Ansible批量管理02-剧本的扩展功能配置
剧本的扩展功能配置
1)在剧本中设置变量信息
2)在剧本中设置注册信息 -- 执行剧本时可以显示输出信息
3)在剧本中设置判断信息
4)在剧本中设置循环信息
5)在剧本中设置错误忽略
6)在剧本中设置标签信息
7)在剧本中设置触发信息 -- 当监视文件的内容有所变化时,通知重启服务
8)在剧本中进行剧本整合
如何定义变量信息
剧本中有些文件、目录、IP等有时会频繁出现,但是不同环境这些因素可能不同,把这些不定因素定义成变量,下次改的时候就只需要改动定义变量的值,这样就可以减轻工作,提高效率,他和脚本里的变量有异曲同工之妙,只是格式书写不一样,需要注意
[root@m01 ~]# vim /etc/ansible/hosts
#定义可以管理的主机清单
[rsync:children]
rsync_server
rsync_client
[rsync_server]
172.16.1.41
[rsync_client]
172.16.1.31
172.16.1.7
第一种方式:在剧本中编写变量信息
[root@m01 playbook]# vim rsync_service_变量信息.yaml
- hosts: rsync_server
vars:
backupdir: /backup
passfile: rsync.password
scripts: backup-server.sh
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: 05-push password file
copy: content=rsync_backup:oldboy123 dest=/etc/{{ passfile }} mode=600
- name: start rsync server
service: name=rsyncd state=started enabled=yes
- name: 06-set crontab
cron: minute=1 hour=0 job='/bin/bash /server/scripts/backup-server.sh &>/dev/null'
- name: 07-push backup-server.sh
copy: src=/server/scripts/{{ scripts }} dest=/server/scripts/ mode=755
第二种方式:在/etc/ansible/hosts主机清单中配置变量信息
[root@m01 ~]# vim /etc/ansible/hosts
#定义可以管理的主机清单
[rsync_server]
172.16.1.41
[rsync_server:vars] -- 定义变量信息
backupdir=/backup
passfile=rsync.password
scripts=backup-server.sh
[rsync_client]
172.16.1.31
172.16.1.7
[rsync_client:vars]
passfile=rsync.password
scripts=backup.sh
[root@m01 ~]# vim /ansible/playbook/rsync_service_变量信息.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: 05-push password file
copy: content=rsync_backup:oldboy123 dest=/etc/{{ passfile }} mode=600
- name: start rsync server
service: name=rsyncd state=started enabled=yes
- name: 06-set crontab
cron: minute=1 hour=0 job='/bin/bash /server/scripts/backup-server.sh &>/dev/null'
- name: 07-push backup-server.sh
copy: src=/server/scripts/{{ scripts }} dest=/server/scripts/ mode=755
- hosts: rsync_client
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-create password file
copy: content=oldboy123 dest=/etc/{{ passfile }} mode=600
- name: 03-test rsync
shell: rsync -az /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/{{ passfile }}
- name: 04-set crontab
cron: minute=0 hour=0 job='/bin/bash /server/scripts/backup.sh &>/dev/null'
- name: 07-push backup.sh
copy: src=/server/scripts/{{ scripts }} dest=/server/scripts/ mode=755
[root@m01 playbook]# ansible-playbook -C rsync_service_变量信息.yaml
第三种方式:直接在运行命令时指定变量参数(但是临时的,下次不加就无法生效)
[root@m01 playbook]# ansible-playbook -C -e backupdir=/backup -e passfile=rsync.password -e scripts=backup-server.sh rsync_service_变.量信息.yaml
三种文件变量方式配置了,三种方式的优先级
最优先: 命令行配置设置
次优先: 剧本中变量设置
最后: 主机清单变量设置
如何设置注册信息(检测服务能否正常启动)
在剧本中,我们利用shell模块输入的命令执行结果是无法显示出来的,但是有些时候我们需要确认服务有没有正常启动,网盘之类是否挂载成功等,这个时候我们需要将一些信息显示出来,方便确认服务安装是否正常,这个时候就可以使用register注册信息,他配合debug就可以将shell模块输入的命令执行结果显示出来
[root@m01 playbook]# vim rsync_service_注册信息.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file
copy: src=/etc/rsyncd.conf dest=/etc/
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: 05-push password file
copy: content=rsync_backup:oldboy123 dest=/etc/{{ passfile }} mode=600
- name: start rsync server
service: name=rsyncd state=started enabled=yes
- name: 06-check server port
