当前位置: 首页 > news >正文

Ansible杂记(2)

news 来源:原创 2024/5/19 1:10:10

Ansible

Ansible playbook

YAML

1、表示多个任务

[root@master1 ~]# vim test.yml

tasks:
 - name: install a pkg
   yum: name=nginx state=latest
 - name: copy conf file
   copy: src= dest= state=
 - name: start nginx service
   service: name= state=

密钥登录

[root@master2 ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
82:35:43:4b:d8:4d:b5:71:78:12:60:9f:f6:56:45:bc root@master2.com
The key's randomart image is:
+--[ RSA 2048]----+
|     ooo+o+o.  oo|
|    .o.o..o=.  ..|
|      =   =o  . .|
|     o o . . . E |
|    . . S   o    |
|       .   .     |
|                 |
|                 |
|                 |
+-----------------+

复制密钥到远端主机
[root@master2 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.201.106.131
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.201.106.131's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@10.201.106.131'"
and check to make sure that only the key(s) you wanted were added.

[root@master2 ~]# ssh 10.201.106.131 'hostname'
master1.com
[root@master2 ~]#

复习

创建组:
[root@master1 ~]# ansible websrvs -m group -a 'name=mysql gid=306 system=yes'

创建用户,扔进mysql组
[root@master1 ~]# ansible websrvs -m user -a 'name=mysql uid=306 system=yes group=mysql'

复制:
[root@master1 ~]# ansible all -m copy -a 'src=/etc/fstab dest=/tmp/fstab.ansible. owner=root mode=640'

创建文件,并填写内容
ansible all -m copy -a 'content="Hello Ansible\nHi MageEdu" dest=/tmp/test.ansible'
[root@node1 ~]# cat /tmp/test.ansible 
Hello Ansible
Hi MageEdu[root@node1 ~]# 

设置文件权限:
[root@master1 ~]# ansible all -m file -a 'owner=mysql group=mysql mode=644 path=/tmp/fstab.ansible.

创建链接文件:
[root@master1 ~]# ansible all -m file -a 'path=/tmp/fstab.link src=/tmp/fstab.ansible. state=link'

所有主机ping测试:
[root@master1 ~]# ansible all -m ping

启动服务,并设置开机启动:
上[root@master1 ~]# ansible websrvs -m service -a 'enabled=true name=httpd state=started'

通过shell模块使用echo命令改密码:
[root@master1 ~]# ansible all -m shell -a 'echo user1 | passwd --stdin user1'

执行脚本(仅支持相对路径):
ansible all -m script -a "/tmp/test.sh"

安装程序包:
ansible all -m yum -a 'name=zsh'

playbooks

1、创建nginx组,创建nginx用户

[root@master1 ansible]# vim nginx.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: create nginx group
    group: name=nginx system=yes gid=208
  - name: create nginx user
    user: name=nginx uid=208 group=nginx system=yes

- hosts: dbsrvs
  remote_user: root
  tasks:
  - name: copy file to dbsrvs
    copy: src=/etc/inittab dest=/tmp/inittab.ans

运行剧本:
[root@master1 ansible]# ansible-playbook nginx.yml 

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.21]
ok: [10.201.106.22]

TASK [create nginx group] ******************************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

TASK [create nginx user] *******************************************************
changed: [10.201.106.21]
changed: [10.201.106.22]

PLAY [dbsrvs] ******************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.132]

TASK [copy file to dbsrvs] *****************************************************
changed: [10.201.106.22]
changed: [10.201.106.132]

PLAY RECAP *********************************************************************
10.201.106.132             : ok=2    changed=1    unreachable=0    failed=0   
10.201.106.21              : ok=3    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=5    changed=3    unreachable=0    failed=0   

[root@master1 ansible]#

2、httpd

2.1

[root@master1 ~]# mkdir conf
[root@master1 ~]# ls
anaconda-ks.cfg  ansible  conf  mbox  set_arp.sh
[root@master1 ~]# cp /etc/httpd/conf/httpd.conf conf/
接着把里面的配置端口改成8080;

卸载原来的httpd
[root@master1 ~]# ansible websrvs -m yum -a 'name=httpd state=absent'

2.2 编写YML脚本

[root@master1 ansible]# vim apache.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: install httpd package
    yum: name=httpd state=latest
  - name: install configuration file for httpd
    copy: src=/root/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
  - name: start httpd service
    service: enabled=true name=httpd state=started

2.3 触发器编写

[root@master1 ansible]# vim apache.yml 

- hosts: websrvs
  remote_user: root
  tasks:
  - name: install httpd package
    yum: name=httpd state=latest
  - name: install configuration file for httpd
    copy: src=/tmp/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify:                 #调用触发器
    - restart httpd         #调用触发器
  - name: start httpd service
    service: enabled=true name=httpd state=started
  handlers:                 #触发器编写
  - name: restart httpd
    service: name=httpd state=restarted

2.4 变量使用

[root@master1 ansible]# vim apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    copy: src=/tmp/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

