ansiblle技术简介
文章目录
ansible
ansible简介
Ansible是自动化运维工具,支持RedHat、Debian、Windows
- 软件部署自动化
- 配置自动化
- 管理自动化
- 持续集成
- 零宕机持续集成
工作机制
调用关系
安装
brew install python
pip3 install PyYAML
pip3 install Jinja2
yaml语法
文件开始符
---
数组
- element1
- element2
- element3
字典
key : value
# An employee record
Employee:
name: Martin Green
jon: Dev
skill: java
字典和数组的嵌套
Employee:
name: Martin Green
job: Dev
skills:
- python
- lua
- java
jinya简介
主机清单Inventory
– host文件
mail.shangye.com
[severgroup]
ones.shangye.com
twos.shangye.com
threes.shangye.com
[webgroup]
web[01:50].shangye.com
[databases]
db-[a:f].shangye.com
与每台机器通过ssh通信
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.179.129
ssh-keyscan 192.168.179.129 >> ~/.ssh/known_hosts
ansible两种运行方式
ad-hoc 命令行
playbook 脚本化
Ad-Hoc
ansible all -m ping
ansible webgroup -m ping -u root
ansible all -a "/bin/echo hi"
ansible severgroup -a "/sbin/reboot" -f 10
ansible webgroup -m yum -a "name=nginx state=installed"
ansible severgroup -m service -a "name=nginx state=started"
常用模块
- ping 连接成功返回pong
- debug 打印信息,类似echo
- copy 从本地复制文件到远程节点
- template 从本地复制文件到远程节点,并进行变量替换
- file 设置文件属性
- user 管理用户账户
- yum RedHat系列linux上的包管理
- service 管理服务
- firewalld 管理防火墙中的服务和端口
- shell 在远程节点上执行shell命令,支持$HOME,<,>,|,;,&
- command 在远程节点上执行shell命令,不支持$HOME,<,>,|,;,&
debug
debug:
msg: "System {{inventory_hostname}} has gateway {{ansible_default_ipv4.gateway}}"
file
- name: "改变文件权限"
file:
path: /etc/foo.conf
owner: foo
group: foo
mode: 0644
- name: "创建软链接"
file:
src: /file/link
dest: /path/symlink
owner: foo
group: foo
state: link
- name: "创建文件"
file:
path: /file/newinfo
state: touch
state: "u=rw,g=r,o=r"
- name: "创建文件夹"
file:
path: /file/new_directory
state: directory
state: 0755
yum
- name: "安装最新的apache包"
yum:
name: httpd
state: latest
- name: "删除apache包"
yum:
name: httpd
state: absent
service
- name: "启动服务"
service:
name: httpd
state: started
- name: "关闭服务"
service:
name: httpd
state: stopped
- name: "重启服务"
service:
name: httpd
state: restarted
- name: "重载服务"
service:
name: httpd
state: reloaded
- name: "开机启动服务"
service:
name: httpd
enabled: yes
firewalld
- name: "开启https"
firewalld:
service: https
permanent: true
state: enabled
- name: "开启端口80"
firewalld:
prot: 80/tcp
permanent: true
state: enabled
shell
- shell: echo "Test1" > ~/tmp/test1
- shell: service httpd start && chkconfig httpd on
- shell: echo foo >> ~/tmp/test1
- shell: some_script.sh >> some.log
- shell: some_script.sh >> some.log
args:
chdir: another_dir/
creates: some.log
- shell: cat < /tmp/\*txt
args:
executealbe: /bin/bash
playbook
安装apache同时开启80端口提供http服务
- hosts: webserver
user: root
vars:
msg: "It's a nice day!"
tasks:
- name: "install the lastest version of Apache"
yum:
name: httpd
state: latest
notify: restart apache
- name: "Write the default index.html file"
template:
src: templates/index.html.j2
dest: /var/www/html/index.html
- name: "config http"
firewalld:
service: http
permanent: true
state: enabled
- name: "config port 80"
firewalld:
port: 80/tcp
permanent: true
state: enabled
- name: "restart firewalld"
service:
name: firewalld
state: restarted
handlers:
- name: "restart apache"
service:
name: httpd
state: restarted
role
角色的目录结构
角色的pre_tasks和post_tasks
---
- hosts: all
user: root
pre_tasks:
- name: pre task
shell: echo 'hello' in pre_tasks
roles:
- { role: init_dibian, when: "ansible_os_family== 'Dibian'" }
- { role: nginx_install }
tasks:
- name: do sth
debug: msg="This is a task"
post_tasks:
- name: post task
shell: echo 'goodbye' in post_tasks
tags
可以给每个任务打标签,区别执行各个任务
# file tags_example.yml
---
hosts: webserver
user: root
tasks:
- yum: name={{ item }}, state=installed
with_items:
- httpd
tags:
- packages
- name: "copy httpd.confg"
template: src=template/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
tags:
- configuration
- name: copy index.html
template: src=template/index.html.j2 dest=/var/www/html/index.html
tags:
- configuration
执行命令安装包 ansible-playbook -i hosts tags_example.yml --tags “packages”
执行命令进行配置 ansible-playbook -i hosts tags_example.yml --tags “configuration”
ansible galaxy
官方网站
角色信息
角色获取
ansible-galaxy install davidwittman.redis -p /Users/zhongwei/mywork/learn/ansible/roles
相关资料
简介 | 链接 |
---|---|
ansible文档 | https://docs.ansible.com/ |
ansible文档 | http://getansible.com/mulu |
ansible视频 | https://www.ansible.com/resources/webinars-training/introduction-to-ansible |
ansible角色 | https://galaxy.ansible.com |
jinya官网 | http://jinja.pocoo.org/docs/2.10/ |