Ansible playbook

1.什麼是playbook

• playbook :定義一個文本文件，以yml爲後綴結尾，那playbook組成以下、
• play：定義的是主機的角色
• task: 定義的是具體執行的任務
• 總結：playbook是由一個或多個play組成，一個play能夠包含多個task任務。
• 能夠理解爲：使用不一樣的模塊來共同完成一件事情

playbook 劇本 <---------文件 YAML

• play 找誰 <----------找那個主機 web01
• task 作什麼 <----------- 幹什麼事情 yum copy service

2.playbook和AD-HOc區別

• playbook 是對AD-HOC 的一種編排方式
• playbook 能夠持久運行，而AD-HOC 只能臨時運行
• playbook 適合複雜任務，而AD-HOC適合作簡單的任務
• playbook能控制任務執行的前後順序

3.playbook 三板斧 ？ 縮進 冒號 短橫線（語法格式）

語法	描述
縮進	YAML 使用固定的縮進風格表示層級結構，每一個縮進由兩個空格組成，不能使用tabs
冒號	以冒號結尾的除外，其餘全部冒號後面全部必須有空格
短橫線	表示列表項，使用一個短橫線加一個空格，多個項使用一樣的縮進級別做爲同一列表

• 示例 在/tmp 目錄下建立123.txt 屬主 root 屬組 root 權限0600

- hosts: webservers
  tasks:
    - name: create New File
      file: path=/tmp/123.txt state=touch  owner=root group=root mode=0600
    - name: create New File2
      file:
        path: /tmp/789.txt
        state: touch
        owner: root
        group: root
        mode: 0666

[root@m01 project]# ansible-playbook  --syntax f1.yml  -i hosts
 測試代碼是否正確

ansible-playbook -C f1.yml -i hosts
測試環境

4.playbook 寫服務 （NFS HTTPD Nginx LAMP）

• 案列一 使用ansible playbook安裝並配置nfs服務

#172.16.1.31  nfs
#172.16.1.7   server
#172.16.1.8   cliniet

 
#1. 新增一臺nfs服務器
vim ./project/hosts
[webservers]
172.16.1.7
172.16.1.8

[nfsservers]
172.16.1.31
[root@m01 project]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.1.41

#2. 測試三臺主機是否通
[root@m01 project]# ansible all -m ping -i hosts
#3.編寫一個nfs-sever的yml
1. 安裝nfs      yum
2. 配置nfs      copy
3.初始化環境     
        用戶      group user 
        目錄      file
        受權      file
4. 啓動服務        systemd
[root@m01 project]# cat backup/nfs_server.yml 
- hosts:  nfsservers
  tasks:
    - name:  installed nfs server
      yum:
        name:  nfs-utils
        state:  present
        
    - name:  configure nfs server
      copy:  
        src:  ./file/exports.j2
        dest:  /etc/exports
        owner:  root
        group:  root
        mode:  0644
        backup:  yes
        
    - name:  create nfs group www
      group:  
        name:  www
        gid:  666

    - name:   create nfs user www  
      user:  
        name:  www
        group:  www
        uid:  666
        create_home:  no
        shell:  /sbin/nologin
        
    - name:  create  nfs directory 
      file:
        path:  /ansible_data
        state:  directory
        owner:  www
        group:  www
        mode:  0755
        recurse:  yes
        0
    - name:  systemd nfs server
      systemd:
        name:  nfs
        state:  restarted
        enabled:  yes       

scp -rp /etc/exports root@172.16.1.61 :/root/project/file/exports.j2
#4.編寫一個nfs-client的yml
[root@m01 project]# vim backup/nfs_client.yml 

- hosts:  webservers
  tasks:
    - name:  mount nfs server server share directory
      mount:
        src:  172.16.1.31:/ansible_data
        path:  /mnt
        fstype:  nfs
        opts:  defaults
        state:  mounted

• 案列二 使用ansible playbook安裝並配置nginx服務

1.安裝                   yum

2.配置                   copy

3.啓動                   systemd

[root@m01 project]# vim httpd_server.yml +17

- hosts: webservers
  tasks:
    - name: install nginx server
      yum:
        name: nginx
        state: present
    - name: cohfig nginx server
      copy:
        src: ./file/nginx.j2
        dest: /etc/nginx/nginx.conf
        owner: root
        grep:  root
        mode:  0644
        backup: yes
      notify: RESTATR NGINX SERVER
    - name: sytemd nginx server
      systemd:
        name: nginx
        state: started
  handlers:
    - name: RESTART NGINX SERVER
      systemd:
        name: nginx
        state: restarted
scp -rp /etc/nginx/nginx.conf root@172.16.1.61:/root/project/file/nginx.j2

