Day03-Ansible playbook
- 1. Ansible Playbook基本概述
- 1.1 什么是playbook?
- 1.2 Ansible playbook与AD-Hoc的关系
- 1.3 Ansible Playbook书写格式
- 1.4 Ansible Playbook练习实验
- 1.4.1 playbook剧本初使用
- 1.4.2 playbook剧本-部署配置nfs
- 1.4.3 playbook剧本-部署配置lnmp
1. Ansible Playbook基本概述
1.1 什么是playbook?
playbook翻译过来就是“剧本”,那playbook组成如下
playbook:定义一个文本文件,以yml为后缀结尾 (翻译: 我有一个剧本)
yaml格式
play:定义的是主机的角色(翻译: 找哪个大腕明星)
task:定义的是具体执行的任务(翻译: 大腕每一集拍什么)
总结::playbook是由一个或多个play组成,一个play可以包含多个task任务。
可以理解为::使用不同的模块来共同完成一件事情。
1.2 Ansible playbook与AD-Hoc的关系
1.playbook是对AD-Hoc的一种编排方式。
2.playbook可以持久运行(重复),而Ad-Hoc只能临时运行。
3.playbook适合复杂的任务,而Ad-Hoc适合做快速简单的任务(检查,查询,巡检)。
4.playbook能控制任务执行的先后顺序。
- ad-hoc 用于检查,测试,临时获取数据
- playbook剧本适用于,重复性操作(部署环境、服务,初始化操作(优化))
1.3 Ansible Playbook书写格式
playbook是由yaml语法书写,结构清晰,可读性强,所以必须掌握yml基础语法
| 语法 | 描述 |
|---|---|
| 缩进 | YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用tabs |
| 冒号 | 以冒号结尾的除外,其他所有冒号后面所有必须有空格 |
| 短横线 | 表示列表项,使用一个短横杠加一个空格。多个项使用同样的缩进级别作为同一列表。 |
1.下面我们一起来编写一个playbook文件,playbook起步
host:对哪些主机进行操作
remote_user:我要使用什么用户执行
tasks:具体执行什么任务
---
- hosts: all
tasks:
- name: yum安装软件
yum: xxxxxxxxx
- name: 服务启动
systemd: xxxxxx
#人生中第1个剧本 查询所有主机的主机名
# ansible ad-hoc
ansible all -m command -a 'hostname' -i hosts
# ansible playbook
[root@m01 /server/playbook]# cat 01_hostname.yml
---
- hosts: all
tasks:
- name: show hostname
command: hostname
[root@m01 /server/playbook]# ansible-playbook
01_hostname.yml -i hosts
PLAY [all]
**********************************************************
***********
TASK [Gathering Facts]
*********************************************************
ok: [172.16.1.51]
ok: [172.16.1.5]
ok: [172.16.1.6]
ok: [172.16.1.41]
ok: [172.16.1.31]
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.9]
ok: [172.16.1.10]
TASK [show hostname]
**********************************************
changed: [172.16.1.51]
changed: [172.16.1.41]
changed: [172.16.1.6]
changed: [172.16.1.31]
changed: [172.16.1.5]
changed: [172.16.1.8]
changed: [172.16.1.7]
changed: [172.16.1.10]
changed: [172.16.1.9]
PLAY RECAP
**********************************************************
**********************************************************
*******
172.16.1.10 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.31 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.41 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.5 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.51 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.6 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.7 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.8 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
172.16.1.9 : ok=2 changed=1
unreachable=0 failed=0 skipped=0 rescued=0
ignored=0
2.执行playbook,注意观察执行返回的状态颜色:
红色:表示有task执行失败,通常都会提示错误信息。
黄色:表示远程主机按照编排的任务执行且进行了改变。
绿色:表示该主机已经是描述后的状态,无需在次运行。
1.4 Ansible Playbook练习实验
- 目标
- 自动部署某个服务nfs
- 自动部署lnmp
- 任务:自动部署系统的基础优化
1.4.1 playbook剧本初使用
mkdir -p /server/playbook/
cd /server/playbook/
cp /etc/ansible/hosts .
