- YAML的语法和其他高阶语言类似并且可以简单表达清单、散列表、标量等数据结构。(列表用横杆表示,键值对用冒号分割,键值对里又可以嵌套另外的键值对)
- YAML文件扩展名通常为.yaml或者.yml。下面为示例
- 一定要对齐,只能使用空格
name: tom
age: 21
gender: male
spourse:
name: lily
gender: female
children:
- name: susan
age: 2
gender: feamle
- name: sunny
age: 10
gender: male
2、核心组件
- tasks:任务
- variables:变量
- templates:模板
- handlers:处理器
- roles:角色
3、playbook简单示例
3.1示例1
vim /root/first.yml
- hosts: all
remote_user: root
vars: httpd_port=80
tasks:
- name: install httpd
yum: name=httpd state=present
- name: install php
yum: name=php state=present
- name: start httpd
service: name=httpd state=started enabled=true
hosts 定义单个主机或组,vars定义变量,remote_user定义执行命令的远程用户,tasks定义执行哪些命令,handlers定义调用哪些处理器 vars(变量): 变量命名: 字母数字下划线组成,只能以字母开头 变量种类: facts(内置变量) 由远程主机发回的主机属性信息,这些信息被保存在ansible变量当中 例如:ansible 192.168.238.170 -m setup 来获取远程主机上的属性信息,这些属性信息保存在facts中 通过命令行传递 通过命令行传递:ansible-playbook test.yml --extra-vars “host=www user=tom“(如果剧本中已有此处定义的变量则会被覆盖) 通过roles传递 主机变量 在/etc/ansible/hosts中定义 [web1] 192.168.1.1 name=haha 组变量 [group_name:vars] foo=bar hosts : /etc/abible/hosts 中指定的远程主机,并用指定的属性进行连接 ansible_ssh_port 连接远程主机使用的端口 ansible_ssh_user 连接远程主机使用的用户 ansible_ssh_pass 连接远程主机使用的密码 cat /etc/ansible/hosts [web1] web1.hostname ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=123 web2.hostname
3.2示例2
vim /root/second.yml
- hosts: web1
remote_user: root
vars:
username: bob
password: 123
tasks:
- name: add user
user: name={{ username }} state=present
when: ansible_os_family == "Debian"
- name: set password
shell: echo {{ password }} |passwd --stdin {{ username }}
- name: install httpd php
yum: name={{ item }} state=present
with_items:
- httpd
- php
- name: add two users
user: name={{ item }} state=present groups={{ item.groups }}
with_items:
- { name: 'user1', groups: 'group1'}
- { name: 'user2', groups: 'group2'}
- 在playbook中调用变量的方式为{{ variable }}
- when语句用来条件测试
- ansible_os_family 是facts中内置的属性信息 ansible_os_family的信息可以使用ansible all -m setup | grep ansible_os_family 查看
- 在task中调用内置的item变量;在某task后面使用with_items语句来定义元素列表
3.3示例三
vim /root/third.yml
- hosts: web1
remote_user: root
vars:
httpd_port=80
tasks:
- name: install httpd
yum: name=httpd state=present
- name: install php
yum: name=php state=present
- name: copy config file
copy: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd state=started enabled=true
handlers:
- name: restart httpd
service: name=httpd state=restarted
上面的意思是copy中复制过去的文件跟远程主机上的文件不同,就通过notify调用handlers,即重启httpd服务。
handler是重启服务是最通用的用法
3.4示例四
vim /etc/ansible/hosts [web1] 192.168.1.1 http_port=80
vim /root/httpd.conf
……
Listen {{ http_port }}
……
vim /root/fourth.yml
- hosts: web1
remote_user: root
vars:
httpd_port=80
tasks:
- name: install httpd
yum: name=httpd state=present
- name: copy config file
template: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd state=started enabled=true
handlers:
- name: restart httpd
service: name=httpd state=restarted
templates:用于生成文本文件(配置文件)
模板文件中可使用jinja2表达式,表达式要定义在{{ }},也可以简单地仅执行变量替换
3.5示例五