3、变量实例

[root@master1 ansible]# vim test.yml

- hosts: websrvs
  remote_user: root
  tasks:
  - name: copy file
    copy: content="{{ ansible_all_ipv4_addresses }}" dest=/tmp/var.ans

结果:
[root@node1 ~]# cat /tmp/var.ans 
["10.201.106.21"][root@node1 ~]#

4、inventory定义的主机变量引用

4.1

[root@master1 ansible]# cd /etc/ansible/
[root@master1 ansible]# vim hosts

[websrvs]
10.201.106.21 testvar="106.21"
10.201.106.22 testvar="106.22"

4.2 脚本

[root@master1 ansible]# vim test.yml 

- hosts: websrvs
  remote_user: root
  tasks:
  - name: copy file
    copy: content="{{ ansible_all_ipv4_addresses }}, {{ testvar }}" dest=/tmp/var.ans

结果:
[root@node1 ~]# cat /tmp/var.ans 
([u'10.201.106.21'], 106.21)[root@node1 ~]# 

[root@node2 ~]# cat /tmp/var.ans 
([u'10.201.106.22'], 106.22)[root@node2 ~]# 
[root@node2 ~]#

playbooks条件测试

1、条件判断创建用户

[root@master1 ansible]# vim cond.yml

- hosts: all
  remote_user: root
  vars:
  - username: user10
  tasks:
  - name: create {{ username }}
    user: name={{ username}}
    when: ansible_fqdn == "master2.com"

结果:
[root@master2 ~]# id user10
uid=1002(user10) gid=1002(user10) groups=1002(user10)
[root@master2 ~]#

template

1、httpd配置文件设置端口变量,达到多主机不同端口需求

1.1 编辑httpd配置文件

[root@master1 templates]# vim httpd.conf.j2 

Listen {{ http_port }}
MaxClients       {{ maxClients }}
ServerName {{ ansible_fqdn }}

1.2 在ansible主机配置里配置变量值

[root@master1 templates]# vim /etc/ansible/hosts

[websrvs]
10.201.106.21 http_port=800 maxClients=100
10.201.106.22 http_port=8000 maxClients=200

1.3 修改YAML脚本

[root@master1 templates]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

Tage

1、修改脚本

[root@master1 ansible]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    tags:                   ###设置tags
    - conf                  ###设置tags
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

测试(运行相关tasks的列表):
[root@master1 ansible]# ansible-playbook apache.yml --tags="conf"

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [install configuration file for httpd] ************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

RUNNING HANDLER [restart httpd] ************************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

PLAY RECAP *********************************************************************
10.201.106.21              : ok=3    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=3    changed=2    unreachable=0    failed=0

2、特殊tags

2.1 修改脚本

[root@master1 ansible]# vim ~/ansible/apache.yml 

- hosts: websrvs
  remote_user: root
  vars:
  - package: httpd
  - service: httpd
  tasks:
  - name: install httpd package
    yum: name={{ package }} state=latest
  - name: install configuration file for httpd
    template: src=/root/templates/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf
    tags:
    - conf
    notify:
    - restart httpd
  - name: start httpd service
    service: enabled=true name={{ service }} state=started
    tags:
    - servers
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

roles

1、创建目录

[root@master1 ~]# mkdir -pv ansible_playbooks/roles/{websrvs,dbsrvs}/{tasks,files,templates,meta,handlers,vars}
mkdir: created directory ‘ansible_playbooks’
mkdir: created directory ‘ansible_playbooks/roles’
mkdir: created directory ‘ansible_playbooks/roles/websrvs’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/tasks’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/files’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/templates’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/meta’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/handlers’
mkdir: created directory ‘ansible_playbooks/roles/websrvs/vars’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/tasks’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/files’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/templates’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/meta’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/handlers’
mkdir: created directory ‘ansible_playbooks/roles/dbsrvs/vars’

[root@master1 ~]# tree ansible_playbooks/
ansible_playbooks/
└── roles
    ├── dbsrvs
    │   ├── files
    │   ├── handlers
    │   ├── meta
    │   ├── tasks
    │   ├── templates
    │   └── vars
    └── websrvs
        ├── files
        ├── handlers
        ├── meta
        ├── tasks
        ├── templates
        └── vars

2、

[root@master1 websrvs]# pwd
/root/ansible_playbooks/roles/websrvs
[root@master1 websrvs]# cp /tmp/httpd.conf files/

3、编写脚本

[root@master1 websrvs]# vim tasks/main.yml

- name: install httpd package
  yum: name=httpd
- name: install configuration file
  copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
  tags:
  - conf
  notify:
  - restart httpd
- name: start httpd
  service: name=httpd state=started

4、编写触发器

[root@master1 websrvs]# vim handlers/main.yml

- name: restart httpd
  service: name=httpd state=restarted

5、定义变量

[root@master1 websrvs]# vim vars/main.yml

- http_port: 80
- maxClient: 200

6、定义site文件(playbooks)

[root@master1 ansible_playbooks]# pwd
/root/ansible_playbooks
[root@master1 ansible_playbooks]# vim site.yml

