Ansible playbooks(任务、角色、模板、变色器、)

 

 

 

playbooks配置文件:

 

[root@ansible ~]# vim /etc/ansible/hosts

[test01]
192.168.200.114 [test02] 192.168.200.115
[root@ansible ~]# vim /etc/ansible/test.yaml


---
- hosts: test01                          #要操作的主机
  remote_user: root                      #登入的用户
  tasks:                                 #tasks表示任务
    - name: adduser                      #任务名
      user: name=user2 state=present      #创建一个用户
      tags:                              #设置一个标签
        - testaaa
    - name: addgroup
      group: name=root system=yes
      tags:
        - testbbb
- hosts: test02
  remote_user: root
  tasks:
    - name: xxx
      copy: src=/etc/passwd dest=/home
      tags:
        - testccc
...

用法:

      playbook文件定义的任务需要通过nasible-playbook命令调用并执行,ansible-playbook命令用法如下:

用法:ansible-playbook[option]/PATH/TO/PLAYBOOK.yaml

实验案例:

1:语法检查:

[root@ansible ~]# ansible-playbook --syntax-check /etc/ansible/test.yml

playbook: /etc/ansible/test.yml

2:预测试:

[root@ansible ~]# ansible-playbook -C /etc/ansible/test.yml 

PLAY [test01] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.114]

TASK [adduser] **************************************************************************************************************************
changed: [192.168.200.114]

TASK [addgroup] *************************************************************************************************************************
ok: [192.168.200.114]

PLAY [test02] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.115]

TASK [xxx] ******************************************************************************************************************************
changed: [192.168.200.115]

PLAY RECAP ******************************************************************************************************************************
192.168.200.114            : ok=3    changed=1    unreachable=0    failed=0   
192.168.200.115            : ok=2    changed=1    unreachable=0    failed=0   

3:列出主机:

[root@ansible ~]# ansible-playbook --list-hosts /etc/ansible/test.yml 

playbook: /etc/ansible/test.yml

  play #1 (test01): test01    TAGS: []
    pattern: [u'test01']
    hosts (1):
      192.168.200.114

  play #2 (test02): test02    TAGS: []
    pattern: [u'test02']
    hosts (1):
      192.168.200.115

4:列出任务:

[root@ansible ~]# ansible-playbook --list-tasks /etc/ansible/test.yml 

playbook: /etc/ansible/test.yml

  play #1 (test01): test01    TAGS: []
    tasks:
      adduser    TAGS: [testaaa]
      addgroup    TAGS: [testbbb]

  play #2 (test02): test02    TAGS: []
    tasks:
      xxx    TAGS: [testccc]

5:列出标签:

[root@ansible ~]# ansible-playbook --list-tags /etc/ansible/test.yml 

playbook: /etc/ansible/test.yml

  play #1 (test01): test01    TAGS: []
      TASK TAGS: [testaaa, testbbb]

  play #2 (test02): test02    TAGS: []
      TASK TAGS: [testccc]

6:执行任务:

[root@ansible ~]# ansible-playbook /etc/ansible/test.yml 

PLAY [test01] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.114]

TASK [adduser] **************************************************************************************************************************
ok: [192.168.200.114]

TASK [addgroup] *************************************************************************************************************************
ok: [192.168.200.114]

PLAY [test02] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.115]

TASK [xxx] ******************************************************************************************************************************
ok: [192.168.200.115]

PLAY RECAP ******************************************************************************************************************************
192.168.200.114            : ok=3    changed=0    unreachable=0    failed=0   
192.168.200.115            : ok=2    changed=0    unreachable=0    failed=0   

7:测试查看:

[root@ansible ~]# ansible test01 -m shell -a "tail -l /etc/passwd"
192.168.200.114 | SUCCESS | rc=0 >>
user2:x:1001:1001::/home/user2:/bin/bash

[root@ansible ~]# ansible test02 -m command -a "ls -l /home"
192.168.200.115 | SUCCESS | rc=0 >>
总用量 4
drwx------. 3 crushlinx crushlinx 78 10月 28 09:53 crushlinx
-rw-r--r--. 1 root root 2304 10月 28 16:57 passwd
drwx------. 3 room room 78 4月 11 2018 room

8:执行输出:

我们在用playbook进行ansible模块操作的时候,并没有命令的执行结果输出,默认被隐藏了,可以通过refister模块追加命令输出的结果

[root@ansible ~]# vim /etc/ansible/test.yaml

---
- hosts: test01
  remote_user: root
  tasks:
    - name: adduser
      user: name=user2 state=present
      register: print_result
      tags:
        - testaaa
    - debug: var=print_result
    - name: addgroup
      group: name=root system=yes
      tags:
        - testbbb

