一,playbook概述

1.playbook?playbook翻译过来就是“剧本

playbook: 由一个或多个play组成,一个play可以包含多个task任务 简单理解为: 使用不同的模块完成一件事情

2.playbook的优势

1.功能比ad-hoc更全 2.能很好的控制先后执行顺序, 以及依赖关系 3.语法展现更加的直观 4.ad-hoc无法持久使用,playbook可以持久使用

3.playbook的配置语法是由yaml语法描述的,扩展名是yaml

缩进——YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用tabs 冒号——以冒号结尾的除外,其他所有冒号后面所有必须有空格。 短横线——表示列表项,使用一个短横杠加一个空格。>

多个项使用同样的缩进级别作为同一列表

Playbook执行结果返回颜色状态:

红色: 表示有task执行失败或者提醒的信息 黄色:表示执行了且改变了远程主机状态 绿色:表示执行成功

4.使用playbook编写一个创建文件的yml

创建一个文件 >>> 两种方法

[root@manager project1]# cat f1.yml

  1. - hosts: webservers
  2. tasks:
  3. - name: Create New File
  4. file: path=/tmp/123.txt state=touch owner=root group=root mode=600
  5. - name: Create New File2
  6. file:
  7. path: /tmp/456.txt
  8. state: touch
  9. owner: root
  10. group: root
  11. mode: 0666

二,playbook实践

案例一、使用ansible安装并配置nfs服务

172.16.1.31 172.16.1.7 172.16.1.8
nfs web web
  1. 新增一台nfs服务器
    [root@manager project1]# cat hosts
[nfsservers]
172.16.1.31

[webservers]
172.16.1.7
172.16.1.8
  1. 下发公钥至存储服务器
    root@manager project1]# ssh-copy-i root@ip
  2. 编写一个nfs-server的yml,思路。
1.安装nfs            yum
2.配置nfs            copy
3.初始化环境        
    用户            group  user
    目录            file
    授权            file
4.启动服务             systemd

[root@manager project1]# cat nfs_server.yml

- hosts: nfsservers
  tasks:
    - name: Installed NFS Server
      yum:
        name: nfs-utils
        state: present

    - name: Configure NFS Server
      copy:
        src: ./file/exports.j2 
        dest: /etc/exports
        owner: root
        group: root
        mode: 0644
        backup: yes

    - name: Create NFS Group www
      group:
        name: www
        gid: 666

    - name: Create NFS User www
      user:
        name: www
        group: www
        uid: 666
        create_home: no
        shell: /sbin/nologin

    - name: Create NFS Share Directory
      file:
        path: /ansible_data
        state: directory
        owner: www
        group: www
        mode: 0755
        recurse: yes

    - name: Systemd NFS Server 
      systemd:
        name: nfs
        state: restarted
        enabled: yes

4.编写一个nfs-clinet的yml
[root@manager project1]# cat nfs_client.yml

- hosts: webservers
  tasks:

    - name: Mount NFS Server share directory
      mount:
        src: 172.16.1.31:/ansible_data
        path: /mnt
        fstype: nfs
        opts: defaults
        state: mounted

案例二、使用ansible安装并配置nginx服务

1.安装 yum
2.配置 copy
3.启动 systmd
4.触发重启 handlers

[root@manager project1]# cat nginx.yml 
- hosts: webservers
  tasks:

    - name: Installed Nginx Server
      yum:
        name: nginx
        state: present

    - name: Configure Nginx Server
      copy:
        src: ./file/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
        owner: root
        group: root
        mode: 0644
        backup: yes
      notify: Restart Nginx Server

    - name: Systmd nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes

  handlers:
    - name: Restart Nginx Server
      systemd:
        name: nginx
        state: restarted

案例三:使用AnsiblePlaybook方式构建LAMP架构

1.使用yum安装 httpd、php、firewalld等 7.1 5.3
2.使用get_url下载http://fj.xuliangwei.com/public/index.php文件
3.启动httpd、firewalld、等服务
4.添加防火墙规则,放行http的流量

  1. 配置主机清单
[root@manager Lap]# cat hosts 
[nfsservers]
172.16.1.31

[backupservers]
172.16.1.41


[webservers]
172.16.1.7
172.16.1.8
  1. lamp剧本具体配置

[root@manager Lap]# cat lamp.yml

- hosts: web
  tasks:
    - name: Installed Httpd Server     //1.安装httpd
      yum: 
        name: httpd
        state: present

    - name: Installed PHP Server       //2.安装PHP
      yum: 
        name: php
        state: present

    - name: Configure Httpd WebSite     //3.配置站点
      get_url:
        url: http://fj.xuliangwei.com/public/index.php
        dest: /var/www/html/index.php
        mode: 0644

    - name: Systemd Httpd Server    //4.启动http服务
      systemd:
        name: httpd
        state: started

    - name: Systemd Firewalld Server    //5.启动防火墙firewalld
      systemd:
        name: firewalld
        state: started


