Linux架构31 ansible roles角色, ansible galaxy, 公有云中的批量管理
1.Ansible Roles基本概述
Ansible注意事项: 在编写roles的时候,最好能将一个task拆分为一个文件,方便后续复用。(彻底的打散)
roles官方目录结构,必须按如下定义。在每个目录中必须有main.yml文件,这些属于强制要求。
[root@m01 ~]# cd /etc/ansible/roles [root@m01 roles]# [root@m01 roles]# tree . |—— nfs | |—— files #存放文件,copy调用 | |—— handers #触发文件 | |—— tasks #具体任务 | |—— templates #模板文件,template调用 | |—— vars #定义变量 | |—— meta #依赖关系
在 playbook 中调用 role
#直接调用 - hosts: websrvs remote_user: root roles: - mysql - memcached - nginx #传参 - hosts: websrvs remote_user: root roles: - role: mysql var1: 123 - {role: memecached, var1: 456} #条件判断 - hosts: websrvs remote_user: root roles: - role: mysql var1: 123 when: ansible_distribution_major_version == '7' - {role: mysql, var1: 456, when: ansible_distribution_major_version == '7'}
3.Ansible Roles案例实战
Roles小技巧:
1.创建roles目录结构,手动或使用ansible-galaxy init 角色名称
2.编写roles的功能,也就是tasks。
3.最后playbook引用roles编写好的tasks。
#1.先创建一个项目目录 [root@m01 ~]# mkdir project2 [root@m01 ~]# cd project2/ #初始化一个test的role # [root@m01 project2]# ansible-galaxy init test #初始化比较乱,不推荐这种方法。直接自己创 # [root@m01 project2]# rm -rf test #手动初始化一个memcached的role,文件夹名就是role名 [root@m01 project2]# mkdir memcached/{tasks,handlers,templates,vars,files} -pv mkdir: created directory ‘memcached’ mkdir: created directory ‘memcached/tasks’ mkdir: created directory ‘memcached/handlers’ mkdir: created directory ‘memcached/templates’ mkdir: created directory ‘memcached/vars’ mkdir: created directory ‘memcached/files’ #2.编写roles的功能 [root@m01 project2]# vim memcached/tasks/main.yml - name: Install Memcached Server yum: name: memcached state: present - name: Configure Memcached Server template: src: memcached.j2 # 自动在templates中找该文件 dest: /etc/sysconfig/memcached notify: Restart Memcached Server #handlers不能写在这个yml下 - name: Started Memcached Server service: name: memcached state: started enabled: yes [root@m01 project2]# vim /root/project2/memcached/templates/memcached.j2 PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="{{ ansible_memtotal_mb // 2 }}" OPTIONS="" [root@m01 project2]# vim memcached/handlers/main.yml - name: Restart Memcached Server service: name: memcached state: restarted #3.编写playbook引用roles编写好的tasks [root@m01 project2]# vim site.yml #这个名字随意 - hosts: web01 roles: - memcached #这个就是role的名字 #4.执行 [root@m01 project2]# ansible-playbook site.yml #也可以把hosts文件放在该目录下,指定hosts执行 [root@m01 project2]# ansible-playbook -i hosts site.yml ------------------------------------------------ ###第二种写法,打散 [root@m01 tasks]# vim install.yml - name: Install Memcached Server yum: name: memcached state: present [root@m01 tasks]# vim config.yml - name: Configure Memcached Server template: src: memcached.j2 # 自动在templates中找该文件 dest: /etc/sysconfig/memcached notify: Restart Memcached Server #handlers不能写在这个yml下 [root@m01 tasks]# vim start.yml - name: Started Memcached Server service: name: memcached state: started enabled: yes [root@m01 tasks]# vim main.yml - include_tasks: install.yml - include_tasks: config.yml - include_tasks: start.yml [root@m01 project2]# tree memcached/ memcached/ ├── files ├── handlers │ └── main.yml ├── tasks │ ├── config.yml │ ├── install.yml │ ├── main.yml │ └── start.yml ├── templates │ └── memcached.j2 └── vars ###执行 [root@m01 project2]# ansible-playbook site.yml ------------------------------------------------------ #1.