架构期day25-Ansible实战--定义变量

Ansible playbook 实战

一、基础准备

#1.安装ansible
[root@m01 ~]# yum install -y ansible

#2.配置ansible
[root@m01 ~]# vim /etc/ansible/ansible.cfg
host_key_checking = False

#3.配置主机清单
[root@m01 ~]# vim /etc/ansible/hosts 
[lb_server]
lb01 ansible_ssh_pass='1'
lb02 ansible_ssh_pass='1'

[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'

[nfs_server]
nfs ansible_ssh_pass='1'

[rsync_server]
backup ansible_ssh_pass='1'

[db_server]
db01 ansible_ssh_pass='1'

[nginx:children]
web_group
lb_server

#4.配置hosts
[root@m01 ~]# vim /etc/hosts
10.0.0.4 lb01
10.0.0.5 lb02
10.0.0.7 web01
10.0.0.8 web02
10.0.0.31 nfs
10.0.0.41 backup
10.0.0.51 db01

#5.创建统一目录
[root@m01 ~]# mkdir /project
[root@m01 ~]# cd /project/

二、编写剧本实例

1.第一部分:所有服务器优化

[root@m01 project]# cat base.yml 
- hosts: all
  tasks:
    - name: Stop Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: no

    - name: Stop Selinux
      selinux:
        state: disabled

    - name: Create www Group
      group:
        name: www
        gid: 666
        state: present

    - name: Create www User
      user:
        name: www
        uid: 666
        group: www
        shell: /sbin/nologin
        create_home: false
        state: present

2.第二部分:nginx部分

1)安装方式

#源码包安装方式
1.上传包
2.解压
unarchive
3.生成
shell
4.编译
shell
5.安装
shell

#官方源方式
1.配置官方源
2.推送官方源
copy
3.安装nginx
yum

#rpm包的方式
1.上传包
2.推送包
copy
3.安装包
yum

2)准备工作

#1.准备nginx的rpm包
[root@m01 project]# mkdir package
[root@m01 project]# cd package/
[root@m01 package]# rz
[root@m01 package]# ll
total 768
-rw-r--r-- 1 root root 784272 Dec 10 09:13 nginx-1.16.1-1.el7.ngx.x86_64.rpm

#2.准备nginx配置文件
[root@m01 package]# vim /etc/nginx/nginx.conf 
user  www;

3)编写剧本

[root@m01 project]# cat nginx.yml 
- hosts: nginx
  tasks:
    - name: Push nginx rpm
      copy:
        src: /project/package/nginx-1.16.1-1.el7.ngx.x86_64.rpm
        dest: /tmp/

    - name: Install Nginx Server
      yum:
        name: /tmp/nginx-1.16.1-1.el7.ngx.x86_64.rpm
        state: present

    - name: Config Nginx Server
      copy:
        src: /etc/nginx/nginx.conf
        dest: /etc/nginx/

    - name: Start Nginx Server
      systemd:
        name: nginx
        state: started

3.第三部分:PHP部分

1)准备工作

#1.准备php的安装包
[root@m01 package]# rz
[root@m01 package]# ll
total 20192
-rw-r--r-- 1 root root   784272 Dec 10 09:13 nginx-1.16.1-1.el7.ngx.x86_64.rpm
-rw-r--r-- 1 root root 19889622 Nov 22 15:52 php.tar.gz

#2.准备配置文件
[root@m01 project]# mkdir conf
[root@m01 project]# mv /etc/php.ini conf/
[root@m01 project]# cp /etc/php-fpm.d/www.conf conf/
[root@m01 project]# vim conf/php.ini
upload_max_filesize = 200M
post_max_size = 300M
[root@m01 project]# vim conf/www.conf 
user = www
group = www

2)编写剧本

[root@m01 project]# vim php.yml
- hosts: web_group
  tasks:
    - name: Tar php Package
      unarchive:
        src: /project/package/php.tar.gz
        dest: /tmp/

    - name: Install php Server
      shell: "yum localinstall -y /tmp/*.rpm"

    - name: Config php Server
      copy:
        src: /project/conf/php.ini
        dest: /etc/

    - name: Config php Server
      copy:
        src: /project/conf/www.conf
        dest: /etc/php-fpm.d/

    - name: Start php Server
      systemd:
        name: php-fpm
        state: started

