1.什么是playbook
- playbook :定义一个文本文件,以yml为后缀结尾,那playbook组成如下、
- play:定义的是主机的角色
- task: 定义的是具体执行的任务
- 总结:playbook是由一个或多个play组成,一个play可以包含多个task任务。
- 可以理解为:使用不同的模块来共同完成一件事情
playbook 剧本 <---------文件 YAML
- play 找谁 <----------找那个主机 web01
- task 做什么 <----------- 干什么事情 yum copy service
2.playbook和AD-HOc区别
- playbook 是对AD-HOC 的一种编排方式
- playbook 可以持久运行,而AD-HOC 只能临时运行
- playbook 适合复杂任务,而AD-HOC适合做简单的任务
- playbook能控制任务执行的先后顺序
3.playbook 三板斧 ? 缩进 冒号 短横线(语法格式)
| 语法 | 描述 |
|---|---|
| 缩进 | YAML 使用固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用tabs |
| 冒号 | 以冒号结尾的除外,其他所有冒号后面所有必须有空格 |
| 短横线 | 表示列表项,使用一个短横线加一个空格,多个项使用同样的缩进级别作为同一列表 |
- 示例 在/tmp 目录下创建123.txt 属主 root 属组 root 权限0600
- hosts: webservers
tasks:
- name: create New File
file: path=/tmp/123.txt state=touch owner=root group=root mode=0600
- name: create New File2
file:
path: /tmp/789.txt
state: touch
owner: root
group: root
mode: 0666
[root@m01 project]# ansible-playbook --syntax f1.yml -i hosts
测试代码是否正确
ansible-playbook -C f1.yml -i hosts
测试环境
4.playbook 写服务 (NFS HTTPD Nginx LAMP)
- 案列一 使用ansible playbook安装并配置nfs服务
#172.16.1.31 nfs
#172.16.1.7 server
#172.16.1.8 cliniet
#1. 新增一台nfs服务器
vim ./project/hosts
[webservers]
172.16.1.7
172.16.1.8
[nfsservers]
172.16.1.31
[root@m01 project]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41
#2. 测试三台主机是否通
[root@m01 project]# ansible all -m ping -i hosts
#3.编写一个nfs-sever的yml
1. 安装nfs yum
2. 配置nfs copy
3.初始化环境
用户 group user
目录 file
授权 file
4. 启动服务 systemd
[root@m01 project]# cat backup/nfs_server.yml
- hosts: nfsservers
tasks:
- name: installed nfs server
yum:
name: nfs-utils
state: present
- name: configure nfs server
copy:
src: ./file/exports.j2
dest: /etc/exports
owner: root
group: root
mode: 0644
backup: yes
- name: create nfs group www
group:
name: www
gid: 666
- name: create nfs user www
user:
name: www
group: www
uid: 666
create_home: no
shell: /sbin/nologin
- name: create nfs directory
file:
path: /ansible_data
state: directory
owner: www
group: www
mode: 0755
recurse: yes
0
- name: systemd nfs server
systemd:
name: nfs
state: restarted
enabled: yes
scp -rp /etc/exports root@172.16.1.61 :/root/project/file/exports.j2
#4.编写一个nfs-client的yml
[root@m01 project]# vim backup/nfs_client.yml
- hosts: webservers
tasks:
- name: mount nfs server server share directory
mount:
src: 172.16.1.31:/ansible_data
path: /mnt
fstype: nfs
opts: defaults
state: mounted
- 案列二 使用ansible playbook安装并配置nginx服务
1.安装 yum
2.配置 copy
3.启动 systemd
[root@m01 project]# vim httpd_server.yml +17
- hosts: webservers
tasks:
- name: install nginx server
yum:
name: nginx
state: present
- name: cohfig nginx server
copy:
src: ./file/nginx.j2
dest: /etc/nginx/nginx.conf
owner: root
grep: root
mode: 0644
backup: yes
notify: RESTATR NGINX SERVER
- name: sytemd nginx server
systemd:
name: nginx
state: started
handlers:
- name: RESTART NGINX SERVER
systemd:
name: nginx
state: restarted
scp -rp /etc/nginx/nginx.conf root@172.16.1.61:/root/project/file/nginx.j2
