目录

什么是CI 、CD

Jenkins集成工具

一、Jenkins介绍

二、jenkins的安装和部署

环境部署

安装jenkins

安装gitlab

配置镜像源进行安装

修改密码

安装git工具

上传测试代码

Jenkins部署php项目wordpress

发布php代码

安装插件

测试代码发布

实现发布成功发送邮件通知

利用脚本部署lnmp环境

部署脚本

上传gitlab

发布执行

jenkins结合ansible修改配置文件

安装ansible

编写主机清单

编写jinjia2模板文件

编写playbook文件

测试结果

---

什么是CI 、CD

CI 、CD一般包含三个概念：持续集成（Continuous Integration ，CI），持续交付（Continuous Delivery），持续部署（Continuous Deploy）。

1. 持续集成（CI）：

开发人员频繁地将代码集成到共享的代码库中。每次集成都会触发自动化的构建和测试过程。例如，使用工具如 Jenkins、GitLab CI 等，当开发人员将新代码推送至代码仓库时，CI 系统会自动拉取代码，安装依赖项，编译代码，并运行一系列测试用例。如果测试失败，开发人员会立即收到反馈，以便及时修复问题。

1. 持续交付（CD）：

是在持续集成的基础上，确保软件产品可以随时被部署到生产环境或类生产环境。它强调的是软件发布过程的自动化和可重复性，包括从测试环境到预生产环境等各个环节的交付准备，使得软件能够以一种可靠、高效的方式从开发阶段顺利进入发布阶段，但在持续交付中，最终的部署到生产环境可能仍需要人工审批等操作。

1. 持续部署（CD）：

可以看作是持续交付的进一步延伸。在持续部署中，一旦代码通过了所有的自动化测试环节，就会自动地部署到生产环境，不需要人工干预。这能够实现软件更新的最快速发布，让新功能和修复能够更快地到达用户手中。

了解到了一个它的基本概念下面学习jenkins集成工具

Jenkins集成工具

持续集成的特点：

• 是一个自动化的周期性的集成测试过程，从检出代码、编译构建、运行测试，再到结果记录、测试统计等都是自动完成，无需人工干预
• 需要有专门的集成服务器来执行集成构建
• 需要有代码托管工具支持

一、Jenkins介绍

Jenkins 原名 Hudson，2011 年修改为 Jenkins，它是一个开源的实现软件持续集成的工具。

官网地址：https://www.jenkins.io/

Jenkins工具的优点：

1. 易安装：官网下载直接运行
2. 易配置：提供了友好的 GUI 配置界面
3. 变更支持：能从代码仓库中获取并产生代码更新列表，输出到编译输出信息
4. 支持永久链接：用户是通过 Web 来访问 Jenkins 的，而这些 Web 界面的链接地址是可以一直存在的
5. 支持第三方插件
6. 能实时监控集成中存在的错误，提供详细的日志文件和提醒功能，还可以用图表的形式形象的展示项目构建的趋势和稳定性。

二、jenkins的安装和部署

这里我们使用centos7进行部署，但要注意centos7已经停止了维护，但是我们只是初步的学习，所以使用centos7依旧可行

还要注意一点的是jenkins是由java开发的工具，所以他需要jdk环境，并且他需要做版本的适配，可见官网

Redhat Jenkins 软件包

环境部署

主机名	IP	角色
web01	192.168.143.162	部署服务的机器
web02	192.168.143.163	Gitlab服务器
web03	192.168.143.164	Jenkins服务器

安装jenkins

在web03上安装jenkins

配置jenkins的源，可按官方进行配置

​
[root@web03 ~]# wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo

[root@web03 ~]#  rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key

[root@web03 ~]# yum install -y fontconfig

[root@web03 ~]# yum install -y Jenkins

​

可以看到我这里安装的是2.479的版本，所以下面配置jdk需要17或21

这里需要去官网下载jdk传入web03，因为centos yum安装现在最高只支持11，如果你不想手动配置环境，可以指定下载jenkins，让他适配jdk11就行或者下载rpm包使用yum安装也ok

