【原创】ansible-playbook 详解

  • YAML的语法和其他高阶语言类似并且可以简单表达清单、散列表、标量等数据结构。(列表用横杆表示,键值对用冒号分割,键值对里又可以嵌套另外的键值对)
  • YAML文件扩展名通常为.yaml或者.yml。下面为示例
  • 一定要对齐,只能使用空格
name: tom
age: 21
gender: male
spourse:
    name: lily
    gender: female
children:
    - name: susan
      age: 2
      gender: feamle
    - name: sunny
      age: 10
      gender: male

  

2、核心组件

  • tasks:任务
  • variables:变量
  • templates:模板
  • handlers:处理器
  • roles:角色

3、playbook简单示例

3.1示例1

vim /root/first.yml

- hosts: all
  remote_user: root
  vars: httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: install php
    yum: name=php state=present
  - name: start httpd
    service: name=httpd state=started enabled=true

  

hosts 定义单个主机或组,vars定义变量,remote_user定义执行命令的远程用户,tasks定义执行哪些命令,handlers定义调用哪些处理器
vars(变量):


变量命名: 字母数字下划线组成,只能以字母开头


变量种类:


facts(内置变量)
由远程主机发回的主机属性信息,这些信息被保存在ansible变量当中
例如:ansible 192.168.238.170 -m setup  来获取远程主机上的属性信息,这些属性信息保存在facts中


通过命令行传递
通过命令行传递:ansible-playbook test.yml --extra-vars “host=www user=tom“(如果剧本中已有此处定义的变量则会被覆盖)


通过roles传递


主机变量
在/etc/ansible/hosts中定义
[web1]
192.168.1.1 name=haha


组变量
[group_name:vars]
foo=bar




hosts :
/etc/abible/hosts 中指定的远程主机,并用指定的属性进行连接
ansible_ssh_port 连接远程主机使用的端口

ansible_ssh_user 连接远程主机使用的用户

ansible_ssh_pass 连接远程主机使用的密码
cat /etc/ansible/hosts

[web1]
web1.hostname ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=123
web2.hostname

  

3.2示例2

vim /root/second.yml

- hosts: web1
  remote_user: root
  vars:
    username: bob
    password: 123
    
  tasks:
  - name: add user
    user: name={{ username }} state=present
    when: ansible_os_family == "Debian"
  - name: set password
    shell: echo {{ password }} |passwd --stdin {{ username }}
  - name: install httpd php
    yum: name={{ item }} state=present
    with_items:
      - httpd
      - php
  - name: add two users
    user: name={{ item }} state=present groups={{ item.groups }}
    with_items:
    - { name: 'user1', groups: 'group1'}
    - { name: 'user2', groups: 'group2'}
      

  

  • 在playbook中调用变量的方式为{{ variable }}
  • when语句用来条件测试
  • ansible_os_family 是facts中内置的属性信息 ansible_os_family的信息可以使用ansible all -m setup | grep ansible_os_family 查看
  • 在task中调用内置的item变量;在某task后面使用with_items语句来定义元素列表

3.3示例三

vim /root/third.yml

- hosts: web1
  remote_user: root
  vars: 
    httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: install php
    yum: name=php state=present
  - name: copy config file
    copy: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify: restart httpd
  - name: start httpd
    service: name=httpd state=started enabled=true
    
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

  

上面的意思是copy中复制过去的文件跟远程主机上的文件不同,就通过notify调用handlers,即重启httpd服务。

handler是重启服务是最通用的用法

3.4示例四

vim /etc/ansible/hosts
[web1]
192.168.1.1 http_port=80
vim /root/httpd.conf
……
Listen {{ http_port }}
……

  

vim /root/fourth.yml

- hosts: web1
  remote_user: root
  vars: 
    httpd_port=80
  
  tasks:
  - name: install httpd
    yum: name=httpd state=present
  - name: copy config file
    template: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf
    notify: restart httpd
  - name: start httpd
    service: name=httpd state=started enabled=true
    
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

  

templates:用于生成文本文件(配置文件)

模板文件中可使用jinja2表达式,表达式要定义在{{ }},也可以简单地仅执行变量替换

 

