Ansible雜記(2)

原創 fengyunjueding 2018-09-11 05:28

Ansible

Ansible playbook

YAML

1、表示多個任務

[root@master1 ~]# vim test.yml

tasks:
 - name: install a pkg
   yum: name=nginx state=latest
 - name: copy conf file
   copy: src= dest= state=
 - name: start nginx service
   service: name= state=

密鑰登錄

[root@master2 ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
82:35:43:4b:d8:4d:b5:71:78:12:60:9f:f6:56:45:bc [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|     ooo+o+o.  oo|
|    .o.o..o=.  ..|
|      =   =o  . .|
|     o o . . . E |
|    . . S   o    |
|       .   .     |
|                 |
|                 |
|                 |
+-----------------+

複製密鑰到遠端主機
[root@master2 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[root@master2 ~]# ssh 10.201.106.131 'hostname'
master1.com
[root@master2 ~]#

複習

創建組:
[root@master1 ~]# ansible websrvs -m group -a 'name=mysql gid=306 system=yes'

創建用戶,扔進mysql組
[root@master1 ~]# ansible websrvs -m user -a 'name=mysql uid=306 system=yes group=mysql'

複製:
[root@master1 ~]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.ansible. owner=root mode=640'

創建文件,並填寫內容
ansible all -m copy -a 'content="Hello Ansible\nHi MageEdu" dest=/tmp/test.ansible'
[root@node1 ~]# cat /tmp/test.ansible 
Hello Ansible
Hi MageEdu[root@node1 ~]# 

設置文件權限:
[root@master1 ~]# ansible all -m file -a 'owner=mysql group=mysql mode=644 path=/tmp/fstab.ansible.

創建鏈接文件:
[root@master1 ~]# ansible all -m file -a 'path=/tmp/fstab.link src=/tmp/fstab.ansible. state=link'

所有主機ping測試:
[root@master1 ~]# ansible all -m ping

啓動服務,並設置開機啓動:
上[root@master1 ~]# ansible websrvs -m service -a 'enabled=true name=httpd state=started'

通過shell模塊使用echo命令改密碼:
[root@master1 ~]# ansible all -m shell -a 'echo user1 | passwd --stdin user1'

執行腳本(僅支持相對路徑):
ansible all -m script -a "/tmp/test.sh"

安裝程序包:
ansible all -m yum -a 'name=zsh'

playbooks

1、創建nginx組,創建nginx用戶

[root@master1 ansible]# vim nginx.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: create nginx group
    group: name=nginx system=yes gid=208
  - name: create nginx user
    user: name=nginx uid=208 group=nginx system=yes

- hosts: dbsrvs
  remote_user: root
  tasks:
  - name: copy file to dbsrvs
    copy: src=/etc/inittab dest=/tmp/inittab.ans

運行劇本:
[root@master1 ansible]# ansible-playbook nginx.yml 

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.21]
ok: [10.201.106.22]

TASK [create nginx group] ******************************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

TASK [create nginx user] *******************************************************
changed: [10.201.106.21]
changed: [10.201.106.22]

PLAY [dbsrvs] ******************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.132]

TASK [copy file to dbsrvs] *****************************************************
changed: [10.201.106.22]
changed: [10.201.106.132]

PLAY RECAP *********************************************************************
10.201.106.132             : ok=2    changed=1    unreachable=0    failed=0   
10.201.106.21              : ok=3    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=5    changed=3    unreachable=0    failed=0   

[root@master1 ansible]#

2、httpd

2.1

[root@master1 ~]# mkdir conf
[root@master1 ~]# ls
anaconda-ks.cfg  ansible  conf  mbox  set_arp.sh
[root@master1 ~]# cp /etc/httpd/conf/httpd.conf conf/
接着把裏面的配置端口改成8080;

卸載原來的httpd
[root@master1 ~]# ansible websrvs -m yum -a 'name=httpd state=absent'

2.2 編寫YML腳本

[root@master1 ansible]# vim apache.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: install httpd package
    yum: name=httpd state=latest
  - name: install configuration file for httpd
    copy: src=/root/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
  - name: start httpd service
    service: enabled=true name=httpd state=started

