Ansible 劇本 playbook
阿新 • • 發佈:2021-08-15
Ansible 劇本 playbook
playbook的組成
play:角色,也就是主機清單中維護的主機名
task:具體要執行的任務
playbook是由一個或多個play(多個角色)組成,一個play由多個task(多個任務)組成
簡單理解為: 使用不同的模組完成一件事情
在Ansible中"劇本檔案"是以yml結尾的檔案。 在SaltStack中"劇本檔案"是以sls結尾的檔案。 但是語法,使用的都是 yaml語法
YAML語法
縮排 YAML使用固定的縮排風格表示層級結構,每個縮排由兩個空格組成, 不能使用TAB 冒號 以冒號結尾的除外,其他所 有冒號後面所有必須有空格 短橫線 表示列表項,使用一個短橫槓加一個空格,多個項使用同樣的縮排級別作為同一列表
編寫playbook安裝httpd
- hosts: backup tasks: - name: an zhuang httpd yum: name: httpd state: present - name: qi dong httpd service: name: httpd state: started ## playbook檢測語法 ansible-playbook --syntax-check install_httpd.yml ## 只測試不執行 ansible-playbook -C install_httpd.yml
使用playbook部署網站kaoshi
# 1.傳送公鑰 [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 172.16.1.7 [root@m01 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 172.16.1.8 # 2.先決條件 kaoshi.tgz包 httpd配置檔案 [root@m01 httpd]# ll total 40 -rw-r--r-- 1 root root 11747 Aug 12 09:10 httpd.conf -rw-r--r-- 1 root root 26875 Aug 12 09:09 kaoshi.tgz [root@m01 httpd]# pwd /root/httpd
編輯playbook
[root@m01 httpd]# vim web.yml
[root@m01 httpd]# cat web.yml
- hosts: web_group
tasks:
- name: Create www Group
group:
name: www
gid: 666
- name: Create www User
user:
name: www
uid: '666'
group: '666'
shell: /sbin/nologin
create_home: no
- name: Disabled Selinux
selinux:
state: disabled
- name: Stop Firewalld
service:
name: firewalld
state: stopped
- name: Install HTTPD And PHP Server
yum:
name:
- httpd
- php
state: present
- name: Configure HTTPD Conf
copy:
src: /root/httpd/httpd.conf
dest: /etc/httpd/conf/httpd.conf
- name: Unarchive Code
unarchive:
src: /root/httpd/kaoshi.tgz
dest: /var/www/html
- name: Start HTTPD Server
service:
name: httpd
state: started
enabled: yes
## 檢測語法
[root@m01 httpd]# ansible-playbook --syntax-check web.yml
playbook: web.yml
## 執行playbook
[root@m01 httpd]# ansible-playbook web.yml
playbook 部署rsync
環境
| 主機名 | 外網IP | 內網IP | 角色 |
|---|---|---|---|
| backup | 10.0.0.41 | 172.16.1.41 | rsync服務端、被控端 |
| m01 | 10.0.0.61 | 172.16.1.61 | ansible管理端 |
# 1.先決條件
## 公鑰推送
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
## rsync配置檔案
# 2.編寫playbook
[root@m01 rsyncd]# vim rsync.yml
- hosts: backup
tasks:
- name: Stop Firewalld Server
service:
name: firewalld
state: stopped
- name: Disabled Selinux
selinux:
state: disabled
- name: Create www Group
group:
name: www
gid: 666
state: present
- name: Create www User
user:
name: www
uid: 666
group: '666'
shell: /sbin/nologin
create_home: no
state: present
- name: Install Rsyncd Server
yum:
name: rsync
state: present
- name: Configure Rsync Conf
copy:
src: /root/rsyncd/rsyncd.conf
dest: /etc/rsyncd.conf
owner: root
group: root
mode: 0644
- name: Create Rsync Passwd File
copy:
content: rsync_backup:123
dest: /etc/rsync.passwd
owner: root
group: root
mode: 0600
- name: Create backup Directory
file:
path: /backup
state: directory
owner: www
group: www
mode: 0755
- name: Start Rsync Server
service:
name: rsyncd
state: started
enabled: yes
## 測試語法
[root@m01 rsyncd]# ansible-playbook --syntax-check rsync.yml
playbook: rsync.yml
## 執行playbook
[root@m01 rsyncd]# ansible-playbook rsync.yml
## 測試rsync推送
[root@m01 rsyncd]# rsync -avz /etc/passwd [email protected]::backup
Password:
sending incremental file list
passwd
sent 565 bytes received 43 bytes 405.33 bytes/sec
total size is 1,133 speedup is 1.86
ansible操作資料庫
grant all on *.* to wp_user@'%' identified by '123';
## mysql_user 模組
name:建立使用者的名字
password:使用者的密碼
priv:'*.*:ALL'
host:指定可連線的主機
login_user:連線資料庫的使用者
login_password:連線資料庫的密碼
host_all:
yes:類似於 % ,允許所有主機連線
no:預設,不允許所有主機連線
state:
present:建立
absent:刪除
## mysql_db 模組
name:資料庫名字
state:
import:匯入資料
dump:匯出資料
present:建立資料庫
absent:刪除資料庫
target:指定匯入資料的sql檔案
encoding:指定字符集
[root@m01 mariadb]# cat mariadb.yml
- hosts: db01
vars:
mysql_password: '123'
tasks:
- name: Install Mariadb Server
yum:
name:
- mariadb-server
- MySQL-python
state: present
- name: Start Mariadb Server
service:
name: mariadb
state: started
enabled: yes
- name: Create wordpress User
mysql_user:
login_user: root
login_password: "{{ mysql_password }}"
name: zh2
state: present
priv: '*.*:ALL'
host: '%'
password: '123'
- name: Create wordpress Database
mysql_db:
login_user: root
login_password: "{{ mysql_password }}"
name: zh2
state: present
encoding: utf8