这篇文章给大家介绍下PlayBook,我们叫它剧本,它是以一种固定的格式,将多个ad-hoc放入yml文件中。在Ansible中,剧本文件是yml结尾的,在SaltStack中剧本文件是sls结尾的,但是两者语法都是使用的yaml语法。
PlayBook与ad-hoc区别
1、PlayBook功能比ad-hoc全,是对ad-hoc的一种编排
2、PlayBook能很好的控制先后执行顺序,以及依赖关系
3、PlayBook语法展现更加直观
4、PlayBook可以持久使用,ad-hoc无法持久使用
YAML语法
| 语法 | 描述 |
| 缩进 | YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用TAB |
| 冒号 | 以冒号结尾的除外,其他所有冒号后面所有空格 |
| 短横线 | 表示列表项,使用一个短横线加一个空格,多个项使用同样的缩进级别作为同一列表 |
PlayBook部署实战
1、部署httpd
1. 1、安装httpd服务 2. 2、启动httpd服务并加入开机自启动 3. 3、编写网站页面并启动 4. 4、开启防火墙端口 5. 5、不同的主机配置不同的网站
1. #创建剧本存放目录 2. [root@Ansible ~]# mkdir -p ansible/httpd 3. 4. #编辑主机列表 5. [root@Ansible ~]# cat /etc/ansible/hosts 6. 7. [web_group] 8. web01 ansible_ssh_host=10.0.0.7 9. web02 ansible_ssh_host=10.0.0.8 10. 11. #编写剧本 12. [root@Ansible ~]# cat ansible/httpd/httpd.yml 13. - hosts: web_group 14. tasks: 15. - name: Install httpd Server #安装httpd 16. yum: 17. name: httpd 18. state: present 19. - name: Start httpd Server #开启httpd服务 20. systemd: 21. name: httpd 22. state: started 23. enabled: yes 24. - name: Start Firewalld Server #开启防火墙 25. systemd: 26. name: firewalld 27. state: started 28. enabled: yes 29. - name: Config Firewalld Server #配置防火墙服务 30. firewalld: 31. service: http 32. immediate: yes 33. permanent: yes 34. state: enabled 35. - hosts: web01 36. tasks: 37. - name: Config Httpd Server #增加Web01页面 38. copy: 39. content: Web01 40. dest: /var/www/html/index.html 41. - hosts: web02 42. tasks: 43. - name: Config Httpd Server #增加Web02页面 44. copy: 45. content: Web02 46. dest: /var/www/html/index.html 47. [root@Ansible ~]# ansible-playbook --syntax-check ansible/httpd/httpd.yml #检查语法 48. 49. playbook: ansible/httpd/httpd.yml 50. [root@Ansible ~]# ansible-playbook ansible/httpd/httpd.yml #执行剧本 51. 52. #浏览器访问10.0.0.7和10.0.0.8即可
2、Backup备份服务器和客户端的部署
1. #创建rsync剧本存放目录 2. [root@Ansible ~]# mkdir ansible/rsyncd 3. 4. #编辑主机列表 5. [root@Ansible ~]# cat /etc/ansible/hosts 6. [web_group] 7. web01 ansible_ssh_host=10.0.0.7 8. web02 ansible_ssh_host=10.0.0.8 9. 10. [backup_group] 11. backup ansible_ssh_host=10.0.0.41 12. 13. #准备rsync配置文件 14. [root@Ansible ~]# cat ansible/rsyncd/rsyncd.conf #最好是与剧本放到同一目录 15. uid = rsync 16. gid = rsync 17. port = 873 18. fake super = yes 19. use chroot = no 20. max connections = 200 21. timeout = 600 22. ignore errors 23. read only = false 24. list = false 25. auth users = rsync_backup 26. secrets file = /etc/rsync.passwd 27. log file = /var/log/rsyncd.log 28. ##################################### 29. [backup] 30. path = /backup 31. 32. #编写剧本 33. [root@Ansible ~]# cat ansible/rsyncd/rsyncd.yml 34. - hosts: all 35. tasks: 36. - name: Install Rsyncd Server 37. yum: 38. name: rsync 39. state: present 40. - name: Create www Group 41. group: 42. name: www 43. gid: 666 44. - name: Create www User 45. user: 46. name: www 47. uid: 666 48. group: www 49. shell: /sbin/nologin 50. create_home: false 51. - hosts: backup_group 52. tasks: 53. - name: Scp Rsync Config 54. copy: 55. src: /root/ansible/rsyncd/rsyncd.conf 56. dest: /etc/rsyncd.conf 57. owner: root 58. group: root 59. mode: 0644 60. - name: Create backup Directory 61. file: 62. path: /backup 63. state: directory 64. mode: 0755 65. owner: www 66. group: www 67. recurse: yes 68. - name: Start Rsyncd Server 69. systemd: 70. name: rsyncd 71. state: started 72. 