ansible剧本
ansible剧本
简单剧本
--- - name: 这是一个安装nginx的剧本 hosts: web tasks: - name: 01 安装nginx yum: name: nginx state: installed - name: 02 启动nginx systemd: name: nginx state: started剧本的高级特性
高级特性是为了简化剧本
比如,创建10个系统的用户
不用循环 ansible test -m user -a "name=cc01" ansible test -m user -a "name=cc02" ansible test -m user -a "name=cc03" ansible test -m user -a "name=cc04" ... loop循环特性 --- - name: create user hosts: test tasks: - name: create user user: name: "{{ item }}" state: present loop: - test1 - test2 - test3 - test4 - test5 - name: set passwd shell: echo "yuchao666" |passwd --stdin "{{ item }}" loop: - test1 - test2 - test3 - test4 - test5 loop循环这上面这个场景也会多次定义用户列表,可以通过vars关键字定义循环变量 --- - name: craete user hosts: test vars: users_list: - test1 - test2 - test3 - test4 - test5 tasks: - name: create user user: name: "{{item}}" state: present loop: "{{users_list}}" - name: set passwd shell: echo "yuchao666" | passwd --stdin "{{item}}" loop: "{{users_list}}"循环优化写法(利用loop循环的知识点,简化一些操作)
前提条件是,原本的动作是重复的,不是重复,就没办法 循环创建用户,且设置用户uid --- - name: craete user hosts: test vars: users_info: - {user: 't1',uid: '2000'} - {user: 't2',uid: '2001'} - {user: 't3',uid: '2002'} - {user: 't4',uid: '2003'} - {user: 't5',uid: '2004'} tasks: - name: create user and uid user: name: "{{item.user}}" uid: "{{item.uid}}" loop: "{{users_info}}"vars自定义变量
--- - name: copy file hosts: test vars: data_path: /data dest_path: /etc config_path: /ect/rsync.passwd tasks: - name: 01 mkdir data dir file: path: "{{data_path}}" state: directory - name: 02 copy config file copy: src: "{{config_path}}" dest: "{{dest_path}}"ansible默认提供了一个模块,setup模块, master-61在通过ssh远程连接,操作目标机器的时候,ansible会默认收集这个机器的所有信息,放入到一个setup模块中,这个机器的 主机名,ip地址,mac地址,磁盘数量,是否是虚拟化,cpu核数所有的这些静态数据 ansible test -m setup 这个模块会默认采集目标机器的所有静态信息 1. ansible提供了大量的内置变量,去获取机器的属性,(setup模块去采集客户端机器的属性,然后放入到了json数据中,存储为键值对形式,ansible默认输出的结果不是json格式) --- - hosts: test tasks: - name: 01 get ip address debug: msg="该web组机器,ip是 {{ ansible_all_ipv4_addresses }}" - name: 02 get hostname debug: msg="该机器的主机名是 {{ ansible_hostname }}" - name: 03 单ip debug: msg="{{ansible_default_ipv4.address}}" - name: 04 eth0的ip地址 debug: msg="eth0的ip地址是 {{ansible_facts.eth0.ipv4.address}}" - name: 05 eth1的ip地址 debug: msg="eth1的ip地址是 {{ansible_facts.eth1.ipv4.address}}"register注册变量
ansible的模块在运行之后,其实都会返回一些"返回值",只是默认情况下,这些"返回值"并不会显示而已。我们可以把这些返回值写入到某个变量中,这样我们就能够通过引用对应的变量从而获取到这些返回值了,这种将模块的返回值写入到变量中的方法被称为"注册变量"注册一个变量 --- - name: register_get_ip hosts: test tasks - name: echo ip address shell: "echo {{ansible_default_ipv4.address}} >> /tmp/ip.log" - name: cat ip.log shell: "cat /tmp/ip.log" register: ip_log - name: debug ip_log debug: msg: "{{ip_log.stdout_lines}}"注册多个变量 --- - name: register_getinfo.yaml hosts: test tasks: - name: 01 get ip shell: "echo {{ansible_default_ipv4.address}} > /tmp/ip.log" - name: 02 get hostname shell: "echo {{ansible_hostname}} > /tmp/hostname.log" - name: 03 echo ip shell: "cat /tmp/ip.log" register: ip_log - name: 04 echo hostname shell: "cat /tmp/hostname.log" register: hostname_log - debug: msg: "{{item}}" loop: - "{{ip_log.stdout_lines}}" - "{{hostname_log.stdout_lines}}" 也可以写成 --- - name: register_getinfo.yaml hosts: test tasks: - name: 01 get ip shell: "echo {{ansible_default_ipv4.address}} > /tmp/ip.log;cat /tmp/ip.log" register: ip_log - name: 02 get hostname shell: "echo {{ansible_hostname}} > /tmp/hostname.log;cat /tmp/hostname.log" register: hostname_log - debug: msg: "{{item}}" loop: - "{{ip_log.stdout_lines}}" - "{{hostname_log.stdout_lines}}"想知道关于注册变量的返回值,可以用哪些方法,看这个官网即可 