一.简介
ansible的剧本playbook采用yaml语法,通过yaml语法可以轻松地表示和定义复杂的任务和配置,无论是单台还是多台服务器的管理,ansible都能够提供统一的语法来描述和执行操作,能快速地应对变更、部署和升级。
二.yaml语法基本
0.运行Ansible Playbook
1.YAML语法规范 类似JSON用键值表示,YAML是JSON的集合
2.YAML数据结构有映射map和列表list,Map的键值可以是list结构,list列表项也可以是Map结构
映射map型如下:
列表list型如下:
Map的键值可以是list结构,list列表项也可以是Map结构,如下
三.常见模块的yaml用法
1.copy模块
---
- hosts: server1 # 指定要操作的目标主机
remote_user: root # 指定在目标主机上执行操作的用户
tasks: # 任务列表
- name: copy file to remote server # 任务名,可以自定义
copy: # 调用copy模块
src: /path/to/local/file # 要复制的本地文件的路径
dest: /path/to/remote/file # 要复制到的远程文件路径
backup: yes # 如果目标文件存在,则在覆盖前创建一个备份
mode: '0644' # 设置文件的权限模式
owner: username # 设置文件的所有者
group: groupname # 设置文件的组
force: no # 如果文件已经存在,则不强制替换文件
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
2.file模块
---
- hosts: servers
tasks:
- name: 确保 /etc/foo.conf 文件存在
file:
path: /etc/foo.conf
state: present
- name: 设置 /etc/foo.conf 的权限为 644
file:
path: /etc/foo.conf
mode: 0644
- name: 设置 /etc/foo.conf 的所有权为 user:group
file:
path: /etc/foo.conf
owner: user
group: group
- name: 创建一个目录,并设置适当的权限
file:
path: /opt/mydir
state: directory
mode: 0755
owner: user
group: group
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
3.yum模块
4.systemd
---
- name: 使用 Ansible 管理 systemd 服务
hosts: servers
tasks:
- name: 确保 httpd 服务已安装并启动
ansible.builtin.yum:
name: httpd
state: present
- name: 启动 httpd 服务
ansible.builtin.systemd:
name: httpd
state: started
enabled: yes
- name: 重启 httpd 服务
ansible.builtin.systemd:
name: httpd
state: restarted
- name: 停止 httpd 服务
ansible.builtin.systemd:
name: httpd
state: stopped
- name: 使 httpd 服务不在系统启动时自动启动
ansible.builtin.systemd:
name: httpd
state: stopped
enabled: no
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
5.user
6.cron
四.使用ansible的剧本
1.简单初始化剧本
cat >deploy_init.yml<<'EOF'
---
- hosts: all
become: yes
tasks:
- name: Install common packages
apt:
name: "{{ item }}"
state: present
update_cache: yes
with_items:
- vim
- curl
- git
- name: Create a new user
user:
name: myuser
createhome: yes
shell: /bin/bash
groups: wheel
- name: Copy SSH key to server
authorized_key:
user: myuser
state: present
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: Restrict SSH Access
lineinfile:
path: /etc/ssh/sshd_config
regexp: '^PermitRootLogin'
line: 'PermitRootLogin no'
state: present
- name: Restart SSH service
service:
name: ssh
state: restarted
- name: Update all packages
apt:
update_cache: yes
upgrade: dist
...
EOF
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
- 45.
- 46.
运行deploy_init.yml
2.部署LAMP剧本
cat >deploy_lamp.yml<<'EOF'
---
- hosts: servers
become: yes
tasks:
- name: Install Apache
apt:
name: apache2
state: present
- name: Start Apache and Enable on Boot
systemd:
name: apache2
state: started
enabled: yes
- name: Install MySQL
apt:
name: mysql-server
state: present
- name: Start MySQL and Enable on Boot
systemd:
name: mysql
state: started
enabled: yes
- name: Install PHP
apt:
name: php
state: present
- name: Reload Apache to Enable PHP
systemd:
name: apache2
state: reloaded
- name: Test PHP Page
copy:
dest: /var/www/html/index.php
content: |
<?php
// Show all information, defaults to INFO_ALL
phpinfo();
?>
- name: Restart Apache
systemd:
name: apache2
state: restarted
EOF
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
- 45.
- 46.
- 47.
- 48.
- 49.
- 50.
运行deploy_lamp.yml