1.创建httpd的角色
1.1检查目标主机有没有apache用户
[root@c7-47 ~]# ansible all -m shell -a 'getent passwd apache'
[root@c7-47 ~]# ansible all -m shell -a 'yum -y remove httpd'
[root@c7-47 ~]# ansible all -m user -a 'name=apache state=absent'
1.2httpd角色树状图
[root@c7-47 ansible]# pwd
/root/ansible
[root@c7-47 ansible]# ls
httpd_role.yml roles #playbook剧本应该和roles目录平行
[root@c7-47 ansible]# tree
.
├── httpd_role.yml #playbook文件
└── roles #角色目录
├── httpd #httpd的角色目录 playbook调用它
│ ├── files
│ │ └── httpd.conf
│ └── tasks
│ ├── copy.yml
│ ├── main.yml
│ └── user.yml
[root@c7-47 ansible]# cat roles/httpd/tasks/main.yml #定义任务使用的顺序
- include: user.yml
- include: copy.yml
[root@c7-47 ansible]# cat roles/httpd/tasks/copy.yml
- name: copy files
copy: src=httpd.conf dest=/data/ owner=apache
[root@c7-47 ansible]# cat roles/httpd/tasks/user.yml
- name: create user
user: name=apache system=yes shell=/sbin/nologin
1.3执行
[root@c7-47 ansible]# ansible-playbook -C httpd_role.yml
[root@c7-47 ansible]# ansible-playbook httpd_role.yml
[root@c7-47 httpd]# ansible all -m shell -a 'ls /data'
[root@c7-47 httpd]# ansible all -m shell -a 'getent passwd apache'
2.调用多个角色
[root@c7-47 ansible]# tree .
.
├── httpd_role.yml
├── nginx_roles.yml
├── roles
│ ├── httpd
│ │ ├── files
│ │ │ └── httpd.conf
│ │ └── tasks
│ │ ├── copy.yml
│ │ ├── main.yml
│ │ └── user.yml
│ ├── memcache
│ ├── mysql
│ └── nginx
│ ├── tasks
│ │ ├── group.yml
│ │ ├── main.yml
│ │ ├── restart.yml
│ │ ├── start.yml
│ │ ├── template.yml
│ │ ├── user.yml
│ │ └── yum.yml
│ └── templates
│ └── nginx.conf.j2
└── some_roles.yml
[root@c7-47 ansible]# cat some_roles.yml
- hosts: webserver
remote_user: root
roles:
- role: httpd #调用两个模块
- role: nginx
[root@c7-47 ansible]# ansible-playbook some_roles.yml
3.引用另外角色的任务
[root@c7-47 ansible]# cat roles/nginx/tasks/main.yml
- include: group.yml
- include: user.yml
- include: yum.yml
- include: template.yml
- include: start.yml
- include: roles/httpd/tasks/copy.yml #使用其它任务角色时 要加路径
#调用的相对应模块也要写绝对路径
[root@c7-47 ansible]# cat roles/httpd/tasks/copy.yml
- name: copy files
copy: src=/etc/httpd/conf/httpd.conf dest=/data/ owner=apache
4.根据标签执行任务
[root@c7-47 ansible]# cat some_roles.yml
- hosts: webserver
remote_user: root
roles:
- { role: httpd,tags: ['web','httpd']}
- { role: nginx,tags: ['web','nginx']}
- { role: app,tags: 'app' }
[root@c7-47 ansible]# ansible-playbook -t web some_roles.yml
#-t 选择相对应的标签
5.添加条件判断
[root@c7-47 ansible]# cat some_role.yml
- hosts: all
remote_user: root
roles:
- { role: httpd, tags: ['web','httpd'] }
- { role: nginx, tags: ['web','nginx'],when: ansible_distribution_major_version == "7" }
- { role: app, tags: "app" }
综合实践
[root@c7-47 ansible]# tree
.
├── app_role.yml
├── roles
│ ├── app
│ │ ├── files
│ │ │ └── vhosts.conf
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── copy.yml
│ │ │ ├── group.yml
│ │ │ ├── main.yml
│ │ │ ├── start.yml
│ │ │ ├── template.yml
│ │ │ ├── user.yml
│ │ │ └── yum.yml
│ │ ├── templates
│ │ │ └── httpd.conf.j2
│ │ └── vars
│ │ └── main.yml
[root@c7-47 ansible]# cat app_role.yml
- hosts: webserver
remote_user: root
roles:
- app
[root@c7-47 ansible]# cat roles/app/handlers/main.yml
- name: restart service
service: name=httpd state=restarted
[root@c7-47 ansible]# cat roles/app/tasks/copy.yml
- name: copy config
copy: src=vhosts.conf dest=/etc/httpd/conf.d/ owner=app
[root@c7-47 ansible]# cat roles/app/tasks/group.yml
- name: create group
group: name=app system=yes gid=123
[root@c7-47 ansible]# cat roles/app/tasks/main.yml
- include: group.yml
- include: user.yml
- include: yum.yml
- include: template.yml
- include: copy.yml
- include: start.yml
[root@c7-47 ansible]# cat roles/app/tasks/start.yml
- name: start service
service: name=httpd state=started enabled=yes
[root@c7-47 ansible]# cat roles/app/tasks/template.yml
- name: copy conf
template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
notify: restart service
[root@c7-47 ansible]# cat roles/app/tasks/user.yml
- name: create user
user: name=app group=app system=yes shell=/sbin/nologin uid=123
[root@c7-47 ansible]# cat roles/app/tasks/yum.yml
- name: install packages
yum: name=httpd
[root@c7-47 ansible]# cat roles/app/vars/main.yml
username: app
groupname: app
- 验证
[root@c7-47 ansible]# ansible webserver -m shell -a 'ss -ntlp'
[root@c7-47 ansible]# ansible webserver -m shell -a 'getent passwd app'
[root@c7-47 ansible]# ansible webserver -m shell -a 'ps aux | grep app'
[root@c7-47 ansible]# ansible webserver -m shell -a 'ls /etc/httpd/conf.d'
根据服务器内存安装软件
[root@c7-47 ansible]# pwd
/root/ansible
[root@c7-47 ansible]# tree
.
├── memcache_role.yml
├── roles
│ ├── memcached
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── main.yml
│ │ │ ├── start.yml
│ │ │ ├── template.yml
│ │ │ └── yum.yml
│ │ └── templates
│ │ └── memcached.j2
[root@c7-47 ansible]# cat memcache_role.yml
- hosts: webserver
remote_user: root
roles:
- memcached
[root@c7-47 ansible]# cat roles/memcached/handlers/main.yml
- name: restart service
service: name=memcached state=restarted
[root@c7-47 ansible]# cat roles/memcached/tasks/main.yml
- include: yum.yml
- include: template.yml
- include: start.yml
[root@c7-47 ansible]# cat roles/memcached/tasks/start.yml
- name: start service
service: name=memcached state=started enabled=yes
[root@c7-47 ansible]# cat roles/memcached/tasks/template.yml
- name: copy conf
template: src=memcached.j2 dest=/etc/sysconfig/memcached
notify: restart service
[root@c7-47 ansible]# cat roles/memcached/tasks/yum.yml
- name: install packages
yum: name=memcached
[root@c7-47 ansible]# cat roles/memcached/templates/memcached.j2
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="{{ ansible_memtotal_mb//4 }}"
OPTIONS=""
验证
[root@c7-47 ansible]# ansible webserver -m shell -a 'ss -ntlp' #判断服务是否启动
[root@c7-47 ansible]# ansible webserver -m shell -a 'cat /etc/sysconfig/memcached' #查看文件 是否生效
1471
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