https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.htmlregister+when 示例1: 判断当配置文件变化后,就重启服务 我们重启配置服务的标准是,修改了配置文件,否则无须重启 --- - name: when_register hosts: test tasks: - name: 01 copy rsync.conf copy: src: /script/rsync.conf dest: /etc register: conf_status - name: 02 restart rsync systemd: name: rsyncd state: restarted when: conf_status.changed 示例2: 当nfs配置文件存在,就显示其内容,不存在则提示不存在 --- - name: when_register_nfs hosts: test vars: nfs_file: /etc/exports tasks: - name: 01 check nfs_config shell: "cat {{nfs_file}}" register: nfs_result ignore_errors: ture - name: 02 debug nfs_config debug: msg: "{{ansible_hostname}} has {{nfs_file}},file content is {{nfs_result.stdout_lines}}" when: nfs_result is success - name: 03 debug nfs not exists debug: msg="{{nfs_file}} is not exists." when: nfs_result is failedhandle + notify
1. handler关键字必须写在剧本结尾 2. handler是定义事件列表,可以定义多个要执行的事件,给每一个事件起好名字 如何调用这个事件,通过notify关键字。notify是写在tasks任务列表里的,(当某一个任务的确执行了,发生了change更改状态,就会触发notify的执行,执行notify指定的名称的handler事件) --- - name: handler_notify_rsync hosts: test tasks: - name: 01 copy rsyncd.conf copy: src: /tmp/rsyncd.conf dest: /etc/ notify: - restart rsyncd handlers: - name: restart rsyncd systemd: name: rsyncd state: restartedtags 标签
--- - name: 安装nfs服务器 hosts: test tasks: - name: 安装nfs yum: name: nfs-utils state: installed tags: 01_install_nfs_service - name: 安装rpcbind yum: name: rpcbind state: installed tags: 02_install_rpcbind_service - name: 创建用户组 group: name: www gid: 666 tags: 03_add_group - name: 创建用户 user: name: www uid: 666 group: www create_home: no shell: /sbin/nologin tags: 04_add_user - name: 创建共享目录 file: path: /nfs-data state: directory owner: www group: www tags: 05_create_data_dir - name: 拷贝配置文件 copy: src: /tmp/exports dest: /etc/exports tags: 06_copy_nfs_exports - name: 创建关于rsync密码文件 copy: content: "yuchao666" dest: /etc/rsync.passwd mode: 600 tags: 07_create_rsync_passwd - name: 启动rpcbind systemd: name: rpcbind state: started enabled: yes tags: 08_start_rpcbind - name: 启动nfs systemd: name: nfs state: started enabled: yes tags: 09_start_nfs 查看tags命令 ansible-playbook --help |grep tags [--skip-tags SKIP_TAGS] [-C] [--syntax-check] [-D] [--list-tags] [--step] [--start-at-task START_AT_TASK] --list-tags list all available tags --skip-tags SKIP_TAGS only run plays and tasks whose tags do not match these -t TAGS, --tags TAGS only run plays and tasks tagged with these values #列出全部tags ansible-playbook --list-tags install_nfs.yaml playbook: install_nfs.yaml play #1 (test): 安装nfs服务器 TAGS: [] TASK TAGS: [01_install_nfs_service, 02_install_rpcbind_service, 03_add_group, 04_add_user, 05_create_data_dir, 06_copy_nfs_exports, 07_create_rsync_passwd, 08_start_rpcbind, 09_start_nfs] # 跳过某些tags ansible-playbook --skip-tags 03_add_group,04_add_user install_nfs.yaml # 只执行某些tags ansible-playbook -t 03_add_group,04_add_user install_nfs.yaml选择tasks执行
1.列出当前剧本有多少个任务(查看任务列表) --list-tasks list all tasks that would be executed 查看有多少个任务需要执行,以及该任务是否有tag标签 # ansible-playbook --list-tasks install_nfs.yaml playbook: install_nfs.yaml play #1 (test): 安装nfs服务器 TAGS: [] tasks: 安装nfs TAGS: [01_install_nfs_service] 安装rpcbind TAGS: [02_install_rpcbind_service] 创建用户组 TAGS: [03_add_group] 创建用户 TAGS: [04_add_user] 创建共享目录 TAGS: [05_create_data_dir] 拷贝配置文件 TAGS: [06_copy_nfs_exports] 创建关于rsync密码文件 TAGS: [07_create_rsync_passwd] 启动rpcbind TAGS: [08_start_rpcbind] 启动nfs TAGS: [09_start_nfs] 2.指定从哪个tasks开始运行 --start-at-task START_AT_TASK ansible-playbook --start-at-task "创建关于rsync密码文件" install_nfs.yaml
