Ansible 筆記 (3) - 編寫 playbook

playbook 至關於多個命令的編排組合而後一塊兒運行，相似寫腳本。在學習 playbook 以前須要瞭解 yaml 格式。

編寫playbook的步驟：

• 定義主機與用戶
• 編寫任務列表
• 執行 playbook

固然 playbook 支持拆分多個文件，而且能夠使用多種維度的封裝，例如定義變量、任務、處理程序等，鼓勵代碼/文件複用。

下面是安裝 nginx 和 ntp server 的示例。

一、文件目錄結構

[root@localhost ansible_demo]# tree nginx_ntp/
nginx_ntp/ ├── group_vars │   ├── all │   └── webserver ├── hosts ├── roles │   ├── common │   │   ├── handlers │   │   │   └── main.yml │   │   ├── tasks │   │   │   └── main.yml │   │   ├── templates │   │   │   └── ntp.conf.j2 │   │   └── vars │   │   └── main.yml │   └── web │   ├── handlers │   │   └── main.yml │   ├── tasks │   │   └── main.yml │   └── templates │   └── nginx2.conf └── site.yml 11 directories, 11 files

二、Inventory 文件

[root@localhost nginx_ntp]# cat hosts
[webserver]
192.168.34.129
192.168.34.130

三、playbook 入口文件

[root@localhost nginx_ntp]# cat site.yml 
---
- name: apply common configuration to all nodes hosts: all roles: - common - name: configure and deploy the webserver and application code hosts: webserver roles: - web

四、組變量文件

根據 inventory 來區分，all 表示全部，webserver 則指 hosts 中的 webserver section

[root@localhost nginx_ntp]# cd group_vars/
[root@localhost group_vars]# ll
total 8
-rw-r--r--. 1 root root 32 Mar  6 18:12 all -rw-r--r--. 1 root root 72 Mar 6 18:24 webserver [root@localhost group_vars]# cat all --- ntpserver: ntp.sjtu.edu.cn [root@localhost group_vars]# cat webserver --- worker_processes: 4 root: /data1 worker_connections: 1024 user: www

五、roles 設置

5.一、角色 common 配置，

安裝 ntp server，配置文件並同步時間啓動 ntp server

• 任務入口 tasks

[root@localhost nginx_ntp]# cd roles/common/tasks/
[root@localhost tasks]# cat main.yml --- - name: install ntp server yum: name=ntp state=present - name: set zone info shell: \cp -rf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime - name: update time shell: ntpdate asia.pool.ntp.org - name: configure ntp file template: src=ntp.conf.j2 dest=/etc/ntp.conf notify: - restart ntp - name: start ntp server service: name=ntpd state=started enabled=true - name: test to see if selinux is running command: getenforce register: sestatus changed_when: false

• name 爲 configure ntp file 的任務運行後的 callback handlers

[root@localhost common]# cat handlers/main.yml 
---
- name: restart ntp service: name=ntpd state=restarted

• template 源文件

[root@localhost common]# cat templates/ntp.conf.j2 
driftfile /var/lib/ntp/drift restrict 127.0.0.1 restrict -6 :: 1 server {{ ntpserver }} includefile /etc/ntp/crypto/pw keys /etc/ntp/keys

• role common 內置變量

[root@localhost common]# cat vars/main.yml 
--- ntpserver: 210.72.145.44

5.2 角色 web 配置

安裝 nginx，配置文件並啓動

• 任務入口 tasks 

[root@localhost web]# cat tasks/main.yml 
---

- name: install nginx yum: name=nginx state=latest - name: add user shell: useradd {{ user }} - name: write config template: src=nginx2.conf dest=/etc/nginx/nginx.conf notify: - restart nginx - name: ensure nginx is running shell: /usr/sbin/nginx -c /etc/nginx/nginx.conf

• name 爲 write config 的任務運行後的 callback handlers

[root@localhost web]# cat handlers/main.yml 
---
- name: restart nginx service: name=nginx state=restarted

•  template 文件

[root@localhost web]# cat templates/nginx2.conf 
user  www;
worker_processes  {{ worker_processes }};

events {
    worker_connections  {{ worker_connections }};
}

http {
    include       mime.types;
    default_type  application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name localhost; root {{ root }}; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }

6 檢查語法和運行

[root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml --syntax-check
ERROR! Problem parsing file '/data1/ansible_demo/nginx_ntp/group_vars/all': line 2, column 1

發現 all 文件出錯，修改後繼續

[root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml --syntax-check

playbook: site.yml
[root@localhost nginx_ntp]# ansible-playbook -i hosts site.yml -f 10 PLAY [apply common configuration to all nodes] ********************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [common : install ntp server] ********************************************************************************************************** ok: [192.168.34.129] ok: [192.168.34.130] TASK [common : set zone info] *************************************************************************************************************** changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : update time] ***************************************************************************************************************** changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : configure ntp file] ********************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] TASK [common : start ntp server] ************************************************************************************************************ changed: [192.168.34.130] changed: [192.168.34.129] TASK [common : test to see if selinux is running] ******************************************************************************************* ok: [192.168.34.130] ok: [192.168.34.129] RUNNING HANDLER [common : restart ntp] ****************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] PLAY [configure and deploy the webserver and application code] ****************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [web : install nginx] ****************************************************************************************************************** ok: [192.168.34.130] ok: [192.168.34.129] TASK [web : add user] *********************************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] TASK [web : write config] ******************************************************************************************************************* changed: [192.168.34.129] changed: [192.168.34.130] TASK [web : ensure nginx is running] ******************************************************************************************************** changed: [192.168.34.129] changed: [192.168.34.130] RUNNING HANDLER [web : restart nginx] ******************************************************************************************************* changed: [192.168.34.129] changed: [192.168.34.130] PLAY RECAP ********************************************************************************************************************************** 192.168.34.129 : ok=14 changed=9 unreachable=0 failed=0 192.168.34.130 : ok=14 changed=9 unreachable=0 failed=0 [root@localhost nginx_ntp]# 

 七、被控機驗證

[root@localhost yum.repos.d]# ps -ef | grep ntp
ntp       39081      1  0 18:26 ?        00:00:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
root      39384   2517  0 18:27 pts/0    00:00:00 grep ntp
[root@localhost yum.repos.d]# ps -ef | grep nginx
root      39370      1  0 18:26 ?        00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
www       39372  39370  0 18:26 ?        00:00:00 nginx: worker process                   
www       39373  39370  0 18:26 ?        00:00:00 nginx: worker process                   
www       39374  39370  0 18:26 ?        00:00:00 nginx: worker process                   
www       39375  39370  0 18:26 ?        00:00:00 nginx: worker process                   
root      39420   2517  0 19:03 pts/0    00:00:00 grep nginx