "kill -TERM $pid >/dev/null 2>&1" + usleep 100000 + local -i x=0 + while [ $x -le $delay ] && checkpid $pid; do + sleep $duration + x=$(( $x + $duration)) + done + + daemon --check "$mongod" --user "$MONGO_USER" "kill -KILL $pid >/dev/null 2>&1" + usleep 100000 + + checkpid $pid # returns 0 only if the process exists + local RC=$? + [ "$RC" -eq 0 ] && failure "${procname} shutdown" || rm -f "${pid_file}"; success "${procname} shutdown" + RC=$((! $RC)) # invert return code so we return 0 when process is dead. + return $RC +} + +RETVAL=0 + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart|reload|force-reload) + restart + ;; + condrestart) + [ -f /var/lock/subsys/mongod ] && restart || : + ;; + status) + status $mongod + RETVAL=$? + ;; + *) + echo "Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}" + RETVAL=1 +esac + +exit $RETVAL diff --git a/roles/mongodb/files/mongod.conf b/roles/mongodb/files/mongod.conf new file mode 100644 index 0000000..3ed2dc8 --- /dev/null +++ b/roles/mongodb/files/mongod.conf @@ -0,0 +1,45 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /data/log/mongod.log + +# Where and how to store data. +storage: + dbPath: /data/db + journal: + enabled: true +# engine: +# wiredTiger: + +# how the process runs +processManagement: + fork: true # fork and run in background + pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile + timeZoneInfo: /usr/share/zoneinfo + +# network interfaces +net: + port: 27017 + bindIp: 0.0.0.0 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting. + + +security: + authorization: enabled + +#operationProfiling: + +#replication: + +#sharding: + +## Enterprise-Only Options + +#auditLog: + +#snmp: diff --git a/roles/mongodb/files/mongod0.conf b/roles/mongodb/files/mongod0.conf new file mode 100644 index 0000000..e3e25e1 --- /dev/null +++ b/roles/mongodb/files/mongod0.conf @@ -0,0 +1,44 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /data/log/mongod.log + +# Where and how to store data. +storage: + dbPath: /data/db + journal: + enabled: true +# engine: +# wiredTiger: + +# how the process runs +processManagement: + fork: true # fork and run in background + pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile + timeZoneInfo: /usr/share/zoneinfo + +# network interfaces +net: + port: 27017 + bindIp: 127.0.0.1 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting. + + +#security: + +#operationProfiling: + +#replication: + +#sharding: + +## Enterprise-Only Options + +#auditLog: + +#snmp: diff --git a/roles/mongodb/files/mongodb.tar.gz b/roles/mongodb/files/mongodb.tar.gz new file mode 100644 index 0000000..61f23dd --- /dev/null +++ b/roles/mongodb/files/mongodb.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ae852f1aeabf31c50dc3bdf5030c1ce6b72ee54f87481f0493dfbf5d954cb077 +size 71380610 diff --git a/roles/mongodb/tasks/create_user.yml b/roles/mongodb/tasks/create_user.yml new file mode 100644 index 0000000..e0439df --- /dev/null +++ b/roles/mongodb/tasks/create_user.yml @@ -0,0 +1,41 @@ +--- + +- name: 停止 mongo + service: + name: mongod + state: stopped + +- name: 拷贝配置文件 + copy: + src: mongod0.conf + dest: /etc/mongod.conf + +- name: 运行 mongod + service: + name: mongod + state: started + +- name: 拷贝注册脚本 + copy: + src: createmongouser.py + dest: /data/code/ + +- name: 注册用户 + shell: + chdir: /data/code + cmd: python3 createmongouser.py + +- name: 停止 mongo + service: + name: mongod + state: stopped + +- name: 拷贝配置文件登录验证 + copy: + src: mongod.conf + dest: /etc/mongod.conf + +- name: 运行 mongo + service: + name: mongod + state: started \ No newline at end of file diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml new file mode 100644 index 0000000..aae16b4 --- /dev/null +++ b/roles/mongodb/tasks/install.yml @@ -0,0 +1,31 @@ +--- +- name: 解压缩 + unarchive: + src: mongodb.tar.gz + dest: /usr/local/ + +- name: 创建数据目录 + file: + path: /data/db + state: directory + mode: '0777' + +- name: 创建日志目录 + file: + path: /data/log + state: directory + mode: '0777' + +- name: 拷贝服务文件 + copy: + src: mongod + dest: /etc/init.d/mongod + mode: '0777' + +- name: 开机自启动 + shell: + chdir: ~ + cmd: chkconfig --add mongod && chkconfig mongod on + +- name: 创建用户 + include: create_user.yml \ No newline at end of file diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml new file mode 100644 index 0000000..e332b6f --- /dev/null +++ b/roles/mongodb/tasks/main.yml @@ -0,0 +1,11 @@ +--- + +- name: 检查服务 + stat: + path: /etc/init.d/mongod + register: mongodb_stat_result + +- name: 安装 mongo + include: install.yml + when: not mongodb_stat_result.stat.exists + diff --git a/roles/openssh/files/openssl-1.1.1h.tar.gz b/roles/openssh/files/openssl-1.1.1h.tar.gz new file mode 100644 index 0000000..2776363 --- /dev/null +++ b/roles/openssh/files/openssl-1.1.1h.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9 +size 9810045 diff --git a/roles/openssh/tasks/install.yml b/roles/openssh/tasks/install.yml new file mode 100644 index 0000000..b0074f3 --- /dev/null +++ b/roles/openssh/tasks/install.yml @@ -0,0 +1,36 @@ +--- + +- name: 创建下载目录 + file: + path: /data/xdata_software + state: directory + + +- name: 解压文件 + unarchive: + src: openssl-1.1.1h.tar.gz + dest: /data/xdata_software + + + +- name: 设置编译 + shell: + chdir: /data/xdata_software/openssl-1.1.1h + cmd: ./config --prefix=/usr/local/openssl shared zlib + +- name: 编译安装 + shell: + chdir: /data/xdata_software/openssl-1.1.1h + cmd: make && make install + + +- name: 添加静态链接库 + shell: + chdir: /data/xdata_software/openssl-1.1.1h + cmd: echo "/usr/local/openssl/lib" >> /etc/ld.so.conf + + +- name: 加载静态链接库 + shell: + chdir: /data/xdata_software/openssl-1.1.1h + cmd: ldconfig -v diff --git a/roles/openssh/tasks/main.yml b/roles/openssh/tasks/main.yml new file mode 100644 index 0000000..9c5c302 --- /dev/null +++ b/roles/openssh/tasks/main.yml @@ -0,0 +1,9 @@ +--- +- name: 检查是否升级openssl + stat: + path: /usr/local/openssl + register: openssl_stat_result + +- name: 安装 + include: install.yml + when: not openssl_stat_result.stat.exists \ No newline at end of file diff --git a/roles/project/files/xlegudata_consumer.tar.gz b/roles/project/files/xlegudata_consumer.tar.gz new file mode 100644 index 0000000..06045bf --- /dev/null +++ b/roles/project/files/xlegudata_consumer.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:41bc2b62ffc1623da5dabd7f338a499492c6b3f6e8d4daea648fbd71c3714c58 +size 5389 diff --git a/roles/project/tasks/main.yml b/roles/project/tasks/main.yml new file mode 100644 index 0000000..18a04a5 --- /dev/null +++ b/roles/project/tasks/main.yml @@ -0,0 +1,3 @@ +--- + +- include: xlegudata_consumer.yml \ No newline at end of file diff --git a/roles/project/tasks/xlegudata_consumer.yml b/roles/project/tasks/xlegudata_consumer.yml new file mode 100644 index 0000000..61588a4 --- /dev/null +++ b/roles/project/tasks/xlegudata_consumer.yml @@ -0,0 +1,52 @@ +--- + +- name: 检查 topic_name + fail: + msg: 需要在host定义 topic_name + when: topic_name is undefined + +- name: 检查 consumer_id + fail: + msg: 需要在host定义 consumer_id + when: consumer_id is undefined + +- name: 创建代码目录 + file: + path: /data/code + state: directory + +- name: 创建日志目录 + file: + path: /data/log/xlegudata_consumer + state: directory + +- name: 拷贝代码 + unarchive: + src: xlegudata_consumer.tar.gz + dest: /data/code/ + register: xlegudata_consumer_changed_result + +- name: 安装环境 + shell: + chdir: /data/code/xlegudata_consumer + cmd: pipenv install Pipfile + when: xlegudata_consumer_changed_result.changed + +- name: 添加配置 + template: + src: xdata_consumer.ini.j2 + dest: /etc/supervisord.d/xdata_consumer.ini + +- name: 更新配置 + shell: + chdir: ~ + cmd: supervisorctl update + +- name: 代码改变重启动 + shell: + chdir: ~ + cmd: supervisorctl restart xdata_consumer + when: xlegudata_consumer_changed_result.changed + + + diff --git a/roles/project/templates/xdata_consumer.ini.j2 b/roles/project/templates/xdata_consumer.ini.j2 new file mode 100644 index 0000000..2ead2fe --- /dev/null +++ b/roles/project/templates/xdata_consumer.ini.j2 @@ -0,0 +1,14 @@ +[program:xdata_consumer] +command=pipenv run python main.py +directory=/data/code/xlegudata_consumer +autostart=true +startsecs=5 +autorestart=true +timeout=200 +stopasgroup=true +killasgroup=true +redirect_stderr=true +stdout_logfile_maxbytes=20MB +stdout_logfile_backups=20 +stdout_logfile=/data/log/xlegudata_consumer/consumer.log +environment=consumer_id="{{consumer_id}}",topic_name="{{topic_name}}",xlegudata_env="production",local_mongo_uri="mongodb://root:iamciniao@127.0.0.1:27017/?authSource=admin&readPreference=primary&ssl=false" diff --git a/roles/project_deploy.yml b/roles/project_deploy.yml new file mode 100644 index 0000000..3fc66f1 --- /dev/null +++ b/roles/project_deploy.yml @@ -0,0 +1,7 @@ +--- + +- hosts: xinyaoling_consumer + gather_facts: false + remote_user: root + roles: + - project \ No newline at end of file diff --git a/roles/python/files/Python-3.8.6.tgz b/roles/python/files/Python-3.8.6.tgz new file mode 100644 index 0000000..4e5467e --- /dev/null +++ b/roles/python/files/Python-3.8.6.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:313562ee9986dc369cd678011bdfd9800ef62fbf7b1496228a18f86b36428c21 +size 24377280 diff --git a/roles/python/files/pip.conf b/roles/python/files/pip.conf new file mode 100644 index 0000000..1da561c --- /dev/null +++ b/roles/python/files/pip.conf @@ -0,0 +1,3 @@ +[global] +index-url = https://pypi.douban.com/simple +trusted-host = pypi.douban.com diff --git a/roles/python/tasks/install.yml b/roles/python/tasks/install.yml new file mode 100644 index 0000000..2f9663a --- /dev/null +++ b/roles/python/tasks/install.yml @@ -0,0 +1,33 @@ +--- + +- name: 创建下载目录 + file: + path: /data/xdata_software + state: directory + +- name: 解压缩 + unarchive: + src: Python-3.8.6.tgz + dest: /data/xdata_software + +- name: 设置编译 + shell: + chdir: /data/xdata_software/Python-3.8.6 + cmd: ./configure --prefix=/usr/local/python3 --enable-optimizations --with-openssl=/usr/local/openssl + +- name: 编译安装 + shell: + chdir: /data/xdata_software/Python-3.8.6 + cmd: make && make install + +- name: python3软连接 + file: + src: /usr/local/python3/bin/python3 + dest: /usr/local/bin/python3 + state: link + +- name: pip3软连接 + file: + src: /usr/local/python3/bin/pip3 + dest: /usr/local/bin/pip3 + state: link \ No newline at end of file diff --git a/roles/python/tasks/install_pkg.yml b/roles/python/tasks/install_pkg.yml new file mode 100644 index 0000000..249eb86 --- /dev/null +++ b/roles/python/tasks/install_pkg.yml @@ -0,0 +1,6 @@ +--- +- name: 安装pymongo + shell: + chdir: ~ + cmd: pip3 install pymongo==3.11.1 + diff --git a/roles/python/tasks/main.yml b/roles/python/tasks/main.yml new file mode 100644 index 0000000..2fb2e2d --- /dev/null +++ b/roles/python/tasks/main.yml @@ -0,0 +1,19 @@ +--- + +- name: 检查Python安装 + stat: + path: /usr/local/python3 + register: python3_stat_result + +- name: 安装Python3 + include: install.yml + when: not python3_stat_result.stat.exists + +- name: 设置pip源 + include: setpip.yml + +- name: 安装pipenv + include: pipenv.yml + +- name: 安装必须的Python包 + include: install_pkg.yml \ No newline at end of file diff --git a/roles/python/tasks/pipenv.yml b/roles/python/tasks/pipenv.yml new file mode 100644 index 0000000..3f00e30 --- /dev/null +++ b/roles/python/tasks/pipenv.yml @@ -0,0 +1,11 @@ +--- +- name: 安装pipenv + shell: + chdir: ~ + cmd: pip3 install pipenv + +- name: pipenv软连接 + file: + src: /usr/local/python3/bin/pipenv + dest: /usr/bin/pipenv + state: link \ No newline at end of file diff --git a/roles/python/tasks/setpip.yml b/roles/python/tasks/setpip.yml new file mode 100644 index 0000000..8bb9f68 --- /dev/null +++ b/roles/python/tasks/setpip.yml @@ -0,0 +1,5 @@ +--- +- name: 设置pip源 + copy: + src: pip.conf + dest: /root/.pip/pip.conf diff --git a/roles/supervisor/files/supervisord b/roles/supervisor/files/supervisord new file mode 100644 index 0000000..aa1b28e --- /dev/null +++ b/roles/supervisor/files/supervisord @@ -0,0 +1,63 @@ +#!