zoukankan      html  css  js  c++  java
  • ansible基本命令及剧本

    ansible常用命令

    1. -v,  –verbose                    详细模式,如果命令执行成功,输出详细的结果(-vv –vvv -vvvv)
    2. -i,  –inventory=PATH             指定host文件的路径,默认是在/etc/ansible/hosts(生产环境经常用到)
    3. -f NUM,  –forks=NUNUM            接一个整数,默认是5,指定fork开启同步进程的个数。
    4. -m  NAME, –module-name=NAME      指定使用的module名称,默认是command
    5. -a,  MODULE_ARGS                 指定module模块的参数
    6. -k,  -ask-pass                   提示输入ssh的密码,而不是使用基于ssh的密钥认证
    7. -sudo                            指定使用sudo获得root权限(生产环境经常用到)
    8. -K,  -ask-sudo-pass              提示输入sudo密码,与sudo一起使用 (生产环境经常用到)
    9. -u  USERNAME,-user=USERNAME      指定移动端的执行用户
    10. -C, -check                       测试此命令执行不会改变什么内容,不会真正的去执行

    Ansible-playbook 基本命令

    1. ansible-playbook   // 查看帮助
    2. ansible-playbook a.yml --syntax-check    //检查yaml文件的语法是否正确
    3. ansible-playbook a.yml --list-task       //检查tasks任务
    4. ansible-playbook a.yml --list-hosts      //检查生效的主机
    5. ansible-playbook a.yml --start-at-task='Copy Nginx.conf'     //指定从某个task开始运行
    6. ansible-playbook --syntax-check -e "hosts=c7" xx.yml -s -k   // 语法检查
    7. ansible-playbook -i hostslist ***.yml --limit 192.168.0.1  // 排除单个主机
    8. ansible-playbook -i hostslist ***.yml --limit @failed.txt   // 排除多个主机
    9. ansible-playbook update-stg.yml -f 10 -s -k // 启用10个并行进程数执行

    ansible-doc常用命令

    1. ansible-doc -l   #列出所有ansible支持的模块,重要,请自行记住
    2. ansible-doc -s copy # 获取模块简要使用说明(如需详细去掉-s)
          src=          #源文件                   
          force=        #是否覆盖         
          dest=         #目标文件 

    ansible-galaxy init /roles/tomcat-install 创建roles目录结构

    Ansible 基本概念

    inventory 主机源

    • playbooks 一组运行任务的命令集合
    • roles 角色
    • tasks 运行任务列表
    • handlers 运行任务后的触发动作
    • variables 定义的变量

    inventor 目录结构

      • inventories/
        ├── group_vars
        │ └── all
        │ └── kubeadm.yml
        └── k8s-hosts

    roles目录结构

    tomcat-install/
    ├── defaults
    │   └── main.yml
    ├── files
    │   └── jdk-8u241-linux-x64.tar.gz
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   ├── basics.yml
    │   ├── copy.yml
    │   ├── main.yml
    │   └── tomcat.yml
    ├── templates
    │   ├── jdk_path
    │   ├── server.xml.j2
    │   └── tomcat
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
        └── main.yml
      
    tomcat-install角色名称
    files文件及软件目录
    vars定义变量
    templates模板文件 配置文件替换以.j2结尾
    task剧本任务
    README.md 说明文档
    handlers执行触发动作(类似puppet消息通知)
    tests文本
    meta 目录表示 role角色的属性

    ansible剧本常用参数:

    registe:name (命令传参,或字集传参)

    tags使用标记执行的模块的,可以选择单独执行某一个模块

    template 和copy的模块的功能一样 ,都是向远程主机上传送文件的,可以copy是送的是原封不动的文件,template 可以将文件中的变量渲染出来 示例template: src=/etc/redis.conf dest=/etc/redis.conf

    handlers执行操作 类似于puppet消息通知当触发时 执行操作 比如重启等  notify:handlersname 调用handlers操作

    whene判断 可以判断数值 可以判断命令是否失败或成功 true或fales failed  

    item 循环 写法:user: name={{item}}  with_items: - 111

    vars: 定义变量写法:- var1:111

    facts:获取回传文件 

    ignore_errors:True忽略命令返回结果 

    tomcat-install剧本roles编写

    创建执行文件

    installtomcat.yml

    创建rosle说明文件

    用于批量安装jdk及tomcat服务并启动
    自定义jdk版本号 例如jdk_version: 241
    由于jdk1.8版本以后 下载需要验证信息等 需手动下载安装包并放置tomcat-install rosel下files
    定义tomcat启动参数如tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M"
    定义tomcat下载版本例如tomcat_ver: 7.0.106
    执行tomcat-install.yml即可全自动安装
    README.md

