关键词:
1.Ad-Hoc简介
1)ad-hoc命令
执行shell命令,或shell脚本。可以执行一些简单的命令,不需要将这些执行的命令特别保存下来。
适合执行简单的命令
2)Ansible playbook
可以解决比较复杂的任务,可以将命令保存下来。适合执行配置管理或部署客户机
2.Ansible playbook
playbook是由一个或多个模块组成的,使用多个不同的模块,完成一件事
playbook通过yaml语法识别描述的状态文件.扩展名是yaml
1).YAML三板斧 缩进 YAML使用一个固定的缩进风格表示层级结构,每个缩进由两个空格组成,不能使用tab(默认一个tab=4个空格) 解决方法: [root@m01 ~]# cat .vimrc set number set tabstop=2 冒号 以冒号结尾的除外,其他所有冒号后面必须有空格 短横线 表示列表项,使用一个短横杠加一个空格。 多个项使用同样的缩进级别作为同一列表。 who 谁 what 事情 how 动作 ansible-playbook命令格式 ansible-playbook [option] filename 常用选项: -C, --check 模拟运行 --list-hosts 列出剧本主机清单 [root@m01 ansible_playbook]# ansible-playbook --list-hosts apache.yaml playbook: apache.yaml play #1 (web): web TAGS: [] pattern: [u‘web‘] hosts (1): 172.16.1.7 --list-tags 列出剧本标记 --list-tasks 列出剧本任务 [root@m01 ansible_playbook]# ansible-playbook --list-tasks apache.yaml playbook: apache.yaml play #1 (web): web TAGS: [] tasks: Install Apache TAGS: [] Start Apache TAGS: [] --syntax-check 检测语法 [root@m01 ansible_playbook]# ansible-playbook --list-tags apache.yaml playbook: apache.yaml
案例:编写apache剧本
1)准备apache的配置文件 mkdir -p /etc/ansible/ansible_playbook/conf scp root@172.16.1.7:/etc/httpd/conf/httpd.conf /etc/ansible/ansible_playbook/conf sed -i "s#Listen 80#Listen 8080#g" conf/httpd.conf 2).写yaml剧本文件 [root@m01 ansible_playbook]# cat apache.yaml - hosts: web tasks: - name: Install Apache yum: name=httpd state=installed - name: Configure Httpd.conf copy: src=/etc/ansible/ansible_playbook/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf notify: Restart Http Service - name: Start Apache service: name=httpd state=started enabled=yes handlers: - name: Restart Http Service service: name=httpd state=restarted
2).playbook的核心元素
hosts:主机清单
tasks:任务
vars:变量
handlers:特定条件触发的任务
template:包含横版语法的文本文件
3.Ansible项目案例
1.环境规划
角色 外网IP(NAT) 内网IP(LAN) 主机名 backup eth0:10.0.1.51 eth1:172.16.1.51 rsync nfs eth0:10.0.1.41 eth1:172.16.1.41 nfs、Sersync m01 eth0:10.0.1.71 eth1:172.16.1.71 ansible web01 eth0:10.0.1.7 eth1:172.16.1.7 httpd
实施步骤:(hosts:all)
m01的配置要求
1)保证ssh密钥认证生效
2)安装ansible
3)准备所有的配置文件
本地hosts
selinux配置文件
rsyncd.conf
exports
mail.rc
sersync
rsync备份脚本
rsync检测脚本
mkdir -p /etc/ansible/ansible_playbook/conf,file,scripts,tools
1.基础环境部署
1)网络环境(SELinux firewalld) - name: Disable SELinux copy: src=./conf/selinux.config dest=/etc/selinux/config - name: Stop SElinux shell: setenforce 0 - name: Disable Firewaldl service: name=firewalld state=stopped enabled=no 2)epel仓库 - name: Create Epel Repo get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo 3)安装rsync,nfs-utils软件包 - name: Installed Rsync NFS yum: name=rsync,nfs-utils state=installed 4)创建组 - name: Create Group group: name=www gid=666 5)创建用户 - name: Create User user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin 6)创建目录,并修好所属和权限 - name: Create Directory /data file: path=/data owner=666 group=666 recurse=yes state=directory - name: Create Directory /backup file: path=/backup owner=666 group=666 recurse=yes state=directory - name: Create Scripts Directory file: path=/server/scripts state=directory 7)推送Rsync客户端备份脚本 - name: Push Rsync Backup copy: src=./scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh 8)推送rsync客户端密码文件,并修改取消 - name: Create Rsync Client Pass File copy: content="1" dest=/etc/rsync.pass mode=600 9)计划任务 - name: Create Rsync Client Crontab cron: name="Rsync Backup" hour=1 minute=0 job="bin/sh /server/scripts/rsync_backup.sh &> /dev/null"
base.yaml剧本内容:
- hosts: all tasks: - name: Disable SELinux copy: src=./conf/selinux.config dest=/etc/selinux/config notify: Stop SElinux - name: Disable Firewalld service: name=firewalld state=stopped enabled=no - name: Create Epel Repo get_url: url=http://mirrors.aliyun.com/repo/epel-7.repo dest=/etc/yum.repos.d/epel.repo - name: Installed Rsync NFS yum: name=rsync,nfs-utils state=installed - name: Create Group group: name=www gid=666 - name: Create User user: name=www uid=666 group=666 create_home=no shell=/sbin/nologin - name: Create Directory /data file: path=/data owner=666 group=666 recurse=yes state=directory - name: Create Directory /backup file: path=/backup owner=666 group=666 recurse=yes state=directory - name: Create Scripts Directory file: path=/server/scripts state=directory - name: Push Rsync Backup copy: src=./scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh - name: Push Hosts File copy: src=./conf/hosts dest=/etc/hosts - name: Create Rsync Client Pass File copy: content="1" dest=/etc/rsync.pass mode=600 - name: Create Rsync Client Crontab cron: name="Rsync Backup" hour=1 minute=0 job="/bin/sh /server/scripts/rsync_backup.sh &> /dev/null" handlers: - name: Stop SElinux shell: setenforce 0
2.rsync部署
1)安装rsync,mailx - name: Install Rsync Mailx yum: name=rsync,mailx state=installed 2)配置 - name: Push Rsync Config File copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf notify: Restart Rsyncd - name: Create Rsync Auth File copy: content=‘rsync_backup:1‘ dest=/etc/rsync.passwd mode=600 handlers: - name: Restart Rsyncd service: name=rsyncd state=restarted 3)启动 - name: Start Rsync Service service: name=rsyncd state=started enabled=yes - name: Push Mailx Config File copy: src=./conf/mail.rc dest=/etc/mail.rc 4)脚本任务 - name: Push Rsync Check Script copy: src=./scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh 5)计划任务 - name: Create Rsync Check cron: name=‘Rsync Check‘ hour=5 minute=0 job=‘/bin/sh /server/scripts/rsync_check.sh &>/dev/null‘
rsync.yaml剧本内容:
- hosts: backup tasks: - name: Install Rsync Mailx yum: name=rsync,mailx state=installed - name: Push Rsync Config File copy: src=./conf/rsyncd.conf dest=/etc/rsyncd.conf notify: Restart Rsyncd - name: Create Rsync Auth File copy: content=‘rsync_backup:1‘ dest=/etc/rsync.passwd mode=600 - name: Start Rsync Service service: name=rsyncd state=started enabled=yes - name: Push Mailx Config File copy: src=./conf/mail.rc dest=/etc/mail.rc - name: Push Rsync Check Script copy: src=./scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh - name: Create Rsync Check cron: name=‘Rsync Check‘ hour=5 minute=0 job=‘/bin/sh /server/scripts/rsync_check.sh &>/dev/null‘ handlers: - name: Restart Rsyncd service: name=rsyncd state=restarted
3.nfs部署
1)安装nfs-utils - name: Install NFS yum: name=nfs-utils state=installed 2)配置 - name: Push NFS Config File copy: src=./conf/exports dest=/etc/exports notify: Restart NFS handlers: - name: Restart NFS service: name=nfs state=restarted 3)启动 - name: Start Rpcbind Server service: name=rpcbind state=started - name: Start NFS Server service: name=nfs state=started enabled=yes
nfs.yaml剧本内容:
- hosts: nfs tasks: - name: Install NFS yum: name=nfs-utils state=installed - name: Push NFS Config File copy: src=./conf/exports dest=/etc/exports notify: Restart NFS - name: Start Rpcbind Server service: name=rpcbind state=started - name: Start NFS Server service: name=nfs state=started enabled=yes handlers: - name: Restart NFS service: name=nfs state=restarted
4.sersync部署
1)在m01上下载sersync wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/sersync/sersync2.5.4_64bit_binary_stable_final.tar.gz 2)解压并修改配置文件 3)推送至nfs - name: Install Inotify_tools yum: name=inotify-tools state=installed - name: Push Sersync copy: src=./tools/sersync dest=/usr/local/ mode=755 4)启动sersync - name: start Sersync shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml 注意:多次执行该剧本,会启动多个sersync进程,如何解决?
