第五十二天 Ansible playbook
2019-10-10 本文已影响0人
杨小倪
Ansible playbook
1.什么是Playbook
playbook翻译过来就是剧本的意思
playbook:定义一个文本文件,以yml为后缀结尾(翻译:我有一个剧本)
play:定义主机角色(翻译:找那个大腕明星)
task:定义的是具体执行的任务(翻译:大腕每集拍什么)
总结: playbook是由一个或多个play组成,一个play可以包含多个task任务;可以理解为:使用不同的模块共同完成一件事情
QQ图片20191010221741.png
2.Ansible playbook与AD-Hoc的关系
1.playbook是对AD-Hoc的一种编排方式。
2.playbook可以持久运行,而AD-Hoc只能临时运行
3.playbook适合复杂的任务,而AD-Hoc适合做快速简单的工作
4.playbook能控制任务执行的先后顺序。
3.playbook语法格式
| 语法 | 描述 |
|---|---|
| 缩进 | YAML使用固定的缩进风格表示层级结构,每个缩进有两个空格组成,不能使用tabs |
| 冒号 | 以冒号结尾的除外,其他所有冒号后面所有必须有空格 |
| 短横线 | 表示列表项,使用一个短横线加一个空格。多个项使用同样的缩进级别作为同一列表 |
1.使用playbook编写一个创建文件的yml
[root@manager project1]# vim f1.yml
- hosts: webservers
tasks:
- name: Create New File
file: path=/tmp/123.txt state=touch owner=root group=root mode=0600
- name: Create New File2
file:
path: /tmp/456.txt
state: touch
owner: root
group: root
mode: 0666
#检测是否有书写错误
[root@manager project1]# ansible-playbook --syntax f1.yml -i hosts
playbook: f1.yml
#模拟执行
[root@manager project1]# ansible-playbook -C f1.yml -i hosts
playbook: f1.yml
4.Ansible Playbook 练习
案例一
1.编写安装配置nfs服务的playbook文件
准备机器
172.16.1.31 nfs
172.16.1.7 client
172.16.1.8 client
1.先推公钥:
[root@manager project1]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.31
[root@manager project1]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.7
[root@manager project1]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.8
2.编写主机清单
[root@manager project1]# vim hosts
[nfsservers]
172.16.1.31
[backupservers]
172.16.1.41
[web:children]
nfsservers
backupservers
[webservers]
172.16.1.7
172.16.1.8
3.测试所有主机是否能通
[root@manager project1]# ansible all -m ping -i hosts
4.编写一个nfs-server的yml
1.安装 yum
2.配置 copy
3.初始化环境
用户 group user
目录 file
授权 file
4.启动服务 systemd
[root@manager project1]# vim nfs_server.yml
- hosts: nfsservers
tasks:
- name: Installed NFS Server
yum:
name: nfs-utils
state: present
- name: Configure NFS Server
copy:
src: ./file/exports.j2
dest: /etc/exports
owner: root
group: root
mode: 0644
backup: yes
- name: Create NFS Group www
group:
name: www
gid: 666
- name: Create NFS User www
user:
name: www
group: www
uid: 666
create_home: no
shell: /sbin/nologin
- name: Create NFS Share Directory
file:
path: /ansible_data
state: directory
owner: www
group: www
mode: 0755
recurse: yes
- name: Create NFS server
systemd:
name: nfs
state: restarted
enabled: yes
5.准备对应的文件
[root@manager project1]# vim file/exports.j2
/ansible_data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
6.编写nfs-client客户端yml
[root@manager project1]# vim nfs_client.yml
- hosts: webservers
tasks:
- name: Mount NFS Server share directory
mount:
src: 172.16.1.31:/ansible_data
path: /mnt
fstype: nfs
opts: defaults
state: mounted
案例二
2.使用ansible安装并配置httpd服务
1.安装 yum
2.配置 copy
3.启动 systemd
1.编辑ansible文件
[root@manager project1]# vim nginx.yml
- hosts: webservers
tasks:
- name: Installed Nginx Server
yum:
name: nginx
state: present
- name: Configure Nginx Server
copy:
src: ./file/nginx.conf.j2
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: 0644
backup: yes
notify: Restart Nginx Server #当配置文件发生改变的时候,notify触发重启
- name: Systemd nginx Server
systemd:
name: nginx
state: started
enabled: yes
handlers:
- name: Restart Nginx Server
systemd:
name: nginx
state: restarted
2.准备相对应的文件
[root@manager project1]# vim file/nginx.conf.j2
user www;
worker_processes 2;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
3.检测语法
[root@manager project1]# ansible-playbook --syntax nginx.yml -i hosts
playbook: nginx.yml
4.执行
[root@manager project1]# ansible-playbook nginx.yml -i hosts
案例三
使用ansible playbook 方式构建LAp 架构
1.使用yum安装httpd、php、firewalld
2.启动httpd、firewalld、等服务
3.添加防火墙规则、放行httpd的流量
4.使用get_url下载http://fj.xuliangwei.com/public/index.php
[root@manager project1]# vim lamp.yml
- hosts: web
tasks:
- name: Installed Httpd Server
yum:
name: httpd
state: present
- name: Installed PHP Server
yum:
name: httpd
state: present
- name: Configure Httpd WebSite
get_url:
url: http://fj.xuliangwei.com/public/index.php
dest: /var/www/html/index.php
mode: 0644
- name: Systemd Httpd Server
systemd:
name: httpd
state: started