roles:roles用于实现“代码复用”,roles以特定的层次型格式组织起来的playbook元素(variables, tasks, templates,handlers);可被playbook以role的名字直接进行调用
roles的文件结构:
- files/:此角色中用到的所有文件均放置于此目录中
- templates/: Jinja2模板文件存放位置
- tasks/:任务列表文件;可以有多个,但至少有一个叫做main.yml的文件
- handlers/:处理器列表文件;可以有多个,但至少有一个叫做main.yml的文件
- vars/:变量字典文件;可以有多个,但至少有一个叫做main.yml的文件
- meta/:此角色的特殊设定及依赖关系
mkdir /root/roles
cd /root/roles
mkdir -p web1/{files, templayes, tasks, handlers, vars, meta}
vim web1/vars/main.yml user: tom group: tom http_port: 8080
vim web1/tasks/main.yml - name: install httpd yum: name=httpd state=present - name: copy config file template: src=httpd.conf dest=/etc/httpd/conf/httpd.conf notify: restart httpd tags: conf - name: start httpd service: name=httpd state=started enabled=true 这里的template指的是相对路径-->web1/templates tags可以在运行时指定标签任务
vim web1/handlers/main.yml handlers: - name: restart httpd service: name=httpd state=restarted
vim web1/templates/httpd.conf
……
Listen {{ http_port }}
……
运行
ansible-playbook web1.yml 指定运行任务: ansible-playbook -t conf web1.yml
4、使用ansible-playbook安装zabbix
4.1定义hosts
vim /etc/ansible/hosts [mini] 129.139.153.78:16283 155.139.190.94:12573
4.2定义入口文件install_zabbix_agent.yml
shell > vim /etc/ansible/install_zabbix_agent.yml --- - hosts: mini roles: - install_zabbix_agent ## 可以看到将要安装的主机组为 mini 组,角色为 install_zabbix_agent
4.3定义角色 install_zabbix_agent
tree /etc/ansible/roles/install_zabbix_agent/
├── files
│ └── zabbix-2.4.5.tar.gz
├── tasks
│ └── main.yml
├── templates
│ ├── zabbix_agentd
│ └── zabbix_agentd.conf
└── vars
└── main.yml
## 建立 files 目录,存放编译安装过的 zabbix_agent 目录的压缩文件,用于拷贝到远程主机
## 建立 tasks 目录,用于编写将要执行的任务
## 建立 templates 目录,用于存放可变的模板文件
## 建立 vars 目录,用于存放变量信息
4.4建立tasks主文件
cat /etc/ansible/roles/install_zabbix_agent/tasks/main.yml
---
- name: Install Software
yum: name={{ item }} state=latest
with_items:
- libcurl-devel
- name: Create Zabbix User
user: name={{ zabbix_user }} state=present createhome=no shell=/sbin/nologin
- name: Copy Zabbix.tar.gz
copy: src=zabbix-{{ zabbix_version }}.tar.gz dest={{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz owner=root group=root
- name: Uncompression Zabbix.tar.gz
shell: tar zxf {{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz -C {{ zabbix_dir }}/
- name: Copy Zabbix Start Script
template: src=zabbix_agentd dest=/etc/init.d/zabbix_agentd owner=root group=root mode=0755
- name: Copy Zabbix Config File
template: src=zabbix_agentd.conf dest={{ zabbix_dir }}/zabbix/etc/zabbix_agentd.conf owner={{ zabbix_user }} group={{ zabbix_user }} mode=0644
- name: Modify Zabbix Dir Permisson
file: path={{ zabbix_dir }}/zabbix owner={{ zabbix_user }} group={{ zabbix_user }} mode=0755 recurse=yes
- name: Start Zabbix Service
shell: /etc/init.d/zabbix_agentd start
- name: Add Boot Start Zabbix Service
shell: chkconfig --level 35 zabbix_agentd on
4.5建立主变量文件
cat /etc/ansible/roles/install_zabbix_agent/vars/main.yml zabbix_dir: /usr/local zabbix_version: 2.4.5 zabbix_user: zabbix zabbix_port: 10050 zabbix_server_ip: 131.142.101.120
