一,playbook概述
1.playbook?playbook翻译过来就是“剧本
playbook: 由一个或多个play组成,一个play可以包含多个task任务 简单理解为: 使用不同的模块完成一件事情
2.playbook的优势
1.功能比ad-hoc更全 2.能很好的控制先后执行顺序, 以及依赖关系 3.语法展现更加的直观 4.ad-hoc无法持久使用,playbook可以持久使用
3.playbook的配置语法是由yaml语法描述的,扩展名是yaml
缩进——YAML使用固定的缩进风格表示层级结构,每个缩进由两个空格组成, 不能使用tabs 冒号——以冒号结尾的除外,其他所有冒号后面所有必须有空格。 短横线——表示列表项,使用一个短横杠加一个空格。>
多个项使用同样的缩进级别作为同一列表
Playbook执行结果返回颜色状态:
红色: 表示有task执行失败或者提醒的信息 黄色:表示执行了且改变了远程主机状态 绿色:表示执行成功
4.使用playbook编写一个创建文件的yml
创建一个文件 >>> 两种方法
[root@manager project1]# cat f1.yml
- hosts: webservers
tasks:
- name: Create New File
file: path=/tmp/123.txt state=touch owner=root group=root mode=600
- name: Create New File2
file:
path: /tmp/456.txt
state: touch
owner: root
group: root
mode: 0666
二,playbook实践
案例一、使用ansible安装并配置nfs服务
172.16.1.31 | 172.16.1.7 | 172.16.1.8 |
---|---|---|
nfs | web | web |
- 新增一台nfs服务器
[root@manager project1]#cat hosts
[nfsservers]
172.16.1.31
[webservers]
172.16.1.7
172.16.1.8
- 下发公钥至存储服务器
root@manager project1]#ssh-copy-i root@ip
- 编写一个nfs-server的yml,思路。
1.安装nfs yum
2.配置nfs copy
3.初始化环境
用户 group user
目录 file
授权 file
4.启动服务 systemd
[root@manager project1]# cat nfs_server.yml
- hosts: nfsservers
tasks:
- name: Installed NFS Server
yum:
name: nfs-utils
state: present
- name: Configure NFS Server
copy:
src: ./file/exports.j2
dest: /etc/exports
owner: root
group: root
mode: 0644
backup: yes
- name: Create NFS Group www
group:
name: www
gid: 666
- name: Create NFS User www
user:
name: www
group: www
uid: 666
create_home: no
shell: /sbin/nologin
- name: Create NFS Share Directory
file:
path: /ansible_data
state: directory
owner: www
group: www
mode: 0755
recurse: yes
- name: Systemd NFS Server
systemd:
name: nfs
state: restarted
enabled: yes
4.编写一个nfs-clinet的yml
[root@manager project1]# cat nfs_client.yml
- hosts: webservers
tasks:
- name: Mount NFS Server share directory
mount:
src: 172.16.1.31:/ansible_data
path: /mnt
fstype: nfs
opts: defaults
state: mounted
案例二、使用ansible安装并配置nginx服务
1.安装 yum
2.配置 copy
3.启动 systmd
4.触发重启 handlers
[root@manager project1]# cat nginx.yml
- hosts: webservers
tasks:
- name: Installed Nginx Server
yum:
name: nginx
state: present
- name: Configure Nginx Server
copy:
src: ./file/nginx.conf.j2
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: 0644
backup: yes
notify: Restart Nginx Server
- name: Systmd nginx Server
systemd:
name: nginx
state: started
enabled: yes
handlers:
- name: Restart Nginx Server
systemd:
name: nginx
state: restarted
案例三:使用AnsiblePlaybook方式构建LAMP架构
1.使用yum安装 httpd、php、firewalld等 7.1 5.3
2.使用get_url下载http://fj.xuliangwei.com/public/index.php文件
3.启动httpd、firewalld、等服务
4.添加防火墙规则,放行http的流量
- 配置主机清单
[root@manager Lap]# cat hosts
[nfsservers]
172.16.1.31
[backupservers]
172.16.1.41
[webservers]
172.16.1.7
172.16.1.8
- lamp剧本具体配置
[root@manager Lap]# cat lamp.yml
- hosts: web
tasks:
- name: Installed Httpd Server //1.安装httpd
yum:
name: httpd
state: present
- name: Installed PHP Server //2.安装PHP
yum:
name: php
state: present
- name: Configure Httpd WebSite //3.配置站点
get_url:
url: http://fj.xuliangwei.com/public/index.php
dest: /var/www/html/index.php
mode: 0644
- name: Systemd Httpd Server //4.启动http服务
systemd:
name: httpd
state: started
- name: Systemd Firewalld Server //5.启动防火墙firewalld
systemd:
