playbook 相当于多个命令的编排组合然后一起运行,类似写脚本。在学习 playbook 之前需要了解 yaml 格式。
编写playbook的步骤:
- 定义主机与用户
- 编写任务列表
- 执行 playbook
当然 playbook 支持拆分多个文件,并且可以使用多种维度的封装,例如定义变量、任务、处理程序等,鼓励代码/文件复用。
下面是安装 nginx 和 ntp server 的示例。
1、文件目录结构
[root@localhost ansible_demo]# tree nginx_ntp/ nginx_ntp/ ├── group_vars │ ├── all │ └── webserver ├── hosts ├── roles │ ├── common │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ ├── templates │ │ │ └── ntp.conf.j2 │ │ └── vars │ │ └── main.yml │ └── web │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ └── nginx2.conf └── site.yml 11 directories, 11 files
2、Inventory 文件
[root@localhost nginx_ntp]# cat hosts [webserver] 192.168.34.129 192.168.34.130
3、playbook 入口文件
[root@localhost nginx_ntp]# cat site.yml
---
- name: apply common configuration to all nodes
hosts: all
roles:
- common
- name: configure and deploy the webserver and application code
hosts: webserver
roles:
- web
4、组变量文件
根据 inventory 来区分,all 表示所有,webserver 则指 hosts 中的 webserver section
[root@localhost nginx_ntp]# cd group_vars/ [root@localhost group_vars]# ll total 8 -rw-r--r--. 1 root root 32 Mar 6 18:12 all -rw-r--r--. 1 root root 72 Mar 6 18:24 webserver [root@localhost group_vars]# cat all --- ntpserver: ntp.sjtu.edu.cn [root@localhost group_vars]# cat webserver --- worker_processes: 4 root: /data1 worker_connections: 1024 user: www
5、roles 设置
5.1、角色 common 配置,
安装 ntp server,配置文件并同步时间启动 ntp server
- 任务入口 tasks
[root@localhost nginx_ntp]# cd roles/common/tasks/ [root@localhost tasks]# cat main.yml --- - name: install ntp server yum: name=ntp state=present - name: set zone info shell: \cp -rf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime - name: update time shell: ntpdate asia.pool.ntp.org - name: configure ntp file template: src=ntp.conf.j2 dest=/etc/ntp.conf notify: - restart ntp - name: start ntp server service: name=ntpd state=started enabled=true - name: test to see if selinux is running command: getenforce register: sestatus changed_when: false
- name 为 configure ntp file 的任务运行后的 callback handlers
[root@localhost common]# cat handlers/main.yml --- - name: restart ntp service: name=ntpd state=restarted
- template 源文件
[root@localhost common]# cat templates/ntp.conf.j2
driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict -6 :: 1
server {{ ntpserver }}
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
- role common 内置变量
[root@localhost common]# cat vars/main.yml --- ntpserver: 210.72.145.44
5.2 角色 web 配置
安装 nginx,配置文件并启动
- 任务入口 tasks
[root@localhost web]# cat tasks/main.yml
---
- name: install nginx
yum: name=nginx state=latest
- name: add user
shell: useradd {{ user }}
- name: write config
template: src=nginx2.conf dest=/etc/nginx/nginx.conf notify: - restart nginx - name: ensure nginx is running shell: /usr/sbin/nginx -c /etc/nginx/nginx.conf
- name 为 write config 的任务运行后的 callback handlers
[root@localhost web]# cat handlers/main.yml --- - name: restart nginx service: name=nginx state=restarted
- template 文件
[root@localhost web]# cat templates/nginx2.conf
user www;
worker_processes {{ worker_processes }};
events {
worker_connections {{ worker_connections }};
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
root {{ root }};
#charset koi8-r;
#access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
6 检查语法和运行
[root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml --syntax-check ERROR! Problem parsing file '/data1/ansible_demo/nginx_ntp/group_vars/all': line 2, column 1
发现 all 文件出错,修改后继续
[root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml --syntax-check playbook: site.yml [root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml -f 10 PLAY [apply common configuration to all nodes] ********************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [common : install ntp server] ********************************************************************************************************** ok: [192.168.34.129] ok: [192.168.34.130] TASK [common : set zone info] *************************************************************************************************************** changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : update time] ***************************************************************************************************************** changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : configure ntp file] ********************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] TASK [common : start ntp server] ************************************************************************************************************ changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : test to see if selinux is running] ******************************************************************************************* ok: [192.168.34.130] ok: [192.168.34.129] RUNNING HANDLER [common : restart ntp] ****************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] PLAY [configure and deploy the webserver and application code] ****************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [web : install nginx] ****************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [web : add user] *********************************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] TASK [web : write config] ******************************************************************************************************************* changed: [192.168.34.129] changed: [192.168.34.130] TASK [web : ensure nginx is running] ******************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] RUNNING HANDLER [web : restart nginx] ******************************************************************************************************* changed: [192.168.34.129] changed: [192.168.34.130] PLAY RECAP ********************************************************************************************************************************** 192.168.34.129 : ok=14 changed=9 unreachable=0 failed=0 192.168.34.130 : ok=14 changed=9 unreachable=0 failed=0 [root@localhost nginx_ntp]#
7、被控机验证
[root@localhost yum.repos.d]# ps -ef | grep ntp ntp 39081 1 0 18:26 ? 00:00:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g root 39384 2517 0 18:27 pts/0 00:00:00 grep ntp [root@localhost yum.repos.d]# ps -ef | grep nginx root 39370 1 0 18:26 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf www 39372 39370 0 18:26 ? 00:00:00 nginx: worker process www 39373 39370 0 18:26 ? 00:00:00 nginx: worker process www 39374 39370 0 18:26 ? 00:00:00 nginx: worker process www 39375 39370 0 18:26 ? 00:00:00 nginx: worker process root 39420 2517 0 19:03 pts/0 00:00:00 grep nginx
914
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
