ansible的使用

ansible安裝

#安裝ansible
[root@ansible ~]# yum install -y ansible
#配置主機(jī)清單
[root@ansible ~]# vim /etc/ansible/hosts

[wsl]
172.16.79.[151:152]

#更改配置文件,大部分時(shí)候不用改
[root@ansible ~]# vim /etc/ansible/ansible.cfg   
#啟動(dòng)不檢查key
host_key_checking = False


#使用ansible進(jìn)行ping測(cè)試
[root@ansible ~]# ansible 172.16.79.151,172.16.79.152 -m ping -k
SSH password:
172.16.79.151 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
172.16.79.152 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

[root@ansible ~]# ansible wsl -m ping -k
SSH password:
172.16.79.152 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
172.16.79.151 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

#為其它機(jī)器安裝密鑰
[root@ansible ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:dRDYwAElhkL+dAPfGxkux1NPIy4OEQzKY4ryWMfLdAU root@ansible
The key's randomart image is:
+---[RSA 2048]----+
| .. o+E====.o    |
| o...+.Bo=.= .   |
|  *.. * @ o o    |
|.o = . B * .     |
|+ . = . S        |
|.+ + o           |
|. . o            |
|                 |
|                 |
+----[SHA256]-----+
[root@ansible ~]# cd .ssh/
[root@ansible .ssh]# ls
id_rsa  id_rsa.pub  known_hosts
[root@ansible .ssh]# ssh-copy-id 172.16.79.151
[root@ansible .ssh]# ssh-copy-id 172.16.79.151

#測(cè)試不通過(guò) -k  key的方式進(jìn)行ansible ping測(cè)試
[root@ansible .ssh]# ansible all -m ping
172.16.79.151 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
172.16.79.152 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}

#更改配置文件增加日志
[root@ansible .ssh]# vim /etc/ansible/ansible.cfg

log_path = /var/log/ansible.log

#主機(jī)禁ping
[root@ansible .ssh]# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all


#查看ansible命令模塊
[root@ansible .ssh]# ll /usr/bin/ansible*
lrwxrwxrwx 1 root root    20 7月  26 17:35 /usr/bin/ansible -> /usr/bin/ansible-2.7
lrwxrwxrwx 1 root root    20 7月  26 17:35 /usr/bin/ansible-2 -> /usr/bin/ansible-2.7
-rwxr-xr-x 1 root root  4853 1月  30 04:15 /usr/bin/ansible-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-config -> ansible
-rwxr-xr-x 1 root root 13672 1月  30 04:15 /usr/bin/ansible-connection
lrwxrwxrwx 1 root root    28 7月  26 17:35 /usr/bin/ansible-console -> /usr/bin/ansible-console-2.7
lrwxrwxrwx 1 root root    28 7月  26 17:35 /usr/bin/ansible-console-2 -> /usr/bin/ansible-console-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-console-2.7 -> ansible
lrwxrwxrwx 1 root root    24 7月  26 17:35 /usr/bin/ansible-doc -> /usr/bin/ansible-doc-2.7
lrwxrwxrwx 1 root root    24 7月  26 17:35 /usr/bin/ansible-doc-2 -> /usr/bin/ansible-doc-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-doc-2.7 -> ansible
lrwxrwxrwx 1 root root    27 7月  26 17:35 /usr/bin/ansible-galaxy -> /usr/bin/ansible-galaxy-2.7
lrwxrwxrwx 1 root root    27 7月  26 17:35 /usr/bin/ansible-galaxy-2 -> /usr/bin/ansible-galaxy-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-galaxy-2.7 -> ansible
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-inventory -> ansible
lrwxrwxrwx 1 root root    29 7月  26 17:35 /usr/bin/ansible-playbook -> /usr/bin/ansible-playbook-2.7
lrwxrwxrwx 1 root root    29 7月  26 17:35 /usr/bin/ansible-playbook-2 -> /usr/bin/ansible-playbook-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-playbook-2.7 -> ansible
lrwxrwxrwx 1 root root    25 7月  26 17:35 /usr/bin/ansible-pull -> /usr/bin/ansible-pull-2.7
lrwxrwxrwx 1 root root    25 7月  26 17:35 /usr/bin/ansible-pull-2 -> /usr/bin/ansible-pull-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-pull-2.7 -> ansible
lrwxrwxrwx 1 root root    26 7月  26 17:35 /usr/bin/ansible-vault -> /usr/bin/ansible-vault-2.7
lrwxrwxrwx 1 root root    26 7月  26 17:35 /usr/bin/ansible-vault-2 -> /usr/bin/ansible-vault-2.7
lrwxrwxrwx 1 root root     7 7月  26 17:35 /usr/bin/ansible-vault-2.7 -> ansible


