Ansible批量自動化管理工具(二)
Ansible批量自動化管理工具(二)
連接:https://pan.baidu.com/s/1A3Iq3gGkGS27L_Gt37_I0g
提取碼:ncy2
複製這段內容後打開百度網盤手機App,操做更方便哦html
1.工具與環境介紹
1.1 ansible簡介
- 批量管理服務器的工具
- 無需部署agent,經過ssh進行管理
- 流行的自動化運維工具:https://github.com/ansible/ansible
1.2 jenkins簡介
- 可視化運維(主要用在可視化部署)
- 持續構建,能夠和git,svn結合
- 可結合ssh實現可視化運維
- 可結合ansible實現可視化運維
1.3檢查環境
[root@server ~]# cat /etc/redhat-release CentOS Linux release 7.5.1804 (Core) [root@server ~]# uname -m x86_64 [root@server ~]# uname -r 3.10.0-862.el7.x86_64
2.Python3與ansible的安裝
2.1 使用源碼安裝Python3.5
2.1.1安裝支持包
[root@Ansible ~]# yum -y install lrzsz gcc gcc-c++ ncurses ncurses-devel unzip zlib-devel zlib openssl-devel openssl [root@Ansible ~]# rpm -qa lrzsz gcc gcc-c++ ncurses ncurses-devel unzip zlib-devel zlib openssl-devel openssl gcc-c++-4.8.5-28.el7_5.1.x86_64 ncurses-devel-5.9-14.20130511.el7_4.x86_64 ncurses-5.9-14.20130511.el7_4.x86_64 openssl-1.0.2k-12.el7.x86_64 gcc-4.8.5-28.el7_5.1.x86_64 openssl-devel-1.0.2k-12.el7.x86_64 unzip-6.0-19.el7.x86_64 zlib-1.2.7-17.el7.x86_64 zlib-devel-1.2.7-17.el7.x86_64 lrzsz-0.12.20-36.el7.x86_64
2.1.2源碼編譯Python3.5
[root@Ansible yang]# pwd /yang [root@Ansible yang]# ls Python-3.5.2.tgz [root@Ansible yang]# tar xf Python-3.5.2.tgz -C /usr/src/ #解壓縮 [root@Ansible yang]# cd /usr/src/Python-3.5.2/ [root@Ansible Python-3.5.2]# ./configure --prefix=/usr/local/python/ #源碼編譯 #如下省略。。。 [root@Ansible Python-3.5.2]# make && make install #如下省略。。。 [root@Ansible Python-3.5.2]# ln -s /usr/local/python/bin/python3 /usr/bin/python3 #創建軟鏈接 [root@Ansible Python-3.5.2]# which python3 /usr/bin/python3 [root@Ansible Python-3.5.2]# python3 -V python的版本號 Python 3.5.2
2.2 使用pip3安裝ansible
2.2.1安裝ansible最新版本
[root@Ansible Python-3.5.2]# /usr/local/python/bin/pip3 install ansible #如下省略。。。
2.2.2建立軟鏈接
[root@Ansible Python-3.5.2]# ln -s /usr/local/python/bin/ansible /usr/local/bin/ [root@Ansible Python-3.5.2]# which ansible /usr/local/bin/ansible [root@Ansible Python-3.5.2]# ansible --version ansible 2.6.4 #ansible版本 config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/python/lib/python3.5/site-packages/ansible executable location = /usr/local/bin/ansible python version = 3.5.2 (default, Sep 6 2018, 22:33:20) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
2.3 ansible查看幫助
[root@ansible ~]# /usr/local/python/bin/ansible-doc -l #查看總幫助 [root@ansible ~]# /usr/local/python/bin/ansible-doc -s shell #查看shell模塊的幫助 [root@ansible ~]# /usr/local/python/bin/ansible-doc -s raw
3.使用公私鑰實現ssh無密碼登錄
- ansible是無agent的,無agent是怎麼批量管理服務器的?主要是借用ssh來批量管理服務器。
- ssh默認登錄是須要密碼的,因此管理起來比較麻煩,這節課主要是介紹ssh的無密碼登錄。
- ssh無密碼登錄實現之後,使用ansible批量管理服務器就變得簡單了
| Host | IP |
|---|---|
| ansible | 192.168.200.73 |
| web01 | 192.168.200.74 |
| web02 | 192.168.200.75 |
3.1生成密鑰對
[root@Ansible ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P "" Generating public/private rsa key pair. Created directory '/root/.ssh'. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:AyXvTyhwFx6yOSXrzVUBcmGCzjmgoLjo51Yn+XVdmbk root@Ansible The key's randomart image is: +---[RSA 2048]----+ | +.B =oo. | |. . .% B . | |o. ..+B.+ . +| |o . +=B o = | |.. +.S . . . .| |o + o = . . E | |. . + . o | | . o . | | +. | +----[SHA256]-----+
3.2分發密鑰到 Web01
[root@Ansible ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 192.168.200.74 #Web01的IP /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.200.74's password: Web01的登陸密碼 Number of key(s) added: 1 Now try logging into the machine, with: "ssh -o ' StrictHostKeyChecking=no' '192.168.200.74'" and check to make sure that only the key(s) you wanted were added.