4.6建立模板文件
cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd
#!/bin/bash
#
# chkconfig: - 90 10
# description: Starts and stops Zabbix Agent using chkconfig
# Tested on Fedora Core 2 - 5
# Should work on all Fedora Core versions
#
# @name: zabbix_agentd
# @author: Alexander Hagenah <hagenah@topconcepts.com>
# @created: 18.04.2006
#
# Modified for Zabbix 2.0.0
# May 2012, Zabbix SIA
#
# Source function library.
. /etc/init.d/functions
# Variables
# Edit these to match your system settings
# Zabbix-Directory
BASEDIR={{ zabbix_dir }}/zabbix
# Binary File
BINARY_NAME=zabbix_agentd
# Full Binary File Call
FULLPATH=$BASEDIR/sbin/$BINARY_NAME
# PID file
PIDFILE=/tmp/$BINARY_NAME.pid
# Establish args
ERROR=0
STOPPING=0
#
# No need to edit the things below
#
# application checking status
if [ -f $PIDFILE ] && [ -s $PIDFILE ]
then
PID=`cat $PIDFILE`
if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null && [ $BINARY_NAME == `ps -e | grep $PID | awk '{print $4}'` ]
then
STATUS="$BINARY_NAME (pid `pidof $APP`) running.."
RUNNING=1
else
rm -f $PIDFILE
STATUS="$BINARY_NAME (pid file existed ($PID) and now removed) not running.."
RUNNING=0
fi
else
if [ `ps -e | grep $BINARY_NAME | head -1 | awk '{ print $1 }'` ]
then
STATUS="$BINARY_NAME (pid `pidof $APP`, but no pid file) running.."
else
STATUS="$BINARY_NAME (no pid file) not running"
fi
RUNNING=0
fi
# functions
start() {
if [ $RUNNING -eq 1 ]
then
echo "$0 $ARG: $BINARY_NAME (pid $PID) already running"
else
action $"Starting $BINARY_NAME: " $FULLPATH
touch /var/lock/subsys/$BINARY_NAME
fi
}
stop() {
echo -n $"Shutting down $BINARY_NAME: "
killproc $BINARY_NAME
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$BINARY_NAME
RUNNING=0
}
# logic
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $BINARY_NAME
;;
restart)
stop
sleep 10
start
;;
help|*)
echo $"Usage: $0 {start|stop|status|restart|help}"
cat <<EOF
start - start $BINARY_NAME
stop - stop $BINARY_NAME
status - show current status of $BINARY_NAME
restart - restart $BINARY_NAME if running by sending a SIGHUP or start if not running
help - this screen
EOF
exit 1
;;