    创建vars目录下main.yml 变量

    #定义tomcat变量
    jdk_version: 241   #定义jdk的版本号于files文件中的软件名称相对应
    jdk_PATH: /usr/local/jdk/  #定义安装jdk路径
    softdir: /softdir1   #创建临时软件放置目录
    tomcat_path: /soft/tomcat #定义tomcat目录
    tomcat_port: 8088  #定义tomcat端口号
    tomcat_free: JAVA_OPTS="-server -Xms512m -Xmx2048m -XX:MaxNewSize=512m -XX:PermSize=128M -XX:MaxPermSize=256M" #定义tomcat启动参数
    tomcat_ver: 7.0.106 #定义tomcat下载版本
    tomcat_ver_main: "{{ tomcat_ver.split('.')[0] }}" #截取定义tomcat版本路径的首数字 用于下载tomcat url确定
    down_url: https://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-{{ tomcat_ver_main }}/v{{ tomcat_ver }}/bin/apache-tomcat-{{ tomcat_ver }}.tar.gz #tomcat下载地址
    
    # vars file for tomcat-install
    main.yml

    创建templates目录下模板文件 jdk环境变量 tomcat的sever文件 tomcat的启停脚本

    JAVA_HOME={{ jdk_PATH }}
    JAVA_BIN={{ jdk_PATH }}bin
    JRE_HOME={{ jdk_PATH }}jre
    PATH=$PATH:{{ jdk_PATH }}bin:{{ jdk_PATH }}jre/bin
    CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar
    jdk_path
    <?xml version='1.0' encoding='utf-8'?>
    <!--
      Licensed to the Apache Software Foundation (ASF) under one or more
      contributor license agreements.  See the NOTICE file distributed with
      this work for additional information regarding copyright ownership.
      The ASF licenses this file to You under the Apache License, Version 2.0
      (the "License"); you may not use this file except in compliance with
      the License.  You may obtain a copy of the License at
    
          http://www.apache.org/licenses/LICENSE-2.0
    
      Unless required by applicable law or agreed to in writing, software
      distributed under the License is distributed on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      See the License for the specific language governing permissions and
      limitations under the License.
    -->
    <!-- Note:  A "Server" is not itself a "Container", so you may not
         define subcomponents such as "Valves" at this level.
         Documentation at /docs/config/server.html
     -->
    <Server port="8085" shutdown="SHUTDOWN">
      <!-- Security listener. Documentation at /docs/config/listeners.html
      <Listener className="org.apache.catalina.security.SecurityListener" />
      -->
      <!--APR library loader. Documentation at /docs/apr.html -->
      <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
      <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
      <Listener className="org.apache.catalina.core.JasperListener" />
      <!-- Prevent memory leaks due to use of particular java/javax APIs-->
      <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
      <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
      <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
    
      <!-- Global JNDI resources
           Documentation at /docs/jndi-resources-howto.html
      -->
      <GlobalNamingResources>
        <!-- Editable user database that can also be used by
             UserDatabaseRealm to authenticate users
        -->
        <Resource name="UserDatabase" auth="Container"
                  type="org.apache.catalina.UserDatabase"
                  description="User database that can be updated and saved"
                  factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
                  pathname="conf/tomcat-users.xml" />
      </GlobalNamingResources>
    
      <!-- A "Service" is a collection of one or more "Connectors" that share
           a single "Container" Note:  A "Service" is not itself a "Container",
           so you may not define subcomponents such as "Valves" at this level.
           Documentation at /docs/config/service.html
       -->
      <Service name="Catalina">
    
        <!--The connectors can use a shared executor, you can define one or more named thread pools-->
        <!--
        <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
            maxThreads="150" minSpareThreads="4"/>
        -->
    
