学习b记 · 第二阶段
十五、Ansible_ playbook
1、什么是PlayBook
play: 定义的是主机的角色。
task: 定义的是具体执行的任务。
playbook: 由一个或多个play(角色)组成,一个play(角色)可以包含多个task。
简单理解为: 使用不同的模块完成一件事情
2、PlayBook与ad-hoc
1)PlayBook功能比ad-hoc更全,是对ad-hoc的一种编排.
2)PlayBook能很好的控制先后执行顺序, 以及依赖关系.
3)PlayBook语法展现更加的直观.
4)playbook可以持久使用,ad-hoc无法持久使用.
3、YAML语法
语法 描述
缩进 YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用TAB
冒号 以冒号结尾的除外,其他所有冒号后面所有必须有空格
短横线 表示列表项,使用一个短横杠加一个空格,多个项使用同样的缩进级别作为同一列表
yum:
name: vsftpd
state: present
yum:
name:
- httpd
- nginx
- php-fpm
state: present
·环境
主机名 wanIP lanIP 角色
m01 192.168.17.235 172.16.1.212 Ansible控制端
web01 192.168.17.224 172.16.1.202 Ansible被控端
web02 192.168.17.230 172.16.1.204 Ansible被控端
nfs 192.168.17.225 172.16.1.203 Ansible被控端
rsync 192.168.17.223 172.16.1.200 Ansible被控端
·主机清单
[web01]
172.16.1.202
[nfs]
172.16.1.203
[rsync]
172.16.1.200
[webs]
172.16.1.204
172.16.1.202
1、nginx.yml
- name: nginx
hosts: web01
tasks:
- name: Add nginx repository
yum_repository:
name: nginx.repo
description: nginx repo
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
enabled: yes
gpgcheck: no
- name: Install Nginx
yum:
name: nginx
state: present
- name: Create www group
group:
name: www
gid: 666
state: present
- name: Create www user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: configure nginx
copy:
src: nginx.conf
dest: /etc/nginx.conf
- name: content hmtl
copy:
content: web02......
dest: /usr/share/nginx/html/index.html
- name: start nginx
systemd:
name: nginx
state: started
2、nfs.yml
- hosts: nfs
tasks:
- name: Install Nfs
yum:
name: nfs-utils
state: present
- name: Create group
group:
name: www
gid: 666
- name: Create user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: Create dir
file:
path: /data
owner: www
group: www
state: directory
- name: Configure Nfs
copy:
content: '/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)'
dest: /etc/exports
- name: Start service
systemd:
name: nfs
state: started
3、rsync.yml
- hosts: rsync
tasks:
- name:
yum:
name: rsync
state: present
- name: Create group
group:
name: www
gid: 666
- name: Create User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: Configure rsync
copy:
src: rsyncd.conf
dest: /etc/rsyncd.conf
- name: Create Passwd
copy:
src: rsync.pass
dest: /etc/rsync.pass
mode: 0600
- name: Create directory
file:
path: /backup
owner: www
group: www
state: directory
- name: Start service
systemd:
name: rsyncd
state: restarted
4、php.yml
- hosts: webs
tasks:
- name: Create dir
file:
path: /tools
state: directory
- name: Copy tar
copy:
src: php71.tar.gz
dest: /tools
- name: Jie Ya
unarchive:
src: php71.tar.gz
dest: /tools
- name: Yum PHP
yum:
name:
- /tools/autoconf-2.69-11.el7.noarch.rpm
- /tools/automake-1.13.4-3.el7.noarch.rpm
- /tools/libevent-2.0.21-4.el7.x86_64.rpm
- /tools/libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
- /tools/libmcrypt-2.5.8-13.el7.x86_64.rpm
- /tools/libmemcached-1.0.16-5.el7.x86_64.rpm
- /tools/libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm
- /tools/libX11-1.6.7-3.el7_9.x86_64.rpm
- /tools/libX11-common-1.6.7-3.el7_9.noarch.rpm
- /tools/libXau-1.0.8-2.1.el7.x86_64.rpm
- /tools/libxcb-1.13-1.el7.x86_64.rpm
- /tools/libXpm-3.5.12-1.el7.x86_64.rpm
- /tools/libxslt-1.1.28-6.el7.x86_64.rpm
- /tools/mod_php71w-7.1.33-1.w7.x86_64.rpm
- /tools/pcre-devel-8.32-17.el7.x86_64.rpm
- /tools/perl-Data-Dumper-2.145-3.el7.x86_64.rpm
- /tools/perl-Test-Harness-3.28-3.el7.noarch.rpm