shell: netstat -lntup | grep 873
register: get_server_port
- name: 07-display port info
debug: msg={{ get_server_port.stdout_lines }}
[root@m01 playbook]# ansible-playbook rsync_service_注册信息.yaml
如何在剧本中设置判断信息
ansible rsync-server -m setup -a "filter=ansible_hostname"
常见主机信息
ansible_all_ipv4_addresses 仅显示ipv4的信息。
ansible_devices 仅显示磁盘设备信息。
ansible_distribution 显示是什么系统,例: centos, suse等。
ansible_distribution_major_version 显示是系统主版本。
ansible_distr_ibution_version 仅显示系统版本。
ansible_machine 显示系统类型,例: 32位,还是64位。
ansible_eth0 仅显示eth0的信息
ansible_hostname 仅显示主机名。
ansible_kernel 仅显示内核版本。
ansible_lvm 显示1vm相关信息。
ansible_memtotal_mb 显示系统总内存。
ansible_memfree_mb 显示可用系统内存。
ansible_memory_mb 详细显示内存情况。
ansible_swaptotal_mb 显示总的swap内存。
ansible_swapfree_mb 显示swap内存的可用内存。
ansible_mounts 显示系统磁盘挂载情况。
ansible_processor 显示cpu个数(具体显示每个cpu的型号)。
ansible_processor_vcpus 显示cpu个数(只显示总的个数)。
[root@m01 playbook]# vim rsync_service_判断信息.yaml
- hosts: rsync_client
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-create password file
copy: content=oldboy123 dest=/etc/{{ passfile }} mode=600
- name: 03-create test nfs file
file: dest=/tmp/test_nfs.txt state=touch
when: (ansible_hostname == "nfs01")
- name: 03-create test web file
file: dest=/tmp/test_web.txt state=touch
when: (ansible_hostname == "web01")
- name: 03-check test backup
shell: rsync -az /tmp/test_nfs.txt rsync_backup@172.16.1.41::backup --password-file=/etc/{{ passfile }}
when: (ansible_hostname == "nfs01")
- name: 03-check test web
shell: rsync -az /tmp/test_web.txt rsync_backup@172.16.1.41::web --password-file=/etc/{{ passfile }}
when: (ansible_hostname == "web01")
什么时候用到循环,如何实现循环
当一个name下要执行多个相同的模块时,就可以使用到循环,使整个剧本更精简
[root@m01 playbook]# vim rsync_service_循环信息.yaml
第一种书写方式:
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name={{ item }} state=installed
with_items:
- rsync
- lsof
第二种书写方式:
- hosts: rsync_server
tasks:
- name: 02-push conf file & password file
#copy: src=/etc/rsyncd.conf dest=/etc/
#copy: src=/etc/rsync.password dest=/etc/ mode=600
copy: src=/etc/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: 'rsync.password', dest: '/etc/', mode: '600' }
第三种书写方式:
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum:
name: ['rsync', 'lsof', 'tree']
state: installed
剧本执行出现错误排查思路/步骤:
1)找到剧本中出现的问题关键点
2)将剧本中的操作转换成模块进行操作
3)将模块的功能操作转换成linux命令
本地管理主机上执行命令测试
远程被管理主机上执行命令测试
如何忽略剧本中的错误信息,继续执行
当剧本执行时,有些模块会报错,但这个问题可能一时解决不了,这个时候我们可先使用ignore_errors忽略这个问题,继续执行,看其他地方还有没有报错
[root@m01 playbook]# ansible-playbook rsync_service_忽略信息.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file & password file
copy: s=/etc/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: 'rsync.password', dest: '/etc/', mode: '600' }
ignore_errors: yes
[root@m01 playbook]# ansible-playbook rsync_service_忽略信息.yaml
如何在剧本中设置标签,让他只执行指定的一个模块
当我们遇到报错时,修改了剧本内容,但不知道是不是还有问题,但这个需要执行剧本来测试是否修改正确,但执行整个剧本太耗时间,这个时候我们就可以指定一个标签,让他只执行那一模块,忽略其它模块
[root@m01 playbook]# vim rsync_service_标签信息.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file & password file
copy: src=/etc/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: 'rsync.password', dest: '/etc/', mode: '600' }
tags: push_conf_file
[root@m01 playbook]# ansible-playbook -t "push_conf_file" rsync_service_标签信息.yaml