3.3進行免密碼登錄測試
[root@Ansible ~]# hostname -I 192.168.200.73 [root@Ansible ~]# ssh 192.168.200.74 Last login: Thu Sep 6 22:16:49 2018 from 192.168.200.1 [root@Web01 ~]# hostname -I 192.168.200.74 [root@Web01 ~]# exit logout Connection to 192.168.200.74 closed.
4.ansible的簡單配置和ping模塊
4.1 ansible的配置文件
[root@Ansible ~]# mkdir -p /etc/ansible [root@Ansible ~]# cat /etc/ansible/hosts #ansible主機管理配置文件 [nginx] #被管理的主機組名稱 Web01 ansible_ssh_host=192.168.200.74 ansible_ssh_port=22 ansible_ssh_user=root #第一臺主機 Web02 ansible_ssh_host=192.168.200.75 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=111111 #第二臺主機 特別提示: Web01 ===> 主機名 ansible_ssh_host ===>主機IP ansible_ssh_port ===>ssh的默認端口 ansible_ssh_user ===>ssh的用戶名 ansible_ssh_pass ===>ssh的用戶的鏈接密碼
若是咱們已經設置了ssh免密鑰了。那麼就不須要寫密碼了。例如:Web01
咱們要是沒有設置免密鑰,那麼就須要安裝sshpass工具,並在/etc/ansible/hosts文件裏寫上主機的鏈接密碼。例如Web02python
#下載epel源安裝sshpass root@Ansibl ~]# yum -y install wget [root@ansible ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo [root@ansible ~]# yum -y install sshpass [root@ansible ~]# which sshpass /usr/bin/sshpass
#修改ssh配置文件 [root@ansible ~]# sed -n '35p' /etc/ssh/ssh_config # StrictHostKeyChecking ask [root@ansible ~]# vim /etc/ssh/ssh_config [root@ansible ~]# sed -n '35p' /etc/ssh/ssh_config StrictHostKeyChecking no #去掉註釋,修改爲這樣 #重啓ssh服務 [root@ansible ~]# systemctl reload sshd.service
4.2 進行ansible遠程執行命令測試
#進行ping模塊的鏈接測試
[root@Ansible ~]# ansible nginx -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
4.3ansible的簡單使用方式
ansible -i /etc/ansible/hosts 主機或主機組 -m 指定模塊 -a 命令linux
4.4使用ping模塊用來查看服務器是否鏈接正常,ping模塊不須要-a指定參數
ansible all -m pingnginx
主機組,主機,all表明全部c++
4.4.1主機和主機組注意事項:
| 主機組範圍 | 解釋 |
|---|---|
| all | 表明全部主機 |
| Web01:Web02 | 能夠指定多臺主機 |
| all:!Web01 | 指定all但不包含Web02,注意!前須要加轉意符號\ |
4.4.2操做測試
[root@Ansible ~]# ansible Web01 -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible all -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible Web01:Web02 -m ping
Web01 | SUCCESS => {
"changed": false,
"ping": "pong"
}
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible all:\!Web01 -m ping
Web02 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[root@Ansible ~]# ansible Web01:Web02 -m command -a 'uptime'
Web02 | SUCCESS | rc=0 >>
23:14:40 up 1:16, 3 users, load average: 0.05, 0.03, 0.05
Web01 | SUCCESS | rc=0 >>
23:14:40 up 1:16, 3 users, load average: 0.06, 0.03, 0.05
5.ansible的三個命令模塊
5.1 ansible模塊command(不支持管道,不建議使用)
#command支持直接回顯命令的執行結果 [root@ansible ~]# ansible all -m command -a "pwd" Web01 | SUCCESS | rc=0 >> /root Web02 | SUCCESS | rc=0 >> /root #command模塊不支持管道符操做 [root@ansible ~]# ansible all -m command -a "echo test | grep t" Web01 | SUCCESS | rc=0 >> test | grep t Web02 | SUCCESS | rc=0 >> test | grep t #command模塊不支持重定向操做 [root@ansible ~]# ansible all -m command -a "echo bb >> /tmp/testansible" Web01 | SUCCESS | rc=0 >> bb >> /tmp/testansible Web02 | SUCCESS | rc=0 >> bb >> /tmp/testansible
5.2 ansible模塊shell(支持管道,支持重定向)
#shell模塊支持管道符
[root@ansible ~]# ansible all -m shell -a "echo testansible | grep a"
Web01 | SUCCESS | rc=0 >>
testansible
Web02 | SUCCESS | rc=0 >>
testansible
#shell支持重定向
[root@ansible ~]# ansible all -m shell -a "echo bb >> /tmp/testansible"
Web01 | SUCCESS | rc=0 >>
Web02 | SUCCESS | rc=0 >>
[root@Web01 tmp]# cat testansible
bb
[root@Web02 tmp]# cat testansible
bb
#若是遇到特殊符號須要加入\轉義,這樣子ansible才能正常運行
[root@Ansible ~]# ansible all -m shell -a "cat /etc/passwd | awk -F":" '{print \$1}'"
Web01 | SUCCESS | rc=0 >>
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
operator
games
ftp
nobody
systemd-network
dbus
polkitd
sshd
postfix
chrony
Web02 | SUCCESS | rc=0 >>
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
operator
games
ftp
nobody
systemd-network
dbus