- /tools/perl-Thread-Queue-3.02-2.el7.noarch.rpm
- /tools/php71w-cli-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-common-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-devel-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-embedded-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-fpm-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-gd-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-mbstring-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-mcrypt-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-mysqlnd-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-opcache-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-pdo-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-pear-1.10.4-1.w7.noarch.rpm
- /tools/php71w-pecl-igbinary-2.0.5-1.w7.x86_64.rpm
- /tools/php71w-pecl-memcached-3.0.4-1.w7.x86_64.rpm
- /tools/php71w-pecl-mongodb-1.5.3-1.w7.x86_64.rpm
- /tools/php71w-pecl-redis-3.1.6-1.w7.x86_64.rpm
- /tools/php71w-process-7.1.33-1.w7.x86_64.rpm
- /tools/php71w-xml-7.1.33-1.w7.x86_64.rpm
1、变量概述
变量提供了便捷的方式来管理Ansible playbook的每一个项目中的动态值,比如nginx-1.6.3这个软件包的版本,在其它地方或许会反复使用,那么如果讲此值设置为变量,然后再在其他的playbook中调用,会方便许多。如此一来还方便维护,减少维护的成本。
2、定义变量的方式
1)通过命令行进行变量定义
2)在play文件中进行变量定义
3)通过Inventory主机信息文件中进行变量定义
1、playbook中vars定义变量
playbook变量可以通过多种方式进行定义,最简单的方式就是在playbook的开头通过vars进行定义。
- hosts: web_group
vars:
packages:
- httpd
- mariadb-server
- php
- php-mysql
- php-pdo
tasks:
- name: Install httpd mariadb php Server
yum:
name: "{{ packages }}"
- hosts: web_group
vars:
- web_server: httpd
- db_server: mariadb-server
- php_server: php,php-mysql,php-pdo
tasks:
- name: Install httpd mariadb php Server
yum:
name:
- "{{ web_server }}"
- "{{ db_server }}"
- "{{ php_server }}"
[root@m01 ~]
- hosts: web01
vars:
- ngx_ver: 1.1
- ngx_dir: web
tasks:
- name: touch
file:
path: /tmp/{{ ngx_dir }}_{{ ngx_ver }}
state: touch
2、使用vars_file定义变量
刚才我们学到在playbook中使用vars定义变量,有一个缺陷,就是其他的playbook无法使用该变量。所以我们可以采取第二种定义变量的方式,在vars_file中定义变量。
[root@m01 ~]
web_server: httpd
[root@m01 ~]
db_server: mariadb-server
- hosts: web_group
vars_files: ./vars1.yml
tasks:
- name: Install httpd mariadb php Server
yum:
name: "{{ web_server }}"
[root@m01 ~]
web_server: httpd
[root@m01 ~]
db_server: mariadb-server
- hosts: web_group
vars_file:
- ./vars1.yml
- ./vars2.yml
- name: Install httpd mariadb php Server
yum:
name:
- "{{ web_server }}"
- "{{ db_server }}"
- hosts: web_group
vars:
- remote_ip: "{{ ansible_default_ipv4['address'] }}"
- remote_hostname: "{{ ansible_fqdn }}"
tasks:
- name: Touch IP File
file:
path: /root/{{ remote_ip }}
state: touch
- name: Touch Hostname File
file:
path: /root/{{ remote_hostname }}
state: touch
3、在Inventory中定义变量
注意:在Inventory中定义变量,主机的变量要高于主机组的变量,所以该方法不推荐使用,容易将环境弄乱。
[root@m01 ~]
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[web_group:vars]
web_server=httpd
index_file=index.html
- hosts: web_group
tasks:
- name: Install httpd Server
yum:
name: "{{ web_server }}"
- name: Create Index File
file:
path: /tmp/{{ index_file }}
state: touch
官方推荐变量定义
之前的几种变量定义都不是很好用,比较好用的是在Ansible项目目录下创建两个变量目录:
host_vars
group_vars
切记,目录名字一定要一致,不能做任何修改。
1.主机组定义变量
[root@m01 ~]
[root@m01 ~]
web_server: httpd
- hosts: web_group
tasks:
- name: Install httpd Server
yum:
name: "{{ web_server }}"
如果我想要所有组都能使用变量,该如何做?
2.主机定义变量
[root@m01 ~]
[root@m01 ~]
web_server: nginx
- hosts: web_group
tasks:
- name: Install httpd Server
yum:
name: "{{ web_server }}"
变量注册
1、为什么要学变量注册?