#ansible幫助命令
[root@ansible .ssh]# ansible-doc ping

#常用模式,默認(rèn)用的是root方式,生產(chǎn)模式中請(qǐng)使用sudo的方式管理
[root@ansible .ssh]# ansible wsl -m command -a "ls /root"
172.16.79.151 | SUCCESS | rc=0 >>
anaconda-ks.cfg

172.16.79.152 | SUCCESS | rc=0 >>
anaconda-ks.cfg

#列出主機(jī)名
[root@wsl0 .ssh]# ansible wsl --list-hosts
  hosts (3):
    172.16.3.101
    172.16.3.102
    172.16.3.103

#先切換到目錄再執(zhí)行命令
[root@wsl0 .ssh]# ansible wsl -m command -a "chdir=/tmp ls"

#查看command命令
[root@wsl0 .ssh]# ansible-doc -s command

ansible運(yùn)行機(jī)制

ansible將要執(zhí)行的操作做成python腳本,然后分發(fā)到目標(biāo)機(jī)器,更改文件權(quán)限后并執(zhí)行,執(zhí)行完成后刪除腳本,并將結(jié)果輸出返回給server端機(jī)器

ansible常用模塊

#command模塊(不能使用變量等)

[root@wsl0 .ssh]# ansible wsl -m command -a "chdir=/tmp ls"

#shell模塊

[root@wsl0 ~]# ansible wsl -m shell -a 'ls /etc/sysconfig/network-scripts/  |grep ifcfg* '

[root@wsl0 ~]# ansible wsl -m shell -a 'echo $HOSTNAME'
172.16.3.103 | SUCCESS | rc=0 >>
wsl3

172.16.3.101 | SUCCESS | rc=0 >>
wsl1

172.16.3.102 | SUCCESS | rc=0 >>
wsl2

#script模塊
[root@wsl0 ~]# ansible wsl -m script -a '/root/test.sh'

#copy模塊(backup表示覆蓋時(shí)候是否備份)
[root@wsl0 ~]# ansible wsl -m copy -a "src=/root/test.sh dest=/tmp/test.sh owner=root mode=755 backup=yes"

#fetch打包拉取文件
[root@wsl0 ~]# ansible wsl -m shell  -a 'tar Jcf /var/log.tar.xz  /var/log/*.log '

[root@wsl0 ~]# ansible wsl -m fetch -a 'src=/var/log.tar.xz dest=/tmp/'

#cron模塊
[root@wsl0 ~]# ansible wsl -m cron -a "minute=*/5 job='/tmp/test.sh &>/dev/null' name=test"

[root@wsl1 tmp]# crontab -l
#Ansible: test
*/5 * * * * /tmp/test.sh &>/dev/null

[root@wsl0 ~]# ansible wsl -m cron -a "state=absent  name=test"

#file模塊
#file創(chuàng)建文件
[root@wsl0 ~]# ansible wsl -m file -a 'path=/root/test state=touch mode=600 owner=root'
#file刪除文件
[root@wsl0 ~]# ansible wsl -m file -a 'path=/root/test state=absent'
#file軟連接
[root@wsl0 ~]# ansible wsl  -m file -a 'src=/tmp/test.sh dest=/root/test.sh state=link'