polkitd
sshd
postfix
chrony
5.3 ansible模塊raw,最原始的方式運行命令(不依賴python,僅經過ssh實現)
5.3.1清除yum緩存
[root@Ansible ~]# ansible all -m raw -a "yum -y clean all" Web02 | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Cleaning repos: base extras updates Cleaning up everything Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos Cleaning up list of fastest mirrors Shared connection to 192.168.200.75 closed. Web01 | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Cleaning repos: base extras updates Cleaning up everything Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos Cleaning up list of fastest mirrors Shared connection to 192.168.200.74 closed.
5.3.2創建yum緩存
[root@Ansible ~]# ansible all -m raw -a "yum makecache" Web02 | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Determining fastest mirrors #中間省略。。。 Metadata Cache Created Shared connection to 192.168.200.75 closed. Web01 | SUCCESS | rc=0 >> Loaded plugins: fastestmirror Determining fastest mirrors #中間省略。。。 Metadata Cache Created Shared connection to 192.168.200.74 closed.
5.3.3yum裝nmap包
[root@Ansible ~]# ansible all -m raw -a "yum -y install nmap" #如下省略。。。
5.3.4 查看安裝結果
[root@Web01 ~]# which nmap /usr/bin/nmap [root@Web02 ~]# which nmap /usr/bin/nmap
6.ansible的copy模塊批量下發文件或文件夾
6.1 copy模塊概述
6.1.1copy模塊的參數,ansible 主機組 -m 模塊 -a 命令
- src:指定源文件或目錄
- dest:指定目標服務器的文件或目錄
- backup:是否要備份
- owner:拷貝到目標服務器後,文件或目錄的所屬用戶
- group:拷貝到目標服務器後,文件或目錄的所屬羣組
- mode:文件或目錄的權限
6.1.2準備工做
[root@Ansible ~]# mkdir yangwenbo [root@Ansible ~]# cd yangwenbo [root@Ansible yangwenbo]# pwd /root/yangwenbo [root@Ansible yangwenbo]# echo "welcome to yunjisuan161" > yunwei [root@Ansible yangwenbo]# cat yunwei welcome to yunjisuan161
6.1.3全部被管理端節點必須安裝libselinux-python包
[root@Web01 ~]# yum -y install libselinux-python [root@Web01 ~]# rpm -qa libselinux-python libselinux-python-2.5-12.el7.x86_64 [root@Web02 ~]# yum -y install libselinux-python [root@Web02 ~]# rpm -qa libselinux-python libselinux-python-2.5-12.el7.x86_64
6.2 copy模塊拷貝文件
特別提示:git
- 若是目標路徑不存在會自動建立
- src===>源文件路徑 dest=目標路徑位置
#拷貝文件
[root@Ansible yangwenbo]# ansible all -m copy -a "src=/root/yangwenbo/yunwei dest=/root/yangwenbo/"
Web01 | SUCCESS => {
"changed": true,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "38b35e7d3f5c75583ce5e1ee5838a396",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"src": "/root/.ansible/tmp/ansible-tmp-1536310826.228977-17143783285290/source",
"state": "file",
"uid": 0
}
Web02 | SUCCESS => {
"changed": true,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "38b35e7d3f5c75583ce5e1ee5838a396",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"src": "/root/.ansible/tmp/ansible-tmp-1536310826.2419605-39881113399031/source",
"state": "file",
"uid": 0
}
#檢查拷貝結果
[root@Web01 ~]# cd yangwenbo/
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# cat yunwei
welcome to yunjisuan161
[root@Web02 ~]# cd yangwenbo/
[root@Web02 yangwenbo]# pwd
/root/yangwenbo
[root@Web02 yangwenbo]# cat yunwei
welcome to yunjisuan161
6.3 copy模塊拷貝文件夾
特別提示:若是目標路徑裏有與我拷貝的文件同名文件的話,會直接覆蓋目標路徑下的文件github
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat yunwei
welcome to yunjisuan161
#拷貝文件
[root@Ansible yangwenbo]# ansible Web01 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/"
Web01 | SUCCESS => {
"changed": false,
"checksum": "4775b9cf454d1817e252f0678c06d64bc214da1c",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"mode": "0644",
"owner": "root",
"path": "/root/yangwenbo/yunwei",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 24,
"state": "file",
"uid": 0
}
#檢查拷貝結果
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# cat yunwei
welcome to yunjisuan161
6.4 copy模塊自動備份
特別提示:參數:backup=yes ===>意思是,若是目標路徑下,有與我同名但不一樣內容的文件時,在覆蓋前,對目標文件先進行備份。web
