playbook剧本组成部分:
1、task 任务: 主要是包含要在目标主机上的操作,使用模块定义操作。每个任务都是模块的调用。
2、variables变量:存储和传递数据。变量可自定义,可以在playbook中定义为全局变量,可以外部传参。
3、Templates模板: 用于生成配胃文件。模版是包含占位符的文件。占位符有ansilbe在执行时转化为变量值。
4、handlers 处理器: 当需要变更时,可以执行触发器。
5、Roles 角色:是一种组织和封装playbook的,允许把相关的任务,变量,模板和处理器组成一个可复用的单元。
文件格式 xxx.yml 或 xxx.yaml
检查yml文件的语法是否正确
ansible-playbook xxx.yaml --syntax-check
eg:
ansible-playbook test.yaml --syntax-check
检测任务定义任务
ansible-playbook xxx.yaml --list-task
eg:
ansible-playbook test.yaml --list-task
检查生效的目标主机
anible-playbook xxx.yaml --list-hosts
eg:
ansible-playbook test.yaml --list-hosts
执行过程在设置密码
ansible-playbook test.yaml -K
需要开启免密
声明用户执行任务
ansible-playbook test.yaml -u root -k
安装httpd脚本
vim test.yaml
#one playbook
- name: first play
#一个name就是一个任务名,可以不写
#one playbook
- name: first play
#一个name就是一个任务名,可以不写
gather_facts: false
#是否收集目标主机的系统信息:false不收集
hosts: 192.168.10.202
#执行的目标主机
remote_user: dn
become: yes
#切换用户
become_user: root
#在目标主机执行的用户
tasks:
- name: ping test
#one playbook
- name: first play
#一个name就是一个任务名,可以不写
gather_facts: false
#是否收集目标主机的系统信息:false不收集
hosts: 192.168.10.202
#执行的目标主机
remote_user: dn
become: yes
#切换用户
become_user: root
#在目标主机执行的用户
tasks:
- name: ping test
ping:
#测试与目的主机的连通性
- name: close selinux
command: '/sbin/setenforce 0'
ignore_errors: True
#关闭linux的机制,如果报错,忽略不计
- name: close firewalld
service: name=firewalld state=stopped
#关闭防火墙
- name: install httpd
yum: name=httpd
#安装httpd服务
- name: start httpd
service: enabled=true name=httpd state=started
#设置服务开机自启
- name: edition index.html
shell: echo "this is httpd" > /var/www/html/index.html
#修改访问页面
notify: restart httpd
#notify要和handers的name一样
handlers:
- name: restart httpd
service: name=httpd state=restarted
声明和引用变量,以及外部传参
创建user和group
- hosts: 192.168.10.201
remote_user: root
vars:
groupname: guoqi
username: wangdefu
tasks:
- name: create group
group:
name: "{{ groupname }}"
system: yes
gid: 111
- name: create user
user:
name: "{{ username }}"
uid: 1011
group: "{{ groupname }}"
shell: /sbin/nologin
- name: copy file
copy:
content: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address']}}"
dest: /opt/ky32.txt
#获取目标的ip地址,然后复制到目标文件
ansible-playbook test1.yaml -e 'username=lyw groupname=lyw'
循环---when
- hosts: all
#可以使用主机的IP地址,也可以是用户组名,也可以是all
remote_user: root
tasks:
- name: test when
debug:
msg: '位置判断:'
#debug~echo msg:输出的内容,用于脚本的调试,在正式脚本中可以去除。
#一个name
#when: ansible_default_ipv4.address == '192.168.10.201'
when: inventory_hostname != '192.168.10.201'
例2
用when---201 安装nginx、202 安装httpd
- hosts: all
remote_user: root
tasks:
- name: nginx when
yum: name=nginx
when: ansible_default_ipv4.address == '192.168.10.201'
- name: nginx info
debug:
msg: "安装nginx"
when: ansible_default_ipv4.address == '192.168.10.201'
- name: httpd when
yum: name=httpd
when: ansible_default_ipv4.address == '192.168.10.202'
- name: httpd info
debug:
msg: "安装httpd"
when: ansible_default_ipv4.address == '192.168.10.202'
循环---list
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- debug:
msg: "{{ item }}"
with_list:
- [a,b,c,d]
- [1,2,3,4]
#分组打印
例2
创建文件
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- name:
file:
path: "{{ item }}"
state: touch
with_list:
- /opt/a
- /opt/b
- /opt/c
- /opt/d
- /opt/1
- /opt/2
- /opt/3
- /opt/4
#分组打印
循环---items
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- debug:
msg: "{{ item }}"
with_items:
- [a,b,c,d]
- [1,2,3,4]
#声明内置变量item,playbook的内置变量,with_items会把item的值,遍历列表当中的a,b.c,d
#虽然我声明的列表是两个,但是with items还是把两个列表当成整体进行遍历
例2
创建文件
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- name:
file:
path: "{{ item }}"
state: touch
with_items:
- [/opt/a,/opt/b,/opt/c,/opt/d]
- [/opt/1,/opt/2,/opt/3,/opt/4]
循环---together
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- name:
file:
path: "{{ item }}"
state: touch
with_together:
- [a,b,c,d]
- [1,2,3,4]
#组循环,列表当中的值一一对应,打印出来
循环---nested
#list和items 创建文件
- hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- name:
file:
path: "{{ item }}"
state: touch
with_nested:
- [a,b,c,d]
- [1,2,3,4]
#列表里面的元素定义了循环的次数,第二层列表,相当与内循环。
字典
- name: play1
hosts: 192.168.10.201
remote_user: root
gather_facts: false
tasks:
- name: create file
file:
path: "{{ item }}"
state: touch
with_items: [/opt/123,/opt/456,/opt/789]
- name: play2
hosts: 192.168.10.201
remote_user: root
gather_facts: false
vars:
test:
- /opt/test1
- /opt/test2
- /opt/test3
tasks:
- name: dir
file:
path: "{{item}}"
state: directory
with_items: "{{ test }}"
用户名: testl test2 组名分别是 dn1 dn2
- name: play1
hosts: 192.168.10.201
gather_facts: false
tasks:
- name: create group
group:
name: "{{ item }}"
state: present
with_items:
- 'dn1'
- 'dn2'
- name: create user
user:
name: "{{ item.name }}"
state: present
groups: "{{ item.groups }}"
with_items:
- {name: 'test1', groups: 'dn1'}
- {name: 'test2', groups: 'dn2'}
yum 一键安装多个软件 tree sl nginx httpd vsftpd dhcp
- name: play2
hosts: 192.168.10.80
gather_facts: false
tasks:
- name: create tree sl nginx httpd vsftpd dhcp
yum:
name: "{{ item }}"
with_list:
- tree
- sl
- nginx
- httpd
- vsftpd
- dhcp