准备
[root@server ~]# cd /etc/ansible/
[root@server ansible]# ls roles/
apache mysql php
[root@server ansible]# vim hosts
[webservers]
node1
node2
[haproxy]
node3
[root@server ansible]# cd roles/
[root@server roles]# ansible-galaxy init httpd
- Role httpd was created successfully
[root@server roles]# ansible-galaxy init haproxy
- Role haproxy was created successfully
[root@server roles]# ls
apache haproxy httpd mysql php
部署 apache(node2)
[root@server roles]# cd httpd/
[root@server httpd]# ls
defaults files handlers meta README.md tasks templates tests vars
playbook
[root@server httpd]# vim tasks/main.yml
---
# tasks file for httpd
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: no
- name: stop selinux1
lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=disabled
- name: stop selinux2
shell:
cmd: setenforce 0
- name: mount cdrom
mount:
src: /dev/cdrom
path: /mnt
fstype: iso9660
state: mounted
- name: set repo1
yum_repository:
file: server
name: aa
description: aa
baseurl: file:///mnt/BaseOS
enabled: yes
gpgcheck: no
- name: set repo2
yum_repository:
file: server
name: bb
description: bb
baseurl: file:///mnt/AppStream
enabled: yes
gpgcheck: no
- name: install httpd
yum:
name: httpd
state: present
- name: index.html
template:
src: index.html.j2
dest: /var/www/html/index.html
- name: restart httpd
service:
name: httpd
state: restarted
enabled: yes
[root@server httpd]# cd /etc/ansible/
[root@server ansible]# vim http.yml
---
- name: use httpd role
hosts: node2
roles:
- httpd
模板
[root@server ~]# cd /etc/ansible/roles/httpd/templates/
[root@server templates]# vim index.html.j2
Welcome to {{ ansible_fqdn }} on {{ ansible_ens160.ipv4.address }}
执行 playbook
[root@server ansible]# ansible-playbook http.yml
PLAY [use httpd role] ***********************************************************
TASK [Gathering Facts] **********************************************************
ok: [node2]
TASK [httpd : stop firewalld] ***************************************************
changed: [node2]
TASK [httpd : stop selinux1] ****************************************************
changed: [node2]
TASK [httpd : stop selinux2] ****************************************************
changed: [node2]
TASK [httpd : mount cdrom] ******************************************************
changed: [node2]
TASK [httpd : set repo1] ********************************************************
changed: [node2]
TASK [httpd : set repo2] ********************************************************
changed: [node2]
TASK [install httpd] ************************************************************
changed: [node2]
TASK [httpd : index.html] *******************************************************
changed: [node2]
TASK [restart httpd] ************************************************************
changed: [node2]
PLAY RECAP **********************************************************************
node2 : ok=10 changed=9 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
验证
[root@server ansible]# curl http://node2
Welcome to node2.example.com on 192.168.91.134
部署 haproxy(node3)
[root@server roles]# cd haproxy/
[root@server haproxy]# ls
defaults files handlers meta README.md tasks templates tests vars
下载 haproxy
[root@server haproxy]# yum -y install haproxy
playbook
[root@server haproxy]# vim tasks/main.yml
---
# tasks file for haproxy
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: no
- name: stop selinux
shell:
cmd: setenforce 0
- name: mount cdrom
mount:
src: /dev/cdrom
path: /mnt
fstype: iso9660
state: mounted
- name: set repo1
yum_repository:
file: server
name: aa
description: aa
baseurl: file:///mnt/BaseOS
enabled: yes
gpgcheck: no
- name: set repo2
yum_repository:
file: server
name: bb
description: bb
baseurl: file:///mnt/AppStream
enabled: yes
gpgcheck: no
- name: install haproxy
yum:
name: haproxy
state: present
- name: cp template config
template:
src: haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
- name: restart haproxy
service:
name: haproxy
state: restarted
enabled: yes
[root@server haproxy]# cd /etc/ansible/
[root@server ansible]# vim haproxy.yml
---
- name: get webservers facts
hosts: webservers
- name: use haproxy role
hosts: node3
roles:
- haproxy
模板
[root@server haproxy]# cp /etc/haproxy/haproxy.cfg templates/haproxy.cfg.j2
[root@server haproxy]# vim templates/haproxy.cfg.j2
......
frontend main
bind *:80
......
backend app
balance roundrobin
{% for kym in groups.webservers %}
server {{ hostvars[kym].ansible_fqdn }} {{ hostvars[kym].ansible_ens160.ipv4.address }}:80 check
{% endfor %}
执行 playbook
[root@server ansible]# ansible-playbook haproxy.yml
PLAY [use haproxy role] *********************************************************
TASK [Gathering Facts] **********************************************************
ok: [node3]
TASK [haproxy : stop firewalld] *************************************************
changed: [node3]
TASK [haproxy : stop selinux] ***************************************************
changed: [node3]
TASK [haproxy : mount cdrom] ****************************************************
changed: [node3]
TASK [haproxy : set repo1] ******************************************************
changed: [node3]
TASK [haproxy : set repo2] ******************************************************
changed: [node3]
TASK [install haproxy] **********************************************************
changed: [node3]
TASK [haproxy : cp template config] *********************************************
changed: [node3]
TASK [restart haproxy] **********************************************************
changed: [node3]
PLAY RECAP **********************************************************************
node1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node3 : ok=9 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
验证