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat yunwei
hello
#拷貝文件
[root@Ansible yangwenbo]# ansible Web01 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/ backup=yes"
Web01 | SUCCESS => {
"backup_file": "/root/yangwenbo/yunwei.1990.2018-09-07@05:30:28~",
"changed": true,
"checksum": "f572d396fae9206628714fb2ce00f72e94f2258f",
"dest": "/root/yangwenbo/yunwei",
"gid": 0,
"group": "root",
"md5sum": "b1946ac92492d2347c6235b4d2611184",
"mode": "0644",
"owner": "root",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 6,
"src": "/root/.ansible/tmp/ansible-tmp-1536312626.9388444-271698353874697/source",
"state": "file",
"uid": 0
}
#檢查拷貝結果
[root@Web01 yangwenbo]# pwd
/root/yangwenbo
[root@Web01 yangwenbo]# ls
yunwei yunwei.1990.2018-09-07@05:30:28~
[root@Web01 yangwenbo]# cat yunwei
hello
[root@Web01 yangwenbo]# cat yunwei.1990.2018-09-07\@05\:30\:28~
welcome to yunjisuan161
6.5 copy模塊指定用戶和屬主
#拷貝文件
[root@Ansible yangwenbo]# ansible Web02 -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/ owner=nobody group=nobody mode=0600"
Web02 | SUCCESS => {
"changed": true,
"checksum": "f572d396fae9206628714fb2ce00f72e94f2258f",
"dest": "/root/yangwenbo/yunwei",
"gid": 99,
"group": "nobody",
"md5sum": "b1946ac92492d2347c6235b4d2611184",
"mode": "0600",
"owner": "nobody",
"secontext": "system_u:object_r:admin_home_t:s0",
"size": 6,
"src": "/root/.ansible/tmp/ansible-tmp-1536312849.3372185-152360920901702/source",
"state": "file",
"uid": 99
}
#檢查拷貝結果
[root@Web02 yangwenbo]# pwd
/root/yangwenbo
[root@Web02 yangwenbo]# ls
yunwei
[root@Web02 yangwenbo]# cat yunwei
hello
[root@Web02 yangwenbo]# ll
total 4
-rw-------. 1 nobody nobody 6 Sep 7 05:34 yunwei
7.ansible的script模塊批量運行腳本
ansible的script模塊可以實現遠程服務器批量運行本地的shell腳本。shell
#操做示例-->遠程批量分發並自動部署nginx #全部被管理端須要掛載光盤,並建立本地yum配置文件 [root@Ansible yangwenbo]# pwd /root/yangwenbo [root@Ansible yangwenbo]# ls | xargs -n1 auto_nginx.sh #自動安裝nginx腳本 fenfa.sh #批量分發腳本 nginx-1.10.2.tar.gz #nginx源碼包 [root@Ansible yangwenbo]# cat auto_nginx.sh #自動安裝nginx腳本 #!/bin/sh #nginx install shell scripts test -d /media/cdrom || mkdir -p /media/cdrom mount /dev/sr0 /media/cdrom &>/dev/null yum -y install gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel &>/dev/null test -d /root/yangwenbo || exit 3 cd /root/yangwenbo/ tar xf nginx-1.10.2.tar.gz -C /usr/src/ cd /usr/src/nginx-1.10.2/ ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module &>/dev/null make &>/dev/null make install &>/dev/null exit 0 [root@Ansible yangwenbo]# cat fenfa.sh #源碼包和安裝腳本的批量分發腳本 #!/bin/sh #批量分發腳本 Group=$1 ansible $Group -m copy -a "src=/root/yangwenbo/ dest=/root/yangwenbo/" ansible $Group -m script -a "/root/yangwenbo/auto_nginx.sh"
#激活腳本
[root@Ansible yangwenbo]# sh fenfa.sh all
Web02 | SUCCESS => {
"changed": true,
"dest": "/root/yangwenbo/",
"src": "/root/yangwenbo/"
}
Web01 | SUCCESS => {
"changed": true,
"dest": "/root/yangwenbo/",
"src": "/root/yangwenbo/"
}
Web02 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.75 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.75 closed."
],
"stdout": "",
"stdout_lines": []
}
Web01 | SUCCESS => {
"changed": true,
"rc": 0,
"stderr": "Shared connection to 192.168.200.74 closed.\r\n",
"stderr_lines": [
"Shared connection to 192.168.200.74 closed."
],
"stdout": "",
"stdout_lines": []
}
#檢查腳本執行結果 [root@Web01 ~]# ll -d /usr/local/nginx drwxr-xr-x. 6 root root 54 Sep 7 06:00 /usr/local/nginx [root@Web02 ~]# ll -d /usr/local/nginx drwxr-xr-x. 6 root root 54 Sep 7 06:00 /usr/local/nginx
此腳本只是個演示示例,工做中須要寫的儘可能嚴謹一些vim
8.ansible-playbook的初步使用
playbook的使用,playbook能夠把ansible的模塊進行組合
#設置ansible-playbook的軟鏈接 [root@Ansible /]# ln -s /usr/local/python/bin/ansible-playbook /usr/local/bin/ [root@Ansible /]# which ansible-playbook /usr/local/bin/ansible-playbook