这里安装jdk 21

[root@web03 ~]# ls

anaconda-ks.cfg  jdk-21_linux-x64_bin.rpm

[root@web03 ~]# yum install -y jdk-21_linux-x64_bin.rpm

查看版本和执行路径

[root@web03 ~]# java --version

java 21.0.5 2024-10-15 LTS

Java(TM) SE Runtime Environment (build 21.0.5+9-LTS-239)

Java HotSpot(TM) 64-Bit Server VM (build 21.0.5+9-LTS-239, mixed mode, sharing)

[root@web03 ~]# which java

/usr/bin/java

启动jenkins

[root@web03 ~]# systemctl start jenkins

[root@web03 ~]# yum install net-tools

记得关闭防火墙

[root@web03 ~]# systemctl stop firewalld

[root@web03 ~]# systemctl disable firewalld

Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

查看8080端口是否启动

[root@web03 ~]# netstat -ntlp

可以看到端口已经起来了

浏览器登录

[root@web03 ~]# cat /var/lib/jenkins/secrets/initialAdminPassword

选择哪一个都可以

这里我选择自定义安装，根据我后续的任务安装对应的插件

选择无

自定义创建

安装gitlab

Gitlab是企业常用的远程私有仓库，像这样的远程仓库还有github，gitee等，都能实现对代码的拉取与上传

配置镜像源进行安装

在web02上安装github

配置github镜像源

[root@web02 ~]# cat /etc/yum.repos.d/gitlab.repo

[gitlab-ce]

name=Gitlab CE Repository

baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/

gpgcheck=0

enabled=1

yum安装

[root@web02 ~]# yum install -y gitlab-ce

安装完成后进行自动配置

[root@web02 ~]#  gitlab-ctl reconfigure

# 启动githlab

[root@web02 ~]# gitlab-ctl start

用浏览器访问

端口一般为80或者443

如果出现这个界面，但是报错502，说明是后端其他服务没起来，可能是内存或者磁盘太少导致。最明显的感受就是配置完gitlab，敲命令都非常卡顿，这个时候去虚拟机关机给服务器扩展内存和磁盘就行

扩展后

重新启动服务

Gitlab服务基础命令

gitlab-ctl start        启动gitlab服务

gitlab-ctl stop         关闭gitlab服务

gitlab-ctl restart      重启gitlab服务

出现登录界面

查看密码，默认用户为root

[root@web02 ~]# cat  /etc/gitlab/initial_root_password

修改密码

进入之后记得修改密码，因为我们使用临时密码进行登陆的

然后进去修改就ok了

创建存储库

点击项目，创建项目，根据个人需求进行勾选，这里我只进行了初始化

最后进行密钥的配置

把web03的公钥添加到gitlab上，只有上传公钥后续才能进行上传代码

编写一个简单的php页面，上传到gitlab仓库

[root@web03 ~]# cat index.php

<head>

    <meta charset="UTF-8">

    <title>简单的PHP页面示例</title>

</head>



<body>

    <?php

    // 使用echo输出一段简单的欢迎文本

    echo "<h1>欢迎来到这个简单的PHP页面呀！</h1>";

   ?>

    <p>这是普通的HTML文本部分，和PHP代码可以混合编写呢。</p>

</body>



</html>

上传到gitlab仓库，需要有git工具，下面配置git工具

安装git工具

这里不使用yum安装，因为centos中yum下载版本有点低

这里从外部传输git包

解压配置环境

[root@web03 ~]# tar -zxvf git-2.39.4.tar.gz -C /usr/local/

# 配置安装编译依赖

[root@web03 ~]# yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker -y

#切换到目录进行编译，安装
    [root@web03 git-2.39.4]# make prefix=/usr/local/git all

[root@web03 git-2.39.4]# make prefix=/usr/local/git install

# 配置环境变量

[root@web03 git-2.39.4]# tail -5 /etc/profile

unset i

unset -f pathmunge





export PATH=$PATH:/usr/local/git/bin

[root@web03 git-2.39.4]# source /etc/profile

[root@web03 git-2.39.4]# which git
/usr/bin/git

上传测试代码

[root@web03 ~]# ls

anaconda-ks.cfg  git-2.39.4.tar.gz  index.php  test

[root@web03 ~]# mv index.php test/

[root@web03 ~]# cd test/

[root@web03 test]# ls

index.php

# 初始化构建版本库

[root@web03 test]# git init

初始化空的 Git 版本库于 /root/test/.git/

# 添加文件至暂存区

[root@web03 test]# git add index.php

# 提交暂存区的内容到分支上

[root@web03 test]# git commit -m "php页面"

