roles 用于层次性、结构化地组织playbook。
roles 能够根据层次型结构自动装载变量文件、tasks以及handlers等。
要使用roles只需要在playbook中使用include指令即可。
简单来讲,roles就是通过分别将变量(vars)、文件(file)、任务(tasks)、模块(modules)及处理器(handlers)放置于单独的目录中,并可以便捷地include它们的一种机制。
角色一般用于基于主机构建服务的场景中,但也可以是用于构建守护进程等场景中。
创建 roles 的步骤
(1) 创建以roles命名的目录;
(2) 在roles目录中分别创建以各角色名称命名的目录,如webservers等。注意:在 roles 必须包括 site.yml文件,可以为空;
(3) 在每个角色命名的目录中分别创建files、handlers、meta、tasks、templates和vars目录;用不到的目录可以创建为空目录,也可以不创建;
(4) 在playbook文件中,调用各角色;
roles 内各目录中可用的文件
tasks目录:至少应该包含一个名为main.yml的文件,其定义了此角色的任务列表;此文件可以使用include包含其它的位于此目录中的task文件;
files目录:存放由copy或script等模块调用的文件;
templates目录:template模块会自动在此目录中寻找Jinja2模板文件;
handlers目录:此目录中应当包含一个main.yml文件,用于定义此角色用到的各handler;在handler中使用include包含的其它的handler文件也应该位于此目录中;
vars目录:应当包含一个main.yml文件,用于定义此角色用到的变量;
meta目录:应当包含一个main.yml文件,用于定义此角色的特殊设定及其依赖关系;ansible 1.3及其以后的版本才支持;
default目录:为当前角色设定默认变量时使用此目录;应当包含一个main.yml文件。
示例 一 、
分别创建三个 role ,分别为 http mysql php,创建要使用的目录,一般为全部创建,使用不到的可以为空,
测试主机 1 安装 httpd
测试主机 2 安装 mysql
测试主机 3 安装 http mysql php
1、
创建目录
|
1
2
3
4
5
|
[root@node1 ansible_playbooks]
# pwd
/opt/ansible_playbooks
[root@node1 ansible_playbooks]
# ls
hosts
[root@node1 ansible_playbooks]
# mkdir -pv roles/{http,mysql,php}/{tasks,handlers,files,vars,templates,meta,default}
|
2、测试主机为:
|
1
2
3
4
5
6
7
8
|
[root@node1 ansible_playbooks]
# cat hosts
[http]
192.168.100.131
[mysql]
192.168.100.132
[lamp]
192.168.100.130
[root@node1 ansible_playbooks]
#
|
3、编辑 role http 任务文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
[root@node1 roles]
# pwd
/opt/ansible_playbooks/roles
[root@node1 roles]
# tree http
http
├── default
├── files
│ └── httpd.conf
├── handlers
│ └── main.yml
├── meta
├── tasks
│ └── main.yml
├── templates
│ └── httpd.conf
└── vars
└── main.yml
7 directories, 5 files
[root@node1 roles]
#
|
tasks 任务列表
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@node1 roles]
# cat http/tasks/main.yml
- name:
install
httpd service
yum: name=httpd state=present
- name: start httpd service
service: name=httpd state=started enabled=
true
- name: modify httpd config
file
from template
template: src=httpd.conf dest=
/etc/httpd/conf/httpd
.conf
tags:
- modifyhttpconf
notify:
- restart httpd service
[root@node1 roles]
#
|
handlers
|
1
2
3
4
|
[root@node1 roles]
# cat http/handlers/main.yml
- name: restart httpd service
service: name=httpd state=restarted
[root@node1 roles]
#
|
files 和 templates 下的文件差别如下,这里只是为了演示 vars 的作用
|
1
2
3
4
5
6
7
8
9
10
|
[root@node1 roles]
# diff http/files/httpd.conf http/templates/httpd.conf
136c136
< Listen 8090
---
> Listen `listen`.`0`:`listen`.`1`
277c277
<
---
> ServerName `host_fqdn`.`0`
[root@node1 roles]
#
|
vars
|
1
2
3
4
5
6
7
|
[root@node1 roles]
# cat http/vars/main.yml
listen:
-
"`ansible_all_ipv4_addresses`.`0`"
- 8080
host_fqdn:
-
"`ansible_nodename`"
[root@node1 roles]
#
|
这里的 hostname 和 address 其实可以直接使用 setup 变量,这里这样做是为了演示 vars 的用法
4、编辑 role mysql 任务文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
[root@node1 roles]
# pwd
/opt/ansible_playbooks/roles
[root@node1 roles]
# tree mysql
mysql
├── default
├── files
│ └── my.cnf
├── handlers
│ └── main.yml
├── meta
├── tasks
│ └── main.yml
├── templates
│ └── my.cnf
└── vars
└── main.yml
7 directories, 5 files
[root@node1 roles]
#
|
tasks:
|
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@node1 roles]
# cat mysql/tasks/main.yml
- name:
install
mysql-server package
yum: name=mysql-server state=present
- name: start mysqld service
service: name=mysqld state=started enabled=