8.1 playbook的簡單shell模塊的使用
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_shell.yaml #playbook的執行模板
--- #開頭三個小-開頭
- hosts: Web01
tasks:
- name: test
shell: echo "welcome to yunjisaun" >> /tmp/username
- name: test2
shell: echo "welcome to yunjisuan" >> /tmp/username
模板說明:
--- #開頭必須有三個小-,頂格寫
- hosts: #正文配置代碼的第一級,必須有兩個空格(-佔一個空格位)
- host: Web01 #Web01是host參數的值,值和hosts:之間要有一個空格
tasks: #tasks:表示接下來要執行的具體任務
- name: #相對於tasks再多縮進兩個格(-佔一個空格位),表示屬於tasks的下一級
- name: test #test只是要執行的具體命令的名字能夠隨便寫。name:後仍是有一個空格要注意
shell: #表示調用shell模塊執行命令相對於tasks仍舊要多縮進兩個空格
shell: echo "xxx" >> xxx #shell:後邊仍是要有個空格,須要注意。
#執行playbook配置文件 [root@Ansible yangwenbo]# ansible-playbook test_shell.yaml PLAY [Web01] *********************************************************************************** TASK [Gathering Facts] ************************************************************************* ok: [Web01] TASK [test] ************************************************************************************ changed: [Web01] TASK [test2] *********************************************************************************** changed: [Web01] PLAY RECAP ************************************************************************************* Web01 : ok=3 changed=2 unreachable=0 failed=0
#執行結果 [root@Web01 tmp]# pwd /tmp [root@Web01 tmp]# ls username [root@Web01 tmp]# cat username welcome to yunjisaun welcome to yunjisuan
8.2 playbook的簡單copy模塊的使用
[root@Ansible yangwenbo]# echo "welcom to yunjisuan" >> /root/yangwenbo/test_copy
[root@Ansible yangwenbo]# cat test_copy
welcom to yunjisuan
[root@Ansible yangwenbo]# cat test_copy.yaml #playbook的執行模板
---
- hosts: Web02
tasks:
- name: test copy
copy: src=/root/yangwenbo/test_copy dest=/tmp/
#執行playbook配置文件 [root@Ansible yangwenbo]# ansible-playbook test_copy.yaml PLAY [Web02] *********************************************************************************** TASK [Gathering Facts] ************************************************************************* ok: [Web02] TASK [test copy] ******************************************************************************* changed: [Web02] PLAY RECAP ************************************************************************************* Web02 : ok=2 changed=1 unreachable=0 failed=0
#執行結果 [root@Web02 tmp]# pwd /tmp [root@Web02 tmp]# ls test_copy [root@Web02 tmp]# cat test_copy welcom to yunjisuan
8.3 playbook使用register輸出命令運行結果
咱們在用playbook進行ansible模塊操做的時候,並無命令的執行結果輸出,默認被隱藏
咱們能夠經過register模塊最加輸出命令的執行結果
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_register.yaml #playbook的執行模板
---
- hosts: all
tasks:
- name: test register
shell: echo "hi Tom" >> /tmp/registers
register: print_result #將以前命令的輸出結果保存在變量print_result裏
- debug: var=print_result #將變量的值做爲debug輸出出來
#執行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_register.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [test register] ***************************************************************************
changed: [Web02]
changed: [Web01]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"print_result": {
"changed": true,
"cmd": "echo \"hi Tom\" >> /tmp/registers",
"delta": "0:00:00.007286",
"end": "2018-09-07 23:43:38.967375",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:43:38.960089",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"print_result": {
"changed": true,
"cmd": "echo \"hi Tom\" >> /tmp/registers",
"delta": "0:00:00.006651",
"end": "2018-09-07 23:43:38.957825",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:43:38.951174",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=3 changed=1 unreachable=0 failed=0
Web02 : ok=3 changed=1 unreachable=0 failed=0