#yum模塊

[root@wsl0 ~]# ansible wsl -m yum -a 'name=httpd,vsftpd state=latest'

[root@wsl0 ~]# ansible wsl -m yum -a 'name=vsftpd state=absent'

#service模塊
[root@wsl0 ~]# ansible wsl -m service -a 'name=httpd state=started enabled=yes'

[root@wsl0 ~]# ansible wsl -m service -a 'name=httpd state=started enabled=no'

playbook

簡(jiǎn)單的案例

#編輯yml,縮進(jìn)必須嚴(yán)格
[root@wsl0 ~]# vim install_httpd.yml

---
- hosts: wsl
  remote_user: root

  tasks:
    - name: install package
      yum: name=httpd state=present
    - name: start service
      service: name=httpd state=started enabled=yes

#檢查語(yǔ)法
[root@wsl0 ~]# ansible-playbook -C install_httpd.yml
#執(zhí)行
[root@wsl0 ~]# ansible-playbook  install_httpd.yml
#檢查執(zhí)行情況
[root@wsl0 ~]# ansible wsl -m shell -a 'rpm -q httpd'
 [WARNING]: Consider using yum, dnf or zypper module rather than running rpm

172.16.3.103 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64

172.16.3.101 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64

172.16.3.102 | SUCCESS | rc=0 >>
httpd-2.4.6-80.el7.centos.1.x86_64

#查看狀態(tài)
[root@wsl0 ~]# ansible-playbook  install_httpd.yml  --list-hosts

playbook: install_httpd.yml

  play #1 (wsl): wsl    TAGS: []
    pattern: [u'wsl']
    hosts (3):
      172.16.3.103
      172.16.3.102
      172.16.3.101
[root@wsl0 ~]# ansible-playbook  install_httpd.yml  --list-tasks

playbook: install_httpd.yml

  play #1 (wsl): wsl    TAGS: []
    tasks:
      stop httpd    TAGS: []
      install package   TAGS: []

handlers和notify

ansible每次執(zhí)行會(huì)檢查是否發(fā)生了變化,只有發(fā)生了變化才會(huì)執(zhí)行,只有執(zhí)行的時(shí)候才會(huì)觸發(fā)handlers和notify

[root@wsl0 ~]# vim  /etc/httpd/conf/httpd.conf

#更改端口為8080
Listen 8080

[root@wsl0 ~]# vim install_httpd.yml

- hosts: wsl
  remote_user: root

  tasks:
    - name: install package
      yum: name=httpd state=present
    - name: copy config file
      copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/ backup=yes
      notify: restart httpd
    - name: start httpd
      service: name=httpd state=started enabled=yes

  handlers:
    - name: restart httpd
      service: name=httpd state=restarted

[root@wsl0 ~]# ansible-playbook -C install_httpd.yml

tags

是任務(wù)標(biāo)簽化,可讓其中某一項(xiàng)任務(wù)單獨(dú)執(zhí)行
tags標(biāo)簽不能加空格,一般為一個(gè)簡(jiǎn)單的單詞

[root@wsl0 ~]# vim install_httpd.yml

- hosts: wsl
  remote_user: root

  tasks:
    - name: install package
      yum: name=httpd state=present
    - name: copy config file
      copy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/ backup=yes
      notify: restart httpd
      tags: copy_conf
    - name: start httpd
      service: name=httpd state=started enabled=yes

  handlers:
    - name: restart httpd
      service: name=httpd state=restarted

#執(zhí)行多個(gè)tags任務(wù)用逗號(hào),隔開(kāi)
[root@wsl0 ~]# ansible-playbook --tags copy_conf install_httpd.yml