3.5示例五

roles:roles用于实现“代码复用”,roles以特定的层次型格式组织起来的playbook元素(variables, tasks, templates,handlers);可被playbook以role的名字直接进行调用

roles的文件结构:

  • files/:此角色中用到的所有文件均放置于此目录中
  • templates/: Jinja2模板文件存放位置
  • tasks/:任务列表文件;可以有多个,但至少有一个叫做main.yml的文件
  • handlers/:处理器列表文件;可以有多个,但至少有一个叫做main.yml的文件
  • vars/:变量字典文件;可以有多个,但至少有一个叫做main.yml的文件
  • meta/:此角色的特殊设定及依赖关系
mkdir /root/roles
cd /root/roles
mkdir -p web1/{files, templayes, tasks, handlers, vars, meta}

  

vim web1/vars/main.yml
user: tom
group: tom
http_port: 8080

  

vim web1/tasks/main.yml

- name: install httpd
  yum: name=httpd state=present
- name: copy config file
  template: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
  notify: restart httpd
  tags: conf
- name: start httpd
  service: name=httpd state=started enabled=true
 
这里的template指的是相对路径-->web1/templates
tags可以在运行时指定标签任务

  

vim web1/handlers/main.yml

handlers:
- name: restart httpd
  service: name=httpd state=restarted

  

vim web1/templates/httpd.conf

……
Listen {{ http_port }}
……

  

运行

ansible-playbook web1.yml
指定运行任务:
ansible-playbook -t conf web1.yml

  

4、使用ansible-playbook安装zabbix

4.1定义hosts

vim /etc/ansible/hosts

[mini]

129.139.153.78:16283
155.139.190.94:12573

  

4.2定义入口文件install_zabbix_agent.yml

shell > vim /etc/ansible/install_zabbix_agent.yml

---
- hosts: mini
  roles:
  - install_zabbix_agent

## 可以看到将要安装的主机组为 mini 组,角色为 install_zabbix_agent

  

4.3定义角色 install_zabbix_agent

 tree /etc/ansible/roles/install_zabbix_agent/

├── files
│    └── zabbix-2.4.5.tar.gz
├── tasks
│    └── main.yml
├── templates
│    ├── zabbix_agentd
│    └── zabbix_agentd.conf
└── vars
      └── main.yml

## 建立 files     目录,存放编译安装过的 zabbix_agent 目录的压缩文件,用于拷贝到远程主机
## 建立 tasks     目录,用于编写将要执行的任务
## 建立 templates 目录,用于存放可变的模板文件
## 建立 vars      目录,用于存放变量信息

  

4.4建立tasks主文件

cat /etc/ansible/roles/install_zabbix_agent/tasks/main.yml

---
  - name: Install Software
    yum: name={{ item }} state=latest
    with_items:
      - libcurl-devel
  - name: Create Zabbix User
    user: name={{ zabbix_user }} state=present createhome=no shell=/sbin/nologin
  - name: Copy Zabbix.tar.gz
    copy: src=zabbix-{{ zabbix_version }}.tar.gz dest={{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz owner=root group=root
  - name: Uncompression Zabbix.tar.gz
    shell: tar zxf {{ zabbix_dir }}/src/zabbix-{{ zabbix_version }}.tar.gz -C {{ zabbix_dir }}/
  - name: Copy Zabbix Start Script
    template: src=zabbix_agentd dest=/etc/init.d/zabbix_agentd owner=root group=root mode=0755
  - name: Copy Zabbix Config File
    template: src=zabbix_agentd.conf dest={{ zabbix_dir }}/zabbix/etc/zabbix_agentd.conf owner={{ zabbix_user }} group={{ zabbix_user }} mode=0644
  - name: Modify Zabbix Dir Permisson
    file: path={{ zabbix_dir }}/zabbix owner={{ zabbix_user }} group={{ zabbix_user }} mode=0755 recurse=yes
  - name: Start Zabbix Service
    shell: /etc/init.d/zabbix_agentd start
  - name: Add Boot Start Zabbix Service
    shell: chkconfig --level 35 zabbix_agentd on

  