    - name: Configure Firewalld Rule    //6.放行http
      firewalld:
        service: http
        state: enabled

案例四、搭建可道云网盘 31 41 apache+php

1.安装 apache+php
2,下载代码
3.启动 systemd
4.下载代码 wget 解压

[root@manager kod]# cat kod.yml

- hosts: web
  tasks:
    - name: Installed Httpd Server
      yum:
        name: httpd
        state: present

    - name: Installed PHP Server
      yum:
        name: php
        state: present

    - name: Get kodcloud code
      synchronize:
        src: ./file/kod
        dest: /var/www/html/kodcloud

    - name: Chmod kodcloud
      file:
        path: /var/www/html
        owner: root
        group: root
        mode: 0777
        recurse: yes

    - name: Systemd Httpd Server
      systemd:
        name: httpd
        state: restarted

案例五: Nginx+PHP 搭建可道云

实际会用roles的形式拆分。没有这么长。

先手动实现,其次再写剧本

  • 1.配置yum源 nginx php
    - 2.安装软件包 (循环的方式)
    - nginx php71w
    - 3.创建用户 www 统一UID和GID
    - 4.配置nginx.conf配置文件,修改启用用户为www
    - 5.配置php的权限 /etc/php-fpm.d/www.conf
    - 6.添加虚拟主机 /etc/nginx/conf.d/xx.conf
    - 7.创建网站的站点目录
    - 8.传输代码至站点目录
    - 9.启动nginx和php
    - 10.修改配置还需要能够实现自动重启

剧本配置如下:
[root@manager kod]# cat lnp.yml

- hosts: webservers
  tasks:
        #1.配置nginx源
    - name: Installed Nginx repo
      yum_repository:
        name: nginx
        description: nginx repo
        baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
        gpgcheck: no

        #2.配置php源
    - name: Installed PHP repo
      yum_repository:
        name: php
        description: webtatic-php
        baseurl: http://192.168.0.128/php
        gpgcheck: no

        #3.安装nginx和php软件
    - name: Installed Nginx and PHP Packages
      yum: 
        name: "{{ packages }}"
      vars: 
        packages:
        - nginx
        - php71w
        - php71w-cli
        - php71w-common
        - php71w-devel
        - php71w-gd
        - mod_php71w
        - php71w-fpm
        - php71w-opcache

        #4.创建属组www
    - name: Create Group www
      group:
        name: www
        gid: 666

        #5.创建属主www
    - name: Create User www
      user:
        name: www
        group: www
        uid: 666
        create_home: no
        shell: /sbin/nologin

        #6.管理nginx配置文件
    - name: Configure Nginx.conf
      copy:
        src: ./conf/nginx.conf.j2
        dest: /etc/nginx/nginx.conf
      notify: Restart Nginx Server

        #7.管理php-fpm配置文件
    - name: Configure php-fpm.conf
      copy:
        src: ./conf/php-www.conf.j2
        dest: /etc/php-fpm.d/www.conf
      notify: Restart PHP-fpm Server

        #8.创建虚拟主机
    - name: Add Nginx VirtHost kod.com
      copy:
        src: ./conf/kod.cheng.com.conf.j2
        dest: /etc/nginx/conf.d/kod.cheng.com.conf
      notify: Restart Nginx Server

        #9.创建站点目录
    - name: Init Nginx BseEnv
      file:
        path: /code
        state: directory
        owner: www
        group: www
        recurse: yes

        #10.同步代码至站点目录
    - name: Push kod code
      synchronize:
        src: ./file/kod
        dest: /code

        #11.授权站点目录权限
    - name: Chmod kodcloud
      file: 
        path: /code
        owner: www
        group: www
        recurse: yes

        #12.启动nginx服务
    - name: Systemd Nginx Server
      systemd:
        name: nginx
        state: started
        enabled: yes

        #13.启动php-fpm
    - name: Systemd PHP-fpm Server
      systemd:
        name: php-fpm
        state: started
        enabled: yes

  handlers:

    - name: Restart Nginx Server
      systemd:
        name: nginx
        state: restarted

    - name: Restart PHP-fpm Server
      systemd:
        name: php-fpm
        state: restarted

清理Backup剧本

- hosts: backup
  tasks:
    - name: Configure  Clean
      shell: cat /dev>/etc/rsyncd.conf

  - name: Passwd Clean
    file: 
      path: /etc/rsync.passwd
      state: absent

  - name: Userdelt
    user:
      name: www
      state: absent
      remove: yes

  - name: Stop Rsync
    service:
      name: rsyncd.service
      state: stopped
      enabled: no

三、剧本整合


QQ图片20200724202556.png

四、Ansible 优化


[defaults]
inventory = ./hosts
forks     = 15               #进程数

command_warnings=False    
host_key_checking= false     #关闭指纹验证

gathering = smart            #接入redis缓存
fact_caching_timeout = 86400
fact_caching = redis
fact_caching_connection = 172.16.1.62:6379