1粹断、ansible-playbook實(shí)現(xiàn)MySQL的二進(jìn)制部署
準(zhǔn)備工作
ansible 免密鑰配置
ssh-keygen # 生成密鑰對(duì)# 為兩臺(tái)被控端傳輸密鑰瓶埋,方便ansible進(jìn)行管理
ssh-copy-id -i root@10.0.0.161
編輯主機(jī)清單
[root@centos-160 ansible]# vim /data/ansible/hosts
#末尾添加
[dbsrvs]
10.0.0.161
創(chuàng)建MySQL8角色目錄
mkdir -pv /data/ansible/roles/mysql8/{defaults,files,handlers,meta,tasks,templates,vars}
files目錄文件準(zhǔn)備
[root@centos-160 mysql8]# tree files/
files/
└── mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz
0 directories, 1 file
templates目錄
[root@centos-160 mysql8]# tree templates/
templates/
└── my.cnf.j2
0 directories, 1 file
注意:配置文件里面如果設(shè)置了 pid-file參數(shù)养筒,pid文件所在的文件夾owner和group需設(shè)置為mysql闽颇,默認(rèn)放在data目錄下可以不用額外設(shè)置(data目錄默認(rèn)設(shè)置為 mysql:mysql)
[root@centos-160 templates]# cat templates/my.cnf.j2
# Ansible managed
[client]
#password = your_password
port = 3306
#socket = /var/lib/mysql/mysql.sock
socket = /data/mysql/mysql.sock
default-character-set=utf8mb4
[mysql]
default-character-set=utf8mb4
[mysqld]
default_authentication_plugin = mysql_native_password
user = mysql
port = 3306
datadir = /data/mysql
#pid-file = /data/mysql/mysqld/mysqld.pid
socket = /data/mysql/mysql.sock
skip-name-resolve
general-log = 1
general_log_file = /data/mysql/mysqld.log
log-error = /data/mysql/mysql.err
...省略
# Other settings.
# * IMPORTANT: Additional settings that can override those from this file!
# The files must end with '.cnf', otherwise they'll be ignored.
#
vars目錄
[root@centos-160 mysql8]# tree vars/
vars/
└── main.yml
0 directories, 1 file
[root@centos-160 mysql8]# cat vars/main.yml
---
mysql_version: 8.0.23
mysql_file: mysql-{{ mysql_version }}-linux-glibc2.12-x86_64.tar.xz
mysql_dir: mysql-{{ mysql_version }}-linux-glibc2.12-x86_64
mysql_root_password: 123qwe@MYSQL
tasks目錄
[root@centos-160 mysql8]# tree tasks/
tasks/
├── conf.yml
├── data.yml
├── group.yml
├── install.yml
├── linkfile.yml
├── main.yml
├── path.yml
├── script.yml
├── secure.yml
├── service.yml
├── unarchive.yml
└── user.yml
main.yml 任務(wù)執(zhí)行主文件
[root@centos-160 ansible]# cat roles/mysql8/tasks/main.yml
---
- name: Install Requirements
include: install.yml
- name: Add Group
include: group.yml
- name: Add User
include: user.yml
- name: Unarchive File
include: unarchive.yml
- name: Add Link
include: linkfile.yml
- name: Initialize with Datadir
include: data.yml
- name: Manage Conf File
include: conf.yml
- name: Manage Service Script
include: script.yml
- name: Manage PATH
include: path.yml
- name: Manage Service
include: service.yml
- name: Set PASSWD
include: secure.yml
install.yml 安裝依賴
[root@centos-160 ansible]# cat roles/mysql8/tasks/install.yml
---
- name: Install mysql requirements
yum:
name:
- libaio
- numactl-libs
state: present
group.yml 創(chuàng)建組
[root@centos-160 ansible]# cat roles/mysql8/tasks/group.yml
---
- name: Create Group
group:
name: mysql
gid: 306
state: present
user.yml 創(chuàng)建用戶
[root@centos-160 ansible]# cat roles/mysql8/tasks/user.yml
---
- name: Add User
user:
name: mysql
uid: 306
group: mysql
shell: /sbin/nologin
system: yes
create_home: no
home: /data/mysql
unarchive.yml 解壓縮
[root@centos-160 ansible]# cat roles/mysql8/tasks/unarchive.yml
---
- name: Copy tar pkgs to remote machine and unarchive
unarchive:
src: '{{ mysql_file }}'
dest: /usr/local
owner: root
group: root
linkfile.yml 創(chuàng)建鏈接
[root@centos-160 ansible]# cat roles/mysql8/tasks/linkfile.yml
