playbook管理配置文件

playbook管理配置文件

生產環境中大多時候是須要管理配置文件的，安裝軟件包只是在初始化環境的時候用一下。下面咱們來寫個管理nginx配置文件的playbook
 mkdir  -p /etc/ansible/nginx_config/roles/{new,old}/{files,handlers,vars,tasks}
 其中new爲更新時用到的，old爲回滾時用到的，files下面爲nginx.conf和vhosts目錄，handlers爲重啓nginx服務的命令
 關於回滾，須要在執行playbook以前先備份一下舊的配置，因此對於老配置文件的管理必定要嚴格，千萬不能隨便去修改線上機器的配置，而且要保證new/files下面的配置和線上的配置一致
 先把nginx.conf和vhosts目錄放到files目錄下面
 cd /usr/local/nginx/conf/
 cp -r nginx.conf vhost  /etc/ansible/nginx_config/roles/new/files/

[root@Dasoncheng conf]# cd /etc/ansible/
[root@Dasoncheng ansible]# mkdir -p nginx_config/roles/{new,old}/{files,handlers,vars,tasks}
[root@Dasoncheng conf]# cp -r nginx.conf vhost/ /etc/ansible/nginx_config/roles/new/files/
[root@Dasoncheng conf]# ls !$
ls /etc/ansible/nginx_config/roles/new/files/
nginx.conf  vhost

管理配置文件2

vim /etc/ansible/nginx_config/roles/new/vars/main.yml //定義變量
 nginx_basedir: /usr/local/nginx
 vim /etc/ansible/nginx_config/roles/new/handlers/main.yml  //定義從新加載nginx服務
- name: restart nginx
  shell: /etc/init.d/nginx reload
 vim /etc/ansible/nginx_config/roles/new/tasks/main.yml //這是核心的任務
- name: copy conf file
  copy: src={{ item.src }} dest={{ nginx_basedir }}/{{ item.dest }} backup=yes owner=root group=root mode=0644
  with_items:
    - { src: nginx.conf, dest: conf/nginx.conf }
    - { src: vhosts, dest: conf/ }
  notify: restart nginx

[root@Dasoncheng conf]# cd /etc/ansible/
[root@Dasoncheng ansible]# vim nginx_config/roles/new/vars/mail.yml
[root@Dasoncheng ansible]# cat !$
cat nginx_config/roles/new/vars/mail.yml
nginx_basedir: /usr/local/nginx

[root@Dasoncheng ansible]# vim nginx_config/roles/new/handlers/main.yml
[root@Dasoncheng ansible]# cat !$
cat nginx_config/roles/new/handlers/main.yml
- name: restart nginx
  shell: /etc/init.d/nginx reload

[root@Dasoncheng ansible]# vim nginx_config/roles/new/tasks/main.yml
[root@Dasoncheng ansible]# cat !$
cat nginx_config/roles/new/tasks/main.yml
- name: copy config file
  copy: src={{ item.src }} dest={{ nginx_basedir }}/{{ item.dest }} backup=yes owner=root group=root mode=0644
  with_items:
    - { src: nginx.conf, dest: conf/nginx.conf }
    - { src: vhost, dest: conf/ }
  notify: restart nginx

管理配置文件3

vim /etc/ansible/nginx_config/update.yml // 最後是定義總入口配置
---
- hosts: testhost
  user: root
  roles:
  - new
 執行： ansible-playbook /etc/ansible/nginx_config/update.yml

[root@Dasoncheng ansible]# vim nginx_config/update.yml
[root@Dasoncheng ansible]# cat !$
cat nginx_config/update.yml
---
- hosts: rs
  user: root
  roles:
  - new
[root@Dasoncheng ansible]# ansible-playbook nginx_config/update.yml
##不知道爲何 執行的時候老是說變量有問題，修改了變量幾回 仍是不行。我就直接修改了tasks/main.yml文件
[root@Dasoncheng ansible]# cat nginx_config/roles/new/tasks/main.yml 
- name: copy conf file
  copy: src={{ item.src }} dest=/usr/local/nginx/{{ item.dest }} backup=yes owner=root group=root mode=0644   ##這裏將{{nginx_basedir}}直接修改成路徑了；
  with_items:
    - { src: nginx.conf, dest: conf/nginx.conf }
    - { src: vhost, dest: conf/ }
  notify: restart nginx
[root@Dasoncheng ansible]# ansible-playbook nginx_config/update.yml