sersync.yaml剧本内容:
- hosts: nfs tasks: - name: Install Inotify_tools yum: name=inotify-tools state=installed - name: Push Sersync copy: src=./tools/sersync dest=/usr/local/ mode=755 - name: start Sersync shell: /usr/local/sersync/sersync2 -dro /usr/local/sersync/confxml.xml
5.web部署
1)安装httpd - name: Install httpd yum: name=httpd state=installed 2)启动 - name: Start httpd service: name=httpd state=started 3)挂载 - name: Mount NFS Storage mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
web.yaml剧本内容:
- hosts: web tasks: - name: Install httpd yum: name=httpd state=installed - name: Start httpd service: name=httpd state=started - name: Mount NFS Storage mount: src=nfs:/data path=/var/www/html fstype=nfs state=mounted
将所有编写好的yaml引入至一个文件中,这样便于一次执行 [root@m01 ansible_playbook]# cat main.yaml - import_playbook: base.yaml - import_playbook: rsync.yaml - import_playbook: nfs.yaml - import_playbook: sersync.yaml - import_playbook: web.yaml
ansible-playbook可用参数(代码片段)
Usage:ansible-playbookplaybook.ymlOptions:--ask-vault-pass#askforvaultpassword#加密playbook文件时提示输入密码-C,--check#don'tmakeanychanges;instead,trytopredictsomeofthechangesthatmayoccur#模拟执行,不会真正在机 查看详情
ansible-playbook剧本编写(代码片段)
Ansible-playbook一.playbooks组成1.playbooks本身由以下各部分组成二.示例2.when条件判断3.迭代4.Templates模块5.tags模块6.Roles模块一.playbooks组成1.playbooks本身由以下各部分组成(1)Tasks:任务,即通过task调用ansible的模板将多个操作组织在一... 查看详情
ansible-playbook剧本编写(代码片段)
Ansible-playbook一.playbooks组成1.playbooks本身由以下各部分组成二.示例2.when条件判断3.迭代4.Templates模块5.tags模块6.Roles模块一.playbooks组成1.playbooks本身由以下各部分组成(1)Tasks:任务,即通过task调用ansible的模板将多个操作组织在一... 查看详情
1.ansible-playbook变量定义与引用(代码片段)
简单的playbookplaybook是ansible的核心组件,使用的是YAML语法.下面请看简单的playbook代码[[email protected]playb]#catnginx.yaml-hosts:alltasks:-name:InstallNginxPackageapt:name=nginxstate=present-name:CopyNginx.conftemplate 查看详情
ansible-playbook之拷贝路径(代码片段)
1,使用copy模块时,src路径可以不用写,直接写要copy的文件名称即可ansible自己会根据一定的规律来遍历路径,是否存在该文件(拷贝的对象)1.[root@localhostkafka]#tree.├──hosts│??├──kafka_hosts│??└──kafka_manager_hosts├──kaf... 查看详情
ansible-playbook剧本初体验(代码片段)
实验目的:通过ansible剧本对被管理端进行部署httpd服务,并且修改配置文件,启动服务。操作环境操作系统IP地址角色Centos7192.168.71.129ansible管理端Centos7192.168.71.130ansible被管理端Centos7192.168.71.131ansible被管理端实验步骤:安装ansible... 查看详情
ansible-playbook剧本基础(代码片段)
ansible的剧本是使用yaml语言进行编写的,基本语法如下:基本语法:1、大小写2、同级别要对齐,缩进表示层级3、缩进不允许使用Tab键4、缩进空格数不规定,相同元素区分即可支持的数据结构:1、对象:键值对集合,又称映射/哈... 查看详情
