ansible进阶playbook与Roles
//
# ansible之playbook
playbook的配置语法是由yaml语法描述的,扩展名是yaml,
缩进:YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用tabs。
冒号:以冒号结尾的除外,其他所有冒号后面所有必须有空格。
短横线:表示列表项,使用一个短横杠加一个空格。多个项使用同样的缩进级别作为同一列表。
playbook 执行结果返回
红色: 表示有task执行失败或者提醒的信息
黄色:表示执行了且改变了远程主机状态
绿色:表示执行成功
# playbook举例
- 检测语法
ansible-playbook --syntax-check f1.yaml
- 模拟运行
ansible-playbook -C f1.yaml
- 配置密钥,与主机组名
[root@manage-01 ansible]# tail /etc/ansible/hosts
[all]
192.168.108.101
192.168.108.103
192.168.108.105
[game1]
192.168.108.101
[game2]
192.168.108.103
192.168.108.105
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
- f1.yaml 创建一个简单的目录和文件
创建一个 /tmp/yfklife 的目录,创建/tmp/yfklife/yfklife 文件 ignore_errors: yes 跳过错误
- hosts: all
remote_user: root
vars:
file_name: yfklife
tasks:
- name: Ignore Error
command: test -f no_exist_file
ignore_errors: yes
- name: Create Dir
file: path=/tmp/{{ file_name }} state=directory
- name: Create New File
file: name=/tmp/{{ file_name }}/{{ file_name }} state=touch
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
ansible-playbook f1.yml
# playbook参数变量
如果定义的变量出现重复,且造成冲突,优先级如下:
1.extra-vars外置传参的优先级最高 [所有执行的主机都生效]
2.定义在yml文件中的优先级其次 [所有执行的主机都生效]
3.hosts文件中定义的变量优先级最低 [当前主机组定义会生效]
- f2.yaml 执行参数赋给变量"--extra-vars"
创建一个 /tmp/yfk-vars 的目录
- hosts: game1
remote_user: root
vars:
file_name: yfk1
tasks:
- name: Create Dir
file: path=/tmp/{{ file_name }} state=directory
1
2
3
4
5
6
7
2
3
4
5
6
7
外面的覆盖里面的
ansible-playbook f2.yml --extra-vars "file_name=yfk-vars"
- f3.yaml 赋给变量"/etc/ansible/hosts"
创建目录 /tmp/yfk_filename
cat /etc/ansible/hosts
[game1]
192.168.108.101
[game1:vars]
file_name=yfk_filename
1
2
3
4
2
3
4
cat f3.yml
- hosts: all
tasks:
- name: Create New File
file: path=/tmp/{{ file_name }} state=touch
1
2
3
4
2
3
4
ansible-playbook f3.yml
# playbook变量注册
- f4.yaml playbook变量注册
把查看的端口保存到 System_Status,通过debug模块输出
- hosts: all
tasks:
- name:
shell: netstat -lntp
register: System_Status
- name: Get System Port
debug: msg={{System_Status.stdout_lines}}
1
2
3
4
5
6
7
2
3
4
5
6
7
# playbook条件语句
- f5.yaml
- hosts: all
remote_user: root
tasks:
- name: Create File
file: path=/tmp/hostname_{{ ansible_hostname }}_file state=touch
when: (ansible_hostname == "manage-01") or (ansible_hostname == "backup")
- name: Centos Install iftop
yum: name=iftop state=present
when: (ansible_distribution == "CentOS")
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
# playbook循环语句
- f6.yaml
- hosts: all
remote_user: root
tasks:
- name: Installed tool
yum: name={{ item }} state=present
with_items:
- wget
- tree
- lrzsz
- net-tools
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
- hosts: game1
remote_user: root
tasks:
- name: Add user Group
group: name={{ item.name }} gid={{ item.group }} state=present
with_items:
- { name: 'yfk1',group: '2000' }
- { name: 'yfk2',group: '2001' }
- name: Add Users
user: name={{ item.name }} uid={{ item.uid }} group={{ item.group }} state=present
with_items:
- { name: 'yfk1', uid: '2000', group: '2000' }
- { name: 'yfk2', uid: '2001', group: '2001' }
- name: Configure Rsync Server
copy: src={{ item.src }} dest=/etc/{{ item.dest }} mode={{ item.mode }}
with_items:
- {src: "rsyncd.conf", dest: "rsyncd.conf", mode: "0644"}
- {src: "rsync.passwd", dest: "rsync.passwd", mode: "0600"}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# playbook标签
标签使用,通过tags和任务对象进行捆绑,控制部分或者指定的task执行
对一个对象打一个标签
对一个对象打多个标签
对多个对象打一个标签
-t: 执行指定的tag标签任务,多个tags使用逗号隔开即可
--skip-tags: 执行--skip-tags之外的标签任务
- f7.yaml
- hosts: game1
remote_user: root
tasks:
- name: Install Nfs Server
yum: name=nfs-utils state=present
tags:
- install_nfs
- no_install_nfs
- name: Service Nfs Server
service: name=nfs-server state=started enabled=yes
ignore_errors: yes
tags: start_nfs_server
- name: View hostname
shell: hostname
register: Get_Hostname
tags: test
- name: Print Hostname
debug: msg={{Get_Hostname.stdout_lines}}
tags: test
