Ansible playbook 剧本
第1章 playbook剧本简介
1.1 什么是playbook剧本?
Playbooks与Ad-Hoc相比,是一种完全不同的运用Ansible的方式,而且是非常之强大的;也是系统ansible命令的集合,其利用yaml语言编写,运行过程,ansbile-playbook命令根据自上而下的顺序依次执行。
简单来说,Playbooks 是一种简单的配置管理系统与多机器部署系统的基础。与现有的其他系统有不同之处,且非常适合于复杂应用的部署。
playbook翻译过来就是“剧本”, 那 playbook 组成如下
- play: 定义的是主机的角色
- task: 定义的是具体执行的任务
- playbook: 由一个或多个 play 组成,一个 play 可以包含多个 task 任务。简单理解为: 使用不同的模块完成一件事情
1.2 playbook的优势
- 功能比ansible命令更强大
- 能很好的控制先后执行顺序, 以及依赖关系
- 语法展现更加的直观
- ansible命令无法持久使用, playbook 可以持久使用
第2章 playbook剧本的书写格式
2.1 剧本的组成
2.2 注意缩进
- 合理的信息缩进,两个空格表示一个缩进关系
- 一定不要使用tab
2.3 冒号
所有冒号后面都要加上空格
1
2
3
4
| - hosts: 172.16.1.41
tasks:
- name: 01-add group
group: name=www gid=666
|
2.4 短横线 - 列表功能
使用短横线构成列表信息,短横线后面需要有空格
第3章 剧本书写
3.1 剧本文件名格式
剧本文件拓展名为xxx.yaml
1.方便识别文件是一个剧本文件
2.文件编写时会有颜色提示
3.2 创建剧本
练习: 写一个剧本,使用yum/copy/service等模块安装部署启动rsync服务
3.2.1 服务端操作步骤
1.安装软件
1
| ansible 172.16.1.41 -m yum -a "name=rsync state=installed"
|
2.备份/etc/rsyncd.conf文件
1
| ansible 172.16.1.41 -m yum -a "src=/etc/rsyncd.conf dest=/etc/rsyncd.conf.bak remote_src=yes"
|
3.copy配置文件
1
| ansible 172.16.1.41 -m copy -a "src=/server/scripts/rsyncd.conf dest=/etc/"
|
4.创建www组和www用户
1
2
| ansible 172.16.1.41 -m group -a "name=www gid=666"
ansible 172.16.1.41 -m user -a "name=www create_home=no shell=/sbin/nologin group=www uid=666"
|
5.创建备份目录
1
| ansible 172.16.1.41 -m file -a "dest=/backup state=directory owner=www group=www"
|
6.创建密码文件
1
| ansible 172.16.1.41 -m copy -a "content='rsync_backup:oldboy' dest=/etc/rsync.password mode=600"
|
7.启动服务,加入开机自启
1
| ansible 172.16.1.41 -m service -a "name=rsyncd state=started enabled=yes"
|
3.2.2 客户端操作步骤
1.安装软件
1
| ansible 172.16.1.31 -m yum -a "name=rsync state=installed"
|
2.创建密码文件
1
| ansible 172.16.1.31 -m copy -a "content='oldboy' dest=/etc/rsync.password mode=600"
|
3.创建用户和组
1
2
| ansible 172.16.1.31 -m group -a "name=www gid=666"
ansible 172.16.1.31 -m user -a "name=www create_home=no shell=/sbin/nologin group=www uid=666"
|
4.创建备份目录
1
| ansible 172.16.1.31 -m file -a "dest=/backup state=directory owner=www group=www"
|
3.2.3 rsync剧本
服务端剧本:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-backup rsyncd.conf
copy: src=/etc/rsyncd.conf dest=/etc/rsyncd.conf.bak remote_src=yes
- name: 03-copy rsyncd.conf
copy: src=/server/scripts/playbook/rsyncd.conf dest=/etc/
- name: 04-create passwd
copy: content='rsync_backup:oldboy' dest=/etc/rsync.passwd mode=0600
- name: 05-add group
group: name=www gid=666
- name: 06-add user
user: name=www uid=666 group=www shell=/sbin/nologin create_home=no
- name: 07-create backup dir
file: path=/backup state=directory owner=www group=www
- name: 08-create data dir
file: path=/data state=directory owner=www group=www
- name: 09-start rsyncd
service: name=rsyncd state=started enabled=yes
|
客户端剧本:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: rsync_client
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-create passwd
copy: content='oldboy' dest=/etc/rsync.passwd mode=0600
- name: 03-add group
group: name=www gid=666
- name: 04-add user
user: name=www uid=666 group=www shell=/sbin/nologin create_home=no
