自動化運維工具ansible playbook和roles的使用
ansible的結構:html
Inventory 用來定義被控制端node
Modules 定義被控制端可用的操做python
Ad Hoc Commands 定義被控制端能夠執行命令的linux
Playbook 批量運行的方式nginx
Tasks:web
任務:由各模塊所支持執行的特定操做;能夠經過ansible-doc module_name來查看幫助文檔,很是詳細
shell
-m user -a ‘name= password=’apache
Variables:vim
變量centos
Templates:
模板:(如執行httpd服務時,各節點上httpd的配置文件內容都不同,如何讓各節點的配置都不一樣。是經過定義好配置文件模板)
文本文件模板:使用模板語言來定義;
Handlers:
處理器:
事先定義好的能夠在某些條件下被觸發的操做;
Roles:
角色:
層次型組織playbook及其所依賴的各類資源的一種機制;
角色可被單獨調用;
playbooks
Contain one or more plays
Written in YAML 文件時yaml格式的
Declarative config
not code
Executed in the order in is written (aka Imperative)
語法格式
- 表示列表中的一項,具備相同縮進格式的是同一個列表中的元素
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
-name: install apache
apt: pkg=apache2-mpm-prefork state=latest
1、YAML
1.1 YAML介紹
YAML是一個可讀性高的用來表達資料序列的格式。YAML參考了其餘多種語言,包括:XML、C語言、Python、Perl以及電子郵件格式RFC2822等。Clark Evans在2001年在首次發表了這種語言,另外Ingy dot Net與Oren Ben-Kiki也是這語言的共同設計者。
YAML Ain't Markup Language,即YAML不是XML。不過,在開發的這種語言時,YAML的意思實際上是:"Yet Another Markup Language"(還是一種標記語言)。其特性:
YAML的可讀性好
YAML和腳本語言的交互性好
YAML使用實現語言的數據類型
YAML有一個一致的信息模型
YAML易於實現
YAML能夠基於流來處理
YAML表達能力強,擴展性好
更多的內容及規範參見http://www.yaml.org。
1.2 YAML語法
YAML的語法和其餘高階語言相似,而且能夠簡單表達清單、散列表、標量等數據結構。其結構(Structure)經過空格來展現,序列(Sequence)裏的項用"-"來表明中的某一個元素,Map裏的鍵值對用":"分隔。下面是一個示例。
name: John Smith 鍵值對
age: 41
gender: Male
spouse:
name: Jane Smith
age: 37
gender: Female
children:
- name: Jimmy Smith
age: 17
gender: Male
- name: Jenny Smith
age 13
gender: Female
YAML文件擴展名一般爲.yaml,如example.yaml。 .yml也行
1.2.1 list
列表的全部元素均使用「-」打頭,例如:-和元素之間有一個空格
# A list of tasty fruits
- Apple
- Orange
- Strawberry
- Mango
1.2.2 dictionary
字典經過key與valuef進行標識,例如:
---
# An employee record
name: Example Developer
job: Developer
skill: Elite
也能夠將key:value放置於{}中進行表示,例如:
---
# An employee record
{name: Example Developer, job: Developer, skill: Elite}
2、Ansible基礎元素
2.1 變量
2.1.1 變量命名
變量名僅能由字母、數字和下劃線組成,且只能以字母開頭。
2.1.2 facts
facts是由正在通訊的遠程目標主機發回的信息,這些信息被保存在ansible變量中。要獲取指定的遠程主機所支持的全部facts,可以使用以下命令進行:
# ansible hostname -m setup
setup Gathers facts about remote hosts 收集關於遠程主機的信息
例如
# ansible 192.168.20.161 -m setup
[root@node1 ~]# ansible constrol -m setup
2.1.3 register
把任務的輸出定義爲變量,而後用於其餘任務,示例以下:
tasks:
- shell: /usr/bin/foo
register: foo_result
ignore_errors: True
2.1.4 經過命令行傳遞變量
在運行playbook的時候也能夠傳遞一些變量供playbook使用,示例以下:
ansible-playbook test.yml --extra-vars "hosts=www user=mageedu"
2.1.5 經過roles傳遞變量
當給一個主機應用角色的時候能夠傳遞變量,而後在角色內使用這些變量,示例以下:
- hosts: webservers
roles:
- common
- { role: foo_app_instance, dir: '/web/htdocs/a.com', port: 8080 }
2.2 Inventory
ansible的主要功用在於批量主機操做,爲了便捷地使用其中的部分主機,能夠在inventory file中將其分組命名。默認的inventory file爲/etc/ansible/hosts。
