ansible yml playbook

写ping的yml文件

[root@ansible ~]# vim ping.yml
---
- hosts: all
remote_user: root
tasks:
- ping:

[root@ansible ~]# ls
ping.yml

[root@ansible ~]# ansible-playbook ping.yml
显示如下：
PLAY [all] **********************************************************************************************

TASK [Gathering Facts] **********************************************************************************
ok: [web2]
ok: [db1]
ok: [web1]
ok: [cache]
ok: [db2]

TASK [ping] *********************************************************************************************
ok: [web2]
ok: [web1]
ok: [db1]
ok: [db2]
ok: [cache]

PLAY RECAP **********************************************************************************************
cache : ok=2 changed=0 unreachable=0 failed=0
db1 : ok=2 changed=0 unreachable=0 failed=0
db2 : ok=2 changed=0 unreachable=0 failed=0
web1 : ok=2 changed=0 unreachable=0 failed=0
web2 : ok=2 changed=0 unreachable=0 failed=0
###############################################################################
查找有关user的模块说明，找到EXAMPLES举例，看用法

[root@ansible ~]# ansible-doc user
... ...
EXAMPLES:
# Add the user 'johnd' with a specific uid and a primary group of 'admin'
- user:
name: johnd
comment: "John Doe"
uid: 1040
group: admin
###############################################################################
查找有关shell的模块说明，找到EXAMPLES举例，看用法

[root@ansible ~]# ansible-doc shell
... ...
EXAMPLES:
- name: Execute the command in remote shell; stdout goes to the specified file on the remote.
shell: somescript.sh >> somelog.txt
###############################################################################
写创建用户plj的yml文件

[root@ansible ~]# vim user.yml
---
- hosts: db
remote_user: root
tasks:
- user:
name: plj
- shell: echo 123|passwd --stdin plj
- shell: chage -d 0 plj

[root@ansible ~]# ls
ping.yml user.yml
###############################################################################
tasks下面的name是注释，比如：
[root@ansible ~]# vim abc.yml
---
- hosts: db
remote_user: root
tasks:
- user:
name: plj 这里的name，在user模块下，所以不是注释
- name: aaaaaaa 这里的name，在tasks模块下，才是注释！
shell: echo 123|passwd --stdin plj
shell: chage -d 0 plj
###############################################################################
[root@ansible ~]# ansible-playbook user.yml
显示如下：
PLAY [db] ***********************************************************************************************

TASK [Gathering Facts] **********************************************************************************
ok: [db1]
ok: [db2]

TASK [user] *********************************************************************************************
changed: [db1]
changed: [db2]

TASK [command] ******************************************************************************************
changed: [db1]
changed: [db2]

PLAY RECAP **********************************************************************************************
db1 : ok=4 changed=3 unreachable=0 failed=0
db2 : ok=4 changed=3 unreachable=0 failed=0

查看是否成功创建用户plj
[root@ansible ~]# ansible db -m shell -a 'id plj' 在db这个组的所有主机上，查看是否存在用户plj
显示如下：
db2 | SUCCESS | rc=0 >>
uid=1000(plj) gid=1000(plj) 组=1000(plj) 主机db1上已经存在用户plj，说明成功创建了用户

db1 | SUCCESS | rc=0 >>
uid=1000(plj) gid=1000(plj) 组=1000(plj) 主机db2上已经存在用户plj，说明成功创建了用户
##########################################################################################
[root@ansible ~]# vim index.html
hello 1
hello 2
hello 3

[root@ansible ~]# vim http.yml
---
- hosts: web
remote_user: root
tasks:
- service:
name: httpd
state: stopped
- yum:
name: httpd
state: removed
- yum:
name: httpd
state: installed
- lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^Listen'
line: 'Listen 8080'
- lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^#ServerName'
line: 'ServerName localhost'
- command: 'apachectl -t'
- copy:
src: index.html
dest: /var/www/html/
owner: apache
group: apache
mode: 0644
- service:
name: httpd
state: started
enabled: yes

[root@ansible ~]# ansible-playbook http.yml

PLAY [web] ***********************************************************************************************************************************************************************************

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
ok: [web1]
ok: [web2]

TASK [service] *******************************************************************************************************************************************************************************
changed: [web1]
changed: [web2]

TASK [yum] ***********************************************************************************************************************************************************************************
changed: [web1]
changed: [web2]

TASK [lineinfile] ****************************************************************************************************************************************************************************
changed: [web1]
changed: [web2]

TASK [command] *******************************************************************************************************************************************************************************
changed: [web2]
changed: [web1]

TASK [copy] **********************************************************************************************************************************************************************************
changed: [web2]
changed: [web1]

