Ansible角色
1665 字
8 分钟
Ansible角色
Ansible角色
[TOC]
彩蛋
Ansible 有一个非常有趣的小彩蛋:当它检测到你的系统中安装了 cowsay 时,就会自动调用它,把原本枯燥的任务名称(比如 PLAY RECAP、TASK [...])放进小牛的对话气泡里,让输出界面变得生动有趣
____________< PLAY RECAP > ------------ \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||Client: ok=5 changed=3 failed=0 skipped=0 ignored=0Server: ok=8 changed=6 failed=0 skipped=0 ignored=0除了默认的小牛,cowsay 还有很多其他 ASCII 艺术图案
- 查看可用图案:你可以运行
cowsay -l来查看所有可用的图案
[root@Zabbix ~]# cowsay -lCow files in /usr/share/cowsay:cheese cower default dragon dragon-and-cow elephant elephant-in-snake eyes milk.....指定图案:你可以通过修改 Ansible 的配置文件 /etc/ansible/ansible.cfg 来指定默认使用的图案
# 在 [defaults] 部分添加或修改[defaults]# 设置为 'dragon',下次运行就会看到一条龙在说话cow_selection = dragon🚫 觉得太花哨?关掉它!
- 个人觉得比默认的
*好玩多了
编辑 Ansible 的主配置文件 /etc/ansible/ansible.cfg
# 在 [defaults] 部分[defaults]nocows = 1概述
- ==roles== 是对playbook的一种重新编排
🛠️ 如何创建角色?'ansible-galaxy init 角色名'# 它能一键生成标准的目录结构[root@m01 ansible]# mkdir roles[root@m01 ansible]# cd roles/[root@m01 roles]# ansible-galaxy init backup- Role backup was created successfully# roles/backup--->专门用来备份'当然我们还可以在roles目录下创建别的'[root@m01 roles]# tree ./backup/./backup/├── defaults ❌️│ └── main.yml├── files├── handlers│ └── main.yml├── meta ❌️│ └── main.yml├── README.md ❌️├── tasks│ └── main.yml├── templates├── tests ❌️│ ├── inventory│ └── test.yml└── vars └── main.yml# 我们先把没有用的删除掉![root@m01 roles]# cd backup/[root@m01 backup]# rm -rf defaults/ meta/ tests/ README.md[root@m01 backup]# tree.├── files # 静态文件├── handlers # 触发器│ └── main.yml✅️自动创建├── tasks # 核心任务│ └── main.yml✅️自动创建├── templates # 模版文件(.j2)└── vars # 固定变量 └── main.yml✅️自动创建# 我们经常用的就这几个!✅️我们直接在main.yml里面编写即可!backup重构
1)拷贝配置文件# 到template目录下[root@m01 backup]# cp ~/rsyncd.conf ./templates/rsyncd.conf.j2# rsync的配置文件[root@m01 backup]# cd templates/[root@m01 templates]# echo rsync_backup:123 > rsync.passwd.j2[root@m01 templates]# lsrsyncd.conf.j2 rsync.passwd.j2# 配置文件和密码文件[root@m01 templates]# tree ../templates/../templates/├── rsyncd.conf.j2└── rsync.passwd.j2
2)编辑核心剧本[root@m01 templates]# cd ..[root@m01 backup]# cd ..# 要在roles目录下创建playbook[root@m01 roles]# vim site.yml# 从hosts开始写- hosts: backup# 后面要改为all,会有不同的角色! roles: - role: backup when: ansible_hostname is match "backup" # when判断和role对齐 # 只有主机为backup才执行
3)恢复快照&&免密登录[root@m01 roles]# ssh-copy-id -i ~/.ssh/my_key.pub 172.16.1.41[root@m01 roles]# ssh backup "hostname -I"10.0.0.41 172.16.1.41'密码成功'