• -案列三 使用Ansible playbook方式構建lap架構

1.使用yum 安裝httpd php firewalld 

2.使用get_url 下載 http://fj.xuliangwei.com/public/index.php

3.啓動httpd firewalld 等服務

4.添加防火牆規則 放行httpd的流量，並永久生效

[root@m01 project]# cat backup/kedao_server.yml 
- hosts:  web
  tasks:  
    - name:  install  php server
      yum:  
        name:  php
        state:  present
    - name:  install  http server
      yum:  
        name:  httpd
        state: present
    - name:  config http services
      get_url:
        url:  http://fj.xuliangwei.com/public/index.php
        dest:  /var/www/html/index.php
        mode:  0644
    - name:  systemd httpd server
      systemd:  
        name:  httpd
        state:  restarted
    - name:  systemd firewalld server
      systemd:
        name:  firewalld
        state:  restarted
    - name:  configure firewalld roule
      firewalld:
        service:  http
        state:  enabled

• 案列4 使用Ansible playbook方式構建可道雲網盤 LAP 架構

- hosts: web
  tasks:
    - name: Installed Httpd Server
      yum:
        name: httpd
        state: present

    - name: Installed PHP Server
      yum:
        name: php
        state: present

    - name: Get kodcloud Code
      synchronize:
        src: ./file/kod
        dest: /var/www/html/kodcloud

    - name: Chomod kodcloud
      file:
        path: /var/www/html/
        owner: root
        group: root
        mode: 0777
        recurse: yes

    - name: Systemd Httpd Server
      systemd:
        name: httpd
        state: restarted

• 案列5 使用ansible playbook方式構建可道雲網盤 LNP架構

  - hosts: web
    tasks:
  
       #1.配置yum源倉庫 nginx php
      - name: Installed Nginx repo
        yum_repository:
          name: nginx
          description: nginx repos
          baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
          gpgcheck: no
  
       #2.配置yum源倉庫 php
      - name: Installed PHP repo
        yum_repository:
          name: webtatic-php
          description: php repos
          baseurl: http://us-east.repo.webtatic.com/yum/el7/x86_64/ 
          gpgcheck: no
  
      #3.安裝nginx和php
      - name: Installed Nginx and PHP Packages
        yum:
          name: "{{ packages }}"
        vars:
          packages: 
            - nginx
            - php71w
            - php71w-cli
            - php71w-common
            - php71w-devel
            - php71w-gd
            - mod_php71w
            - php71w-fpm
            - php71w-opcache
  
      #4.建立程序啓動的用戶身份
      - name: Create Group www
        group:
          name: www
          gid: 666
  
      - name: Create User www
        user:
          name: www
          group: www
          uid: 666
          create_home: no
          shell: /sbin/nologin
  
       #5.管理nginx配置文件
      - name: Configure nginx.conf 
        copy:
          src: ./file/nginx.conf.j2
          dest: /etc/nginx/nginx.conf
        notify: Restart Nginx Server
  
       #6.管理php-fpm配置文件
      - name: Configure php-fpm.conf
        copy:
          src: ./file/php-www.conf.j2
          dest: /etc/php-fpm.d/www.conf
        notify: Restart PHP-FPM Server
  
       #6.添加kodcloud虛擬主機(檢測語法)
      - name: Add Nginx VirtHost kod.oldxu.com
        copy:
          src: ./file/kold.oldxu.com.conf.j2
          dest: /etc/nginx/conf.d/kold.oldxu.com.conf
        notify: Restart Nginx Server
  
      - name: Init Nginx BseEnv
        file:
          path: /code
          state: directory
          owner: www
          group: www
          recurse: yes
  
      - name: Push KodCloud Code
        synchronize:
          src: ./file/kod
          dest: /code/
  
      - name: Chomod kodcloud
        file:
          path: /code
          owner: www
          group: www
          mode: 0777
          recurse: yes
  
      - name: Systemd Nginx Server
        systemd:
          name: nginx
          state: started
          enabled: yes
  
      - name: Systemd PHP-FPM Server
        systemd:
          name: php-fpm
          state: started
          enabled: yes
  
  
  #當nginx或php配置文件發生變動纔會觸發此操做
    handlers:
      - name: Restart Nginx Server
        systemd:
          name: nginx
          state: restarted
  
      - name: Restart PHP-FPM Server
        systemd:
          name: php-fpm
          state: restarted