esac
exit 0
shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd.conf
# This is a config file for the Zabbix agent daemon (Unix)
# To get more information about Zabbix, visit http://www.zabbix.com
############ GENERAL PARAMETERS #################
### Option: PidFile
# Name of PID file.
#
# Mandatory: no
# Default:
# PidFile=/tmp/zabbix_agentd.pid
### Option: LogFile
# Name of log file.
# If not set, syslog is used.
#
# Mandatory: no
# Default:
# LogFile=
LogFile=/tmp/zabbix_agentd.log
### Option: LogFileSize
# Maximum size of log file in MB.
# 0 - disable automatic log rotation.
#
# Mandatory: no
# Range: 0-1024
# Default:
# LogFileSize=1
### Option: DebugLevel
# Specifies debug level
# 0 - basic information about starting and stopping of Zabbix processes
# 1 - critical information
# 2 - error information
# 3 - warnings
# 4 - for debugging (produces lots of information)
#
# Mandatory: no
# Range: 0-4
# Default:
# DebugLevel=3
### Option: SourceIP
# Source IP address for outgoing connections.
#
# Mandatory: no
# Default:
# SourceIP=
### Option: EnableRemoteCommands
# Whether remote commands from Zabbix server are allowed.
# 0 - not allowed
# 1 - allowed
#
# Mandatory: no
# Default:
# EnableRemoteCommands=0
### Option: LogRemoteCommands
# Enable logging of executed shell commands as warnings.
# 0 - disabled
# 1 - enabled
#
# Mandatory: no
# Default:
# LogRemoteCommands=0
##### Passive checks related
### Option: Server
# List of comma delimited IP addresses (or hostnames) of Zabbix servers.
# Incoming connections will be accepted only from the hosts listed here.
# If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.
#
# Mandatory: no
# Default:
# Server=
Server={{ zabbix_server_ip }}
### Option: ListenPort
# Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
# ListenPort=10050
ListenPort={{ zabbix_port }}
### Option: ListenIP
# List of comma delimited IP addresses that the agent should listen on.
# First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
#
# Mandatory: no
# Default:
# ListenIP=0.0.0.0
### Option: StartAgents
# Number of pre-forked instances of zabbix_agentd that process passive checks.
# If set to 0, disables passive checks and the agent will not listen on any TCP port.
#
# Mandatory: no
# Range: 0-100
# Default:
# StartAgents=3
##### Active checks related
### Option: ServerActive
# List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks.
# If port is not specified, default port is used.
# IPv6 addresses must be enclosed in square brackets if port for that host is specified.
# If port is not specified, square brackets for IPv6 addresses are optional.
# If this parameter is not specified, active checks are disabled.
# Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
# Mandatory: no
# Default:
# ServerActive=
#ServerActive=127.0.0.1:10051
### Option: Hostname
# Unique, case sensitive hostname.
# Required for active checks and must match hostname as configured on the server.
# Value is acquired from HostnameItem if undefined.
#
# Mandatory: no
# Default:
# Hostname=
Hostname={{ ansible_all_ipv4_addresses[1] }}
### Option: HostnameItem
# Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
# Does not support UserParameters or aliases.
#
# Mandatory: no
# Default:
# HostnameItem=system.hostname
### Option: HostMetadata
# Optional parameter that defines host metadata.
# Host metadata is used at host auto-registration process.
# An agent will issue an error and not start if the value is over limit of 255 characters.
# If not defined, value will be acquired from HostMetadataItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostMetadata=
