Ansible 角色(roles )

跻峰造极

已于 2024-09-11 16:30:19 修改

阅读量417

点赞数 9

于 2024-09-11 16:28:42 首次发布

本文链接：https://blog.csdn.net/2301_77288972/article/details/142143365

版权

1.创建角色目录
mkdir /home/aa/aa-ansible/roles

在aa的ansible配置文件中，指定roles目录
cd /home/aa/aa-ansible

vi ansible.cfg
在[defaults]标签下，指定roles路径
roles_path=/home//jay-ansible/roles

2.创建角色相关目录，比如web角色，创建web目录，创建db角色的目录
mkdir /home/jay/jay-ansible/roles/web
mkdir /home/jay/jay-ansible/roles/db
.....
mkdir /home/jay/jay-ansible/roles/normal

3.创建角色对应的功能目录
cd /home/jay/jay-ansible/roles/web
mkdir defaults files handlers meta tasks templates vars

切换回管理员，安装tree树形目录工具（为了更好展示功能目录结构）
su
yum install tree -y

tree /home/jay/jay-ansible/roles/web

重复以上步骤，为db，init角色创建功能目录
（或者可以迭代创建角色功能目录：）
cd /home/jay/jay-ansible

mkdir -pv roles/{normal,web,db}/{defaluts,tasks,handlers,vars,meta,files,templates}
-----------------------------------------------------------------------
使用roles功能：
将以下剧本任务，拆分到对应角色功能目录中

为所有主机安装httpd，配置防火墙（放行http服务）

编写playbook：

- hosts: all
tasks:
- name: 列出所有安装源文件
shell: ls /etc/yum.repos.d
register: cc
tags: a1
- name: 清空安装源
file:
path: /etc/yum.repos.d/{{ item }}
state: absent
with_items:
- "{{ cc.stdout_lines }}"
tags: a2
- name: 拷贝光碟源文件
copy:
src: cdrom.repo
dest: /etc/yum.repos.d
tags: a3
- name: 挂载光碟
mount:
src: /dev/cdrom
path: /mnt
state: mounted
fstype: iso9660
tags: a4
- name: 为主机安装http
yum:
name: httpd
state: installed
- name: 启动httpd服务
service:
name: httpd
state: started
enabled: true
- name: 配置防火墙
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes

1）将a1,a2,a3,a4任务，写到normal（通用角色）功能目录tasks中的main.yml中
touch /home/jay/jay-ansible/roles/init/tasks/main.yml
vi /home/jay/jay-ansible/roles/init/tasks/main.yml

- name: 列出所有安装源文件
shell: ls /etc/yum.repos.d
register: cc
- name: 清空安装源
file:
path: /etc/yum.repos.d/{{ item }}
state: absent
with_items:
- "{{ cc.stdout_lines }}"
- name: 拷贝光碟源文件
copy:
src: cdrom.repo
dest: /etc/yum.repos.d
- name: 挂载光碟
mount:
src: /dev/cdrom
path: /mnt
state: mounted
fstype: iso966

2）配置web角色的功能目录任务
touch /home/jay/jay-ansible/roles/web/tasks/main.yml
vi /home/jay/jay-ansible/roles/web/tasks/main.yml

- name: 安装httpd
yum:
name: httpd
state: installed
- name: 配置防火墙
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: 启动httpd,加入开机自启
service:
name: httpd
state: started
enabled: true

3）在jay的ansible工作目录中，编写主剧本，比如aaa.yml
1）为所有主机配置光碟源
2）为web组内主机安装httpd，并加入开机自启

vi aaa.yml
- hosts: all
roles:
- init
- hosts: webs
roles:
- web

------------------------------------------------------------------------
尝试自己配置 db（数据库角色）功能目录，为db组内主机配置光碟源，安装mariadb

1）创建db数据库角色目录以及功能目录
mkdir -pv /home/jay/jay-ansible/roles/db/{defaluts,tasks,handlers,vars,meta,files,templates}