[master（根提交） 560e04f] php页面

 1 file changed, 15 insertions(+)

 create mode 100644 index.php

# 关联远程仓库

[root@web03 test]# git remote add origin git@192.168.143.163:root/php.git

[root@web03 test]# git push -u origin main

error: src refspec main does not match any.

error: 无法推送一些引用到 'git@192.168.143.163:root/php.git'

# 提交本地分支至远程仓库

[root@web03 test]# git push -u origin master

Counting objects: 3, done.

Delta compression using up to 4 threads.

Compressing objects: 100% (2/2), done.

Writing objects: 100% (3/3), 477 bytes | 0 bytes/s, done.

Total 3 (delta 0), reused 0 (delta 0)

remote:

remote: To create a merge request for master, visit:

remote:   http://192.168.143.163/root/php/-/merge_requests/new?merge_request%5Bsource_branch%5D=master

remote:

To git@192.168.143.163:root/php.git

 * [new branch]      master -> master

分支 master 设置为跟踪来自 origin 的远程分支 master。

这里需要注意的有两点：

1. 我们需要将配置文件的url改为本机ip，如果进行了DNS解析也可以写主机名，如果不改，拉取代码会报错

#进入/etc/gitlab/gitlab.rb这个配置文件，搜索 external_url 'https://gitlab.example.com'

重启配置

gitlab-ctl reconfigure

gitlab-ctl restart

1. 我们在本地初始化后提交代码，默认会提交到master分支，但是我这里gitlab上默认给我创的main分支，所以上传代码要么更改gitlab库的分支，要么直接上传master分支

不过gitlab是提供了分支合并的

再看masetr分支已经合并到main

Jenkins部署php项目wordpress

再次创建一个存储库

这里下载wordpress.zip包解压后传入gitlab代码仓库

Wordpress官网：：https://cn.wordpress.org/download/

[root@web03 ~]#  unzip wordpress-5.5.15-zh_CN.zip

[root@web03 ~]# cd wordpress

[root@web03 wordpress]# ls

index.php    readme.html      wp-admin            wp-comments-post.php  wp-content   wp-includes        wp-load.php   wp-mail.php      wp-signup.php     xmlrpc.php

license.txt  wp-activate.php  wp-blog-header.php  wp-config-sample.php  wp-cron.php  wp-links-opml.php  wp-login.php  wp-settings.php  wp-trackback.php

# 初始化

[root@web03 wordpress]# git init

初始化空的 Git 版本库于 /root/wordpress/.git/

# 添加当前目录所有文件

[root@web03 wordpress]# git add .

# 把添加文件提交到分支

[root@web03 wordpress]# git commit -m "wordpress博客"

[master（根提交） 7c9dfba] wordpress博客

 2046 files changed, 1111469 insertions(+)

# 关联远程仓库

[root@web03 wordpress]# git remote add origin git@192.168.143.163:root/wordpress.git

# 推送到git仓库

[root@web03 wordpress]# git push -u origin master

Counting objects: 2290, done.

Delta compression using up to 4 threads.

Compressing objects: 100% (2211/2211), done.

Writing objects: 100% (2290/2290), 13.56 MiB | 2.21 MiB/s, done.

Total 2290 (delta 246), reused 0 (delta 0)

remote: Resolving deltas: 100% (246/246), done.

remote:

remote: To create a merge request for master, visit:

remote:   http://192.168.143.163/root/wordpress/-/merge_requests/new?merge_request%5Bsource_branch%5D=master

remote:

To git@192.168.143.163:root/wordpress.git

 * [new branch]      master -> master

分支 master 设置为跟踪来自 origin 的远程分支 master。

可以看到文件被推送到了仓库

发布php代码

部署php到指定服务器需要Publish Over SSH插件（发布代码），这个插件用于jenkins连接ssh的，利用这个插件就可以实现代码发布指定服务器

还需要Git 插件来实现拉取代码。

安装插件

安装Publish Over SSH插件

进入系统

在web03上生成密钥对，把私钥填入key中，将公钥分别传入web01，web02

# 生成密钥对的命令，后续一路回车

[root@web03 ~]# ssh-keygen -t rsa

# 查看生成的密钥

[root@web03 ~]# ls ~/.ssh/      #id.rsa为私钥

id_rsa  id_rsa.pub

复制给jenkins上的key

# 把公钥复制给其他机器

[root@web03 ~]# ssh-copy-id 192.168.143.162

[root@web03 ~]# ssh-copy-id 192.168.143.163

添加指定服务器，登录成功

安装git插件

测试代码发布

新建item

添加git仓库，用于拉取代码

添加构建步骤

这里添加需要部署服务的节点，也就是web01主机

这里填写的remote目录必须存在于web01中，而不能为虚构

保存，立即构建

看到出错了

点击箭头，找到控制台输出

定位错误，可以看到它说找不到构建版本

检查git配置

可以看到这里的分支为master，而我git仓库的分支为main

修改配置为main

再次构建

可以看到已经成功

查看web01指定目录

代码已经发布过来了

实现发布成功发送邮件通知

在系统中，找到邮件通知

密码是填写授权码

记得把系统管理地址改为自己的邮箱，不然测试会报错

测试

安装email Extension Plugin

进入系统添加用户和密码

重启jenkins

systemctl restart jenkins

再次进入配置，找到构建后操作，添加扩展邮件

点击高级设置，找到触发器，选择成功时发送给收件人列表，选择高深，添加收件人列表

再次构建

成功发送

利用脚本部署lnmp环境

部署脚本

在web03服务器即jenkins服务器上写一个安装lnmp环境的脚本

#!/bin/bash

#基于LAMP架构安装wordpress博客平台

#LAMP架构和数据库由yum进行安装

# 自定义的安装日志文件
logfile=/var/log/wordpress_install.log

touch $logfile

#基础准备工作

systemctl stop firewalld

setenforce 0


#安装httpd服务

yum -y install httpd

#检查

if [ $? -ne 0 ]; then

    {

        echo "安装 httpd 服务失败。错误信息：$(yum -y install httpd 2>&1)" > $logfile

        exit 1

    }

fi

echo "httpd 服务安装成功。" > $logfile

#启动httpd服务并设置开机自启

systemctl start httpd

systemctl enable httpd

#检查

yum -y install net-tools

if netstat -lnpt | grep 80; then

    echo "httpd服务启动成功" >> /var/log/wordpress_install.log

else

    echo "httpd服务启动失败"

    systemctl status httpd >> /var/log/wordpress_install.log


fi

#下载mariadb数据库

yum -y install mariadb mariadb-server mariadb-libs

if [ $? -ne 0 ]; then

    echo "安装 MariaDB 数据库失败。错误信息：$(yum -y install mariadb mariadb-server mariadb-libs 2>&1)" >> $logfile


fi

echo "MariaDB 数据库安装成功。" >> $logfile

systemctl start mariadb && systemctl enable mariadb

#检查

if netstat -lnpt | grep 3306;then

    echo "数据库启动成功" >> /var/log/wordpress_install.log

else

    echo "数据库启动失败"

    systemctl status mariadb >> /var/log/wordpress_install.log


fi


# 登录到MySQL


mysql -e 'SET PASSWORD FOR 'root'@'localhost' = PASSWORD("123456");'


systemctl restart mariadb

if ! systemctl restart mariadb; then

    echo "重启数据库服务失败,错误信息：$(systemctl status mariadb 2>&1)" >> /var/log/wordpress_install.log



fi

# 创建WordPress数据库

mysql -u root -p123456 -e "CREATE DATABASE wordpress;"
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi-php70
php=(php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json php-redis)

#下载php

yum -y install "${php[@]}" 

#检查

for package in "${php[@]}"; do

        echo "$package 安装成功。" >> /var/log/wordpress_install.log


done
systemctl start php-fpm
systemctl enable php-fpm

上传gitlab

新建一个存储库

上传代码

[root@web03 ~]# mkdir lnmp

[root@web03 ~]# mv lnmp.sh lnmp/

[root@web03 ~]# cd lnmp/

[root@web03 lnmp]# ls

lnmp.sh

[root@web03 lnmp]# git init

初始化空的 Git 版本库于 /root/lnmp/.git/

[root@web03 lnmp]# git add lnmp.sh

[root@web03 lnmp]# git commit -m "lnmp环境"

[master（根提交） 7ab2687] lnmp环境

 1 file changed, 155 insertions(+)

 create mode 100755 lnmp.sh

[root@web03 lnmp]# git remote add origin git@192.168.143.163:root/lnmp.git

[root@web03 lnmp]# git push -u origin master

Counting objects: 3, done.