- name: 05-create backup dir
file: path=/backup state=directory owner=www group=www
- name: 06-create data dir
file: path=/data state=directory owner=www group=www
|
3.2.4 NFS剧本
NFS服务器端:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: nfs_server
tasks:
- name: 01-install nfs service
yum: name=nfs-utils state=latest
- name: 02-copy nfs exports
copy: src=/server/scripts/playbook/exports dest=/etc/
- name: 03-add group
group: name=www gid='666'
- name: 04-add user
user: name=www uid=666 group=www shell=/sbin/nologin create_home=no
- name: 05-create data dir
file: path=/data state=directory owner=www group=www
- name: 06-start rpcbind
service: name=rpcbind state=started
- name: 07-start nfs
service: name=nfs state=started
- name: 08-enable rpcbind
systemd: name=rpcbind enabled=yes
- name: 09-enable nfs
systemd: name=nfs enabled=yes
|
NFS客户端:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: nfs_client
tasks:
- name: 01-install nfs service
yum: name=nfs-utils state=latest
- name: 02-add group
group: name=www gid=666
- name: 03-add user
user: name=www create_home=no shell=/sbin/nologin group=www uid=666
- name: 04-create data dir
file: path=/data state=directory owner=www group=www
- name: 05-start rpcbind
service: name=rpcbind state=started enabled=yes
- name: 06-mount data
mount: path=/data src=172.16.1.31:/data fstype=nfs opts=defaults state=mounted
|
3.3 检查剧本语法
1
| ansible-playbook --syntax-check nfs_client.yaml
|
3.4 模拟执行剧本(常用)
1
| ansible-playbook -C nfs_client.yaml
|
3.5 执行剧本
1
| ansible-playbook nfs_client.yaml
|
第4章 剧本高级 特性
我们已经体验了使用剧本来安装服务,但是上述的简单ansible剧本存在一定的局限性
1.全部写成一行虽然看起来整洁,但是有一些特性没办法使用
2.比如同时需要创建多个目录,启动多个服务,需要重复写多条语句
3.参数不直观,不好修改
4.剧本里写的是启动服务,如果配置文件发生变化,重复执行不会重启服务
不过没有关系,等学习了下面的高级特性,然后我们可以换一种写法
4.1 循环
官方网址:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
使用情景:
1.需要创建多个目录
2.需要启动多个服务
具体实现:
1.同时创建2个目录/data和/backup
1
2
3
4
5
6
7
8
9
10
11
12
| [root@ssh-61 /server/scripts/playbook]
- hosts: 172.16.1.41
tasks:
- name: 01-create dir data and backuo
file:
path: "{{ item }}"
state: directory
owner: www
group: www
loop:
- /data
- /backup
|
2.同时启动2个服务
1
2
3
4
5
6
7
8
9
10
| [root@ssh-61 /server/scripts/playbook]
- hosts: 172.16.1.31
tasks:
- name: 01-start rpcbind nfs service
service:
name: "{{ item }}"
state: started
loop:
- rpcbind
- nfs
|
4.2 变量
官方网址:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html
使用情景:
1.自定义某个名称,在任务中会多次引用
2.从主机收集的系统信息中提取某个变量并引用,例如网卡信息
具体实现:
1.自定义一个文件名变量,创建文件时引用
1
2
3
4
5
6
7
8
9
10
11
12
| [root@ssh-61 /server/scripts/playbook]
- hosts: 172.16.1.41
vars:
file_name: oldboy
tasks:
- name: 01-use vars create dir
file:
path: "/root/{{ file_name }}"
state: directory
owner: www
group: www
|
2.使用变量获取主机的eth1地址
1
2
3
4
5
| [root@ssh-61 /server/scripts/playbook]
- hosts: 172.16.1.41
tasks:
- name: 01-get ip address
shell: "echo {{ ansible_facts.eth1.ipv4.address }} > /root/ip_eth1.txt"
|
3.在主机hosts中指定变量
1
2
3
4
5
6
| [root@ssh-61 ~]
[backup]
172.16.1.41
[backup:vars]
file_name="oldzhang"
|
4.3 注册变量
使用情景:将配置文件的状态注册成一个变量,方便其他任务引用
具体实现:
1.将配置文件的状态注册成一个服务变量并打印出来
1
2
3
4
5
6
7
8
9
10
| [root@ssh-61 /server/scripts/playbook]