如何在剧本中配置触发信息,当配置文件更改过以后重启一下服务
当监测到所监视的模块的配置信息有改变时,就发一个通知,通知重启一下服务
[root@m01 playbook]# vim rsync_service_触发信息.yaml
- hosts: rsync_server
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- name: 02-push conf file & password file
copy: src=/etc/rsyncd.conf dest=/etc/
notify: restart rsync server
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create backup dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: start rsync server
service: name=rsyncd state=started enabled=yes
handlers:
- name: restart rsync server
service: name=rsyncd state=restarted
[root@m01 playbook]# ansible-playbook rsync_service_触发信息.yaml
更多详细剧本扩展内容,参照官方网站: https://docs.ansible.com/ansible/2.7/user_guide/playbooks.html
实现部署NFS服务剧本
[root@m01 ~]# vim /etc/ansible/hosts
#定义可以管理的主机清单
[nfs-server]
172.16.1.31
[nfs-client]
172.16.1.7
#172.16.1.8
#172.16.1.9
[nfs:children]
nfs-server
nfs-client
[rsync_server]
172.16.1.41
[rsync_client]
172.16.1.7
172.16.1.31
[rsync:children]
rsync_server
rsync_client
[root@m01 /ansible/playbook]# vim nfs-server.yaml
- hosts: nfs #指定公共部分,循环安装部署rpcbind,nfs软件
tasks:
- name: 01-install rpcbind & nfs
yum:
name: [ 'rpcbind', 'nfs-utils' ]
state: installed
- hosts: nfs_server
vars:
Data_dir: /data #设置变量
tasks:
- name: 02-push conf file
copy: src=/ansible/nfs-server/exports dest=/etc/
notify: restart nfs server #设置触发通知信息,当exports文件里内容有变化时,发通知给handlers
- name: 03-create data dir
file: path={{ Data_dir }} state=directory owner=nfsnobody group=nfsnobody
- name: start rpcbind & nfs service
service: name={{ item }} state=started enabled=yes #循环重启服务
with_items:
- rpcbind
- nfs
handlers: #与上面的notify配合使用,当收到通知后触发重启nfs服务
- name: restart nfs server
service: name=nfs state=restarted
- hosts: nfs_client
vars:
Data_dir: /data
tasks:
- name: 02-mount nfs
mount: src=172.16.1.31:{{ Data_dir }} path=/mnt fstype=nfs state=mounted
- name: 03-check mount info
shell: df -h|grep /data
register: nfs_dir #对上面的df -h 进行注册,再通过下面的debug显示出命令执行的结果
- name: display nfs-dir
debug: msg={{ nfs_dir.stdout_lines }}
实现rsync全网备份剧本
- hosts: rsync
tasks:
- name: 01-install rsync
yum: name=rsync state=installed
- hosts: rsync_server
vars:
backupdir: /backup
passfile: rsync.password
scripts: backup-server.sh
tasks:
- name: 02-push conf file & password file & bash file
# copy: src=/etc/rsyncd.conf dest=/etc/
# copy: content=rsync_backup:oldboy123 dest=/etc/{{ passfile }} mode=600
# copy: src=/server/scripts/{{ scripts }} dest=/server/scripts/ mode=755
copy: src=/ansible/rsync_server/{{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: 'rsync.password', dest: '/etc/', mode: '600' }
- { src: '{{ scripts }}', dest: '/server/scripts', mode: '755' }
# ignore_errors: yes
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: start rsync server
service: name=rsyncd state=started enabled=yes
- name: 06-check server port
shell: netstat -lntup | grep 873
register: get_server_port
- name: 07-display port info
debug: msg={{ get_server_port.stdout_lines }}
- name: 08-set crontab
cron: minute=1 hour=0 name='rsync backup' job='/bin/bash /server/scripts/backup-server.sh &>/dev/null'
- hosts: rsync_client
vars:
passfile: rsync.password
scripts: backup.sh
tasks:
- name: 02-create password file & password file
