Linux System Environment
[root@ansible ~]# cat /etc/redhat-release #==》系统版本
CentOS Linux release 7.5.1804 (Core)
[root@ansible ~]# uname –r #==》系统内核
3.10.0-862.el7.x86_64
[root@ansible ~]# uname -m #==》系统位数
x86_64
[root@ansible ~]# echo $LANG #==》系统字符集
en_US.UTF-8
[root@ansible ~]# ssh –V #==》SSH版本
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
[root@master ~]# ansible –version #==》Ansible版本
ansible 2.4.2.0
[root@master ~]# python –version #==》Python版本
Python 2.7.5
Ansible Playbook简介
Playbook翻译是剧本的意思,Playbook是Ansible的配置、部署和编制语言。可以用于管理远程主机配置和部署,Playbook通常使用YAML语法格式编写,编写的文件格式建议使用yaml或yml。
Ansible Playbook优势
1、功能比ansible命令行更强大.
2、能控制先后执行顺序及依赖关系.
3、语法格式清晰.
4、ansible命令行有局限性,playbook可以解决ansible命令行局限性问题.
Ansible Playbook语法格式
语法格式注意事项:
1、注意缩进,两个空格表示一个缩进且为一个层级关系
2、不要使用Tab键
3、所有冒号后面都要加上一个空格
4、短横杆-构成列表停放上,后要加有一个空格
5、hosts/vars/remote_user/tasks有先后顺序之分,remote_user如果放在tasks后面就报错
- hosts: webservers #==》主机组
vars: #==》定义变量
http_port: 80
max_clients: 200
remote_user: root #==》远程主机以root用户身份执行,默认root
tasks: #==》任务
- name: 01-yum install nginx #==》描述
yum: #==》使用yum模块
name: nginx
state: latest
Ansible-playbook命令参数
1、-C #==》检查playbook语法
2、--syntax-check #==》模拟运行playbook运行,但不会在远程主机执行
3、-t #==》指定运行playbook的标签任务
4、--list-tasks #==》列表显示playbook的所有标签任务
5、--start-at-task=TAGS #==》指定playbook从哪个标签任务开始执行,一直到结束
6、--skip-tags=SKIP_TAGS #==》指定playbook要跳过不执行的标签任务
7、--list-hosts #==》列表显示playbook的所有主机清单
Ansible 配置文件
/etc/ansible/ansible.cfg #==》Ansible配置文件
/etc/ansible/hosts #==》Ansible主机清单配置文件
/etc/ansible/playbook #==》个人创建的目录,用于存放playbook剧本文件
一、NFS 剧本
标注:剧本的文件格式要以yml或yaml,这样才可以正常查看yaml的语法格式
主机规则
主机IP地址 主机名 备注
10.0.0.7 ansible ansible服务端
10.0.0.31 NFSserver NFS服务端
10.0.0.32 NFSclient NFS客户端
Playbook剧本安全执行三步骤
#==》检查剧本语法
[root@ansible ~]# ansible-playbook --syntax-check /etc/ansible/playbook/nfs_server.yml
#==》模拟执行剧本
[root@ansible ~]# ansible-playbook -C /etc/ansible/playbook/nfs_server.yml
#==》执行剧本
[root@ansible ~]# ansible-playbook /etc/ansible/playbook/nfs_server.yml
1、NFS服务 playbook剧本
[root@ansible ~]# cat /etc/ansible/hosts
[nfs_server]
10.0.0.31
[nfs_client]
10.0.0.32
[root@ansible ~]# cat /etc/exports
/data 10.0.0.0/24(rw,sync)
[root@ansible ~]# mkdir -p /etc/ansible/playbook
[root@ansible ~]# vim /etc/ansible/playbook/nfs_server.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-delete old yum file
shell: "{{ item }}"
loop:
- find /etc/yum.repos.d/ -name "CentOS-Base.repo" | xargs rm -f
- find /etc/yum.repos.d/ -name "epel.repo" | xargs rm -f
- name: 02-configure aliyun yum source
get_url:
url: "{{ item.url }}"
dest: "{{ item.dest }}"
loop:
- { url: 'http://mirrors.aliyun.com/repo/Centos-7.repo', dest: '/etc/yum.repos.d/CentOS-Base.repo' }
- { url: 'http://mirrors.aliyun.com/repo/epel-7.repo', dest: '/etc/yum.repos.d/epel.repo' }
- name: 03-yum install nfs
yum:
name: nfs-utils
state: latest
- name: 04-mkdir data directory
file:
path: /data/
state: directory
owner: nfsnobody
group: nfsnobody
- name: 05-copy nfs configure /ect/exports
copy:
src: /etc/exports
dest: /etc/
- name: 06-start rpcbind nfs
service:
name: "{{ item }}"
state: started
loop:
- rpcbind
- nfs
- name: 07-enable nfs rpcbind
systemd:
name: "{{ item }}"
enabled: yes
loop:
- rpcbind
- nfs
- name: 08-check nfs
shell: "showmount -e 10.0.0.31"
2、NFS客户端 playbook剧本
[root@ansible ~]# vim /etc/ansible/playbook/nfs_client.yml
- hosts: nfs_client
remote_user: root
tasks:
- name: 01-delete old yum file
shell: "{{ item }}"
loop:
- find /etc/yum.repos.d/ -name "CentOS-Base.repo" | xargs rm -f
- find /etc/yum.repos.d/ -name "epel.repo" | xargs rm -f
- name: 02-configure aliyun yum source
get_url:
url: "{{ item.url }}"
dest: "{{ item.dest }}"
loop:
- { url: 'http://mirrors.aliyun.com/repo/Centos-7.repo', dest: '/etc/yum.repos.d/CentOS-Base.repo' }