[root@master1 ansible_playbooks]# vim site.yml

- hosts: websrvs
  remote_user: root
  roles:
  - websrvs

运行任务正常:
[root@master1 ansible_playbooks]# ansible-playbook site.yml 

PLAY [websrvs] *****************************************************************

TASK [setup] *******************************************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [websrvs : install httpd package] *****************************************
ok: [10.201.106.22]
ok: [10.201.106.21]

TASK [websrvs : install configuration file] ************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

TASK [websrvs : start httpd] ***************************************************
ok: [10.201.106.21]
ok: [10.201.106.22]

RUNNING HANDLER [websrvs : restart httpd] **************************************
changed: [10.201.106.22]
changed: [10.201.106.21]

PLAY RECAP *********************************************************************
10.201.106.21              : ok=5    changed=2    unreachable=0    failed=0   
10.201.106.22              : ok=5    changed=2    unreachable=0    failed=0

7、演示别的效果

7.1

[root@master1 ansible_playbooks]# vim site.yml 

- hosts: 10.201.106.21
  remote_user: root
  roles:
  - websrvs

- hosts: 10.201.106.22
  remote_user: root
  roles:
  - dbsrvs

- hosts: 10.201.106.132
  remote_user: root
  roles:
  - websrvs
  - dbsrvs

7.2 定义dbsrvs

[root@master1 dbsrvs]# pwd
/root/ansible_playbooks/roles/dbsrvs

[root@master2 ~]# scp /etc/my.cnf 10.201.106.131:/root/ansible_playbooks/roles/dbsrvs/files/
my.cnf                                           100%  570     0.6KB/s   00:00  

[root@master1 dbsrvs]# vim tasks/main.yml

- name: install mysql package
  yum: name=mariadb-server state=latest
- name: install configuration file
  copy: src=my.cnf dest=/etc/my.cnf
  tags:
  - myconf
  notify:
  - restart mysqld
- name: start mysql service
  service: name=mariadb enabled=true state=started

定义触发器:
[root@master1 dbsrvs]# vim handlers/main.yml

- name: restart mysqld
  service: name=mariadb state=restarted

测试:
[root@master1 ansible_playbooks]# ansible-playbook site.yml

转载于:https://blog.51cto.com/zhongle21/2087358

相关文章:

  • crontab详解
  • call、apply、bind的用法
  • Perl的简单联网操作
  • [svc]NFS存储企业场景及nfs最佳实战探究
  • 1安装Linux
  • underscore源码剖析之整体架构
  • HDU-2087-剪花布条
  • 关于线性基的一丢丢理解
  • 基于阿里雲Oracle12cR2(Linux)實例靜默安装Cloud Control 13c 13.3
  • Spring Boot + thymeleaf 后台与页面(二)
  • vue学习系列(二)vue-cli
  • java8简短教程(持续更新含部分9,10,11)
  • Kali linux 2018安装后全屏乱码解决
  • SAP云平台对Kubernetes的支持
  • Centos6.5配置DNS
  • AHK 中 = 和 == 等比较运算符的用法
  • Cookie 在前端中的实践
  • DataBase in Android
  • iOS仿今日头条、壁纸应用、筛选分类、三方微博、颜色填充等源码
  • JavaScript 基本功--面试宝典
  • Lsb图片隐写
  • MySQL的数据类型
  • Netty源码解析1-Buffer
  • opencv python Meanshift 和 Camshift
  • react 代码优化(一) ——事件处理
  • vue 个人积累(使用工具,组件)
  • WebSocket使用
  • 编写符合Python风格的对象
  • 等保2.0 | 几维安全发布等保检测、等保加固专版 加速企业等保合规
  • 今年的LC3大会没了?
  • 问题之ssh中Host key verification failed的解决
  • 06-01 点餐小程序前台界面搭建
  • SAP CRM里Lead通过工作流自动创建Opportunity的原理讲解 ...
  • 移动端高清、多屏适配方案
  • (aiohttp-asyncio-FFmpeg-Docker-SRS)实现异步摄像头转码服务器
  • (react踩过的坑)Antd Select(设置了labelInValue)在FormItem中initialValue的问题
  • (十一)c52学习之旅-动态数码管
  • (算法设计与分析)第一章算法概述-习题
  • (转)LINQ之路
  • (转)Sql Server 保留几位小数的两种做法
  • (转)从零实现3D图像引擎:(8)参数化直线与3D平面函数库
  • .gitignore文件_Git:.gitignore
  • .mat 文件的加载与创建 矩阵变图像? ∈ Matlab 使用笔记
  • .md即markdown文件的基本常用编写语法
  • .NET Core Web APi类库如何内嵌运行?
  • .NET MVC第五章、模型绑定获取表单数据
  • .NET 指南:抽象化实现的基类
  • .NET高级面试指南专题十一【 设计模式介绍,为什么要用设计模式】
  • .Net组件程序设计之线程、并发管理(一)
  • @property括号内属性讲解
  • @RequestMapping用法详解
  • @Transactional 详解
  • @value 静态变量_Python彻底搞懂:变量、对象、赋值、引用、拷贝
  • [20190401]关于semtimedop函数调用.txt
  • [AIGC] Java 和 Kotlin 的区别