ansible-roles-06

1. Ansible Roles基本概述

1.前面已经学过tasks和handler,那怎样组织playbook才是最好的方式呢?简单的回答就是:使用Roles
2.Roles基于一个“已知的文件结构”,去自动的加载某些vars,tasks以及handler。以便于playbook更好的调用。roles相比playbook的结构更加的清晰有层次。但roles显然要比playbook准备文件更加的复杂
3.例如:我们无论安装什么软件都会安装时间同步服务,那么每个playbook都要编写时间同步服务的task。那我们的roles可以将时间同步服务task任务编写好,等到需要使用的时候调用就行了。
4. Ansible注意事项: 在编写roles的时候,最好能够将一个tasks拆分为一个文件,方便后续复用(彻底的打散)

2. Ansible Roles目录结构

roles官方目录结构,必须按照如下的定义。在每个目录中必须有main.yml文件,这些属于强制要求

[root@ansible ~]# cd /etc/ansible/roles
[root@ansible ~]#  mkdir -p {nfs,rsync,web}/{vars,tasjs,templates,files,meta}
[root@ansible ~]# tree 
.
|——nfs                角色名称
|  |——files           存放文件
|  |——handlers        触发任务
|  |——tasks           具体任务
|  |——templates       模板文件
|  |——vars            定义变量
|  |——meta            依赖关系

3.Ansible Roles依赖关系

roles 允许在使用时自动引入其他role。role依赖关系存储在meta/main.yml文件中。
例如: 安装wordpree需要先确保nginx与php都能正常允许,此时可以在wordpress的role中定义,依赖nginx与php-fpm

wordpress依赖nginx与php-fpm的role
[root@ansible ~]# cat /root/roles/wordpress/meta/main.yml
---
dependencies:
  - { role: nginx}
  - { role: php-fpm}

4.Ansible Roles案例实战

4.1 NFS

①创建目录结构

我们创建目录结构有两种方式,一种是使用ansible命令创建出默认的目录结构,一种是我们自身根据需求创建出我们需要的目录结构

1>galaxy

[root@ansible ~]# ansible-galaxy init nfs
- Role nfs was created successfully
[root@ansible ~]# tree nfs
nfs
|-- defaults
|   `-- main.yml
|-- files
|-- handlers
|   `-- main.yml
|-- meta
|   `-- main.yml
|-- README.md
|-- tasks
|   `-- main.yml
|-- templates
|-- tests
|   |-- inventory
|   `-- test.yml
`-- vars
    `-- main.yml

8 directories, 8 files

2>自定义(这个文档我们使用这种方式)

[root@ansible ~]# mkdir roles;cd roles
[root@ansible roles]# mkdir  -p nfs-server/{tasks,handler,templates,files}
                              自己定义的名字/  固定的名字

②准备hosts与ansible.cfg文件

[root@ansible roles]# ls
ansible.cfg  hosts  nfs-server

③ 在roles目录下编辑一个top.yml文件 调用角色()

[root@ansible roles]# cat top.yml 
- hosts: nfsservers
  roles:
    - role: nfs-server

开始拆分原先playbook书写的方式
拆分成三部分
1.tasks(具体的任务)
2.handlers
3.template(配置文件)

[root@ansible roles]# cd nfs-server/
[root@ansible nfs-server]# ls
handlers  tasks  templates

④编写具体任务 (/nfs-server/tasks/main.yml)

- name: install nfs server
  yum:
    name: nfs-utils
    state: present

- name: configure nfs file
  template:
    src: exports.j2
    dest: /etc/exports
    owner: root
    group: root
    mode: 0644
  notify: systemctl restarted nfs

- name: create www group
  group:
    name: www
    gid: 666

- name: create www user
  user:
    name: www
    uid: 666
    group: 666
    shell: /sbin/nologin
    create_home: no

- name: create directory data
  file:
    path: /data
    state: directory
    mode: 0755
    owner: www
    group: www

- name: systemctl start nfs server
  systemd:
    name: nfs
    state: started
    enabled: yes

⑤编写handlers

handlers的name要与tasks/main.yml中notify名称一致

[root@ansible nfs-server]# cat handlers/main.yml 
- name:  systemctl restarted nfs
  systemd:
     name: nfs
     state: restarted 

⑥编写template(存放配置文件)

[root@ansible nfs-server]# cat templates/exports.j2 
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)

⑦执行 (调用nfs-server这个角色)

[root@ansible roles]# ansible-playbook top.yml 

⑧ 执行结果

在这里插入图片描述

4.2 Rsync

①创建目录结构

[root@ansible ~]# mkdir roles;cd roles
[root@ansible roles]# mkdir  -p rsync-server/{tasks,handler,templates,files}
                              自己定义的名字/  固定的名字

② 在roles目录下修改top.yml文件 调用角色(rsync-server)

#- hosts: nfsservers
#  roles:
#    - role: nfs-server

- hosts: backupservers
  roles:
    - role: rsync-server

③编写具体任务 (/rsync-server/tasks/main.yml)