---
- name: Add linkfile
file:
src: '/usr/local/{{ mysql_dir }}'
dest: '/usr/local/mysql'
state: link
#可省略如下步驟
- name: Change owner
file:
path: '/usr/local/mysql'
state: directory
recurse: yes
owner: root
group: root
mode: '0755'
path.yml 設(shè)置環(huán)境變量
[root@centos-160 ansible]# cat roles/mysql8/tasks/path.yml
---
- name: Manage PATH Variable
copy:
content: 'PATH=$PATH:/usr/local/mysql/bin'
dest: '/etc/profile.d/mysql-env.sh'
- name: Active env variable
shell:
cmd: bash mysql-env.sh
chdir: '/etc/profile.d/'
data.yml 初始化工作目錄
[root@centos-160 ansible]# cat roles/mysql8/tasks/data.yml
---
- name: Initialize mysql data
shell: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/data/mysql
tags: init_data
conf.yml 復(fù)制配置文件模板
[root@centos-160 ansible]# cat roles/mysql8/tasks/conf.yml
---
- name: Conf my.cnf
template:
src: my.cnf.j2
dest: /etc/my.cnf
script.yml 添加服務(wù)腳本
[root@centos-160 ansible]# cat roles/mysql8/tasks/script.yml
---
- name: Service script
shell: /usr/bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
service.yml 配置服務(wù)啟動(dòng)
[root@centos-160 ansible]# cat roles/mysql8/tasks/service.yml
---
- name: Enabled service
shell: /usr/sbin/chkconfig --add mysqld; /etc/init.d/mysqld start
tags: service
secure.yml 設(shè)置密碼
[root@centos-160 ansible]# cat roles/mysql8/tasks/secure.yml
---
- name: Set password
shell: /usr/local/mysql/bin/mysqladmin -uroot password '{{ mysql_root_password }}'
執(zhí)行MySQL安裝角色:role_mysql.yml
[root@centos-160 ansible]# cat role_mysql.yml
---
- hosts: dbsrvs
remote_user: root
gather_facts: no
roles:
- mysql8
##執(zhí)行安裝角色
[root@centos-160 ansible]# ansible-playbook role_mysql.yml
2剩膘、Ansible playbook實(shí)現(xiàn)apache批量部署,并對(duì)不同主機(jī)提供以各自IP地址為內(nèi)容的index.html
準(zhǔn)備工作
ansible免密鑰配置
ssh-keygen # 生成密鑰對(duì)# 為兩臺(tái)被控端傳輸密鑰怠褐,方便ansible進(jìn)行管理
ssh-copy-id -i root@10.0.0.161
ssh-copy-id -i root@10.0.0.162
編輯主機(jī)清單文件
[root@centos-160 ansible]# vim /data/ansible/hosts
#末尾添加
[websrvs]
10.0.0.161
10.0.0.162
創(chuàng)建apache-httpd角色目錄
mkdir -pv /data/ansible/roles/httpd/{defaults,files,handlers,meta,tasks,templates,vars}
最終目錄文件結(jié)構(gòu)
[root@centos-160 ansible]# tree roles/httpd/
roles/httpd/
├── defaults
│ └── main.yml
├── files
│ └── httpd_ssl_certificate.sh
├── handlers
│ └── main.yml
├── meta
├── tasks
│ ├── certificates.yml
│ ├── group.yml
│ ├── httpd_conf.yml
│ ├── index.yml
│ ├── install.yml
│ ├── main.yml
│ ├── service.yml
│ ├── ssl_conf.yml
│ ├── status.yml
│ └── user.yml
├── templates
│ ├── httpd.conf.j2
│ ├── index.html.j2
│ ├── ssl.conf.j2
│ └── status.conf.j2
└── vars
└── RedHat.yml
defaults目錄
[root@centos-160 ansible]# tree roles/httpd/defaults/
roles/httpd/defaults/
└── main.yml
0 directories, 1 file
----
----
[root@centos-160 ansible]# cat roles/httpd/defaults/main.yml
# roles/httpd/defaults/main.yml
---
httpd_access_log: logs/access_log
httpd_access_log_ssl: logs/ssl_access_log
httpd_document_root: '/var/www/html'
httpd_error_log: logs/error_log
httpd_error_log_ssl: logs/ssl_error_log
httpd_extended_status: 'On'
httpd_listen: 80
httpd_listen_ssl: 443
httpd_log_level: warn
httpd_log_level_ssl: warn
httpd_server_admin: root@localhost
httpd_server_root: '/etc/httpd'
httpd_server_tokens: Prod
httpd_ssl_certificate_file: localhost.crt
httpd_ssl_certificate_key_file: localhost.key
httpd_status_enable: false
httpd_status_location: '/server-status'