    - debug: var=print_result
- hosts: test02
  remote_user: root
  tasks:
    - name: xxx
      copy: src=/etc/passwd dest=/home
      tags:
        - testccc
...
[root@ansible ~]# ansible-playbook /etc/ansible/test.yaml 

PLAY [test01] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.114]

TASK [adduser] **************************************************************************************************************************
ok: [192.168.200.114]

TASK [debug] ****************************************************************************************************************************
ok: [192.168.200.114] => {
    "print_result": {
        "append": false, 
        "changed": false, 
        "comment": "", 
        "failed": false, 
        "group": 1001, 
        "home": "/home/user2", 
        "move_home": false, 
        "name": "user2", 
        "shell": "/bin/bash", 
        "state": "present", 
        "uid": 1001
    }
}

TASK [addgroup] *************************************************************************************************************************
ok: [192.168.200.114]

TASK [debug] ****************************************************************************************************************************
ok: [192.168.200.114] => {
    "print_result": {
        "append": false, 
        "changed": false, 
        "comment": "", 
        "failed": false, 
        "group": 1001, 
        "home": "/home/user2", 
        "move_home": false, 
        "name": "user2", 
        "shell": "/bin/bash", 
        "state": "present", 
        "uid": 1001
    }
}

PLAY [test02] ***************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.115]

TASK [xxx] ******************************************************************************************************************************
ok: [192.168.200.115]

PLAY RECAP ******************************************************************************************************************************
192.168.200.114            : ok=5    changed=0    unreachable=0    failed=0   
192.168.200.115            : ok=2    changed=0    unreachable=0    failed=0  

client机安装httpd

[root@client2 ~]# yum install httpd httpd-server -y


 [root@client2 httpd]# service httpd start

[root@client1 ~]# yum install httpd httpd-server -y


 [root@client1 httpd]# service httpd start

2:触发器:

hanglers触发器的使用示例如下:

[root@ansible ~]# ansible test01 -m shell -a 'netstat -anpt | grep :80'
192.168.200.114 | SUCCESS | rc=0 >>
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      104590/nginx: maste 
[root@ansible ~]# vim /etc/ansible/httpd.yaml


---
- hosts: crushlinux
  remote_user: root
  tasks:
    - name: change port
      command: sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
      notify:
        - restart httpd server
  handlers:
    - name: restart httpd server
      service: name=httpd state=restarted
...


测试语法:

[root@ansible ~]# ansible-playbook -C /etc/ansible/httpd.yaml 

PLAY [crushlinux] ***********************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.115]
ok: [192.168.200.114]

TASK [change port] **********************************************************************************************************************
skipping: [192.168.200.115]
skipping: [192.168.200.114]

PLAY RECAP ******************************************************************************************************************************
192.168.200.114            : ok=1    changed=0    unreachable=0    failed=0   
192.168.200.115            : ok=1    changed=0    unreachable=0    failed=0  

查看配置文件内容并执行:

[root@ansible ~]# ansible "test01" -m shell -a 'grep ^Listen /etc/httpd/conf/httpd.conf'
192.168.200.114 | SUCCESS | rc=0 >>
Listen 80


[root@ansible ~]# ansible-playbook /etc/ansible/httpd.yaml


PLAY [crushlinux] ***********************************************************************************************************************


TASK [Gathering Facts] ******************************************************************************************************************
ok: [192.168.200.115]
ok: [192.168.200.114]


TASK [change port] **********************************************************************************************************************
[WARNING]: Consider using template or lineinfile module rather than running sed

                可以忽略或使用模板lineinfile模块而不是运行sed


changed: [192.168.200.115]
changed: [192.168.200.114]


RUNNING HANDLER [restart httpd server] **************************************************************************************************
changed: [192.168.200.115]
changed: [192.168.200.114]


PLAY RECAP ******************************************************************************************************************************
192.168.200.114 : ok=3 changed=2 unreachable=0 failed=0
192.168.200.115 : ok=3 changed=2 unreachable=0 failed=0

 查看结果:


[root@ansible ~]# ansible test01 -m shell -a 'netstat -anpt | grep httpd'
192.168.200.114 | SUCCESS | rc=0 >>
tcp6 0 0 :::8080 :::* LISTEN 9209/httpd


[root@ansible ~]# ansible crushlinux -m shell -a 'netstat -anpt | grep httpd'
192.168.200.114 | SUCCESS | rc=0 >>
tcp6 0 0 :::8080 :::* LISTEN 9209/httpd