4.5建立主变量文件

cat /etc/ansible/roles/install_zabbix_agent/vars/main.yml

zabbix_dir: /usr/local
zabbix_version: 2.4.5
zabbix_user: zabbix
zabbix_port: 10050
zabbix_server_ip: 131.142.101.120

  

4.6建立模板文件

cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd

#!/bin/bash
#
# chkconfig: - 90 10
# description:  Starts and stops Zabbix Agent using chkconfig
#                               Tested on Fedora Core 2 - 5
#                               Should work on all Fedora Core versions
#
# @name:        zabbix_agentd
# @author:      Alexander Hagenah <hagenah@topconcepts.com>
# @created:     18.04.2006
#
# Modified for Zabbix 2.0.0
# May 2012, Zabbix SIA
#
# Source function library.
. /etc/init.d/functions

# Variables
# Edit these to match your system settings

        # Zabbix-Directory
        BASEDIR={{ zabbix_dir }}/zabbix

        # Binary File
        BINARY_NAME=zabbix_agentd

        # Full Binary File Call
        FULLPATH=$BASEDIR/sbin/$BINARY_NAME

        # PID file
        PIDFILE=/tmp/$BINARY_NAME.pid

        # Establish args
        ERROR=0
        STOPPING=0

#
# No need to edit the things below
#

# application checking status
if [ -f $PIDFILE  ] && [ -s $PIDFILE ]
        then
        PID=`cat $PIDFILE`

        if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null && [ $BINARY_NAME == `ps -e | grep $PID | awk '{print $4}'` ]
        then
                STATUS="$BINARY_NAME (pid `pidof $APP`) running.."
                RUNNING=1
        else
                rm -f $PIDFILE
                STATUS="$BINARY_NAME (pid file existed ($PID) and now removed) not running.."
                RUNNING=0
        fi
else
        if [ `ps -e | grep $BINARY_NAME | head -1 | awk '{ print $1 }'` ]
                then
                STATUS="$BINARY_NAME (pid `pidof $APP`, but no pid file) running.."
        else
                STATUS="$BINARY_NAME (no pid file) not running"
        fi
        RUNNING=0
fi

# functions
start() {
        if [ $RUNNING -eq 1 ]
                then
                echo "$0 $ARG: $BINARY_NAME (pid $PID) already running"
        else
                action $"Starting $BINARY_NAME: " $FULLPATH
                touch /var/lock/subsys/$BINARY_NAME
        fi
}

stop() {
        echo -n $"Shutting down $BINARY_NAME: "
        killproc $BINARY_NAME
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$BINARY_NAME
        RUNNING=0
}


# logic
case "$1" in
        start)
                start
                ;;
        stop)
                stop
                ;;
        status)
                status $BINARY_NAME
                ;;
        restart)
                stop
                sleep 10
                start
                ;;
        help|*)
                echo $"Usage: $0 {start|stop|status|restart|help}"
                cat <<EOF

                        start           - start $BINARY_NAME
                        stop            - stop $BINARY_NAME
                        status          - show current status of $BINARY_NAME
                        restart         - restart $BINARY_NAME if running by sending a SIGHUP or start if not running
                        help            - this screen

EOF
        exit 1
        ;;
esac

exit 0

  

shell > cat /etc/ansible/roles/install_zabbix_agent/templates/zabbix_agentd.conf

# This is a config file for the Zabbix agent daemon (Unix)
# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile
#       Name of PID file.
#
# Mandatory: no
# Default:
# PidFile=/tmp/zabbix_agentd.pid

### Option: LogFile
#       Name of log file.
#       If not set, syslog is used.
#
# Mandatory: no
# Default:
# LogFile=

LogFile=/tmp/zabbix_agentd.log

### Option: LogFileSize
#       Maximum size of log file in MB.
#       0 - disable automatic log rotation.
#
# Mandatory: no
# Range: 0-1024
# Default:
# LogFileSize=1

### Option: DebugLevel
#       Specifies debug level
#       0 - basic information about starting and stopping of Zabbix processes
#       1 - critical information
#       2 - error information
#       3 - warnings
#       4 - for debugging (produces lots of information)
#
# Mandatory: no
# Range: 0-4
# Default:
# DebugLevel=3

