Ansible-基礎
Ansible架構
- Inventory 主機清單,能夠對主機分組
- ansible-hoc ansible的命令,適用臨時場景
- ansible-playbook ansible是一個場景的集合,是YAML語言
- 被控端: 被管理的主機
- 鏈接協議:ansible是用的ssh協議,因此被控端不須要安裝額外的agent,這也是
ansible-galaxy
鏈接https://galaxy.ansible.com 下載對應的Role,至關於倉庫。從倉庫里拉取相關應用node
讓咱們獲取一個nginx的rolepython
一、安裝
經過Yum安裝RPMs適用於 EPEL 6, 7, 以及仍在支持中的Fedora發行版.這裏咱們直接安裝就行。nginx
sudo yum install ansible
配置文件
- /etc/ansible/ansible.cfg 主配置文件,配置ansible工做特性
- /etc/ansible/hosts 主機清單
- /etc/ansible/roles/ 存放角色目錄
程序
- /usr/bin/ansible 主程序,臨時命令執行工具
- /usr/bin/ansible-doc 查看配置文檔,模塊文檔
- /usr/bin/ansible-galaxy 下載\上傳優秀代碼或role模塊的官方平臺
- /usr/bin/ansible-playbook 定製自動化任務,編排劇本工具
- /usr/bin/ansible-pull 遠程執行命令工具
- /usr/bin/ansible-vault 文件加密工具
- /usr/bin/ansible-console 基於Console界面與用戶交互的執行工具
ansible配置文件詳解
- inventory = /etc/ansible/hosts 主機列表配置文件
- library = /usr/share/my_modules/ 庫文件存放目錄
- remote_tmp = ~/.ansible/tmp 臨時py命令文件存放在遠程主機上的目錄
- local_tmp = ~/.ansible/tmp 本機的臨時命令執行目錄
- forks = 5 默認併發數
- sudo_user = root 默認sudo用戶
- ask_sudo_pass = True 默認sudo用戶是否須要密碼
- ask_pass = True 每次執行ansible命令詢問是否須要密碼
- remote_port = 22 默認ssh端口
- host_key_checking = False 檢查對應主機的host_key,建議取消註釋
- logpath =/var/log/ansible.log 日誌文件存放位置
ansible-doc
- -a 列出全部模塊文檔(太多不建議)
- -l --list 列出全部模塊
- -s --snippet 顯示指定模塊的playbook模塊
示例git
- ansible-doc -l 列出全部模塊
- ansible-doc ping 查看ping模塊文檔
- ansible-doc -s ping 查看ping模塊幫助用法
ansible命令用法
ansible <host-pattern> [-m module_name] [-a args]github
- --version 查看版本
- -m 指定模塊
- -v 詳細過程 -vv -vvv更詳細
- --list-hosts 顯示主機列表,可簡寫--list
- -k 提示輸入ssh鏈接密碼,默認key驗證
- -K 提示輸入sudo時候的口令
- -C --check 檢查,但不執行
- -T 執行超時時間,默認10s
- -u 指定遠程執行的用戶
- -b 代替舊版本的sudo切換
ansible <host-pattern>的格式
配置主機列表web
- all 表現全部的主機: ansible all -m ping
- * 通配符(要加引號): ansible "*" -m ping ansible "10.10.3.*" -m ping
- 或關係: ansible "monserver:ceph*" -m ping
- 與關係:ansible "monserver:&ceph*" -m ping
- 非關係(要用‘’號): ansible 'cephserver:!monserver' -m ping
ansible-galaxy
鏈接https://galaxy.ansible.com下載對應的Role,至關於倉庫,能夠找到本身想要的應用的role。shell
下載一個nginx的roleapache
$ ansible-galaxy install nginxinc.nginx
- downloading role 'nginx', owned by nginxinc
- downloading role from https://github.com/nginxinc/ansible-role-nginx/archive/0.11.0.tar.gz
列出相關的本地的rolevim
$ ansible-galaxy list - nginxinc.nginx, 0.11.0
刪除一個roleapi
$ ansible-galaxy remove nginxinc.nginx
- successfully removed nginxinc.nginx
ansible密鑰分發
這裏咱們須要準備兩臺主機,咱們須要在主機A上生成祕鑰
ssh-keygen -t rsa
主機清單分組
普通分組 [monserver] 10.10.3.150 10.10.3.151 10.10.3.152 [osdserver] 10.10.3.153 10.10.3.154 10.10.3.155 嵌套分組 [cephserver] 10.10.3.15[0:5]
測試cephserver 主機組是否可用
ansible cephserver -m ping -k SSH password: 10.10.3.150 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.3.152 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.3.151 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.3.153 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.3.154 | SUCCESS => { "changed": false, "ping": "pong" } 10.10.3.155 | SUCCESS => { "changed": false, "ping": "pong" }
分發密鑰
咱們怕密碼不一樣,咱們能夠把密碼配置到主機清單的變量裏。
#方法1 [cephserver:vars] ansible_ssh_user=root ansible_ssh_pass=123 ansible_ssh_port=22 #方法2 [osdserver] 10.10.3.153 ansible_ssh_user=root ansible_ssh_pass=123 ansible_ssh_port=22 10.10.3.154 ansible_ssh_user=root ansible_ssh_pass=456 ansible_ssh_port=22 10.10.3.155 ansible_ssh_user=root ansible_ssh_pass=111 ansible_ssh_port=22
這裏咱們用方法一,咱們使用了authorized_key模塊
ansible cephserver -m authorized_key -a "user=root key='{{lookup('file','/root/.ssh/id_rsa.pub')}}'"
10.10.3.150 | CHANGED => {
"changed": true,
"comment": null,
"exclusive": false,
"follow": false,
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuimpsq0vBZHHR9ypSlQjucyliwNQUppIkimDcTYiYg9ttRf0A3foPd01nXiez8TP52csdrEDUnZsy85fugtvRatu9eWi8BWXzVm0/9m7NuCDzyOqeoBHgiPPqdOwX7Djp4D0BRiu4YqhzTTjC+dkMvxJAxVpx6eyJglfPL7fII3iL0b45F812de869rqgP6CFIkNuiZGPtxCa/ngyP/ILCmhLRSOddflE1QKviV6J7+VHPOtvI1iK0TQMI2HZolf9sj7nzzUE0lH8gH4PLh8OF6Yup8QoBvHv6Y+EN3z7ORLEji1Sv2iUClQHgwcd6CWfAgy1NNURCyl92/t8D54f root@ceph-moni-0",
