Ansible playbook

1.什么是playbook

  • playbook :定义一个文本文件,以yml为后缀结尾,那playbook组成如下、
  • play:定义的是主机的角色
  • task: 定义的是具体执行的任务
  • 总结:playbook是由一个或多个play组成,一个play可以包含多个task任务。
  • 可以理解为:使用不同的模块来共同完成一件事情

playbook 剧本 <---------文件 YAML

  • play 找谁 <----------找那个主机 web01
  • task 做什么 <----------- 干什么事情 yum copy service

2.playbook和AD-HOc区别

  • playbook 是对AD-HOC 的一种编排方式
  • playbook 可以持久运行,而AD-HOC 只能临时运行
  • playbook 适合复杂任务,而AD-HOC适合做简单的任务
  • playbook能控制任务执行的先后顺序

3.playbook 三板斧缩进 冒号 短横线语法格式)

语法 描述
缩进 YAML 使用固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用tabs
冒号 以冒号结尾的除外,其他所有冒号后面所有必须有空格
短横线 表示列表项,使用一个短横线加一个空格,多个项使用同样的缩进级别作为同一列表
  • 示例 在/tmp 目录下创建123.txt 属主 root 属组 root 权限0600
- hosts: webservers
  tasks:
    - name: create New File
      file: path=/tmp/123.txt state=touch  owner=root group=root mode=0600
    - name: create New File2
      file:
        path: /tmp/789.txt
        state: touch
        owner: root
        group: root
        mode: 0666

[root@m01 project]# ansible-playbook  --syntax f1.yml  -i hosts
 测试代码是否正确
ansible-playbook -C f1.yml -i hosts
测试环境

4.playbook 写服务 (NFS HTTPD Nginx LAMP)

  • 案列一 使用ansible playbook安装并配置nfs服务
#172.16.1.31  nfs
#172.16.1.7   server
#172.16.1.8   cliniet

 
#1. 新增一台nfs服务器
vim ./project/hosts
[webservers]
172.16.1.7
172.16.1.8

[nfsservers]
172.16.1.31
[root@m01 project]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41

#2. 测试三台主机是否通
[root@m01 project]# ansible all -m ping -i hosts
#3.编写一个nfs-sever的yml
1. 安装nfs      yum
2. 配置nfs 	  copy
3.初始化环境     
		用户     	group user 
		目录     	file
		授权  	file
4. 启动服务		   systemd
[root@m01 project]# cat backup/nfs_server.yml 
- hosts:  nfsservers
  tasks:
    - name:  installed nfs server
      yum:
        name:  nfs-utils
        state:  present
        
    - name:  configure nfs server
      copy:  
        src:  ./file/exports.j2
        dest:  /etc/exports
        owner:  root
        group:  root
        mode:  0644
        backup:  yes
        
    - name:  create nfs group www
      group:  
        name:  www
        gid:  666

    - name:   create nfs user www  
      user:  
        name:  www
        group:  www
        uid:  666
        create_home:  no
        shell:  /sbin/nologin
        
    - name:  create  nfs directory 
      file:
        path:  /ansible_data
        state:  directory
        owner:  www
        group:  www
        mode:  0755
        recurse:  yes
        0
    - name:  systemd nfs server
      systemd:
        name:  nfs
        state:  restarted
        enabled:  yes		

scp -rp /etc/exports root@172.16.1.61 :/root/project/file/exports.j2
#4.编写一个nfs-client的yml
[root@m01 project]# vim backup/nfs_client.yml 

- hosts:  webservers
  tasks:
    - name:  mount nfs server server share directory
      mount:
        src:  172.16.1.31:/ansible_data
        path:  /mnt
        fstype:  nfs
        opts:  defaults
        state:  mounted
                         

  • 案列二 使用ansible playbook安装并配置nginx服务
1.安装                   yum

2.配置                   copy

3.启动                   systemd

[root@m01 project]# vim httpd_server.yml +17

- hosts: webservers
  tasks:
    - name: install nginx server
      yum:
        name: nginx
        state: present
    - name: cohfig nginx server
      copy:
        src: ./file/nginx.j2
        dest: /etc/nginx/nginx.conf
        owner: root
        grep:  root
        mode:  0644
        backup: yes
      notify: RESTATR NGINX SERVER
    - name: sytemd nginx server
      systemd:
        name: nginx
        state: started
  handlers:
    - name: RESTART NGINX SERVER
      systemd:
        name: nginx
        state: restarted
scp -rp /etc/nginx/nginx.conf root@172.16.1.61:/root/project/file/nginx.j2
  • -案列三 使用Ansible playbook方式构建lap架构
1.使用yum 安装httpd php firewalld 