setup和filter

查看機(jī)器信息并匹配

[root@wsl0 ~]# ansible wsl -m setup -a 'filter=*address*'

ansible變量

#編輯變量
[root@wsl0 ~]# vim install_httpd.yml

- hosts: wsl
  remote_user: root

  tasks:
    - name: install package
      yum: name={{ packege_name }} state=present
    - name: copy config file
      copy: src={{ copy_src }} dest={{ copy_dest }} backup=yes
      notify: restart service
      tags: copy_conf
    - name: start service
      service: name={{ packege_name }} state=started enabled=yes

  handlers:
    - name: restart service
      service: name={{ packege_name }} state=restarted

#執(zhí)行
[root@wsl0 ~]# ansible-playbook -C  -e "packege_name=httpd copy_src=/etc/httpd/conf/httpd.conf  copy_dest=/etc/httpd/conf/" install_httpd.yml

#內(nèi)部變量
[root@wsl0 ~]# vim add_user_and_group.yml

---
- hosts: wsl
  remote_user: root
  vars:
    - username: wsl
    - groupname: wsl
  tasks:
    - name: create group
      group: name={{ groupname }} state=present
    - name: create user
      user: name={{ username }} group={{ groupname }} home=/{{ username }}dir

#執(zhí)行
[root@wsl0 ~]# ansible-playbook  add_user_and_group.yml


#為每一個(gè)主機(jī)定義一個(gè)變量
[root@wsl0 ~]# vim  /etc/ansible/

[wsl]
172.16.3.101 name=101
172.16.3.102 name=102
172.16.3.103 name=103

#為組定義一個(gè)公共變量
[root@wsl0 ~]# vim  /etc/ansible/

[wsl:vars]
hname=web
mark=-

#專門定義一個(gè)變量文件
[root@wsl0 ~]# vim vars1.yml

packege_name: httpd
copy_src: /etc/httpd/conf/httpd.conf
copy_dest: /etc/httpd/conf/

[root@wsl0 ~]# vim install_httpd.yml

- hosts: wsl
  remote_user: root
  vars_files:
    - /root/vars1.yml

  tasks:
    - name: install package
      yum: name={{ packege_name }} state=present
    - name: copy config file
      copy: src={{ copy_src }} dest={{ copy_dest }} backup=yes
      notify: restart service
      tags: copy_conf
    - name: start service
      service: name={{ packege_name }} state=started enabled=yes

  handlers:
    - name: restart service
      service: name={{ packege_name }} state=restarted

[root@wsl0 ~]# ansible-playbook -C install_httpd.yml

templetes模板修改

templetes可以同步文件,然后在同步的文件中加入變量或者做一些其它操作來(lái)符合其主機(jī)的一些特性

#通過(guò)setup獲取一些機(jī)器自有的變量,當(dāng)然這個(gè)變量也可以來(lái)自其他地方
[root@wsl0 ~]# ansible wsl -m setup -a 'filter="*hostname*"'
172.16.3.103 | SUCCESS => {
    "ansible_facts": {
        "ansible_hostname": "wsl3"
    },
    "changed": false
}
172.16.3.101 | SUCCESS => {
    "ansible_facts": {
        "ansible_hostname": "wsl1"
    },
    "changed": false
}
172.16.3.102 | SUCCESS => {
    "ansible_facts": {
        "ansible_hostname": "wsl2"
    },
    "changed": false
}
#編輯我們需要同步的文件
[root@wsl0 ~]# vim test1

#如果變量是數(shù)字還可以進(jìn)行運(yùn)算,如 {{ hostname*2 }}

{{ ansible_hostname }}

#編輯yml使用template進(jìn)行同步

[root@wsl0 ~]# vim template.yml

---
- hosts: wsl
  remote_user: root

  tasks:
    - name: template config
      template: src=/root/test1  dest=/root/hostname

