一、playbook 简介
Ansible的脚本—playbook剧本
通过task调用ansible的模板将多个play组织在一个playbook中运行。
playbooks本身由以下各部分组成:
(1) Tasks: 任务,即调用模块完成的某操作;
(2) Variables: 变量
(3) Templates:模板
(4) Handlers: 处理器,当某条件满足时,触发执行的操作;
(5) Roles: 角色。
- Play的主体部分是task列表, task列表中的各任务按次序逐个在hosts中指定的主机上执行,即在所有主机上完成第一 个任务后再开始第二个任务,在运行playbook时(从上到下执行),如果一个host执行task失败, 整个tasks都会回滚,请修正playbook中的错误,然后重新执行即可。嵌入了事务机制,可以回滚,容错性好。
- Task的目的是使用指定的参数执行模块,而在模块参数中可以使用变量,模块执行时幂等的,这意味着多次执行是安全的,因为其结果一致。
- 每一 个task必须有一个名称name,这样在运行playbook时,从其输出的任务执行信息中可以很好的辨别出是属于哪一 个task的。
- 定义一个task, 常见的格式:”module: options" 例如: yum: name=httpd
- .ansible的自带模块中,command模块和shelI模块无需使用key=value格式
二、playbook的执行命令
1 ansible-playbook [yaml文件名]
例如: ansible-playbook ping.yml
参数: -k用来交互输入ssh密码 -K用来交互输入sudo密码 -u 指定用户
补充命令:
1 ansible-playbook nginx.yaml --syntax-check #检查yaml文件的语法是否正确
2 ansible-playbook nginx.yaml --list-task #检查tasks任务
3 ansible-playbook nginx.yaml --list-hosts #检查生效的主机
4 ansible-playbook nginx.yaml --start-at-task='Copy Nginx.conf'
5 #指定从某个task开始运行
三、playbook 编写
指定远程主机sudo切换用户:
1 - hosts: mysql
2 remote_ user: root
3 become: yes
4 become_ user: zzff #无需配置ssh,sudo提权
5 tasks:
6 - name: copy text
7 copy: src=/etc/fstab dest=/home/mysql/fstab.bak
或者:
1 - hosts: mysql
2 remote_user: root
3 tasks:
4 - name: touch
5 file: path=/opt/aa state=directory mode=776 owner=bb group=bb
6 #设置bb用户的可执行权限
7 - name: copy
8 copy: src=/etc/fstab dest=/opt/aa/fstab.bak
9 remote_user: bb #配置ssh
忽略子任务的错误,继续执行,不进行回滚
1 - hosts: webserver
2 remote user: root
3 tasks:
4 - name: disable selinux
5 command: '/sbin/setenforce 0'
6 ignore_ errors: True
7 #忽略错误,强制返回成功,而不会因为一条错误直接回滚
8 - name: make sure apache is running
9 service: name= httpd state= started
多主机组任务
1 - hosts: webserver
2 remote user: root
3 tasks:
4 - name: create nginx group
5 group: name =nginx system=yes gid=208
6 - name: create nginx user
7 user: name=nginx uid= 208 group=nginx system=yes
8 - hosts: mysql
9 remote user: root
10 tasks:
11 - name: copy file to mysq|
12 copy: src=/etc/inittab dest=/opt/inittab.back
handlers的调用(类比函数的使用,function)
handlers也是一些task列表,由通知者进行notify调用,如果没有被notify调用,就不会执行handlers中的任务,如果被执行,无论有多个通知者进行了notify,等到play中的所有taslk执行完成后,handler只会被执行一次。
1 - hosts: webserver
2 remote_ user: root
3 tasks:
4 - name: install httpd package
5 yum: name=httpd state=latest
6 - name: install configuration file for httpd
7 copy: src =/opt/httpd.conf dest=/etc/httpd/conf/httpd.conf
8 notify: #调用
9 -restart httpd
10 - name: start httpd service
11 service: enabled=true name= httpd state=started
12 handlers: #handles的任务列表
13 - name: restart httpd
14 service: name=httpd state=restarted
playbook 引入变量
- 在yaml文件中指定
1 - hosts: webserver
2 remote_ user: root
3 vars:
4 - package: httpd
5 - service: httpd #声明变量名:变量值
6 tasks:
7 - name: install httpd package
8 yum: name={{package}} state=latest
9 - name: install configuration file for httpd
10 copy: src=/opt/httpd.conf dest=/etc/httpd/conf/httpd.conf
11 notify:
12 -restart httpd
13 - name: start httpd service
14 service: enabled =true name={{service}} state=started
15 handlers:
16 - name: restart httpd
17 service: name= {{service}} state=restarted
- 直接引用系统变量,无需声明
1 copy: content="{{ansible_ all_ipv4_ addresses}}" dest=/opt/vars.txt
2 变量中包含:主机中的所有IPV4地址
- 命令行传递变量参数
1 ansible-playbook demo.yaml -e "package=httpd"
2 #yaml文件中是 -package 空的变量,只有变量名
- 主机变量
1 在主机清单设置:
2 vi /etc/ansible/hosts
3 [mysq|]
4 192.168.80.183 testvar="80.183" #定义testvar变量的值为80.183
5 vi test.yml #添加{{testvar}}主机变量
6 - hosts: mysqI
7 remote_ user: root
8 tasks:
9 - name: copy file
10 copy: content= "{{ansible_ all ipv4_ addresses}},{{testvar}}" dest=/opt/vars.txt
条件判断
1 单条件
2 - hosts: mysq|
3 remote_ user: root
4 tasks:
5 - name: "shutdown CentOS"
6 command: /sbin/shutdown -h now
7 when: ansible_distribution == "CentOS"
8
9 多条件判断
10 - hosts: mysq|
11 remote_ user: root
12 tasks:
13 - name: "shut down CentOS 7 systems"
14 command: /sbin/shutdown -r now
15 when:
16 - ansible_distribution == "CentOS"
17 - ansible_distribution major version == "7" #必须同时满足
18
19 组条件判断
20 - hosts: mysql
21 remote_ user: root
22 tasks:
23 - name: " shut down CentOS 6 and Debian 7 systems"
24 command: /sbin/shutdown -t now
25 when: (ansible_ distribution == "CentOS" and ansible_ _distribution major_ version == "6") or (ansible_ distribution == "Debian" and ansible distribution major_ version == "7")
26 #关闭所有 centos6 和d ebian7 系统的主机
执行迭代任务,重复性的任务
1 利用item变量传递,with_items中存放需要遍历的元素。
2
3 - hosts: webserver
4 remote_ user: root
5 tasks:
6 - name: "Install Packages"
7 yum: name={{ tem}} state=latest #依次安装httpd..php
8 with_items:
9 - httpd
10 - mysql-server
11 - php
12
13 也可以自定义
14 - hosts: webserver
15 remote_ user: root
16 tasks:
17 - name:" Add users"
18 user: name={{ item.name }} state=present groups={{ item.groups }}
19 with_ items:
20 - { name:'test1', groups:'wheel'}
21 - { name:'test2', groups:'root'}
22 依次创建用户 test1 test2,对应组为wheel'、,root