Ansible Playbook概述
playbook是由一个或多个模块组组成,使用多个不同的模块完成一件事情。
playbook通过yaml语法识别描述的状态文件。扩展名为yaml
1、YAML三板斧
缩进
YAML使用一个固定的缩进风格表示层级结构,每个缩进由两个空格组成,不饿能使用tab(默认一个tab=4个空格)
解决方法:
[root@m01 ~]# vim .vimrc
set tabstop=2
冒号
以冒号结尾的除外,其他所有冒号后面必须由空格。
短横线
表示列表项,使用一个短横杠加一个空格。
多个项使用同样的缩进级别作为同一列表。
2、ansible-Playbook命令的常用选项
-C, --check 模拟运算
--list-host 列出剧本主机清单
--list-tags 列出剧本标记
--list-tasks 列出剧本任务
--syntax-check 检测语法
ansible综合架构项目实战
Ansible Playbook架构环境配置
角色 IP 部署软件
m01 192.168.1.170 ansible
backup 192.168.1.171 rsync
nfs 192.168.1.172 nfs,sersync
web01 192.168.1.173 httpd
web02 192.168.1.174 httpd
1、实施步骤
1)配置ssh密钥认证生效
[root@m01 ~]# ssh-keygen -t rsa
[root@m01 ~]# ssh-copy-id 192.168.1.171
[root@m01 ~]# ssh-copy-id 192.168.1.172
[root@m01 ~]# ssh-copy-id 192.168.1.173
[root@m01 ~]# ssh-copy-id 192.168.1.174
#验证各节点互信
[root@m01 ~]# ssh 192.168.1.171 date && ssh 192.168.1.172 date && ssh 192.168.1.173 date && ssh 192.168.1.174 date
2)安装ansible
[root@m01 ~]# yum install -y ansible
[root@m01 ~]# ansible --version #查看版本
ansible 2.9.23
3)配置ansible主机清单
[root@m01 ~]# vim /etc/ansible/hosts #编辑,在最后添加一行
[backup]
192.168.1.171
[nfs]
192.168.1.172
[web]
192.168.1.173
192.168.1.174
[nfzl:children]
backup
nfs
web
#测试主机清单
[root@m01 ~]# ansible nfzl -m ping
4)基础环境部署
[root@m01 ~]# mkdir -p /etc/ansible/ansible_playbook/{conf,file,scripts,toots}
[root@m01 ansible_playbook]# tree /etc/ansible/ansible_playbook/
/etc/ansible/ansible_playbook/
├── apache.yaml
├── base.yaml
├── conf
│ ├── exports
│ ├── hosts
│ ├── httpd.conf
│ ├── mail.rc
│ ├── rsyncd.conf
│ └── selinux.config
├── file
├── nfs.yaml
├── rsync.yaml
├── scripts
│ ├── rsync_backup.sh
│ └── rsync_check.sh
├── sersync.yaml
├── tools
│ └── sersync
│ ├── confxml.xml
│ └── sersync2
└── toots
5) 准备所有的配置文件
selinux
hosts
httpd.conf
exports
mail.rc
rsync.conf
rsync_backup.sh # 备份脚本
rsync_check.sh # 检测脚本
sercync # 安装包及配置文件
6)配置playbook
①base playbook
[root@m01 ansible_playbook]# cat base.yaml
- hosts: all
tasks:
- name: Disable Selinux
copy: src=./conf/selinux.config dest=/etc/selinux/config
- name: Push Hosts File
copy: src=./conf/hosts dest=/etc/hosts
- name: Stop Selinux
shell: setenforce=0
- name: DisableFirewalld
service: name=firewalld state=stopped enabled=no
- name: Create Epel Repo
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
- name: Install Rsync Nfs
yum: name=rsync,nfs-utils state=installed
- name: Create Group
group: name=www gid=666
- name: Create User
user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin
- name: Create Directory /Data
file: path=/data owner=www group=666 recurse=yes state=directory
- name: Create Directory /Backup
file: path=/backup owner=666 group=666 recurse=yes state=directory
- name: Create Scripts Directory
file: path=/server/scripts state=directory
- name: Push Rsync Bcakup Scripts
copy: src=./scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh
- name: Create Rsync Client Passwd File
copy: content='talent' dest=/etc/rsync.passwd mode=600
- name: Create Rsync Client Backup Crontab
cron: name='rsync backup' hour=1 minute=0 job='/bin/sh /server/scripts/rsync_backup.sh &> /dev/null'
②nfs playbook
[root@m01 ansible_playbook]# cat nfs.yaml
- hosts: nfs
tasks:
- name: Install Nfs
yum: name=nfs-utils state=started
- name: Push NFS Config File
copy: src=./conf/exports dest=/etc/exports
notify: Restart NFS
- name: Start Rpcbind Service
service: name=rpcbind state=started
- name: Start NFS service
service: name=nfs state=started enable=yes
handlers:
- name: Restart NFS
service: name=nfs state=restarted
③rsync playbook
[root@m01 ansible_playbook]# cat rsync.yaml
- hosts: backup
tasks:
- name: Install Rsync Mailx
yum: name=rsync,mailx state=installed
- name: Push Rsync Config File
copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart Rsyncd
- name: Create Rsync Auth File
copy: content=rsync_backup:talent dest=/etc/rsync.password mode=600
- name: Start Rsync Service
service: name=rsyncd state=started enabled=yes
- name: Push Mailx Config File
copy: src=./conf/mail.rc dest=/etc/mail.rc
- name: Push Rsync Check Scripts
copy: src=./scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh
- name: Create Rsync Check Crontab
cron: name='Rsync Check' hour=5 minute=0 job='/bin/sh /server/scripts/rsync_check.sh &>/dev/null'
handlers:
- name: Restart Rsyncd
service: name=rsyncd state=restarted
④ sersync playbook
[root@m01 ansible_playbook]# cat sersync.yaml
- hosts: nfs
tasks:
- name: Install inotify-tools
yum: name=inotify-tools state=installed
- name: Push sersync
copy: src=./tools/sersync dest=/usr/local/ mode=755
- name: Start Sersync
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
⑤ apache playbook
[root@m01 ansible_playbook]# cat apache.yaml
- hosts: web
tasks:
- name: Install Httpd
yum: name=httpd state=installed
- name: Config Httpd
copy: src=./conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: Restart Httpd Service
- name: Start Http Service
service: name=httpd state=started enabled=yes
- name: Mount NFS Storage
mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
handlers:
- name: Restart Httpd Service
service: name=httpd state=restarted
6) 检测playbook
#语法加成
[root@m01 ansible_playbook]# ansible-playbook --syntax-check apache.yaml
#模拟运算
[root@m01 ansible_playbook]# ansible-playbook -C apache.yam
#列出剧本主机清
[root@m01 ansible_playbook]# ansible-playbook --list-hosts apache.yaml
#列出剧本任务
[root@m01 ansible_playbook]# ansible-playbook --list-tasks apache.yaml
7)将所有编写好的yaml引入至一个文件中,这样便于一次执行
[root@m01 ansible_playbook]#vim main.yaml
- import_playbook: base.yaml
- import_playbook: rsync.yaml
- import_playbook: nfs.yaml
- import_playbook: sersync.yaml
- import_playbook: apache.yaml
