palybook剧本

1.with_items

现在hosts all

条件1：安装nginx

条件2：安装httpd

要有epel源

wget http://mirrors.aliyun.com/repo/Centos-7.repo

yum -y install epel-release

vim test4.yml

- hosts: all

remote_user: root

tasks:

- name: test when

yum: name=nginx

when: ansible_default_ipv4.address == '192.168.66.16'

- name: nginx info

debug:

msg: "安装nginx"

when: ansible_default_ipv4.address == '192.168.66.16'

- name: test when

yum: name=httpd

when: ansible_default_ipv4.address == '192.168.66.17'

- name: http info

debug:

msg: "安装httpd"

when: ansible_default_ipv4.address == '192.168.66.17'

循环

ansible有多种循环格式，with_items 循环遍历

vim test5.yml

- hosts: 192.168.66.16

remote_user: root

gather_facts: false

tasks:

- debug:

msg: "{{ item }}"

with_items: [a,b,c,d]

#声明变量item，playbook的内置变量，with_items，会把item的值，遍历列表当中的a,b,c,d.

定义多个变量

2.with_list 列表分组循环

创建文件

- hosts: 192.168.66.16

remote_user: root

gather_facts: false

tasks:

- name: create file

file:

path: "{{ item }}"

state: touch

with_items:

- [/opt/a,/opt/b,/opt/c,/opt/d]

- [/opt/1,/opt/2,/opt/3,/opt/4]

3.with_together 列表对应的列，数据结合的方式循环

如果是together 会把同一组的值遍历，列表当中的值一一对应，打印出来

- hosts: 192.168.66.16

remote_user: root

gather_facts: false

tasks:

- debug:

msg: "{{ item }}"

with_together:

- [a,b,c,d]

- [1,2,3,4]

- [A,B,C]

4.with_nested?

相当于双重循环，第一层定义了循环的次数，第二层表示第一层每个元素会循环几次

列表里面的元素定义了循环的次数，第二层列表，相当于内循环。

- hosts: 192.168.66.16

remote_user: root

gather_facts: false

tasks:

- debug:

msg: "{{ item }}"

with_nested:

- [a,b,c,d]

- [1,2,3,4]

5.实验

vim test6.yml

#基于循环，创建文件，目录，和用户组

- name: play1

hosts: 192.168.66.16

gather_facts: false

tasks:

- name: create file

file:

path: "{{item}}"

state: touch

with_items: [/opt/123,/opt/456,/opt/789]

- name: play2

hosts: 192.168.66.16

gather_facts: false

vars:

test:

- /opt/test1

- /opt/test2

- /opt/test3

tasks:

- name: dir

file:

path: "{{item}}"

state: directory

with_items: "{{test}}"

在组里分别创建test1，test2分别对应dn1，dn2组

- name: play3

hosts: 192.168.66.16

gather_facts: false

tasks:

- name: create group

group:

name: "{{item}}"

state: present

with_items:

- 'dn1'

- 'dn2'

- name: create users

user:

name: "{{item.name}}"

state: present

group: "{{item.group}}"

with_items:

- {name: 'test1', group: 'dn1'}

- {name: 'test2', group: 'dn2'}

192.168.233.20

yum 一键安装多个软件 tree sl nginx httpd vsftpd dhcp

- name: play4

hosts: 192.168.66.16

gather_facts: false

tasks:

- name: yum install

yum:

name: "{{item}}"

with_items:

- ['tree','sl','nginx','httpd','vsftpd','dhcp']

6.Templates模块

Jinja模版架构，通过模版可以实现向模版文件传参（python转义），把占位符参数传到配置文件中去。

生产一个目标文本文件，传递变量到需要配置

yum -y install httpd

cd /etc/httpd/conf/

cp httpd.conf /opt/httpd.conf.j2

vim httpd.conf.j2

set nu

Listen {{http_port}}?? ??? ??? ??? ?#42行，修改
ServerName {{server_name}}?? ??? ??? ?#95行，修改
DocumentRoot "{{root_dir}}" ? ? ? ? ?#119行，修改

vim /etc/ansible/hosts

[webservers]
192.168.66.16 http_port=192.168.66.16:80 server_name=www.accp.com:80 root_dir=/etc/httpd/htdocs

[dbservers]
192.168.66.17 http_port=192.168.66.17:80 server_name=www.benet.com:80 root_dir=/etc/httpd/htdocs

vim /opt/http.yml

- hosts: all

remote_user: root

vars:

- package: httpd

- service: httpd

tasks:

- name: install httpd

yum: name={{package}}

- name: install configure file

template: src=/opt/httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf

notify:

- restart httpd

- name: create root_dir

file:

path: /etc/httpd/htdocs

state: directory

- name: start httpd

service: name={{service}} enabled=true state=started

handlers:

- name: restart httpd

service: name={{service}} state=restarted

httpd.conf.j2 在文件当中配置的是占位符，（声明的变量）

/etc/ansible/hosts 配置了主机的占位符名称和j2文件中的占位符一致（定义参数：占位符的参数的参数声明好

playbook当中，template模块来把参数传给目标主机的配置文件。

yum -y install nginx

vim /etc/nginx/nginx.conf

vim nginx.yml

- hosts: all

remote_user: root

vars:

- package: nginx

- service: nginx

tasks:

- name: install nginx

yum: name={{package}}

- name: install configure file

template: src=/etc/nginx/nginx.conf dest=/etc/nginx/nginx.conf

notify:

- restart nginx

- name: create root_dir

file:

path: /opt/nginx/html

state: directory

- name: start nginx

service: name={{service}} enabled=true state=started

handlers:

- name: restart nginx

service: name={{service}} state=restarted

7.tags 模块：

标签模块，可以在playbook当中为任务设定标签（tags），我们在运行playbook时可以通过指定任务标签，来实现只运行设定的标签任务

- name:

tags:

debug

--tags debug

任务标签的种类：

always：不管你是否指定了运行标签，任务都会执行

never：即使运行了指定标签，该任务也不会执行

debug：调试任务

setup：收集主机信息

自定义标签

per_tasks:指定标签之前的任务

post_tasks:运行指定标签之后的任务

- hosts: all

remote_user: root

tasks:

- name: tag debug

debug:

msg: "this is test1"

tags:

- debug

- name: tag setup

setup:

tags:

- setup

- name: tag always

debug:

msg: "run"

tags:

- always

- name: tag never

debug:

msg: "never run"

tags:

- never

ansible-playbook test12.yml --tags="debug"

在目标主机touch guoqi.txt always

在目标主机上复制文件/opt/guoqi.txt

在目标主机复制 /opt/wdf.txt

标签自定义never

第一运行playbook 不指定标签查看文件生成情况

指定标签为never，查看文件生成情况

- hosts: 192.168.66.16

remote_user: root

gather_facts: no

tasks:

- name: tag always

file:

path: /opt/guoqi.txt

state: touch

tags:

- always

- name: tag never

copy:

src: /opt/guoqi.txt

dest: /opt/wdf.txt

tags:

- never

ansible-playbook test13.yml

ansible-playbook test13.yml --tags='never'

8.Roles模块

角色：

ansible层次化，结构化的组织playbook，使用了roles（角色）

可以根据层次结构，自动装载变量文件，task以及handlers等等

roles：分别把变量，文件，任务，模块，以及处理器，放在单独的目录当中，使用roles模块来一键调用这些文件。

roles：

---------web------总目录，角色

files 存放copy和script模块调用的文件

templates 存放j2的模版文件

tasks 包含任务的目录

-----main.yml 角色运行的任务

handlers 包含处理器的目录

-------mian.yml

vars 存放变量的目录

------main.yml

defaults 包含默认变量的目录

------main.yml

meta 包含元信息的目录

------main.yml

site.yml用来调用所有的配置文件

三个服务

http

mysql

php

cd /etc/ansible/

cd roles

mkdir httpd mysql php

cd httpd

mkdir files templates tasks handlers vars defaults meta

cd ..

cd php

mkdir files templates tasks handlers vars defaults meta

cd ..

cd mysql

mkdir files templates tasks handlers vars defaults meta

cd ..

cd httpd

touch {defaults,vars,tasks,meta,handlers}/main.yml

cd ..

cd php

touch {defaults,vars,tasks,meta,handlers}/main.yml

cd ..

cd mysql

touch {defaults,vars,tasks,meta,handlers}/main.yml

vim /etc/ansible/roles/httpd/tasks/main.yml

- name: install httpd

yum: name={{pkg}}

- name: start httpd

service: enabled=true name={{svc}} state=started

vim /etc/ansible/roles/httpd/vars/main.yml

pkg: httpd

svc: httpd

vim /etc/ansible/roles/mysql/tasks/main.yml

- name: install mysql

yum: name={{pkg}}

- name: start mysql

service: enabled=true name={{svc}} state=started

vim /etc/ansible/roles/mysql/vars/main.yml

pkg:

- mariadb

- mariadb-server

svc: mariadb

vim /etc/ansible/roles/php/tasks/main.yml

- name: install php

yum: name={{pkg}}

- name: start php-fpm

service: enabled=true name={{svc}} state=started

vim /etc/ansible/roles/php/vars/main.yml

pkg:

- php

- php-fpm

svc: php-fpm

vim /etc/ansible/site.yml

- hosts: 192.168.66.16

remote_user: root

roles:

- httpd

- mysql

- php

cd /etc/ansible

ansible-playbook site.yml