#執行結果 [root@Web01 tmp]# pwd /tmp [root@Web01 tmp]# ls registers [root@Web01 tmp]# cat registers hi Tom [root@Web02 tmp]# pwd /tmp [root@Web02 tmp]# ls registers [root@Web02 tmp]# cat registers hi Tom
8.4 nginx配置下發並檢測
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
nginx.conf
[root@Ansible tmp]# cat nginx.conf #nginx的配置文件
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_nginx_conf.yaml #playbook的執行模板
---
- hosts: all
tasks:
- name: copy nginx.conf
copy: src=/tmp/nginx.conf dest=/usr/local/nginx/conf/ backup=yes
- name:
shell: /usr/local/nginx/sbin/nginx -t
register: nginx_result
- debug: var=nginx_result
#執行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_nginx_conf.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [copy nginx.conf] *************************************************************************
changed: [Web02]
changed: [Web01]
TASK [shell] ***********************************************************************************
changed: [Web02]
changed: [Web01]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"nginx_result": {
"changed": true,
"cmd": "/usr/local/nginx/sbin/nginx -t",
"delta": "0:00:00.720120",
"end": "2018-09-07 23:14:53.043060",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:14:52.322940",
"stderr": "nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok\nnginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful",
"stderr_lines": [
"nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok", #提示nginx配置文件正常
"nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful"
],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"nginx_result": {
"changed": true,
"cmd": "/usr/local/nginx/sbin/nginx -t",
"delta": "0:00:00.628406",
"end": "2018-09-07 23:14:52.966781",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:14:52.338375",
"stderr": "nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok\nnginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful",
"stderr_lines": [
"nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok", #提示nginx配置文件正常
"nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful"
],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=4 changed=2 unreachable=0 failed=0
Web02 : ok=4 changed=2 unreachable=0 failed=0
#執行結果
[root@Web01 /]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}
[root@Web02 /]# cat /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.yangwenbo.com;
location / {
root html;
index index.html index.htm;
}
}
}
9.playbook的自定義變量和內置變量
9.1 在Playbook中使用自定義變量
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_vars.yaml #playbook的執行模板
---
- hosts: all
vars: #定義變量
- names: "yunjisuan" #第一個name變量
age: "3" #第二個age變量
tasks:
- name: "{{ names }}" #{{}}兩對大括號引用變量,變量名兩頭空格
shell: echo "myname {{ names }},myage {{ age }}" >> /tmp/bianliang
register: var_result
- debug: var=var_result
#特別提示:引用變量須要在雙引號中引用。
#執行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_vars.yaml
PLAY [all] **************************************************************************************
TASK [Gathering Facts] **************************************************************************
ok: [Web01]
ok: [Web02]
TASK [yunjisuan] ********************************************************************************
changed: [Web01]
changed: [Web02]
TASK [debug] ************************************************************************************
ok: [Web01] => {
"var_result": {
"changed": true,
"cmd": "echo \"myname yunjisuan,myage 3\" >> /tmp/bianliang",
"delta": "0:00:00.007237",
"end": "2018-09-07 23:37:10.839684",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:37:10.832447",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"var_result": {
"changed": true,
"cmd": "echo \"myname yunjisuan,myage 3\" >> /tmp/bianliang",