true
- name: copy my.cnf to remote host
template: src=my.cnf dest=
/etc/my
.cnf
tags:
- modifymycnf
notify:
restart mysqld service
[root@node1 roles]
#
|
handlers:
|
1
2
3
4
|
[root@node1 roles]
# cat mysql/handlers/main.yml
- name: restart mysqld service
service: name=mysqld state=restarted
[root@node1 roles]
#
|
files 和 templates 下的 my.cnf 差别如下 (templates 下的多了两个配置项,其中一个引用了 vars 的变量文件)
|
1
2
3
4
5
|
[root@node1 roles]
# diff mysql/files/my.cnf mysql/templates/my.cnf
1a2,3
> port=3306
> bind-address=`host_ip`.`0`
[root@node1 roles]
#
|
vars:
|
1
2
3
4
|
[root@node1 roles]
# cat mysql/vars/main.yml
host_ip:
-
"`ansible_all_ipv4_addresses`.`0`"
[root@node1 roles]
#
|
5、编辑 role php 任务文件
|
1
2
3
|
[root@node1 roles]
# cat php/tasks/main.yml
-name:
install
php package
yum: name=php state=present
|
6、开始执行
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
[root@node1 ansible_playbooks]
# ansible-playbook -i hosts site.yml
PLAY [http] *******************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.100.131]
TASK: [http |
install
httpd service] ******************************************
changed: [192.168.100.131]
TASK: [http | start httpd service] ********************************************
changed: [192.168.100.131]
TASK: [http | modify httpd config
file
from template] *************************
changed: [192.168.100.131]
NOTIFIED: [http | restart httpd service] **************************************
changed: [192.168.100.131]
PLAY [mysql] ******************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.100.132]
TASK: [mysql |
install
mysql-server package] **********************************
changed: [192.168.100.132]
TASK: [mysql | start mysqld service] ******************************************
changed: [192.168.100.132]
TASK: [mysql | copy my.cnf to remote host] ************************************
ok: [192.168.100.132]
PLAY [lamp] *******************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.100.130]
TASK: [http |
install
httpd service] ******************************************
changed: [192.168.100.130]
TASK: [http | start httpd service] ********************************************
changed: [192.168.100.130]
TASK: [http | modify httpd config
file
from template] *************************
changed: [192.168.100.130]
TASK: [mysql |
install
mysql-server package] **********************************
changed: [192.168.100.130]
TASK: [mysql | start mysqld service] ******************************************
changed: [192.168.100.130]
TASK: [mysql | copy my.cnf to remote host] ************************************
changed: [192.168.100.130]
TASK: [php |
install
php package] *********************************************
changed: [192.168.100.130]
NOTIFIED: [http | restart httpd service] **************************************
changed: [192.168.100.130]
NOTIFIED: [mysql | restart mysqld service] ************************************
changed: [192.168.100.130]
PLAY RECAP ********************************************************************
192.168.100.130 : ok=10 changed=9 unreachable=0 failed=0
192.168.100.131 : ok=5 changed=4 unreachable=0 failed=0
192.168.100.132 : ok=4 changed=2 unreachable=0 failed=0
[root@node1 ansible_playbooks]
#
|
查看结果
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@node1 ansible_playbooks]
# ansible -i hosts all -m shell -a 'netstat -natpl |grep httpd'
192.168.100.131 | success | rc=0 >>
tcp 0 0 192.168.100.131:8080 0.0.0.0:* LISTEN 14662
/httpd
192.168.100.132 | FAILED | rc=1 >>