# copy: content=oldboy123 dest=/etc/{{ passfile }} mode=600
# copy: src=/server/scripts/{{ scripts }} dest=/server/scripts/ mode=755
copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: '/ansible/rsync_client/rsync.password', dest: '/etc/', mode: '600' }
- { src: '/server/scripts/{{ scripts }}', dest: '/server/scripts/', mode: '755' }
#tags: t1
- name: 03-test rsync
shell: rsync -az /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/{{ passfile }}
- name: 04-set crontab
cron: minute=0 hour=0 name='rsync backup' job='/bin/bash /server/scripts/backup.sh &>/dev/null'
怎样将多个剧本进行合并
[root@m01 ~]# vim /ansible/playbook/site01.yaml
方法一:include
- include: nfs_server.yaml
- include: rsync_server.yaml
方法二:import_playbook
- import_playbook: nfs_server.yaml
- import_playbook: rsync_server.yaml
方法三:这个方法比较麻烦,需要对剧本进行拆分
- hosts: nfs_server
tasks:
- include_tasks: nfs_server.yaml
- hosts: rsync_server
tasks:
- include_tasks: rsync_server.yaml
- hosts: nfs_client
tasks:
- include_tasks: nfs_client.yaml
- hosts: rsync_client
tasks:
- include_tasks: rsync_client.yaml
ansible程序roles --- 让剧本更加规范
剧本编写完后问题
1)目录结构不够规范
2)编写好的任务如何重复调用
3)服务配置文件改动,客户端参数信息也自动变化
4)汇总剧本中没有显示主机角色信息
5) 一个剧本内容信息过多,不易进行阅读,如何进行拆分
roles目录下编写nfs服务剧本
第一个历程:规范目录结构
[root@m01 ~]# mkdir -p /etc/ansible/roles/{rsync,nfs} --- 创建相应的角色目录
[root@m01 ~]# mkdir -p /etc/ansible/roles/{rsync,nfs}/{files,handlers,tasks,templates,vars} --- 创建角色目录下面的子目录
[root@backup ~]# tree /etc/ansible/roles/
/etc/ansible/roles/
├── nfs
│ ├── files --- 保存需要分发文件目录
│ ├── handlers --- 保存触发器配置文件信息
│ ├── tasks --- 保存要执行的动作信息文件
│ ├── templates --- 保存需要分发模板文件,模板文件中可以设置变量信息
│ └── vars --- 保存变量信息文件
└── rsync
├── files
├── handlers
├── tasks
├── templates
└── vars
第二个历程:在roles目录中创建相关文件
[root@m01 ~]# cd /etc/ansible/roles
[root@m01 roles]# mkdir nfs_client
[root@m01 roles]# mkdir {nfs,nfs_server,nfs_client}/{tasks,vars,files,handlers,templates}
nfs公共部分:
1)编写tasks目录中的main.yml
[root@m01 roles]# cd nfs/tasks/
[root@m01 tasks]# vim main.yml
- name: 01-install rpcbind & nfs
yum:
name: [ 'rpcbind', 'nfs-utils' ]
state: installed
nfs_server部分:
1)编写tasks目录中的main.yml
[root@m01 ~]# cd /etc/ansible/roles/nfs_server/tasks
[root@m01 tasks]# vim main.yml
- name: 02-push conf file
copy: src=exports dest=/etc/
notify: restart nfs server #设置触发通知信息,当exports文件里内容有变化时,发通知给handlers
- name: 03-create data dir
file: path={{ Data_dir }} state=directory owner=nfsnobody group=nfsnobody
- name: start rpcbind & nfs service
service: name={{ item }} state=started enabled=yes #循环重启服务
with_items:
- rpcbind
- nfs
2)编写vars目录中的main.yml
[root@m01 tasks]# cd ../vars/
[root@m01 vars]# vim main.yml
Data_dir: /data
3)编写files目录中的文件
[root@m01 vars]# cd ../files/
[root@m01 files]# echo "/data 172.16.1.0/24(rw.sync)" >exports
[root@m01 files]# cat exports
/data 172.16.1.0/24(rw,sync)
[root@m01 files]# vim ../tasks/main.yml
- name: 02-push conf file
copy: src=exports dest=/etc/
4)编写handlers目录中的main.yml
[root@m01 files]# cd ../handlers/
[root@m01 handlers]# vim main.yml
- name: restart nfs server
service: name=nfs state=restarted
nfs_client部分:
1)编写tasks目录中的main.yml
[root@m01 tasks]# cd ../../nfs_client/
[root@m01 nfs_client]# cd tasks/
[root@m01 tasks]# vim main.yml