inventory file能夠有多個,且也能夠經過Dynamic Inventory來動態生成。
2.2.1 inventory文件格式
inventory文件遵循INI文件風格,中括號中的字符爲組名。能夠將同一個主機同時歸併到多個不一樣的組中;此外,當如若目標主機使用了非默認的SSH端口,還能夠在主機名稱以後使用冒號加端口號來標明。
ntp.magedu.com
[webservers]
www1.magedu.com:2222
www2.magedu.com
[dbservers]
db1.magedu.com
db2.magedu.com
db3.magedu.com
若是主機名稱遵循類似的命名模式,還可使用列表的方式標識各主機,例如:
[webservers]
www[01:50].example.com
[databases]
db-[a:f].example.com
2.2.2 主機變量
能夠在inventory中定義主機時爲其添加主機變量以便於在playbook中使用。例如:
[webservers]
www1.magedu.com http_port=80 maxRequestsPerChild=808
www2.magedu.com http_port=8080 maxRequestsPerChild=909
2.2.3 組變量
組變量是指賦予給指定組內全部主機上的在playbook中可用的變量。例如:
[webservers]
www1.magedu.com
www2.magedu.com
[webservers:vars]
ntp_server=ntp.magedu.com
nfs_server=nfs.magedu.com
2.2.4 組嵌套
inventory中,組還能夠包含其它的組,而且也能夠向組中的主機指定變量。不過,這些變量只能在ansible-playbook中使用,而ansible不支持。例如:
[apache]
httpd1.magedu.com
httpd2.magedu.com
[nginx]
ngx1.magedu.com
ngx2.magedu.com
[webservers:children]
apache
nginx
[webservers:vars]
ntp_server=ntp.magedu.com
2.2.5 inventory參數
ansible基於ssh鏈接inventory中指定的遠程主機時,還能夠經過參數指定其交互方式;這些參數以下所示:
ansible_ssh_host
The name of the host to connect to, if different from the alias you wish to give to it.
ansible_ssh_port
The ssh port number, if not 22
ansible_ssh_user
The default ssh user name to use.
ansible_ssh_pass
The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
ansible_sudo_pass
The sudo password to use (this is insecure, we strongly recommend using --ask-sudo-pass)
ansible_connection
Connection type of the host. Candidates are local, ssh or paramiko. The default is paramiko before Ansible 1.2, and 'smart' afterwards which detects whether usage of 'ssh' would be feasible based on whether ControlPersist is supported.
ansible_ssh_private_key_file
Private key file used by ssh. Useful if using multiple keys and you don't want to use SSH agent.
ansible_shell_type
The shell type of the target system. By default commands are formatted using 'sh'-style syntax by default. Setting this to 'csh' or 'fish' will cause commands executed on target systems to follow those shell's syntax instead.
ansible_python_interpreter
The target host python path. This is useful for systems with more than one Python or not located at "/usr/bin/python" such as \*BSD, or where /usr/bin/python is not a 2.X series Python. We do not use the "/usr/bin/env" mechanism as that requires the remote user's path to be set right and also assumes the "python" executable is named python, where the executable might be named something like "python26".
ansible\_\*\_interpreter
Works for anything such as ruby or perl and works just like ansible_python_interpreter. This replaces shebang of modules which will run on that host.