- hosts: 172.16.1.41
tasks:
- name: 01-register rsync status
shell: netstat -lntp|grep rsync
register: rsync_port
- name: 02-out rsync status
debug:
msg: "{{ rsync_port.stdout_lines }}"
|
2.打印多个信息
1
2
3
4
5
6
7
8
9
10
11
12
| - hosts: nfs
tasks:
- name: 01-echo hostname
shell: echo $(hostname)
register: nfs_hostname
- name: debug nfs_hostname
debug:
msg: "{{ item }}"
loop:
- "{{ nfs_hostname.stdout }}"
- "{{ nfs_hostname.cmd }}"
|
4.4 服务管理
官网地址:
https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html?highlight=handlers#handlers-running-operations-on-change
使用情景:如果配置文件发生了变化,就重启服务,否则什么都不操作
具体实现:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| [root@ssh-61 /server/scripts/playbook]
- hosts: rsync_server
tasks:
- name: 02-backup & copy
copy:
src: "{{ rsync_conf_path }}"
dest: /etc/
backup: yes
notify:
- restart rsyncd
handlers:
- name: restart rsyncd
service:
name: rsyncd
state: restarted
|
4.5 标签
使用情景:从我们指定的任务开始执行,而不是从头到尾执行一遍
具体实现:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
tags: 01-install-rsync
- name: 02-backup rsyncd.conf
copy: src=/etc/rsyncd.conf dest=/etc/rsyncd.conf.bak remote_src=yes
tags: 02-backup-rsyncd.conf
- name: 03-copy rsyncd.conf
copy: src=/server/scripts/playbook/rsyncd.conf dest=/etc/
tags: 03-copy-rsyncd.conf
- name: 04-create passwd
copy: content='rsync_backup:oldboy' dest=/etc/rsync.passwd mode=0600
tags: 04-create-passwd
- name: 05-add group
group: name=www gid=666
tags: 05-add-group
- name: 06-add user
user: name=www uid=666 group=www shell=/sbin/nologin create_home=no
tags: 06-add-user
- name: 07-create backup dir
file: path=/backup state=directory owner=www group=www
tags: 07-create-backup-dir
- name: 08-create data dir
file: path=/data state=directory owner=www group=www
tags: 08-create-data-dir
- name: 09-start rsyncd
service: name=rsyncd state=started enabled=yes
tags: 09-start-rsyncd
|
调用标签:
1.打印出playbook里要执行的所有标签
1
| [root@ssh-61 /server/scripts/playbook]
|
2.指定运行某个标签
1
| [root@ssh-61 /server/scripts/playbook]
|
3.指定运行多个标签,使用逗号隔开
1
| [root@ssh-61 /server/scripts/playbook]
|
4.指定不运行某个标签
1
| [root@ssh-61 /server/scripts/playbook]
|
第5章 运行检查规范
5.1 检查剧本拼写规范
1
| ansible-playbook --syntax-check check.yam
|
5.2 检查这个任务执行的主机对象
1
| ansible-playbook --list-host check.yaml
|
5.3 检查这个剧本需要执行哪些任务
1
| ansible-playbook --list-tasks check.yaml
|
5.4 检查这个剧本执行哪些tag
1
| ansible-playbook --list-tags check.yaml
|
5.5 模拟执行剧本
1
| ansible-playbook -C check.yaml
|
第6章 实战剧本部署rsync/nfs/lsyncd
6.1 rsync 脚本
rsync 服务端脚本实例:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: rsync_server
vars:
rsync_conf_path: '/server/scripts/playbook/rsyncd.conf'
tasks:
- name: 01-install-rsync
yum:
name: rsync
state: installed
tags: 01-yum
- name: 02-backup & copy
copy:
src: "{{ rsync_conf_path }}"
dest: /etc/
backup: yes
notify:
- restart rsyncd
tags: 02-copy
- name: 03-create-group
group:
name: www
gid: 666
tags: 03-create-group
- name: 04-create-user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
tags: 04-create-user
- name: 05-create-dir
file:
dest: "{{ item }}"
state: directory
owner: www
group: www
loop:
- /backup
- /data
tags: 05-create-dir
- name: 06-create-passwd
copy:
content: 'rsync_backup:oldboy'
dest: /etc/rsync.passwd
mode: 0600
tags: 06-create-passwd
- name: 07-start-rsynd
service:
name: rsyncd
state: started
enabled: yes
tags: 07-start-rsynd
handlers:
- name: restart rsyncd
service:
name: rsyncd
state: restarted
|
rsync 客户端脚本实例:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: rsync_client
tasks:
- name: 01-install-rsync
yum:
name: rsync
state: installed
tags: 01-yum
- name: 02-create-passwd
copy:
content: 'oldboy'
dest: /etc/rsync.passwd
mode: 0600
tags: 02-create-passwd
- name: 03-create-group
group:
name: www
gid: 666
tags: 03-create-group
- name: 04-create-user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
tags: 04-create-user
- name: 05-create-dir
file:
dest: "{{ item }}"
state: directory
owner: www
group: www
loop:
- /backup
- /data
tags: 05-create-dir
|
6.2 NFS 脚本
NFS服务端脚本实例:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: nfs_server
vars:
exports_path: '/server/scripts/playbook/exports'
tasks:
- name: 01-install-nfs
yum:
name: nfs-utils
state: latest
tags: 01-yum-nfs
- name: 02-copy-nfs-exports
copy:
src: "{{ exports_path }}"
dest: /etc/
notify:
- restart rpcbind
- restart nfs-server
tags: 02-copy-nfs-exports
- name: 03-create-group
group:
name: www
gid: 666
tags: 03-create-group
- name: 04-create-user
user:
name: www
uid: 666
shell: /sbin/nologin
create_home: no
tags: 04-create-user
- name: 05-create-dir
file:
dest: "{{ item }}"
state: directory
owner: www
group: www
loop:
- /backup
- /data
tags: 05-create-dir
- name: 06-start-rpc & nfs
service:
name: "{{ item }}"
state: started
enabled: yes
loop:
- rpcbind
- nfs-server
tags: 06-start-rpc-nfs
handlers:
- name: restart rpcbind
service:
name: rpcbind
state: restarted
- name: restart nfs-server
service:
name: nfs-server
state: restarted
|
NFS客户端脚本实例:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: nfs_client
tasks:
- name: 01-install-nfs
yum:
name: nfs-utils
state: latest
tags: 01-install-nfs
- name: 02-create-group
group:
name: www
gid: 666
tags: 02-create-group
- name: 03-create-user
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: no
tags: 03-create-user
- name: 04-create-dir
file:
path: /data
state: directory
owner: www
group: www
tags: 04-create-dir
- name: 05-start-rpcbind
service:
name: rpcbind
state: started
enabled: yes
tags: 05-start-rpcbind
- name: 06-mount-data
mount:
path: /data
src: 172.16.1.31:/data
fstype: nfs
opts: defaults
state: mounted
tags: 06-mount-data
|
6.3 lsync 脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| [root@ssh-61 /server/scripts/playbook]
---
- hosts: nfs
vars:
lsyncd_conf_path: '/server/scripts/playbook/lsyncd.conf'
tasks:
- name: 01-install-lsyncd
yum:
name: lsyncd
state: latest
tags: 01-install-lsyncd
- name: 02-copy-lsyncd.conf
copy:
src: "{{ lsyncd_conf_path }}"
dest: /etc/
backup: yes
notify:
- restart lsyncd
tags: 02-copy-lsyncd.conf
- name: 03-start-lsyncd
service:
name: lsyncd
state: started
enabled: yes
tags: 03-start-lsyncd
handlers:
- name: restart lsyncd
service:
name: lsyncd
state: restarted
|