- name: 02-mount nfs
mount: src=172.16.1.31:{{ Data_dir }} path=/mnt fstype=nfs state=mounted
- name: 03-check mount info
shell: df -h|grep {{ Data_dir }}
register: nfs_dir #对上面的df -h 进行注册,再通过下面的debug显示出命令执行的结果
- name: display nfs-dir
debug: msg={{ nfs_dir.stdout_lines }}
2)编写vars目录中的main.yml
[root@m01 roles]# cd nfs_client/vars/
[root@m01 vars]# vim main.yml
Data_dir: /data
第三个历程:编写一个主剧本文件
[root@m01 nfs]# cd /etc/ansible/roles/
[root@m01 roles]# vim site.yml
- hosts: nfs
roles:
- nfs
- hosts: nfs_server
roles:
- nfs_server
- hosts: nfs_client
roles:
- nfs_client
文件编写好后结构
[root@m01 roles]# tree
.
├── nfs
│ ├── files
│ ├── handlers
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── vars
├── nfs_client
│ ├── files
│ ├── handlers
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── vars
├── nfs_server
│ ├── files
│ │ └── exports
│ ├── handlers
│ │ └── main.yml
│ ├── tasks
│ │ └── main.yml
│ ├── templates
│ └── vars
│ └── main.yml
└── site.yml
剧本加载流程
roles目录下编写rsync全网备份剧本
第一个历程:在roles目录创建相关文件
[root@m01 roles]# mkdir -p {rsync,rsync_server,rsync_client}/{tasks,vars,files,handlers,templates}
[root@m01 roles]# tree rsync*
rsync
├── files
├── handlers
├── tasks
├── templates
└── vars
rsync_client
├── files
├── handlers
├── tasks
├── templates
└── vars
rsync_server
├── files
├── handlers
├── tasks
├── templates
└── vars
第二个历程:编写main.yml
rsync公共部分:
[root@m01 roles]# vim rsync/tasks/main.yml
- name: 01-install rsync
yum: name=rsync state=installed
rsync_server部分:
1)编写tasks目录下的main.yml
[root@m01 roles]# vim rsync_server/tasks/main.yml
- name: 02-push conf file & password file & bash file
template: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: '{{ passfile }}', dest: '/etc/', mode: '600' }
- { src: '{{ scripts }}', dest: '/server/scripts', mode: '755' }
notify: restart rsyncd
# ignore_errors: yes
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
- name: start rsync server
service: name=rsyncd state=started enabled=yes
- name: 06-check server port
shell: netstat -lntup | grep {{ Port_info }}
register: get_server_port
- name: 07-display port info
debug: msg={{ get_server_port.stdout_lines }}
- name: 08-set crontab
cron: minute=1 hour=0 name='rsync backup' job='/bin/bash /server/scripts/backup-server.sh &>/dev/null'
2)编写vars目录下的main.yml
[root@m01 roles]# vim rsync_server/vars/main.yml
backupdir: /backup
Port_info: 873
passfile: rsync.password
scripts: backup-server.sh
3)准备files目录下的相关文件(包括配置文件,密码认证,脚本文件等)
[root@m01 roles]# cp -a /ansible/rsync_server/* rsync_server/files/
[root@m01 roles]# ll rsync_server//files/
total 12
-rwxr-xr-x 1 root root 463 Apr 4 00:22 backup-server.sh
-rw-r--r-- 1 root root 530 Apr 3 23:35 rsyncd.conf
-rw------- 1 root root 23 Apr 4 00:17 rsync.password
4)编写templates目录下的相关文件
[root@m01 roles]# cp -a rsync_server/files/* rsync_server/templates/
[root@m01 roles]# vim rsync_server/templates/rsyncd.conf
uid = rsync
gid = rsync
port = {{ Port_info }}
fake super = yes
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/{{ passfile }}
[backup]
comment = "backup dir by oldboy"
path = {{ backupdir }}
read_only = false
5)编写handlers目录下的main.yml
[root@m01 roles]# vim rsync_server/handlers/main.yml
- name: restart rsyncd