下面就用一個yaml文件來練練手
讓節點安裝httpd,且安裝後要開機自動啓動,如何寫playbooks
#vim web.yaml
- name: web servers 劇本的名稱,用於描述劇本本身的結構
remote_user: root 遠程主機上以那個用戶的身份運行
hosts: constrol 此劇本運用於哪些主機
tasks:此劇本有多個部份內容
- name: install httpd (- name(中間有一個空格))
yum:name=httpd state=present (用什麼來安裝)
- name: httpd service
service: name=httpd enabled=yes state=started (這些選項是在service模塊下的內容)
運行playbooks
#ansible-playbook web.yaml
[root@node1 ~]# cat web.yaml 這個是yaml文件的內容
- name : web server
remote_user : root
hosts : constrol
tacks :
- name : install httpd
yum : name=httpd 這裏能夠不用寫state,由於默認爲preset就是安裝
- name : start httpd
service : name=httpd enabled=yes state=started
[root@node1 ~]# ansible-playbook web.yaml
ERROR: tacks is not a legal parameter of an Ansible Play 提示tacks參數出錯,是沒有tacks,應該是tasks,會自動檢測語法
[root@node1 ~]# vim web.yaml
[root@node1 ~]# ansible-playbook web.yaml 運行.yaml
PLAY [web server] *************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.234]
ok: [192.168.21.230]
TASK: [install httpd] *********************************************************
changed: [192.168.21.230]
changed: [192.168.21.234]
TASK: [start httpd] ***********************************************************
changed: [192.168.21.234]
changed: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=3 changed=2 unreachable=0 failed=0
192.168.21.234 : ok=3 changed=2 unreachable=0 failed=0
這裏ok=3就是 安裝ok 開機啓動ok 啓動ok
[root@node1 ~]# cat web.yaml 修改後的.yaml
- name : web server
remote_user : root
hosts : constrol
tasks :
- name : install httpd
yum : name=httpd
- name : start httpd
service : name=httpd enabled=yes state=started
[root@node1 ~]# ansible constrol -m command -a 'rpm -q httpd' 安裝ok
192.168.21.230 | success | rc=0 >>
httpd-2.2.15-39.el6.centos.x86_64
192.168.21.234 | success | rc=0 >>
httpd-2.2.15-39.el6.centos.x86_64
[root@node1 ~]# ansible constrol -m command -a 'service httpd status' 運行ok
192.168.21.234 | success | rc=0 >>
httpd (pid 6871) is running...
192.168.21.230 | success | rc=0 >>
httpd (pid 24315) is running...
[root@node1 ~]# ansible constrol -m command -a 'chkconfig --list httpd' 開機自啓動ok
192.168.21.234 | success | rc=0 >>
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
192.168.21.230 | success | rc=0 >>
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
3.3 條件測試
若是須要根據變量、facts或此前任務的執行結果來做爲某task執行與否的前提時要用到條件測試。
3.3.1 when語句
在task後添加when子句便可使用條件測試;when語句支持Jinja2表達式語法。例如:
tasks:
- name: "shutdown Debian flavored systems"
command: /sbin/shutdown -h now
when: ansible_os_family == "Debian" 條件
when語句中還可使用Jinja2的大多「filter」,例如要忽略此前某語句的錯誤並基於其結果(failed或者sucess)運行後面指定的語句,可以使用相似以下形式:
tasks:
- command: /bin/false
register: result 註冊器
ignore_errors: True 忽略錯誤信息
- command: /bin/something
when: result|failed 第一條命令失敗時(result 爲failed時),才執行第二條命令
- command: /bin/something_else
when: result|success (result 爲success時),才執行
- command: /bin/still/something_else
when: result|skipped skipped:已經執行過跳過執行
此外,when語句中還可使用facts或playbook中定義的變量。
經過條件測試,若是httpd安裝了,忽略錯誤,先把httpd中止後刪除,這裏特別須要注意yaml對格式要求表嚴格,必定要按規範寫
[root@node1 ~]# cat web.yaml
- name: web server
remote_user: root
hosts: constrol
tasks:
- command: /bin/false
register: result
ignore_errors: True
- name: reinstall httpd
yum: name=httpd
when: result|failed
- name: stop httpd
service: name=httpd enabled=no state=stopped
- name: remove httpd
yum: name=httpd state=absent
[root@node1 ~]# ansible-playbook web.yaml
PLAY [web server] *************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [command /bin/false] ****************************************************
failed: [192.168.21.230] => {"changed": true, "cmd": ["/bin/false"], "delta": "0:00:00.001693", "end": "2015-04-14 14:56:28.192788", "rc": 1, "start": "2015-04-14 14:56:28.191095", "warnings": []}
...ignoring