[root@m01 playbook]# cat show.yml
- hosts: all
tasks:
- name: show ip addr
shell: hostname -I >/tmp/ip.txt
[root@m01 playbook]# ansible-playbook -i hosts -C show.yml
PLAY [all] ***************************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************
ok: [172.16.1.41]
ok: [172.16.1.7]
ok: [172.16.1.31]
ok: [172.16.1.51]
TASK [show ip addr] ******************************************************************************************************
skipping: [172.16.1.7]
skipping: [172.16.1.41]
skipping: [172.16.1.31]
skipping: [172.16.1.51]
PLAY RECAP ***************************************************************************************************************
172.16.1.31 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
172.16.1.41 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
172.16.1.51 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
172.16.1.7 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
[root@m01 playbook]# ansible-playbook -i hosts show.yml
vim show.yml
cat show.yml
yum install -y cowsay
ansible-playbook -i hosts show.yml
[root@m01 playbook]# tree /server/playbook/
/server/playbook/
├── hosts
└── show.yml
0 directories, 2 files
1.4.2 playbook剧本-部署配置nfs
- 目标
- 配置nfs服务端-backup,共享目录/playbook-backup/ 共享172.16.1.0/24 all_squash访问
#01书写剧本流程
##1) 把对应的过程翻译为命令
a)安装nfs
yum install -y nfs-utils
b)配置nfs服务端
/playbook-backup/ 172.16.1.0/24(rw,sync,all_squash)
mkdir -p /playbook-backup
chown -R nfsnobody.nfsnobody /playbook-backup
c)启动与开机自启动
systemctl enabled nfs rpcbind
systemctl start rpcbind nfs
d)本地挂载
mount -t nfs 172.16.1.41:/playbook-backup /mnt
##2) 找出命令对应模块
a) yum 安装nfs
-m yum -a 'name=nfs-utils state=installed'
b) 配置nfs 服务端
copy
-m copy -a 'dest=/etc/exports content="/playbook-backup/ 172.16.1.0/24(rw,sync,all_squash)" '
file
-m file -a 'path=/playbook-backup state=directory owner=nfsnobody group=nfsnobody '
c)启动与开机自启动
systemd
-m systemd -a 'name=rpcbind enabled=yes state=started '
-m systemd -a 'name=nfs enabled=yes state=started '
d)本地挂载
mount
-m mount -a 'fstype=nfs src=172.16.1.41:/playbook-backup dest=/mnt state=mounted '
##3) 根据模块书写剧本
[root@m01 playbook]# vim 02-nfs.yml
- hosts: backup
tasks:
- name: install nfs rpcbind
yum: name=nfs-utils state=installed
- name: configure nfs exports file
copy: dest=/etc/exports content="/playbook-backup/ 172.16.1.0/24(rw,sync,all_squash)"
- name: mkdir chown
file: path=/playbook-backup state=directory owner=nfsnobody group=nfsnobody
- name: start && enable rpc
systemd: name=rpcbind enabled=yes state=started
- name: start && enable nfs
systemd: name=nfs enabled=yes state=started
- name: mount test
mount: fstype=nfs src=172.16.1.41:/playbook-backup path=/mnt state=mounted
##4) 调试剧本
ansible-playbook -i hosts -C 02-nfs.yml
##5) 正式使用
ansible-playbook -i hosts 02-nfs.yml
[root@m01 playbook]# ansible -i hosts backup -a 'df -h'
172.16.1.41 | CHANGED | rc=0 >>
文件系统 容量 已用 可用 已用% 挂载点
devtmpfs 2.0G 0 2.0G 0% /dev
tmpfs 2.0G 0 2.0G 0% /dev/shm
tmpfs 2.0G 12M 2.0G 1% /run
tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup
/dev/sda3 43G 2.5G 41G 6% /
/dev/sda1 1014M 161M 854M 16% /boot
tmpfs 394M 0 394M 0% /run/user/0
172.16.1.41:/playbook-backup 43G 2.5G 41G 6% /mnt
[root@m01 playbook]# ansible -i hosts backup -a 'ls -l /playbook-backup -d'
172.16.1.41 | CHANGED | rc=0 >>
drwxr-xr-x 2 nfsnobody nfsnobody 6 3月 26 19:59 /playbook-backup