73. #检查剧本 74. [root@Ansible ~]# ansible-playbook --syntax-check ansible/rsyncd/rsyncd.yml 75. 76. playbook: ansible/rsyncd/rsyncd.yml 77. 78. #运行剧本 79. [root@Ansible ~]# ansible-playbook ansible/rsyncd/rsyncd.yml
完成后还可以尝试给客户端推送数据,加入crontab做备份等等操作。
3、NFS服务部署
1. #1、添加目标服务器到主机列表并做ssh免密钥 2. [root@Ansible ~]# cat /etc/ansible/hosts 3. [nfs_group] 4. nfs ansible_ssh_host=10.0.0.31 5. 6. [web_group] 7. web01 ansible_ssh_host=10.0.0.7 8. web02 ansible_ssh_host=10.0.0.8 9. 10. [backup_group] 11. backup ansible_ssh_host=10.0.0.41 12. 13. [nfs_all:children] 14. nfs_group 15. web_group 16. 17. [root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.31 18. 19. #2、创建nfs的目录 20. [root@Ansible ~]# mkdir ansible/nfs/ 21. 22. #3、准备nfs配置文件添加到管理机中 23. [root@Ansible ~]# cat ansible/nfs/exports 24. /data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666) 25. 26. #4、编写nfs剧本 27. [root@Ansible ~]# cat ansible/nfs/nfs.yml 28. - hosts: nfs_all 29. tasks: 30. - name: Install nfs-utils 31. yum: 32. name: nfs-utils 33. state: present 34. - name: Create www Group 35. group: 36. name: www 37. gid: 666 38. - name: Create www user 39. user: 40. name: www 41. uid: 666 42. group: www 43. shell: /sbin/nologin 44. create_home: false 45. - hosts: nfs_group 46. tasks: 47. - name: Scp NFS server exports 48. copy: 49. src: exports 50. dest: /etc/exports 51. owner: root 52. group: root 53. mode: 0644 54. - name: Create data Directory 55. file: 56. path: /data 57. state: directory 58. owner: www 59. group: www 60. mode: 0755 61. recurse: yes 62. - name: Start NFS server 63. systemd: 64. name: nfs-server 65. state: started 66. enabled: yes 67. - hosts: web_group 68. tasks: 69. - name: Mount NFS Server 70. mount: 71. path: /opt 72. src: 10.0.0.31:/data 73. fstype: nfs 74. opts: defaults 75. state: mounted 76. 77. #5、检查语法 78. [root@Ansible ~]# ansible-playbook --syntax-check /root/ansible/nfs/nfs.yml 79. 80. playbook: /root/ansible/nfs/nfs.yml 81. 82. #6、执行剧本 83. [root@Ansible ~]# ansible-playbook ansible/nfs/nfs.yml 84. 85. #7、查看web01、web02挂载情况 86. [root@Web01 ~]# df -h 87. Filesystem Size Used Avail Use% Mounted on 88. 10.0.0.31:/data 19G 2.0G 17G 11% /opt 89. 90. [root@Web02 ~]# df -h 91. Filesystem Size Used Avail Use% Mounted on 92. 10.0.0.31:/data 19G 2.0G 17G 11% /opt
4、Nginx服务部署
