[cloud-user@awx-60 ~]$ cat ansible.cfg
[defaults]
stdout_callback = yaml
connection = smart
timeout = 60
deprecation_warnings = False
host_key_checking = False
retry_files_enabled = False
inventory = /home/cloud-user/hosts
[cloud-user@awx-60 ~]$ cat hosts
[all:vars]
ansible_user=cloud-user
ansible_ssh_pass=password
ansible_port=22
[web]
node1 ansible_host=10.0.14.43
node2 ansible_host=10.0.14.44
node3 ansible_host=10.0.14.45
[control]
ansible ansible_host=10.0.14.42
AD Hoc Commands
查找帮助
ansible-doc -l
ansible-doc -l |grep -i user
ansible-doc user
AD-HOC
ansible node1 -m command -a "id"
ansible all -m command -a 'uname -r'
ansible all -m command -a 'uname -r' -o
COPY module
# -b 开启 sudo
ansible node1 -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -b
ansible node1 -m command -a 'cat /etc/motd'
YUM module
ansible node1 -m yum -a 'name=squid state=latest' -b
Playbook
创建 apache.yml 如下:
---
- name: Apache server installed
hosts: web
become: yes
tasks:
- name: latest Apache version installed
yum:
name: httpd
state: latest
- name: Apache enabled and running
service:
name: httpd
enabled: true
state: started
- name: copy web.html
copy:
src: web.html
dest: /var/www/html/index.html
检查语法
ansible-playbook --syntax-check ansible-files/apache.yml
执行
ansible-playbook ansible-files/apache.yml
检查
ansible web -m uri -a "url=http://localhost"
Variables
创建文件
ansible-files/group_vars/web.yml
---
stage: dev
ansible-files/host_vars/node2.yml
---
stage: prod
ansible-files/files/prod_web.html
<body><h1>This is a production webserver, take care!</h1></body>
ansible-files/files/dev_web.html
<body><h1>This is a development webserver, have fun!</h1></body>
创建 playbook deploy_index_html.yml
- name: Copy web.html
hosts: web
become: true
tasks:
- name: copy web.html
copy:
src: "{{ stage }}_web.html"
dest: /var/www/html/index.html
获取facts
ansible node1 -m setup -a 'filter=ansible_eth0'
ansible node1 -m setup -a 'filter=ansible_*_mb'
ansible node1 -m setup|grep distribution
ansible node1 -m setup -a 'filter=ansible_distribution' -o
Conditionals, Handlers and Loops
---
- name: manage httpd.conf
hosts: web
become: true
tasks:
- name: Copy Apache configuration file
copy:
src: httpd.conf
dest: /etc/httpd/conf/
notify:
- restart_apache
handlers:
- name: restart_apache
service:
name: httpd
state: restarted
Loop,创建用户
---
- name: Ensure users
hosts: node1
become: true
tasks:
- name: Ensure three users are present
user:
name: "{{ item }}"
state: present
loop:
- dev_user
- qa_user
- prod_user
Loop over hashes,创建用户
---
- name: Ensure users
hosts: node1
become: true
tasks:
- name: Ensure three users are present
user:
name: "{{ item.username }}"
state: present
groups: "{{ item.groups }}"
loop:
- { username: 'dev_user', groups: 'ftp' }
- { username: 'qa_user', groups: 'ftp' }
- { username: 'prod_user', groups: 'apache' }
Templates
templates/motd-facts.j2
Welcome to {{ ansible_hostname }}.
{{ ansible_distribution }} {{ ansible_distribution_version}}
deployed on {{ ansible_architecture }} architecture.
motd-facts.yml
---
- name: Fill motd file with host data
become: true
tasks:
- template:
src: motd-facts.j2
dest: /etc/motd
owner: root
group: root
mode: 0644
Roles
- 创建 task roles/apache_vhost/tasks/main.yml
---
- name: install httpd
yum:
name: httpd
state: latest
- name: start and enable httpd service
service:
name: httpd
state: started
enabled: true
- name: ensure vhost directory is present
file:
path: "/var/www/vhosts/{{ ansible_hostname }}"
state: directory
- name: deliver html content
copy:
src: web.html
dest: "/var/www/vhosts/{{ ansible_hostname }}/index.html"
- name: template vhost file
template:
src: vhost.conf.j2
dest: /etc/httpd/conf.d/vhost.conf
owner: root
group: root
mode: 0644
notify:
- restart_httpd
- 创建 handler roles/apache_vhost/handlers/main.yml
---
# handlers file for roles/apache_vhost
service:
name: httpd
state: restarted
- 创建 template
roles/apache_vhost/files/web.html
simple vhost index
roles/apache_vhost/templates/vhost.conf.j2
# {{ ansible_managed }}
<VirtualHost *:8080>
ServerAdmin webmaster@{{ ansible_fqdn }}
ServerName {{ ansible_fqdn }}
ErrorLog logs/{{ ansible_hostname }}-error.log
CustomLog logs/{{ ansible_hostname }}-common.log common
DocumentRoot /var/www/vhosts/{{ ansible_hostname }}/
<Directory /var/www/vhosts/{{ ansible_hostname }}/>
Options +Indexes +FollowSymlinks +Includes
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
- 创建 roles
---
- name: use apache_vhost role playbook
hosts: node2
become: true
pre_tasks:
- debug:
msg: 'Beginning web server configuration.'
roles:
- apache_vhost
post_tasks:
- debug:
msg: 'Web server has been configured.'
- 执行 role
ansible-playbook test_apache_role.yml
网友评论