什么是playbook
playbook:剧本,兵书之意
playbook是由什么组成:
play:定义主机和角色(主角,配角定义)
task:任务(角色的台词和动作)
在playbook中一个play可以由多个task组成
playbook语法:
yaml
语法
- 缩进:每一个层级,要缩进两个空格
- 冒号:除了以冒号结尾的内容,冒号后面都要加一个空格
- 横杠:横杠后面要有空格(Python 列表数据类型)
- hosts: web ## play部分,指定要执行的主机
remote_user: root ## 以root身份执行 (默认)
tasks: ## 定义任务
- name: install httpd ## 给任务起名
yum: ## 模块
name: ## 动作
- httpd
- php
state: present
- name: configure httpd conf
copy:
src: /root/web/httpd.conf
dest: /etc/httpd/conf
ansible 写playbook后缀 .yml 或者 .yaml
saltstack 写sls文件 后缀 .sls
playbook小练习
安装httpd
# 1.创建工作目录
[root@m01 ~]# mkdir /root/ansible
# 2.编写httpd剧本
[root@m01 ansible]# vim httpd.yml
- hosts: web
tasks:
- name: install httpd
yum:
name: httpd
state: present
# 3.执行剧本
[root@m01 ansible]# ansible-playbook httpd.yml
## 检测剧本语法
[root@m01 ansible]# ansible-playbook --syntax-check httpd.yml
## 测试执行
[root@m01 ansible]# ansible-playbook -C httpd.yml
启动httpd并加入开机自启
[root@m01 ansible]# vim httpd.yml
- hosts: web
tasks:
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
systemd:
name: httpd
state: started
enabled: yes
编写http前端页面
[root@m01 ansible]# vim httpd.yml
- hosts: web
tasks:
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
systemd:
name: httpd
state: started
enabled: yes
- name: httpd01 index.html
copy:
content: jinnan01
dest: /var/www/html/index.html
不同的主机配置不同的网站
目前来说,想要根据不同主机配置不同的网站,我们可以使用多个play的方式,但是在生产环境中,我们需要写循环,来满足我们的需求,多个play了解即可
[root@m01 ansible]# vim httpd.yml
- hosts: web
tasks:
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
systemd:
name: httpd
state: started
enabled: yes
- hosts: web01
tasks:
- name: httpd01 index.html
copy:
content: jinnan01
dest: /var/www/html/index.html
- hosts: web02
tasks:
- name: httpd02 index.html
copy:
content: jinnan02
dest: /var/www/html/index.html
#######
- 主机s: 指定主机
任务s:
- 名字: 给任务起个名字
模块:
动作1: 值value
动作2: 值value
动作3: 值value
动作4: 值value
- 主机s: 指定主机
任务s:
- 名字: 给任务起个名字
模块:
动作1: 值value
动作2: 值value
动作3: 值value
动作4: 值value
playbook实战
1.部署rsync
2.部署nfs
3.部署httpd,载上传作业的目录
环境准备
主机名 | WanIP | LanIP | 角色 | 应用 |
m01 | 10.0.0.61 | 172.16.1.61 | Ansible管理机 | ansible |
backup | 10.0.0.41 | 172.16.1.41 | 实时同步 | rsync、nfs |
nfs | 10.0.0.31 | 172.16.1.31 | 共享存储 | rsync、nfs |
web01 | 10.0.0.7 | 172.16.1.7 | 作业网站 | httpd、php、nfs |
web02 | 10.0.0.8 | 172.16.1.8 | 作业网站 | httpd、php、nfs |
前戏准备
# zuoye代码压缩包
# rsync配置文件
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
# httpd配置文件
User www
Group www
# 主机清单
[root@m01 ansible]# vim /etc/ansible/hosts
[web]
web01 ansible_ssh_host=10.0.0.7 ansible_ssh_port=22
web02 ansible_ssh_host=10.0.0.8
[backup_nfs]
backup ansible_ssh_host=10.0.0.41 ansible_ssh_port=22
nfs ansible_ssh_host=10.0.0.31 ansible_ssh_port=22
# 推送公钥
[root@m01 <sub>]# vim tsjiaoben.sh
. /etc/init.d/functions
ls -l </sub>/.ssh/id_rsa &>/dev/null || ssh-keygen -t rsa -P '' -f <sub>/.ssh/id_rsa &>/dev/null
for n in 7 8 31 41;do
sshpass -p 1 ssh-copy-id -o 'StrictHostKeyChecking no' -i </sub>/.ssh/id_rsa.pub root@10.0.0.$n &>/dev/null && \
action "10.0.0.$n send public key " /bin/true || \
action "10.0.0.$n send public key " /bin/false
done
## 详情参照:部署rsync、nfs作业
[root@m01 ansible]# cat rsync_nfs.yml
- hosts: all
tasks:
- name: group www
group:
name: www
gid: '666'
- name: user www
user:
name: www
uid: '666'
group: '666'
shell: /sbin/nologin
create_home: no
- hosts: backup_nfs
tasks:
- name: reync nfs
yum:
name:
- rsync
- nfs-utils
- hosts: backup
tasks:
- name: copy rsync.conf
copy:
src: /root/rsyncd.conf
dest: /etc
- name: backup passwd
copy:
content: rsync_backup:123456
dest: /etc/rsync.passwd
mode: 0600
- name: /backup
file:
path: /backup
owner: www
group: www
state: directory
- name: systemd rstnc
systemd:
name: rsyncd
state: started
enabled: yes
- hosts: nfs
tasks:
- name: nfs pass
copy:
content: 123456
dest: /etc/rsync.pass
mode: 0600
- hosts: backup_nfs
tasks:
- name: NFS conf
copy:
content: "/data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)"
dest: /etc/exports
- name: gongxiang mul data
file:
path: /data
owner: www
group: www
state: directory
- name: systemd nfs
systemd:
name: nfs
state: started
enabled: yes
- hosts: web
tasks:
- name: nfs httpf php
yum:
name:
- nfs-utils
- httpd
- php
- name: httpd conf
copy:
src: /root/httpd.conf
dest: /etc/httpd/conf/httpd.conf
- name: zuoye web
copy:
src: /root/zuoye_modify(httpd).zip
dest: /var/www/html/
- name: XF
unarchive:
src: /var/www/html/zuoye_modify(httpd).zip
dest: /var/www/html/
remote_src: yes
- name: user_data
file:
path: /var/www/html/user_data
state: directory
owner: www
group: www
- name: systemd httpd
systemd:
name: httpd
state: started
enabled: yes
- name: mount data
mount:
path: /var/www/html/user_data
src: 172.16.1.31:/data
fstype: nfs
state: mounted