PLAY [rs] ********************************************************************************************

TASK [Gathering Facts] *******************************************************************************
ok: [cdn003]
ok: [cdn002]

TASK [new : copy conf file] **************************************************************************
changed: [cdn002] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})
changed: [cdn003] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})
changed: [cdn003] => (item={u'dest': u'conf/', u'src': u'vhost'})
changed: [cdn002] => (item={u'dest': u'conf/', u'src': u'vhost'})

RUNNING HANDLER [new : restart nginx] ****************************************************************
changed: [cdn003]
changed: [cdn002]

PLAY RECAP *******************************************************************************************
cdn002                     : ok=3    changed=2    unreachable=0    failed=0   
cdn003                     : ok=3    changed=2    unreachable=0    failed=0

作一下配置文件部分修改（並未修改中控機的配置）

[root@Dasoncheng ansible]# vim nginx_config/roles/new/files/nginx.conf
……
#    include vhost/*.conf;
}
[root@Dasoncheng ansible]# ansible-playbook nginx_config/update.yml

PLAY [rs] ********************************************************************************************

TASK [Gathering Facts] *******************************************************************************
ok: [cdn003]
ok: [cdn002]

TASK [new : copy conf file] **************************************************************************
changed: [cdn003] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})    ##這裏能夠看出來 只有配置文件修改了，下面的vhost是綠色顯示的哦！
changed: [cdn002] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})
ok: [cdn003] => (item={u'dest': u'conf/', u'src': u'vhost'})
ok: [cdn002] => (item={u'dest': u'conf/', u'src': u'vhost'})

RUNNING HANDLER [new : restart nginx] ****************************************************************
changed: [cdn002]
changed: [cdn003]

PLAY RECAP *******************************************************************************************
cdn002                     : ok=3    changed=2    unreachable=0    failed=0   
cdn003                     : ok=3    changed=2    unreachable=0    failed=0

回滾

而回滾的backup.yml對應的roles爲old
 rsync -av  /etc/ansible/nginx_config/roles/new/ /etc/ansible/nginx_config/roles/old/
 回滾操做就是把舊的配置覆蓋，而後從新加載nginx服務, 每次改動nginx配置文件以前先備份到old裏，對應目錄爲/etc/ansible/nginx_config/roles/old/files 
 vim /etc/ansible/nginx_config/rollback.yml // 最後是定義總入口配置
---
- hosts: testhost
  user: root
  roles:
  - old

[root@Dasoncheng ~]# cd /etc/ansible/
[root@Dasoncheng ansible]# rsync -av nginx_config/roles/new/ nginx_config/roles/old/
sending incremental file list
files/
files/nginx.conf
files/vhost/
files/vhost/abc.conf
handlers/
handlers/main.yml
tasks/
tasks/main.yml
tasks/main.yml.bak
vars/
vars/mail.yml

sent 2627 bytes  received 146 bytes  5546.00 bytes/sec
total size is 2089  speedup is 0.75
[root@Dasoncheng ansible]# vim nginx_config/roles/old/files/nginx.conf
[root@Dasoncheng ansible]# tail /usr/local/nginx/conf/nginx.conf  ##把以前加的#號刪掉（即發佈以前備份的文件）
……
    include vhost/*.conf;
}
[root@Dasoncheng ansible]# vim nginx_config/rollback.yml
[root@Dasoncheng ansible]# cat !$
cat nginx_config/rollback.yml
---
- hosts: rs
  user: root
  roles: 
    - old
[root@Dasoncheng ansible]# ansible-playbook nginx_config/rollback.yml 

PLAY [rs] ********************************************************************************************

TASK [Gathering Facts] *******************************************************************************
ok: [cdn002]
ok: [cdn003]

TASK [old : copy conf file] **************************************************************************
changed: [cdn002] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})
changed: [cdn003] => (item={u'dest': u'conf/nginx.conf', u'src': u'nginx.conf'})
ok: [cdn003] => (item={u'dest': u'conf/', u'src': u'vhost'})
ok: [cdn002] => (item={u'dest': u'conf/', u'src': u'vhost'})

RUNNING HANDLER [old : restart nginx] ****************************************************************
changed: [cdn002]
changed: [cdn003]

PLAY RECAP *******************************************************************************************
cdn002                     : ok=3    changed=2    unreachable=0    failed=0   
cdn003                     : ok=3    changed=2    unreachable=0    failed=0