4.第四部分:配置wordpress网站

1)准备工作

#1.准备wordpress包
[root@m01 ~]# cd /project/package/
[root@m01 package]# rz
[root@m01 package]# ll
total 31032
-rw-r--r-- 1 root root   784272 Dec 10 09:13 nginx-1.16.1-1.el7.ngx.x86_64.rpm
-rw-r--r-- 1 root root 19889622 Nov 22 15:52 php.tar.gz
-rw-r--r-- 1 root root 11098483 Sep 12 17:52 wordpress-5.0.3-zh_CN.tar.gz

#2.准备wordpress配置文件
[root@m01 project]# vim conf/linux.wp.com.conf
server {
    listen 80;
    server_name linux.wp.com;
    root /code/wordpress;
    index index.php;

    location ~* \.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

2)编写剧本

[root@m01 project]# cat wordpress.yml 
- hosts: web_group
  tasks:
    - name: Create code Dir
      file:
        path: /code
        state: directory

    - name: Tar wordpress Code
      unarchive:
        src: /project/package/wordpress-5.0.3-zh_CN.tar.gz
        dest: /code/

    - name: Config wordpress DB
      copy:
        src: /project/conf/wp-config.php
        dest: /code/wordpress

    - name: Chown Code Dir
      file:
        path: /code
        state: directory
        owner: www
        group: www
        recurse: yes

    - name: Config Nginx wordpress
      copy:
        src: /project/conf/linux.wp.com.conf
        dest: /etc/nginx/conf.d/

    - name: Restart Nginx Server
      systemd:
        name: nginx
        state: restarted

5.第五部分:mariadb部分

1)MySQL相关模块

#1.mysql_db 模块
- name: Create a new database with name 'bobdata'
  mysql_db:
    name: bobdata			#库的名字
    state: 
    	present				#创建库
    	import				#导入数据库
    	dump				#导出数据库
    target: /tmp/dump.sql	  #导入或导出的数据库文件
    
#2.mysql_user 模块
- name: Create database user with name 'bob' and password '12345' with all database privileges
  mysql_user:
    name: bob			#用户名
    host: 172.16.1.%	#用户连接的主机
    password: 12345		#用户密码
    priv: '*.*:ALL'		#用户权限
    state: 
    	present			#创建用户
    	absent			#删除用户
    
grant all privileges on *.* to bob@'172.16.1.%' identified by '12345'

1)编写剧本

[root@m01 project]# cat mariadb.yml 
- hosts: db01
  tasks:
    - name: Install Mariadb Server
      yum:
        name: mariadb-server
        state: present

    - name: Start Mariadb Server
      systemd:
        name: mariadb
        state: started
        enabled: yes

    - name: Create wordpress Database
      mysql_db:
        name: wordpress
        state: present

    - name: Create wordpress Database User
      mysql_user:
        name: wp
        host: 172.16.1.%
        password: 123456
        priv: 'wordpress.*:ALL'
        state: present

6.整合后的剧本

[root@m01 project]# cat blog.yml 
- hosts: all
  tasks:
    - name: Stop Firewalld
      systemd:
        name: firewalld
        state: stopped
        enabled: no

    - name: Stop Selinux
      selinux:
        state: disabled

    - name: Create www Group
      group:
        name: www
        gid: 666
        state: present

    - name: Create www User
      user:
        name: www
        uid: 666
        group: www
        shell: /sbin/nologin
        create_home: false
        state: present

- hosts: nginx
  tasks:
    - name: Push nginx rpm
      copy:
        src: /project/package/nginx-1.16.1-1.el7.ngx.x86_64.rpm
        dest: /tmp/

    - name: Install Nginx Server
      yum:
        name: /tmp/nginx-1.16.1-1.el7.ngx.x86_64.rpm
        state: present

    - name: Config Nginx Server
      copy:
        src: /etc/nginx/nginx.conf
        dest: /etc/nginx/

    - name: Start Nginx Server
      systemd:
        name: nginx
        state: started

- hosts: web_group
  tasks:
    - name: Tar php Package
      unarchive:
        src: /project/package/php.tar.gz
        dest: /tmp/

    - name: Install php Server
      shell: "yum localinstall -y /tmp/*.rpm"

    - name: Config php Server
      copy:
        src: /project/conf/php.ini
        dest: /etc/

    - name: Config php Server
      copy:
        src: /project/conf/www.conf
        dest: /etc/php-fpm.d/

    - name: Start php Server
      systemd:
        name: php-fpm
        state: started

- hosts: web_group
  tasks:
    - name: Create code Dir
      file:
        path: /code
        state: directory

