ansible
ansible簡介
推薦文章http://www.javashuo.com/article/p-duvmowlc-n.htmlhtml
ansible 是一款強大的開源的自動化運維管理工具,底層代碼主要用python編寫,結合了paramiko jinjia2 yaml 三個模塊python
官網圖片講解
ansible:ansible的核心程序web
host lnventory:記錄了每個由ansible管理的主機信息,包括:ssh端口,用戶及密碼,等shell
playbooks:任務劇本,yaml格式的文件,用來儲存多任務,方便統一調用apache
core modules:ansible執行任何管理任務,都不是ansible自身完成的,而是由ansible的核心模塊完成的;ansible在管理主機以前,先調用core modules中的模塊,而後指明host lnventory中的主機中的主機,就能夠完成管理主機,vim
custom modules:自定義模塊,完成ansible核心模塊沒法完成的任務,此模塊支持任何語言編寫;安全
connection plugins:鏈接插件,ansible和host之間通訊併發
ansible優勢
- No client 不須要在被管控主機上安裝任何軟件
- No server 不用單獨啓用服務,能使用直接運行,使用時直接運行命令
- 支持sudo
- 基於ssh工做,安全
- 冪等性:無改變重複操做自動跳過機制
- 提供一個功能強大、操做性強的Web管理界面和REST API接口——AWX平臺
- 配置簡單、功能強大、擴展性強
- 支持API及自定義模塊,可經過Python輕鬆擴展
ansible主要生成文件
/etc/ansible/ansible.cfg #主配置文件 /etc/ansible/hosts #管理的主機庫 /usr/bin/ansible #主程序 /usr/bin/ansible-doc #文檔 /usr/bin/ansible-playbook #劇本
設置管理主機庫
控制客戶端主機的兩種方式:
- 免密鑰:ssh-keygen 可參考:http://www.javashuo.com/article/p-ehyhzvbh-cg.html
- 參數形式:ansble_ssh_user=root ansible_ssh_pass=123456 ansible_ssh_port=22
編寫host inventory
╭─root@localhost.localdomain ~ ╰─➤ vim /etc/ansible/hosts #參數形式 [testhosts] 192.168.137.4 ansible_ssh_user=root ansible_ssh_port=22 ansible_ssh_pass=123456 192.168.137.5 ansible_ssh_user=root ansible_ssh_poet=22 ansible_ssh_pass=123456 ............................................................................. #免密鑰模式 [testhosts] 192.168.137.4 192.168.137.5
ansible經常使用命令及模塊
ansible-doc命令:
ansible-doc -l #查看ansible支持的模塊 ansible-doc -s model_name #查看model_name模塊的用法
ansible 經常使用模塊
- ping 模塊 :ping查看客戶端可否管理通訊
- command 模塊 :命令
- shell 模塊 : shell命令(支持正則等)
- copy 模塊 : 遠程複製至關於scp
- cron 模塊 : 計劃任務模塊
- mail 模塊 :郵件模塊
ansible命令行模式
ansible <host-pattern> [options] -f forks :啓動併發線程數 -m model_name :要使用模塊 -a args:特有的參數
ansible all -m ping #查看client端是否正常連通,便可管理 ansible testhosts -m setup #查看客戶端信息 ansible testhosts -m copy -a 'src=/root/test.txt dest=/root/test1.txt' #copy文件到client端 ansible testhosts -m user -a "name=user1 state=present" #建立user1用戶 ansible testhosts -m user -a "name=user1 state=absent" #刪除user1用戶 ansible testhosts -m yum -a "name=hpptd state=installed" #yum 安裝apache ansible testhosts -m service -a "name=httpd state=stoped encable=no" #中止httpd服務,開機不自起 ansible -m command -a "date" #查看時間
playbook
包括:
- tasks :一個tasks至關於一個play
- variables :變量,一次定義,多處調用
- templates :模板,能夠區分不一樣主機的特色
- handlers :觸發器,依賴於前一個任務,前一個任務若是執行改變,就會觸發handlers
基礎
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
........................................... #文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: copy cjk
copy: src=/root/cjk dest=/root/cjk
...........................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] ****************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [copy httpd.conf] **********************************************************************************************************
changed: [192.168.137.4]
changed: [192.168.137.5]
PLAY RECAP **********************************************************************************************************************
192.168.137.4 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
變量
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
.................................................................#文件內容
- hosts: testhosts
remote_user: root
vars:
- file: cjk
tasks:
- name: copy cjk
copy: src=/root/{{ file }} dest=/root/{{ file }}
- name: write cjk
command: echo "hello world!" >> /root/{{ file }}
....................................................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] ********************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [copy cjk] *********************************************************************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [weite cjk] ********************************************************************************************************************
changed: [192.168.137.5]
changed: [192.168.137.4]
PLAY RECAP **************************************************************************************************************************
192.168.137.4 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
註冊變量
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
.......................................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: get date
command: date '+%F %T'
register: date_output #至關於date_output=$(date)
- name: echo date_output
shell: echo {{ date_output.stdout }} >> /root/cjk #.stdout 把內容標準輸出
..................................................................................