#執(zhí)行并查看
[root@wsl0 ~]# ansible-playbook template.yml

[root@wsl0 ~]# ansible wsl -m shell -a 'cat /root/hostname'
172.16.3.103 | SUCCESS | rc=0 >>
wsl3

172.16.3.102 | SUCCESS | rc=0 >>
wsl2

172.16.3.101 | SUCCESS | rc=0 >>
wsl1



#使用when進(jìn)行判斷

[root@wsl0 ~]# vim template.yml

---
- hosts: wsl
  remote_user: root

  tasks:
    - name: template config
      template: src=/root/test1  dest=/root/test_when
      when: ansible_hostname == "wsl1"

#執(zhí)行并檢查結(jié)果
[root@wsl0 ~]# ansible-playbook template.yml

PLAY [wsl] ***********************************************************************

TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]

TASK [template config] ***********************************************************
skipping: [172.16.3.102]
skipping: [172.16.3.103]
changed: [172.16.3.101]

PLAY RECAP ***********************************************************************
172.16.3.101               : ok=2    changed=1    unreachable=0    failed=0
172.16.3.102               : ok=1    changed=0    unreachable=0    failed=0
172.16.3.103               : ok=1    changed=0    unreachable=0    failed=0

[root@wsl0 ~]# ansible wsl -m shell -a 'ls /root/test_when'
172.16.3.103 | FAILED | rc=2 >>
ls: 無(wú)法訪問(wèn)/root/test_when: 沒(méi)有那個(gè)文件或目錄non-zero return code

172.16.3.101 | SUCCESS | rc=0 >>
/root/test_when

172.16.3.102 | FAILED | rc=2 >>
ls: 無(wú)法訪問(wèn)/root/test_when: 沒(méi)有那個(gè)文件或目錄non-zero return code


#迭代:with_items用法
#創(chuàng)建yml文件使用with_items
[root@wsl0 ~]# vim with_items.yml
---
 - hosts: wsl
   remote_user: root

   tasks:
    - name: touch file
      file: name={{ item }} state=touch mode=755 owner=root
      with_items:
        - /root/item1
        - /root/item2

#執(zhí)行并檢查結(jié)果
[root@wsl0 ~]# ansible-playbook with_items.yml

PLAY [wsl] ***********************************************************************

TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]

TASK [touch file] ****************************************************************
changed: [172.16.3.103] => (item=/root/item1)
changed: [172.16.3.101] => (item=/root/item1)
changed: [172.16.3.102] => (item=/root/item1)
changed: [172.16.3.103] => (item=/root/item2)
changed: [172.16.3.102] => (item=/root/item2)
changed: [172.16.3.101] => (item=/root/item2)

PLAY RECAP ***********************************************************************
172.16.3.101               : ok=2    changed=1    unreachable=0    failed=0
172.16.3.102               : ok=2    changed=1    unreachable=0    failed=0
172.16.3.103               : ok=2    changed=1    unreachable=0    failed=0

[root@wsl0 ~]# ansible wsl -m shell -a 'ls /root/item*'
172.16.3.103 | SUCCESS | rc=0 >>
/root/item1
/root/item2

172.16.3.101 | SUCCESS | rc=0 >>
/root/item1
/root/item2

172.16.3.102 | SUCCESS | rc=0 >>
/root/item1
/root/item2

#迭代嵌套

[root@wsl0 ~]# vim with_items.yml
---
 - hosts: wsl
   remote_user: root

   tasks:
    - name: touch file
      file: name={{ item.name }} state=touch mode={{ item.mode }} owner=root
      with_items:
        - { name: '/root/item1', mode: 600}
        - { name: '/root/item2', mode: 755}

#執(zhí)行并檢查
[root@wsl0 ~]# ansible-playbook with_items.yml

[root@wsl0 ~]# ansible wsl -m shell -a 'ls -lh /root/item*'
172.16.3.103 | SUCCESS | rc=0 >>
-rw------- 1 root root 0 8月   2 16:16 /root/item1
-rwxr-xr-x 1 root root 0 8月   2 16:16 /root/item2