"key_options": null,
"keyfile": "/root/.ssh/authorized_keys",
"manage_dir": true,
"path": null,
"state": "present",
"unique": false,
"user": "root",
"validate_certs": true
}
10.10.3.152 | CHANGED => {
"changed": true,
"comment": null,
"exclusive": false,
"follow": false,
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuimpsq0vBZHHR9ypSlQjucyliwNQUppIkimDcTYiYg9ttRf0A3foPd01nXiez8TP52csdrEDUnZsy85fugtvRatu9eWi8BWXzVm0/9m7NuCDzyOqeoBHgiPPqdOwX7Djp4D0BRiu4YqhzTTjC+dkMvxJAxVpx6eyJglfPL7fII3iL0b45F812de869rqgP6CFIkNuiZGPtxCa/ngyP/ILCmhLRSOddflE1QKviV6J7+VHPOtvI1iK0TQMI2HZolf9sj7nzzUE0lH8gH4PLh8OF6Yup8QoBvHv6Y+EN3z7ORLEji1Sv2iUClQHgwcd6CWfAgy1NNURCyl92/t8D54f root@ceph-moni-0",
"key_options": null,
"keyfile": "/root/.ssh/authorized_keys",
"manage_dir": true,
"path": null,
"state": "present",
"unique": false,
"user": "root",
"validate_certs": true
}
......
authorized_key
- - exclusive [default: no]: 是否移除 authorized_keys 文件中其它非指定 key
- - key: SSH public key(s) 能夠是字符串或 url,如:https://github.com/username.keys
- - key_options [Default: None]: 附加到 key 中的字符串,該字符串會加到 key 的開頭
- - path [Default: (homedir)+/.ssh/authorized_keys]: 指定 authorized_keys 文件存放的位置
- - state (Choices: present, absent) [Default: present]: present 添加指定 key 到 authorized_keys 文件中;absent 從 authorized_keys 文件中移除指定 key
- - user: 指定修改遠端服務器上哪一個用戶的 authorized_keys
-
- manage_dir (Choices: yes, no) [Default: yes]: 指定模塊是否應該管理 authorized key 文件所在的目錄。若是設置爲 yes,模塊會建立目錄,以及設置一個已存在目錄的擁有者和權限。若是經過 path 選項,從新指定了一個 authorized key 文件所在目錄,那麼應該將該選項設置爲 no
二、遠程執行命令
ansible all -m ping 172.16.138.40 | SUCCESS => { "changed": false, "ping": "pong" } 172.16.138.41 | SUCCESS => { "changed": false, "ping": "pong" }
咱們也能夠經過主機組執行命令
$ ansible webhost -m command -a "w" 172.16.138.41 | CHANGED | rc=0 >> 01:35:17 up 29 days, 3:34, 2 users, load average: 0.24, 0.33, 0.27 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 172.16.40.86 23:29 41.00s 0.00s 0.00s -bash root pts/1 k8s-master 01:35 0.00s 0.06s 0.00s w 172.16.138.40 | CHANGED | rc=0 >> 01:35:18 up 29 days, 3:34, 3 users, load average: 0.98, 0.88, 0.86 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 172.16.40.86 23:06 1:08m 0.29s 0.29s -bash root pts/1 172.16.40.86 01:26 6.00s 1.11s 0.00s ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/2c6989e158 -tt 172.16.138.40 /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1553146517.04-153785974352870/AnsiballZ_command.py && sleep 0' root pts/3 k8s-master 01:35 1.00s 0.10s 0.01s w
- webhost 是指定的主機組
- -m 是指定模塊
- -a 是執行的命令
這裏還有一個shell模塊。一樣也支持寫一個命令。
三、管理文件和目錄
ansible 172.16.138.41 -m copy -a "src=/etc/ansible dest=/tmp/ansible_test owner=root group=root mode=755" 172.16.138.41 | CHANGED => { "changed": true, "dest": "/tmp/ansible_test/", "src": "/etc/ansible" }
咱們看一下目標主機下/tmp目錄
[root@node02 tmp]# ls ansible_test [root@node02 tmp]# ls ansible_test/ ansible [root@node02 tmp]#
- src 指定源目錄
- dest 指定目標目錄
須要注意的是,若是目標主機沒有這個目錄會自動建立這個目錄,若是拷貝是文件,目標主機指定的名字和源若是不一樣,而且不是已經存在的目錄,至關於copy過去又重命名。但相反,若是目標主機上已經處在的目錄,則會直接把文件copy到該目錄下。
Fetch模塊
抓取遠程節點上的文件,只能複製遠程單個文件,不能複製目錄
$ ansible all -m fetch -a "src=/var/log/messages dest=/root/logs" 10.10.3.150 | CHANGED => { "changed": true, "checksum": "1e74d4714c730e75b453868a1a842e05b5e1504a", "dest": "/root/logs/10.10.3.150/var/log/messages", "md5sum": "32f20a6108ec6a30e5a81435b329c690", "remote_checksum": "1e74d4714c730e75b453868a1a842e05b5e1504a", "remote_md5sum": null } ..... 咱們用tree查看一下目錄 $ tree . ├── 10.10.3.150 │ └── var │ └── log │ └── messages ├── 10.10.3.151 │ └── var │ └── log │ └── messages ├── 10.10.3.152 │ └── var │ └── log │ └── messages ├── 10.10.3.153 │ └── var │ └── log │ └── messages ├── 10.10.3.154 │ └── var │ └── log │ └── messages └── 10.10.3.155 └── var └── log └── messages
File模塊
建立一個文件夾
ansible all -m file -a "path=/data state=directory" 10.10.3.154 | CHANGED => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/data", "size": 6, "state": "directory", "uid": 0 } .........