Delta compression using up to 4 threads.

Compressing objects: 100% (2/2), done.

Writing objects: 100% (3/3), 1.27 KiB | 0 bytes/s, done.

Total 3 (delta 0), reused 0 (delta 0)

remote:

remote: To create a merge request for master, visit:

remote:   http://192.168.143.163/root/lnmp/-/merge_requests/new?merge_request%5Bsource_branch%5D=master

remote:

To git@192.168.143.163:root/lnmp.git

 * [new branch]      master -> master

分支 master 设置为跟踪来自 origin 的远程分支 master。

合并分支

发布执行

再次进入jenkins，添加一个git仓库

可以看到它显示结果不稳定

看看文件有传输过去吗

手动执行看看，发现脚本正在执行，可能是网路导致，服务下载出错，导致失败

这里为了证实猜想，手动更新yum源，只对服务进行下载来减少下载时间

jenkins结合ansible修改配置文件

安装ansible

在web03上安装ansible，并在jenkins上安装插件

# 先拉取epel扩展源

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

# 更新yum源

yum makecache fast

# 安装Ansible

yum -y install ansible

编写主机清单

使用/etc/ansible/hosts或inventory.ini都行

[root@web03 ansible]# cat hosts

[web01]

192.168.143.162  ansible_ssh_user=root ansible_ssh_pass=050801

测试是否能够正常连接

编写jinjia2模板文件

这里其实没有太多内容添加，更多的是把原文内容复制过来，主要是httpd服务默认未开启php模块（LoadModule php7_module modules/libphp7.so），我们需要手动给他添加

[root@web01 conf]# cat httpd.conf

#

# This is the main Apache HTTP server configuration file.  It contains the

# configuration directives that give the server its instructions.

# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.

# In particular, see

# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>

# for a discussion of each configuration directive.

#

# Do NOT simply read the instructions in here without understanding

# what they do.  They're here only as hints or reminders.  If you are unsure

# consult the online docs. You have been warned. 

#

# Configuration and logfile names: If the filenames you specify for many

# of the server's control files begin with "/" (or "drive:/" for Win32), the

# server will use that explicit path.  If the filenames do *not* begin

# with "/", the value of ServerRoot is prepended -- so 'log/access_log'

# with ServerRoot set to '/www' will be interpreted by the

# server as '/www/log/access_log', where as '/log/access_log' will be

# interpreted as '/log/access_log'.



#

# ServerRoot: The top of the directory tree under which the server's

# configuration, error, and log files are kept.

#

# Do not add a slash at the end of the directory path.  If you point

# ServerRoot at a non-local disk, be sure to specify a local disk on the

# Mutex directive, if file-based mutexes are used.  If you wish to share the

# same ServerRoot for multiple httpd daemons, you will need to change at

# least PidFile.

#

ServerRoot "/etc/httpd"