4)检测与测试[root@m01 roles]# ansible-playbook --syntax-check site.ymlplaybook: site.yml[root@m01 roles]# ansible-playbook site.ymlPLAY [backup]**********************TASK [Gathering Facts]ok: [backup]'收集信息'**********************TASK [backup : Install rsync server]ok: [backup]'安装rsync'**********************TASK [backup : Configure rsync file]changed: [backup] => (item={'src': 'rsyncd.conf.j2', 'dest': '/etc/rsyncd.conf', 'mode': '0644'})changed: [backup] => (item={'src': 'rsync.passwd.j2', 'dest': '/etc/rsync.passwd', 'mode': '0600'})# 拷贝文件--->配置文&&密码文件**********************TASK [backup : Create group "www"]changed: [backup]"创建组"**********************TASK [backup : Create user "www"]changed: [backup]'创建用户'**********************TASK [backup : Create dir]changed: [backup] => (item=/backup)changed: [backup] => (item=/data)'创建目录'**********************TASK [backup : Start rsync server]changed: [backup]'启动&&开机自启'
'测试验证'[root@m01 roles]# rsync -avz /etc/passwd rsync_backup@172.16.1.41::backupPassword: ---'密码123'sent 841 bytes received 43 bytes 353.60 bytes/sec[root@backup ~]#ls /backup/passwd/backup/passwd- roles/backup/vars/main.yml
- 存放着固定变量
user: wwwuid: 888rc_port: 873dir_1: /backupdir_2: /data- roles/backup/template/rsyncd.conf.j2
- 模版配置文件
uid = {{user}}gid = {{user}}port = {{rc_port}}fake super = yesuse chroot = nomax connections = 200timeout = 600ignore errorsread only = falselist = falseauth users = rsync_backupsecrets file = /etc/rsync.passwdpid file = /var/run/rsyncd.pidlock file = /var/run/rsync.locklog file =/var/log/rsyncd.log############################[backup]path = {{dir_1}}[data]path = {{dir_2}}- roles/backup/tasks/main.yml
- 任务核心
- name: Install rsync server yum: name: rsync state: present
- name: Configure rsync file template: src: "{{item.src}}" dest: "{{item.dest}}" mode: "{{item.mode}}" notify: Restart rsync # 只要修改了,就触发handler重启 loop: # src能够自动识别template里面的模版文件 - src: rsyncd.conf.j2 dest: /etc/rsyncd.conf mode: "0644" - src: rsync.passwd.j2 dest: /etc/rsync.passwd mode: "0600"
- name: Create group "{{user}}" group: name: "{{user}}" gid: "{{uid}}"
- name: Create user "{{user}}" user: name: "{{user}}" uid: "{{uid}}" group: "{{user}}" shell: /sbin/nologin create_home: false
- name: Create dir file: path: "{{item}}" state: directory owner: "{{user}}" group: "{{user}}" loop: # 因为变量没有在路径中所以要加引号 # /tmp/{{dir}}-->这种不需要加引号 - "{{dir_1}}" - "{{dir_2}}"
- name: Start rsync server systemd: name: rsyncd state: started enabled: yes- roles/backup/handlers/main.yml
- 触发器,修改配置文件--->给handler发信号
- name: Restart rsync# 和notify的名字相同 systemd: name: rsyncd state: restartednfs重构
1)恢复快照&&免密[root@m01 roles]# ssh-copy-id -i ~/.ssh/my_key.pub 172.16.1.31[root@m01 roles]# ssh nfs01 "hostname -I"10.0.0.31 172.16.1.31
2)创建角色[root@m01 roles]# ansible-galaxy init nfs- Role nfs was created successfully[root@m01 roles]# cd nfs/[root@m01 nfs]# lsdefaults files handlers meta README.md tasks templates tests vars[root@m01 nfs]# rm -rf defaults/ meta/ README.md tests/[root@m01 nfs]# lsfiles handlers tasks templates vars
3)拷贝配置文件[root@m01 nfs]# cp /home/ansible/exports ./templates/exports.j2[root@m01 nfs]# cat ./templates/exports.j2{{dir}} 172.16.1.0/24(rw,sync,all_squash,anonuid={{ id }},anongid={{ id }})