httpd_status_require: 'host localhost'
# SSL configuration, "Modern profile" according to:
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.4.34&openssl=1.1.0i&hsts=yes&profile=modern
httpd_ssl_cipher_suite: >
'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
httpd_ssl_compression: 'off'
httpd_ssl_honor_cipher_order: 'on'
httpd_ssl_protocol: 'all -SSLv3 -TLSv1 -TLSv1.1'
httpd_ssl_session_tickets: 'off'
httpd_ssl_stapling_responder_timeout: 5
httpd_ssl_stapling_return_responder_errors: 'off'
httpd_ssl_stapling_cache: 'shmcb:/var/run/ocsp(128000)'
httpd_ssl_use_stapling: 'on'
files目錄
[root@centos-160 ansible]# tree roles/httpd/files/
roles/httpd/files/
└── httpd_ssl_certificate.sh
[root@centos-160 ansible]# cat roles/httpd/files/httpd_ssl_certificate.sh
#!/bin/bash
umask 077
if [ -f /etc/pki/tls/private/localhost.key -o -f /etc/pki/tls/certs/localhost.crt ]; then
exit 0
fi
/usr/bin/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > /etc/pki/tls/private/localhost.key 2> /dev/null
FQDN=`hostname`
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
FQDN=localhost.localdomain
fi
cat << EOF | /usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key \
-x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
-out /etc/pki/tls/certs/localhost.crt 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF
handlers目錄
[root@centos-160 ansible]# tree roles/httpd/handlers/
roles/httpd/handlers/
└── main.yml
0 directories, 1 file
[root@centos-160 ansible]# cat roles/httpd/handlers/main.yml
# roles/httpd/handlers/main.yml
---
- name: restart httpd
service:
name: httpd
state: restarted
tasks目錄
[root@centos-160 ansible]# tree roles/httpd/tasks/
roles/httpd/tasks/
├── certificates.yml
├── group.yml
├── httpd_conf.yml
├── index.yml
├── install.yml
├── main.yml
├── service.yml
├── ssl_conf.yml
├── status.yml
└── user.yml
0 directories, 10 files
main.yml文件
[root@centos-160 ansible]# cat roles/httpd/tasks/main.yml
---
- include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_distribution }}.yml"
- "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family }}.yml"
- "{{ ansible_distribution_file_variety }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_distribution_file_variety }}.yml"
- name: Add Group
include: group.yml
- name: Add User
include: user.yml
- name: Install apache-httpd
include: install.yml
tags: httpd-pkgs
- name: Conf httpd.conf
include: httpd_conf.yml
tags: httpd_conf
- name: Conf status.conf
include: status.yml
tags: status.conf
- name: Install certificate files
include: certificates.yml
tags: ssl_conf
- name: Conf mod_ssl file
include: ssl_conf.yml
tags: ssl_conf
- name: Copy Index.html
include: index.yml
tags: index
- name: Manage service
include: service.yml
tags: service
group.yml文件
---
- name: Add Group
group:
name: apache
gid: 48
system: yes
state: present
user.yml文件
[root@centos-160 ansible]# cat roles/httpd/tasks/user.yml
---
- name: Add User
user:
name: apache
uid: 48
group: apache
shell: /sbin/nologin
home: /usr/share/httpd
system: yes
state: present
install.yml文件
[root@centos-160 ansible]# cat roles/httpd/tasks/install.yml
---
- name: Install Apache httpd
package:
name: "{{ item }}"
state: present
with_items: "{{ httpd_packages }}"
httpd_conf.yml文件
[root@centos-160 ansible]# cat roles/httpd/tasks/httpd_conf.yml
---
- name: Conf httpd_conf
template:
src: httpd.conf.j2
dest: "{{ httpd_config }}"
owner: root
group: root