2.使用get_url 下载 http://fj.xuliangwei.com/public/index.php

3.启动httpd firewalld 等服务

4.添加防火墙规则 放行httpd的流量,并永久生效

[root@m01 project]# cat backup/kedao_server.yml 
- hosts:  web
  tasks:  
    - name:  install  php server
      yum:  
        name:  php
        state:  present
    - name:  install  http server
      yum:  
        name:  httpd
        state: present
    - name:  config http services
      get_url:
        url:  http://fj.xuliangwei.com/public/index.php
        dest:  /var/www/html/index.php
        mode:  0644
    - name:  systemd httpd server
      systemd:  
        name:  httpd
        state:  restarted
    - name:  systemd firewalld server
      systemd:
        name:  firewalld
        state:  restarted
    - name:  configure firewalld roule
      firewalld:
        service:  http
        state:  enabled

  • 案列4 使用Ansible playbook方式构建可道云网盘 LAP 架构
- hosts: web
  tasks:
    - name: Installed Httpd Server
      yum:
        name: httpd
        state: present

    - name: Installed PHP Server
      yum:
        name: php
        state: present

    - name: Get kodcloud Code
      synchronize:
        src: ./file/kod
        dest: /var/www/html/kodcloud

    - name: Chomod kodcloud
      file:
        path: /var/www/html/
        owner: root
        group: root
        mode: 0777
        recurse: yes

    - name: Systemd Httpd Server
      systemd:
        name: httpd
        state: restarted


  • 案列5 使用ansible playbook方式构建可道云网盘 LNP架构

    - hosts: web
      tasks:
    
         #1.配置yum源仓库 nginx php
        - name: Installed Nginx repo
          yum_repository:
            name: nginx
            description: nginx repos
            baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
            gpgcheck: no
    
         #2.配置yum源仓库 php
        - name: Installed PHP repo
          yum_repository:
            name: webtatic-php
            description: php repos
            baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/ 
            gpgcheck: no
    
        #3.安装nginx和php
        - name: Installed Nginx and PHP Packages
          yum:
            name: "{{ packages }}"
          vars:
            packages: 
              - nginx
              - php71w
              - php71w-cli
              - php71w-common
              - php71w-devel
              - php71w-gd
              - mod_php71w
              - php71w-fpm
              - php71w-opcache
    
        #4.创建程序启动的用户身份
        - name: Create Group www
          group:
            name: www
            gid: 666
    
        - name: Create User www
          user:
            name: www
            group: www
            uid: 666
            create_home: no
            shell: /sbin/nologin
    
         #5.管理nginx配置文件
        - name: Configure nginx.conf 
          copy:
            src: ./file/nginx.conf.j2
            dest: /etc/nginx/nginx.conf
          notify: Restart Nginx Server
         
         #6.管理php-fpm配置文件
        - name: Configure php-fpm.conf
          copy:
            src: ./file/php-www.conf.j2
            dest: /etc/php-fpm.d/www.conf
          notify: Restart PHP-FPM Server
    
         #6.添加kodcloud虚拟主机(检测语法)
        - name: Add Nginx VirtHost kod.oldxu.com
          copy:
            src: ./file/kold.oldxu.com.conf.j2
            dest: /etc/nginx/conf.d/kold.oldxu.com.conf
          notify: Restart Nginx Server
    
        - name: Init Nginx BseEnv
          file:
            path: /code
            state: directory
            owner: www
            group: www
            recurse: yes
    
        - name: Push KodCloud Code
          synchronize:
            src: ./file/kod
            dest: /code/
    
        - name: Chomod kodcloud
          file:
            path: /code
            owner: www
            group: www
            mode: 0777
            recurse: yes
    
        - name: Systemd Nginx Server
          systemd:
            name: nginx
            state: started
            enabled: yes
    
        - name: Systemd PHP-FPM Server
          systemd:
            name: php-fpm
            state: started
            enabled: yes
            
    
    #当nginx或php配置文件发生变更才会触发此操作
      handlers:
        - name: Restart Nginx Server
          systemd:
            name: nginx
            state: restarted
    
        - name: Restart PHP-FPM Server
          systemd:
            name: php-fpm
            state: restarted
    
posted @ 2019-10-11 00:15  爱可耐  阅读(411)  评论(0编辑  收藏  举报