Ansible剧本 playbook
Ansible剧本playbook
什么是playbook
playbook: 剧本,兵书之意
# playbook是由什么组成:
play:定义主机和角色 (主角,配角定义)
task:任务 (角色的台词和动作)
在playbook中一个play可以由多个task组成
# playbook语法:
yaml 语法
缩进 :每一层级,要缩进两个空格
冒号 : 除了以冒号结尾的内容,冒号后面都要加一个空格
横杠 :横杠后面要有空格 (python列表数据类型)
ansible写playbook后缀.yml或者yaml
saltstack写后缀.sls
playbook练习
安装http
# 1.创建工作目录
[root@m01 ~]# vim ansible/httpd.yml
- hosts: webs
tasks:
- name: install httpd
yum:
name: httpd
state: present
- name: start httpd
service:
name: httpd
state: started
enabled: yes
# 2.检测剧本语法
[root@m01 ~]# ansible-playbook --syntax-check ansible/httpd.yml
# 3.执行剧本
[root@m01 ~]# ansible-playbook ansible/httpd.yml
作业
1.nfs
2.rsync
3.nginx 要做共享存储
4.部署wordpress
环境准备
| 主机名 | AanIP | LanIP | 角色 | 应用 |
|---|---|---|---|---|
| mo1 | 10.0.0.61 | 172.16.1.61 | ansible管理机 | ansible |
| web01 | 10.0.0.7 | 172.16.1.7 | wordpress网站 | nginx、php、nfs |
| web02 | 10.0.0.8 | 172.16.1.8 | wordpress网站 | nginx、php、nfs |
| nfs | 10.0.0.31 | 172.16.1.31 | 共享存储 | nfs、rsync |
| backup | 10.0.0.41 | 172.16.1.41 | 实时同步备份 | nfs、rsync |
| db01 | 10.0.0.51 | 172.16.1.51 | 数据库 |
# 1.发送密钥到客户端
[root@m01 ~]# sh key.sh
[root@m01 ~]# cat key.sh
#!/bin/bash
. /etc/init.d/functions
ls -l ~/.ssh/id_rsa &>/dev/null || ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa &>/dev/null
for n in 7 8 31 41 51 ;do
sshpass -p 1 ssh-copy-id -o 'StrictHostKeyChecking no' -i ~/.ssh/id_rsa.pub root@10.0.0.$n &>/dev/null && \
action "10.0.0.$n send public key " /bin/true || \
action "10.0.0.$n send public key " /bin/false
done
# 2.配置主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[webs]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[backups]
backup ansible_ssh_host=10.0.0.41
nfs ansible_ssh_host=10.0.0.31
[dbs]
db01 ansible_ssh_host=10.0.0.51
# 3.写剧本
# 创建www用户
- hosts: all
tasks:
- name: group www
group:
name: www
gid: 666
- name: useradd www
user:
name: www
uid: 666
group: 666
shell: /sbin/nologin
create_home: false
# 下载nfs和rsync
- hosts: backups
tasks:
- name: 下载nfs和rsync
yum:
name: nfs-utils,rsync
# 配置nfs服务
- hosts: nfs
tasks:
- name: 配置nfs
file:
dest: /etc/exports
content: "/data 172.16.1.0/24(rw,sync,anonuid=666,anongid=666,all_squash)"
- name: 创建共享目录
file:
path: /data
owner: www
group: www
state: directory
- name: 启动服务并加入开机自启
service:
name: nfs
state: started
enabled: true
# 客户端下载nfs
- hosts: webs
tasks:
- name: 客户端下载nfs
yum:
name: nfs-utils
# 部署rsync配置
- hosts: backup
tasks:
- name: 部署rsync
copy:
src: /root/rsyncd.conf
dest: /etc/
- name: 创建服务端的密码文件
copy:
dest: /etc/rsync.pass
mode: 0600
content: "rsync_backup:123"
- name: 创建备份目录
file:
path: /backup
owner: www
group: www
state: directory
- name: 启动rsync并加入到开机自启
service:
name: rsyncd
state: started
enabled: yes
# 部署wordpress
- hosts: webs
tasks:
- name: 添加php第三方源
yum_repository:
name: php-webtatic
description: PHP Repository
baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/
gpgcheck: false
enabled: true
file: php
- name: 添加nginx源
yum_repository:
name: nginx-stable
description: "nginx stable repo"
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck: false
enabled: true
file: nginx
- name: 安装nginx
yum:
name: nginx
- name: 安装php
yum:
name: php71w,php71w-cli,php71w-common,php71w-devel,php71w-embedded,php71w-gd,php71w-mcrypt,php71w-mbstring,php71w-pdo,php71w-xml,php71w-fpm,php71w-mysqlnd,php71w-opcache,php71w-pecl-memcached,php71w-pecl-redis,php71w-pecl-mongodb
- name: 修改nginx运行用户
copy:
src: /etc/nginx/nginx.conf
dest: /etc/nginx/
- name: 修改php启动用户
copy:
src: /etc/php-fpm.d/www.conf
dest: /etc/php-fpm.d
- name: 启动PHP并加入开机自启
service:
name: php-fpm
state: started
enabled: true
- name: 配置nginx连接php
copy:
src: /etc/nginx/conf.d/wordpress.conf
dest: /etc/nginx/conf.d/
- name: 创建站点目录
file:
path: /movie
state: directory
owner: www
group: www
- name: 启动nginx
service:
name: nginx
state: started
enabled: true
# 部署web01wordpress
- hosts: web01
tasks:
- name: 将压缩包放入站点目录
unarchive:
src: /root/latest-zh_CN.tar.gz
dest: /movie
group: www
owner: www
# 部署数据库
- hosts: db01
tasks:
- name: 下载mysql
yum:
name: mariadb-server
- name: 启动mysql并加入开机自启
service:
name: mariadb
state: started
enabled: True
- name: 安装数据库需要的模块
yum:
name: MySQL-python
- name: 创建wordpress库
mysql_db:
login_port: 3306
name: "wordpress"
encoding: "utf8"
state: present
- name: 创建wordpress用户
mysql_user:
login_port: 3306
name: wp_user
password: 123
host: "172.16.1.%"
priv: "wordpress.*:ALL,GRANT"
state: present
- hosts: webs
tasks:
- name: nfs
mount:
path: /blog/wordpress/wp-content/uploads
src: 172.16.1.31:/data
fstype: nfs
state: mounted
浙公网安备 33010602011771号