建立文件
ansible all -m file -a "path=/data/zzk state=touch" 10.10.3.150 | CHANGED => { "changed": true, "dest": "/data/zzk", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "size": 0, "state": "file", "uid": 0 } ..........
刪除文件
ansible all -m file -a "path=/data/zzk state=absent" 10.10.3.153 | CHANGED => { "changed": true, "path": "/data/zzk", "state": "absent" }
三、腳本管理
咱們先隨便寫一個腳本
#!/bin/bash date >> /tmp/data.txt
ansible須要先把腳本copy到對應主機上
$ ansible 172.16.138.41 -m copy -a "src=/tmp/1.sh dest=/tmp/test.sh owner=root group=root mode=755"
172.16.138.41 | CHANGED => {
"changed": true,
"checksum": "a0d6b0777539641b9aab412a0297b1273e836bbb",
"dest": "/tmp/test.sh",
"gid": 0,
"group": "root",
"md5sum": "fc416150a5e218531c550b98e6ea35b6",
"mode": "0755",
"owner": "root",
"size": 36,
"src": "/root/.ansible/tmp/ansible-tmp-1553151731.05-254487603693246/source",
"state": "file",
"uid": 0
}
執行遠程腳本
ansible 172.16.138.41 -m shell -a "/tmp/test.sh" 172.16.138.41 | CHANGED | rc=0 >>
四、管理任務計劃
ansible 172.16.138.41 -m cron -a "name='test cron' job='touch /tmp/111.txt' weekday=6" 172.16.138.41 | CHANGED => { "changed": true, "envs": [], "jobs": [ "test cron" ] }
- cron 定時任務模塊
- name 指定定時任務的名字
- job 指定定時任務的內容
- weekday 指定是時間計劃,也可使用*****表示
咱們看一下目錄主機的定時任務
$ crontab -l #Ansible: test cron * * * * 6 touch /tmp/111.txt
咱們看到有個Ansible的表示,下面是定時任務的內容。
咱們能夠經過state=absent 來刪除定時任務
$ ansible 172.16.138.41 -m cron -a "name='test cron' state=absent" 172.16.138.41 | CHANGED => { "changed": true, "envs": [], "jobs": [] }
五、Playbook
playbook就是把一些模塊的集合搞到一個文件裏。play的主要功能在於將事先歸爲一組的主機裝扮成事先經過ansible中的task定義好的角色,從根原本講,所謂的task無非是調用ansible的一個module。將多個play組織在一個playbook中,既可讓他們連通起來按事先編排的機制同唱一臺戲。
核心元素:
- hosts 執行的主機列表
- tasks 任務集
- varniables 內置變量或者自定義變量在playbook中調用
- templates 模板,能夠替換模板中的變量並實現一些簡單邏輯文件
- handlers 和notity結合使用,由特定條件觸發的操做,知足條件方可執行,不然不執行。
- tags 標籤 指定某條任務執行,用於選擇運行playbook中的部分代碼,ansible具備冪等性,所以會自動跳過沒有變化的部分,即使如此,有些代碼爲測試其確實沒有發生變化的時間依然會很是的長。此時,若是確信沒有其餘變化, 就能夠經過tags跳過這些代碼片斷。
例如:
--- #表示開始 - hosts: 172.16.138.41 #指定遠程主機 remote_user: root #指定遠程用戶 tasks: #任務 - name: test_playbook #任務名字 shell: touch /tmp/playbook.txt #具體的任務,核心
執行
ansible-playbook /etc/ansible/test.yaml PLAY [172.16.138.41] ****************************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************************** ok: [172.16.138.41] TASK [test_playbook] ****************************************************************************************************************** [WARNING]: Consider using the file module with state=touch rather than running 'touch'. If you need to use command because file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. changed: [172.16.138.41] PLAY RECAP **************************************************************************************************************************** 172.16.138.41 : ok=2 changed=1 unreachable=0 failed=0
在palybook中使用file模塊和user模塊
--- - host: monserver remote_user: root tasks: - name: create new file file: name=/data/newfile state=touch - name: create net user user: name=test1
這裏咱們使用-C參數,-C 是測試一下,不執行真正的結果
ansible-playbook -C test.yaml PLAY [monserver] *************************************************************************************** TASK [Gathering Facts] ********************************************************************************* ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [create new file] ********************************************************************************* ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [create net user] ********************************************************************************* changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] PLAY RECAP ********************************************************************************************* 10.10.3.150 : ok=3 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=1 unreachable=0 failed=0
查看playbook執行文件中有哪些主機
ansible-playbook test.yaml --list-hosts playbook: test.yaml play #1 (monserver): monserver TAGS: [] pattern: [u'monserver'] hosts (3): 10.10.3.152 10.10.3.150 10.10.3.151
查看playbook執行文件中,有哪些任務
ansible-playbook test.yaml --list-tasks playbook: test.yaml play #1 (monserver): monserver TAGS: [] tasks: create new file TAGS: [] create net user TAGS: []
在指定主機下執行
ansible-playbook test.yaml --limit 10.10.3.152 PLAY [monserver] *************************************************************************************** TASK [Gathering Facts] ********************************************************************************* ok: [10.10.3.152] TASK [create new file] ********************************************************************************* changed: [10.10.3.152] TASK [create net user] ********************************************************************************* changed: [10.10.3.152] PLAY RECAP ********************************************************************************************* 10.10.3.152 : ok=3 changed=2 unreachable=0 failed=0
六、Playbook變量
變量的來源:
- ansible setup facts 來和獲取系統變量,舉例:ansible monserver -m setup 過濾:ansible monserver -m setup -a "filter=ansible_hostname"
- 在/etc/ansible/hosts中定義
- 普通變量:主機組中主機單獨定義,優先級高於公共變量
- 公共(組)變量:針對主機組中全部主機定義統一變量
- 經過命令行指定變量,優先級最高。 ansible-playbook -e varname=value
- 在playbook中定義
- 在role中定義
咱們建立一個用戶。經過變量傳過去
--- - name: create_user hosts: 172.16.138.41 remote_user: root gather_facts: false vars: - user: "zzkk" tasks: - name: create-user user: name="{{ user }}"
執行:
ansible-playbook /etc/ansible/user.yaml PLAY [create_user] ******************************************************************************************************************** TASK [create-user] ******************************************************************************************************************** changed: [172.16.138.41] PLAY RECAP **************************************************************************************************************************** 172.16.138.41 : ok=1 changed=1 unreachable=0 failed=0
測試
--- - hosts: monserver remote_user: root tasks: - name: install httpd package yum: name={{ pkname }} - name: start service service: name={{ pkname }} state=started enabled=yes
執行
ansible-playbook -e 'pkname=vsftpd' app.yaml PLAY [monserver] *************************************************************************************** TASK [Gathering Facts] ********************************************************************************* ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] TASK [install httpd package] *************************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [start service] *********************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] PLAY RECAP ********************************************************************************************* 10.10.3.150 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=2 unreachable=0 failed=0
palybook中定義變量
--- - hosts: monserver remote_user: root vars: - pkname: vsftpd tasks: - name: install httpd package yum: name={{ pkname }} - name: start service service: name={{ pkname }} state=started enabled=yes
執行
$ ansible-playbook app.yaml PLAY [monserver] ************************************************************************************************** TASK [Gathering Facts] ******************************************************************************************** ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] TASK [install httpd package] ************************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] TASK [start service] ********************************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] PLAY RECAP ******************************************************************************************************** 10.10.3.150 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=2 unreachable=0 failed=0
主機清單中定義變量
廣泛變量,就是定義單個主機的變量
[monserver] 10.10.3.150 http_port=81 10.10.3.151 http_port=80 10.10.3.152 http_port=82
--- - hosts: monserver remote_user: root tasks: - name: hostname hostname: name=user{{ http_port }}
執行
ansible-playbook -C host.yaml PLAY [monserver] ************************************************************************************************** TASK [Gathering Facts] ******************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [hostname] *************************************************************************************************** changed: [10.10.3.150] changed: [10.10.3.151] changed: [10.10.3.152] PLAY RECAP ******************************************************************************************************** 10.10.3.150 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=2 changed=1 unreachable=0 failed=0
公共變量
[cephserver:vars] ansible_ssh_user=root ansible_ssh_pass=123 ansible_ssh_port=22
七、playbook循環
建立三個文件,並修復其權限爲600
--- - hosts: 172.16.138.41 user: root task: - name: "touch 1 2 3 file and change file mode" file: path=/tmp/{{ item }} state=touch mode=600 with_items: - 1.txt - 2.txt - 3.txt
執行:
ansible-playbook /etc/ansible/while.yaml PLAY [172.16.138.41] ****************************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************************** ok: [172.16.138.41] TASK [touch 1 2 3 file and change file mode] ****************************************************************************************** changed: [172.16.138.41] => (item=1.txt) changed: [172.16.138.41] => (item=2.txt) changed: [172.16.138.41] => (item=3.txt) PLAY RECAP **************************************************************************************************************************** 172.16.138.41 : ok=2 changed=1 unreachable=0 failed=0
八、playbook 條件判斷
咱們查看一下gather_facts收集到的信息,來做爲咱們判斷的條件,這裏咱們要獲取IP地址。
ansible 172.16.138.41 -m setup .... "ansible_ens160": { "active": true, "device": "ens160", .... "ipv4": { "address": "172.16.138.41", "broadcast": "172.16.138.255", "netmask": "255.255.255.0", "network": "172.16.138.0" }, ....
咱們寫一個判斷條件 當ansible_ens160.ipv4.address = 172.16.138.41 執行建立文件
--- - hosts: webhost user: root gather_facts: True tasks: - name: stady when shell: touch /tmp/when.txt when: ansible_ens160.ipv4.address == "172.16.138.41"
執行結果:
ansible-playbook /etc/ansible/when.yaml PLAY [webhost] ************************************************************************************************************************ TASK [Gathering Facts] **************************************************************************************************************** ok: [172.16.138.41] ok: [172.16.138.40] TASK [stady when] ********************************************************************************************************************* skipping: [172.16.138.40] [WARNING]: Consider using the file module with state=touch rather than running 'touch'. If you need to use command because file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. changed: [172.16.138.41] PLAY RECAP **************************************************************************************************************************** 172.16.138.40 : ok=1 changed=0 unreachable=0 failed=0 172.16.138.41 : ok=2 changed=1 unreachable=0 failed=0
這裏咱們看到跳過172.16.138.40,在172.16.138.41中執行。
八、playbook Handlers
module 具備」冪等」性,因此當遠端系統被人改動時,能夠重放 playbooks 達到恢復的目的. playbooks 自己能夠識別這種改動,而且有一個基本的 event system(事件系統),能夠響應這種改動.
