ansible playbook:剧本
由一个或多个模块组成,完成统一的目的,实现自动化操作
剧本编写遵循yaml语法
yaml的三要素:
缩进:两个字符,默认的tab键是四个字符,所以要使用tab键,需要修改.vimrc
vim /root/.vimrc
添加:
set tabstop=2
保存退出
冒号:冒号后面需要空格,除非以冒号结尾
短横杠:列表项,后面跟空格
playbook语法结构
ansible-playbook 选项 文件路径
选项:
-C 模拟预运行
--list-hosts:列出清单
--list-tasks:列出任务
--list-tags:列出标签
--syntax-check:语法检查
测试案例:通过playbook安装httpd,并修改端口号为8080
前提:安装httpd,复制httpd.conf到当前目录,修改端口为8080
vim httpd.yaml
添加:
- hosts: web
tasks:
- name: install httpd
yum: name=httpd state=latest
- name: httpd config
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd state=started
handlers:
- name: restart httpd
service: name=httpd state=restarted
保存退出
测试yaml: ansible-playbook -C httpd.yaml
执行yaml:ansible-playbook httpd.yaml
#####################################################################
playbook配置web--nfs--rsync架构环境
全局环境:修改各主机名:ansible、web、nfs、rsync
1.服务器配置
前提:
ifdown ens33;ifup ens33
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
vim /etc/hosts
192.168.8.10 ansible
192.168.8.20 web
192.168.8.30 nfs
192.168.8.40 rsync
保存退出
(1)安装ansible
yum -y install epel-release
yum -y install ansible
(2)ssh公钥
ssh-keygen -t rsa
ssh-copy-id root@web #web服务器
ssh-copy-id root@nfs #nfs服务器
ssh-copy-id root@rsync #rsync服务器
(3)复制/etc/hosts到被管理端
scp /etc/hosts root@web:/etc/
scp /etc/hosts root@nfs:/etc/
scp /etc/hosts root@rsync:/etc/
(4)创建ansible目录
mkdir -p /etc/ansible/ansible_playbook/{conf,file,scripts,tools}
(5)创建ansible清单
vim /etc/ansible/hosts
添加:
[web]
192.168.8.20
[nfs]
192.168.8.30
[rsync]
192.168.8.40
保存退出
(6)使用ansible copy 复制/etc/hosts到所有主机
ansible all -m copy -a "src=/etc/hosts dest=/etc"
2.基础环境部署
(1)网络环境(关闭firewall selinux)
(2)epel仓库
(3)安装rsync,nfs-utils
(4)创建组
(5)创建用户
(6)创建目录,并修改权限
(7)推送脚本
(8)推送rsync客户端密码文件,修改权限
(9)计划任务
vim /etc/ansible/ansible_playbook/base.yaml
添加:
- hosts: all
tasks:
- name: stop firewalld
shell: systemctl stop firewalld
- name: stop selinux
shell: setenforce 0
- name: clear repos.d
file: path=/etc/yum.repos.d/ state=absent
- name: create repos.d
file: path=/etc/yum.repos.d/ state=directory
- name: install base repo
get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo
- name: install epel repo
get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo
- name: install rsync nfs-utils
yum: name=rsync,nfs-utils state=installed
- name: create group www
group: name=www gid=666
- name: create user www
user: name=www uid=666 create_home=no shell=/sbin/nologin
- name: create rsync client password
copy: content='1' dest=/etc/rsync.pass mode=600
- name: create scripts directory
file: path=/server/scripts/ recurse=yes state=directory
- name: push scripts
copy: src=./scripts/rsync_backup.sh dest=/server/scripts
- name: crontab
cron: name="backup scripts" hour=01 minute=00 job="/usr/bin/bash /server/scripts/rsync_backup.sh &> /dev/null"
保存退出
3.rsync配置
(1)安装rsync
(2)配置
(3)启动
(4)脚本
(5)计划任务
vim /etc/ansible/ansible_playbook/rsync.yaml
添加:
- hosts: rsync
tasks:
- name: install rsync
yum: name=rsync state=installed
- name: config rsync
copy: src=/etc/ansible/ansible_playbook/conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: restart rsync
- name: create rsync local user
copy: content='rsync_backup:1' dest=/etc/rsync.password mode=600
- name: create data
file: path=/data state=directory recurse=yes owner=www group=www mode=755
- name: create backup
file: path=/backup state=directory recurse=yes owner=www group=www mode=755
- name: start rsync
service: name=rsyncd state=started enabled=yes
- name: push check scripts
copy: src=./scripts/rsync_check.sh dest=/server/scripts
- name: crond check scripts
cron: name="check scripts" hour=05 minute=00 job="/usr/bin/bash /server/scripts/rsync_check.sh &> /dev/null"
handlers:
- name: restart rsync
service: name=rsyncd state=restarted
保存退出
4.nfs部署
(1)安装nfs-utils
(2)配置
(3)启动
vim /etc/ansible/ansible_playbook/nfs.yaml
添加:
- hosts: nfs
tasks:
- name: install nfs
yum: name=nfs-utils,rpcbind state=installed
- name: config nfs
copy: src=./conf/exports dest=/etc/exports
notify: restart nfs
- name: create data
file: path=/data state=directory recurse=yes owner=www group=www mode=755
- name: start nfs
service: name=nfs-server state=started enabled=yes
handlers:
- name: restart nfs
service: name=nfs-server state=restarted
保存退出
5.sersync部署
(1)在ansible服务器先下载sersync
(2)解压到/etc/ansible/ansible_playbook/并修改配置文件
(3)推送到nfs
(4)启动sersync
vim /etc/ansible/ansible_playbook/sersync.yaml
添加:
- hosts: nfs
tasks:
- name: scp sersync
copy: src=./tools/sersync/ dest=/usr/local/sersync owner=www group=www mode=755
- name: start sersync
shell: pgrep sersync;
[ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
保存退出
6.web部署
(1)本地安装httpd
(2)修改配置文件,复制到/etc/ansible/ansible_playbook/conf
(3)挂载
(4)启动
vim /etc/ansible/ansible_playbook/web.yaml
添加:
- hosts: web
tasks:
- name: install httpd
yum: name=httpd state=installed
- name: mount nfs
mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
- name: config httpd
copy: src=./conf/httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd state=started enabled=yes
handlers:
- name: restart httpd
service: name=httpd state=restarted
保存退出
7.main.yaml
vim main.yaml
添加:
- import_playbook: base.yaml
- import_playbook: rsync.yaml
- import_playbook: nfs.yaml
- import_playbook: sersync.yaml
- import_playbook: web.yaml
保存退出
预检测:ansible-playbook -C main.yaml
执行: ansible-playbook main.yaml
------------------------------------
ansible roles扩展参考:
https://blog.csdn.net/woshizhangliang999/article/details/106005990/
