二、Ansible之playbook
1.什么是playbook
PlayBook即"剧本","兵书"之意,PlayBook是由以下部分组成的
play(host): 定义的是主机的角色。(主角还是配角)
Book(task): 定义的是具体执行的任务。(角色的台词和动作)
playbook: 由一个或多个play(角色)组成,一个play(角色)可以包含多个task(台词,动作)。
简单理解为: 对不同的主机使用很多不同的模块做很多工作完成一件事情
在Ansible中"剧本文件"是以yml结尾的文件。
在SaltStack中"剧本文件"是以sls结尾的文件。
但是语法,使用的都是yaml语法
2.playbook组成
[root@m01 ~]# vim touch.yml
#指定执行动作的主机组
- hosts: web_group
#指定远端操作的用户
remote_user: root
#开始定义变量
vars:
file_name: lhd
#指定动作
tasks:
#注释:说明这个动作
- name: 创建文件
#指定shell模块创建一个文件
shell: touch /tmp/{{ file_name }}
#执行前检查语法
[root@m01 ~]# ansible-playbook --syntax-check touch.yml
playbook: touch.yml
#该命令,只能检查语法,无法验证逻辑
3.PlayBook与ad-hoc
特点 |
PlayBook |
ad-hoc |
完整性 |
√ |
✘ |
持久性 |
√ |
✘ |
执行效率 |
低 |
高 |
变量 |
支持 |
不支持 |
耦合度 |
低 |
高 |
1.PlayBook功能比ad-hoc更全,是对ad-hoc的一种编排.
2.PlayBook能很好的控制先后执行顺序, 以及依赖关系.
3.PlayBook语法展现更加的直观.
4.playbook可以持久使用,ad-hoc无法持久使用.
4.YAML语法
语法 |
描述 |
缩进 |
YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用TAB |
冒号 |
以冒号结尾的除外,其他所有冒号后面所有必须有空格 |
短横线 |
表示列表项,使用一个短横杠加一个空格,多个项使用同样的缩进级别作为同一列表 |
1)语法
中国:
北京:
上海:
- 日本
- 浦东新区
- 青浦区
三、playbook实战-部署httpd
1.配置主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
web03 ansible_ssh_pass='1'
[root@m01 ~]# vim /etc/hosts
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 web03
2.测试连接
[root@m01 ~]# ansible web_group -m ping
3.编写剧本
[root@m01 ~]# cat httpd.yml
- hosts: web_group
tasks:
- name: Stop Selinux
selinux:
state: disabled
- name: Stop Firewalld
systemd:
name: firewalld
state: stopped
- name: Install Httpd
yum:
name: httpd
state: present
- name: Start Httpd Server
systemd:
name: httpd
state: started
- name: Config Httpd Index
copy:
content: test ansible install httpd
dest: /var/www/html/index.html
四、编写搭建交作业页面剧本
1.编写剧本
[root@m01 ~]# cat zuoye.yml
- hosts: all
tasks:
- name: Add www group
group:
name: www
gid: 666
- name: Add www User
user:
name: www
uid: 666
group: www
- hosts: web_group
tasks:
- name: Install Httpd Server
yum:
name: httpd
state: present
- name: Mkdir Package
file:
path: /package
state: directory
- name: Tar php.tar.gz
unarchive:
src: /root/php.tar.gz
dest: /package/
- name: Install PHP Server
shell: yum localinstall -y /package/*.rpm
- name: Tar kaoshi.zip
unarchive:
src: /root/kaoshi.zip
dest: /var/www/html
owner: www
group: www
- name: Mkdir upload
file:
path: /var/www/html/upload
state: directory
owner: www
group: www
- name: Config Httpd Server
copy:
src: /root/httpd.conf
dest: /etc/httpd/conf/
- name: Start Httpd Server
systemd:
name: httpd
state: restarted
enabled: yes
- hosts: nfs_group
tasks:
- name: Install nfs Server
yum:
name: nfs-utils
state: present
- name: Config nfs Server
copy:
content: /data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
- name: Mkdir data
file:
path: /data
state: directory
owner: www
group: www
- name: Start nfs Server
systemd:
name: nfs
state: restarted
enabled: yes
- hosts: web_group
tasks:
- name: Mount nfs
mount:
src: 172.16.1.31:/data
path: /var/www/html/upload
fstype: nfs
opts: defaults
state: mounted
2.测试语法
[root@m01 ~]# ansible-playbook --syntax-check zuoye.yml
playbook: zuoye.yml
3.运行剧本
[root@m01 ~]# ansible-playbook zuoye.yml
五、配置rsync备份
1.创建项目目录
[root@m01 ~]# mkdir /project/rsync
2.部署准备
1)配置主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'
web03 ansible_ssh_pass='1'
[nfs_group]
nfs ansible_ssh_pass='1'
[backup_server]
backup ansible_ssh_pass='1'
2)准备rsync配置文件
[root@m01 ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
3)上传安装包
1.上传sersync包
4)准备sersync配置文件
[root@m01 ~]# vim GNU-Linux-x86/confxml.xml
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="backup"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
[root@m01 ~]# cp GNU-Linux-x86/confxml.xml ./
3.编写剧本
[root@m01 ~]# cat rsync.yml
- hosts: backup_server
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Config rsync Server
copy:
src: /etc/rsyncd.conf
dest: /etc/
- name: Config Password File
copy:
content: rsync_backup:123456
dest: /etc/rsync.passwd
mode: 0600
- name: Mkdir backup
file:
path: /backup
state: directory
owner: www
group: www
- name: Start Rsyncd Server
systemd:
name: rsyncd
state: restarted
- hosts: nfs_group
tasks:
- name: Install rsync Server
yum:
name: rsync
state: present
- name: Install rsync Server
yum:
name: inotify-tools
state: present
- name: Install sersync
copy:
src: /root/sersync
dest: /usr/local/
mode: 0755
- name: Config sersync Server
copy:
src: /root/confxml.xml
dest: /usr/local/sersync/
- name: Touch Client Password File
copy:
content: 123456
dest: /etc/rsync.pass
mode: 0600
- name: Start sersync Server
shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
#script: /root/start_sersync.sh