setype: httpd_config_t
mode: "0644"
notify: restart httpd
certificates.yml 文件
# roles/httpd/tasks/certificates.yml
# Install certificate files on the target host
---
- name: Check if default SSL certificate exists
stat:
path: "{{ httpd_cert_dir }}/localhost.crt"
register: ssl_cert_file
when: httpd_ssl_certificate_file == 'localhost.crt'
- name: Copy scripts to remote node for generate keys
copy:
src: httpd_ssl_certificate.sh
dest: /etc/pki/tls/httpd_ssl_certificate.sh
when:
- httpd_ssl_certificate_file == 'localhost.crt'
- not ssl_cert_file.stat.exists
- name: Generate default SSL certificate
shell: /bin/bash /etc/pki/tls/httpd_ssl_certificate.sh
when: >
httpd_ssl_certificate_file == 'localhost.crt'
and not ssl_cert_file.stat.exists
# follow 4 copy steps can be deleted
- name: Copy user defined key file
copy:
src: "{{ httpd_ssl_certificate_key_file }}"
dest: "{{ httpd_key_dir }}/{{ httpd_ssl_certificate_key_file }}"
when: httpd_ssl_certificate_key_file != 'localhost.key'
- name: Copy custom certificate file
copy:
src: "{{ httpd_ssl_certificate_file }}"
dest: "{{ httpd_cert_dir }}/{{ httpd_ssl_certificate_file }}"
when: httpd_ssl_certificate_file != 'localhost.crt'
- name: Copy custom certificate chain file
copy:
src: "{{ httpd_ssl_certificate_chain_file }}"
dest: "{{ httpd_cert_dir }}/{{ httpd_ssl_certificate_chain_file }}"
when: httpd_ssl_certificate_chain_file is defined
- name: Copy custom CA certificate file
copy:
src: "{{ httpd_ssl_ca_certificate_file }}"
dest: "{{ httpd_cert_dir }}/{{ httpd_ssl_ca_certificate_file }}"
when: httpd_ssl_ca_certificate_file is defined
status.conf.yml 文件
[root@centos-160 ansible]# cat roles/httpd/tasks/status.yml
---
- name: Conf status file
template:
src: status.conf.j2
dest: "{{ httpd_status_config }}"
owner: root
group: root
setype: httpd_config_t
mode: '0644'
notify: restart httpd
when: httpd_status_enable
ssl_conf.yml 文件
[root@centos-160 ansible]# cat roles/httpd/tasks/ssl_conf.yml
---
- name: Conf ssl.conf
template:
src: ssl.conf.j2
dest: "{{ httpd_ssl_config }}"
owner: root
group: root
setype: httpd_config_t
mode: "0644"
notify: restart httpd
index.yml 文件
[root@centos-160 ansible]# cat roles/httpd/tasks/index.yml
---
- name: Copy index.html
template:
src: index.html.j2
dest: "{{ httpd_document_root }}/index.html"
service.yml 文件
[root@centos-160 ansible]# cat roles/httpd/tasks/service.yml
---
- name: Manage httpd service
service:
name: httpd
state: started
enabled: true
templates目錄
[root@centos-160 ansible]# tree roles/httpd/templates/
roles/httpd/templates/
├── httpd.conf.j2
├── index.html.j2
├── ssl.conf.j2
└── status.conf.j2
0 directories, 4 files
index.html.j2 文件
[root@centos-160 ansible]# cat roles/httpd/templates/index.html.j2
<h1> {{ ansible_eth0.ipv4.address }} TEST </h1>
httpd.conf.j2 文件
[root@centos-160 ansible]# cat ./roles/httpd/templates/httpd.conf.j2
# Apache HTTP server - main configuration
#
# {{ ansible_managed }}
## General configuration
ServerRoot {{ httpd_server_root }}
Listen {{ httpd_listen }}
Include conf.modules.d/*.conf
User apache
Group apache
## 'Main' server configuration
ServerAdmin {{ httpd_server_admin }}
{% if httpd_server_name is defined %}
ServerName {{ httpd_server_name }}
{% endif %}
ServerTokens {{ httpd_server_tokens }}
# Deny access to the entirety of your server's filesystem.
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot {{ httpd_document_root }}