1. #1、添加目标服务器至主机列表并做免密钥 2. [root@Ansible ~]# cat /etc/ansible/hosts 3. [web_group] 4. web01 ansible_ssh_host=10.0.0.7 5. web02 ansible_ssh_host=10.0.0.8 6. 7. [root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.7 8. [root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.8 9. 10. #2、创建剧本存放目录 11. [root@Ansible ~]# mkdir ansible/nginx 12. 13. #3、准备nginx配置文件与代码文件 14. [root@Web01 ~]# scp /etc/nginx/nginx.conf /etc/nginx/conf.d/* 10.0.0.61:/root/ansible/nginx 15. [root@Web01 ~]# tar zcvf code.tar.gz /code 16. [root@Web01 ~]# scp code.tar.gz 10.0.0.61:/root/ansible/nginx 17. 18. #4、写剧本 19. [root@Ansible ~]# cat ansible/nginx/nginx.yml 20. - hosts: web_group 21. tasks: 22. - name: nginx.repo 23. copy: 24. src: nginx.repo 25. dest: /etc/yum.repos.d/nginx.repo 26. - name: install nginx 27. yum: 28. name: nginx 29. state: present 30. - name: start and enable nginx 31. systemd: 32. name: nginx 33. state: started 34. enabled: yes 35. - name: copy nginx.conf to nginx 36. copy: 37. src: nginx.conf 38. dest: /etc/nginx 39. - name: copy 'wecenter.conf' to nginx 40. copy: 41. src: wecenter.conf 42. dest: /etc/nginx/conf.d/wecenter.conf 43. - name: copy 'wordpress.conf' to nginx 44. copy: 45. src: wordpress.conf 46. dest: /etc/nginx/conf.d/wordpress.conf 47. - name: remove nginx defualt.conf 48. file: 49. path: /etc/nginx/conf.d/defualt.conf 50. state: absent 51. - name: tar xf code.tar.gz 52. unarchive: 53. src: code.tar.gz 54. dest: / 55. creates: /code 56. - name: Restart Nginx Server 57. systemd: 58. name: nginx 59. state: restarted 60. 61. #5、检查剧本语法 62. [root@Ansible ~]# ansible-playbook --syntax-check ansible/nginx/nginx.yml 63. 64. playbook: ansible/nginx/nginx.yml 65. 66. #6、执行剧本 67. [root@Ansible ~]# ansible-playbook ansible/nginx/nginx.yml
5、PHP服务部署
1. #1、将目标主机添加至主机列表 2. [root@Ansible ~]# cat /etc/ansible/hosts 3. [web_group] 4. web01 ansible_ssh_host=10.0.0.7 5. web02 ansible_ssh_host=10.0.0.8 6. 7. #2、创建剧本存放目录 8. [root@Ansible ~]# mkdir ansible/php 9. 10. #3、准备必要文件:php71.tar.gz、php.ini、www.conf 11. [root@Ansible ~]# cd ansible/php/ 12. [root@Ansible php]# rz -E 13. rz waiting to receive. 14. 15. [root@Web01 ~]# scp /etc/php.ini /etc/php-fpm.d/www.conf 10.0.0.61:/root/ansible/php 16. root@10.0.0.61's password: 17. php.ini 100% 61KB 16.5MB/s 00:00 18. www.conf 100% 18KB 2.4MB/s 00:00 19. 20. #4、写剧本 21. [root@Ansible php]# cat php.yml 22. - hosts: web_group 23. tasks: 24. - name: tar xf php to web_group 25. unarchive: 26. src: php71.tar.gz 27. dest: /root 28. - name: localinstall rpm 29. yum: 30. name: 31. - /root/autoconf-2.69-11.el7.noarch.rpm 32. - /root/automake-1.13.4-3.el7.noarch.rpm 33. - /root/libevent-2.0.21-4.el7.x86_64.rpm 34. - /root/libjpeg-turbo-1.2.90-8.el7.x86_64.rpm 35. - /root/libmcrypt-2.5.8-13.el7.x86_64.rpm 36. - /root/libmemcached-1.0.16-5.el7.x86_64.rpm 37. - /root/libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm 38. - /root/libX11-1.6.7-3.el7_9.x86_64.rpm 39. - /root/libX11-common-1.6.7-3.el7_9.noarch.rpm 40. - /root/libXau-1.0.8-2.1.el7.x86_64.rpm 41. - /root/libxcb-1.13-1.el7.x86_64.rpm 42. - /root/libXpm-3.5.12-1.el7.x86_64.rpm 43. - /root/libxslt-1.1.28-6.el7.x86_64.rpm 44. - /root/mod_php71w-7.1.33-1.w7.x86_64.rpm 45. - /root/pcre-devel-8.32-17.el7.x86_64.rpm 46. - /root/perl-Data-Dumper-2.145-3.el7.x86_64.rpm 