当absible的模块在运行之后,其实都会返回一些result结果,就像是执行脚本,我们有的时候需要脚本给我们一些return返回值,我们才知道,上一步是否可以执行成功,但是…默认情况下,ansible的result并不会显示出来,所以,我们可以把这些返回值’存储’到变量中,这样我们就能通过’调用’对应的变量名,从而获取到这些result,这种将模块的返回值,写入到变量中的方法被称为变量注册
2、vim register.yml
- hosts: web_group
tasks:
- name: Test Register Vars
shell: "ls -l /"
[root@m01 ~]
PLAY [web_group] *****************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************************************************************
ok: [web02]
ok: [web01]
TASK [Test Register Vars] ********************************************************************************************************************************************************************************************************************
changed: [web01]
changed: [web02]
PLAY RECAP ***********************************************************************************************************************************************************************************************************************************
web01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
web02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vim register.yml
- hosts: web_group
tasks:
- name: Test Register Vars
shell: "ls -l /"
register: list_dir
- name: Return Result
debug:
msg: "{{ list_dir }}"
[root@m01 ~]
[root@m01 ansible]
PLAY [web01] *********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [172.16.1.202]
TASK [Test Register Vars] ********************************************************************************************
changed: [172.16.1.202]
TASK [Return Result] *************************************************************************************************
ok: [172.16.1.202] => {
"msg": {
"changed": true,
"cmd": "ls -l /",
"delta": "0:00:00.055515",
"end": "2024-01-04 04:45:11.630762",
"failed": false,
"rc": 0,
"start": "2024-01-04 04:45:11.575247",
"stderr": "",
"stderr_lines": [],
"stdout": "total 20\nlrwxrwxrwx. 1 root root 7 Dec 1 03:52 bin -> usr/bin\ndr-xr-xr-x. 5 root root 4096 Nov 30 21:58 boot\ndrwxr-xr-x 20 root root 3240 Jan 4 03:32 dev\ndrwxr-xr-x. 92 root root 8192 Jan 4 03:32 etc\ndrwxr-xr-x. 3 root root 17 Dec 1 03:56 home\nlrwxrwxrwx. 1 root root 7 Dec 1 03:52 lib -> usr/lib\nlrwxrwxrwx. 1 root root 9 Dec 1 03:52 lib64 -> usr/lib64\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 media\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 mnt\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 opt\ndr-xr-xr-x 129 root root 0 Jan 4 03:31 proc\ndr-xr-x---. 4 root root 213 Jan 2 22:11 root\ndrwxr-xr-x 29 root root 880 Jan 4 03:32 run\nlrwxrwxrwx. 1 root root 8 Dec 1 03:52 sbin -> usr/sbin\ndrwxr-xr-x. 2 root root 6 Apr 11 2018 srv\ndr-xr-xr-x 13 root root 0 Jan 4 03:31 sys\ndrwxrwxrwt. 10 root root 245 Jan 4 04:45 tmp\ndrwxr-xr-x 2 root root 4096 Jan 3 06:25 tools\ndrwxr-xr-x. 13 root root 155 Dec 1 03:52 usr\ndrwxr-xr-x. 20 root root 278 Jan 3 06:26 var",
"stdout_lines": [
"total 20",
"lrwxrwxrwx. 1 root root 7 Dec 1 03:52 bin -> usr/bin",
"dr-xr-xr-x. 5 root root 4096 Nov 30 21:58 boot",
"drwxr-xr-x 20 root root 3240 Jan 4 03:32 dev",
"drwxr-xr-x. 92 root root 8192 Jan 4 03:32 etc",
"drwxr-xr-x. 3 root root 17 Dec 1 03:56 home",
"lrwxrwxrwx. 1 root root 7 Dec 1 03:52 lib -> usr/lib",
"lrwxrwxrwx. 1 root root 9 Dec 1 03:52 lib64 -> usr/lib64",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 media",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 opt",
"dr-xr-xr-x 129 root root 0 Jan 4 03:31 proc",
"dr-xr-x---. 4 root root 213 Jan 2 22:11 root",
"drwxr-xr-x 29 root root 880 Jan 4 03:32 run",
"lrwxrwxrwx. 1 root root 8 Dec 1 03:52 sbin -> usr/sbin",
"drwxr-xr-x. 2 root root 6 Apr 11 2018 srv",
"dr-xr-xr-x 13 root root 0 Jan 4 03:31 sys",
"drwxrwxrwt. 10 root root 245 Jan 4 04:45 tmp",
"drwxr-xr-x 2 root root 4096 Jan 3 06:25 tools",
"drwxr-xr-x. 13 root root 155 Dec 1 03:52 usr",
"drwxr-xr-x. 20 root root 278 Jan 3 06:26 var"
]
}
}
PLAY RECAP ***********************************************************************************************************
172.16.1.202 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
1、facts缓存
Ansible facts是在被管理主机上通过Ansible自动采集发现的变量。facts包含每台特定的主机信息。比如:被控端的主机名、IP地址、系统版本、CPU数量、内存状态、磁盘状态等等。
2、facts使用场景
1)通过facts缓存检查CPU,来生成对应的nginx配置文件
2)通过facts缓存检查主机名,生成不同的zabbix配置文件
3)通过facts缓存检索物理机的内存大小来生成不同的mysql配置文件
综上所述的Ansible facts类似于saltstack中的grains对于做自动化的小伙伴是非常有用滴。
3、vim fact.yml
- hosts: web01
tasks:
- name: Get Host Info
debug:
msg: >
Hostname "{{ ansible_fqdn }}" and IP "{{ ansible_default_ipv4.address }}"
[root@m01 ansible]
PLAY [web01] *********************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************
ok: [172.16.1.202]
TASK [Get Host Info] *************************************************************************************************
ok: [172.16.1.202] => {
"msg": "Hostname \"web01\" and IP \"192.168.17.224\"\n"
}
PLAY RECAP ***********************************************************************************************************
172.16.1.202 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
4、
扫一扫
1149
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
