Ansible 角色roles (整合多个剧本)
剧本编写完问题: 1. 目录结构不够规范 2. 编写好的任务如何重复调用 3. 服务端配置文件改动,客户端参数信息也自动变化 4. 汇总剧本中没有显示主机角色信息 5. 一个剧本内容信息过多,不容易进行阅读,如何进行拆分
ansible程序roles --- 规范 :很好的解决上面的问题
第一个历程: 规范目录结构
cd /etc/ansible/roles mkdir {nfs-server,nfs-client} --- 创建相应角色目录 mkdir {nfs-server,nfs-client}/{vars,tasks,templates,handlers,files} --- 创建角色目录下面的子目录 [root@m01 roles]# tree . ├── nfs-server │ ├── files --- 保存需要分发文件目录 │ ├── handlers --- 保存触发器配置文件信息 │ ├── tasks --- 保存要执行的动作信息文件 ok │ ├── templates --- 保存需要分发模板文件 模板文件中可以设置变量信息 │ └── vars --- 保存变量信息文件 └── nfs-client ├── files ├── handlers ├── tasks ├── templates └── vars
第二个历程: 在roles目录中创建相关文件
编写文件流程图:
1) 编写tasks目录中的main.yml文件
改造前:多个任务写在一个文件中
[root@ansible-server ~]# vim /etc/ansible/roles/nfs-server/tasks/main.yaml
- name: 01-copy conf file copy: src=exports dest=/etc #export 会自动到files目录找 notify: restart nfs server - name: 02-create data dir file: path={{ Data_dir }} state=directory owner=nfsnobody group=nfsnobody - name: 03-boot server service: name={{ item }} state=started enabled=yes with_items: - rpcbind - nfs
改造后:
cd /etc/ansible/roles/nfs-server/tasks vim copy_info.yml - name: 01-copy conf file copy: src=exports dest=/etc notify: restart nfs server vim create_dir.yml - name: 02-create data dir file: path={{ Data_dir }} state=directory owner=nfsnobody group=nfsnobody vim boot_server.yml - name: 03-boot server service: name={{ item }} state=started enabled=yes with_items: - rpcbind - nfs vim main.yml - include_tasks: copy_info.yml - include_tasks: create_dir.yml - include_tasks: boot_server.yml
2) 编写vars目录中的main.yml文件
[root@ansible-server ~]# vim /etc/ansible/roles/nfs-server/vars/main.yaml
Data_dir: /data
3) 编写files目录中的文件
[root@ansible-server ~]# echo '/data 192.168.1.0/24(rw,sync)' > /etc/ansible/roles/nfs-server/files/exports
4) 编写handlers目录中的main.yml文件
[root@lansible-server ~]# vim /etc/ansible/roles/nfs-server/handlers/main.yaml
- name: restart nfs server
service: name=nfs state=restarted
目录中文件编写好汇总结构
[root@ansible-server nfs-server]# tree
.