/bin/bash +# +# supervisord This scripts turns supervisord on +# +# Author: Mike McGrath (based off yumupdatesd) +# +# chkconfig: - 95 04 +# +# description: supervisor is a process control utility. It has a web based +# xmlrpc interface as well as a few other nifty features. +# processname: supervisord +# config: /etc/supervisord.conf +# pidfile: /var/run/supervisord.pid +# + +# source function library +. /etc/rc.d/init.d/functions + +RETVAL=0 + +start() { + echo -n $"Starting supervisord: " + daemon supervisord -c /etc/supervisord.conf + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/supervisord +} + +stop() { + echo -n $"Stopping supervisord: " + killproc supervisord + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/supervisord +} + +restart() { + stop + start +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart|force-reload|reload) + restart + ;; + condrestart) + [ -f /var/lock/subsys/supervisord ] && restart + ;; + status) + status supervisord + RETVAL=$? + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}" + exit 1 +esac + +exit $RETVAL diff --git a/roles/supervisor/files/supervisord.conf b/roles/supervisor/files/supervisord.conf new file mode 100644 index 0000000..7206bcb --- /dev/null +++ b/roles/supervisor/files/supervisord.conf @@ -0,0 +1,170 @@ +; Sample supervisor config file. +; +; For more information on the config file, please see: +; http://supervisord.org/configuration.html +; +; Notes: +; - Shell expansion ("~" or "$HOME") is not supported. Environment +; variables can be expanded using this syntax: "%(ENV_HOME)s". +; - Quotes around values are not supported, except in the case of +; the environment= options as shown below. +; - Comments must have a leading space: "a=b ;comment" not "a=b;comment". +; - Command will be truncated if it looks like a config file comment, e.g. +; "command=bash -c 'foo ; bar'" will truncate to "command=bash -c 'foo ". +; +; Warning: +; Paths throughout this example file use /tmp because it is available on most +; systems. You will likely need to change these to locations more appropriate +; for your system. Some systems periodically delete older files in /tmp. +; Notably, if the socket file defined in the [unix_http_server] section below +; is deleted, supervisorctl will be unable to connect to supervisord. + +[unix_http_server] +file=/tmp/supervisor.sock ; the path to the socket file +;chmod=0700 ; socket file mode (default 0700) +;chown=nobody:nogroup ; socket file uid:gid owner +;username=user ; default is no username (open server) +;password=123 ; default is no password (open server) + +; Security Warning: +; The inet HTTP server is not enabled by default. The inet HTTP server is +; enabled by uncommenting the [inet_http_server] section below. The inet +; HTTP server is intended for use within a trusted environment only. It +; should only be bound to localhost or only accessible from within an +; isolated, trusted network. The inet HTTP server does not support any +; form of encryption. The inet HTTP server does not use authentication +; by default (see the username= and password= options to add authentication). +; Never expose the inet HTTP server to the public internet. + +[inet_http_server] ; inet (TCP) server disabled by default +port=0.0.0.0:9001 ; ip_address:port specifier, *:port for all iface +username=xlegu ; default is no username (open server) +password=xlegu ; default is no password (open server) + +[supervisord] +logfile=/tmp/supervisord.log ; main log file; default $CWD/supervisord.log +logfile_maxbytes=50MB ; max main logfile bytes b4 rotation; default 50MB +logfile_backups=10 ; # of main logfile backups; 0 means none, default 10 +loglevel=info ; log level; default info; others: debug,warn,trace +pidfile=/tmp/supervisord.pid ; supervisord pidfile; default supervisord.pid +nodaemon=false ; start in foreground if true; default false +silent=false ; no logs to stdout if true; default false +minfds=1024 ; min. avail startup file