### Option: SourceIP
#       Source IP address for outgoing connections.
#
# Mandatory: no
# Default:
# SourceIP=

### Option: EnableRemoteCommands
#       Whether remote commands from Zabbix server are allowed.
#       0 - not allowed
#       1 - allowed
#
# Mandatory: no
# Default:
# EnableRemoteCommands=0

### Option: LogRemoteCommands
#       Enable logging of executed shell commands as warnings.
#       0 - disabled
#       1 - enabled
#
# Mandatory: no
# Default:
# LogRemoteCommands=0

##### Passive checks related

### Option: Server
#       List of comma delimited IP addresses (or hostnames) of Zabbix servers.
#       Incoming connections will be accepted only from the hosts listed here.
#       If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally.
#
# Mandatory: no
# Default:
# Server=

Server={{ zabbix_server_ip }}

### Option: ListenPort
#       Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
# ListenPort=10050
ListenPort={{ zabbix_port }}

### Option: ListenIP
#       List of comma delimited IP addresses that the agent should listen on.
#       First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
#
# Mandatory: no
# Default:
# ListenIP=0.0.0.0

### Option: StartAgents
#       Number of pre-forked instances of zabbix_agentd that process passive checks.
#       If set to 0, disables passive checks and the agent will not listen on any TCP port.
#
# Mandatory: no
# Range: 0-100
# Default:
# StartAgents=3

##### Active checks related

### Option: ServerActive
#       List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks.
#       If port is not specified, default port is used.
#       IPv6 addresses must be enclosed in square brackets if port for that host is specified.
#       If port is not specified, square brackets for IPv6 addresses are optional.
#       If this parameter is not specified, active checks are disabled.
#       Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
#
# Mandatory: no
# Default:
# ServerActive=

#ServerActive=127.0.0.1:10051

### Option: Hostname
#       Unique, case sensitive hostname.
#       Required for active checks and must match hostname as configured on the server.
#       Value is acquired from HostnameItem if undefined.
#
# Mandatory: no
# Default:
# Hostname=

Hostname={{ ansible_all_ipv4_addresses[1] }}

### Option: HostnameItem
#       Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
#       Does not support UserParameters or aliases.
#
# Mandatory: no
# Default:
# HostnameItem=system.hostname

### Option: HostMetadata
#       Optional parameter that defines host metadata.
#       Host metadata is used at host auto-registration process.
#       An agent will issue an error and not start if the value is over limit of 255 characters.
#       If not defined, value will be acquired from HostMetadataItem.
#
# Mandatory: no
# Range: 0-255 characters
# Default:
# HostMetadata=

### Option: HostMetadataItem
#       Optional parameter that defines an item used for getting host metadata.
#       Host metadata is used at host auto-registration process.
#       During an auto-registration request an agent will log a warning message if
#       the value returned by specified item is over limit of 255 characters.
#       This option is only used when HostMetadata is not defined.
#
# Mandatory: no
# Default:
# HostMetadataItem=

### Option: RefreshActiveChecks
#       How often list of active checks is refreshed, in seconds.
#
# Mandatory: no
# Range: 60-3600
# Default:
# RefreshActiveChecks=120

### Option: BufferSend
#       Do not keep data longer than N seconds in buffer.
#
# Mandatory: no
# Range: 1-3600
# Default:
# BufferSend=5

### Option: BufferSize
#       Maximum number of values in a memory buffer. The agent will send
#       all collected data to Zabbix Server or Proxy if the buffer is full.
#
# Mandatory: no
# Range: 2-65535
# Default:
# BufferSize=100

### Option: MaxLinesPerSecond
#       Maximum number of new lines the agent will send per second to Zabbix Server
#       or Proxy processing 'log' and 'logrt' active checks.
#       The provided value will be overridden by the parameter 'maxlines',
#       provided in 'log' or 'logrt' item keys.
#
# Mandatory: no
# Range: 1-1000
# Default:
# MaxLinesPerSecond=100

