目录
2.新建一个playbook,/home/devops/ansible/internet.yml
一.yaml语法格式
1.定义:
yaml是类似于xml,json的标记性语言,强调以数据为中心,ansible的playbook的编写主要遵守yaml语法格式
2.yaml支持几种数据类型
(1)纯量:
一个简单的值,字符串、布尔值、整型数,浮点型数,时间(yyyy-MM-dd格式)等
(2)对象
键值对集合,字典
#推荐第一种形式,以"键: 值"表示键值对
a:
age: 20
address: sichuan
#第二种形式逐渐减少使用
a: {age: 20,address: sichuan}
(3)数组
一组按次序排列值,序列/列表
#推荐第一种形式,以多个"-"表示列表
name:
- a
- b
#第二种形式逐渐减少使用
address: [a,b]
3.playbook-yaml书写的注意事项
(1)在":"后需要加一个空格
(2)同一级别的元素应该有相同的缩进量,子元素的缩进量要大于父元素缩进量
--- #playbook开头以"---"标记
- name: create file #最开头的name表示对整个yaml任务的描述
hosts: servera #对哪些受管节点执行
tasks: #要执行的任务,tasks,hosts属于同级元素,书写相同缩进量
- name: ...... #该任务的描述,此处name属于tasks的子元素,缩进量应多于tasks的缩进量
file:
#执行任务用到的模块,在使用模块时推荐参照"ansible-doc 模块名"结果中的EXAMPLES例子进行书写
name:...... #,模块用到的其他选项等
......
(3)yaml的缩进建议两个空格,尽量不使用tab键,如果使用tab键可以更改tab的空格量设置,指定针对yaml文件类型生效,缩进量为2
[student@workstation ~]$ vim ~/.vimrc
autocmd FileType yaml setlocal ai ts=2 sw=2 et
(4)有多行字符串内容时,可以使用"|"或">"来表示换行
二.playbook编写和运行
1.单个简单playbook示例
参照"ansible-doc yum"的EXAMPLES编写
[student@workstation ~]$ cat httpd.yaml
--- #开头标识
- name: install http #描述
hosts: webservers #对webservers组内主机执行
tasks: #需要执行的任务
- name: install
yum: #使用yum模块
name: httpd #包名
state: present #操作为present安装
(1)进行语法检查
语法检查不算绝对精准,错误一般存在报错点附近,且部分单词拼写错误不会进行检查
[student@workstation ~]$ ansible-playbook httpd.yaml --syntax-check
playbook: httpd.yaml
(2)执行playbook
[student@workstation ~]$ ansible-playbook httpd.yaml
#执行成功
PLAY [install http] *********************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************
ok: [servera]
ok: [serverb]
TASK [install] **************************************************************************************************************************************************************************
ok: [serverb]
ok: [servera]
PLAY RECAP ******************************************************************************************************************************************************************************
servera : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[student@workstation ~]$ ansible-playbook httpd.yaml -C
#执行空运行检查模式,不会对受管节点的配置实际更改
(3)通过添加参数输出playbook执行后详细信息
[student@workstation ~]$ ansible-playbook httpd.yaml -v/-vv/-vvv/-vvvvv
参数 | 功能 |
---|---|
-v | 显示任务结果 |
-vv | 显示任务结果和配置 |
-vvv | 显示受管主机连接信息等 |
-vvvv | 更加详细显示连接插件、执行脚本用户和脚本等信息 |
2.多playbook示例
---
- name: install php mariadb
hosts: servera
tasks:
- name: install them
yum:
name: "{{packages}}" #引用变量
vars: #创建packages变量,列表中值为php和mariadb
packages:
- php
- mariadb
- name: install development tools
hosts: serverb
tasks:
- name: install them
yum:
name: "@Development tools" #参照EXAMPLES写法安装扩展包
state: present
- name: update all #更新所有包
hosts: webservers
tasks:
- name: update them
yum:
name: '*'
state: latest
三.练习
1.安装软件
创建一个名为/home/devops/ansible/packages.yml的剧本
在dev, prod 和 test 主机组中安装 php 和 mariadb 软件包
在dev 主机组中安装 Development Tools 包组
升级dev主机组中主机的所有软件包
---
- name: install php mariadb
hosts: dev,prod,test
tasks:
- yum:
name: "{{ packages }}"
vars:
packages:
- php
- mariadb
- name: install Development Tools
hosts: dev
tasks:
- name: install
yum:
name: "@Development tools"
state: present
- name: remote
yum:
name: '*'
state: latest
[devops@workstation ansible]$ ansible-playbook packages.yml --syntax-check
playbook: packages.yml
[devops@workstation ansible]$ ansible-playbook packages.yml
PLAY [install php mariadb] *************************************************************
TASK [Gathering Facts] *****************************************************************
ok: [serverd]
ok: [serverc]
ok: [serverb]
ok: [servera]
TASK [yum] *****************************************************************************
changed: [servera]
changed: [serverc]
changed: [serverb]
changed: [serverd]
PLAY [install Development Tools] *******************************************************
TASK [Gathering Facts] *****************************************************************
ok: [servera]
TASK [install] *************************************************************************
changed: [servera]
TASK [remote] **************************************************************************
ok: [servera]
PLAY RECAP *****************************************************************************
servera : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverc : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverd : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[devops@workstation ansible]$ ansible dev -m shell -a 'rpm -qa | grep php'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If
you need to use command because yum, dnf or zypper is insufficient you can add 'warn:
false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
servera | CHANGED | rc=0 >>
php-common-7.2.11-1.module+el8+2561+1aca3413.x86_64
php-fpm-7.2.11-1.module+el8+2561+1aca3413.x86_64
php-7.2.11-1.module+el8+2561+1aca3413.x86_64
php-cli-7.2.11-1.module+el8+2561+1aca3413.x86_64
[devops@workstation ansible]$ ansible dev -m shell -a 'rpm -qa | grep mariadb'
[WARNING]: Consider using the yum, dnf or zypper module rather than running 'rpm'. If
you need to use command because yum, dnf or zypper is insufficient you can add 'warn:
false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid
of this message.