PLAY RECAP ***********************************************************************************************************************************************************************************
web1 : ok=10 changed=9 unreachable=0 failed=0
web2 : ok=10 changed=9 unreachable=0 failed=0
#################################################################################
[root@ansible ~]# vim user.yml
---
- hosts: db
remote_user: root
vars: 设置一个变量模块
username: nb 这里的nb是变量username的值
tasks:
- user:
name: "{{username}}" 引用变量的格式是"{{变量名}}"
- shell: echo 123|passwd --stdin "{{username}}"
- shell: chage -d 0 "{{username}}"

[root@ansible ~]# ansible-playbook user.yml

PLAY [db] **************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [db1]
ok: [db2]

TASK [user] ************************************************************************************************************
changed: [db2]
changed: [db1]

TASK [command] *********************************************************************************************************
changed: [db2]
changed: [db1]

PLAY RECAP *************************************************************************************************************
db1 : ok=4 changed=3 unreachable=0 failed=0
db2 : ok=4 changed=3 unreachable=0 failed=0
###################################################################################
下面文件里没有给变量username赋值

[root@ansible ~]# vim user.yml
---
- hosts: db
remote_user: root
tasks:
- user:
name: "{{username}}"
- shell: echo 123|passwd --stdin "{{username}}"
- shell: chage -d 0 "{{username}}"

直接在命令行给变量username赋值
[root@ansible ~]# ansible-playbook user.yml -e '{"username": "dd"}'
##########################################################################
[root@ansible ~]# vim user.yml
---
- hosts: db
remote_user: root
vars:
username: tom
tasks:
- user:
name: "{{username}}"
password: "{{'123'|password_hash('sha512')}}"

[root@ansible ~]# ansible-playbook user.yml

PLAY [db] **************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [db1]
ok: [db2]

TASK [user] ************************************************************************************************************
changed: [db2]
changed: [db1]

PLAY RECAP *************************************************************************************************************
db1 : ok=2 changed=1 unreachable=0 failed=0
db2 : ok=2 changed=1 unreachable=0 failed=0

[root@ansible ~]# ssh tom@db1
tom@db1's password: 输入密码123
[tom@db1 ~]$ 成功以tom身份登陆db1
###########################################################################
[root@ansible ~]# vim name.yml
---
- hosts: db
remote_user: root
tasks:
- user:
name: "{{username}}"
password: "{{'123'|password_hash('sha512')}}"

[root@ansible ~]# vim aa
{
"username": "tom",
"username": "harry",
"username": "jeck"
}

[root@ansible ~]# ansible-playbook name.yml -e '@aa'
############################################################################
[root@ansible ~]# cat /etc/login.defs
... ...
ENCRYPT_METHOD SHA512

[root@ansible ~]# echo 123 |sha512sum
ea2fe56bb8c1fb5ada84963b42ed71b764a74b092d75755173ade06f2f4aada9c00d6c302e185035cbe85fdff31698bca93e8661f0cbcef52cf2ff65864fd742 -

[root@ansible ~]# echo 123 |md5sum
ba1f2511fc30423bdbb183fe33f3dd0f -
############################################################################
[root@ansible ~]# A="abcd"
[root@ansible ~]# echo ${A^^}
ABCD
##############################################################
[root@ansible ~]# vim useradd.yml
---
- hosts: web
remote_user: root
tasks:
- shell: useradd z3
- shell: useradd li4
ignore_errors: True 告诉ansible，遇到这个shell的错误就忽略
- shell: echo 123 | passwd --stdin z3
- shell: echo 123 | passwd --stdin li4

[root@ansible ~]# ansible-playbook useradd.yml

PLAY [web] *************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [web2]
ok: [web1]

TASK [command] *********************************************************************************************************
changed: [web1]
changed: [web2]

TASK [command] *********************************************************************************************************
fatal: [web2]: FAILED! => {"changed": true, "cmd": "useradd li4", "delta": "0:00:00.004996", "end": "2018-12-29 15:37:28.440544", "msg": "non-zero return code", "rc": 9, "start": "2018-12-29 15:37:28.435548", "stderr": "useradd：用户“li4”已存在", "stderr_lines": ["useradd：用户“li4”已存在"], "stdout": "", "stdout_lines": []}
...ignoring
changed: [web1]

TASK [command] *********************************************************************************************************
changed: [web2]
changed: [web1]

TASK [command] *********************************************************************************************************
changed: [web1]
changed: [web2]

PLAY RECAP *************************************************************************************************************
web1 : ok=5 changed=4 unreachable=0 failed=0
web2 : ok=5 changed=4 unreachable=0 failed=0

###################################################################################
[root@ansible ~]# vim http.yml
---
- hosts: web
remote_user: root
tasks:
- service:
name: httpd
state: stopped
- yum:
name: httpd
state: removed
- yum:
name: httpd
state: installed
- lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^Listen'
line: 'Listen 80'
tags: editconf
notify:
- reload apache
- lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^#ServerName'
line: 'ServerName localhost'
- command: 'apachectl -t'
- copy:
src: index.html
dest: /var/www/html/
owner: apache
group: apache
mode: 0644
handlers:
- name: reload apache
service:
name: httpd
state: restarted
enabled: yes

