zoukankan      html  css  js  c++  java
  • Ansible playbooks(任务、角色、模板、变色器、)

    playbooks配置文件:

    [root@ansible ~]# vim /etc/ansible/hosts

    [test01]
    192.168.200.114 [test02] 192.168.200.115
    [root@ansible ~]# vim /etc/ansible/test.yaml
    
    
    ---
    - hosts: test01                          #要操作的主机
      remote_user: root                      #登入的用户
      tasks:                                 #tasks表示任务
        - name: adduser                      #任务名
          user: name=user2 state=present      #创建一个用户
          tags:                              #设置一个标签
            - testaaa
        - name: addgroup
          group: name=root system=yes
          tags:
            - testbbb
    - hosts: test02
      remote_user: root
      tasks:
        - name: xxx
          copy: src=/etc/passwd dest=/home
          tags:
            - testccc
    ...

    用法:

          playbook文件定义的任务需要通过nasible-playbook命令调用并执行,ansible-playbook命令用法如下:

    用法:ansible-playbook[option]/PATH/TO/PLAYBOOK.yaml

    实验案例:

    1:语法检查:

    [root@ansible ~]# ansible-playbook --syntax-check /etc/ansible/test.yml
    
    playbook: /etc/ansible/test.yml

    2:预测试:

    [root@ansible ~]# ansible-playbook -C /etc/ansible/test.yml 
    
    PLAY [test01] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [adduser] **************************************************************************************************************************
    changed: [192.168.200.114]
    
    TASK [addgroup] *************************************************************************************************************************
    ok: [192.168.200.114]
    
    PLAY [test02] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.115]
    
    TASK [xxx] ******************************************************************************************************************************
    changed: [192.168.200.115]
    
    PLAY RECAP ******************************************************************************************************************************
    192.168.200.114            : ok=3    changed=1    unreachable=0    failed=0   
    192.168.200.115            : ok=2    changed=1    unreachable=0    failed=0   

    3:列出主机:

    [root@ansible ~]# ansible-playbook --list-hosts /etc/ansible/test.yml 
    
    playbook: /etc/ansible/test.yml
    
      play #1 (test01): test01    TAGS: []
        pattern: [u'test01']
        hosts (1):
          192.168.200.114
    
      play #2 (test02): test02    TAGS: []
        pattern: [u'test02']
        hosts (1):
          192.168.200.115

    4:列出任务:

    [root@ansible ~]# ansible-playbook --list-tasks /etc/ansible/test.yml 
    
    playbook: /etc/ansible/test.yml
    
      play #1 (test01): test01    TAGS: []
        tasks:
          adduser    TAGS: [testaaa]
          addgroup    TAGS: [testbbb]
    
      play #2 (test02): test02    TAGS: []
        tasks:
          xxx    TAGS: [testccc]

    5:列出标签:

    [root@ansible ~]# ansible-playbook --list-tags /etc/ansible/test.yml 
    
    playbook: /etc/ansible/test.yml
    
      play #1 (test01): test01    TAGS: []
          TASK TAGS: [testaaa, testbbb]
    
      play #2 (test02): test02    TAGS: []
          TASK TAGS: [testccc]

    6:执行任务:

    [root@ansible ~]# ansible-playbook /etc/ansible/test.yml 
    
    PLAY [test01] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [adduser] **************************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [addgroup] *************************************************************************************************************************
    ok: [192.168.200.114]
    
    PLAY [test02] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.115]
    
    TASK [xxx] ******************************************************************************************************************************
    ok: [192.168.200.115]
    
    PLAY RECAP ******************************************************************************************************************************
    192.168.200.114            : ok=3    changed=0    unreachable=0    failed=0   
    192.168.200.115            : ok=2    changed=0    unreachable=0    failed=0   

    7:测试查看:

    [root@ansible ~]# ansible test01 -m shell -a "tail -l /etc/passwd"
    192.168.200.114 | SUCCESS | rc=0 >>
    user2:x:1001:1001::/home/user2:/bin/bash

    [root@ansible ~]# ansible test02 -m command -a "ls -l /home"
    192.168.200.115 | SUCCESS | rc=0 >>
    总用量 4
    drwx------. 3 crushlinx crushlinx 78 10月 28 09:53 crushlinx
    -rw-r--r--. 1 root root 2304 10月 28 16:57 passwd
    drwx------. 3 room room 78 4月 11 2018 room

    8:执行输出:

    我们在用playbook进行ansible模块操作的时候,并没有命令的执行结果输出,默认被隐藏了,可以通过refister模块追加命令输出的结果

    [root@ansible ~]# vim /etc/ansible/test.yaml
    
    ---
    - hosts: test01
      remote_user: root
      tasks:
        - name: adduser
          user: name=user2 state=present
          register: print_result
          tags:
            - testaaa
        - debug: var=print_result
        - name: addgroup
          group: name=root system=yes
          tags:
            - testbbb
    
        - debug: var=print_result
    - hosts: test02
      remote_user: root
      tasks:
        - name: xxx
          copy: src=/etc/passwd dest=/home
          tags:
            - testccc
    ...
    [root@ansible ~]# ansible-playbook /etc/ansible/test.yaml 
    