# Relax access to content within /var/www.
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
# Further relax access to the default document root:
<Directory "{{ httpd_document_root }}">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# Load index.html if directory is requested
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
<Files ".ht*">
Require all denied
</Files>
# Logging
ErrorLog "{{ httpd_error_log }}"
LogLevel {{ httpd_log_level }}
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "{{ httpd_access_log }}" combined
</IfModule>
# CGI
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
# Supplemental configuration
IncludeOptional conf.d/*.conf
# vim: ft=apache
status.conf.j2 文件
[root@centos-160 ansible]# cat roles/httpd/templates/status.conf.j2
ExtendedStatus {{ httpd_extended_status }}
<Location "{{ httpd_status_location }}">
SetHandler server-status
Require {{ httpd_status_require }}
</Location>
ssl.conf.j2 文件
# Apache TLS configuration
#
# {{ ansible_managed }}
# Listen on port
Listen {{ httpd_listen_ssl }} https
## SSL Global Context
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
## SSL Virtual Host Context
<VirtualHost _default_:{{ httpd_listen_ssl }}>
SSLEngine on
ErrorLog {{ httpd_error_log_ssl }}
TransferLog {{ httpd_access_log }}
LogLevel {{ httpd_log_level_ssl }}
# Certificate files
SSLCertificateFile {{ httpd_cert_dir }}/{{ httpd_ssl_certificate_file }}
SSLCertificateKeyFile {{ httpd_key_dir }}/{{ httpd_ssl_certificate_key_file }}
{% if httpd_ssl_certificate_chain_file is defined %}
SSLCertificateChainFile {{ httpd_cert_dir }}/{{ httpd_ssl_certificate_chain_file }}
{% endif %}
{% if httpd_ssl_ca_certificate_file is defined %}
SSLCACertificateFile {{ httpd_cert_dir }}/{{ httpd_ssl_ca_certificate_file }}
{% endif %}
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
# SSL Configuration
# see https://mozilla.github.io/server-side-tls/ssl-config-generator/
SSLProtocol {{ httpd_ssl_protocol }}
SSLCipherSuite {{ httpd_ssl_cipher_suite }}
SSLHonorCipherOrder {{ httpd_ssl_honor_cipher_order }}
SSLCompression {{ httpd_ssl_compression }}
SSLSessionTickets {{ httpd_ssl_session_tickets }}
# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling {{ httpd_ssl_use_stapling }}
SSLStaplingResponderTimeout {{ httpd_ssl_stapling_responder_timeout }}
SSLStaplingReturnResponderErrors {{ httpd_ssl_stapling_return_responder_errors }}
SSLStaplingCache {{ httpd_ssl_stapling_cache }}
vars目錄
[root@centos-160 ansible]# tree ./roles/httpd/vars/
./roles/httpd/vars/
└── RedHat.yml
0 directories, 1 file
---
---
[root@centos-160 ansible]# cat ./roles/httpd/vars/RedHat.yml
# roles/httpd/vars/RedHat.yml
---
httpd_packages:
- hostname # needed for generating default certificate file
- httpd
- mod_ssl
httpd_config: /etc/httpd/conf/httpd.conf
