Ansible playbook 使用进阶-roles实战案例

最新推荐文章于 2022-03-18 16:40:22 发布
最新推荐文章于 2022-03-18 16:40:22 发布
阅读量570 收藏
点赞数
分类专栏: PLAYBOOK ansible 文章标签: ansible roles实战 Ansible-playbook 实战案例
kaivi's blog
本文链接:https://blog.csdn.net/weixin_45651006/article/details/103437499
版权

推荐资料

http://galaxy.ansible.com

https://galaxy.ansible.com/explore#/

http://github.com/

http://ansible.com.cn/

https://github.com/ansible/ansible

https://github.com/ansible/ansible-examples

准备阶段

准备一台 CentOS7服务器,安装好 ansible,并配置一台被远程管理的服务器.前提关闭防火墙和selinux。
这里用到centos7 absible1主机作为ansible机器。IP:192.168.32.7
被控制机器为centos8 ansible2 主机。IP:192.168.32.8

[root@ansible1 ~]#ansible --version
ansible 2.9.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
[root@ansible1 ~]#ansible all -m ping
192.168.32.8 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@ansible1 ~]#

案例1:实现httpd角色

[root@ansible1 ~]#
[root@ansible1 ~]#mkdir /data/ansible/roles/httpd/{tasks,handlers,files,templates,vars} -pv
mkdir: created directory ‘/data/ansible/roles’
mkdir: created directory ‘/data/ansible/roles/httpd’
mkdir: created directory ‘/data/ansible/roles/httpd/tasks’
mkdir: created directory ‘/data/ansible/roles/httpd/handlers’
mkdir: created directory ‘/data/ansible/roles/httpd/files’
mkdir: created directory ‘/data/ansible/roles/httpd/templates’
mkdir: created directory ‘/data/ansible/roles/httpd/vars’
[root@ansible1 ~]#cd /data/ansible/
[root@ansible1 ansible]#tree roles/
roles/
└── httpd
    ├── files
    ├── handlers
    ├── tasks
    ├── templates
    └── vars

6 directories, 0 files
[root@ansible1 ansible]#cd roles/httpd/
[root@ansible1 httpd]#
[root@ansible1 ansible]#cd roles/httpd/
[root@ansible1 httpd]#vim tasks/main.yml
[root@ansible1 httpd]#cat tasks/main.yml     #运行的顺序,注意名称和之后调用的要一致
- include: install.yml
- include: config.yml
- include: index.yml
- include: service.yml
[root@ansible1 httpd]#
[root@ansible1 httpd]#vim tasks/install.yml

[root@ansible1 httpd]#cat tasks/install.yml
- name: install httpd package
  yum: name=httpd
  
[root@ansible1 httpd]#

[root@ansible1 ~]#cp /etc/httpd/conf/httpd.conf /data/ansible/roles/httpd/files/  #找寻配置文件

[root@ansible1 httpd]#vim files/httpd.conf 

[root@ansible1 httpd]#cat files/httpd.conf |grep "Listen"
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to 
#Listen 12.34.56.78:80
Listen 8080              #修改默认端口为8080
[root@ansible1 httpd]#
[root@ansible1 httpd]#vim tasks/config.yml

[root@ansible1 httpd]#cat tasks/config.yml
- name: config file
  copy: src=httpd.conf dest=/etc/httpd/conf/ backup=yes
  notify: restart
[root@ansible1 httpd]#
[root@ansible1 httpd]#cat files/index.html
<h1>This is a ansible playbook test for roles !</h1>

[root@ansible1 httpd]#
[root@ansible1 httpd]#vim tasks/index.yml

[root@ansible1 httpd]#cat  tasks/index.yml
- name: index.html
  copy: src=index.html dest=/var/www/html/
[root@ansible1 httpd]#
[root@ansible1 httpd]#vim tasks/service.yml

[root@ansible1 httpd]#cat tasks/service.yml
- name: start service
  service: name=httpd state=started enabled=yes
[root@ansible1 httpd]#
[root@ansible1 httpd]#vim handlers/main.yml

[root@ansible1 httpd]#cat handlers/main.yml
- name: restart
  service: name=httpd state=restarted
[root@ansible1 httpd]#cd /data/ansible/