172.16.3.101 | SUCCESS | rc=0 >>
-rw------- 1 root root 0 8月   2 16:16 /root/item1
-rwxr-xr-x 1 root root 0 8月   2 16:16 /root/item2

172.16.3.102 | SUCCESS | rc=0 >>
-rw-------. 1 root root 0 8月   2 16:16 /root/item1
-rwxr-xr-x. 1 root root 0 8月   2 16:16 /root/item2


#template的for循環(huán)

[root@wsl0 ~]# vim for1.conf.j2

{%for port in ports %}
server {
       listen {{ port }};
}
{%endfor%}

[root@wsl0 ~]# vim for1.yml

- hosts: wsl
  remote_user: root
  vars:
    ports:
      - 81
      - 82
      - 83

  tasks:
    - name: test for1
      template: src=/root/for1.conf.j2 dest=/tmp/for1.conf

[root@wsl0 ~]# ansible-playbook  for1.yml

[root@wsl0 ~]# ansible wsl -m shell -a 'cat  /tmp/for1.conf'
172.16.3.102 | SUCCESS | rc=0 >>
server {
       listen 81;
}
server {
       listen 82;
}
server {
       listen 83;
}

172.16.3.103 | SUCCESS | rc=0 >>
server {
       listen 81;
}
server {
       listen 82;
}
server {
       listen 83;
}

172.16.3.101 | SUCCESS | rc=0 >>
server {
       listen 81;
}
server {
       listen 82;
}
server {
       listen 83;
}

#key value形式

[root@wsl0 ~]# vim  for2.conf.j2
{%for port in ports %}
server {
       listen {{ port.listen_port }};
}
{%endfor%}

[root@wsl0 ~]# vim  for2.yml
- hosts: wsl
  remote_user: root
  vars:
    ports:
      - listen_port: 81
      - listen_port: 82
      - listen_port: 83

  tasks:
    - name: test for2
      template: src=/root/for2.conf.j2 dest=/tmp/for2.conf

[root@wsl0 ~]# ansible-playbook  for2.yml

[root@wsl0 ~]# vim  for3.yml
- hosts: wsl
  remote_user: root
  vars:
    vhost:
      - web1: 
        port: 80
         
      - listen_port: 82
      - listen_port: 83

  tasks:
    - name: test for2
      template: src=/root/for2.conf.j2 dest=/tmp/for2.conf

[root@wsl0 ~]# cat for3.conf.j2
{%for vhost in vhosts %}
server {
       listen {{ vhost.port }};
       servername  {{ vhost.name }}
}
{%endfor%}

[root@wsl0 ~]# cat for3.yml
- hosts: wsl
  remote_user: root
  vars:
    vhosts:
      - web1:
        port: 81
        name: web1.com
      - web2:
        port: 82
        name: web2.com
      - web3:
        port: 83
        name: web3.com

  tasks:
    - name: test for3
      template: src=/root/for3.conf.j2 dest=/tmp/for3.conf

#for - if

[root@wsl0 ~]# vim for4.conf.j2
{%for vhost in vhosts %}
server {
       listen {{ vhost.port }};
       {%if vhost.name is defined %}
       servername  {{ vhost.name }}
       {%endif%}
}
{%endfor%}

[root@wsl0 ~]# vim for4.yml
- hosts: wsl
  remote_user: root
  vars:
    vhosts:
      - web1:
        port: 81
       # name: web1.com
      - web2:
        port: 82
        name: web2.com
      - web3:
        port: 83
        #name: web3.com

  tasks:
    - name: test for4
      template: src=/root/for4.conf.j2 dest=/tmp/for4.conf

roles角色管理


#roles目錄結(jié)構(gòu)
#roles目錄不是必須建立在ansible目錄下的
roles/
  projesct/
    tasks/
    files/
    templates/
    handlers/
    vars/