descriptors; default 1024 +minprocs=200 ; min. avail process descriptors;default 200 +;umask=022 ; process file creation umask; default 022 +;user=supervisord ; setuid to this UNIX account at startup; recommended if root +;identifier=supervisor ; supervisord identifier, default is 'supervisor' +;directory=/tmp ; default is not to cd during start +;nocleanup=true ; don't clean up tempfiles at start; default false +;childlogdir=/tmp ; 'AUTO' child log dir, default $TEMP +;environment=KEY="value" ; key value pairs to add to environment +;strip_ansi=false ; strip ansi escape codes in logs; def. false + +; The rpcinterface:supervisor section must remain in the config file for +; RPC (supervisorctl/web interface) to work. Additional interfaces may be +; added by defining them in separate [rpcinterface:x] sections. + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +; The supervisorctl section configures how supervisorctl will connect to +; supervisord. configure it match the settings in either the unix_http_server +; or inet_http_server section. + +[supervisorctl] +serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket +;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket +;username=chris ; should be same as in [*_http_server] if set +;password=123 ; should be same as in [*_http_server] if set +;prompt=mysupervisor ; cmd line prompt (default "supervisor") +;history_file=~/.sc_history ; use readline history if available + +; The sample program section below shows all possible program subsection values. +; Create one or more 'real' program: sections to be able to control them under +; supervisor. + +;[program:theprogramname] +;command=/bin/cat ; the program (relative uses PATH, can take args) +;process_name=%(program_name)s ; process_name expr (default %(program_name)s) +;numprocs=1 ; number of processes copies to start (def 1) +;directory=/tmp ; directory to cwd to before exec (def no cwd) +;umask=022 ; umask for process (default None) +;priority=999 ; the relative start priority (default 999) +;autostart=true ; start at supervisord start (default: true) +;startsecs=1 ; # of secs prog must stay up to be running (def. 1) +;startretries=3 ; max # of serial start failures when starting (default 3) +;autorestart=unexpected ; when to restart if exited after running (def: unexpected) +;exitcodes=0 ; 'expected' exit codes used with autorestart (default 0) +;stopsignal=QUIT ; signal used to kill process (default TERM) +;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) +;stopasgroup=false ; send stop signal to the UNIX process group (default false) +;killasgroup=false ; SIGKILL the UNIX process group (def false) +;user=chrism ; setuid to this UNIX account to run the program +;redirect_stderr=true ; redirect proc stderr to stdout (default false) +;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO +;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stdout_logfile_backups=10 ; # of stdout logfile backups (0 means none, default 10) +;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) +;stdout_events_enabled=false ; emit events on stdout writes (default false) +;stdout_syslog=false ; send stdout to syslog with process name (default false) +;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO +;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stderr_logfile_backups=10 ; # of stderr logfile backups (0 means none, default 10) +;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) +;stderr_events_enabled=false ; emit events on stderr writes (default false) +;stderr_syslog=false ; send stderr to syslog with process name (default false) +;environment=A="1",B="2" ; process environment additions (def no adds) +;serverurl=AUTO ; override serverurl computation (childutils) + +; The sample eventlistener section below shows all possible eventlistener +; subsection values. Create one or more 'real' eventlistener: sections to be +; able to handle event notifications sent by