    PLAY [test01] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [adduser] **************************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [debug] ****************************************************************************************************************************
    ok: [192.168.200.114] => {
        "print_result": {
            "append": false, 
            "changed": false, 
            "comment": "", 
            "failed": false, 
            "group": 1001, 
            "home": "/home/user2", 
            "move_home": false, 
            "name": "user2", 
            "shell": "/bin/bash", 
            "state": "present", 
            "uid": 1001
        }
    }
    
    TASK [addgroup] *************************************************************************************************************************
    ok: [192.168.200.114]
    
    TASK [debug] ****************************************************************************************************************************
    ok: [192.168.200.114] => {
        "print_result": {
            "append": false, 
            "changed": false, 
            "comment": "", 
            "failed": false, 
            "group": 1001, 
            "home": "/home/user2", 
            "move_home": false, 
            "name": "user2", 
            "shell": "/bin/bash", 
            "state": "present", 
            "uid": 1001
        }
    }
    
    PLAY [test02] ***************************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.115]
    
    TASK [xxx] ******************************************************************************************************************************
    ok: [192.168.200.115]
    
    PLAY RECAP ******************************************************************************************************************************
    192.168.200.114            : ok=5    changed=0    unreachable=0    failed=0   
    192.168.200.115            : ok=2    changed=0    unreachable=0    failed=0  

    client机安装httpd

    [root@client2 ~]# yum install httpd httpd-server -y


     [root@client2 httpd]# service httpd start

    [root@client1 ~]# yum install httpd httpd-server -y


     [root@client1 httpd]# service httpd start

    2:触发器:

    hanglers触发器的使用示例如下:

    [root@ansible ~]# ansible test01 -m shell -a 'netstat -anpt | grep :80'
    192.168.200.114 | SUCCESS | rc=0 >>
    tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      104590/nginx: maste 
    [root@ansible ~]# vim /etc/ansible/httpd.yaml
    
    
    ---
    - hosts: crushlinux
      remote_user: root
      tasks:
        - name: change port
          command: sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
          notify:
            - restart httpd server
      handlers:
        - name: restart httpd server
          service: name=httpd state=restarted
    ...


    测试语法:

    [root@ansible ~]# ansible-playbook -C /etc/ansible/httpd.yaml 
    
    PLAY [crushlinux] ***********************************************************************************************************************
    
    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.115]
    ok: [192.168.200.114]
    
    TASK [change port] **********************************************************************************************************************
    skipping: [192.168.200.115]
    skipping: [192.168.200.114]
    
    PLAY RECAP ******************************************************************************************************************************
    192.168.200.114            : ok=1    changed=0    unreachable=0    failed=0   
    192.168.200.115            : ok=1    changed=0    unreachable=0    failed=0  

    查看配置文件内容并执行:

    [root@ansible ~]# ansible "test01" -m shell -a 'grep ^Listen /etc/httpd/conf/httpd.conf'
    192.168.200.114 | SUCCESS | rc=0 >>
    Listen 80


    [root@ansible ~]# ansible-playbook /etc/ansible/httpd.yaml

    
    

    PLAY [crushlinux] ***********************************************************************************************************************

    
    

    TASK [Gathering Facts] ******************************************************************************************************************
    ok: [192.168.200.115]
    ok: [192.168.200.114]

    
    

    TASK [change port] **********************************************************************************************************************
    [WARNING]: Consider using template or lineinfile module rather than running sed

                    可以忽略或使用模板lineinfile模块而不是运行sed

    
    

    changed: [192.168.200.115]
    changed: [192.168.200.114]

    
    

    RUNNING HANDLER [restart httpd server] **************************************************************************************************
    changed: [192.168.200.115]
    changed: [192.168.200.114]

    
    

    PLAY RECAP ******************************************************************************************************************************
    192.168.200.114 : ok=3 changed=2 unreachable=0 failed=0
    192.168.200.115 : ok=3 changed=2 unreachable=0 failed=0

     查看结果:

    
    

    [root@ansible ~]# ansible test01 -m shell -a 'netstat -anpt | grep httpd'
    192.168.200.114 | SUCCESS | rc=0 >>
    tcp6 0 0 :::8080 :::* LISTEN 9209/httpd

    
    

    [root@ansible ~]# ansible crushlinux -m shell -a 'netstat -anpt | grep httpd'
    192.168.200.114 | SUCCESS | rc=0 >>
    tcp6 0 0 :::8080 :::* LISTEN 9209/httpd

    
    

    192.168.200.115 | SUCCESS | rc=0 >>
    tcp6 0 0 :::8080 :::* LISTEN 12029/httpd

     