    
        <!-- A "Connector" represents an endpoint by which requests are received
             and responses are returned. Documentation at :
             Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
             Java AJP  Connector: /docs/config/ajp.html
             APR (HTTP/AJP) Connector: /docs/apr.html
             Define a non-SSL HTTP/1.1 Connector on port 8080
        -->
        <Connector  port="{{ tomcat_port }}" 
                                protocol="HTTP/1.1" 
                    connectionTimeout="20000" 
                    redirectPort="8443" 
                                maxThreads="500" 
                                minSpareThreads="20" 
                                acceptCount="300" 
                                disableUploadTimeout="true" 
                                enableLookups="false" 
                                URIEncoding="UTF-8"
                                    keepAliveTimeout="10000"/>
        <!-- A "Connector" using the shared thread pool-->
        <!--
        <Connector executor="tomcatThreadPool"
                   port="8080" protocol="HTTP/1.1"
                   connectionTimeout="20000"
                   redirectPort="8443" />
        -->
        <!-- Define a SSL HTTP/1.1 Connector on port 8443
             This connector uses the JSSE configuration, when using APR, the
             connector should be using the OpenSSL style configuration
             described in the APR documentation -->
        <!--
        <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" />
        -->
    
        <!-- Define an AJP 1.3 Connector on port 8009 -->
        <Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />
    
    
        <!-- An Engine represents the entry point (within Catalina) that processes
    <?xml version='1.0' encoding='utf-8'?>
    <!--
      Licensed to the Apache Software Foundation (ASF) under one or more
      contributor license agreements.  See the NOTICE file distributed with
      this work for additional information regarding copyright ownership.
      The ASF licenses this file to You under the Apache License, Version 2.0
      (the "License"); you may not use this file except in compliance with
      the License.  You may obtain a copy of the License at
    
          http://www.apache.org/licenses/LICENSE-2.0
    
      Unless required by applicable law or agreed to in writing, software
      distributed under the License is distributed on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      See the License for the specific language governing permissions and
      limitations under the License.
    -->
    <!-- Note:  A "Server" is not itself a "Container", so you may not
         define subcomponents such as "Valves" at this level.
         Documentation at /docs/config/server.html
     -->
    <Server port="8085" shutdown="SHUTDOWN">
      <!-- Security listener. Documentation at /docs/config/listeners.html
      <Listener className="org.apache.catalina.security.SecurityListener" />
      -->
      <!--APR library loader. Documentation at /docs/apr.html -->
      <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
      <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
      <Listener className="org.apache.catalina.core.JasperListener" />
      <!-- Prevent memory leaks due to use of particular java/javax APIs-->
      <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
      <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
      <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
    
      <!-- Global JNDI resources
           Documentation at /docs/jndi-resources-howto.html
      -->
      <GlobalNamingResources>
        <!-- Editable user database that can also be used by
             UserDatabaseRealm to authenticate users
        -->
        <Resource name="UserDatabase" auth="Container"
                  type="org.apache.catalina.UserDatabase"
                  description="User database that can be updated and saved"
                  factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
                  pathname="conf/tomcat-users.xml" />
      </GlobalNamingResources>
    
      <!-- A "Service" is a collection of one or more "Connectors" that share
           a single "Container" Note:  A "Service" is not itself a "Container",
           so you may not define subcomponents such as "Valves" at this level.
           Documentation at /docs/config/service.html
       -->
      <Service name="Catalina">
    
        <!--The connectors can use a shared executor, you can define one or more named thread pools-->
        <!--
        <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
            maxThreads="150" minSpareThreads="4"/>
        -->
    
    
        <!-- A "Connector" represents an endpoint by which requests are received
             and responses are returned. Documentation at :
             Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
             Java AJP  Connector: /docs/config/ajp.html
             APR (HTTP/AJP) Connector: /docs/apr.html
             Define a non-SSL HTTP/1.1 Connector on port 8080
        -->
        <Connector  port="{{ tomcat_port }}" 
                                protocol="HTTP/1.1" 
                    connectionTimeout="20000" 
                    redirectPort="8443" 
                                maxThreads="500" 
                                minSpareThreads="20" 
                                acceptCount="300" 
                                disableUploadTimeout="true" 
                                enableLookups="false" 
                                URIEncoding="UTF-8"
                                    keepAliveTimeout="10000"/>
        <!-- A "Connector" using the shared thread pool-->
        <!--
        <Connector executor="tomcatThreadPool"
                   port="8080" protocol="HTTP/1.1"
                   connectionTimeout="20000"
                   redirectPort="8443" />
        -->
        <!-- Define a SSL HTTP/1.1 Connector on port 8443
             This connector uses the JSSE configuration, when using APR, the
             connector should be using the OpenSSL style configuration
             described in the APR documentation -->
        <!--
        <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                   maxThreads="150" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" />
        -->
    