#

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80



#

# Dynamic Shared Object (DSO) Support

#

# To be able to use the functionality of a module which was built as a DSO you

# have to place corresponding `LoadModule' lines at this location so the

# directives contained in it are actually available _before_ they are used.

# Statically compiled modules (those listed by `httpd -l') do not need

# to be loaded here.

#

# Example:

# LoadModule foo_module modules/mod_foo.so

#

    {{ php_modules }}

Include conf.modules.d/*.conf





#

# If you wish httpd to run as a different user or group, you must run

# httpd as root initially and it will switch. 

#

# User/Group: The name (or #number) of the user/group to run httpd as.

# It is usually good practice to create a dedicated user and group for

# running httpd, as with most system services.

#

User apache

Group apache



# 'Main' server configuration

#

# The directives in this section set up the values used by the 'main'

# server, which responds to any requests that aren't handled by a

# <VirtualHost> definition.  These values also provide defaults for

# any <VirtualHost> containers you may define later in the file.

#

# All of these directives may appear inside <VirtualHost> containers,

# in which case these default settings will be overridden for the

# virtual host being defined.

#



#

# ServerAdmin: Your address, where problems with the server should be

# e-mailed.  This address appears on some server-generated pages, such

# as error documents.  e.g. admin@your-domain.com

#

ServerAdmin root@localhost



#

# ServerName gives the name and port that the server uses to identify itself.

# This can often be determined automatically, but we recommend you specify

# it explicitly to prevent problems during startup.

#

# If your host doesn't have a registered DNS name, enter its IP address here.

#

#ServerName www.example.com:80



#

# Deny access to the entirety of your server's filesystem. You must

# explicitly permit access to web content directories in other

# <Directory> blocks below.

#

<Directory />

    AllowOverride none

    Require all denied

</Directory>



#

# Note that from this point forward you must specifically allow

# particular features to be enabled - so if something's not working as

# you might expect, make sure that you have specifically enabled it

# below.

#



#

# DocumentRoot: The directory out of which you will serve your

# documents. By default, all requests are taken from this directory, but

# symbolic links and aliases may be used to point to other locations.

#

DocumentRoot "/var/www/html"



#

# Relax access to content within /var/www.

#

<Directory "/var/www">

    AllowOverride None

    # Allow open access:

    Require all granted

</Directory>



# Further relax access to the default document root:

<Directory "/var/www/html">

    #

    # Possible values for the Options directive are "None", "All",

    # or any combination of:

    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

    #

    # Note that "MultiViews" must be named *explicitly* --- "Options All"

    # doesn't give it to you.

    #

    # The Options directive is both complicated and important.  Please see

    # http://httpd.apache.org/docs/2.4/mod/core.html#options

    # for more information.

    #

    Options Indexes FollowSymLinks



    #

    # AllowOverride controls what directives may be placed in .htaccess files.

    # It can be "All", "None", or any combination of the keywords:

    #   Options FileInfo AuthConfig Limit

    #

    AllowOverride None



    #

    # Controls who can get stuff from this server.

    #

    Require all granted

</Directory>



#

# DirectoryIndex: sets the file that Apache will serve if a directory

# is requested.

#

<IfModule dir_module>

    DirectoryIndex index.html

</IfModule>



#

# The following lines prevent .htaccess and .htpasswd files from being

# viewed by Web clients.

#

<Files ".ht*">

    Require all denied

</Files>



#

# ErrorLog: The location of the error log file.

# If you do not specify an ErrorLog directive within a <VirtualHost>

# container, error messages relating to that virtual host will be

# logged here.  If you *do* define an error logfile for a <VirtualHost>

# container, that host's errors will be logged there and not here.

#

ErrorLog "logs/error_log"



#

# LogLevel: Control the number of messages logged to the error_log.

# Possible values include: debug, info, notice, warn, error, crit,

# alert, emerg.

#

LogLevel warn



<IfModule log_config_module>

    #

    # The following directives define some format nicknames for use with

    # a CustomLog directive (see below).

    #

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

    LogFormat "%h %l %u %t \"%r\" %>s %b" common



    <IfModule logio_module>

      # You need to enable mod_logio.c to use %I and %O

      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

    </IfModule>



    #

    # The location and format of the access logfile (Common Logfile Format).

    # If you do not define any access logfiles within a <VirtualHost>

    # container, they will be logged here.  Contrariwise, if you *do*

    # define per-<VirtualHost> access logfiles, transactions will be

    # logged therein and *not* in this file.

    #

    #CustomLog "logs/access_log" common



    #

    # If you prefer a logfile with access, agent, and referer information

    # (Combined Logfile Format) you can use the following directive.

    #

    CustomLog "logs/access_log" combined

</IfModule>



<IfModule alias_module>

    #

    # Redirect: Allows you to tell clients about documents that used to

    # exist in your server's namespace, but do not anymore. The client

    # will make a new request for the document at its new location.

    # Example:

    # Redirect permanent /foo http://www.example.com/bar



    #

    # Alias: Maps web paths into filesystem paths and is used to

    # access content that does not live under the DocumentRoot.

    # Example:

    # Alias /webpath /full/filesystem/path

    #

    # If you include a trailing / on /webpath then the server will

    # require it to be present in the URL.  You will also likely

    # need to provide a <Directory> section to allow access to

    # the filesystem path.



    #

    # ScriptAlias: This controls which directories contain server scripts.

    # ScriptAliases are essentially the same as Aliases, except that

    # documents in the target directory are treated as applications and

    # run by the server when requested rather than as documents sent to the

    # client.  The same rules about trailing "/" apply to ScriptAlias

    # directives as to Alias.

    #

    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"