2.3 觸發器編寫

[root@master1 ansible]# vim apache.yml 

- hosts: websrvs
  remote_user: root
  tasks:
  - name: install httpd package
    yum: name=httpd state=latest
  - name: install configuration file for httpd
    copy: src=/tmp/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify:                 #調用觸發器
    - restart httpd         #調用觸發器
  - name: start httpd service
    service: enabled=true name=httpd state=started
  handlers:                 #觸發器編寫
  - name: restart httpd
    service: name=httpd state=restarted

2.4 變量使用

[root@master1 ansible]# vim apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    copy: src=/tmp/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

3、變量實例

[root@master1 ansible]# vim test.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: copy file
    copy: content="{{ ansible_all_ipv4_addresses }}" dest=/tmp/var.ans

結果:
[root@node1 ~]# cat /tmp/var.ans 
["10.201.106.21"][root@node1 ~]#

4、inventory定義的主機變量引用

4.1

[root@master1 ansible]# cd /etc/ansible/
[root@master1 ansible]# vim hosts

[websrvs]
10.201.106.21 testvar="106.21"
10.201.106.22 testvar="106.22"

4.2 腳本

[root@master1 ansible]# vim test.yml 

- hosts: websrvs
  remote_user: root
  tasks:
  - name: copy file
    copy: content="{{ ansible_all_ipv4_addresses }}, {{ testvar }}" dest=/tmp/var.ans

結果:
[root@node1 ~]# cat /tmp/var.ans 
([u'10.201.106.21'], 106.21)[root@node1 ~]# 

[root@node2 ~]# cat /tmp/var.ans 
([u'10.201.106.22'], 106.22)[root@node2 ~]# 
[root@node2 ~]#

playbooks條件測試

1、條件判斷創建用戶

[root@master1 ansible]# vim cond.yml

- hosts: all
  remote_user: root
  vars:
  - username: user10
  tasks:
  - name: create {{ username }}
    user: name={{ username}}
    when: ansible_fqdn == "master2.com"

結果:
[root@master2 ~]# id user10
uid=1002(user10) gid=1002(user10) groups=1002(user10)
[root@master2 ~]#

template

1、httpd配置文件設置端口變量,達到多主機不同端口需求

1.1 編輯httpd配置文件

[root@master1 templates]# vim httpd.conf.j2 

Listen {{ http_port }}
MaxClients       {{ maxClients }}
ServerName {{ ansible_fqdn }}

1.2 在ansible主機配置裏配置變量值

[root@master1 templates]# vim /etc/ansible/hosts

[websrvs]
10.201.106.21 http_port=800 maxClients=100
10.201.106.22 http_port=8000 maxClients=200

1.3 修改YAML腳本

[root@master1 templates]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

Tage

1、修改腳本

[root@master1 ansible]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    tags:                   ###設置tags
    - conf                  ###設置tags
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

測試(運行相關tasks的列表):
[root@master1 ansible]# ansible-playbook apache.yml --tags="conf"

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [install configuration file for httpd] ************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

RUNNING HANDLER [restart httpd] ************************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

PLAY RECAP *********************************************************************
10.201.106.21              : ok=3    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=3    changed=2    unreachable=0    failed=0

2、特殊tags

2.1 修改腳本

[root@master1 ansible]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    tags:
    - conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
    tags:
    - servers
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

roles

1、創建目錄

[root@master1 ~]# mkdir -pv ansible_playbooks/roles/{websrvs,dbsrvs}/{tasks,files,templates,meta,handlers,vars}
mkdir: created directory ‘ansible_playbooks’
mkdir: created directory ‘ansible_playbooks/roles’
mkdir: created directory ‘ansible_playbooks/roles/websrvs’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/tasks’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/files’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/templates’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/meta’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/handlers’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/vars’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/tasks’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/files’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/templates’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/meta’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/handlers’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/vars’

[root@master1 ~]# tree ansible_playbooks/
ansible_playbooks/
└── roles
    ├── dbsrvs
    │   ├── files
    │   ├── handlers
    │   ├── meta
    │   ├── tasks
    │   ├── templates
    │   └── vars
    └── websrvs
        ├── files
        ├── handlers
        ├── meta
        ├── tasks
        ├── templates
        └── vars