[root@ansible1 ansible]#vim httpd_role.yml

[root@ansible1 ansible]#cat httpd_role.yml 
---
# httpd role
- hosts: 192.168.32.8
  remote_user: root
 
  roles:
    - role: httpd
[root@ansible1 ansible]#
[root@ansible1 ansible]#tree 
.
├── httpd_role.yml
└── roles
    └── httpd
        ├── files
        │   ├── httpd.conf
        │   └── index.html
        ├── handlers
        │   └── main.yml
        ├── tasks
        │   ├── config.yml
        │   ├── index.yml
        │   ├── install.yml
        │   ├── main.yml
        │   └── service.yml
        ├── templates
        └── vars

7 directories, 9 files
[root@ansible1 ansible]#ansible-playbook -C httpd_role.yml 

PLAY [192.168.32.8] ***********************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.8]

TASK [httpd : install httpd package] ******************************************************************************
changed: [192.168.32.8]

TASK [httpd : config file] ****************************************************************************************
changed: [192.168.32.8]

TASK [httpd : index.html] *****************************************************************************************
changed: [192.168.32.8]

TASK [httpd : start service] **************************************************************************************
changed: [192.168.32.8]

RUNNING HANDLER [httpd : restart] *********************************************************************************
changed: [192.168.32.8]

PLAY RECAP ********************************************************************************************************
192.168.32.8               : ok=6    changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

[root@ansible1 ansible]#ansible-playbook  httpd_role.yml 

PLAY [192.168.32.8] ***********************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.8]

TASK [httpd : install httpd package] ******************************************************************************
changed: [192.168.32.8]

TASK [httpd : config file] ****************************************************************************************
changed: [192.168.32.8]

TASK [httpd : index.html] *****************************************************************************************
changed: [192.168.32.8]

TASK [httpd : start service] **************************************************************************************
changed: [192.168.32.8]

RUNNING HANDLER [httpd : restart] *********************************************************************************
changed: [192.168.32.8]

PLAY RECAP ********************************************************************************************************
192.168.32.8               : ok=6    changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
查看远程主机的8080端口是否打开。
[root@ansible1 ansible]#ansible 192.168.32.8 -a "ss -ntl"
192.168.32.8 | CHANGED | rc=0 >>
State    Recv-Q    Send-Q        Local Address:Port        Peer Address:Port    
LISTEN   0         32            192.168.122.1:53               0.0.0.0:*       
LISTEN   0         128                 0.0.0.0:22               0.0.0.0:*       
LISTEN   0         5                 127.0.0.1:631              0.0.0.0:*       
LISTEN   0         128               127.0.0.1:6010             0.0.0.0:*       
LISTEN   0         128               127.0.0.1:6011             0.0.0.0:*       
LISTEN   0         128                 0.0.0.0:45475            0.0.0.0:*       
LISTEN   0         128                 0.0.0.0:111              0.0.0.0:*       
LISTEN   0         128                 0.0.0.0:8080             0.0.0.0:*       

[root@ansible1 ansible]#curl 192.168.32.8:8080
<h1>This is a ansible playbook test for roles !</h1>

[root@ansible1 ansible]#

访问一下网页看是否成功:
在这里插入图片描述

案例2:实现nginx角色

这里用到centos7 absible1主机作为ansible机器。IP:192.168.32.7
被控制机器为centos8 ansible2 主机。IP:192.168.32.8
被控制机器为centos7 ansible3 主机。IP:192.168.32.77
前提都基于了ssh验证

实现nginx角色,实现跨角色调用其他角色里面的文件或者模板。

[root@ansible1 ~]#vim /etc/ansible/hosts 

[root@ansible1 ~]#cat /etc/ansible/hosts |grep -Ev "^#|^$"
[appsrvs]
192.168.32.8 
192.168.32.77
[root@ansible1 ~]#ansible all -m ping 
192.168.32.8 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    }, 
    "changed": false, 
    "ping": "pong"
}
192.168.32.77 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@ansible1 ~]#

[root@ansible1 ~]#cd /data/ansible/
[root@ansible1 ansible]#ll
total 4
-rw-r--r-- 1 root root 88 Dec  7 17:50 httpd_role.yml
drwxr-xr-x 3 root root 19 Dec  7 17:23 roles
[root@ansible1 ansible]#mkdir roles/nginx/{tasks,handlers,files,templates,vars} -pv
mkdir: created directory ‘roles/nginx’
mkdir: created directory ‘roles/nginx/tasks’
mkdir: created directory ‘roles/nginx/handlers’
mkdir: created directory ‘roles/nginx/files’
mkdir: created directory ‘roles/nginx/templates’
mkdir: created directory ‘roles/nginx/vars’
[root@ansible1 ansible]#tree roles/
roles/
├── httpd
│   ├── files
│   │   ├── httpd.conf
│   │   └── index.html
│   ├── handlers
│   │   └── main.yml
│   ├── tasks
│   │   ├── config.yml
│   │   ├── index.yml
│   │   ├── install.yml
│   │   ├── main.yml
│   │   └── service.yml
│   ├── templates
│   └── vars
└── nginx
    ├── files
    ├── handlers
    ├── tasks
    ├── templates
    └── vars