        <!-- Define an AJP 1.3 Connector on port 8009 -->
        <Connector port="8089" protocol="AJP/1.3" redirectPort="8443" />
    
    
        <!-- An Engine represents the entry point (within Catalina) that processes
             every request.  The Engine implementation for Tomcat stand alone
             analyzes the HTTP headers included with the request, and passes them
             on to the appropriate Host (virtual host).
             Documentation at /docs/config/engine.html -->
    
        <!-- You should set jvmRoute to support load-balancing via AJP ie :
        <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
        -->
        <Engine name="Catalina" defaultHost="localhost">
    
          <!--For clustering, please take a look at documentation at:
              /docs/cluster-howto.html  (simple how to)
              /docs/config/cluster.html (reference documentation) -->
          <!--
          <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
          -->
    
          <!-- Use the LockOutRealm to prevent attempts to guess user passwords
               via a brute-force attack -->
          <Realm className="org.apache.catalina.realm.LockOutRealm">
            <!-- This Realm uses the UserDatabase configured in the global JNDI
                 resources under the key "UserDatabase".  Any edits
                 that are performed against this UserDatabase are immediately
                 available for use by the Realm.  -->
            <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                   resourceName="UserDatabase"/>
          </Realm>
    
          <Host name="localhost"  appBase="webapps"
                unpackWARs="true" autoDeploy="true">
    
            <!-- SingleSignOn valve, share authentication between web applications
                 Documentation at: /docs/config/valve.html -->
            <!--
            <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
            -->
    
            <!-- Access log processes all example.
                 Documentation at: /docs/config/valve.html
                 Note: The pattern used is equivalent to using pattern="common" -->
            <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
                   prefix="localhost_access_log." suffix=".txt"
                   pattern="%h %l %u %t &quot;%r&quot; %s %b" />
          </Host>
        </Engine>
      </Service>
    </Server>
    server.xml.j2
    #!/bin/sh
    # chkconfig: 345 99 10
    # description: Auto-starts tomcat
    # /etc/init.d/tomcatd
    # Tomcat auto-start
    # Source function library.
    #. /etc/init.d/functions
    # source networking configuration.
    #. /etc/sysconfig/network
    prog="tomcat"
    RETVAL=0
    
    CATALINA_HOME={{ tomcat_path }}
    
    start()
    {
            if [ -f $CATALINA_HOME/bin/startup.sh ];
              then
                echo $"Starting $prog"
                    $CATALINA_HOME/bin/startup.sh
                RETVAL=$?
                echo " OK"
                return $RETVAL
            fi
    }
    stop()
    {
            if [ -f $CATALINA_HOME/bin/shutdown.sh ];
              then
                echo $"Stopping $prog"
                    $CATALINA_HOME/bin/shutdown.sh
                RETVAL=$?
                #sleep 1
                ps -ef |grep $CATALINA_HOME |grep -v grep |grep -v PID | awk '{print $2}'|xargs kill -9
                echo " OK"
                # [ $RETVAL -eq 0 ] && rm -f /var/lock/...
                return $RETVAL
            fi
    }
    case "$1" in
     start)
            start
            ;;
     stop)
            stop
            ;;
     restart)
             echo $"Restaring $prog"
             $0 stop && sleep 1 && $0 start
             ;;
     *)
            echo $"Usage: $0 {start|stop|restart}"
            exit 1
            ;;
    esac
    exit $RETVAL
    tomcat

    创建tasks下main.yml主文件(定义剧本执行顺序) basics.yml(基本环境配置) copy.yml(jdk安装) tomcat.yml(tomcat安装部署)

    ---
    # tasks file for tomcat-install
    - include: basics.yml
    - include: copy.yml
    - include: tomcat.yml
    main.yml
    - name: 关闭firewalld
      service: name=firewalld state=stopped enabled=no
    