192.168.100.130 | success | rc=0 >>
tcp 0 0 192.168.100.130:8080 0.0.0.0:* LISTEN 11127
/httpd
[root@node1 ansible_playbooks]
# ansible -i hosts all -m shell -a 'netstat -natpl |grep mysqld'
192.168.100.131 | FAILED | rc=1 >>
192.168.100.132 | success | rc=0 >>
tcp 0 0 192.168.100.132:3306 0.0.0.0:* LISTEN 61783
/mysqld
192.168.100.130 | success | rc=0 >>
tcp 0 0 192.168.100.130:3306 0.0.0.0:* LISTEN 11388
/mysqld
[root@node1 ansible_playbooks]
#
|
还可以进行 when 判断:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@node1 ansible_playbooks]
# cat hosts
[http]
192.168.100.131
[mysql]
192.168.100.132
192.168.100.131
[lamp]
192.168.100.130
[root@node1 ansible_playbooks]
# cat site.yml
- hosts: mysql
remote_user: root
roles:
- { role: mysql, when:
"ansible_nodename == 'v3.lansgg.com'"
}
|
执行结果:可以看到不满足条件的 skipping
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
[root@node1 ansible_playbooks]
# ansible-playbook -i hosts site.yml
PLAY [mysql] ******************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.100.131]
ok: [192.168.100.132]
TASK: [mysql |
install
mysql-server package] **********************************
skipping: [192.168.100.131]
changed: [192.168.100.132]
TASK: [mysql | start mysqld service] ******************************************
skipping: [192.168.100.131]
changed: [192.168.100.132]
TASK: [mysql | copy my.cnf to remote host] ************************************
skipping: [192.168.100.131]
ok: [192.168.100.132]
PLAY RECAP ********************************************************************
192.168.100.131 : ok=1 changed=0 unreachable=0 failed=0
192.168.100.132 : ok=4 changed=2 unreachable=0 failed=0
|
7、也可以在 传递变量
|
1
2
3
4
5
6
|
[root@node1 ansible_playbooks]
# cat site.yml
- hosts: http
remote_user: root
roles:
- { role: http, http_port: 2020,ServerName:
"`ansible_nodename`"
}
[root@node1 ansible_playbooks]
#
|
tasks:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@node1 ansible_playbooks]
# cat roles/http/tasks/main.yml
- name:
install
httpd service
yum: name=httpd state=present
- name: start httpd service
service: name=httpd state=started enabled=
true
- name: modify httpd config
file
from template
template: src=httpd.conf dest=
/etc/httpd/conf/httpd
.conf
tags:
- modifyhttpconf
notify:
- restart httpd service
[root@node1 ansible_playbooks]
#
|
template 文件变量部分:
|
1
2
3
4
5
|
[root@node1 ansible_playbooks]
# grep Listen roles/http/templates/httpd.conf |grep -v ^#
Listen `listen`.`0`:`http_port`
[root@node1 ansible_playbooks]
# grep ServerName roles/http/templates/httpd.conf |grep -v ^#
ServerName `ServerName`
[root@node1 ansible_playbooks]
#
|
执行结果:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@node1 ansible_playbooks]
# ansible-playbook -i hosts site.yml
PLAY [http] *******************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.100.131]
TASK: [http |
install
httpd service] ******************************************
changed: [192.168.100.131]
TASK: [http | start httpd service] ********************************************
changed: [192.168.100.131]
TASK: [http | modify httpd config
file
from template] *************************
changed: [192.168.100.131]
NOTIFIED: [http | restart httpd service] **************************************
changed: [192.168.100.131]
PLAY RECAP ********************************************************************
192.168.100.131 : ok=5 changed=4 unreachable=0 failed=0
|
本文转自 西索oO 51CTO博客,原文链接:http://blog.51cto.com/lansgg/1747265