├── files
│ └── exports
├── handlers
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
└── vars
└── main.yml
第三个历程: 编写一个主剧本文件
[root@ansible-server ~]# vim /etc/ansible/roles/site.yaml
- hosts: nfs_server
roles:
- nfs-server
cat /etc/ansible/hosts [nfs:children] nfs_server nfs_client [nfs_server] 10.192.27.115 [nfs_client] 10.192.27.116
语法检查
cd /etc/ansible/roles
[root@ansible-server roles]# ansible-playbook --syntax-check site.yaml playbook: site.yaml
模拟执行
[root@ansible-server roles]# ansible-playbook -C site.yaml PLAY [nfs_server] *********************************************************** TASK [Gathering Facts] ****************************************************** ok: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************* included: /etc/ansible/roles/nfs-server/tasks/copy_info.yml for 10.192.27.115 TASK [nfs-server : 01-copy conf file] *************************************** changed: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************* included: /etc/ansible/roles/nfs-server/tasks/create_dir.yml for 10.192.27.115 TASK [nfs-server : 02-create data dir] ************************************** changed: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************* included: /etc/ansible/roles/nfs-server/tasks/boot_server.yml for 10.192.27.115 TASK [nfs-server : 03-boot server] ****************************************** ok: [10.192.27.115] => (item=rpcbind) changed: [10.192.27.115] => (item=nfs) RUNNING HANDLER [nfs-server : restart nfs server] *************************** changed: [10.192.27.115] PLAY RECAP ****************************************************************** 10.192.27.115 : ok=8 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [root@ansible-server roles]#
正式执行
[root@ansible-server roles]# ansible-playbook site.yaml PLAY [nfs_server] *********************************************************** TASK [Gathering Facts] ****************************************************** ok: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************* included: /etc/ansible/roles/nfs-server/tasks/copy_info.yml for 10.192.27.115 TASK [nfs-server : 01-copy conf file] *************************************** changed: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************* included: /etc/ansible/roles/nfs-server/tasks/create_dir.yml for 10.192.27.115 TASK [nfs-server : 02-create data dir] *************************************** changed: [10.192.27.115] TASK [nfs-server : include_tasks] ******************************************** included: /etc/ansible/roles/nfs-server/tasks/boot_server.yml for 10.192.27.115 TASK [nfs-server : 03-boot server] ******************************************* ok: [10.192.27.115] => (item=rpcbind) changed: [10.192.27.115] => (item=nfs) RUNNING HANDLER [nfs-server : restart nfs server] ***************************** changed: [10.192.27.115] PLAY RECAP ********************************************************************* 10.192.27.115 : ok=8 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [root@ansible-server roles]#
- hosts: nfs_client #vars: # Data_dir: /data tasks: - name: 01-mount mount: src=172.16.1.31:{{ Data_dir }} path=/mnt fstype=nfs state=mounted - name: 02-check mount info shell: df -h|grep /data register: mount_info - name: display mount info debug: msg={{ mount_info.stdout_lines }} [root@ansible-server ~]# cd /etc/ansible/roles/nfs-client/tasks/ [root@ansible-server tasks]# vim client_mount.yml [root@ansible-server tasks]# cat client_mount.yml - name: 01-mount mount: src=10.192.27.115:{{ Data_dir }} path=/mnt fstype=nfs state=mounted [root@ansible-server tasks]# vim check_mount.yml [root@ansible-server tasks]# cat check_mount.yml - name: 02-check mount info shell: df -h|grep /data register: mount_info [root@ansible-server tasks]# vim display_mount.yml [root@ansible-server tasks]# cat display_mount.yml - name: display mount info debug: msg={{ mount_info.stdout_lines }} [root@ansible-server tasks]# [root@ansible-server tasks]# cat main.yml - include_tasks: client_mount.yml - include_tasks: check_mount.yml - include_tasks: display_mount.yml [root@ansible-server tasks]# cd ../vars/ [root@ansible-server vars]# vim main.yml [root@ansible-server vars]# cat main.yml Data_dir: /data [root@ansible-server vars]# [root@ansible-server vars]# vim /etc/ansible/roles/site.yaml [root@ansible-server vars]# cat /etc/ansible/roles/site.yaml - hosts: nfs_server roles: - nfs-server - hosts: nfs_client roles: - nfs-client [root@ansible-server vars]# [root@ansible-server roles]# ansible-playbook --syntax-check site.yaml playbook: site.yaml [root@ansible-server roles]# ansible-playbook -C site.yaml PLAY [nfs_client] ************************************************************ TASK [Gathering Facts] ******************************************************* ok: [10.192.27.116] TASK [nfs-client : include_tasks] ******************************************** included: /etc/ansible/roles/nfs-client/tasks/client_mount.yml for 10.192.27.116 TASK [nfs-client : 01-mount] ************************************************* changed: [10.192.27.116] TASK [nfs-client : include_tasks] ******************************************** included: /etc/ansible/roles/nfs-client/tasks/check_mount.yml for 10.192.27.116 TASK [nfs-client : 02-check mount info] ************************************** skipping: [10.192.27.116] TASK [nfs-client : include_tasks] ******************************************** included: /etc/ansible/roles/nfs-client/tasks/display_mount.yml for 10.192.27.116 TASK [nfs-client : display mount info] *************************************** fatal: [10.192.27.116]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout_lines'\n\n The error appears to be in '/etc/ansible/roles/nfs-client/tasks/display_mount.yml': line 1, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem. \n\nThe offending line appears to be:\n\n\n- name: display mount info\n ^ here\n"} PLAY RECAP ******************************************************************* 10.192.27.116 : ok=5 changed=1 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0 [root@ansible-server roles]# [root@ansible-server roles]# ansible-playbook site.yaml PLAY [nfs_client] ************************************************************* TASK [Gathering Facts] ******************************************************** ok: [10.192.27.116] TASK [nfs-client : include_tasks] ********************************************** included: /etc/ansible/roles/nfs-client/tasks/client_mount.yml for 10.192.27.116 TASK [nfs-client : 01-mount] *************************************************** changed: [10.192.27.116] TASK [nfs-client : include_tasks] ********************************************** included: /etc/ansible/roles/nfs-client/tasks/check_mount.yml for 10.192.27.116 TASK [nfs-client : 02-check mount info] **************************************** changed: [10.192.27.116] TASK [nfs-client : include_tasks] *********************************************** included: /etc/ansible/roles/nfs-client/tasks/display_mount.yml for 10.192.27.116 TASK [nfs-client : display mount info] ****************************************** ok: [10.192.27.116] => { "msg": [ "10.192.27.115:/data 50G 16G 35G 32% /mnt" ] } PLAY RECAP ********************************************************************** 10.192.27.116 : ok=7 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [root@ansible-server roles]#
####################################################################
让 执行速度 加快 可以设置不收集主机信息
项目
01. 一键化部署全网备份项目(使用template模板)
[root@ansible-server ~]# cd /etc/ansible/roles [root@ansible-server roles]# mkdir rsync-server [root@ansible-server roles]# mkdir rsync-client [root@ansible-server roles]# ls nfs-client nfs-server rsync-client rsync-server site.yaml. [root@ansible-server roles]# mkdir {rsync-server,rsync-client}/{vars,tasks,templates,handlers,files} [root@ansible-server roles]# ##################### server ############################ [root@ansible-server roles]# cd rsync-server/tasks/ [root@ansible-server tasks]# vim main.yml #编辑任务 main.yml文件 - name: 01-install rsync yum: name=rsync state=installed - name: 01-install rsync yum: name=rsync state=installed - name: 02-push conf file #copy: src=rsyncd.conf dest=/etc template: src=rsyncd.conf dest=/etc notify: restart rsync server - name: 03-create user user: name=rsync create_home=no shell=/sbin/nologin #shell: useradd rsync -M -s /sbin/nologin - name: 04-create backup dir file: path={{ Data_dir }} state=directory owner=rsync group=rsync - name: 05-create password file copy: content=rsync_backup:test1234 dest=/etc/rsync.password mode=600 - name: 06-start rsync server service: name=rsyncd state=started enabled=yes [root@ansible-server tasks]# cd ../templates/ [root@ansible-server templates]# vim rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: uid = rsync gid = rsync port = {{ Port_info }} fake super = yes use chroot = no max connections = 200 timeout = 300 pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock log file = /var/log/rsyncd.log ignore errors read only = false list = false auth_users = rsync_backup secrets file = /etc/rsync.password exclude = lost+found/ dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 [backup] path = /backup comment = backup dir [root@ansible-server templates]# cd .. [root@ansible-server rsync-server]# ls files handlers tasks templates vars [root@ansible-server rsync-server]# cd vars/ [root@ansible-server vars]# vim main.yml Data_dir: /backup Port_info: 875 [root@ansible-server rsync-server]# cd handlers/ [root@ansible-server handlers]# vim main.yml - name: restart rsync server service: name=rsyncd state=restarted [root@ansible-server handlers]# cd .. [root@ansible-server rsync-server]# ls files handlers tasks templates vars ##################### client ############################ [root@ansible-server roles]# cd rsync-client/ [root@ansible-server rsync-client]# ls files handlers tasks templates vars [root@ansible-server rsync-client]# cat tasks/main.yml - name: 01-install rsync yum: name=rsync state=installed - name: 02-create password file copy: content=test1234 dest=/etc/rsync.password mode=600 - name: 03-create test file file: dest=/tmp/test.txt state=touch - name: 04-check test shell: rsync --port=875 -avz /tmp/test.txt rsync_backup@10.192.27.115::backup --password-file=/etc/rsync.password [root@ansible-server rsync-client]# ###################################################### [root@ansible-server roles]# vim /etc/ansible/hosts [rsync:children] rsync_server rsync_client [rsync_server] 10.192.27.115 [rsync_client] 10.192.27.116 [root@ansible-server roles]# tree -L 3 . ├── rsync-client │ ├── files │ ├── handlers │ ├── tasks │ │ └── main.yml │ ├── templates │ └── vars ├── rsync-server │ ├── files │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ └── rsyncd.conf │ └── vars │ └── main.yml ├── site.yaml [root@ansible-server roles]# ansible-playbook --syntax-check site.yaml playbook: site.yaml [root@ansible-server roles]# ls [root@ansible-server roles]# ansible-playbook -C site.yaml PLAY [rsync_server] ******************************************************* TASK [Gathering Facts] **************************************************** ok: [10.192.27.115] TASK [rsync-server : 01-install rsync] ************************************ ok: [10.192.27.115] TASK [rsync-server : 01-install rsync] ************************************ ok: [10.192.27.115] TASK [rsync-server : 02-push conf file] *********************************** changed: [10.192.27.115] TASK [rsync-server : 03-create user] ************************************** ok: [10.192.27.115] TASK [rsync-server : 04-create backup dir] ******************************** changed: [10.192.27.115] TASK [rsync-server : 05-create password file] ***************************** changed: [10.192.27.115] TASK [rsync-server : 06-start rsync server] ******************************* changed: [10.192.27.115] RUNNING HANDLER [rsync-server : restart rsync server] ********************* changed: [10.192.27.115] PLAY [rsync_client] ******************************************************* TASK [Gathering Facts] **************************************************** ok: [10.192.27.116] TASK [rsync-client : 01-install rsync] ************************************ changed: [10.192.27.116] TASK [rsync-client : 02-create password file] ***************************** changed: [10.192.27.116] TASK [rsync-client : 03-create test file] ********************************* ok: [10.192.27.116] TASK [rsync-client : 04-check test] *************************************** skipping: [10.192.27.116] PLAY RECAP **************************************************************** 10.192.27.115 : ok=9 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 10.192.27.116 : ok=4 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 [root@ansible-server roles]# [root@ansible-server roles]# ansible-playbook site.yaml PLAY [rsync_server] ****************************************************** TASK [Gathering Facts] *************************************************** ok: [10.192.27.115] TASK [rsync-server : 01-install rsync] *********************************** ok: [10.192.27.115] TASK [rsync-server : 01-install rsync] *********************************** ok: [10.192.27.115] TASK [rsync-server : 02-push conf file] ********************************** changed: [10.192.27.115] TASK [rsync-server : 03-create user] ************************************* ok: [10.192.27.115] TASK [rsync-server : 04-create backup dir] ******************************* ok: [10.192.27.115] TASK [rsync-server : 05-create password file] **************************** ok: [10.192.27.115] TASK [rsync-server : 06-start rsync server] ****************************** ok: [10.192.27.115] RUNNING HANDLER [rsync-server : restart rsync server] ******************** changed: [10.192.27.115] PLAY [rsync_client] ****************************************************** TASK [Gathering Facts] *************************************************** ok: [10.192.27.116] TASK [rsync-client : 01-install rsync] *********************************** ok: [10.192.27.116] TASK [rsync-client : 02-create password file] **************************** ok: [10.192.27.116] TASK [rsync-client : 03-create test file] ******************************** changed: [10.192.27.116] TASK [rsync-client : 04-check test] ************************************** changed: [10.192.27.116] PLAY RECAP *************************************************************** 10.192.27.115 : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 10.192.27.116 : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [root@ansible-server roles]#
02. 一键化部署实时同步服务