</IfModule>



#

# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased

# CGI directory exists, if you have that configured.

#

<Directory "/var/www/cgi-bin">

    AllowOverride None

    Options None

    Require all granted

</Directory>



<IfModule mime_module>

    #

    # TypesConfig points to the file containing the list of mappings from

    # filename extension to MIME-type.

    #

    TypesConfig /etc/mime.types



    #

    # AddType allows you to add to or override the MIME configuration

    # file specified in TypesConfig for specific file types.

    #

    #AddType application/x-gzip .tgz

    #

    # AddEncoding allows you to have certain browsers uncompress

    # information on the fly. Note: Not all browsers support this.

    #

    #AddEncoding x-compress .Z

    #AddEncoding x-gzip .gz .tgz

    #

    # If the AddEncoding directives above are commented-out, then you

    # probably should define those extensions to indicate media types:

    #

    AddType application/x-compress .Z

    AddType application/x-gzip .gz .tgz



    #

    # AddHandler allows you to map certain file extensions to "handlers":

    # actions unrelated to filetype. These can be either built into the server

    # or added with the Action directive (see below)

    #

    # To use CGI scripts outside of ScriptAliased directories:

    # (You will also need to add "ExecCGI" to the "Options" directive.)

    #

    #AddHandler cgi-script .cgi



    # For type maps (negotiated resources):

    #AddHandler type-map var



    #

    # Filters allow you to process content before it is sent to the client.

    #

    # To parse .shtml files for server-side includes (SSI):

    # (You will also need to add "Includes" to the "Options" directive.)

    #

    AddType text/html .shtml

    AddOutputFilter INCLUDES .shtml

</IfModule>



#

# Specify a default charset for all content served; this enables

# interpretation of all content as UTF-8 by default.  To use the

# default browser choice (ISO-8859-1), or to allow the META tags

# in HTML content to override this choice, comment out this

# directive:

#

AddDefaultCharset UTF-8



<IfModule mime_magic_module>

    #

    # The mod_mime_magic module allows the server to use various hints from the

    # contents of the file itself to determine its type.  The MIMEMagicFile

    # directive tells the module where the hint definitions are located.

    #

    MIMEMagicFile conf/magic

</IfModule>



#

# Customizable error responses come in three flavors:

# 1) plain text 2) local redirects 3) external redirects

#

# Some examples:

#ErrorDocument 500 "The server made a boo boo."

#ErrorDocument 404 /missing.html

#ErrorDocument 404 "/cgi-bin/missing_handler.pl"

#ErrorDocument 402 http://www.example.com/subscription_info.html

#



#

# EnableMMAP and EnableSendfile: On systems that support it,

# memory-mapping or the sendfile syscall may be used to deliver

# files.  This usually improves server performance, but must

# be turned off when serving from networked-mounted

# filesystems or if support for these functions is otherwise

# broken on your system.

# Defaults if commented: EnableMMAP On, EnableSendfile Off

#

#EnableMMAP off

EnableSendfile on



# Supplemental configuration

#

# Load config files in the "/etc/httpd/conf.d" directory, if any.

IncludeOptional conf.d/*.conf

编写playbook文件

[root@web03 ansible]# cat httpd.yml

---

  - name: httpd config

    hosts: web01

    vars:

      - php_modules: LoadModule php7_module modules/libphp7.so

    tasks:

      - name: change config

        template:

          src: /etc/ansible/http.conf.j2

          dest: /etc/httpd/conf/httpd.conf

        notify: restart

    handlers:

      - name: restart

        service:

          name: httpd

          state: restarted

管理jenkins找到工具，进入找到ansible安装，配置ansible执行路径

进入jenkins项目配置，构建步骤添加ansible playbook命令

给出playbook文件路径，主机清单文件

测试结果

再次构建