- { url: 'http://mirrors.aliyun.com/repo/epel-7.repo', dest: '/etc/yum.repos.d/epel.repo' }
- name: 03-yum install rpcbind
yum:
name: nfs-utils
state: latest
- name: 04-mkdir data directory
file:
path: /data
state: directory
owner: nfsnobody
group: nfsnobody
- name: 05-start rpcbind
service:
name: rpcbind
state: started
- name: 06-enable rpcbind
systemd:
name: rpcbind
enabled: yes
- name: 07-mount /backup
mount:
path: /data
src: 10.0.0.31:/data
fstype: nfs
opts: defaults
state: mounted
二、Playbook剧本高级功能
标注:上述NFS剧本已经体现出强于ansible命令行的高级功能,例如参数直观,方便修改,一条语句循环执行,不必重复写ansible命令行等。以下将讲解剧本常用的高级功能。
1、循环
标注:Ansible官网说明:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
#==》创建多个文件,如果目录不存在会报错
[root@ansible ~]# vim /etc/ansible/playbook/create_file.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-create multi file
file:
path: "/tmp/{{ item }}"
state: touch
loop:
- test01.txt
- test02.txt
#==》启动sshd和crond服务
[root@ansible ~]# vim /etc/ansible/playbook/start_server.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-start sshd crond
service:
name: "{{ item }}"
state: started
loop:
- sshd
- crond
2、变量
标注:Ansible官网说明:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
#==》定义一个变量,复制一份网卡信息到/tmp目录下
[root@ansible ~]# vim /etc/ansible/playbook/cat_eth0.yml
- hosts: nfs_server
remote_user: root
vars:
eth0_path: /etc/sysconfig/network-scripts/ifcfg-eth0
tasks:
- name: 01_print ifcfg-eth0 configure information
shell: cat "{{ eth0_path }}" > /tmp/ip.txt
#==》使用变量获取主机eth0地址
[root@ansible ~]# vim /etc/ansible/playbook/print_eth0.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-print eth0 ip address
shell: "echo {{ ansible_facts.eth1.ipv4.address }} > /tmp/ip.txt"
2、注册变量
标注:Ansible官网说明:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
#==》打印eth0网卡所有信息
[root@ansible ~]# vim /etc/ansible/playbook/print_eth0.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-print eth0 ip address
shell: ip a s eth0
register: print_ip
- name: 02-print output eth0 ip address
debug:
msg: "{{ print_ip }}"
#==》打印eth0网卡指定多个信息
[root@ansible ~]# vim /etc/ansible/playbook/print_eth0.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-print eth0 ip address
shell: ip a s eth0
register: print_ip
- name: 02-print output eth0 ip address
debug:
msg: "{{ item }}"
loop:
- "{{ print_ip.stdout_lines }}"
- "{{ print_ip.cmd }}"
3、服务管理
标注:Ansible官网说明:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html?highlight=handlers#handlers-running-operations-on-change
[root@ansible ~]# vim /etc/ansible/playbook/handlers.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-if nfs configure changed,then restart nfs service
copy:
src: /etc/exports
dest: /etc/
notify: restart_nfs_server
handlers:
- name: restart_nfs_server
service:
name: nfs
state: restarted
4、标签
标注:Ansible官网说明:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_tags.html
[root@ansible ~]# vim /etc/ansible/playbook/tags.yml
- hosts: nfs_server
remote_user: root
tasks:
- name: 01-yum install tree
yum:
name: tree
state: latest
tags:
- 01-yum tree
- name: 02-yum install bash-completion
yum:
name: bash-completion
state: latest
tags:
- 02-yum bash-completion
#==》查检语法
ansible-playbook --syntax-check /etc/ansible/playbook/tags.yml
#==》模拟执行
ansible-playbook -C /etc/ansible/playbook/tags.yml
#==》列表显示tags标签信息
ansible-playbook --list-tasks /etc/ansible/playbook/tags.yml
ansible-playbook --list-tag /etc/ansible/playbook/tags.yml
#==》查看剧本执行的主机对象
[root@ansible ~]# ansible-playbook --list-host /etc/ansible/playbook/tags.yml
#==》指定运行某个标签
ansible-playbook -t '01-yum tree' /etc/ansible/playbook/tags.yml
#==》指定运行多个标签,以逗号隔开,标签信息包含空格或特殊字符需使用引号
ansible-playbook -t '01-yum tree','02-yum bash-completion' /etc/ansible/playbook/tags.yml
#==》跳过指定的标签
ansible-playbook --skip-tags='01-yum tree' /etc/ansible/playbook/tags.yml
网友评论