迭代1
相似於python中的for 循環,可靈活運用運維
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
..........................................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: create users
user: name={{ item }} state=absent
with_items:
- user1
- user2
- user3
....................................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] *******************************************************************
TASK [Gathering Facts] *************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [create users] ****************************************************************
ok: [192.168.137.5] => (item=user1)
ok: [192.168.137.4] => (item=user1)
ok: [192.168.137.5] => (item=user2)
ok: [192.168.137.4] => (item=user2)
ok: [192.168.137.5] => (item=user3)
ok: [192.168.137.4] => (item=user3)
PLAY RECAP *************************************************************************
192.168.137.4 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
迭代2
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
..........................................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: create users
user: name={{ item.name }} state=absent groups={{ item.groups }}
with_items:
- { name: 'testuser1', groups: 'group1' }
- { name: 'testuser2', groups: 'group2' }
....................................................................
觸發器
notify:若是執行的任務被改變,會觸發handlers任務dom
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
................................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: copy cjk
copy: src=/root/cjk dest=/root/cjk
notify:
- back cjk
handlers:
- name: back cjk
command: cp /root/cjk /home/cjk.back
- name: test
command: rm -rf /root/cjk
.....................................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] *******************************************************************
TASK [Gathering Facts] *************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [copy cjk] ********************************************************************
changed: [192.168.137.4]
changed: [192.168.137.5]
RUNNING HANDLER [back cjk] *********************************************************
changed: [192.168.137.5]
changed: [192.168.137.4]
PLAY RECAP *************************************************************************
192.168.137.4 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] *******************************************************************
TASK [Gathering Facts] *************************************************************
ok: [192.168.137.5]
ok: [192.168.137.4]
TASK [copy cjk] ********************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
PLAY RECAP *************************************************************************
192.168.137.4 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
when語句
when條件語句:能夠根據setup模塊顯示出客戶端信息爲依據來判斷
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
.............................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: restart network
service: name=network state=restarted
when: ansible_distribution=='CentOS' and ansible_distribution_major_version=='8'
..................................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] *******************************************************************
TASK [Gathering Facts] *************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [restart network] *************************************************************
skipping: [192.168.137.4]
skipping: [192.168.137.5]
PLAY RECAP *************************************************************************
192.168.137.4 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
192.168.137.5 : ok=1 changed=0 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
異常處理
ignore_errors:若是任務出錯,直接跳過,不會影響其餘任務
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
........................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: restart httpd
service: name=network state=restarted
ignore_errors: yes
- name: test
command: echo 'hello' > /root/cjk
...........................................................................................
╭─root@localhost.localdomain ~
╰─➤ ansible-playbook test.yaml
PLAY [testhosts] *******************************************************************
TASK [Gathering Facts] *************************************************************
ok: [192.168.137.4]
ok: [192.168.137.5]
TASK [restart httpd] ***************************************************************
fatal: [192.168.137.5]: FAILED! => {"changed": false, "msg": "Unable to start service network: Job for network.service failed because the control process exited with error code. See \"systemctl status network.service\" and \"journalctl -xe\" for details.\n"}
...ignoring
changed: [192.168.137.4]
TASK [test] ************************************************************************
changed: [192.168.137.4]
changed: [192.168.137.5]
PLAY RECAP *************************************************************************
192.168.137.4 : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.137.5 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=1
template
第一步:編寫.yaml文件將copy 換成template
╭─root@localhost.localdomain ~
╰─➤ vim test.yaml
.......................................#文件內容
- hosts: testhosts
remote_user: root
tasks:
- name: copy cjk
template: src=/root/cjk dest=/root/cjk
.............................................................