[root@ansible ~]# ansible-playbook http.yml --list-tags

playbook: http.yml

play #1 (web): web TAGS: []
TASK TAGS: [editconf] 标签TAGS是editconf

[root@ansible ~]# ansible-playbook http.yml --tags editconf 引用标签TAGS是editconf

PLAY [web] *************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [web1]
ok: [web2]

TASK [lineinfile] ******************************************************************************************************
changed: [web1]
changed: [web2]

RUNNING HANDLER [reload apache] ****************************************************************************************
changed: [web2]
changed: [web1]

PLAY RECAP *************************************************************************************************************
web1 : ok=3 changed=2 unreachable=0 failed=0
web2 : ok=3 changed=2 unreachable=0 failed=0
#################################################################################
[root@ansible ~]# vim load.yml
[root@ansible ~]# cat load.yml
---
- hosts: web
remote_user: root
tasks:
- shell: uptime | awk '{printf("%.2f",$(NF-2))}'
register: result
- service:
name: httpd
state: stopped
when: result.stdout | float > 0.7

[root@ansible ~]# ansible-playbook load.yml

PLAY [web] *************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [web1]
ok: [web2]

TASK [command] *********************************************************************************************************
changed: [web2]
changed: [web1]

TASK [service] *********************************************************************************************************
skipping: [web1]
skipping: [web2]

[root@ansible ~]# curl web1
hello 1
hello 2
hello 3
#####################################################################################
[root@ansible ~]# vim user5.yml
---
- hosts: web
remote_user: root
tasks:
- user:
name: "{{item.name}}"
group: "{{item.group}}"
password: "{{item.pwd}}"
with_items:
-
name: "nb"
group: "users"
pwd: "bb"
-
name: "dd"
group: "bin"
pwd: "xdd"
-
name: "jj"
group: "apache"
pwd: "plj"

[root@ansible ~]# ansible-playbook user5.yml

PLAY [web] *************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
ok: [web2]
ok: [web1]

TASK [user] ************************************************************************************************************
changed: [web2] => (item={u'pwd': u'bb', u'group': u'users', u'name': u'nb'})
changed: [web1] => (item={u'pwd': u'bb', u'group': u'users', u'name': u'nb'})
changed: [web2] => (item={u'pwd': u'xdd', u'group': u'bin', u'name': u'dd'})
changed: [web1] => (item={u'pwd': u'xdd', u'group': u'bin', u'name': u'dd'})
changed: [web1] => (item={u'pwd': u'plj', u'group': u'apache', u'name': u'jj'})
changed: [web2] => (item={u'pwd': u'plj', u'group': u'apache', u'name': u'jj'})

PLAY RECAP *************************************************************************************************************
web1 : ok=2 changed=1 unreachable=0 failed=0
web2 : ok=2 changed=1 unreachable=0 failed=0
##################################################################
循环(没啥用，看一下就行)

[root@ansible ~]# vim echo.yml
---
- hosts: web
remote_user: root
vars:
id: [1,2,3]
en: ["a","b","c"]
tasks:
- shell: echo "{{item}}"
with_nested:
- "{{id}}"
- "{{en}}"
[root@ansible ~]# ansible-playbook echo.yml

PLAY [web] ******************************************************************************************

TASK [Gathering Facts] ******************************************************************************
ok: [web2]
ok: [web1]

TASK [command] **************************************************************************************
changed: [web1] => (item=[1, u'a'])
changed: [web2] => (item=[1, u'a'])
changed: [web1] => (item=[1, u'b'])
changed: [web2] => (item=[1, u'b'])
changed: [web1] => (item=[1, u'c'])
changed: [web2] => (item=[1, u'c'])
changed: [web1] => (item=[2, u'a'])
changed: [web2] => (item=[2, u'a'])
changed: [web1] => (item=[2, u'b'])
changed: [web2] => (item=[2, u'b'])
changed: [web1] => (item=[2, u'c'])
changed: [web2] => (item=[2, u'c'])
changed: [web2] => (item=[3, u'a'])
changed: [web1] => (item=[3, u'a'])
changed: [web2] => (item=[3, u'b'])
changed: [web1] => (item=[3, u'b'])
changed: [web2] => (item=[3, u'c'])
changed: [web1] => (item=[3, u'c'])

PLAY RECAP ******************************************************************************************
web1 : ok=2 changed=1 unreachable=0 failed=0
web2 : ok=2 changed=1 unreachable=0 failed=0

posted @ 2019-04-30 22:59 安于夏阅读(249) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

ansible yml playbook

公告