    - name: Tar wordpress Code
      unarchive:
        src: /project/package/wordpress-5.0.3-zh_CN.tar.gz
        dest: /code/

    - name: Config wordpress DB
      copy:
        src: /project/conf/wp-config.php
        dest: /code/wordpress

    - name: Chown Code Dir
      file:
        path: /code
        state: directory
        owner: www
        group: www
        recurse: yes

    - name: Config Nginx wordpress
      copy:
        src: /project/conf/linux.wp.com.conf
        dest: /etc/nginx/conf.d/

    - name: Restart Nginx Server
      systemd:
        name: nginx
        state: restarted

- hosts: db01
  tasks:
    - name: Install Mariadb Server
      yum:
        name: mariadb-server
        state: present

    - name: Install MySQL-python Server
      yum:
        name: MySQL-python
        state: present

    - name: Start Mariadb Server
      systemd:
        name: mariadb
        state: started
        enabled: yes

    - name: Create wordpress Database
      mysql_db:
        name: wordpress
        state: present

    - name: Create wordpress Database User
      mysql_user:
        name: "wp"
        host: "172.16.1.%"
        password: "123456"
        priv: 'wordpress.*:ALL'
        state: present

Ansible 变量

一、变量的介绍

1.概述

变量提供了便捷的方式来管理Ansible playbook的每一个项目中的动态值,比如nginx-1.6.3这个软件包的版本,在其它地方或许会反复使用,那么如果将此值设置为变量,然后再在其他的playbook中调用,会方便许多。如此一来还方便维护,减少维护的成本。

2.定义变量的方式

1.通过命令行进行变量定义
2.在play文件中进行变量定义
3.通过Inventory主机清单中进行变量定义
4.通过vars_file定义变量
5.通过hosts_vars和group_vars定义变量

#变量的优先级
如果在定义变量时,变量冲突了
在上述的三个地方分别设置了:
    1.命令行中:age=11
    2.play文件中:age=12
    3.Inventory中:age=13
	那么,最终的age结果一定是 11
	变量的读取优先级:命令行 > playbook文件 > Inventory文件

#变量设置:命名时,应该由字母,数字,下划线组成,必须由字母开头

二、变量的定义

1.在playbook文件中进行变量定义

1)方式一:在模块下定义变量

[root@m01 project]# vim yum.yml
- hosts: db01
  tasks:
    - name: Installed http Server
      yum:
        name: "{{ packages }}"
      vars:
        packages:
          - httpd
          - httpd-tools

#问题:
	1.如果将变量设置到模块下,那么其他的name是不识别的

2)方式二:在hosts下定义变量

[root@m01 project]# vim yum.yml
- hosts: db01
  vars:
    packages:
      - httpd
      - httpd-tools
  tasks:
    - name: Installed http Server
      yum:
        name: "{{ packages }}"

    - name: Mkdir Dir
      file:
        path: /tmp/{{ packages }}
        state: directory

#问题:
	1.创建目录时可能会出现格式转换问题
	2.如果将变量设置到hosts下,那么其他的hosts是不识别的

3)方式三:在hosts下面定义多个变量

[root@m01 project]# vim yum.yml 
- hosts: db01
  vars:
    packages:
      - httpd
      - httpd-tools
    dbs:
      - mariadb-server
      - MySQL-python
  tasks:
    - name: Installed http Server
      yum:
        name: "{{ packages }}"

    - name: Installed Mariadb Server
      yum:
        name: "{{ dbs }}"

2.通过vars_file定义变量

刚才我们学到在playbook中使用vars定义变量,有一个缺陷,就是其他的playbook无法使用该变量。所以我们可以采取第二种定义变量的方式,在vars_file中定义变量。

1)准备变量文件

[root@m01 project]# mkdir vars
[root@m01 project]# cd vars/
[root@m01 vars]# vim vars.yml 
packages: httpd
dbs: mariadb-server

2)调用变量文件

[root@m01 project]# vim yum.yml 
- hosts: db01
  vars_files: /project/vars/vars.yml
  tasks:
    - name: Installed http Server
      yum:
        name: "{{ packages }}"

- hosts: db01
  vars_files: /project/vars/vars.yml
  tasks:
    - name: Installed http Server
      yum:
        name: "{{ dbs }}"

3.通过Inventory主机清单中进行变量定义

1)配置主机清单

[root@m01 project]# vim /etc/ansible/hosts 
... ...
[db_server]
db01 ansible_ssh_pass='1'