第二步:編輯要拷貝的文件cjk,把要區分的地方用用變量定義{{ 變量名 }}
╭─root@localhost.localdomain ~
╰─➤ vim cjk
hello world!!!
this is {{ ip }}
第三步:vim /etc/ansible/hosts 在主機後面定義變量的值:變量名=變量值
╭─root@localhost.localdomain ~ ╰─➤ vim /etc/ansible/hosts [testhosts] 192.168.137.4 ansible_ssh_user=root ansible_ssh_pass=123456 ansible_ssh_port=22 ip=1 92.168.137.4 192.168.137.5 ansible_ssh_user=root ansible_ssh_pass=123456 ansible_ssh_port=22 ip=1 92.168.137.5
第四步:執行
╭─root@localhost.localdomain ~ ╰─➤ ansible-playbook test.yaml
第五步:驗證
192.168.137.4 主機
╭─root@localhost.localdomain ~ ╰─➤ cat cjk hello world!!! this is 192.168.137.4
192.168.137.5 主機
╭─root@localhost.localdomain ~ ╰─➤ cat cjk hello world!!! this is 192.168.137.5
roles
做用:定義角色,減小代碼的複習
第一步:roles目錄
╭─root@localhost.localdomain ~
╰─➤ mkdir -pv playbookse/roles/{webservers,dbservers}/{files,tasks,vars,templates,handlers}
第二步:編寫文件
#編寫tasks文件
╭─root@localhost.localdomain ~
╰─➤ vim /root/playbooks/roles/webservers/tasks/main.yaml
......................................................................
- name: yum httpd
yum: name=httpd state=installed
- name: copy httpd.conf
template: src={{ conf_file }} dest=/etc/httpd/conf/{{ conf_file }}
notify:
- restart httpd
.....................................................................
#編寫vars文件
╭─root@localhost.localdomain ~
╰─➤ vim /root/playbooks/roles/webservers/vars/main.yaml
..................................#定義變量
conf_file: httpd.conf
....................................
#編寫handlers文件
╭─root@localhost.localdomain ~/playbooks
╰─➤ vim roles/webservers/handlers/main.yaml
....................................................#觸發器
- name: restart httpd
service: name=httpd state=restarted
........................................................
#複製文件到templates目錄下
╭─root@localhost.localdomain ~
╰─➤ cp /etc/httpd/conf/httpd.conf /root/playbooks/roles/webservers/templates/
#編寫inventory文件
╭─root@localhost.localdomain ~
╰─➤ mkdir /root/playbooks/inventory/
╭─root@localhost.localdomain ~
╰─➤ vim /root/playbooks/invnetoryinvnetory/testhosts
.........................................#給文件中的變量賦值template
[testhosts]
192.168.137.4 ansible_ssh_user=root ansible_ssh_pass=123456 ansible_ssh_port=22 port=8888
192.168.137.5 ansible_ssh_user=root ansible_ssh_pass=123456 ansible_ssh_port=22 port=9999
...............................................................invnetory/testhosts
#編寫文件中的變量內容
╭─root@localhost.localdomain ~
╰─➤ vim /root/playbooks/roles/webservers/templates/httpd.conf
............................................#修改文件中的變量template
...
Listen {{ port }}
...
..................................................................
#編輯啓動文件
╭─root@localhost.localdomain ~
╰─➤ vim /root/playbooks/httpd.yaml
...............................................................
- hosts: testhosts
remote_user: root
roles:
- webservers
.................................................................
第三步:查看playbooks目錄
╭─root@localhost.localdomain ~
╰─➤ tree playbooks
playbooks
├── httpd.yaml
├── inventory
│ └── testhosts
└── roles
├── dbservers
│ ├── files
│ ├── handlers
│ ├── tasks
│ ├── templates
│ └── vars
└── webservers
├── files
│ └── httpd.conf
├── handlers
│ └── main.yaml
├── tasks
│ └── main.yaml
├── templates
│ └── httpd.conf
└── vars
└── main.yaml
第四步:執行
╭─root@localhost.localdomain ~ ╰─➤ cd playbooks #須要在有啓動文件(.yaml)的目錄中執行 ╭─root@localhost.localdomain ~/playbooks ╰─➤ ansible-playbook httpd.yaml
第五步:檢驗
192.168.173.4主機
╭─root@localhost.localdomain ~ ╰─➤ ss -ntl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* LISTEN 0 128 *:8888 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::*
192.168.173.5主機
╭─root@localhost.localdomain ~ ╰─➤ ss -ntl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:9999 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::*
相關文章
- 1. Ansible--初始ansible
- 2. Ansible--Ansible之Playbook
- 3. Ansible--Ansible之Roles
- 4. [ansible] Ansible Inventory Manager
- 5. Ansible之ansible-playbook roles
- 6. Ansible 一: 配置ansible
- 7. ansible
- 8. Ansible
- 更多相關文章...
- • NewSQL-TiDB相關
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