4)编辑核心剧本[root@m01 nfs]# cd ..# 继续上一个的写![root@m01 roles]# vim site.yml- hosts: all# 注意看自己的主机清单! roles: - role: backup when: ansible_hostname is match "backup" # when判断和role对齐 # 只有主机为backup才执行 - role: nfs when: ansible_hostname is match "nfs"[root@m01 roles]# tree nfs/nfs/├── files├── handlers│ └── main.yml├── tasks│ └── main.yml├── templates│ └── exports.j2└── vars └── main.yml
5)测试&验证[root@m01 roles]# ansible-playbook --syntax-check site.ymlplaybook: site.yml[root@m01 roles]# showmount -e 172.16.1.31clnt_create: RPC: ❌️Unable to receive[root@m01 roles]# ansible-playbook site.ymlTASK [backup : Install rsync server]skipping: [db02]skipping: [nfs01]skipping: [web01]skipping: [web02]ok: [backup]'只有backup执行,其他都跳过'**********************.................'先跑第一个角色backup,再跑nfs'**********************TASK [nfs : Install nfs server]skipping: [db02]skipping: [backup]skipping: [web02]skipping: [web01]ok: [nfs01]'只有nfs执行!!'**********************nfs01 : ok=7 changed=6[root@m01 roles]# showmount -e 172.16.1.31Export list for 172.16.1.31:/data/wp 172.16.1.0/24✅️'没问题👌'user: wwwdir: /data/wpid : 888- name: Install nfs server yum: name: nfs-utils state: present
- name: Configure nfs file template: src: exports.j2 dest: /etc/exports notify: Restart nfs
- name: Create group "{{user}}" group: name: "{{user}}" gid: "{{id}}"
- name: Create user "{{user}}" user: name: "{{user}}" uid: "{{id}}" group: "{{user}}" shell: /sbin/nologin create_home: false
- name: Create dir "{{dir}}"# 递归创建了目录/data/wp# 这两个目录的属主都是www file: path: "{{dir}}" state: directory owner: "{{user}}" group: "{{user}}"
- name: Start NFS Server systemd: name: nfs state: started enabled: yes- name: Restart nfs systemd: name: nfs state: restarted主配置文件
[root@Zabbix ~]# tree /ansible//ansible/└── roles ├── Client │ ...... ├── Server │ ...... └── site.yml
'hosts可以写在 - name '
- name: 配置 Server 主机 hosts: Server roles: - Server
- name: 配置 Client 主机 hosts: Client roles: - Client
- name: Server 测试验证 hosts: Server tasks: - name: Result test shell: 'unbound-control dump_cache | grep jd.com' register: result_end
- name: Print result_end debug: msg: "{{result_end.stdout_lines}}"nginx重构
mysql重构
wordpress重构
面试题
请问用过ansible吗?你都用来干啥?用过、--->配置变更、数据收集facts模块(资产管理)、批量安装部署服务那你用过哪些模块?file copy template yum systemd cron handles vars when loop我执行一条命令、但是看不到结果怎么办?使用变量注册 register文章分享
如果这篇文章对你有帮助,欢迎分享给更多人!
相关文章智能推荐
1
Ansible流程
Ansible自动化深入 Playbook 流程控制三大机制:when 条件判断、loop 循环迭代、block 异常处理与 tags 标签执行策略
2
Ansible-->vars变量
Ansible自动化全面讲解 Ansible 变量体系六种定义方式,涵盖 vars_files、host_vars、group_vars 目录结构及变量优先级规则
3
Ansible剧本(playbook)
Ansible自动化深入 Playbook 剧本编写实践,掌握 YAML 语法规范、任务编排方法、handlers 触发器机制与多剧本批量执行
4
Ansible开篇
Ansible自动化介绍 Ansible 无代理运维工具的设计理念与架构,详解 SSH 通信机制、主机清单组织方式及临时命令使用
5
Ansible Docker 动态清单
Ansible自动化讲解Ansible与Docker集成及动态清单机制,涵盖容器化部署与inventory动态管理
随机文章随机推荐