12 directories, 8 files
[root@ansible1 ansible]#
[root@ansible1 ansible]#cd roles/nginx/
[root@ansible1 nginx]#ls
files  handlers  tasks  templates  vars
[root@ansible1 nginx]#vim tasks/main.yml

[root@ansible1 nginx]#cat tasks/main.yml
- include: install.yml
- include: config.yml
- include: file.yml
- include: service.yml
[root@ansible1 nginx]#

[root@ansible1 nginx]#vim tasks/install.yml

[root@ansible1 nginx]#cat tasks/install.yml
- name: install
  yum: name=nginx
[root@ansible1 nginx]#
[root@ansible1 nginx]#vim tasks/config.yml

[root@ansible1 nginx]#cat tasks/config.yml
- name: config file for centos7
  template: src=nginx7.conf.j2 dest=/etc/nginx/nginx.conf
  when: ansible_distribution_major_version=="7"        #判断版本
  notify: restart
- name: config file for centos8
  template: src=nginx8.conf.j2 dest=/etc/nginx/nginx.conf
  when: ansible_distribution_major_version=="8"        #判断版本
  notify: restart
[root@ansible1 nginx]#
[root@ansible1 nginx]#vim tasks/file.yml

[root@ansible1 nginx]#cat tasks/file.yml
- name: index.html              #这里调用了roles/httpd/files/index.html这个文件
  copy: src=roles/httpd/files/index.html dest=/usr/share/nginx/html/

[root@ansible1 nginx]#cat /data/ansible/roles/httpd/files/index.html    #查看roles/httpd/files/index.html文件内容
<h1>This is a ansible playbook test for roles !</h1>

[root@ansible1 nginx]#vim tasks/service.yml

[root@ansible1 nginx]#cat tasks/service.yml
- name: start service
  service: name=nginx state=started enabled=yes

创建files文件和templates和handlers
其中files文件不用重新创建,这里调用了roles/httpd/files/index.html这个文件

[root@ansible1 nginx]#tree
.
├── files
├── handlers
├── tasks
│   ├── config.yml
│   ├── file.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
├── templates
└── vars

5 directories, 5 files
#创建templates
[root@ansible1 ~]#cp /etc/nginx/nginx.conf /data/ansible/roles/nginx/templates/nginx7.conf.j2
#寻找相关的配置文件 这里再本机安装了一个直接拷贝到roles/nginx/templates下重命名为nginx7.conf.j2
#同理,这里再8上面也找了一个相关的配置文件拷贝过来

[root@ansible1 nginx]#ll templates/
total 8
-rw-r--r-- 1 root root 2471 Dec  7 19:47 nginx7.conf.j2
-rw-r--r-- 1 root root 2469 Dec  7 19:56 nginx8.conf.j2
[root@ansible1 nginx]#
#修改两个template文件
[root@ansible1 nginx]#vim templates/nginx7.conf.j2 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user {{ username }};           #使用变量username
worker_processes {{ ansible_processor_vcpus+2 }};    #使用系统变量ansible_processor_vcpus 进行数值运算 +2
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

[root@ansible1 nginx]#vim templates/nginx8.conf.j2 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user {{ username }};           #使用变量username
worker_processes {{ ansible_processor_vcpus+4 }};    #使用系统变量ansible_processor_vcpus 进行数值运算 +4
error_log /var/log/nginx/error.log; 
pid /run/nginx.pid;

定义username变量,这里可以定义再vars里面
[root@ansible1 nginx]#vim vars/maim.yml

[root@ansible1 nginx]#cat vars/maim.yml
username: daemon


#定义handles
[root@ansible1 nginx]#vim handlers/main.yml

[root@ansible1 nginx]#cat handlers/main.yml
- name: restart
  service: name=nginx state=restarted
[root@ansible1 nginx]#

