创建角色
[root@server roles]# ansible-galaxy init haproxy
- Role haproxy was created successfully
[root@server roles]# ansible-galaxy init httpd
- Role httpd was created successfully
在node2上部署httpd
编写角色playbook
[root@server roles]# cd httpd/
[root@server httpd]# ls
defaults files handlers meta README.md tasks templates tests vars
[root@server httpd]# vim tasks/main.yml
[root@server httpd]# cat tasks/main.yml
---
# tasks file for httpd
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: no
- name: stop selinux
lineinfile:
path: /etc/selinux/config
regexp: "^SELINUX="
line: SELINUX=disabled
- name: stop selinux
shell:
cmd: setenforce 0
- name: mount cdrom
mount:
src: /dev/cdrom
path: /mnt
fstype: iso9660
state: mounted
- name: set repo1
yum_repository:
file: server
name: aa
description: aa1
baseurl: file:///mnt/BaseOS
enabled: yes
gpgcheck: no
- name: set repo2
yum_repository:
file: server
name: bb
description: bb1
baseurl: file:///mnt/AppStream
enabled: yes
gpgcheck: no
- name: install
yum:
name: httpd
state: present
- name: index.html
template:
src: index.html.j2
dest: /var/www/html/index.html
- name: restart httpd
service:
name: httpd
state: restarted
enabled: yes
创建测试网页模板文件index,html.j2
[root@server ansible]# cd roles/httpd/
[root@server httpd]# vim templates/index.html.j2
[root@server httpd]# cat templates/index.html.j2
Welcome to {{ ansible_fqdn }} on {{ ansible_ens33.ipv4.address }}
创建调用剧角色playbook
[root@server ansible]# cat httpd.yml
---
- name: use httpd role
hosts: node2
roles:
- httpd
执行playbook
[root@server ansible]# ansible-playbook httpd.yml
PLAY [use httpd role] **********************************************************************************
TASK [Gathering Facts] *********************************************************************************
ok: [node2]
TASK [httpd : stop firewalld] **************************************************************************
ok: [node2]
TASK [httpd : stop selinux] ****************************************************************************
ok: [node2]
TASK [httpd : stop selinux] ****************************************************************************
changed: [node2]
TASK [httpd : mount cdrom] *****************************************************************************
ok: [node2]
TASK [httpd : set repo1] *******************************************************************************
ok: [node2]
TASK [httpd : set repo2] *******************************************************************************
ok: [node2]
TASK [httpd : install] *********************************************************************************
ok: [node2]
TASK [httpd : index.html] ******************************************************************************
changed: [node2]
TASK [restart httpd] ***********************************************************************************
changed: [node2]
PLAY RECAP *********************************************************************************************
node2 : ok=10 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
测试
[root@server ansible]# curl node2
Welcome to node2.example.com on 192.168.100.20
部署haproxy
[root@server ansible]# yum install -y haproxy
编写haproxy角色playbook
[root@server haproxy]# vim tasks/main.yml
[root@server haproxy]# cat tasks/main.yml
---
# tasks file for haproxy
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: no
- name: stop selinux
lineinfile:
path: /etc/selinux/config
regexp: "^SELINUX="
line: SELINUX=disabled
- name: stop selinux
shell:
cmd: setenforce 0
- name: mount cdrom
mount:
src: /dev/cdrom
path: /mnt
fstype: iso9660
state: mounted
- name: set repo1
yum_repository:
file: server
name: aa
description: aa1
baseurl: file:///mnt/BaseOS
enabled: yes
gpgcheck: no
- name: set repo2
yum_repository:
file: server
name: bb
description: bb1
baseurl: file:///mnt/AppStream
enabled: yes
gpgcheck: no
- name: install haproxy
yum:
name: haproxy
state: present
- name: cp config
template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
- name: restart haproxy
service:
name: haproxy
state: restarted
enabled: yes
编写配置模本文件
[root@server haproxy]# cp /etc/haproxy/haproxy.cfg templates/haproxy.cfg.j2
[root@server haproxy]# vim templates/haproxy.cfg.j2
···
frontend main
bind *:80
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
{% for zbc in groups.webservers %}
server {{ hostvars[zbc].ansible_fqdn }} {{ hostvars[zbc].ansible_ens33.ipv4.address }}:80 check
{% endfor %}
创建调用角色haproxy的playbook
[root@server ansible]# cat haproxy.yml
---
- name: get webservers facts
hosts: webservers
- name: use haproxy
hosts: node3
roles:
- haproxy
执行
[root@server ansible]# ansible-playbook haproxy.yml
PLAY [get webservers facts] ****************************************************************************
TASK [Gathering Facts] *********************************************************************************
ok: [node2]
ok: [node1]
PLAY [use haproxy] *************************************************************************************
TASK [Gathering Facts] *********************************************************************************
ok: [node3]
TASK [haproxy : stop firewalld] ************************************************************************
ok: [node3]
TASK [haproxy : stop selinux] **************************************************************************
ok: [node3]
TASK [haproxy : stop selinux] **************************************************************************
changed: [node3]
TASK [haproxy : mount cdrom] ***************************************************************************
ok: [node3]
TASK [haproxy : set repo1] *****************************************************************************
ok: [node3]
TASK [haproxy : set repo2] *****************************************************************************
ok: [node3]
TASK [install haproxy] *********************************************************************************
ok: [node3]
TASK [haproxy : cp config] *****************************************************************************
changed: [node3]
TASK [restart haproxy] *********************************************************************************
changed: [node3]
PLAY RECAP *********************************************************************************************
node1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node3 : ok=10 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
验证
[root@server ansible]# curl 192.168.100.20
Welcome to node2.example.com on 192.168.100.20
[root@server ansible]# curl 192.168.100.30
Welcome to node2.example.com on 192.168.100.20