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
指定标签执行,多个标签,逗号隔开,没有选择的不会执行
ansible-playbook -t test f7.yaml
指定选择的标签不执行,其余都执行,包含没有标签的
ansible-playbook --skip-tags no_install_nfs f7.yaml
ansible-playbook --skip-tags test f7.yaml
不携带标签参数,都执行
ansible-playbook f7.yaml
# playbook触发件 Handlers
当修改nginx配置的时候,触发handlers下对应的操作
[root@manage-01 ansible]# cat nginx/conf.d/test.conf
server {
listen {{ http_port }};
server_name test.yfklife.cn;
root /data;
index index.html index.htm;
}
1
2
3
4
5
6
7
2
3
4
5
6
7
- f8.yaml
- hosts: game1
remote_user: root
vars:
http_port: 80
nginx_workdir: /etc/nginx/conf.d
tasks:
- name: Install Nginx Server
yum: name=nginx state=present
when: (ansible_hostname == "manage-01")
tags:
- install_nginx
- no_install_nginx
- name: Configure Nginx Server
template: src=nginx/conf.d/test.conf dest={{ nginx_workdir }}/test.conf
notify: Restart Nginx Server
- name: Service nginx start
service: name=nginx state=started enabled=yes
- name: Get nginx Status
shell: netstat -tnlp|grep nginx
register: Get_nginx_port
tags: get_nginx_port
- name: Print nginx port
debug: msg={{Get_nginx_port.stdout_lines}}
tags: get_nginx_port
handlers:
- name: Restart Nginx Server
service: name=nginx state=restarted
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# playbook Include
- f9.yaml
[root@manage-01 ~]# cat f9.yaml
- hosts: all
remote_user: root
tasks:
- include_tasks: sub01.yml
- include_tasks: sub02.yml
#sub01.yml
[root@manage-01 ~]# cat sub01.yml
- name: create file1
command: touch /tmp/file1
#sub02.yml
[root@manage-01 ~]# cat sub02.yml
- name: create file2
command: touch /tmp/file2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
- palybook import
[root@manage-01 ~]# cat main2.yaml
- import_playbook: f1.yaml
- import_playbook: f2.yaml
- import_playbook: f3.yaml
1
2
3
4
2
3
4
# ansible之roles
ansible roles 角色,适合大规模使用
playbook如果文件较多的情况,不清楚哪些主机执行了哪些状态的yml文件
roles能清楚哪些主机应用哪些角色
工作目录:/etc/ansible/roles
- 官方目录定义
mkdir {nfs,rsync,web}/{vars,tasks,templates,handlers,files,group_vars} -p
| 目录名 | 说明 |
|---|---|
| nfs ,rsync ,web | 服务名 |
| file | 存放文件 |
| handlers | 触发任务 |
| tasks | 具体任务 |
| templates | 模板文件 |
| vars/group_vars | 存放变量 |
roles变量定义方式
- 在vars目录下创建一个main.yml 定义
- 在roles目录下创建一个group_vars定义,可以是主机组的名称,也可以是all(所有)
# 使用roles创建Rsync服务,
- 目录结构如下
[root@manage-01 roles]# tree /etc/ansible/roles/
/etc/ansible/roles/
├── group_vars
│ └── all
├── hosts
├── rsync
│ ├── files
│ │ └── rsyncd.conf
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ │ └── rsync.passwd
│ └── vars
├── site.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# roles文件分解
- group_vars/all
#rsync_User
rsync_user: rsync_backup
rsync_pass: Yfk12357
1
2
3
2
3
- hosts
[backup]
192.168.108.101
1
2
2
- site.yml
- hosts: backup
remote_user: root
roles:
- rsync
1
2
3
4
2
3
4
- tasks/main.yml
- name: Install Rsync Server
yum: name=rsync state=present
- name: Configure Rsync Server
copy: src={{ item.src }} dest=/etc/{{ item.dest }} mode={{ item.mode }}
with_items:
- {src: "rsyncd.conf", dest: "rsyncd.conf", mode: "0644"}
notify: Restart Rsync Server
- name: Configure Rsync pass
template: src=rsync.passwd dest=/etc/rsync.passwd mode=0600
notify: Restart Rsync Server
- name: Start Rsync Server
service: name=rsyncd state=started enabled=yes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
- handlers/main.yml
- name: Restart Rsync Server
service: name=rsyncd state=restarted
1
2
2
- files
ll files/
total 8
-rw-r--r-- 1 root root 322 Aug 5 10:12 rsyncd.conf
1
2
3
2
3
- templates/rsync.passwd
{{ rsync_user }}:{{ rsync_pass }}
1
- 执行roles,使用-t指定执行测试rsync角色
ansible-playbook -i hosts -t rsync site.yml
# 个人存储下载地址。。。
#roles安装 Nginx,php
https://download.yfklife.cn/blog/ops/ansible/ansible_nginx1.14.tar.gz
https://download.yfklife.cn/blog/ops/ansible/ansible_php7.2.6.tar.gz
1
2
3
4
2
3
4
//
如果此文章对您有帮助,点击 -->> 请博主喝咖啡 (opens new window)
上次更新: 2023/11/20, 16:23:11