supervisord. + +;[eventlistener:theeventlistenername] +;command=/bin/eventlistener ; the program (relative uses PATH, can take args) +;process_name=%(program_name)s ; process_name expr (default %(program_name)s) +;numprocs=1 ; number of processes copies to start (def 1) +;events=EVENT ; event notif. types to subscribe to (req'd) +;buffer_size=10 ; event buffer queue size (default 10) +;directory=/tmp ; directory to cwd to before exec (def no cwd) +;umask=022 ; umask for process (default None) +;priority=-1 ; the relative start priority (default -1) +;autostart=true ; start at supervisord start (default: true) +;startsecs=1 ; # of secs prog must stay up to be running (def. 1) +;startretries=3 ; max # of serial start failures when starting (default 3) +;autorestart=unexpected ; autorestart if exited after running (def: unexpected) +;exitcodes=0 ; 'expected' exit codes used with autorestart (default 0) +;stopsignal=QUIT ; signal used to kill process (default TERM) +;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) +;stopasgroup=false ; send stop signal to the UNIX process group (default false) +;killasgroup=false ; SIGKILL the UNIX process group (def false) +;user=chrism ; setuid to this UNIX account to run the program +;redirect_stderr=false ; redirect_stderr=true is not allowed for eventlisteners +;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO +;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stdout_logfile_backups=10 ; # of stdout logfile backups (0 means none, default 10) +;stdout_events_enabled=false ; emit events on stdout writes (default false) +;stdout_syslog=false ; send stdout to syslog with process name (default false) +;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO +;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) +;stderr_logfile_backups=10 ; # of stderr logfile backups (0 means none, default 10) +;stderr_events_enabled=false ; emit events on stderr writes (default false) +;stderr_syslog=false ; send stderr to syslog with process name (default false) +;environment=A="1",B="2" ; process environment additions +;serverurl=AUTO ; override serverurl computation (childutils) + +; The sample group section below shows all possible group values. Create one +; or more 'real' group: sections to create "heterogeneous" process groups. + +;[group:thegroupname] +;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions +;priority=999 ; the relative start priority (default 999) + +; The [include] section can just contain the "files" setting. This +; setting can list multiple files (separated by whitespace or +; newlines). It can also contain wildcards. The filenames are +; interpreted as relative to this file. Included files *cannot* +; include files themselves. + +[include] +files = /etc/supervisord.d/*.ini diff --git a/roles/supervisor/tasks/install.yml b/roles/supervisor/tasks/install.yml new file mode 100644 index 0000000..b524822 --- /dev/null +++ b/roles/supervisor/tasks/install.yml @@ -0,0 +1,48 @@ +--- +- name: pip安装supervisor + shell: + chdir: ~ + cmd: pip3 install supervisor==4.2.1 + +- name: supervisorctl 软连接 + file: + src: /usr/local/python3/bin/supervisorctl + dest: /usr/bin/supervisorctl + state: link + +- name: supervisord 软连接 + file: + src: /usr/local/python3/bin/supervisord + dest: /usr/bin/supervisord + state: link + +- name: 创建supervisord.d文件夹 + file: + path: /etc/supervisord.d + state: directory + +- name: 复制配置文件 + copy: + src: supervisord.conf + dest: /etc/supervisord.conf + +- name: 复制supervisord + copy: + src: supervisord + dest: /etc/init.d/supervisord + mode: '0777' + +- name: chkconfig add supervisord + shell: + chdir: ~ + cmd: chkconfig --add supervisord + +- name: 开机自启动 + shell: + chdir: ~ + cmd: chkconfig supervisord on + +- name: 启动服务 + service: + name: supervisord + state: started \ No newline at end of file diff --git a/roles/supervisor/tasks/main.yml b/roles/supervisor/tasks/main.yml new file mode 100644 index 0000000..bb163bd --- /dev/null +++ b/roles/supervisor/tasks/main.yml @@ -0,0 +1,10 @@ +--- + +- name: 检查服务 + stat: + path: /etc/init.d/supervisord + register: supervisord_stat_result + +- name: 安装服务 + include: install.yml + when: not supervisord_stat_result.stat.exists \ No newline at end of file diff --git a/roles/test.yml b/roles/test.yml new file mode 100644 index 0000000..56e8d3b --- /dev/null +++ b/roles/test.yml @@ -0,0 +1,6 @@ +--- +- hosts: os1 + gather_facts: false + remote_user: root + roles: + - project diff --git a/roles/xdata_env.yml b/roles/xdata_env.yml new file mode 100644 index 0000000..e97a360 --- /dev/null +++ b/roles/xdata_env.yml @@ -0,0 +1,12 @@ +--- + +- hosts: xdata_server + gather_facts: false + remote_user: root + roles: + - yumconfig + - dependencies + - openssh + - python + - supervisor + - mongodb diff --git a/roles/yumconfig/files/CentOS-Base.repo b/roles/yumconfig/files/CentOS-Base.repo new file mode 100644 index 0000000..32c4465 --- /dev/null +++ b/roles/yumconfig/files/CentOS-Base.repo @@ -0,0 +1,23 @@ +[base] +name=CentOS-6.10 +enabled=1 +failovermethod=priority +baseurl=http://mirrors.aliyuncs.com/centos-vault/6.10/os/$basearch/ +gpgcheck=1 +gpgkey=http://mirrors.aliyuncs.com/centos-vault/RPM-GPG-KEY-CentOS-6 + +[updates] +name=CentOS-6.10 +enabled=1 +failovermethod=priority +baseurl=http://mirrors.aliyuncs.com/centos-vault/6.10/updates/$basearch/ +gpgcheck=1 +gpgkey=http://mirrors.aliyuncs.comm/centos-vault/RPM-GPG-KEY-CentOS-6 + +[extras] +name=CentOS-6.10 +enabled=1 +failovermethod=priority +baseurl=http://mirrors.aliyuncs.com/centos-vault/6.10/extras/$basearch/ +gpgcheck=1 +gpgkey=http://mirrors.aliyuncs.com/centos-vault/RPM-GPG-KEY-CentOS-6 \ No newline at end of file diff --git a/roles/yumconfig/files/epel.repo b/roles/yumconfig/files/epel.repo new file mode 100644 index 0000000..8c86464 --- /dev/null +++ b/roles/yumconfig/files/epel.repo @@ -0,0 +1,7 @@ +[epel] +name=Extra Packages for Enterprise Linux 6 - $basearch +enabled=1 +failovermethod=priority +baseurl=http://mirrors.aliyuncs.com/epel-archive/6/$basearch +gpgcheck=0 +gpgkey=http://mirrors.aliyuncs.com/epel-archive/RPM-GPG-KEY-EPEL-6 \ No newline at end of file diff --git a/roles/yumconfig/files/yum.repos.d/CentOS-Base.repo b/roles/yumconfig/files/yum.repos.d/CentOS-Base.repo new file mode 100644 index 0000000..673961b --- /dev/null +++ b/roles/yumconfig/files/yum.repos.d/CentOS-Base.repo @@ -0,0 +1,18 @@ +[extras] +gpgcheck=1 +gpgkey=http://mirrors.tencentyun.com/centos/RPM-GPG-KEY-CentOS-6 +enabled=1 +baseurl=http://mirrors.tencentyun.com/centos/$releasever/extras/$basearch/ +name=Qcloud centos extras - $basearch +[os] +gpgcheck=1 +gpgkey=http://mirrors.tencentyun.com/centos/RPM-GPG-KEY-CentOS-6 +enabled=1 +baseurl=http://mirrors.tencentyun.com/centos/$releasever/os/$basearch/ +name=Qcloud centos os - $basearch +[updates] +gpgcheck=1 +gpgkey=http://mirrors.tencentyun.com/centos/RPM-GPG-KEY-CentOS-6 +enabled=1 +baseurl=http://mirrors.tencentyun.com/centos/$releasever/updates/$basearch/ +name=Qcloud centos updates - $basearch \ No newline at end of file diff --git a/roles/yumconfig/files/yum.repos.d/CentOS-Epel.repo b/roles/yumconfig/files/yum.repos.d/CentOS-Epel.repo new file mode 100644 index 0000000..0bcf9d1 --- /dev/null +++ b/roles/yumconfig/files/yum.repos.d/CentOS-Epel.repo @@ -0,0 +1,7 @@ +[epel] +name=epel for redhat/centos $releasever - $basearch +failovermethod=priority +gpgcheck=1 +gpgkey=http://mirrors.tencentyun.com/epel/RPM-GPG-KEY-EPEL-6 +enabled=1 +baseurl=http://mirrors.tencentyun.com/epel/$releasever/$basearch/ \ No newline at end of file diff --git a/roles/yumconfig/tasks/main.yml b/roles/yumconfig/tasks/main.yml new file mode 100644 index 0000000..d6fcadb --- /dev/null +++ b/roles/yumconfig/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- name: 拷贝CentOS-Base.repo + copy: + src: CentOS-Base.repo + dest: /etc/yum.repos.d/CentOS-Base.repo + when: cloud=="aliyun" + +- name: 拷贝yum.conf + copy: + src: epel.repo + dest: /etc/yum.repos.d/epel.repo + when: cloud=="aliyun" + +