############ ADVANCED PARAMETERS #################

### Option: Alias
#       Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
#       Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
#       Different Alias keys may reference the same item key.
#       For example, to retrieve the ID of user 'zabbix':
#       Alias=zabbix.userid:vfs.file.regexp[/etc/passwd,^zabbix:.:([0-9]+),,,,\1]
#       Now shorthand key zabbix.userid may be used to retrieve data.
#       Aliases can be used in HostMetadataItem but not in HostnameItem parameters.
#
# Mandatory: no
# Range:
# Default:

### Option: Timeout
#       Spend no more than Timeout seconds on processing
#
# Mandatory: no
# Range: 1-30
# Default:
Timeout=20

### Option: AllowRoot
#       Allow the agent to run as 'root'. If disabled and the agent is started by 'root', the agent
#       will try to switch to the user specified by the User configuration option instead.
#       Has no effect if started under a regular user.
#       0 - do not allow
#       1 - allow
#
# Mandatory: no
# Default:
# AllowRoot=0

### Option: User
#       Drop privileges to a specific, existing user on the system.
#       Only has effect if run as 'root' and AllowRoot is disabled.
#
# Mandatory: no
# Default:
# User=zabbix

### Option: Include
#       You may include individual files or all files in a directory in the configuration file.
#       Installing Zabbix will create include directory in /usr/local/etc, unless modified during the compile time.
#
# Mandatory: no
# Default:
# Include=

# Include=/usr/local/etc/zabbix_agentd.userparams.conf
# Include=/usr/local/etc/zabbix_agentd.conf.d/
# Include=/usr/local/etc/zabbix_agentd.conf.d/*.conf

####### USER-DEFINED MONITORED PARAMETERS #######

### Option: UnsafeUserParameters
#       Allow all characters to be passed in arguments to user-defined parameters.
#       0 - do not allow
#       1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
UnsafeUserParameters=1

### Option: UserParameter
#       User-defined parameter to monitor. There can be several user-defined parameters.
#       Format: UserParameter=<key>,<shell command>
#       See 'zabbix_agentd' directory for examples.
#
# Mandatory: no
# Default:
# UserParameter=

####### LOADABLE MODULES #######

### Option: LoadModulePath
#       Full path to location of agent modules.
#       Default depends on compilation options.
#
# Mandatory: no
# Default:
# LoadModulePath=${libdir}/modules

### Option: LoadModule
#       Module to load at agent startup. Modules are used to extend functionality of the agent.
#       Format: LoadModule=<module.so>
#       The modules must be located in directory specified by LoadModulePath.
#       It is allowed to include multiple LoadModule parameters.
#
# Mandatory: no
# Default:
# LoadModule=

  

4.7安装

ansible-playbook /etc/ansible/install_zabbix_agent.yml

PLAY [mini] *******************************************************************

GATHERING FACTS ***************************************************************
ok: [129.139.153.78]
ok: [155.139.190.94]

TASK: [install_zabbix_agent | Install Software] *******************************
changed: [155.139.190.94] => (item=libcurl-devel)
changed: [129.139.153.78] => (item=libcurl-devel)

TASK: [install_zabbix_agent | Create Zabbix User] *****************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix.tar.gz] *****************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Uncompression Zabbix.tar.gz] ********************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Copy Zabbix Start Script] ***********************
changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Copy Zabbix Config File] ************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Modify Zabbix Dir Permisson] ********************
changed: [155.139.190.94]
changed: [129.139.153.78]

TASK: [install_zabbix_agent | Start Zabbix Service] ***************************
changed: [129.139.153.78]
changed: [155.139.190.94]

TASK: [install_zabbix_agent | Add Boot Start Zabbix Service] ******************
changed: [129.139.153.78]
changed: [155.139.190.94]

PLAY RECAP ********************************************************************
155.139.190.94               : ok=10   changed=9    unreachable=0    failed=0
129.139.153.78               : ok=10   changed=9    unreachable=0    failed=0

## 关注一下,启动脚本跟配置文件中变量的引用。
## 完成安装,可以去客户机检查效果了 !

  

posted @ 2020-02-05 17:07  shuyang  阅读(822)  评论(0编辑  收藏  举报