- name: install rsync server
  yum:
    name: rsync
    state: present

- name: copy rsync configure file
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: "{{ item.mode }}"
  loop:
    - { src: rsyncd.j2 ,      dest: /etc/rsyncd.conf ,mode: '0644' }
    - { src: rsync.passwd.j2 , dest: /etc/rsync.passwd , mode: '0600' }
  notify: systemctl restart rsyncd

- name: create www group
  group:
    name: www
    gid: '666'

- name: create www user
  user:
    name: www
    uid: '666'
    group: '666'

- name: create backup directory
  file:
    path: /backup
    state: directory
    owner: www
    group: www
    
- name: systemctl start rsyncd
  systemd:
    name: rsyncd
    state: started

④编写handlers

- name: systemctl start rsyncd
  systemd:
    name: rsyncd
    state: started

⑤编写template(存放配置文件)

rsyncd.j2

[root@ansible templates]# cat rsyncd.j2
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup

rsync.passwd.j2

[root@ansible templates]# cat rsync.passwd.j2 
rsync_backup:1

⑥执行剧本

[root@ansible roles]# ansible-playbook top.yml 

⑦剧本结构

在这里插入图片描述

加入变量

4.3 NFS加入变量

①我们首先定义变量

[root@ansible roles]# mkdir group_vars
[root@ansible roles]# cd group_vars/
[root@ansible group_vars]# vim all
#用户统一化
#www用户
user: www
#www用户组
group: www
#uid和gid
id: '666'

#NFS变量
#nfs共享目录
nfs_data: /data1
# 共享的网段
share_ip: 172.16.1.0/24

②在配置文件中添加变量

[root@ansible ~]# cat /root/roles/nfs-server/templates/exports.j2
{{ nfs_data }} {{ share_ip }}(rw,sync,all_squash,anonuid={{ id }},anongid={{ id }})

③在nfs剧本添加变量

 	- name: install nfs server
  yum:
    name: nfs-utils
    state: present

- name: configure nfs file
  template:
    src: exports.j2
    dest: /etc/exports
    owner: root
    group: root
    mode: 0644
  notify: systemctl restarted nfs

- name: create www group
  group:
    name: "{{ group }}"
    gid: "{{ id }}"

- name: create www user
  user:
    name: "{{ user }}"
    uid: "{{ id }}"
    group: "{{ id }}"
    shell: /sbin/nologin
    create_home: no

- name: create directory data
  file:
    path: "{{ nfs_data }}"
    state: directory
    mode: 0755
    owner: "{{ user }}"
    group: "{{ group }}"

- name: systemctl start nfs server
  systemd:
    name: nfs
    state: started
    enabled: yes
                               

④执行剧本结果

在这里插入图片描述

4.4 Rsync加入变量

①我们首先定义变量

##用户统一化
#www用户
user: www
#www用户组
group: www
#uid和gid
id: '666'

##NFS变量
#nfs共享目录
nfs_data: /data1
# 共享的网段
share_ip: '172.16.1.0/24'


##Rsync变量
#rsync连接认证用户
vuser: rsync_backup
#rsync连接认证用户密码文件
vpasswd_path: /etc/rsync.passwd
#rsync连接用户密码
vpasswd: 1
#rysnc接受数据目录和模块名称
vdata: /backup

②在配置文件中添加变量

rsyncd.j2

[root@ansible ~]# cat /root/roles/rsync-server/templates/rsyncd.j2
uid = {{ user }}
gid = {{ group }}
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = {{ vuser }}
secrets file = {{ vpasswd_path }}
log file = /var/log/rsyncd.log
#####################################
[{{ vdata }}]
comment = welcome to oldboyedu backup!
path = {{ vdata }}

rsync.passwd.j2

[root@ansible ~]# cat /root/roles/rsync-server/templates/rsync.passwd.j2
{{ vuser }}:{{ vpasswd }}

③在nfs剧本添加变量

- name: install rsync server
  yum:
    name: rsync
    state: present

- name: copy rsync configure file
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: "{{ item.mode }}"
  loop:
    - { src: rsyncd.j2 ,      dest: /etc/rsyncd.conf ,mode: '0644' }
    - { src: rsync.passwd.j2 , dest: /etc/rsync.passwd , mode: '0600' }
  notify: systemctl restart rsyncd

- name: create www group
  group:
    name: "{{ group }}"
    gid: "{{ id }}"

- name: create www user
  user:
    name: "{{ user }}"
    uid: "{{ id }}"
    group: "{{ id }}"

- name: create backup directory
  file:
    path: "{{ vdata }}"
    state: directory
    owner: "{{ user }}"
    group: "{{ group }}"
    mode: '0755'

- name: systemctl start rsyncd
  systemd:
    name: rsyncd
    state: started

④执行剧本结果

在这里插入图片描述

已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 黑客帝国 设计师:上身试试 返回首页