ansible playbook:剧本
由一个或多个模块组成,完成统一的目的,实现自动化操作
剧本编写遵循yaml语法
yaml的三要素:***
缩进:两个字符,默认的tab键是四个字符,所以要使用tab键,需要修改.vimrc
vim /root/.vimrc
添加:
set tabstop=2
保存退出
冒号:冒号后面需要空格,除非以冒号结尾
短横杠:列表项,后面跟空格
playbook语法结构
ansible-playbook 选项 文件路径
选项:
-C 模拟预运行
--list-hosts:列出清单
--list-tasks:列出任务
--list-tags:列出标签
--syntax-check:语法检查
测试案例:通过playbook安装httpd,并修改端口号为8080
前提:安装httpd,复制httpd.conf到当前目录,修改端口为8080
vim httpd.yaml
添加:
- hosts: web tasks: - name: install httpd yum: name=httpd state=latest - name: httpd config copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf notify: restart httpd - name: start httpd service: name=httpd state=started handlers: - name: restart httpd service: name=httpd state=restarted 保存退出 测试yaml: ansible-playbook -C httpd.yaml 执行yaml:ansible-playbook httpd.yaml
#####################################################################
playbook配置web--nfs--rsync架构环境
全局环境:修改各主机名:ansible、web、nfs、rsync
1.服务器配置
前提:
ifdown ens33;ifup ens33
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
vim /etc/hosts
192.168.8.10 ansible
192.168.8.20 web
192.168.8.30 nfs
192.168.8.40 rsync
保存退出
(1)安装ansible
yum -y install epel-release
yum -y install ansible
(2)ssh公钥
ssh-keygen -t rsa
ssh-copy-id root@web #web服务器
ssh-copy-id root@nfs #nfs服务器
ssh-copy-id root@rsync #rsync服务器
(3)复制/etc/hosts到被管理端
scp /etc/hosts root@web:/etc/
scp /etc/hosts root@nfs:/etc/
scp /etc/hosts root@rsync:/etc/
(4)创建ansible目录
mkdir -p /etc/ansible/ansible_playbook/{conf,file,scripts,tools}
(5)创建ansible清单
vim /etc/ansible/hosts
添加:
[web]
192.168.8.20
[nfs]
192.168.8.30
[rsync]
192.168.8.40
保存退出
(6)使用ansible copy 复制/etc/hosts到所有主机
ansible all -m copy -a "src=/etc/hosts dest=/etc"
2.基础环境部署
(1)网络环境(关闭firewall selinux)
(2)epel仓库
(3)安装rsync,nfs-utils
(4)创建组
(5)创建用户
(6)创建目录,并修改权限
(7)推送脚本
(8)推送rsync客户端密码文件,修改权限
(9)计划任务
vim /etc/ansible/ansible_playbook/base.yaml
添加:
- hosts: all tasks: - name: stop firewalld shell: systemctl stop firewalld - name: stop selinux shell: setenforce 0 - name: clear repos.d file: path=/etc/yum.repos.d/ state=absent - name: create repos.d file: path=/etc/yum.repos.d/ state=directory - name: install base repo get_url: url=http://mirrors.aliyun.com/repo/Centos-7.repo dest=/etc/yum.repos.d/CentOS-Base.repo - name: install epel repo get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo - name: install rsync nfs-utils yum: name=rsync,nfs-utils state=installed - name: create group www group: name=www gid=666 - name: create user www user: name=www uid=666 create_home=no shell=/sbin/nologin - name: create rsync client password copy: content='1' dest=/etc/rsync.pass mode=600 - name: create scripts directory file: path=/server/scripts/ recurse=yes state=directory - name: push scripts copy: src=./scripts/rsync_backup.sh dest=/server/scripts - name: crontab cron: name="backup scripts" hour=01 minute=00 job="/usr/bin/bash /server/scripts/rsync_backup.sh &> /dev/null" 保存退出
3.rsync配置
(1)安装rsync
(2)配置
(3)启动
(4)脚本
(5)计划任务
vim /etc/ansible/ansible_playbook/rsync.yaml
添加:
- hosts: rsync tasks: - name: install rsync yum: name=rsync state=installed - name: config rsync copy: src=/etc/ansible/ansible_playbook/conf/rsyncd.conf dest=/etc/rsyncd.conf notify: restart rsync - name: create rsync local user copy: content='rsync_backup:1' dest=/etc/rsync.password mode=600 - name: create data file: path=/data state=directory recurse=yes owner=www group=www mode=755 - name: create backup file: path=/backup state=directory recurse=yes owner=www group=www mode=755 - name: start rsync service: name=rsyncd state=started enabled=yes - name: push check scripts copy: src=./scripts/rsync_check.sh dest=/server/scripts - name: crond check scripts cron: name="check scripts" hour=05 minute=00 job="/usr/bin/bash /server/scripts/rsync_check.sh &> /dev/null" handlers: - name: restart rsync service: name=rsyncd state=restarted
保存退出
4.nfs部署
(1)安装nfs-utils
(2)配置
(3)启动
vim /etc/ansible/ansible_playbook/nfs.yaml
添加:
- hosts: nfs tasks: - name: install nfs yum: name=nfs-utils,rpcbind state=installed - name: config nfs copy: src=./conf/exports dest=/etc/exports notify: restart nfs - name: create data file: path=/data state=directory recurse=yes owner=www group=www mode=755 - name: start nfs service: name=nfs-server state=started enabled=yes handlers: - name: restart nfs service: name=nfs-server state=restarted
保存退出
5.sersync部署
(1)在ansible服务器先下载sersync
(2)解压到/etc/ansible/ansible_playbook/并修改配置文件
(3)推送到nfs
(4)启动sersync
vim /etc/ansible/ansible_playbook/sersync.yaml
添加:
- hosts: nfs tasks: - name: scp sersync copy: src=./tools/sersync/ dest=/usr/local/sersync owner=www group=www mode=755 - name: start sersync shell: pgrep sersync; [ $? -eq 0 ] || /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
保存退出
6.web部署
(1)本地安装httpd
(2)修改配置文件,复制到/etc/ansible/ansible_playbook/conf
(3)挂载
(4)启动
vim /etc/ansible/ansible_playbook/web.yaml
添加:
- hosts: web tasks: - name: install httpd yum: name=httpd state=installed - name: mount nfs mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted - name: config httpd copy: src=./conf/httpd.conf dest=/etc/httpd/conf/httpd.conf notify: restart httpd - name: start httpd service: name=httpd state=started enabled=yes handlers: - name: restart httpd service: name=httpd state=restarted
保存退出
7.main.yaml
vim main.yaml
添加:
- import_playbook: base.yaml - import_playbook: rsync.yaml - import_playbook: nfs.yaml - import_playbook: sersync.yaml - import_playbook: web.yaml
保存退出
预检测:ansible-playbook -C main.yaml
执行: ansible-playbook main.yaml
------------------------------------
ansible roles扩展参考:
https://blog.csdn.net/woshizhangliang999/article/details/106005990/