- -案列三 使用Ansible playbook方式构建lap架构
1.使用yum 安装httpd php firewalld
2.使用get_url 下载 http://fj.xuliangwei.com/public/index.php
3.启动httpd firewalld 等服务
4.添加防火墙规则 放行httpd的流量,并永久生效
[root@m01 project]# cat backup/kedao_server.yml
- hosts: web
tasks:
- name: install php server
yum:
name: php
state: present
- name: install http server
yum:
name: httpd
state: present
- name: config http services
get_url:
url: http://fj.xuliangwei.com/public/index.php
dest: /var/www/html/index.php
mode: 0644
- name: systemd httpd server
systemd:
name: httpd
state: restarted
- name: systemd firewalld server
systemd:
name: firewalld
state: restarted
- name: configure firewalld roule
firewalld:
service: http
state: enabled
- 案列4 使用Ansible playbook方式构建可道云网盘 LAP 架构
- hosts: web
tasks:
- name: Installed Httpd Server
yum:
name: httpd
state: present
- name: Installed PHP Server
yum:
name: php
state: present
- name: Get kodcloud Code
synchronize:
src: ./file/kod
dest: /var/www/html/kodcloud
- name: Chomod kodcloud
file:
path: /var/www/html/
owner: root
group: root
mode: 0777
recurse: yes
- name: Systemd Httpd Server
systemd:
name: httpd
state: restarted
-
案列5 使用ansible playbook方式构建可道云网盘 LNP架构
- hosts: web tasks: #1.配置yum源仓库 nginx php - name: Installed Nginx repo yum_repository: name: nginx description: nginx repos baseurl: http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck: no #2.配置yum源仓库 php - name: Installed PHP repo yum_repository: name: webtatic-php description: php repos baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/ gpgcheck: no #3.安装nginx和php - name: Installed Nginx and PHP Packages yum: name: "{{ packages }}" vars: packages: - nginx - php71w - php71w-cli - php71w-common - php71w-devel - php71w-gd - mod_php71w - php71w-fpm - php71w-opcache #4.创建程序启动的用户身份 - name: Create Group www group: name: www gid: 666 - name: Create User www user: name: www group: www uid: 666 create_home: no shell: /sbin/nologin #5.管理nginx配置文件 - name: Configure nginx.conf copy: src: ./file/nginx.conf.j2 dest: /etc/nginx/nginx.conf notify: Restart Nginx Server #6.管理php-fpm配置文件 - name: Configure php-fpm.conf copy: src: ./file/php-www.conf.j2 dest: /etc/php-fpm.d/www.conf notify: Restart PHP-FPM Server #6.添加kodcloud虚拟主机(检测语法) - name: Add Nginx VirtHost kod.oldxu.com copy: src: ./file/kold.oldxu.com.conf.j2 dest: /etc/nginx/conf.d/kold.oldxu.com.conf notify: Restart Nginx Server - name: Init Nginx BseEnv file: path: /code state: directory owner: www group: www recurse: yes - name: Push KodCloud Code synchronize: src: ./file/kod dest: /code/ - name: Chomod kodcloud file: path: /code owner: www group: www mode: 0777 recurse: yes - name: Systemd Nginx Server systemd: name: nginx state: started enabled: yes - name: Systemd PHP-FPM Server systemd: name: php-fpm state: started enabled: yes #当nginx或php配置文件发生变更才会触发此操作 handlers: - name: Restart Nginx Server systemd: name: nginx state: restarted - name: Restart PHP-FPM Server systemd: name: php-fpm state: restarted