(當發生改動時)’notify’ actions 會在 playbook 的每個 task 結束時被觸發,並且即便有多個不一樣的 task 通知改動的發生, ‘notify’ actions 只會被觸發一次.
舉例來講,好比多個 resources 指出由於一個配置文件被改動,因此 apache 須要從新啓動,可是從新啓動的操做只會被執行一次.
樣例:
安裝http服務,並將配置文件copy到遠程服務裏
---
- hosts: monserver
remote_user: root
tasks:
- name: install httpd package
yum: name=httpd
- name: copy conf file
copy: src=files/httpd.conf dest=/etc/httpd/ backup=yes
- name: start service
service: name=httpd state=started enabled=yes
執行:
$ ansible-playbook httpd.yaml
PLAY [monserver] ***************************************************************************************
TASK [Gathering Facts] *********************************************************************************
ok: [10.10.3.152]
ok: [10.10.3.151]
ok: [10.10.3.150]
TASK [install httpd package] ***************************************************************************
changed: [10.10.3.150]
changed: [10.10.3.152]
changed: [10.10.3.151]
TASK [start service] ***********************************************************************************
changed: [10.10.3.150]
changed: [10.10.3.152]
changed: [10.10.3.151]
PLAY RECAP *********************************************************************************************
10.10.3.150 : ok=3 changed=2 unreachable=0 failed=0
10.10.3.151 : ok=3 changed=2 unreachable=0 failed=0
10.10.3.152 : ok=3 changed=2 unreachable=0 failed=0
確認是否安裝成功
ansible monserver -m shell -a "ss -ntlp | grep :80" 10.10.3.152 | CHANGED | rc=0 >> LISTEN 0 128 :::80 :::* users:(("httpd",pid=7626,fd=4),("httpd",pid=7625,fd=4),("httpd",pid=7624,fd=4),("httpd",pid=7623,fd=4),("httpd",pid=7622,fd=4),("httpd",pid=7621,fd=4)) 10.10.3.151 | CHANGED | rc=0 >> LISTEN 0 128 :::80 :::* users:(("httpd",pid=20020,fd=4),("httpd",pid=20019,fd=4),("httpd",pid=20018,fd=4),("httpd",pid=20017,fd=4),("httpd",pid=20016,fd=4),("httpd",pid=20015,fd=4)) 10.10.3.150 | CHANGED | rc=0 >> LISTEN 0 128 :::80 :::* users:(("httpd",pid=3437,fd=4),("httpd",pid=3436,fd=4),("httpd",pid=3435,fd=4),("httpd",pid=3434,fd=4),("httpd",pid=3433,fd=4),("httpd",pid=3432,fd=4))
這裏咱們將配置文件的http端口改爲81
..... # directive. # # Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 Listen 81 .....
讓咱們從新執行palybook,看看會發生什麼
$ ansible-playbook httpd.yaml PLAY [monserver] *************************************************************************************** TASK [Gathering Facts] ********************************************************************************* ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [install httpd package] *************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [copy conf file] ********************************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [start service] *********************************************************************************** ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] PLAY RECAP ********************************************************************************************* 10.10.3.150 : ok=4 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=4 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=4 changed=1 unreachable=0 failed=0
其實這裏咱們發現,任務只執行了「copy conf file」這個task,咱們再堅持一下遠程端口看看有沒有啓動81
$ ansible monserver -m shell -a "ss -ntlp | grep :81" 10.10.3.150 | FAILED | rc=1 >> non-zero return code 10.10.3.152 | FAILED | rc=1 >> non-zero return code 10.10.3.151 | FAILED | rc=1 >> non-zero return code
咱們能夠看到這裏報錯, 沒有返回對應的端口,說明就沒有啓動81端口,咱們須要的發現配置文件發送變化,就自動重啓。這裏咱們使用handler來實現
--- - hosts: monserver remote_user: root tasks: - name: install httpd package yum: name=httpd - name: copy conf file copy: src=files/httpd.conf dest=/etc/httpd/ backup=yes notify: restart service - name: start service service: name=httpd state=started enabled=yes handlers: - name: restart service service: name=httpd state=restarted
執行驗證:
$ ansible-playbook httpd.yaml PLAY [monserver] *************************************************************************************** TASK [Gathering Facts] ********************************************************************************* ok: [10.10.3.150] ok: [10.10.3.151] ▽ ok: [10.10.3.152] TASK [install httpd package] *************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [copy conf file] ********************************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [start service] *********************************************************************************** ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] RUNNING HANDLER [restart service] ********************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] PLAY RECAP ********************************************************************************************* 10.10.3.150 : ok=5 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=5 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=5 changed=2 unreachable=0 failed=0
$ ansible monserver -m shell -a "ss -ntlp | grep :81"
10.10.3.150 | CHANGED | rc=0 >>
LISTEN 0 128 :::81 :::* users:(("httpd",pid=6255,fd=4),("httpd",pid=6254,fd=4),("httpd",pid=6253,fd=4),("httpd",pid=6252,fd=4),("httpd",pid=6251,fd=4),("httpd",pid=6250,fd=4))
10.10.3.151 | CHANGED | rc=0 >>
LISTEN 0 128 :::81 :::* users:(("httpd",pid=21469,fd=4),("httpd",pid=21468,fd=4),("httpd",pid=21467,fd=4),("httpd",pid=21466,fd=4),("httpd",pid=21465,fd=4),("httpd",pid=21464,fd=4))
10.10.3.152 | CHANGED | rc=0 >>
LISTEN 0 128 :::81 :::* users:(("httpd",pid=9087,fd=4),("httpd",pid=9086,fd=4),("httpd",pid=9085,fd=4),("httpd",pid=9084,fd=4),("httpd",pid=9083,fd=4),("httpd",pid=9082,fd=4))
九、template模板
- 文本文件
- Jinjia2語言,有下面形式:
- 字符串:使用單引號或者雙引號
- 數字:整數,浮點數
- 列表:[item1,item2....]
