ansible变量
变量的概述
避免重复代码,方便维护,减少维护成本
ansible变量定义
- 命令行
- play中定义
- vars
- vars_files
- Inventory中定义
- hosts文件
- host_vars目录
- group——vars目录
优先级
命令行>play>inventory
命令行 > vars_files(play) > vars(play) > host_vars(inventory) > group_vars(inventory) > hosts文件(inventory)
定义ansible变量位置
再play中定义变量
- vars变量
# 在play中用vars定义变量
- hosts: web_group
vars:
user_group: asd
id: '222'
pkg:
- nginx
- php
- mariadb-server
tasks:
- name: 创建{{ user_group }}组
group:
name: "{{ user_group }}"
gid: "{{ id }}"
- name: 创建{{ user_group }}用户
user:
name: "{{ user_group }}"
uid: "{{ id }}"
group: "{{ id }}"
shell: /sbin/nologin
create_home: False
- name: 安装nginx php mysql
yum:
name: "{{ pkg }}"
state: present
- vars_files变量
- hosts: web_group
vars:
user_group: asd
id: '222'
vars_files: ./wjh_var.yml (当前目录下的wjh_var.yml里面编写内容,内容在底下)
tasks:
- name: 创建{{ user_group }}组
group:
name: "{{ user_group }}"
gid: "{{ id }}"
- name: 创建{{ user_group }}用户
user:
name: "{{ user_group }}"
uid: "{{ id }}"
group: "{{ id }}"
shell: /sbin/nologin
create_home: False
## wjh_var.yml内容
user_group: aaa
id: '123'
pkg:
- nginx
- php
- mariadb-server
在inventory中定义变量
- 在inventory文件中定义变量(几乎不用)
[root@m01 ~]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[web_group:vars]
user_group=xxx
id='666'
- host_vars
## 和yaml文件同级下创建目录
mkdir host_vars
## 针对主机定义变量
vim host_vars/web01 (host_vars下的web01文件)
user_group: user_host_vars_web01
id: '444'
- group_vars
## 和yaml文件同级下创建目录
mkdir group_vars
## 针对主机定义变量
vim group_vars/web_group (group_vars下的web_group)
user_group: user_group_vars_web_group
id: '444'
优先级测试
# 1.play中定义变量
vars:vars_user
vars_files:user_vars_files
- hosts: web_group
vars:
- user_group: vars_user
- id: '444'
vars_files: ./wjh_var.yml
tasks:
- name: 创建用户
user:
name: "{{ user_group }}"
uid: "{{ id }}"
state: present
# 2.主机清单定义变量
hosts文件中:user_inventory
[web_group:vars]
user_group=user_inventory
host_vars目录下
- web01
user_group: user_host_vars_web01
- web02
user_group: user_host_vars_web02
group_vars目录下
web_group
user_group: user_group_vars_web_group
# 3.命令行定义变量
ansible-playbook -e 'user_group=command_user'
[root@m01 wordpress_ansible]# ansible-playbook test.yml -i base/hosts -e 'user_group=command_user'
实战案例
# 要求
1.nfs
2.rsync
3.nginx 要做共享存储
4.部署wordpress
环境准备
主机名 | WanIP | LanIP | 角色 | 应用 |
m01 | 10.0.0.61 | 172.16.1.61 | ansible管理机 | ansible |
web01 | 10.0.0.7 | 172.16.1.7 | 作业网站 | httpd、php、nfs |
web02 | 10.0.0.8 | 172.16.1.8 | 作业网站 | httpd、php、nfs |
nfs | 10.0.0.31 | 172.16.1.31 | 共享存储 | nfs、rsync |
backup | 10.0.0.41 | 172.16.1.41 | 实时同步备份 | nfs、rsync |
db01 | 10.0.0.51 | 172.16.1.51 | 数据库 | MariaDB、MySQL-python |
先决条件
# 1.操控机上创建用户
[root@m01 base]# groupadd www -g 666
[root@m01 base]# useradd www -u 666 -g 666 -s /sbin/nologin -M
# 2.安装nginx和php
rpm -Uvh *.rpm
# 3.修改nginx主配置文件用户
[root@m01 base]# vim /etc/nginx/nginx.conf
user www;
# 4. copy修改好的文件
[root@m01 base]# cp /etc/nginx/nginx.conf /root/wordpress_ansible/nginx_php/
# 5.修改php配置文件用户
[root@m01 ngx_php]# vim /etc/php-fpm.d/www.conf
[www]
user = www
group = www
listen = /dev/shm/php.sock
listen.owner = www
listen.group = www
# 6.copy修改好的配置文件
[root@m01 ngx_php]# cp /etc/php-fpm.d/www.conf /root/wordpress_ansible/nginx_php/
# 7.创建nginx子配置文件
[root@m01 nginx]# vim /etc/nginx/conf.d/blog.wjh.com.conf
server {
listen 80;
server_name blog.wjh.com;
root /code/wordpress;
index index.php index.html;
location ~ \.php$ {
fastcgi_pass unix:/dev/shm/php.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# 8.copy修改好的配置文件
[root@m01 nginx]# cp /etc/nginx/conf.d/blog.wjh.com.conf /root/wordpress_ansible/nginx_php/
# 9.启动nginx和php
[root@m01 ngx_php]# systemctl start nginx php-fpm