[root@ansible1 nginx]#tree
.
├── files
├── handlers
│   └── main.yml
├── tasks
│   ├── config.yml
│   ├── file.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
├── templates
│   ├── nginx7.conf.j2
│   └── nginx8.conf.j2
└── vars
    └── main.yml

5 directories, 9 files
[root@ansible1 nginx]#
#返回上一级的上一级,编写一个和roles同一级的调用文件nginx_role.yml
[root@ansible1 ansible]#vim nginx_role.yml

[root@ansible1 ansible]#cat nginx_role.yml
---
#nginx role
- hosts: appsrvs

  roles:
    - role: nginx

端口号我们这里没有进行修改,所以会启用默认的80端口,和前面一个实验开启的8080端口并不冲突。

语法检测以及运行角色脚本

[root@ansible1 ansible]#ansible-playbook -C nginx_role.yml 

PLAY [appsrvs] ****************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.77]
ok: [192.168.32.8]

TASK [nginx : install] ********************************************************************************************
changed: [192.168.32.77]
ok: [192.168.32.8]

TASK [nginx : config file for centos7] ****************************************************************************
skipping: [192.168.32.8]
changed: [192.168.32.77]

TASK [nginx : config file for centos8] ****************************************************************************
skipping: [192.168.32.77]
changed: [192.168.32.8]

TASK [nginx : index.html] *****************************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

TASK [nginx : start service] **************************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

RUNNING HANDLER [nginx : restart] *********************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

PLAY RECAP ********************************************************************************************************
192.168.32.77              : ok=6    changed=5    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   
192.168.32.8               : ok=6    changed=4    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   

[root@ansible1 ansible]#ansible-playbook nginx_role.yml 

PLAY [appsrvs] ****************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.77]
ok: [192.168.32.8]

TASK [nginx : install] ********************************************************************************************
ok: [192.168.32.8]
changed: [192.168.32.77]

TASK [nginx : config file for centos7] ****************************************************************************
skipping: [192.168.32.8]
changed: [192.168.32.77]

TASK [nginx : config file for centos8] ****************************************************************************
skipping: [192.168.32.77]
changed: [192.168.32.8]

TASK [nginx : index.html] *****************************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

TASK [nginx : start service] **************************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

RUNNING HANDLER [nginx : restart] *********************************************************************************
changed: [192.168.32.77]
changed: [192.168.32.8]

PLAY RECAP ********************************************************************************************************
192.168.32.77              : ok=6    changed=5    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   
192.168.32.8               : ok=6    changed=4    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   

[root@ansible1 ansible]#curl 192.168.32.8
<h1>This is a ansible playbook test for roles !</h1>

[root@ansible1 ansible]#curl 192.168.32.77
<h1>This is a ansible playbook test for roles !</h1>

[root@ansible1 ansible]#

[root@ansible1 ansible]#ansible all -m shell -a  "ps aux |grep "^daemon""
192.168.32.77 | CHANGED | rc=0 >>
daemon     9597  0.0  0.1 121180  3332 ?        S    20:42   0:00 nginx: worker process
daemon     9598  0.0  0.1 121180  3332 ?        S    20:42   0:00 nginx: worker process
daemon     9599  0.0  0.1 121180  3576 ?        S    20:42   0:00 nginx: worker process
daemon     9600  0.0  0.1 121180  3576 ?        S    20:42   0:00 nginx: worker process
centos7中有2颗CPU则默认会开启2个进程,这里的daemon就是之前我们定义的username变量的daemon,默认叫nginx
之后在进程变量中加上了数值运算+2 及这里线程一共为4个。centos8同理可得。centos8中+4

192.168.32.8 | CHANGED | rc=0 >>
daemon    34722  0.0  0.4 148700  7744 ?        S    20:42   0:00 nginx: worker process
daemon    34723  0.0  0.4 148700  7724 ?        S    20:42   0:00 nginx: worker process
daemon    34724  0.0  0.4 148700  7728 ?        S    20:42   0:00 nginx: worker process
daemon    34725  0.0  0.4 148700  7744 ?        S    20:42   0:00 nginx: worker process
daemon    34726  0.0  0.4 148700  7748 ?        S    20:42   0:00 nginx: worker process
daemon    34727  0.0  0.4 148700  7748 ?        S    20:42   0:00 nginx: worker process