"delta": "0:00:00.009848",
"end": "2018-09-07 23:37:10.859020",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:37:10.849172",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP **************************************************************************************
Web01 : ok=3 changed=1 unreachable=0 failed=0
Web02 : ok=3 changed=1 unreachable=0 failed=0
#執行結果 [root@Web01 tmp]# pwd /tmp [root@Web01 tmp]# ls bianliang [root@Web01 tmp]# cat bianliang myname yunjisuan,myage 3 [root@Web02 tmp]# pwd /tmp [root@Web02 tmp]# ls bianliang [root@Web02 tmp]# cat bianliang myname yunjisuan,myage 3
9.2在playbook中使用ansible內置變量
咱們可使用ansible all -m setup | less查看ansible內置變量
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_setupvars.yaml #playbook的執行模板
---
- hosts: all
gather_facts: True #使用ansible內置變量
tasks:
- name: setup var
shell: echo "ip {{ ansible_all_ipv4_addresses[0] }} cpu {{ ansible_processor_count }}" >> /tmp/test
- name: setup var2
shell: echo "time {{ ansible_date_time["date"] }}" >> /tmp/test
register: var_result
- debug: var=var_result
#執行playbook配置文件
[root@Ansible yangwenbo]# ansible-playbook test_setupvars.yaml
PLAY [all] *************************************************************************************
TASK [Gathering Facts] *************************************************************************
ok: [Web01]
ok: [Web02]
TASK [setup var] *******************************************************************************
changed: [Web02]
changed: [Web01]
TASK [setup var2] ******************************************************************************
changed: [Web01]
changed: [Web02]
TASK [debug] ***********************************************************************************
ok: [Web01] => {
"var_result": {
"changed": true,
"cmd": "echo \"time 2018-09-07\" >> /tmp/test",
"delta": "0:00:00.005305",
"end": "2018-09-07 23:49:33.178900",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:49:33.173595",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
ok: [Web02] => {
"var_result": {
"changed": true,
"cmd": "echo \"time 2018-09-07\" >> /tmp/test",
"delta": "0:00:00.005363",
"end": "2018-09-07 23:49:33.230051",
"failed": false,
"rc": 0,
"start": "2018-09-07 23:49:33.224688",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
}
PLAY RECAP *************************************************************************************
Web01 : ok=4 changed=2 unreachable=0 failed=0
Web02 : ok=4 changed=2 unreachable=0 failed=0
#執行結果 [root@Web01 tmp]# pwd /tmp [root@Web01 tmp]# ls test [root@Web01 tmp]# cat test ip 192.168.200.74 cpu 1 time 2018-09-07 [root@Web02 tmp]# pwd /tmp [root@Web02 tmp]# ls test [root@Web02 tmp]# cat test ip 192.168.200.75 cpu 1 time 2018-09-07
10.Playbook下發可變配置文件
配置文件若是使用copy模塊去下發的話,那配置都是同樣的;
若是下發的配置文件裏有可變的配置,須要用到template模塊。
10.1 利用template模塊下發可變的配置文件
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
test
[root@Ansible tmp]# cat test
my name is {{ myname }} #自定義變量
my name is {{ ansible_all_ipv4_addresses[0] }} #系統變量
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_filevars.yaml #playbook的執行模板
---
- hosts: all
gather_facts: True #開啓系統變量
vars:
- myname: "yunjisuan" #自定義變量
tasks:
- name: template test
template: src=/tmp/test dest=/tmp/test #使用template下發可變配置文件
#執行playbook配置文件 [root@Ansible yangwenbo]# ansible-playbook test_filevars.yaml PLAY [all] ************************************************************************************* TASK [Gathering Facts] ************************************************************************* ok: [Web01] ok: [Web02] TASK [template test] *************************************************************************** changed: [Web01] changed: [Web02] PLAY RECAP ************************************************************************************* Web01 : ok=2 changed=1 unreachable=0 failed=0 Web02 : ok=2 changed=1 unreachable=0 failed=0