- name: Systemd Firewalld Server
systemd:
name: firewalld
stare: started
- name: Configure Firewalld Rule
firewalld:
server: http
state: enable
2.检测语法
[root@manager project1]# ansible-playbook --syntax lamp.yml -i hosts
playbook: lamp.yml
3.执行
[root@manager project1]# ansible-playbook lamp.yml -i hosts
4.访问 10.0.0.41 出现如下界面
1570715400673.png
案例四
搭建可道云网盘 31 41
1.安装
2.配置
3.启动
4.下载代码
[root@manager project1]# vim kod.yml
- hosts: web
tasks:
- name: Installed Httpd Server
yum:
name: httpd
state: present
- name: Installed PHP Server
yum:
name: php
state: present
- name:
file:
path: /var/www/html/kodcloud
owner: root
group: root
state: directory
- name: Get kodcloud Code
unarchive:
src: http://static.kodcloud.com/update/download/kodexplorer4.40.zip
dest: /var/www/html/kodcloud
copy: no
group: root
owner: root
mode: 777
- name:
file:
path: /var/www/html/kodcloud
owner: root
group: root
mode: '0777'
recurse: yes
- name: Systemd Httpd Server
systemd:
name: httpd
state: restarted
2.检测语法
[root@manager project1]# ansible-playbook --syntax kod.yml -i hosts
playbook: lamp.yml
3.执行
[root@manager project1]# ansible-playbook kod.yml -i hosts
4.访问 10.0.0.41/kodcloud
案例五
搭建 Nginx+PHP 可道云
1.先动手实现
1.配置yum源 Nginx php
2.创建用户 www 统一UID和GID
3.安装软件包
nginx php71w
4.配置Nginx.conf配置文件,修改启动用户为www
5.添加虚拟主机 /etc/nginx/conf.d/xx.conf
6.配置php的权限 /etc/php-fpm.d/www.conf
7.启动nginx 和 php
8.修改配置,能够实现自动重启
2.ansible方式
1.编写ansible文件
[root@manager project1]# vim lnp.yml
- hosts: webservers
tasks:
#1.配置yum源仓库 nginx php
- name: Installed Nginx repo
yum_repository:
name: nginx
description: nginx repos
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck: no
#2.配置yum源仓库 php
- name: Installed php repo
yum_repository:
name: webtatic-php
description: php repos
baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/
gpgcheck: no
#3.安装nginx和php
- name: Installed Nginx and PHP Packages
yum:
name: "{{ packages }}"
vars:
packages:
- nginx
- php71w
- php71w-cli
- php71w-common
- php71w-devel
- php71w-embedded
- php71w-gd
- php71w-mcrypt
- php71w-mbstring
- php71w-pdo
- php71w-xml
- php71w-fpm
- php71w-mysqlnd
- php71w-opcache
- php71w-pecl-memcached
- php71w-pecl-redis
- php71w-pecl-mongodb
#4.创建程序启动的用户身份
- name: Create Group www
group:
name: www
gid: 666
- name: Create User www
user:
name: www
group: www
uid: 666
create_home: no
shell: /sbin/nologin
#5.管理nginx配置文件
- name: Configure nginx.conf
copy:
src: ./file/nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: Restart Nginx server
#6.管理php-fpm配置文件
- name: Configure php-fpm.conf
copy:
src: ./file/php-www.conf.j2
dest: /etc/php-fpm.d/www.conf
notify: Restart PHP-FPM Server
#7.添加kodcloud虚拟主机(检查语法)
- name: Add Nginx VirtHost kod.oldxu.com
copy:
src: ./file/kold.oldxu.com.conf.j2
dest: /etc/nginx/conf.d/klod.oldxu.com.conf
notify: Restart Nginx server
- name: Init Nginx BaseEnv
file:
path: /code
state: directory
owner: www
group: www
recurse: yes
- name: Push Kodcloud Code
unarchive:
src: http://static.kodcloud.com/update/download/kodexplorer4.40.zip
dest: /code/
copy: no
group: root
owner: root
mode: 777
- name: Chmod kodcloud
file:
path: /code
owner: www
group: www
mode: 0777
recurse: yes
- name: Systemd Nginx Server
systemd:
name: nginx
state: started
enabled: yes
- name: Systemd PHP-FPM Server
systemd:
name: php-fpm
state: started
enabled: yes
#当nginx或php 配置文件发生变更才会触发此操作
handlers:
- name: Restart Nginx server
systemd:
name: nginx
state: restarted
- name: Restart PHP-FPM Server
systemd:
name: php-fpm
state: restarted
2.增加当前文件所需要的配置文件
[root@manager project1]# vim file/nginx.conf.j2
user www;
worker_processes 2;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@manager project1]# vim file/php-www.conf.j2
[root@manager project1]# vim file/kold.oldxu.com.conf.j2
server {
listen 80;
server_name kod.oldxu.com;
root /code;
client_max_body_size 500m;
location / {
index index.php index.html;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
3. 检测语法
[root@manager project1]# ansible-playbook --syntax lnp.yml -i hosts
playbook: lnp.yml
4.执行
[root@manager project1]# ansible-playbook lnp.yml -i hosts
5.访问 kod.oldxu.com