192.168.200.115 | SUCCESS | rc=0 >>
tcp6 0 0 :::8080 :::* LISTEN 12029/httpd

 

基于Ansible playbook配置zabbix agent端:zabbix是一种监控器,用于监控client端

[root@ansible ~]# vim zabbix-agent.sh


#!/bin/bash
NH=$(hostname)
if [ ! -f /etc/yum.repos.d/zabbix.repo ]
then
    rpm -Uvh
http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
fi
rpm -q zabbix-agent &>/dev/null
[ $? -ne 0 ] && yum -y -q install zabbix-agent
cp /etc/zabbix/zabbix_agentd.conf{,-$(date +%F%T)}
sed -i 's/Server=127.0.0.1/Server=192.168.200.113/g' /etc/zabbix/zabbix_agentd.conf
sed -i 's/ServerActive=127.0.0.1/ServerActive=192.168.200.113/g'
/etc/zabbix//zabbix_agentd.conf
sed -i 's/Hostname=Zabbix server/Hostname=$HN/g' /etc/zabbix/zabbix_agentd.conf
systemctl | restart zabbix-agent

3:角色

 

 


实验案例:

       通过一个实验配置数据库角色,要求被管理端主机自动安装Mariadb,安装后上传提前装备好的配置文件到远端主机,重启服务,然后新建testdb数据库,并允许test用户对其拥有所有权限:

1:被管理端配置yum源:

[root@client2 ~]# cd /etc/yum.repos.d/
[root@client2 yum.repos.d]# ls
a  epel.repo  epel-testing.repo  local.repo


[root@client1 ~]# cd /etc/yum.repos.d/
[root@client2 yum.repos.d]# ls
a  epel.repo  epel-testing.repo  local.repo

2:配置数据库角色:

[root@ansible ~]# mkdir -pv /etc/ansible/roles/mariadb/{file,tasks,handlers}
mkdir: 已创建目录 "/etc/ansible/roles/mariadb"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/file"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/tasks"
mkdir: 已创建目录 "/etc/ansible/roles/mariadb/handlers"

[root@ansible ~]# cd /etc/ansible/ [root@ansible ansible]# vim /etc/ansible/mariadb.yaml --- - hosts: crushlinux remote_user: root roles: - mariadb ...

[root@ansible ansible]# cd /etc/ansible/roles/mariadb/
[root@ansible mariadb]# ls
file    handlers   tasks
[root@ansible mariadb]# cd tasks/
[root@ansible tasks]# vim main.yaml


---
- name: install mariadb                                  #指定任务名称安装mariadb数据库
yum: name=mariadb-server state=present                   #执行yum模块安装mariadb

- name: move config file                                  #指定任务名称移除原有配置文件
shell: "[ -e /etc/my.cnf ] && mv /etc/my.cnf /etc/my.cnf.bak"   #进行判断,如果有就移除
- name: provide a new config file                              #创建一个新的配置文件

copy: src=my.cnf dest=/etc/my.cnf                              #src源会自动到file文件中查找my.cnf配置文件
- name: reload mariadb                                         #指定任务名称重启mariadb
shell: systemctl restart mariadb                               #hsell添加模块重启mariadb
- name: create database testdb                                 #指定要求添加mysql语句
shell: mysql -u root -e "create database testdb;grant all privileges on testdb.* to 'test@'192.168.200.%' identified by 'test123';flush privileges;"
notify:                                                        #通知触发器
- restart mariadb                                               #重启mariadb
...

 

 

  [root@ansible handlers]# vim main.yml

   ---
   - name: restart mariadb                           #引用上面的触发器
     server: name=mariadb state=restarted            #触发后重启mariadb服务
   ...



[root@ansible handlers]# cd ../file/
[root@ansible file]# cp /etc/my.cnf /etc/ansible/roles/mariadb/file/
[root@ansible file]# ls
my.cnf                    #准备my.cnf文件
[root@ansible file]# cd /etc/ansible/

[root@ansible ansible]# tree
.
├── ansible.cfg
├── hosts
├── hosts.bak
├── httpd.yaml
├── mariadb.yaml
├── roles
│   └── mariadb
│   ├── file
│   │   └── my.cnf
│   ├── handlers
│   │   └── main.yaml
│   └── tasks
│   └── main.yaml
└── test.yaml

预执行:

[root@ansible mariadb]# ansible-playbook -C /etc/ansible/mariadb.yaml 
posted @ 2019-10-28 19:43  Room、C  阅读(536)  评论(0编辑  收藏  举报