访问网页是否能正常访问:
在这里插入图片描述在这里插入图片描述

案例3 :实现memcached角色简单总结

mkdir -pv /data/ansible/roles/memcached/{tasks,templates}
cd /data/ansible/roles/memcached
vim tasks/main.yml
- include: install.yml
- include: config.yml
- include: service.yml
vim tasks/install.yml
- name: install
yum: name=memcached
vim tasks/config.yml
- name: config file
template: src=memcached.j2 dest=/etc/sysconfig/memcached
vim tasks/service.yml
- name: service
service: name=memcached state=started enabled=yes
vim templates/memcached.j2
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ansible_memtotal_mb//4}}"  #总内存的四分之一 //表示取整数
OPTIONS=""

tree /data/ansible/roles/memcached/
/data/ansible/roles/memcached/
├── tasks
│ ├── config.yml
│ ├── install.yml
│ ├── main.yml
│ └── service.yml
└── templates
└── memcached.j2
2 directories, 5 files
vim /data/ansible/role_memcached.yml
---
- hosts: appsrvs
roles:
- role: memcached
ansible-play /data/ansible/role_memcached.yml

案例5 :实现多角色的选择

vim /data/ansible/role_httpd_nginx.yml
---
- hosts: appsrvs
roles:
- {role: httpd,tags: [httpd,web], when: ansible_distribution_major_version=="7" }
- {role: nginx,tags: [nginx,web], when: ansible_distribution_major_version=="8" }

ansible-playbook -t nginx /data/ansible/role_httpd_nginx.yml
表示安装nginx标签所指的角色,同时也要满足后面的版本centos8.

案例6:实现mysql二进制安装角色

[root@ansible1 ~]#vim /etc/ansible/hosts 
[root@ansible1 ~]#cat /etc/ansible/hosts |grep -Ev "^#|^$"
[appsrvs]
192.168.32.8 
[root@ansible1 ~]#ansible all -m ping
192.168.32.8 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    }, 
    "changed": false, 
    "ping": "pong"
}
[root@ansible1 ~]#
[root@ansible1 ~]#cd /data/ansible/
[root@ansible1 ansible]#


[root@ansible1 ansible]#mkdir roles/mysql/{tasks,handlers,files,templates,vars} -pv
mkdir: created directory ‘roles/mysql’
mkdir: created directory ‘roles/mysql/tasks’
mkdir: created directory ‘roles/mysql/handlers’
mkdir: created directory ‘roles/mysql/files’
mkdir: created directory ‘roles/mysql/templates’
mkdir: created directory ‘roles/mysql/vars’
[root@ansible1 ansible]#cd roles/mysql/
[root@ansible1 mysql]#
# 准备配置文件


[root@ansible1 ansible]#cd roles/mysql/

[root@ansible1 mysql]#vim files/my.cnf     #数据库配置文件

[root@ansible1 mysql]#cat files/my.cnf
[mysqld]
socket=/tmp/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
log-bin
pid-file=/data/mysql/mysqld.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
log-error=/var/log/mysqld.log

[root@ansible1 mysql]#vim files/secure_mysql.sh      #数据库安全脚本

[root@ansible1 mysql]#cat files/secure_mysql.sh
#!/bin/bash
/usr/local/mysql/bin/mysql_secure_installation <<EOF
                        #回车
y
magedu
magedu
y
y
y
y
EOF
[root@ansible1 mysql]#ls files/
my.cnf  secure_mysql.sh

[root@ansible1 mysql]#chmod +x files/secure_mysql.sh    #给安全加固脚本加上执行权限

[root@ansible1 mysql]#cd files/
[root@ansible1 files]#rz -E         #上传数据库二进制文件mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz
rz waiting to receive.
[root@ansible1 files]#cd ../
[root@ansible1 mysql]#ls files/
my.cnf  mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz  secure_mysql.sh

[root@ansible1 mysql]#vim tasks/main.yml        #剧本任务顺序定义,步骤定义

[root@ansible1 mysql]#cat tasks/main.yml
- include: install.yml
- include: group.yml
- include: user.yml
- include: unarchive.yml
- include: link.yml
- include: data.yml
- include: config.yml
- include: service.yml
- include: path.yml
- include: secure.yml
- 
[root@ansible1 mysql]#
[root@ansible1 mysql]#vim tasks/install.yml      #安装
[root@ansible1 mysql]#cat tasks/install.yml
- name: install packages
  yum: name=libaio,perl-Data-Dumper,perl-Getopt-Long
  
[root@ansible1 mysql]#vim tasks/group.yml        #创建组
[root@ansible1 mysql]#cat tasks/group.yml
- name: create mysql group
  group: name=mysql gid=306
  