#nginx-role.yml必須要跟roles同級(jí)目錄執(zhí)行
 #每個(gè)角色下面的tasks必須有,每個(gè)tasks下面main.yml必須有

[root@wsl0 ~]# tree /etc/ansible/
/etc/ansible/
|-- ansible.cfg
|-- hosts
|-- nginx-role.retry
|-- nginx-role.yml
`-- roles
    |-- memcached
    `-- nginx
        |-- tasks
        |   |-- groupadd.yml
        |   |-- install.yml
        |   |-- main.yml
        |   |-- start.yml
        |   `-- useradd.yml
        `-- templates


#每個(gè)動(dòng)作的腳本

[root@wsl0 tasks]# cat groupadd.yml
- name: add group
  group: name=nginx

[root@wsl0 tasks]# cat useradd.yml
- name: create user
  user: name=nginx group=nginx system=yes shell=/sbin/nologin

[root@wsl0 tasks]# cat install.yml
- name: install packge
  yum: name=nginx state=latest

[root@wsl0 tasks]# cat start.yml
- name: start service
  service: name=nginx state=started enabled=yes

#main.yml

[root@wsl0 tasks]# cat main.yml
- import_tasks: groupadd.yml
- import_tasks: useradd.yml
- import_tasks: install.yml
- import_tasks: start.yml

#調(diào)用nginx角色

[root@wsl0 ansible]# cat nginx-role.yml
- hosts: wsl
  remote_user: root

  roles:
    - role: nginx

#調(diào)用其它角色的腳本

[root@wsl0 tasks]# cat start.yml
- name: start service
  service: name=nginx state=started enabled=yes

#全路徑添加就可以跨角色
 - import_tasks: roles/nginx/tasks/useradd.yml

#roles的tags標(biāo)簽

[root@wsl0 ansible]# cat nginx-role.yml
- hosts: wsl
  remote_user: root

  roles:
    - { role: nginx , tags:['nginx','web'] , when: ansible_distribution_major_version == "6"}
    - { role: mysql , tags:['web'] }

#按照標(biāo)簽執(zhí)行

[root@wsl0 ansible]# ansible-playbook -t web nginx-role.yml

#handlers在roles中的使用,以及vars在roles中的使用

[root@wsl0 nginx]# vim handlers/main.yml
- name: start nginx
  service: name=nginx state=started enabled=yes

[root@wsl0 ansible]#cat roles/nginx/tasks/install.yml
- name: install packge
  yum: name={{ packge_name }} state=latest
  notify: start nginx

[root@wsl0 ansible]# cat  roles/nginx/vars/main.yml
packge_name: nginx

#執(zhí)行測(cè)試

[root@wsl0 ansible]# ansible-playbook -C nginx-role.yml

PLAY [wsl] ***********************************************************************

TASK [Gathering Facts] ***********************************************************
ok: [172.16.3.103]
ok: [172.16.3.101]
ok: [172.16.3.102]

TASK [nginx : add group] *********************************************************
ok: [172.16.3.103]
ok: [172.16.3.102]
ok: [172.16.3.101]

TASK [nginx : create user] *******************************************************
ok: [172.16.3.103]
ok: [172.16.3.102]
ok: [172.16.3.101]

TASK [nginx : install packge] ****************************************************
changed: [172.16.3.103]
changed: [172.16.3.102]
changed: [172.16.3.101]

RUNNING HANDLER [nginx : start nginx] ********************************************
changed: [172.16.3.103]
changed: [172.16.3.102]
changed: [172.16.3.101]

PLAY RECAP ***********************************************************************
172.16.3.101               : ok=5    changed=2    unreachable=0    failed=0
172.16.3.102               : ok=5    changed=2    unreachable=0    failed=0
172.16.3.103               : ok=5    changed=2    unreachable=0    failed=0


// 除號(hào)取整
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容