[db_server:vars]
web=suibianshezhideneirong

2)调用变量

[root@m01 project]# vim yum.yml 
- hosts: db_server
  tasks:
    - name: Touch File
      file:
        path: /tmp/{{ web }}
        state: touch

#注意:
	1.主机清单中定义变量,只要hosts配置的是主机清单中设置变量的组,可以直接使用变量
	2.如果hosts配置的不是主机清单中设置变量的组,变量不可识别

3)主机清单定义变量注意

1.设置主机清单的变量
[root@m01 project]# vim /etc/ansible/hosts
[lb_server]
lb01 ansible_ssh_pass='1'
lb02 ansible_ssh_pass='1'

[web_group]
web01 ansible_ssh_pass='1'
web02 ansible_ssh_pass='1'

[nginx:children]
web_group
lb_server

[nginx:vars]
web=nginx_group

[web_group:vars]
web=nginx_host

2.主机组定义的变量优先级高于整合组定义的变量
3.主机定义的变量优先级高于主机组定义的变量

4.通过hosts_vars和group_vars定义变量

之前的几种变量定义都不是很好用,比较好用的是在Ansible项目目录下创建两个变量目录:
host_vars
group_vars
切记,目录名字一定要一致,不能做任何修改。

1)主机组定义变量

#1.创建主机组变量的目录,不能改名字
[root@m01 project]# mkdir group_vars

#2.目录下创建变量文件,文件的名字要跟主机清单中主机组名字一致
[root@m01 project]# cd group_vars/
[root@m01 group_vars]# vim web_group
file: group_vars

#3.调用变量
[root@m01 project]# vim test.yml 
- hosts: web_group
  tasks:
    - name: Touch File
      file:
        path: /tmp/{{ file }}
        state: touch
        
#4.注意:
	1.只要剧本中的hosts与设置变量的主机组名字相同,就可以直接使用变量

2)主机定义变量

#1.创建主机变量的目录,不能改名字
[root@m01 project]# mkdir host_vars

#2.目录下创建变量文件,文件的名字要跟主机清单中主机名字一致
[root@m01 project]# vim host_vars/web01
file: host_vars

#3.调用变量
[root@m01 project]# vim test.yml 
- hosts: web_group
  tasks:
    - name: Touch File
      file:
        path: /tmp/{{ file }}
        state: touch

#4.执行
[root@m01 project]# ansible-playbook test.yml

#5.查看执行结果
[root@web01 ~]# ll /tmp/
total 0
-rw-r--r--. 1 root root 0 Dec 22 17:35 host_vars
[root@web02 ~]# ll /tmp/
total 0
-rw-r--r-- 1 root root 0 Dec 22 17:35 group_vars

#6.注意:
	1)主机组定义的变量优先级高于整合组定义的变量
	2)主机定义的变量优先级高于主机组定义的变量

5.命令行定义变量(命令行 -e 设置变量)

1)查看剧本文件

[root@m01 project]# cat test.yml 
- hosts: web_group
  tasks:
    - name: Touch File
      file:
        path: /tmp/{{ file }}
        state: touch

2)命令行指定变量执行

[root@m01 project]# ansible-playbook test.yml -e "file=minglinghang"

3)查看远端文件

[root@web01 ~]# ll /tmp/
total 0
-rw-r--r--. 1 root root 0 Dec 22 17:41 minglinghang

[root@web02 ~]# ll /tmp/
total 0
-rw-r--r-- 1 root root 0 Dec 22 17:41 minglinghang

4)修改剧本

[root@m01 project]# vim test.yml 
- hosts: web_group
  tasks:
    - name: Touch File
      file:
        path: /tmp/{{ file }}
        state: touch

    - name: Touch File
      file:
        path: /tmp/{{ file2 }}
        state: touch

5)命令行指定多个变量

[root@m01 project]# ansible-playbook test.yml -e "file=command" -e "file2=command2"

6.直接使用内置变量

#使用内置变量创建目录,目录格式为 主机名_IP_时间
[root@m01 project]# vim test.yml 
- hosts: web_group
  tasks:
    - name: Touch File
      file:
        path: /backup/{{ ansible_fqdn }}_{{ ansible_eth1.ipv4.address }}_{{ ansible_date_time.date }}
        state: directory
posted @ 2022-06-09 18:19  秋风お亦冷  阅读(48)  评论(0)    收藏  举报