[root@ansible1 mysql]#vim tasks/user.yml           #创建用户
[root@ansible1 mysql]#cat tasks/user.yml
- name: create mysql user
  user: name=mysql uid=306 group=mysql shell=/sbin/nologin system=yes create_home=no home=/data/mysql
  
[root@ansible1 mysql]#vim tasks/unarchive.yml     #解压缩
[root@ansible1 mysql]#cat tasks/unarchive.yml
- name: copy tar to remote host and file mode
  unarchive: src=mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz dest=/usr/local/ owner=root group=root
  
[root@ansible1 mysql]#vim tasks/link.yml          #创建软连接
[root@ansible1 mysql]#cat tasks/link.yml
- name: mkdir /usr/local/mysql
  file: src=/usr/local/mysql-5.6.46-linux-glibc2.12-x86_64 dest=/usr/local/mysql state=link
  
[root@ansible1 mysql]#vim tasks/data.yml          #创建数据库
[root@ansible1 mysql]#cat tasks/data.yml
- name: data dir
  shell: chdir=/usr/local/mysql/ ./scripts/mysql_install_db --datadir=/data/mysql --user=mysql
  
[root@ansible1 mysql]#vim tasks/config.yml        #配置文件
[root@ansible1 mysql]#cat tasks/config.yml
- name: config my.cnf
  copy: src=my.cnf dest=/etc/my.cnf
   
[root@ansible1 mysql]#vim tasks/service.yml       #启动服务
[root@ansible1 mysql]#cat tasks/service.yml
- name: service script
  shell: /bin/cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld;/etc/init.d/mysqld
   start;chkconfig --add mysqld;chkconfig mysqld on
  
[root@ansible1 mysql]#vim tasks/path.yml         #PATH路径修改
[root@ansible1 mysql]#cat tasks/path.yml
- name: PATH variable
  copy: content='PATH=/usr/local/mysql/bin:$PATH' dest=/etc/profile.d/mysql.sh
  
[root@ansible1 mysql]#vim tasks/secure.yml       #安全加固脚本
[root@ansible1 mysql]#cat tasks/secure.yml
- name: secure script
  script: secure_mysql.sh
  
[root@ansible1 mysql]#tree
.
├── files
│   ├── my.cnf
│   ├── mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz
│   └── secure_mysql.sh
├── handlers
├── tasks
│   ├── config.yml
│   ├── data.yml
│   ├── group.yml
│   ├── install.yml
│   ├── link.yml
│   ├── main.yml
│   ├── path.yml
│   ├── secure.yml
│   ├── service.yml
│   ├── unarchive.yml
│   └── user.yml
├── templates
└── vars

5 directories, 14 files
[root@ansible1 mysql]#cd ../../
[root@ansible1 ansible]#vim mysql_roles.yml
[root@ansible1 ansible]#cat mysql_roles.yml
- hosts: appsrvs
  remote_user: root
  
  roles:
    - {role: mysql,tags: ["mysql","db"]}
[root@ansible1 ansible]#

测试和运行:

[root@ansible1 ansible]#ansible-playbook -t mysql -C mysql_roles.yml 

PLAY [appsrvs] ****************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.8]

TASK [mysql : install packages] ***********************************************************************************
changed: [192.168.32.8]

TASK [mysql : create mysql group] *********************************************************************************
changed: [192.168.32.8]

TASK [mysql : create mysql user] **********************************************************************************
changed: [192.168.32.8]

TASK [mysql : copy tar to remote host and file mode] **************************************************************
skipping: [192.168.32.8]

TASK [mysql : mkdir /usr/local/mysql] *****************************************************************************
fatal: [192.168.32.8]: FAILED! => {"changed": false, "msg": "src file does not exist, use \"force=yes\" 
if you really want to create the link: /usr/local/mysql-5.6.46-linux-glibc2.12-x86_64", "path": "/usr/local/mysql",
 "src": "/usr/local/mysql-5.6.46-linux-glibc2.12-x86_64"}

PLAY RECAP ********************************************************************************************************
192.168.32.8               : ok=4    changed=3    unreachable=0    failed=1    skipped=1    rescued=0    ignored=0   

上面报错是因为暂时还没有创建出文件,属于正常报错。测试语法是否错误,但实际上还没有执行。

[root@ansible1 ansible]#ansible-playbook -t mysql  mysql_roles.yml 

PLAY [appsrvs] ****************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.32.8]