2）编写db数据库角色主任务yml文件
vi /home/jay/jay-ansible/roles/db/tasks/main.yml

- name: 安装数据库
yum:
name: mariadb-server
state: started
- name: 启动服务，加入开机自启
service:
name: mariadb
state: started
enabled: true
- name: 初始化数据库
script: /home/jay/jay-ansible/db.sh
- name: 防火墙放行mysql服务
firewalld:
service: mysql
permanent: yes
enabled: true
immediate: yes
- name: 防火墙放行3306端口
firewalld:
port: 3306/tcp
permanent: yes
enabled: yes
immediate: yes

-----------------------------
为db组内主机安装mariadb

- hosts: dbs
- roles: normal
- roles: db
----------------------------------------------
场景：
[防火墙不允许关闭]
1.为所有服务器安装httpd
2.dbs组的httpd开放8080端口
3.webs组的httpd开放8088端口
4.为dbs组安装mariadb，并启动服务，加入开机

[dbs]
192.168.10.10 ansible_become_method='su' ansible_become_user='root' ansible_become_pass='123456'
[webs]
192.168.10.100 ansible_become_method='su' ansible_become_user='root' ansible_become_pass='1'
192.168.10.77 ansible_become_method='su' ansible_become_user='root' ansible_become_pass='1'

编写剧本：
- hosts: all
tasks:
- name: 列出主机软件库目录所有文件
shell: ls /etc/yum.repos.d
register: d
- name: 清除所有默认安装源文件
file:
path: /etc/yum.repos.d/{{ item }}
state: absent
with_items:
- "{{ d.stdout_lines }}"
- name: 拷贝本地光碟源文件
copy:
src: cdrom.repo
dest: /etc/yum.repos.d
- name: 挂载光碟
mount:
src: /dev/cdrom
path: /mnt
state: mounted
fstype: iso9660
- name: 安装httpd
yum:
name: httpd
state: installed
- name: 拷贝模块httpd.conf.j2
template:
src: httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
notify: restart httpd

handlers:
- name: restart httpd
service:
name: httpd
state: restarted
--------------------------------------------------------------
将以上任务，使用角色功能实现
编写主文件：
vi ccc.yml

- hosts: dbs
pre_tasks:
- name: 开启防火墙
service:
name: firewalld
state: started
roles:
- normal
- web
- db
post_tasks:
- name: 放行服务mysql
firewalld:
service: mysql
permanent: yes
state: enabled
immediate: yes
- name: 放行服务http
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: 放行3306端口
firewalld:
port: 3306/tcp
permanent: yes
state: enabled
immediate: yes
- name: 放行8080端口
firewalld:
port: 8080/tcp
permanent: yes
state: enabled
immediate: yes

- hosts: webs
pre_tasks:
- name: 开启防火墙
service:
name: firewalld
state: started
roles:
- web
- db
post_tasks:
- name: 放行服务http
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: 放行8088端口
firewalld:
port: 8088/tcp
permanent: yes
state: enabled
immediate: yes

1. 创建web角色目录以及功能目录
2.将httpd.conf.j2入到template功能目录中
3.在web角色的handlers目录上，创建main.yml，写入触发任务
vi /home/jay/jay-ansible/roles/web/handlers/main.yml
- name: restart httpd
service:
name: httpd
state: restarted
4.编写web角色的主任务文件：
vi /home/jay/jay-ansible/roles/web/tasks/main.yml
- name: install httpd
yum:
name: httpd
state: installed
- name: 启动httpd，加入开机
service:
name: httpd
state: started
5.在web角色的vars变量目录的main.yml写入变量
vi /home/jay/jay-ansible/roles/web/vars/main.yml
变量的写法：
{"bb": 8088}

跻峰造极

关注

9
点赞
踩
7

收藏

觉得还不错? 一键收藏
0
评论
Ansible 角色(roles )

1）将a1,a2,a3,a4任务，写到normal（通用角色）功能目录tasks中的main.yml中。尝试自己配置 db（数据库角色）功能目录，为db组内主机配置光碟源，安装mariadb。3.在web角色的handlers目录上，创建main.yml，写入触发任务。2.创建角色相关目录，比如web角色，创建web目录，创建db角色的目录。3）在jay的ansible工作目录中，编写主剧本，比如aaa.yml。- name: 列出主机软件库目录所有文件。重复以上步骤，为db，init角色创建功能目录。
复制链接

扫一扫