    - name: 临时关闭 selinux
      shell: "setenforce 0"
      failed_when: false
    
    - name: 永久关闭 selinux
      lineinfile:
        dest: /etc/selinux/config
        regexp: "^SELINUX="
        line: "SELINUX=disabled"
    
    - name: 添加EPEL仓库
      yum: name=epel-release state=latest
    
    - name: 安装常用软件包
      yum:
        name:
          - vim
          - lrzsz
          - net-tools
          - wget
          - curl
          - bash-completion
          - rsync
          - gcc
          - unzip
          - git
        state: latest
    basics.yml
    - name: crate soft dir #创建软件目录
      file: path={{ softdir }} state=directory
    - name: jdk package
      unarchive: src={{ softdir }}/jdk-8u{{ jdk_version }}-linux-x64.tar.gz dest={{ softdir }} copy=yes mode=755
    #解压软件包到softdir目录
    - name: jdk dir rename
      shell: "if [ ! -d {{ jdk_PATH }} ]; then mv {{ softdir }}/jdk1.8.0_{{ jdk_version }}/ {{ jdk_PATH }}; fi"
    #判断目录下有无jdk目录 将jdk移动至指定目录
    - name: copy jdk_patg
      template: src=jdk_path dest={{ softdir }} owner=root group=root
    #将jdk模板环境变量文件放置指定目录
    - name: wirte profile
      shell: "if [ `grep {{ jdk_PATH }}/bin /etc/profile |wc -l` -eq 0 ]; then cat {{ softdir }}/jdk_path >> /etc/profile ; fi"
    #将环境变量模板文件写入环境变量中
    - name: source profile
      shell: "source /etc/profile"
    #重新加载环境变量
    copy.yml
    - name: tomcat pag
      unarchive: src={{ softdir }}/apache-tomcat-{{ tomcat_ver }}.tar.gz dest={{ softdir }} copy=no owner=root group=root
    - name: dir rename
      shell: "if [ ! -d {{ tomcat_path }} ]; then mv {{ softdir }}/apache-tomcat-{{ tomcat_ver }}/ {{ tomcat_path }}; fi"
    - name: modify tomcat start parameter
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "{{ tomcat_free }}"
    - name: join variable_1
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "CATALINA_HOME={{ tomcat_path }}"
    
    - name: join variable_2
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "JAVA_HOME={{ jdk_PATH }}"
    
    - name: join variable_3
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "JRE_BIN={{ jdk_PATH }}bin"
    
    - name: join variable_4
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "JRE_HOME={{ jdk_PATH }}jre"
    
    - name: join variable_5
      lineinfile:
        dest: "{{ tomcat_path }}/bin/catalina.sh"
        insertbefore: "cygwin=false"
        line: "CLASSPATH={{ jdk_PATH }}jre/lib:{{ jdk_PATH }}lib:{{ jdk_PATH }}jre/lib/charsets.jar"
    - name: modifly tomcat file
      template: src=server.xml.j2 dest={{ tomcat_path }}/conf/server.xml owner=root group=root mode=0755
    - name: copy tomcat start
      template: src=tomcat dest=/usr/bin/ owner=root group=root mode=0755
    - name: copy tomcat system
      template: src=tomcat dest=/etc/init.d/ owner=root group=root mode=0755
    - name: start tomcat
      service: name=tomcat state=restarted enabled=yes
    tomcat.yml
  • 相关阅读:
    2018-11-13-常用模块1 (time random os sys)
    2018-11-12-递归函数&二分查找
    2018-11-9-匿名函数&递归函数初识
    JS-正则表达式实战篇(Angel著)
    Ubuntu 14.04远程登录服务器
    (37)Spring Boot集成EHCache实现缓存机制【从零开始学Spring Boot】
    (36)Spring Boot Cache理论篇【从零开始学Spring Boot】
    (35)Spring Boot集成Redis实现缓存机制【从零开始学Spring Boot】
    (34)Spring Boot的启动器Starter详解【从零开始学Spring Boot】
    Tensorflow 0.8.0 安装配置方法
  • 原文地址:https://www.cnblogs.com/dahuige/p/13921104.html
Copyright © 2011-2022 走看看