playbooks 案例

一、playbooks 使用案例

1、安装redis并启动服务

# cat install_redis.yaml
- hosts: all
  remote_user: root
  tasks:
  - name: install redis
    yum: name=redis state=latest
  - name: start redis
    service: name=redis state=started

# ansible-playbook install_redis.yaml

2、安装redis，复制redis配置文件并启动服务，如配置文件发生变化，重启服务。

# cat second.yaml
- hosts: all
  remote_user: root
  tasks:
  - name: install redis
    yum: name=redis state=latest
  - name: copy config file
    copy: src=/root/playbooks/redis.conf dest=/etc/redis.conf owner=redis
    notify: restart redis
    tags: configfile
  - name: start redis
    service: name=redis state=started
  handlers:
  - name: restart redis
    service: name=redis state=restarted

# ansible-playbook second.yaml
# ansible-playbook -t configfile second.yaml

3、安装redis，复制redis配置文件并启动服务，如配置文件发生变化，重启服务。(template模板)

# cat second.yaml
- hosts: all
  remote_user: root
  tasks:
  - name: install redis
    yum: name=redis state=latest
  - name: copy config file
    template: src=/root/playbooks/redis.conf.j2 dest=/etc/redis.conf owner=redis
    notify: restart redis
    tags: configfile
  - name: start redis
    service: name=redis state=started
  handlers:
  - name: restart redis
    service: name=redis state=restarted

# grep "bind" redis.conf.j2

# By default, if no "bind" configuration directive is specified, Redis listens
# the "bind" configuration directive, followed by one or more IP addresses.
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
# internet, binding to all the interfaces is dangerous and will expose the
# following bind directive, that will force Redis to listen only into
bind {{ ansible_eth0.ipv4.address }}     # jinja模板
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# are explicitly listed using the "bind" directive.

4、通过变量安装服务

# cat forth.yaml
- hosts: all
  remote_user: root
  tasks:
  - name: install package {{ pkgname }}
    yum: name={{ pkgname }} state=latest

# 安装memcached服务，执行以下命令
# ansible-playbook -e pkgname=memcached forth.yaml -C

5、添加用户

# cat user.yaml
- hosts: all
  remote_user: root
  tasks:
  - name: add user
    user: name=mageedu system=no state=present
  - name: set password
    shell: echo mageedu | passwd --stdin mageedu

# ansible-playbook user.yaml -C
# ansible-playbook user.yaml 

6、变量（命令行变量、playbook变量、iventory变量）

# cat vars.yaml
- hosts: websrvs
  remote_user: root
  vars:
  - pbvar: playbook variable testing
  tasks:
  - name: command line variables
    copy: content={{ cmdvar }} dest=/tmp/cmd.var
  - name: playbook variables
    copy: content={{ pbvar }} dest=/tmp/pb.var
  - name: host iventory variables
    copy: content={{ http_port }} dest=/tmp/hi.var

# ansible-playbook -e 'cmdvar="command line"' vars.yaml

 7、安装apache服务，通过jinja模板增加监听端口

# cat mylisten.conf
Listen {{ http_port }}

# cat httpd.yaml
- hosts: websrvs
  remote_user: root
  tasks:
  - name: install httpd
    yum: name=httpd state=latest
  - name: install config file
    template: src=/root/playbooks/mylisten.conf dest=/etc/httpd/conf.d/mylisten.conf
    notify: restart httpd
  - name: start httpd
    service: name=httpd state=started
  handlers:
  - name: restart httpd
    service: name=httpd state=restarted

# cat /etc/ansible/hosts
[websrvs]
192.168.56.15 http_port=8080
192.168.56.16 http_port=10080

8、安装NFS Server

1、安装
2、配置
    用户
    /data
3、启动


# cat nfs.yml 
---
- hosts: web3
  tasks:
    - name: Install NFS-utils Server
      yum: name=nfs-utils state=present

    - name: Configure NFS-utils Server
      copy: src=./exports.j2 dest=/etc/exports owner=root group=root mode=0644

    - name: Create NFS Group
      group: name=www gid=2001

    - name: Create NFS User
      user: name=www uid=2001 group=www create_home=no shell=/sbin/nologin

    - name: Create Data Directory
      file: path=/data state=directory owner=www group=www mode=0755 recurse=yes

    - name: Start NFS Server
      systemd: name=nfs state=started enabled=yes

- hosts: web2
  tasks:
    - name: Mount NFS Server
      mount: path=/opt src=192.168.51.103:/data fstype=nfs opts=defaults state=mounted


# cat exports.j2 
/data 192.168.51.0/24(rw,sync,all_squash,anonuid=2001,anongid=2001)

9、使用AnsiblePlaybook方式构建LAMP架构，具体操作步骤如下

1.使用yum安装 httpd、php、php-mysql、mariadb、firewalld等
2.启动httpd、firewalld、mariadb等服务
3.添加防火墙规则，放行http的流量，并永久生效 
4.使用get_url下载 http://fj.xuliangwei.com/public/index.php 文件

# cat lamp.yml 
---
- hosts: webserver
  tasks:
    - name: Install Web Server
      yum: name=httpd,mariadb-server,php,php-mysql,php-pdo state=present

    - name: Start Web Server
      systemd: name=httpd state=started

    - name: Start Mariadb Server
      systemd: name=mariadb state=started

    - name: Get Wordpress
      unarchive: src=./wordpress-5.0.3-zh_CN.tar.gz dest=/var/www/html/ copy=yes mode=0755

#    - name: Copy Index.php
#      copy: src=./index.php.j2 dest=/var/www/html/index.php

#    - name: Get Url index.php
#      get_url: url="http://fj.xuliangwei.com/public/index.php" dest=/var/www/html/index.php

 10、使用AnsiablePlaybook批量增加用户

# cat user.yml 
---
- hosts: webserver
  tasks:
    - name: add users user1,user2,user3
      user: name={{ item.name }} groups={{ item.groups }} password="{{'$6$salt$MktMKPZJ6t59GfxcJU20DwcwQzfMvOlHFVZiOVD71w.igcOo1R7vBYR65JquIQ/7siC7VRpmteKvZmfSkNc69.'}}" state=present
      with_items:
        - { name: 'user1', groups: 'srp' }
        - { name: 'user2', groups: 'srp' }