Ansible安装、配置和使用
ansible安装
yum install ansible -y
优化ssh运行效率
vim /etc/ssh/sshd_config
GSSAPIAuthentication no
UseDNS no
vi /etc/ansible/ansible.cfg#主配置文件
vim /etc/ansible/hosts#管理目录主机地址配置
[ngx]
192.168.2.121
192.168.2.122
[httpd]
192.168.2.123
192.168.2.124
使用用户和密码管理远程服务器
ansible 192.168.2.121 -m ping -u root -k
实现KEY验证登录
ssh-keygen
ssh-copy-id root@192.168.2.121#将公钥复制到被管理服务器上
ansible all -m copy -a'src=/root/ansible/config dest=/etc/selinux/config backup=true mode=0755'#文件复制
ansible all -m copy -a'content="this my custome content" dest=/root/test1'#创建文件并写入内容
ansible all -m shell -a 'ls /etc|wc -l'#远程执行shell命令
ansible all -m cron -a 'minute=* weekday=1,3,5 job="/usr/bin/walll FBI warning" name=warningcron'#增加定时任务
ansible all -m cron -a 'disable=true job="/usr/bin/walll FBI warning" name=warningcron'#禁用定时任务
ansible all -m cron -a 'job="/usr/bin/walll FBI warning" name=warningcron state=absent'#删除定时任务
ansible httpd -m yum -a 'name=httpd state=present'#安装httpd服务
ansible httpd -m yum -a 'name=httpd state=absent'#删除httpd服务
ansible httpd -m setup|grep host#查询系统相关信息
ansible httpd -m setup -a 'filter=*ipv4*'#获取系统信息
playbook编写和使用
httpd安装配置
vi httpd.yml
--------------------------------------------------------------
--- #安装Apache服务 - hosts: httpd remote_user: root tasks: - name: install httpd service yum: name=httpd tags: inshttpd - name: copy conf file copy: src=files/httpd.conf dest=/etc/httpd/conf/ backup=yes - name: start httpd service service: name=httpd state=started enabled=yes tags: rshttpd notify: restart httpd handlers: - name: restart httpd service: name=httpd state=restarted
--------------------------------------------------------------
ansible-playbook -C httpd.yml#检查语法
ansible-playbook httpd.yml#调用playbook
ansible-playbook httpd.yml --tags 'rshttpd'#调用标签任务
vi appinstall.yml
-------------------------------------------------------------
--- #参数模式安装应用程序 - hosts: httpd remote_user: root vars: - appname: vsftpd tasks: - name: install application yum: name={{ appname }} ignore_errors: yes#出错继续执行 - name: start application service: name={{ appname }} state=started enabled=yes
-------------------------------------------------------------
ansible-playbook -e 'appname=rshttpd' appinstall.yml#调用带参数的playbook
使用模板安装配置nginx
vi /etc/ansible/hosts
-------------------------------------------------------
[ngx]
192.168.2.121 port=88 #指定变量
192.168.2.122 port=88
-------------------------------------------------------
vi /root/ansible/files/nginx.conf.j2
-------------------------------------------------------
worker_processes {{ ansible_processor_vcpus**2 }}; #使用ansible内置变量
server {
listen {{ port }} default_server; #使用变量
listen [::]:{{ port }} default_server;
-------------------------------------------------------
vi /root/ansible/templatetest.yml
-------------------------------------------------------
--- - hosts: ngx remote_user: root tasks: - name: install package yum: name=nginx - name: copy template template: src=files/nginx.conf.j2 dest=/etc/nginx/nginx.conf notify: restart nginx - name: start nginx systemd: name=nginx state=started handlers: - name: restart nginx systemd: name=nginx state=restarted
-------------------------------------------------------
ansible-playbook -C templatetest.yml
ansible-playbook templatetest.yml
用role安装nginx
nginx角色文件目录:
ansible_nginx_role/ roles/ nginx/ files/ testfile.txt handlers/ main.yml tasks/ copyfile.yml group.yml main.yml start.yml temp.yml user.yml yum.yml templates/ nginx.conf7.j2 vars/ main.yml nginx_role.yml
完整脚本详见:https://github.com/huyonghong/ansible_nginx_role
ansible-playbook -C nginx_role.yml#测试脚本正确性
ansible-playbook nginx_role.yml#正式执行脚本