httpd_ssl_config: /etc/httpd/conf.d/ssl.conf
httpd_status_config: /etc/httpd/conf.d/status.conf
httpd_cert_dir: /etc/pki/tls/certs
httpd_key_dir: /etc/pki/tls/private
[root@centos-160 ansible]#
安裝及驗(yàn)證
##安裝文件
[root@centos-160 ansible]# cat role_httpd.yml
---
- hosts: websrvs
remote_user: root
gather_facts: yes
roles:
- httpd
##驗(yàn)證
[root@centos-160 ansible]# curl https://10.0.0.161 -k
<h1> 10.0.0.161 TEST </h1>
[root@centos-160 ansible]# curl https://10.0.0.162 -k
<h1> 10.0.0.162 TEST </h1>
[root@centos-160 ansible]#
3浴捆、http的報(bào)文結(jié)構(gòu)和狀態(tài)碼總結(jié)
HTTP 報(bào)文結(jié)構(gòu)
參考鏈接:HTTP 消息 - HTTP | MDN (mozilla.org)
HTTP 消息是服務(wù)器和客戶端之間交換數(shù)據(jù)的方式选泻。有兩種類型的消息︰
請(qǐng)求(requests)-- 由客戶端發(fā)送用來觸發(fā)一個(gè)服務(wù)器上的動(dòng)作美莫;
響應(yīng)(responses)-- 來自服務(wù)器的應(yīng)答茂嗓。
HTTP 請(qǐng)求和響應(yīng)報(bào)文結(jié)構(gòu)由以下部分組成:
起始行 -- 用于描述要執(zhí)行的請(qǐng)求,或是對(duì)應(yīng)的響應(yīng)狀態(tài)忿族。
可選的HTTP頭集合 -- 指明請(qǐng)求或描述消息正文道批。
空白行 -- 指示所有關(guān)于請(qǐng)求的元數(shù)據(jù)已經(jīng)發(fā)送完畢
消息主體 -- 包含請(qǐng)求相關(guān)數(shù)據(jù)的正文入撒,或響應(yīng)的相關(guān)文檔茅逮。
請(qǐng)求報(bào)文和響應(yīng)報(bào)文結(jié)構(gòu)的具體說明如下:
- 請(qǐng)求報(bào)文
起始行 -- 在請(qǐng)求報(bào)文里亦稱為請(qǐng)求行,包括HTTP請(qǐng)求方法碉考、請(qǐng)求目標(biāo)(通常為URL)侯谁、HTTP協(xié)議版本章钾。
HTTP頭部集合 -- 在請(qǐng)求報(bào)文里亦稱為請(qǐng)求首部字段贱傀,總體可分組為通用首部字段、請(qǐng)求首部字段串纺、實(shí)體首部字段纺棺。
空行
消息主體 -- 在請(qǐng)求報(bào)文里亦稱為請(qǐng)求報(bào)文主體。注意并不是每一個(gè)請(qǐng)求報(bào)文都有消息主體茅撞。
- 響應(yīng)報(bào)文
起始行 -- 在響應(yīng)報(bào)文里亦稱為狀態(tài)行米丘,包括HTTP協(xié)議版本糊啡、響應(yīng)狀態(tài)碼棚蓄、狀態(tài)文本信息。
HTTP頭部集合 -- 在響應(yīng)報(bào)文里亦稱為響應(yīng)首部字段稍算,總體可分組為通用首部字段糊探、響應(yīng)首部字段河闰、實(shí)體首部字段淤击。
空行
消息主體 -- 在響應(yīng)報(bào)文里亦稱為響應(yīng)報(bào)文主體污抬。
HTTP 狀態(tài)碼總結(jié)
狀態(tài)碼通常以3位數(shù)字和原因短語組成绳军,主要分為以下5大類
100-199 信息響應(yīng)
200-299 成功響應(yīng)
300-399 重定向消息
400-499 客戶端錯(cuò)誤響應(yīng)
500-599 服務(wù)端錯(cuò)誤響應(yīng)
常用狀態(tài)碼
200 OK:請(qǐng)求成功门驾。
206 Partial Content:表示客戶端進(jìn)行了范圍請(qǐng)求,而服務(wù)器成功執(zhí)行了這部分的GET請(qǐng)求楣责。
301 Moved Permanently:永久重定向秆麸。請(qǐng)求資源的URL已永久更改沮趣。在響應(yīng)中給出了新的URL。
302 Found:臨時(shí)重定向驻龟。所請(qǐng)求資源的URI已暫時(shí)更改翁狐。未來可能會(huì)對(duì)URI進(jìn)行進(jìn)一步的改變凌蔬。
304 Not Modified:這是用于緩存的目的龟梦。它告訴客戶端響應(yīng)還沒有被修改计贰,因此客戶端可以繼續(xù)使用相同的緩存版本的響應(yīng)。
307 Temporary Redirect:臨時(shí)重定向荞怒。與302區(qū)別在于用戶代理不能更改使用的HTTP方法褐桌。
400 Bad Request:認(rèn)為請(qǐng)求存在語法錯(cuò)誤象迎,需修改請(qǐng)求砾淌。
401 Unauthorized:要求客戶端必須對(duì)自身進(jìn)行身份驗(yàn)證才能獲得請(qǐng)求的響應(yīng)汪厨。
403 Forbidden:客戶端沒有訪問內(nèi)容的權(quán)限。
404 Not Found:服務(wù)器找不到請(qǐng)求的資源织中。
500 Internal Server Error:表明服務(wù)器端在執(zhí)行請(qǐng)求時(shí)發(fā)生了錯(cuò)誤狭吼。
502 Bad Gateway:表示作為網(wǎng)關(guān)或代理角色的服務(wù)器,從上游服務(wù)器中接收到的響應(yīng)是無效的窿春。
503 Service Unavailable:表明服務(wù)器暫時(shí)處于超負(fù)載或正在進(jìn)行停機(jī)維護(hù)旧乞,現(xiàn)在無法處理請(qǐng)求尺栖。
504 Gateway Timeout:網(wǎng)關(guān)或者代理的服務(wù)器無法在規(guī)定的時(shí)間內(nèi)獲得想要的響應(yīng)烦租。