TASK [mysql : install packages] ***********************************************************************************
ok: [192.168.32.8]

TASK [mysql : create mysql group] *********************************************************************************
changed: [192.168.32.8]

TASK [mysql : create mysql user] **********************************************************************************
changed: [192.168.32.8]

TASK [mysql : copy tar to remote host and file mode] **************************************************************
changed: [192.168.32.8]

TASK [mysql : mkdir /usr/local/mysql] *****************************************************************************
changed: [192.168.32.8]

TASK [mysql : data dir] *******************************************************************************************
changed: [192.168.32.8]

TASK [mysql : config my.cnf] **************************************************************************************
changed: [192.168.32.8]

TASK [mysql : service script] *************************************************************************************
changed: [192.168.32.8]

TASK [mysql : PATH variable] **************************************************************************************
changed: [192.168.32.8]

TASK [mysql : secure script] **************************************************************************************
changed: [192.168.32.8]

PLAY RECAP ********************************************************************************************************
192.168.32.8               : ok=10   changed=8    unreachable=0    failed=0   skipped=0    rescued=0    ignored=0   

查看数据库端口3306是否启动
[root@ansible1 ansible]#ansible all -a 'ss -ntl'
192.168.32.8 | CHANGED | rc=0 >>
State    Recv-Q    Send-Q        Local Address:Port        Peer Address:Port    
LISTEN   0         32            192.168.122.1:53               0.0.0.0:*       
LISTEN   0         128                 0.0.0.0:22               0.0.0.0:*       
LISTEN   0         128                   [::1]:6010                [::]:*       
LISTEN   0         128                   [::1]:6011                [::]:*       
LISTEN   0         128                    [::]:49821               [::]:*       
LISTEN   0         80                        *:3306                   *:*
KAIVI-Blog
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
自动化运维工具ansible:(三)playbook中template、tags、roles操作示例
ver_mouth__的博客
08-19 896
ansible的template模块,可以将带有参数的配置文件传递到目标地址,可以对文件进行属组属主的修改以及备份。优先类似于docker的consul。templates功能:根据模板文件动态生成对应的配置文件,命名必须以.j2结尾#修改httpd配置文件42 Listen {{http_port}} #给监听端口定义变量43 MaxClients {{client_num}} #最大并发量定义变量95 ServerName {{server_name}} #给域名定义变量。......
ansible-playbook-roles-nginx
最新发布
07-26
playbook+roles安装nginx整体框架,并有详细配置
Ansibleroles介绍
weixin_30527143的博客
10-12 203
本节内容: 什么场景下会用rolesroles示例 一、什么场景下会用roles? 假如我们现在有3个被管理主机,第一个要配置成httpd,第二个要配置成php服务器,第三个要配置成MySQL服务器。我们如何来定义playbook? 第一个play用到第一个主机上,用来构建httpd,第二个play用到第二个主机上,用来构建php,第三个play用到第三个主机上,用来构...
ansibleroles介绍和实战
weixin_34241036的博客
03-03 118
roles 用于层次性、结构化地组织playbookroles 能够根据层次型结构自动装载变量文件、tasks以及handlers等。要使用roles只需要在playbook使用include指令即可。简单来讲,roles就是通过分别将变量(vars)、文件(file)、任务(tasks)、模块(modules)及处理器(handlers)放置于单独的目录中,并可以便捷地...
ansible-playbook的应用实例
