1.使用变量
1.ansible先实现rsync
[root@manager ~]# cd ansible_tasks/
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
################################
[backup]
path = /backup
[root@manager ~]# vim rsync.yml
- hosts: webservers
tasks:
- name: Install Rsync Server
yum:
name: rsync
state: present
- name: Configure Rsync Server
copy:
src: ./rsyncd.conf.j2
dest: /etc/rsyncd.conf
notify: Restart Rsync Server
- name: Copy Rsync Server Virtual PassFile
copy:
src: rsync.passwd.j2
dest: /etc/rsync.passwd
owner: root
group: root
mode: 0600
- name: Init Rsync Server-Group
group:
name: www
gid: 666
- name: Init Rsync Server-User
user:
name: www
uid: 666
group: www
create_home: no
shell: /sbin/nologin
- name: Create Rsync Server Data Directory
file:
path: /backup
state: directory
owner: www
group: www
mode: 755
- name: Started Rsync Server
systemd:
name: rsyncd
state: started
enabled: yes
handlers:
- name: Restart Rsync Server
systemd:
name: rsyncd
state: restarted
- 使用变量的方式设置rsync
[root@manager ansible_tasks]# cat rsync.yml
- hosts: webservers
vars:
- rsync_uid: test
- rsync_gid: test
- data_dir: test
tasks:
- name: Install Rsync Server
yum:
name: rsync
state: present
- name: Configure Rsync Server And Virtual PassFile
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- { src: ./rsyncd.conf.j2 , dest: /etc/rsyncd.conf , mode: "0644" }
- { src: ./rsync.passwd.j2 , dest: /etc/rsync.passwd , mode: "0600" }
notify: Restart Rsync Server
- name: Init Rsync Server-Group
group:
name: "{{ rsync_gid }}"
gid: 6661
- name: Init Rsync Server-User
user:
name: "{{ rsync_uid }}"
uid: 6661
group: "{{ rsync_gid }}"
create_home: no
shell: /sbin/nologin
- name: Create Rsync Server Data Directory
file:
path: /{{data_dir}}
state: directory
owner: "{{ rsync_uid }}"
group: "{{ rsync_gid }}"
mode: 0755
- name: Started Rsync Server
systemd:
name: rsyncd
state: started
enabled: yes
handlers:
- name: Restart Rsync Server
systemd:
name: rsyncd
state: restarted
2.编写一个php-fpm服务playbook,需要检测语法
[root@manager ansible_tasks]# cat php-fpm.yml
- hosts: webservers
tasks:
- name: Configure PHP-FPM Server
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: ./php.ini.j2 , dest: /etc/php.ini }
- { src: ./php_www.conf.j2 , dest: /etc/php-fpm.d/www.conf }
notify: Restart PHP Server
- name: Check PHP Configure File
shell: php-fpm -t
register: check_php
changed_when:
- false
- check_php.stdout.find('successful')
- name: Started PHP Server
systemd:
name: php-fpm
state: started
enabled: yes
handlers:
- name: Restart PHP Server
systemd:
name: php-fpm
state: restarted
3.ansible的jinja2配置nginx
[root@manager ansible_roles]# cat proxy_blog.oldxu.com.conf.j2
upstream {{ blog_site }} {
{% for host in groups['webservers'] %}
server {{ host }};
{% endfor %}
server {
listen 80;
server_name {{ blog_site }};
location / {
proxy_pass http://{{ blog_site }};
include proxy_params;
}
}
[root@manager ansible_roles]# cat nginx_proxy.yml
- hosts: webservers
vars:
- blog_site: blog.oldxu.com
tasks:
- name: Configure Nginx Proxy Vurtual File
template:
src: ./proxy_blog.oldxu.com.conf.j2
dest: /tmp/proxy_blog.oldxu.com.conf
4.keepalived: 判断
4.1方式一
[root@manager ansible_roles]# cat keepalived.yml
- hosts: lbservers
tasks:
- name: Install Keepalived Server
yum:
name: keepalived
state: present
- name: Configure Keepalived Server
copy:
src: ./keepalived-master.conf.j2
dest: /etc/keepalived/keepalived.conf
when: ( ansible_hostname == "lb01" )
notify: Restart Keepalived Server
- name: Configure Keepalived Server
copy:
src: ./keepalived-backup.conf.j2
dest: /etc/keepalived/keepalived.conf
when: ( ansible_hostname == "lb02" )
notify: Restart Keepalived Server
- name: Started Keepalived Server
systemd:
name: keepalived
state: started
enabled: yes
handlers:
- name: Restart Keepalived Server
systemd:
name: keepalived
state: restarted
4.2inventory 方式来实现
[lbservers]
172.16.1.5 state=MASTER priority=150
172.16.1.6 state=BACKUP priority=120
[root@manager ansible_roles]# cat keepalived-template.conf.j2
global_defs {
router_id {{ ansible_hostname }}
}
vrrp_instance VI_1 {
state {{ state }}
priority {{ priority }}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@manager ansible_roles]# cat keepalived.yml
- hosts: lbservers
tasks:
- name: Install Keepalived Server
yum:
name: keepalived
state: present
- name: Configure Keepalived Server
template:
src: keepalived-template.conf.j2
dest: /etc/keepalived/keepalived.conf
notify: Restart Keepalived Server
- name: Started Keepalived Server
systemd:
name: keepalived
state: started
enabled: yes
handlers:
- name: Restart Keepalived Server
systemd:
name: keepalived
state: restarted
4.3使用 jinja方式来实现
[root@manager ansible_roles]# cat hosts
[lbservers]
172.16.1.5
172.16.1.6
[root@manager ansible_roles]# cat keepalived-template.conf.j2
global_defs {
router_id {{ ansible_hostname }}
}
vrrp_instance VI_1 {
{% if ansible_hostname == "lb01" %}
state MASTER
priority 200
{% elif ansible_hostname == "lb02" %}
state BACKUP
priority 100
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@manager ansible_roles]# cat keepalived.yml
- hosts: lbservers
tasks:
- name: Install Keepalived Server
yum:
name: keepalived
state: present
- name: Configure Keepalived Server
template:
src: keepalived-template.conf.j2
dest: /etc/keepalived/keepalived.conf
notify: Restart Keepalived Server
- name: Started Keepalived Server
systemd:
name: keepalived
state: started
enabled: yes
handlers:
- name: Restart Keepalived Server
systemd:
name: keepalived
state: restarted
5.Ansible Roles
#目录结构必须为这样
[root@manager ansible_roles_prod]# mkdir nfs/{tasks,handlers,templates,vars} -p
[root@manager ansible_roles_prod]# cat nfs/templates/exports.j2
/data 172.16.1.0/24(rw,async,all_squash,anonuid=666,anongid=666)
[root@manager ansible_roles_prod]# cat nfs/tasks/main.yml
- name: Install NFS Server
yum:
name: nfs-utils
state: present
- name: Configure NFS Server
template:
src: exports.j2
dest: /etc/exports
notify: Restart NFS Server
- name: Init NFS Server
group:
name: www
gid: 666
- name: Init NFS Server
user:
name: www
uid: 666
group: www
- name: Init NFS Share Directory
file:
path: /data
state: directory
owner: www
group: www
- name: Started NFS Server
systemd:
name: nfs
state: started
enabled: yes
[root@manager ansible_roles_prod]# cat nfs/handlers/main.yml
- name: Restart NFS Server
systemd:
name: nfs
state: restarted