2、

[root@master1 websrvs]# pwd
/root/ansible_playbooks/roles/websrvs
[root@master1 websrvs]# cp /tmp/httpd.conf files/

3、編寫腳本

[root@master1 websrvs]# vim tasks/main.yml

- name: install httpd package
  yum: name=httpd
- name: install configuration file
  copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
  tags:
  - conf
  notify:
  - restart httpd
- name: start httpd
  service: name=httpd state=started

4、編寫觸發器

[root@master1 websrvs]# vim handlers/main.yml

- name: restart httpd
  service: name=httpd state=restarted

5、定義變量

[root@master1 websrvs]# vim vars/main.yml

- http_port: 80
- maxClient: 200

6、定義site文件(playbooks)

[root@master1 ansible_playbooks]# pwd
/root/ansible_playbooks
[root@master1 ansible_playbooks]# vim site.yml

[root@master1 ansible_playbooks]# vim site.yml

- hosts: websrvs
  remote_user: root
  roles:
  - websrvs

運行任務正常:
[root@master1 ansible_playbooks]# ansible-playbook site.yml 

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [websrvs : install httpd package] *****************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [websrvs : install configuration file] ************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

TASK [websrvs : start httpd] ***************************************************
ok: [10.201.106.21]
ok: [10.201.106.22]

RUNNING HANDLER [websrvs : restart httpd] **************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

PLAY RECAP *********************************************************************
10.201.106.21              : ok=5    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=5    changed=2    unreachable=0    failed=0

7、演示別的效果

7.1

[root@master1 ansible_playbooks]# vim site.yml 

- hosts: 10.201.106.21
  remote_user: root
  roles:
  - websrvs

- hosts: 10.201.106.22
  remote_user: root
  roles:
  - dbsrvs

- hosts: 10.201.106.132
  remote_user: root
  roles:
  - websrvs
  - dbsrvs

7.2 定義dbsrvs

[root@master1 dbsrvs]# pwd
/root/ansible_playbooks/roles/dbsrvs

[root@master2 ~]# scp /etc/my.cnf 10.201.106.131:/root/ansible_playbooks/roles/dbsrvs/files/
my.cnf                                           100%  570     0.6KB/s   00:00  

[root@master1 dbsrvs]# vim tasks/main.yml

- name: install mysql package
  yum: name=mariadb-server state=latest
- name: install configuration file
  copy: src=my.cnf dest=/etc/my.cnf
  tags:
  - myconf
  notify:
  - restart mysqld
- name: start mysql service
  service: name=mariadb enabled=true state=started

定義觸發器:
[root@master1 dbsrvs]# vim handlers/main.yml

- name: restart mysqld
  service: name=mariadb state=restarted

測試:
[root@master1 ansible_playbooks]# ansible-playbook site.yml
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

我決定停止日更

魔卡洛娜 2019-02-24 13:38:08

Day9 | 嗨,週末愉快~

Darling的成長筆記 2019-02-24 13:22:52

Day10|人啊~

Darling的成長筆記 2019-02-24 13:22:52

路由交換基礎 (推薦)

spoilsin 2019-02-23 13:37:36

Linux基礎系列之--Linux基礎入門

靜思知意 2019-02-23 13:23:52

shell基礎(自己看視頻寫的,不是特別全)

煞筆猖獗 2019-02-23 13:14:44

燒一根不均勻的繩,從頭燒到尾總共需要1個小時

zhouyi05404 2019-02-23 13:11:32

Linux基礎的調優及安全設置

Aslfe 2019-02-23 13:05:53

Linux基礎命令及快捷方式(未完版)

Aslfe 2019-02-23 13:05:42

python 基礎(一)

ROMMEL_X 2019-02-23 00:40:03

python 基礎(二)

ROMMEL_X 2019-02-23 00:40:03

NumPy基礎(一)

ROMMEL_X 2019-02-23 00:40:03

J2SE基礎-構造方法總結

yekang12 2019-02-23 00:39:43

J2SE_構造方法總結

yekang12 2019-02-23 00:39:41

Python基礎學習

ToFgetU 2019-02-23 00:39:19