servera | CHANGED | rc=0 >>
mariadb-connector-c-config-3.0.7-1.el8.noarch
mariadb-connector-c-3.0.7-1.el8.x86_64
mariadb-10.3.11-1.module+el8+2765+cfa4f87b.x86_64
mariadb-common-10.3.11-1.module+el8+2765+cfa4f87b.x86_64
2.新建一个playbook,/home/devops/ansible/internet.yml
(1)第一个剧本名为Enable internet services,受管主机为serverb
安装软件firewalld、httpd、mariadb-server、php和php-mysqlnd的最新版。
确保服务firewalld服务处于enabled和running状态,并允许访问httpd服务。
确保httpd和Mariadb服务处于enabled和running状态。
web主页index.php内容为
"<?php
echo "Hello Ansible!";
?>"
(2)第二个剧本名为 Test internet web server
利用url模块从控制节点测试serverb上运行web服务,检查返回状态代码200.
验证internet.yml playbook的语法。
使用ansible-playbook 运行剧本。
[devops@workstation ansible]$ sudo vim internet.yml
- name: Enable internet services
hosts: serverb
become: yes
tasks:
- name: install firewalld httpd mariadb-server php php-mysqlnd
yum:
name:
- firewalld
- httpd
- mariadb-server
- php
- php-mysqlnd
state: latest
- name: firewall running
firewalld:
service: http
state: enabled
permanent: true
immediate: yes
- name: httpd running
service:
name: httpd
enabled: true
state: started
- name: mariadb running
service:
name: mariadb
enabled: true
state: started
- name: index.php
copy:
src: /home/devops/ansible/index.php
dest: /var/www/html/index.html
- name: Test internet web server
hosts: localhost
tasks:
- name: check server
uri:
url: http://serverb.lab.example.com
return_content: yes
status_code: 200
[devops@workstation ansible]$ ansible-playbook internet.yml --syntax-check
playbook: internet.yml
[devops@workstation ansible]$ cat index.php
<?php
echo "Hello Ansible!";
?>
[devops@workstation ansible]$ ansible-playbook internet.yml -v
Using /home/devops/ansible/ansible.cfg as config file
PLAY [Enable internet services] ********************************************************
TASK [Gathering Facts] *****************************************************************
ok: [serverb]
TASK [install firewalld httpd mariadb-server php php-mysqlnd] **************************
ok: [serverb]
TASK [firewall running] ****************************************************************
ok: [serverb]
TASK [httpd running] *******************************************************************
ok: [serverb]
TASK [mariadb running] *****************************************************************
ok: [serverb]
TASK [index.php] ***********************************************************************
ok: [serverb]
PLAY [Test internet web server] ********************************************************
TASK [Gathering Facts] *****************************************************************
ok: [serverb]
TASK [check server] ********************************************************************
ok: [localhost] => {"accept_ranges": "bytes", "changed": false, "connection": "close", "content": "Hello Ansible!\n", "content_length": "15", "content_type": "text/html; charset=UTF-8", "cookies": {}, "cookies_string": "", "date": "Tue, 20 Jun 2023 01:35:27 GMT", "elapsed": 0, "etag": "\"f-5fe84ac875d1a\"", "last_modified": "Tue, 20 Jun 2023 00:24:27 GMT", "msg": "OK (15 bytes)", "redirected": false, "server": "Apache/2.4.37 (Red Hat Enterprise Linux)", "status": 200, "url": "http://serverb.lab.example.com"}
PLAY RECAP *****************************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
serverb : ok=6 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[devops@workstation ansible]$ curl serverb
Hello Ansible!