dianlv8134的博客
03-17 184
mkdir /root/test/ vim /root/test/test1.yaml 添加: ---- hosts: 39.107.103.225 // 第一个任务 gather_facts: False //不读取对方主机的信息 tags: ...
Ansible自动化运维之playbookroles实战(zabbix的部署)
jj1130050965的博客
08-08 375
文章目录 1.ansible-playbook yml文件部署zabbix 实现步骤 2.ansible-playbook roles角色部署zabbix 实现步骤 角色优化 1.ansible-playbook yml文件部署zabbix 实现步骤 (1)基础配置 [devops@server1 ansible]$ pwd /home/devops/ansible [devops@server1 ansible]$ cat hosts [db] 172.25.3.1 [server] 172.25.3.
Ansible-Ansible-roles.zip
09-18
Ansible 是一个开源的自动化工具,它在IT领域中被广泛使用,特别是在配置...在 "Ansible-roles.zip" 中的 "Ansible-roles-master" 文件,可能是用户分享或存储自己创建的 Ansible 角色的一个仓库,便于管理和版本控制。
Ansible-mobile-roles-ansible-playbook.zip
09-18
Ansible-mobile-roles-ansible-playbook.zip,为OSX计算机提供iOS和/或Android开发环境和/或CI Build AgentsSensible PlaybookAnsible Playbook,ansible是一个简单而强大的自动化引擎。它用于帮助配置管理、应用...
ansible_ssh-tarpit:Ansible Playbook部署ssh-tarpit
03-22
ansible_ssh-tarpit简单的Ansible角色和示例剧本,用于部署ssh-tarpit-node( )大多数事情都是不言自明的,请根据您的需要在roles/ssh-tarpit/default/main.yml和示例剧本中的主机上调整daemon-opts。选项说明: ...
Ansible-ansible-roles.zip
09-18
`ansible-roles-master` 文件夹很可能就是解压后得到的角色仓库,其中包含了多个独立的角色,每个角色都有自己的目录结构,通常包括以下部分: 1. `defaults`: 存放默认变量,这些变量可以在其他地方被覆盖。 2. `...
ansible-playbook-grapher:一个命令行工具,用于创建表示您的Ansible剧本任务和角色的图形
01-31
先决条件Python 3 Ansible > = 2.8:如果您仍使用旧版本的Ansible,请创建一个虚拟环境并安装ansible-playbook-grapher。 如果尚未安装,pip将安装Ansible> = 2.8版本。 我尝试在支持的Ansible版本中尊重。 Graphviz...
ansible-golang-stack:Ansible Playbook 用于使用 Supervisor 和 PostgreSQL 设置 Golang 应用程序,
06-22
Ansible Playbook 专为运行 Golang 应用程序的环境而设计。 它可以安装和配置这些在生产 Go 部署中常用的应用程序: 高朗 PostgreSQL 导师 默认设置存储在roles/role_name/vars/main.yml 。 特定于环境的设置位于...
openssh升级ansible-playbook
12-25
当我们谈论"openssh升级ansible-playbook"时,意味着我们需要使用AnsiblePlaybook来自动化OpenSSH的更新过程。 首先,让我们详细了解一下Ansible PlaybookPlaybookAnsible的核心概念,它是以YAML格式编写的...
ansible-playbook-examples:使用Pure Storage产品的Rest API调用的Ansible剧本示例
01-31
"ansible-playbook-examples"项目提供了使用Ansible与Pure Storage产品集成的实例,帮助用户更好地理解如何利用Ansible的Rest API调用来操作Pure Storage存储系统。本篇文章将深入探讨这个主题,详细解析相关的知识...
3.ansible的常用模块和playbook和role-全-文档(cent7.x)详细课件笔记总结
05-25
适合人群: 运维工程师、自动化运维、对ansibleansible-playbook和role角色...5.ansible使用-playbook剧本+roles角色模式-案例实战 本课程笔记注意: 本课程笔记,笔记文档和相关需要的软件包,都统一压缩在压缩包里
AnsiblePlaybook实例
weixin_34409822的博客
07-06 157
Learn to build Ansible playbooks with our guide, one step at a time In our previous posts, we introduced Ansible fundamentals, and dove deeper into Ansible playbooks. Now let’s learn to create an Ansi...
Ansible详解(十四)——Ansible Role实战
永远是少年
03-18 1598
今天继续给大家介绍Linux运维相关知识,本文主要内容是Ansible中的Role配置实战。 一、实战目的和思路 二、Role准备 三、Playbook编写
运维自动化之----ansible的高级用法role的实战案例(9)
Laiyunpeng666的博客
08-21 452
5.5.2 案例2,实现nginx角色 —————————————— 创建目录 [root@hdss7-11 ~]# cd /data/ansible/ [root@hdss7-11 ansible]# mkdir -pv roles/nginx/{tasks,handlers,template,vars} mkdir: 已创建目录 "roles/nginx" mkdir: 已创建目录 "roles/nginx/tasks" mkdir: 已创建目录 "roles/nginx/handlers"
ansible(三)例子:playbook+roles部署zabbix
c13891506947的博客
11-23 180
ansible(三)例子:playbook+roles部署zabbix
ansible playbook roles
04-11
ansible playbook roles是指在ansible playbook中定义的角色,用于将任务和配置从主播放机分离开来,以便更好地组织和维护代码。这样可以将复杂的部署流程和配置拆分为更小的块,并使代码更易于重用和测试。每个角色通常包括一个或多个任务,以及相关的变量、模板、文件等。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值