ansbile--playbook劇本案例
阿新 • • 發佈:2018-09-24
list oca 發送 hand epel源 onf opts state firewall 通過ansible批量管理三臺服務器,使三臺服務器實現備份,web01、nfs、backup,把web和nfs上的重要文件被分到backup上,主機ip地址分配如下
Character | IP地址 | IP地址 | 主機名 |
---|---|---|---|
Rsync--server | 172.16.1.41 | 10.0.0.41 | backup-rsync-41 |
NFS-client | 172.16.1.31 | 10.0.0.31 | Nfs01-31 |
Web01 | 172.16.1.7 | 10.0.0.7 | web01-7 |
在m01上操作,編寫ansible清單和劇本
目錄規劃:
我們把所有的yaml文件都放在/playbook目錄下,配置文件都放在/paly/conf目錄下,腳本都放在/playbook/scripts目錄下。
[root@m01-61 /]# mkdir /playbook/{conf,scripts} [root@m01-61 /]# cat /etc/ansible/hosts ---主機清單 [nfs] 172.16.1.31 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa [web] 172.16.1.7 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa [backup] 172.16.1.41 ansible_ssh_private_key_file=/root/.ssh/test_id_rsa [host:children] nfs web backup
構建基礎的劇本,所有的服務器都應用這個劇本
1,基礎的額優化,關閉firewalld和selinux,修改ssh,修改dns的文件 2,安裝構建epel源 3,安裝nfs和rsyn服務 4,創建UID和GID為666的www用戶 5,創建rsync推送使用的密鑰文件 6,創建一個共同存放腳本的路徑 7,創建備份的腳本,編寫定時任務 [root@m01-61 /]# cd /playbook/ [root@m01-61 playbook]# cat base.yaml #zhe shi yi ge ji chu - hosts: all tasks: # - name: stop firewall - name: Install Epel repos get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo # ssh firewall selinux hosts - name: Dns client file copy: src=./conf/resolv.conf dest=/etc/resolv.conf - name: Install service rsync nfs-utils yum: name=rsync,nfs-utils state=installed - name: create group group: name=www gid=666 - name: creat user user: name=www uid=666 group=www create_home=no shell=/sbin/nologin - name: rsync passwd file copy: content=‘1‘ dest=/etc/rsync.pass mode=0600 - name: creat /server/scripts file: path=/server/scripts state=directory recurse=yes - name: copy scripts copy: src=./scripts/client_rsync_backup.sh dest=/server/scripts/client_rsync_backup.sh - name: crontab sh /server/scripts/client_rsync_backup.sh cron: name="backup scripts" minute=0 hour=1 job="/usr/bin/bash /server/scripts/client_rsync_backup.sh &> /dev/null "
關閉backup的劇本
1,配置郵件服務,推送校驗客戶端推送是否完整,並發送郵件
2,創建backup和data目錄
3,生成rsync的配置文件, 和密碼文件
4,當rsync配置文件修改的時候,自動重啟服務
5,每天晚上校驗托送過來的備份數據是不是完整
[root@m01-61 playbook]# cat rsync.yaml
- hosts: backup
tasks:
- name: install mailx
yum: name=mailx state=installed
- name: configure rsync
copy: src=conf/rsyncd.conf dest=/etc/rsyncd.conf
notify: Restart rsync service
- name: create dir /data
file: path=/data state=directory owner=www group=www
- name: create dir /backup
file: path=/backup state=directory owner=www group=www
- name: create file rsync passwd
copy: content=‘rsync_backup:1‘ dest=/etc/rsync.password motd=0600
- name: configure mail
copy: src=./conf/mail.rc dest=/etc/mail.rc
- name: copt scripts check
copy: src=./scripts/check_backup.sh dest=/server/scripts/check_backup.sh
- name: cron root
cron: name="check client backup" minute=0 hour=2 job=‘/usr/bin/bash /server/scripts/check_backup.sh &> /dev/null‘
- name: start rsync
service: name=rsyncd state=started
handlers:
- name: Restart rsync service
service: name=rsyncd state=restarted
[root@m01-61 playbook]# cat ./conf/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.password
log file = /var/log/rsyncd.log
[backup]
comment = welcome to backup!
path = /backup
[data]
path = /data
編寫nfs的配置文件
1,配置nfs配置文件,然後編寫一旦配置文件發生改變就重啟服務
2,配置sersync服務,使一更改配置文件服務就殺死上次的進程,然後重啟服務
[root@m01-61 playbook]# cat nfs.yaml
- hosts: nfs
tasks:
- name: copy sersync
copy: src=./conf/sersync dest=/usr/local recurse=yes mode=755
notify: statr sersync
- name: create /data
file: path=/data state=directory owner=www group=www
- name: create nfs file
copy: src=./conf/exports dest=/etc/exports
notify: restart nfs service
- name: start rpcbind rsync
service: name=rpcbind state=started enabled=yes
- name: statrt nfs start
service: name=nfs-server state=started enabled=yes
handlers:
- name: restart nfs service
service: name=nfs state=restarted
- name: statr sersync
shell: " ps aux | grep [s]ersync | awk ‘{print \"kill -9\"$2}‘ | bash && /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml"
配置web劇本
[root@m01-61 playbook]# cat web_nfs.yaml
- hosts: web
tasks:
- name: mount nfs
mount: src=172.16.1.31:/data path=/data fstype=nfs opts=defaults state=mounted
把所有的劇本合到一起來執行
[root@m01-61 playbook]# cat all.yaml
- import_playbook: /playbook/base.yaml
- import_playbook: /playbook/rsync.yaml
- import_playbook: /playbook/nfs.yaml
- import_playbook: /playbook/web_nfs.yaml
ansbile--playbook劇本案例