2.ansible-playbook条件语句-内部变量使用(代码片段)
内部变量指的是把变量定义在playbook里面或者是执行结果作为变量循环语句-标准Loops[[email protected]playb]#catp_loop.yaml-hosts:u12gather_facts:Falsetasks:-name:debugloopsdebug:msg="name------->item"with_items:-one-two运行结果如下 查看详情
ansible-playbook(代码片段)
...使用同样的缩进级别作为同一列表。who谁what事情how动作ansible-playbook命令格式ansible-playbook[option]filename常用选项:-C,--check模拟运行--list-hosts列出剧本主机清单[root@m01ansible_playbook]#ansible-playbook--list-hostsapache.yamlplaybook:apache.yamlplay# 查看详情
运维自动化工具ansible-playbook(代码片段)
一、简介playbook是一个非常简单的配置管理和多主机部署系统。可作为一个适合部署复杂应用程序的基础。playbook可以定制配置,可以按指定的操作步骤有序执行,支持同步和异步方式。playbook是通过YAML格式来进行描述定义的,... 查看详情
ansible-playbook批量安装zabbix_agent(代码片段)
zabbix_agent_install.yml----hosts:本地测试服务器remote_user:roottasks:-name:Installpackagesyum:name=itemstate=presentwith_items:-gcc-c++-curl-curl-devel-net-snmp-net-snmp-devel-mysql-devel-name:copyfilec 查看详情
ansible-playbook设置用户到期时间(代码片段)
user模块参数:expires设定到期时间,值为一个时间戳使用以下命令获取2021/10/17的时间戳:date-d20211017+%s#返回值为一串数字例如,设置用户30天后到期(假设今天2021/10/17):1.先用命令获取30天后的时... 查看详情
使用ansible-playbook部署zabbix-agent-4.0(代码片段)
-hosts:allremote_user:roottasks:-name:CentOS6systemcopyzabbix-agentrpmcopy:src=/tmp/zabbix-agent-3.4.9-1.el6.x86_64.rpmdest=/tmp/zabbix-agent-3.4.9-1.el6.x86_64.rpmwhen:-ansible_distribution=="CentOS" 查看详情
ansible-playbook(代码片段)
1.什么是playbook?playbook剧本<---文件YAMLplay找谁明星找那个主机web01task做什么干什么事情yumcopyservice找多个明星,做多件事情找一个明星,做多件事情2.playbook和Ad-Hoc的区别?3.Playbook三板斧?缩进冒号短横线(语法格式)2.1:使用playbook编... 查看详情
ansible-playbook管理复杂任务(代码片段)
...name:copyfilecopy:src=/wh_k/test1.txtdest=/wh_k/wang_06///调用copy模块#ansible-playbook--checkcopy.yml#ansible-playbookcopy.yml备注1.第一行中,文件开头为 ---;这是YAML将文件解释为正确的文档的要求。YAML一个文件支持多个文档,每个“文档”由---符号... 查看详情
ansible-playbook基础(代码片段)
#roles跟调用角色的剧本文件应该与roles同级关系,即放在ansible目录下#makir/root/ansible/roles/nginx,http,ftp,mysql,redispalybook.ymlroles/project/tasks/定义task,role的基本元素,至少包含一个main.yml文件files/存放由copy或script模块等调用的文件vars/定... 查看详情
ansible-playbook批量搭建lamp(代码片段)
先在ansible服务器安装LAMP环境,然后再将配置文件通过ansible拷贝到远程主机1.安装httpd软件yum-yinstallhttpd2.安装mysqlyum-yinstallmariadb-servermysqlsystemctlstartmairadb3.安装php和php-mysql模块yum-yinstallphpphp-mysql4.提供php测试页vim/var/www/html/index.php&... 查看详情
ansible使用指北(代码片段)
...文章里我们了解了ansible的常用模块,今天我们来了解下ansible-playbook,ansbile-playbook是一系统ansible命令的集合,其利用yaml语言编写,ansbile-playbook命令根据自上而下的顺序依次执行。playbook通过ansible-playbook命令使用,它的参数和ansible... 查看详情