    基于Ansible playbook配置zabbix agent端:zabbix是一种监控器,用于监控client端

    [root@ansible ~]# vim zabbix-agent.sh
    
    
    #!/bin/bash
    NH=$(hostname)
    if [ ! -f /etc/yum.repos.d/zabbix.repo ]
    then
        rpm -Uvh
    http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
    fi
    rpm -q zabbix-agent &>/dev/null
    [ $? -ne 0 ] && yum -y -q install zabbix-agent
    cp /etc/zabbix/zabbix_agentd.conf{,-$(date +%F%T)}
    sed -i 's/Server=127.0.0.1/Server=192.168.200.113/g' /etc/zabbix/zabbix_agentd.conf
    sed -i 's/ServerActive=127.0.0.1/ServerActive=192.168.200.113/g'
    /etc/zabbix//zabbix_agentd.conf
    sed -i 's/Hostname=Zabbix server/Hostname=$HN/g' /etc/zabbix/zabbix_agentd.conf
    systemctl | restart zabbix-agent

    3:角色

     

     


    实验案例:

           通过一个实验配置数据库角色,要求被管理端主机自动安装Mariadb,安装后上传提前装备好的配置文件到远端主机,重启服务,然后新建testdb数据库,并允许test用户对其拥有所有权限:

    1:被管理端配置yum源:

    [root@client2 ~]# cd /etc/yum.repos.d/
    [root@client2 yum.repos.d]# ls
    a  epel.repo  epel-testing.repo  local.repo


    [root@client1 ~]# cd /etc/yum.repos.d/
    [root@client2 yum.repos.d]# ls
    a  epel.repo  epel-testing.repo  local.repo

    2:配置数据库角色:

    [root@ansible ~]# mkdir -pv /etc/ansible/roles/mariadb/{file,tasks,handlers}
    mkdir: 已创建目录 "/etc/ansible/roles/mariadb"
    mkdir: 已创建目录 "/etc/ansible/roles/mariadb/file"
    mkdir: 已创建目录 "/etc/ansible/roles/mariadb/tasks"
    mkdir: 已创建目录 "/etc/ansible/roles/mariadb/handlers"

    [root@ansible ~]# cd /etc/ansible/ [root@ansible ansible]# vim /etc/ansible/mariadb.yaml --- - hosts: crushlinux remote_user: root roles: - mariadb ...

    [root@ansible ansible]# cd /etc/ansible/roles/mariadb/
    [root@ansible mariadb]# ls
    file    handlers   tasks
    [root@ansible mariadb]# cd tasks/
    [root@ansible tasks]# vim main.yaml

    
    

    ---
    - name: install mariadb                                  #指定任务名称安装mariadb数据库
    yum: name=mariadb-server state=present                   #执行yum模块安装mariadb

    - name: move config file                                  #指定任务名称移除原有配置文件
    shell: "[ -e /etc/my.cnf ] && mv /etc/my.cnf /etc/my.cnf.bak"   #进行判断,如果有就移除
    - name: provide a new config file                              #创建一个新的配置文件

    copy: src=my.cnf dest=/etc/my.cnf                              #src源会自动到file文件中查找my.cnf配置文件
    - name: reload mariadb                                         #指定任务名称重启mariadb
    shell: systemctl restart mariadb                               #hsell添加模块重启mariadb
    - name: create database testdb                                 #指定要求添加mysql语句
    shell: mysql -u root -e "create database testdb;grant all privileges on testdb.* to 'test@'192.168.200.%' identified by 'test123';flush privileges;"
    notify:                                                        #通知触发器
    - restart mariadb                                               #重启mariadb
    ...

     

     

      [root@ansible handlers]# vim main.yml

       ---
       - name: restart mariadb                           #引用上面的触发器
         server: name=mariadb state=restarted            #触发后重启mariadb服务
       ...



    [root@ansible handlers]# cd ../file/
    [root@ansible file]# cp /etc/my.cnf /etc/ansible/roles/mariadb/file/
    [root@ansible file]# ls
    my.cnf                    #准备my.cnf文件
    [root@ansible file]# cd /etc/ansible/

    [root@ansible ansible]# tree
    .
    ├── ansible.cfg
    ├── hosts
    ├── hosts.bak
    ├── httpd.yaml
    ├── mariadb.yaml
    ├── roles
    │   └── mariadb
    │   ├── file
    │   │   └── my.cnf
    │   ├── handlers
    │   │   └── main.yaml
    │   └── tasks
    │   └── main.yaml
    └── test.yaml

    预执行:

    [root@ansible mariadb]# ansible-playbook -C /etc/ansible/mariadb.yaml 
  • 相关阅读:
    【BZOJ4676】Xor-Mul棋盘 拆位+状压DP
    【BZOJ4688】One-Dimensional 矩阵乘法
    【BZOJ4704】旅行 树链剖分+可持久化线段树
    【BZOJ4709】[Jsoi2011]柠檬 斜率优化+单调栈
    【BZOJ4711】小奇挖矿 树形DP
    【BZOJ4715】囚人的旋律 DP
    【BZOJ4712】洪水 树链剖分优化DP+线段树
    服务器相关 HTTP 请求错误
    RSA算法
    公钥和私钥解释
  • 原文地址:https://www.cnblogs.com/CMX_Shmily/p/11754648.html
Copyright © 2011-2022 走看看