Red Hat Ansible Lab

作者: 偷油考拉 | 来源:发表于2022-01-26 16:19 被阅读0次

Red Hat Ansible Lab
Ansible
linux命令行学习（63）：rpm
Linux 主要的发行系统版本介绍
RHCE.2021.学习笔记.06篇
(2) -- Openshift 3.11 安装 istio 及
RHCE.2021.学习笔记.07篇
RHCE.2021.学习笔记.05篇
Red Hat Enterprise Linux 8测试版发布
RHCE.2021.学习笔记.04篇

[cloud-user@awx-60 ~]$ cat ansible.cfg 
[defaults]
stdout_callback = yaml
connection = smart
timeout = 60
deprecation_warnings = False
host_key_checking = False
retry_files_enabled = False
inventory = /home/cloud-user/hosts

[cloud-user@awx-60 ~]$ cat hosts 
[all:vars]
ansible_user=cloud-user
ansible_ssh_pass=password
ansible_port=22

[web]
node1 ansible_host=10.0.14.43
node2 ansible_host=10.0.14.44
node3 ansible_host=10.0.14.45

[control]
ansible ansible_host=10.0.14.42

AD Hoc Commands

查找帮助

     ansible-doc -l
     ansible-doc -l |grep -i user
     ansible-doc user

AD-HOC

ansible node1 -m command -a "id"
ansible all -m command -a 'uname -r'
ansible all -m command -a 'uname -r' -o

COPY module

# -b 开启 sudo
ansible node1 -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -b
ansible node1 -m command -a 'cat /etc/motd'

YUM module

ansible node1 -m yum -a 'name=squid state=latest' -b

Playbook

创建 apache.yml 如下：

---
- name: Apache server installed
  hosts: web
  become: yes
  tasks:
  - name: latest Apache version installed
    yum:
      name: httpd
      state: latest
  - name: Apache enabled and running
    service:
      name: httpd
      enabled: true
      state: started
  - name: copy web.html
    copy:
      src: web.html
      dest: /var/www/html/index.html

检查语法

ansible-playbook --syntax-check ansible-files/apache.yml

执行

ansible-playbook ansible-files/apache.yml

检查

ansible web -m uri -a "url=http://localhost"

Variables

创建文件
ansible-files/group_vars/web.yml

---
stage: dev

ansible-files/host_vars/node2.yml

---
stage: prod

ansible-files/files/prod_web.html

<body><h1>This is a production webserver, take care!</h1></body>

ansible-files/files/dev_web.html

<body><h1>This is a development webserver, have fun!</h1></body>

创建 playbook deploy_index_html.yml

- name: Copy web.html
  hosts: web
  become: true
  tasks:
  - name: copy web.html
    copy:
      src: "{{ stage }}_web.html"
      dest: /var/www/html/index.html

获取facts

ansible node1 -m setup -a 'filter=ansible_eth0'
ansible node1 -m setup -a 'filter=ansible_*_mb'
ansible node1 -m setup|grep distribution
ansible node1 -m setup -a 'filter=ansible_distribution' -o

Conditionals, Handlers and Loops

---
- name: manage httpd.conf
  hosts: web
  become: true
  tasks:
  - name: Copy Apache configuration file
    copy:
      src: httpd.conf
      dest: /etc/httpd/conf/
    notify:
        - restart_apache
  handlers:
    - name: restart_apache
      service:
        name: httpd
        state: restarted

Loop，创建用户

---
- name: Ensure users
  hosts: node1
  become: true

  tasks:
    - name: Ensure three users are present
      user:
        name: "{{ item }}"
        state: present
      loop:
         - dev_user
         - qa_user
         - prod_user

Loop over hashes，创建用户

---
- name: Ensure users
  hosts: node1
  become: true

  tasks:
    - name: Ensure three users are present
      user:
        name: "{{ item.username }}"
        state: present
        groups: "{{ item.groups }}"
      loop:
        - { username: 'dev_user', groups: 'ftp' }
        - { username: 'qa_user', groups: 'ftp' }
        - { username: 'prod_user', groups: 'apache' }

Templates

templates/motd-facts.j2

Welcome to {{ ansible_hostname }}.
{{ ansible_distribution }} {{ ansible_distribution_version}}
deployed on {{ ansible_architecture }} architecture.

motd-facts.yml

---
- name: Fill motd file with host data
  become: true
  tasks:
    - template:
        src: motd-facts.j2
        dest: /etc/motd
        owner: root
        group: root
        mode: 0644

Roles

创建 task roles/apache_vhost/tasks/main.yml

---
- name: install httpd
  yum:
    name: httpd
    state: latest
- name: start and enable httpd service
  service:
    name: httpd
    state: started
    enabled: true
- name: ensure vhost directory is present
  file:
    path: "/var/www/vhosts/{{ ansible_hostname }}"
    state: directory
- name: deliver html content
  copy:
    src: web.html
    dest: "/var/www/vhosts/{{ ansible_hostname }}/index.html"
- name: template vhost file
  template:
    src: vhost.conf.j2
    dest: /etc/httpd/conf.d/vhost.conf
    owner: root
    group: root
    mode: 0644
  notify:
    - restart_httpd

创建 handler roles/apache_vhost/handlers/main.yml

---
# handlers file for roles/apache_vhost
  service:
    name: httpd
    state: restarted

创建 template
roles/apache_vhost/files/web.html

simple vhost index

roles/apache_vhost/templates/vhost.conf.j2

# {{ ansible_managed }}

<VirtualHost *:8080>
    ServerAdmin webmaster@{{ ansible_fqdn }}
    ServerName {{ ansible_fqdn }}
    ErrorLog logs/{{ ansible_hostname }}-error.log
    CustomLog logs/{{ ansible_hostname }}-common.log common
    DocumentRoot /var/www/vhosts/{{ ansible_hostname }}/

    <Directory /var/www/vhosts/{{ ansible_hostname }}/>
  Options +Indexes +FollowSymlinks +Includes
  Order allow,deny
  Allow from all
    </Directory>
</VirtualHost>

创建 roles

---
- name: use apache_vhost role playbook
  hosts: node2
  become: true

  pre_tasks:
    - debug:
        msg: 'Beginning web server configuration.'

  roles:
    - apache_vhost

  post_tasks:
    - debug:
        msg: 'Web server has been configured.'