- 元組:(item1,item2...)
- 字典:{key1:value1,key2:value2....}
- 布爾型:true/false
- 算術運算:「+」,「-」,「*」,「/」,「//」,「%」,「**」
- 比較操做:==,!=,>,>=,<,<=
- 邏輯運算:and,or,not
- 流表達式:For If When
簡單使用方法:
在當前目錄下建立templates目錄,下負責nginx的配置文件
建立一個playbook
--- - hosts: monserver remote_user: root tasks: - name: install nginx yum: name=nginx - name: copy template template: src=templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf - name: start nginx service: name=nginx state=started enabled=yes
執行:
ansible-playbook temp.yaml PLAY [monserver] ************************************************************************************************** TASK [Gathering Facts] ******************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.151] ok: [10.10.3.152] TASK [install nginx] ********************************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] TASK [copy template] ********************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [start nginx] ************************************************************************************************ changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] PLAY RECAP ******************************************************************************************************** 10.10.3.150 : ok=4 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=4 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=4 changed=2 unreachable=0 failed=0
咱們使用系統變量修改nginx work進程數:
獲取變量的方法,咱們可使用 ansible monserver -m setup | grep "processor" 獲取CPU個數
修改nginx模板文件
$ vim templates/nginx.conf.j2 # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes {{ ansible_processor_vcpus**2 }}; error_log /var/log/nginx/error.log; .....
修改playbook使用handlers
--- - hosts: monserver remote_user: root tasks: - name: install nginx yum: name=nginx - name: copy template template: src=templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf notify: restart nginx - name: start nginx service: name=nginx state=started enabled=yes handlers: - name: restart nginx service: name=nginx state=restarted
執行:
ansible-playbook temp.yaml PLAY [monserver] ************************************************************************************************** TASK [Gathering Facts] ******************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.151] ok: [10.10.3.152] ▽ TASK [install nginx] ********************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.151] ok: [10.10.3.152] TASK [copy template] ********************************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] TASK [start nginx] ************************************************************************************************ ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] RUNNING HANDLER [restart nginx] *********************************************************************************** changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] PLAY RECAP ******************************************************************************************************** 10.10.3.150 : ok=5 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=5 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=5 changed=2 unreachable=0 failed=0
驗證:
$ ansible monserver -m shell -a "ps -ef | grep nginx " 10.10.3.151 | CHANGED | rc=0 >> root 24713 1 0 14:40 ? 00:00:00 nginx: master process /usr/sbin/nginx nginx 24714 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24715 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24716 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24717 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24718 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24719 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24720 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24721 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24722 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24723 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24724 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24725 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24726 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24727 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24728 24713 0 14:40 ? 00:00:00 nginx: worker process nginx 24729 24713 0 14:40 ? 00:00:00 nginx: worker process root 24850 24849 0 14:41 pts/0 00:00:00 /bin/sh -c ps -ef | grep nginx root 24852 24850 0 14:41 pts/0 00:00:00 grep nginx ....
一樣也能夠引用主機清單、playbook等裏面的變量。
when用法
when 既中文含義是「當」,當怎麼怎麼就怎麼怎麼
當hostname=ceph-osd-1的時候安裝服務
--- - hosts: cephserver remote_user: root tasks: - name: install nginx when: ansible_hostname == "ceph-osd-1" yum: name=nginx - name: copy template when: ansible_hostname == "ceph-osd-1" template: src=templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf notify: restart nginx - name: start nginx when: ansible_hostname == "ceph-osd-1" service: name=nginx state=started enabled=yes handlers: - name: restart nginx service: name=nginx state=restarted
迭代機制, with_items
--- - hosts: monserver remote_user: root tasks: - name: create some file file: name=/data/{{ item }} state=touch with_items: - file1 - file2 - file3 - name: install spme packages yum: name= {{ item }} with_items: - htop - sl - hping3
執行:
ansible-playbook -C testitem.yaml PLAY [monserver] ********************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.151] ok: [10.10.3.152] TASK [create some file] *************************************************************************************************** ok: [10.10.3.150] => (item=file1) ok: [10.10.3.152] => (item=file1) ok: [10.10.3.151] => (item=file1) ok: [10.10.3.150] => (item=file2) ok: [10.10.3.152] => (item=file2) ok: [10.10.3.151] => (item=file2) ok: [10.10.3.150] => (item=file3) ok: [10.10.3.152] => (item=file3) ok: [10.10.3.151] => (item=file3) TASK [install spme packages] ********************************************************************************************** ok: [10.10.3.152] => (item=htop) ok: [10.10.3.150] => (item=htop) ok: [10.10.3.151] => (item=htop) ok: [10.10.3.152] => (item=sl) ok: [10.10.3.150] => (item=sl) ok: [10.10.3.151] => (item=sl) ok: [10.10.3.152] => (item=hping3) ok: [10.10.3.150] => (item=hping3) ok: [10.10.3.151] => (item=hping3) PLAY RECAP **************************************************************************************************************** 