[root@m01 playbook]# ansible -i hosts backup -a 'cat /etc/exports'
172.16.1.41 | CHANGED | rc=0 >>
/playbook-backup/ 172.16.1.0/24(rw,sync,all_squash)
#如何在剧本中把 一行的-a 变化为 多行
- name: install nfs rpcbind
yum: name=nfs-utils state=installed
- name: install nfs rpcbind
yum:
name: nfs-utils
state: installed
1.4.3 playbook剧本-部署配置lnmp
#1台机器
#01书写剧本流程
##1) 把对应的过程翻译为命令
a) 部署yum源nginx源,php源 webtatic
b) 安装nginx,php7
c) 配置nginx (www.conf) copy
d) 配置 php(php-www.conf) copy
e) 传输代码(index.php) copy
f) 启动nginx,php-fpm
##2) 找出命令对应模块
##3) 根据模块书写剧本
[root@m01 playbook]# cat 03-lnp.yml
- hosts: backup
tasks:
- name: add nginx repo
yum_repository:
file: nginx
name: nginx
description: "ngx repo"
baseurl: "http://nginx.org/packages/centos/$releasever/$basearch/"
enabled: yes
gpgcheck: no
state: present
- name: add php repo
yum_repository:
file: php
name: php
description: "php repo"
baseurl: "http://us-east.repo.webtatic.com/yum/el7/x86_64/"
enabled: no
gpgcheck: no
state: present
- name: install nginx && php pack
yum:
name: nginx,php71w,php71w-cli,php71w-common,php71w-devel,php71w-embedded,php71w-gd,php71w-mcrypt,php71w-mbstring,php71w-pdo,php71w-xml,php71w-fpm,php71w-mysqlnd,php71w-opcache,php71w-pecl-memcached,php71w-pecl-redis,php71w-pecl-mongodb
enablerepo: php
state: installed
- name: copy nginx conf
copy:
src: nginx-php-www.conf
dest: /etc/nginx/conf.d/www.conf
backup: yes
- name: copy php conf
copy:
src: php-www.conf
dest: /etc/php-fpm.d/www.conf
backup: yes
- name: create code dir
file:
path: /data/www-play/
owner: nginx
group: nginx
state: directory
- name: copy code
copy:
src: web-index.php
dest: /data/www-play/index.php
owner: nginx
group: nginx
backup: yes
- name: start nginx
systemd:
name: nginx
enabled: yes
state: restarted
- name: start php
systemd:
name: php-fpm
enabled: yes
state: restarted
[root@m01 playbook]# cat nginx-php-www.conf
server {
listen 80 default_server;
server_name www.etiantian.org;
root /data/www-play;
location / {
index index.php index.html;
}
location ~* \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
[root@m01 playbook]# cat php-www.conf
[www]
user = nginx
group = nginx
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
[root@m01 playbook]# cat web-index.php
<?php
phpinfo();
?>
##4) 调试剧本
[root@m01 playbook]# ansible-playbook -i hosts -C 03-lnp.yml
_______________
< PLAY [backup] >
---------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
________________________
< TASK [Gathering Facts] >
------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
ok: [172.16.1.41]
_______________________
< TASK [add nginx repo] >
-----------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [172.16.1.41]
_____________________
< TASK [add php repo] >
---------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
changed: [172.16.1.41]
__________________________________
< TASK [install nginx && php pack] >
----------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
fatal: [172.16.1.41]: FAILED! => {"changed": false, "msg": "Repository php not found."}
# 正常,调试没有正式安装环境,等正式安装环境就没问题了
____________
< PLAY RECAP >
------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
172.16.1.41 : ok=3 changed=2 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
##5) 正式使用
[root@m01 playbook]# ansible-playbook -i hosts 03-lnp.yml
# 检查playbook语法
[root@m01 playbook]# ansible-playbook 03-lnp.yml --syntax-check
playbook: 03-lnp.yml