### Option: HostMetadataItem
# Optional parameter that defines an item used for getting host metadata.
# Host metadata is used at host auto-registration process.
# During an auto-registration request an agent will log a warning message if
# the value returned by specified item is over limit of 255 characters.
# This option is only used when HostMetadata is not defined.
#
# Mandatory: no
# Default:
# HostMetadataItem=
### Option: RefreshActiveChecks
# How often list of active checks is refreshed, in seconds.
#
# Mandatory: no
# Range: 60-3600
# Default:
# RefreshActiveChecks=120
### Option: BufferSend
# Do not keep data longer than N seconds in buffer.
#
# Mandatory: no
# Range: 1-3600
# Default:
# BufferSend=5
### Option: BufferSize
# Maximum number of values in a memory buffer. The agent will send
# all collected data to Zabbix Server or Proxy if the buffer is full.
#
# Mandatory: no
# Range: 2-65535
# Default:
# BufferSize=100
### Option: MaxLinesPerSecond
# Maximum number of new lines the agent will send per second to Zabbix Server
# or Proxy processing 'log' and 'logrt' active checks.
# The provided value will be overridden by the parameter 'maxlines',
# provided in 'log' or 'logrt' item keys.
#
# Mandatory: no
# Range: 1-1000
# Default:
# MaxLinesPerSecond=100
############ ADVANCED PARAMETERS #################
### Option: Alias
# Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
# Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
# Different Alias keys may reference the same item key.
# For example, to retrieve the ID of user 'zabbix':
# Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,1]
# Now shorthand key zabbix.userid may be used to retrieve data.
# Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
#
# Mandatory: no
# Range:
# Default:
### Option: Timeout
# Spend no more than Timeout seconds on processing
#
# Mandatory: no
# Range: 1-30
# Default:
Timeout=20
### Option: AllowRoot
# Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
# will try to switch to the user specified by the User configuration option instead.
# Has no effect if started under a regular user.
# 0 - do not allow
# 1 - allow
#
# Mandatory: no
# Default:
# AllowRoot=0
### Option: User
# Drop privileges to a specific, existing user on the system.
# Only has effect if run as 'root' and AllowRoot is disabled.
#
# Mandatory: no
# Default:
# User=zabbix
### Option: Include
# You may include individual files or all files in a directory in the configuration file.
# Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
#
# Mandatory: no
# Default:
# Include=
# Include=/usr/local/etc/zabbix_agentd.userparams.conf
# Include=/usr/local/etc/zabbix_agentd.conf.d/
# Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf
####### USER-DEFINED MONITORED PARAMETERS #######
### Option: UnsafeUserParameters
# Allow all characters to be passed in arguments to user-defined parameters.
# 0 - do not allow
# 1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
UnsafeUserParameters=1
### Option: UserParameter
# User-defined parameter to monitor. There can be several user-defined parameters.
# Format: UserParameter=<key>,<shell command>
# See 'zabbix_agentd' directory for examples.
#
# Mandatory: no
# Default:
# UserParameter=
####### LOADABLE MODULES #######
### Option: LoadModulePath
# Full path to location of agent modules.
# Default depends on compilation options.
#
# Mandatory: no
# Default:
# LoadModulePath=${libdir}/modules
### Option: LoadModule
# Module to load at agent startup. Modules are used to extend functionality of the agent.
# Format: LoadModule=<module.so>
# The modules must be located in directory specified by LoadModulePath.
# It is allowed to include multiple LoadModule parameters.
#
# Mandatory: no
# Default:
# LoadModule=
4.7安装
ansible-playbook /etc/ansible/install_zabbix_agent.yml PLAY [mini] ******************************************************************* GATHERING FACTS *************************************************************** ok: [129.139.153.78] ok: [155.139.190.94] TASK: [install_zabbix_agent | Install Software] ******************************* changed: [155.139.190.94] => (item=libcurl-devel) changed: [129.139.153.78] => (item=libcurl-devel) TASK: [install_zabbix_agent | Create Zabbix User] ***************************** changed: [129.139.153.78] changed: [155.139.190.94] TASK: [install_zabbix_agent | Copy Zabbix.tar.gz] ***************************** changed: [129.139.153.78] changed: [155.139.190.94] TASK: [install_zabbix_agent | Uncompression Zabbix.tar.gz] ******************** changed: [129.139.153.78] changed: [155.139.190.94] TASK: [install_zabbix_agent | Copy Zabbix Start Script] *********************** changed: [155.139.190.94] changed: [129.139.153.78] TASK: [install_zabbix_agent | Copy Zabbix Config File] ************************ changed: [129.139.153.78] changed: [155.139.190.94] TASK: [install_zabbix_agent | Modify Zabbix Dir Permisson] ******************** changed: [155.139.190.94] changed: [129.139.153.78] TASK: [install_zabbix_agent | Start Zabbix Service] *************************** changed: [129.139.153.78] changed: [155.139.190.94] TASK: [install_zabbix_agent | Add Boot Start Zabbix Service] ****************** changed: [129.139.153.78] changed: [155.139.190.94] PLAY RECAP ******************************************************************** 155.139.190.94 : ok=10 changed=9 unreachable=0 failed=0 129.139.153.78 : ok=10 changed=9 unreachable=0 failed=0 ## 关注一下,启动脚本跟配置文件中变量的引用。 ## 完成安装,可以去客户机检查效果了 !