再创建nginx和php的role [root@m01 project2]# mkdir {nginx,php-fpm}/{tasks,handlers,templates} -pv #2.写功能 [root@m01 project2]# vim nginx/tasks/main.yml - name: Installed Nginx Server yum: name=nginx state=present - name: Configure Nginx Server template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf notify: Restart Nginx Server - name: Started Nginx Server service: name=nginx state=started enabled=yes [root@m01 project2]# vim nginx/handlers/main.yml - name: Restart Nginx Server service: name=nginx state=restarted [root@m01 project2]# vim nginx/templates/nginx.conf.j2 ... #3.编写playbook引用roles编写好的tasks [root@m01 project2]# vim site.yml #这个名字随意 - hosts: web01 roles: - memcached - nginx #对应role的名字 #可以通过设定tag,来指定执行哪个role [root@m01 project2]# vim site.yml - hosts: web01 roles: - role: memcached tages: memcached - role: nginx tags: nginx [root@m01 project2]# ansible-playbook site.yml -t nginx #只跑nginx的role #4.写php的task [root@m01 project2]# vim php-fpm/tasks/main.yml - name: Installed PHP-FPM Server yum: name={{ packages }} state=present vars: packages: #下面只写部分,实际使用还需要其他的 - php - php-cli - php-fpm - php-pdo - php-gd - php-mbstring - name: Configure PHP-FPM Server template: src={{ item.src }} dest={{ item.dest }} with_items: - { src: 'php.ini.j2' ,dest: '/etc/php.ini' } - { src: 'php_www.conf.j2' ,dest: '/etc/php-fpm.d/www.conf' } notify: Restart PHP-FPM Server - name: Started PHP-FPM Server service: name=php-fpm state=started enabled=yes [root@m01 project2]# vim php-fpm/handlers/main.yml - name: Restart PHP-FPM Server service: name=php-fpm state=restarted #5.编写playbook引用 [root@m01 project2]# vim site.yml #这个名字随意 - hosts: web01 roles: - role: memcached - role: nginx - role: php-fpm
Galaxy 官网:https://galaxy.ansible.com
搜需要的role
点击复制,执行命令进行下载role
# galaxy下载到默认路径: /root/.ansible/roles [root@m01 project2]# ansible-galaxy install geerlingguy.nginx #写一个site.yml调用执行 - hosts: web01 roles: - role: nginx
ansible-galaxy命令说明
#相关配置项 [root@ubuntu ~]# cat /etc/ansible/ansible.cfg | grep galaxy [galaxy] ...... 命令用法 ansible-galaxy [-h] [--version] [-v] TYPE ... #常用选项 --version #显示版本信息 -h|--help #查看帮助 -v|--verbose #显示详细信息 #TYPE,不写时默认 type 为 roel collection #合集 role #角色 #常用子命令 init #初始化 list #列出所有己安装的role或collection, #此处的己安装,表示将相关文本下载到本地了,role 还要再调用 ansible-playbook search #在服务器上搜索 info #显示 role install #安装,即下载到本机,后面要再使用 ansible-playbook 进行安装 remove #移除,即删除本地相关文件 #列出所有本地 role [root@ubuntu ~]# ansible-galaxy list # /etc/ansible/roles [WARNING]: - the configured path /root/.ansible/roles does not exist. [WARNING]: - the configured path /usr/share/ansible/roles does not exist. #安装 redis [root@ubuntu ~]# ansible-galaxy install davidwittman.redis #再次查看 [root@ubuntu ~]# ansible-galaxy list # /root/.ansible/roles - davidwittman.redis, 1.2.9 # /etc/ansible/roles [WARNING]: - the configured path /usr/share/ansible/roles does not exist. [root@ubuntu ~]# ls .ansible/roles/ davidwittman.redis #移除 [root@ubuntu ~]# ansible-galaxy remove davidwittman.redis - successfully removed davidwittman.redis
公有云中的批量管理
公有云中有也有以 Web 界面提供的批量管理主机的功能。
以阿里云为例,在 ECS 实例列表菜单页面,可以点击 “批量管理” 导航进入该功能。
点击实例,左下角运维与监控里有个云助手,点击执行命令,也可以传送文件