service: name=rsyncd state=restarted
rsync_client部分:
1)编写tasks目录下的main.yml
[root@m01 roles]# cd rsync_client/tasks/
[root@m01 tasks]# vi main.yml
- name: 02-create password file & password file
template: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: '{{ passfile }}', dest: '/etc/', mode: '600' }
- { src: '{{ scripts }}', dest: '/server/scripts/', mode: '755' }
#tags: t1
- name: 03-test rsync
shell: rsync -az /etc/hosts rsync_backup@172.16.1.41::backup --port={{ Port_info }} --password-file=/etc/{{ passfile }}
- name: 04-set crontab
cron: minute=0 hour=0 name='rsync backup' job='/bin/bash /server/scripts/{{ scripts }} &>/dev/null'
2)编写vars目录下的main.yml
[root@m01 tasks]# cd ../vars/
[root@m01 vars]# vim main.yml
passfile: rsync.password
scripts: backup.sh
Port_info: 873
3)将客户端需要的文件准备好放到files目录下
[root@m01 vars]# mv /server/scripts/backup.sh /etc/ansible/roles/rsync_client/files/
[root@m01 vars]# mv /ansible/rsync_client/rsync.password /etc/ansible/roles/rsync_client/files/
4)编写templates目录下文件
[root@m01 templates]# cp ../files/* .
[root@m01 templates]# ll
total 8
-rwxr-xr-x 1 root root 856 Apr 6 02:08 backup.sh
-rw------- 1 root root 10 Apr 6 02:08 rsync.password
[root@m01 templates]# vim backup.sh
#backup to backup-server
rsync -az $Backup_dir/ rsync_backup@172.16.1.41::backup --port={{ Port_info }} --password-file=/etc/{{ passfile }}
[root@m01 roles]# cd rsync_client/tasks/
[root@m01 tasks]# vi main.yml
编写rsync主剧本文件
[root@m01 templates]# cd /etc/ansible/roles/
[root@m01 roles]# vim site_rsync.yml
- hosts: rsync
roles:
- rsync
- hosts: rsync_server
roles:
- rsync_server
- hosts: rsync_client
roles:
- rsync_client
测试:将端口号改为888,看看配置文件和脚本里的端口是否更改,能否正常备份数据
[root@m01 roles]# vim rsync_server/vars/main.yml
[root@m01 roles]# vim rsync_client/vars/main.yml
passfile: rsync.password
scripts: backup.sh
Port_info: 888
tasks目录下的main.yml再拆分与合并,实现拼图式剧本
拆分:
[root@m01 ~]# cd /etc/ansible/roles/rsync_server/tasks/
[root@m01 tasks]# vim template_file.yml
- name: 02-push conf file & password file & bash file
template: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
with_items:
- { src: 'rsyncd.conf', dest: '/etc/', mode: '644' }
- { src: '{{ passfile }}', dest: '/etc/', mode: '600' }
- { src: '{{ scripts }}', dest: '/server/scripts', mode: '755' }
notify: restart rsyncd
[root@m01 tasks]# vim create_user.yml
- name: 03-create user
user: name=rsync create_home=no shell=/sbin/nologin
[root@m01 tasks]# vim create_dir.yml
- name: 04-create rsync dir
file: path={{ backupdir }} state=directory owner=rsync group=rsync
[root@m01 tasks]# vim service.yml
- name: start rsync server
service: name=rsyncd state=started enabled=yes
[root@m01 tasks]# vim check_service.yml
- name: 06-check server port
shell: ps -ef | grep rsync
register: get_server_port
- name: 07-display port info
debug: msg={{ get_server_port.stdout_lines }}
[root@m01 tasks]# vim crontab.yml
- name: 08-set crontab
cron: minute=1 hour=0 name='rsync backup' job='/bin/bash /server/scripts/backup-server.sh &>/dev/null'
合并:
[root@m01 tasks]# vim main.yaml
- include_tasks: template_file.yml
- include_tasks: create_dir.yml
- include_tasks: service.yml
- include_tasks: check_service.yml
- include_tasks: crontab.yml