10.10.3.150 : ok=3 changed=0 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=0 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=0 unreachable=0 failed=0 [root@ceph-moni-0 ansible]# ansible-playbook testitem.yaml PLAY [monserver] ********************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [create some file] *************************************************************************************************** changed: [10.10.3.152] => (item=file1) changed: [10.10.3.151] => (item=file1) ▽ changed: [10.10.3.150] => (item=file1) changed: [10.10.3.150] => (item=file2) changed: [10.10.3.152] => (item=file2) changed: [10.10.3.151] => (item=file2) changed: [10.10.3.150] => (item=file3) changed: [10.10.3.152] => (item=file3) changed: [10.10.3.151] => (item=file3) TASK [install spme packages] ********************************************************************************************** ok: [10.10.3.152] => (item=htop) ok: [10.10.3.151] => (item=htop) ok: [10.10.3.150] => (item=htop) ok: [10.10.3.151] => (item=sl) ok: [10.10.3.152] => (item=sl) ok: [10.10.3.150] => (item=sl) ok: [10.10.3.151] => (item=hping3) ok: [10.10.3.152] => (item=hping3) ok: [10.10.3.150] => (item=hping3) PLAY RECAP **************************************************************************************************************** 10.10.3.150 : ok=3 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=1 unreachable=0 failed=0
驗證:
ansible monserver -m shell -a "ls /data" 10.10.3.150 | CHANGED | rc=0 >> file1 file2 file3 10.10.3.152 | CHANGED | rc=0 >> file1 file2 file3 newfile 10.10.3.151 | CHANGED | rc=0 >> file1 file2 file3
迭代嵌套子變量,使用字典
--- - hosts: monserver remote_user: root tasks: - name: create some group group: name={{ item }} with_items: - g1 - g2 - g3 - name: create some users user: name={{ item.name }} group={{ item.group }} with_items: - {name: 'user1',group: 'g1'} - {name: 'user2',group: 'g2'} - {name: 'user3',group: 'g3'}
執行:
$ ansible-playbook testitem2.yaml PLAY [monserver] ********************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************** ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] TASK [create some group] ************************************************************************************************** ▽ changed: [10.10.3.150] => (item=g1) changed: [10.10.3.152] => (item=g1) changed: [10.10.3.151] => (item=g1) changed: [10.10.3.152] => (item=g2) changed: [10.10.3.150] => (item=g2) changed: [10.10.3.151] => (item=g2) changed: [10.10.3.152] => (item=g3) changed: [10.10.3.150] => (item=g3) changed: [10.10.3.151] => (item=g3) TASK [create some users] ************************************************************************************************** changed: [10.10.3.152] => (item={u'group': u'g1', u'name': u'user1'}) changed: [10.10.3.151] => (item={u'group': u'g1', u'name': u'user1'}) changed: [10.10.3.150] => (item={u'group': u'g1', u'name': u'user1'}) changed: [10.10.3.152] => (item={u'group': u'g2', u'name': u'user2'}) changed: [10.10.3.150] => (item={u'group': u'g2', u'name': u'user2'}) changed: [10.10.3.151] => (item={u'group': u'g2', u'name': u'user2'}) changed: [10.10.3.152] => (item={u'group': u'g3', u'name': u'user3'}) changed: [10.10.3.150] => (item={u'group': u'g3', u'name': u'user3'}) changed: [10.10.3.151] => (item={u'group': u'g3', u'name': u'user3'}) PLAY RECAP **************************************************************************************************************** 10.10.3.150 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.151 : ok=3 changed=2 unreachable=0 failed=0 10.10.3.152 : ok=3 changed=2 unreachable=0 failed=0
for 循環在template模板中:
咱們建立一個變量字段
---
- hosts: monserver
remote_user: root
vars:
ports:
- web1:
name: webhs1
port: 81
rootdir: /data/web1
- web2:
name: webhs2
port: 82
rootdir: /data/web2
- web3:
name: webhs3
port: 83
rootdir: /data/web3
tasks:
- name: copy conf
template: src=for3.conf.j2 dest=/data/for1.conf
建立template模板配置文件
{% for p in ports %}
server{
listen {{ p.port }}
servername {{ p.name }}
documentroot: {{ p.rootdir }}
}
{% endfor %}
執行:
ansible-playbook for.yaml PLAY [monserver] ********************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************** ok: [10.10.3.152] ok: [10.10.3.150] ok: [10.10.3.151] TASK [copy conf] ********************************************************************************************************** changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] PLAY RECAP **************************************************************************************************************** 10.10.3.150 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=2 changed=1 unreachable=0 failed=0
循環嵌套if判斷
需求是,若是name有定義就添加這個配置,若是沒有就不添加,這裏咱們在前面定義的變量裏註釋兩個name
--- - hosts: monserver remote_user: root vars: ports: - web1: # name: webhs1 port: 81 rootdir: /data/web1 - web2: # name: webhs2 port: 82 rootdir: /data/web2 - web3: name: webhs3 port: 83 rootdir: /data/web3 tasks: - name: copy conf template: src=for1.conf.j2 dest=/data/for3.conf
在template中增長判斷
{% for p in ports %}
server{
listen {{ p.port }}
{% if p.name is defined %}
servername {{ p.name }}
{% endif %}
documentroot: {{ p.rootdir }}
}
{% endfor %}
執行:
ansible-playbook for1.yaml PLAY [monserver] ********************************************************************************************************** TASK [Gathering Facts] **************************************************************************************************** ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [copy conf] ********************************************************************************************************** changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] PLAY RECAP **************************************************************************************************************** 10.10.3.150 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.151 : ok=2 changed=1 unreachable=0 failed=0 10.10.3.152 : ok=2 changed=1 unreachable=0 failed=0
查看結果:
ansible monserver -m shell -a "cat /data/for3.conf " 10.10.3.150 | CHANGED | rc=0 >> server{ listen 81 documentroot: /data/web1 } server{ listen 82 documentroot: /data/web2 } server{ listen 83 servername webhs3 documentroot: /data/web3 } .......