47. - /root/perl-Test-Harness-3.28-3.el7.noarch.rpm 48. - /root/perl-Thread-Queue-3.02-2.el7.noarch.rpm 49. - /root/php71w-cli-7.1.33-1.w7.x86_64.rpm 50. - /root/php71w-common-7.1.33-1.w7.x86_64.rpm 51. - /root/php71w-devel-7.1.33-1.w7.x86_64.rpm 52. - /root/php71w-embedded-7.1.33-1.w7.x86_64.rpm 53. - /root/php71w-fpm-7.1.33-1.w7.x86_64.rpm 54. - /root/php71w-gd-7.1.33-1.w7.x86_64.rpm 55. - /root/php71w-mbstring-7.1.33-1.w7.x86_64.rpm 56. - /root/php71w-mcrypt-7.1.33-1.w7.x86_64.rpm 57. - /root/php71w-mysqlnd-7.1.33-1.w7.x86_64.rpm 58. - /root/php71w-opcache-7.1.33-1.w7.x86_64.rpm 59. - /root/php71w-pdo-7.1.33-1.w7.x86_64.rpm 60. - /root/php71w-pear-1.10.4-1.w7.noarch.rpm 61. - /root/php71w-pecl-igbinary-2.0.5-1.w7.x86_64.rpm 62. - /root/php71w-pecl-memcached-3.0.4-1.w7.x86_64.rpm 63. - /root/php71w-pecl-mongodb-1.5.3-1.w7.x86_64.rpm 64. - /root/php71w-pecl-redis-3.1.6-1.w7.x86_64.rpm 65. - /root/php71w-process-7.1.33-1.w7.x86_64.rpm 66. - /root/php71w-xml-7.1.33-1.w7.x86_64.rpm 67. state: present 68. - name: create group 69. group: 70. name: www 71. gid: 666 72. - name: create user 73. user: 74. name: www 75. uid: 666 76. group: www 77. shell: /sbin/nologin 78. create_home: false 79. - name: copy php.ini to web_group 80. copy: 81. src: php.ini 82. dest: /etc/php.ini 83. - name: copy www.conf to web_group 84. copy: 85. src: www.conf 86. dest: /etc/php-fpm.d/www.conf 87. - name: start and enable php 88. systemd: 89. name: php-fpm 90. state: started 91. enabled: yes 92. 93. #5、剧本语法检查 94. [root@Ansible php]# ansible-playbook --syntax-check php.yml 95. 96. playbook: php.yml 97. 98. #6、执行剧本 99. [root@Ansible php]# ansible-playbook php.yml
6、Mariadb服务部署
1. #1、添加服务器到我们的主机列表并做免密钥 2. [root@Ansible ~]# cat /etc/ansible/hosts 3. [mysql_group] 4. mysql ansible_ssh_host=10.0.0.51 5. 6. [root@Ansible ~]# ssh-copy-id -i .ssh/id_rsa.pub root@10.0.0.51 7. 8. #2、创建剧本目录 9. [root@Ansible ~]# mkdir ansible/mysql 10. 11. #3、准备好数据库 12. [root@MySQL ~]# mysqldump -uroot -pkoten.vip -A > all.sql 13. [root@MySQL ~]# scp all.sql 10.0.0.61:/root/ansible/mysql 14. 15. #4、写剧本 16. [root@Ansible ~]# cat ansible/mysql/mysql.yml 17. - hosts: mysql_group 18. tasks: 19. - name: Install mariadb 20. yum: 21. name: 22. - mariadb-server 23. - MySQL-python 24. state: present 25. - name: Start httpd Server 26. systemd: 27. name: mariadb 28. state: started 29. enabled: yes 30. - name: Copy all.sql to Mysql 31. copy: 32. src: all.sql 33. dest: /root/all.sql 34. - name: import all.sql 35. mysql_db: 36. login_host: localhost 37. login_port: 3306 38. login_user: root 39. name: all 40. state: import 41. target: /root/all.sql 42. - name: Restart MariaDB Server 43. systemd: 44. name: mariadb 45. state: restarted 46. 47. #5、检查 48. [root@Ansible ~]# ansible-playbook --syntax-check ansible/mysql/mysql.yml 49. 50. playbook: ansible/mysql/mysql.yml 51. 52. #6、执行剧本 53. [root@Ansible ~]# ansible-playbook ansible/mysql/mysql.yml
我是koten,10年运维经验,持续分享运维干货,感谢大家的阅读和关注!