name: firewalld
state: started
- name: Configure Firewalld Rule //6.放行http
firewalld:
service: http
state: enabled
案例四、搭建可道云网盘 31 41 apache+php
1.安装 apache+php
2,下载代码
3.启动 systemd
4.下载代码 wget 解压
[root@manager kod]# cat kod.yml
- hosts: web
tasks:
- name: Installed Httpd Server
yum:
name: httpd
state: present
- name: Installed PHP Server
yum:
name: php
state: present
- name: Get kodcloud code
synchronize:
src: ./file/kod
dest: /var/www/html/kodcloud
- name: Chmod kodcloud
file:
path: /var/www/html
owner: root
group: root
mode: 0777
recurse: yes
- name: Systemd Httpd Server
systemd:
name: httpd
state: restarted
案例五: Nginx+PHP 搭建可道云
实际会用roles的形式拆分。没有这么长。
先手动实现,其次再写剧本
- 1.配置yum源 nginx php
- 2.安装软件包 (循环的方式)
- nginx php71w
- 3.创建用户 www 统一UID和GID
- 4.配置nginx.conf配置文件,修改启用用户为www
- 5.配置php的权限 /etc/php-fpm.d/www.conf
- 6.添加虚拟主机 /etc/nginx/conf.d/xx.conf
- 7.创建网站的站点目录
- 8.传输代码至站点目录
- 9.启动nginx和php
- 10.修改配置还需要能够实现自动重启
剧本配置如下:
[root@manager kod]# cat lnp.yml
- hosts: webservers
tasks:
#1.配置nginx源
- name: Installed Nginx repo
yum_repository:
name: nginx
description: nginx repo
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck: no
#2.配置php源
- name: Installed PHP repo
yum_repository:
name: php
description: webtatic-php
baseurl: http://192.168.0.128/php
gpgcheck: no
#3.安装nginx和php软件
- name: Installed Nginx and PHP Packages
yum:
name: "{{ packages }}"
vars:
packages:
- nginx
- php71w
- php71w-cli
- php71w-common
- php71w-devel
- php71w-gd
- mod_php71w
- php71w-fpm
- php71w-opcache
#4.创建属组www
- name: Create Group www
group:
name: www
gid: 666
#5.创建属主www
- name: Create User www
user:
name: www
group: www
uid: 666
create_home: no
shell: /sbin/nologin
#6.管理nginx配置文件
- name: Configure Nginx.conf
copy:
src: ./conf/nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: Restart Nginx Server
#7.管理php-fpm配置文件
- name: Configure php-fpm.conf
copy:
src: ./conf/php-www.conf.j2
dest: /etc/php-fpm.d/www.conf
notify: Restart PHP-fpm Server
#8.创建虚拟主机
- name: Add Nginx VirtHost kod.com
copy:
src: ./conf/kod.cheng.com.conf.j2
dest: /etc/nginx/conf.d/kod.cheng.com.conf
notify: Restart Nginx Server
#9.创建站点目录
- name: Init Nginx BseEnv
file:
path: /code
state: directory
owner: www
group: www
recurse: yes
#10.同步代码至站点目录
- name: Push kod code
synchronize:
src: ./file/kod
dest: /code
#11.授权站点目录权限
- name: Chmod kodcloud
file:
path: /code
owner: www
group: www
recurse: yes
#12.启动nginx服务
- name: Systemd Nginx Server
systemd:
name: nginx
state: started
enabled: yes
#13.启动php-fpm
- name: Systemd PHP-fpm Server
systemd:
name: php-fpm
state: started
enabled: yes
handlers:
- name: Restart Nginx Server
systemd:
name: nginx
state: restarted
- name: Restart PHP-fpm Server
systemd:
name: php-fpm
state: restarted
清理Backup剧本
- hosts: backup
tasks:
- name: Configure Clean
shell: cat /dev>/etc/rsyncd.conf
- name: Passwd Clean
file:
path: /etc/rsync.passwd
state: absent
- name: Userdelt
user:
name: www
state: absent
remove: yes
- name: Stop Rsync
service:
name: rsyncd.service
state: stopped
enabled: no
三、剧本整合
四、Ansible 优化
[defaults]
inventory = ./hosts
forks = 15 #进程数
command_warnings=False
host_key_checking= false #关闭指纹验证
gathering = smart #接入redis缓存
fact_caching_timeout = 86400
fact_caching = redis
fact_caching_connection = 172.16.1.62:6379