Role
用於層次性,結構化地組織playbook,roles可以根據層次型結構自動裝載變量文件,tasks以及handlers等。要使用roles只須要在playbook中使用include指令便可。簡單講,roles就是經過將變量、文件、任務、模板及處理器放置於單獨的目錄裏。並能夠便捷的include他們的一種機制。角色通常用於基於主機構建服務的場景中,但也能夠是用於構建守護進程等場景中。
Role各目錄做用:
- files/ 存放由copy和script模塊等調用文件
- templates/ template模塊查找所須要的模板目錄
- tasks/ 定義task,role的基本元素,至少應該包含一個名爲main.yaml的文件,其餘文件須要在此文件中經過include進行包含
- handlers/ 至少包含一個名爲main.yaml的文件,其餘文件須要在此文件中經過include進行包含
- vars/ 至少包含一個名爲main.yaml的文件,其餘文件須要在此文件中經過include進行包含
- mete/ 定義當前角色的特殊設定及其依賴關係,至少包含一個名爲main.yaml的文件,其餘文件須要在此文件中經過include進行包含
- default/ 設定默認變量時使用此目錄中的main.yaml文件
需求:
經過role安裝nginx,安裝nginx的步驟:
- 建立nginx用戶組,group:nginx
- 建立nginx用戶,user:nginx
- yum安裝nginx yum:nginx
- 拷貝模板:template:nginx.conf.j2
- 啓動服務,service:nginx
咱們根據需求和上面的解釋,場景對應的目錄:
mkdir -p testroles/roles/nginx/{tasks,templates}
上面的一、二、3是tasks任務,因此咱們會再tasks目錄下一一建立
$ vim group.yaml - name: create group group: name=nginx $ vim user.yaml - name: create user user: name=nginx group=nginx system=yes shell=/sbin/nologin $ vim yum.yaml - name: install package yum: name=nginx $ vim start.yaml - name: start nginx service: name=nginx state=started $ vim restart.yaml - name: restart nginx service: name=nginx state=restarted
$ vim temp.yaml
- name: copy config
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
建立配置文件模板
$ vim ../templates/nginx.conf.j2 For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes {{ ansible_processor_vcpus**2 }}; error_log /var/log/nginx/error.log; pid /run/nginx.pid; ........
這裏咱們的配置文件準備完成了。接下來是關鍵是怎麼調用,這時候咱們須要一個總的tasks文件(main.yaml)。
$ vim roles/nginx/tasks/main.yaml - include: group.yaml - include: user.yaml - include: yum.yaml - include: temp.yaml - include: start.yaml
這裏咱們在role目錄平級的目錄建立一個劇本,寫具體怎麼調用:
$ vim nginx-role.yaml - hosts: monserver remote_user: root roles: - role: nginx
執行:
ansible-playbook -C nginx-role.yaml PLAY [monserver] ******************************************************************************* TASK [Gathering Facts] ************************************************************************* ok: [10.10.3.150] ok: [10.10.3.152] ok: [10.10.3.151] TASK [nginx : create group] ******************************************************************** changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] TASK [nginx : create user] ********************************************************************* changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] TASK [nginx : install package] ***************************************************************** changed: [10.10.3.151] changed: [10.10.3.152] changed: [10.10.3.150] TASK [nginx : copy config] ********************************************************************* changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] TASK [nginx : start nginx] ********************************************************************* changed: [10.10.3.152] changed: [10.10.3.151] changed: [10.10.3.150] PLAY RECAP ************************************************************************************* 10.10.3.150 : ok=6 changed=5 unreachable=0 failed=0 10.10.3.151 : ok=6 changed=5 unreachable=0 failed=0 10.10.3.152 : ok=6 changed=5 unreachable=0 failed=0 [root@ceph-moni-0 testroles]# ansible-playbook nginx-role.yaml PLAY [monserver] ******************************************************************************* TASK [Gathering Facts] ************************************************************************* ok: [10.10.3.150] ok: [10.10.3.151] ok: [10.10.3.152] TASK [nginx : create group] ******************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [nginx : create user] ********************************************************************* changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [nginx : install package] ***************************************************************** changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] TASK [nginx : copy config] ********************************************************************* changed: [10.10.3.150] changed: [10.10.3.152] changed: [10.10.3.151] TASK [nginx : start nginx] ********************************************************************* changed: [10.10.3.152] changed: [10.10.3.150] changed: [10.10.3.151] PLAY RECAP ************************************************************************************* 10.10.3.150 : ok=6 changed=5 unreachable=0 failed=0 10.10.3.151 : ok=6 changed=5 unreachable=0 failed=0 10.10.3.152 : ok=6 changed=5 unreachable=0 failed=0
相關文章
- 1. ansible基礎
- 2. ansible基礎-playbooks
- 3. ansible 基礎一
- 4. ansible--基礎
- 5. Ansible基礎
- 6. ansible 基礎
- 7. Ansible 基礎
- 8. ansible基礎配置
- 9. ansible基礎-優化
- 10. Ansible 基礎-介紹
- 更多相關文章...
- • Kotlin 基礎語法 - Kotlin 教程
- • Scala 基礎語法 - Scala教程
- • Kotlin學習(二)基本類型
- • ☆基於Java Instrument的Agent實現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. ansible基礎
- 2. ansible基礎-playbooks
- 3. ansible 基礎一
- 4. ansible--基礎
- 5. Ansible基礎
- 6. ansible 基礎
- 7. Ansible 基礎
- 8. ansible基礎配置
- 9. ansible基礎-優化
- 10. Ansible 基礎-介紹