# 10.安装wordpress
[root@m01 wordpress_ansible]# mkdir /code
[root@m01 ngx_php]# wget https://cn.wordpress.org/latest-zh_CN.tar.gz -O /code/latest- zh_CN.tar.gz
# 11.解压
[root@m01 code]# tar xf latest-zh_CN.tar.gz
# 12.授权
[root@m01 code]# chown -R www.www /code/
# 13.数据备份
[root@db01 ~]# mysqldump wordpress > /opt/wp_ansible.sql
[root@db01 ~]# scp /opt/wp_ansible.sql 172.16.1.61:/root/wordpress_ansible/mariadb
准备好的目录结构
[root@m01 wordpress_ansible]# tree
├── base
│ ├── hosts #主机清单
│ └── ssh_key.sh #密钥脚本
├── lnmp.yml # playbook
├── mariadb
│ ├── my.cnf # 数据库配置文件
│ └── wp_ansible.sql # 数据库数据备份
├── nfs
│ └── 2022.tgz # 数据库图片备份
├── nginx_php
│ ├── blog.wjh.com.conf # nginx子配置文件
│ ├── nginx.conf # nginx主配置文件
│ ├── nginx_php.tgz # nginx和php安装包
│ └── www.conf # php配置文件
├── rsync
│ └── rsyncd.conf # rsync配置文件
└── wordpress
└── wordpress.tgz # wordpress数据备份
[root@m01 wordpress_ansible]# vim lnmp.yml
- hosts: all
tasks:
- name: create www group
group:
name: www
gid: 666
- name: Greate www User
user:
name: www
group: '666'
uid: 666
shell: /sbin/nologin
create_home: False
- hosts: rsyncd
tasks:
- name: Install Rsync And NFS Service
yum:
name:
- nfs-utils
- rsync
state: present
- hosts: backup
tasks:
- name: Configure Rsync Conf
copy:
src: /root/wordpress_ansible/rsync/rsyncd.conf
dest: /etc
- name: Set Rsync Password File
copy:
content: 'rsync_bacup:123'
dest: /etc/rsync.passwd
mode: 0600
- name: Create Backup Directory
file:
path: /backup
owner: www
group: www
mode: 0755
state: directory
- name: Start Rsync Service
service:
name: rsyncd
state: started
enabled: True
- hosts: nfs
tasks:
- name: Create Client Password File
copy:
content: '123'
dest: /etc/rsync.passwd
mode: 0600
- name: Configure NFS Conf
copy:
content: /data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)
dest: /etc/exports
- name: Create NFS Directory
file:
path: /data
owner: www
group: www
mode: 0755
state: directory
- name: 推送用户数据
unarchive:
src: /root/wordpress_ansible/nfs/2022.tgz
dest: /data
owner: www
group: www
- name: Start NFS Service
service:
name: nfs
state: started
enabled: True
- hosts: web_group
tasks:
- name: 解压nginx和php到web端
unarchive:
src: /root/wordpress_ansible/nginx_php/nginx_php.tgz
dest: /opt
- name: 安装nginx和php
shell: cd /opt && rpm -Uvh *.rpm
- name: 推送nginx主配置文件
copy:
src: /root/wordpress_ansible/nginx_php/nginx.conf
dest: /etc/nginx
- name: 推送nginx虚拟机配置文件
copy:
src: /root/wordpress_ansible/nginx_php/blog.wjh.com.conf
dest: /etc/nginx/conf.d
- name: 推送PHP配置文件
copy:
src: /root/wordpress_ansible/nginx_php/www.conf
dest: /etc/php-fpm.d
- name: 启动nginx服务
service:
name: nginx
state: started
enabled: True
- name: 启动php服务
service:
name: php-fpm
state: started
enabled: True
- name: 创建站点目录
file:
path: /code
owner: www
group: www
mode: 0755
state: directory
- name: 部署wordpress代码
unarchive:
src: /root/wordpress_ansible/wordpress/wordpress.tgz
dest: /code
owner: www
group: www
- name: 挂载nfs
mount:
src: 172.16.1.31:/data
path: /code/wordpress/wp-content/uploads
fstype: nfs
state: mounted
- hosts: db01
tasks:
- name: 安装数据库和连接插件
yum:
name:
- mariadb-server
- MySQL-python
state: present
- name: 推送数据库的配置文件
copy:
src: /root/wordpress_ansible/mariadb/my.cnf
dest: /etc
- name: 启动数据库
service:
name: mariadb
state: started
enabled: True
- name: 创建wordpress数据库
mysql_db:
name: wordpress
state: present
- name: 创建wordpress_user用户
mysql_user:
name: wordpress_user
password: '123'
host: '%'
priv: '*.*:ALL'
state: present
- name: 推送sql文件
copy:
src: /root/wordpress_ansible/mariadb/wp_ansible.sql
dest: /opt
- name: 导入数据
mysql_db:
name: wordpress
state: import
target: /opt/wp_ansible.sql