#執行結果 [root@Web01 tmp]# pwd /tmp [root@Web01 tmp]# ls test [root@Web01 tmp]# cat test my name is yunjisuan my name is 192.168.200.74 [root@Web02 tmp]# pwd /tmp [root@Web02 tmp]# ls test [root@Web02 tmp]# cat test my name is yunjisuan my name is 192.168.200.75
10.2 下發配置文件裏面使用判斷語法
10.2.1 PORT存在有值
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
if.j2
[root@Ansible tmp]# cat if.j2
{% if PORT %} #if PORT存在
ip=0.0.0.0:{{ PORT }}
{% else %} #不然的話
ip=0.0.0.0:80
{% endif %} #結尾
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_ifvars.yaml #playbook的執行模板
---
- hosts: all
gather_facts: True #開啓系統內置變量
vars:
- PORT: 90 #自定義變量
tasks:
- name: jinja2 if test
template: src=/tmp/if.j2 dest=/root/test
#執行playbook配置文件 [root@Ansible yangwenbo]# ansible-playbook test_ifvars.yaml PLAY [all] ************************************************************************************* TASK [Gathering Facts] ************************************************************************* ok: [Web02] ok: [Web01] TASK [jinja2 if test] ************************************************************************** changed: [Web01] changed: [Web02] PLAY RECAP ************************************************************************************* Web01 : ok=2 changed=1 unreachable=0 failed=0 Web02 : ok=2 changed=1 unreachable=0 failed=0
#執行結果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
ip=0.0.0.0:90
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
ip=0.0.0.0:90
10.2.2若是將變量PORT值爲空的話,就會是另外的結果
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_ifvars.yaml #playbook的執行模板
---
- hosts: all
gather_facts: True
vars:
- PORT: #置爲空
tasks:
- name: jinja2 if test
template: src=/tmp/if.j2 dest=/root/test
#執行playbook配置文件 [root@Ansible yangwenbo]# ansible-playbook test_ifvars.yaml PLAY [all] ************************************************************************************* TASK [Gathering Facts] ************************************************************************* ok: [Web01] ok: [Web02] TASK [jinja2 if test] ************************************************************************** changed: [Web01] changed: [Web02] PLAY RECAP ************************************************************************************* Web01 : ok=2 changed=1 unreachable=0 failed=0 Web02 : ok=2 changed=1 unreachable=0 failed=0
#執行結果
[root@Web01 tmp]# pwd
/tmp
[root@Web01 tmp]# ls
test
[root@Web01 tmp]# cat test
ip=0.0.0.0:80
[root@Web02 tmp]# pwd
/tmp
[root@Web02 tmp]# ls
test
[root@Web02 tmp]# cat test
ip=0.0.0.0:80
11.Playbook的notify通知和下發nginx配置(簡介)
#實戰下發可執行動做的可變的nginx配置文件
[root@Ansible tmp]# pwd
/tmp
[root@Ansible tmp]# ls
nginx.j2
[root@Ansible tmp]# cat nginx.j2
worker_processes {{ ansible_processor_count }}; #可變的參數
[root@Ansible yangwenbo]# pwd
/root/yangwenbo
[root@Ansible yangwenbo]# cat test_nginxvars.yaml #playbook的執行模板
---
- hosts: all
gather_facts: True #開啓系統內置變量
tasks:
- name: nginx conf
template: src=/tmp/nginx.j2 dest=/usr/local/nginx/conf/nginx.conf
notify:
- reload nginx #下發通知給handlers模塊執行名字叫作reload nginx的動做
handlers: #定義動做
- name: reload nginx #動做的名字
shell: /usr/local/nginx/sbin/nginx -s reload
相關文章
- 1. Ansible批量自動化管理工具
- 2. Ansible批量自動化管理工具入門
- 3. ansible自動化工具(二)
- 4. 自動化運維管理工具ansible
- 5. ansible自動化運維管理工具
- 6. ansible批量管理服務工具
- 7. 批量管理工具:pssh/ansible
- 8. linux批量管理工具之ansible
- 9. 自動化批量管理工具salt-ssh - 運維小結
- 10. 自動化批量管理工具pssh - 運維小結
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • jQuery Mobile 工具欄 - jQuery Mobile 教程
- • PHP開發工具
- • SpringBoot中properties文件不能自動提示解決方法
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