failed: [192.168.21.234] => {"changed": true, "cmd": ["/bin/false"], "delta": "0:00:00.013089", "end": "2015-04-14 14:56:28.354546", "rc": 1, "start": "2015-04-14 14:56:28.341457", "warnings": []}
...ignoring
TASK: [reinstall httpd] *******************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [stop httpd] ************************************************************
changed: [192.168.21.230]
changed: [192.168.21.234]
TASK: [remove httpd] **********************************************************
changed: [192.168.21.234]
changed: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=5 changed=3 unreachable=0 failed=0
192.168.21.234 : ok=5 changed=3 unreachable=0 failed=0
[root@node1 ~]# ansible constrol -m command -a 'rpm -q httpd' 已經刪除了
192.168.21.230 | FAILED | rc=1 >>
package httpd is not installed
192.168.21.234 | FAILED | rc=1 >>
package httpd is not installed
3.4 迭代
在迭代中只能使用item變量,變量引用爲{{ }}兩個大括號,變量兩邊有空格
當有須要重複性執行的任務時,可使用迭代機制。其使用格式爲將須要迭代的內容定義爲item變量引用,並經過with_items語句來指明迭代的元素列表便可。例如:
- name: add several users
user: name=` item ` state=present groups=wheel stae=present(用戶得存在,加入wheel組中)
with_items:
- testuser1 分別使用testuser1替換name=`item`中的item項
- testuser2
上面語句的功能等同於下面的語句:
- name: add user testuser1
user: name=testuser1 state=present groups=wheel
- name: add user testuser2
user: name=testuser2 state=present groups=wheel
事實上,with_items中可使用元素還可爲hashes,例如:
- name: add several users
user: name=` item`.`name ` state=present groups=` item`.`groups `
with_items:
- { name: 'testuser1', groups: 'wheel' }
- { name: 'testuser2', groups: 'root' }
ansible的循環機制還有更多的高級功能,具體請參見官方文檔(http://docs.ansible.com/playbooks_loops.html)。
如:使用迭代添加用戶
[root@node1 ~]# cat adduser.yaml
- name: add users
remote_user: root
hosts: constrol
tasks:
- name: add server users
user: name=` item ` state=present
with_items:
- testuser1
- testuser2
- testuser3
[root@node1 ~]# ansible-playbook adduser.yaml
PLAY [add users] **************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [add server users] *****************************************************
changed: [192.168.21.230] => (item=testuser1)
changed: [192.168.21.234] => (item=testuser1)
changed: [192.168.21.230] => (item=testuser2)
changed: [192.168.21.230] => (item=testuser3)
changed: [192.168.21.234] => (item=testuser2)
changed: [192.168.21.234] => (item=testuser3)
PLAY RECAP ********************************************************************
192.168.21.230 : ok=2 changed=1 unreachable=0 failed=0
192.168.21.234 : ok=2 changed=1 unreachable=0 failed=0
[root@node1 ~]# ansible constrol -m command -a 'tail -5 /etc/passwd' 查看發現用戶建立成功了
192.168.21.234 | success | rc=0 >>
openstack:x:500:500::/home/openstack:/bin/bash
apache:x:48:48:Apache:/var/www:/sbin/nologin
testuser1:x:501:501::/home/testuser1:/bin/bash
testuser2:x:502:502::/home/testuser2:/bin/bash
testuser3:x:503:503::/home/testuser3:/bin/bash
192.168.21.230 | success | rc=0 >>
openstack:x:500:500::/home/openstack:/bin/bash
apache:x:48:48:Apache:/var/www:/sbin/nologin
testuser1:x:501:501::/home/testuser1:/bin/bash
testuser2:x:502:502::/home/testuser2:/bin/bash
testuser3:x:503:503::/home/testuser3:/bin/bash
[root@node1 ~]# ansible constrol -m shell -a 'pidof httpd|wc -l' 用shell模塊時,可使用管道
192.168.21.230 | success | rc=0 >>
1
192.168.21.234 | success | rc=0 >>
1
[root@node1 ~]# ansible constrol -m command -a 'pidof httpd|wc -l' 使用command模塊時,不能使用管道
192.168.21.234 | FAILED | rc=1 >>
pidof: invalid options on command line!
192.168.21.230 | FAILED | rc=1 >>
pidof: invalid options on command line!
經過setup模塊能夠查看到不少,遠程主機的信息,下面來看看
[root@node1 ~]# ansible constrol -m setup
。。。。
"ansible_default_ipv4": { eth1網卡的詳細信息
"address": "192.168.21.230",
"alias": "eth1",
"gateway": "192.168.20.254",
"interface": "eth1",
"macaddress": "00:50:56:3a:5a:49",
"mtu": 1500,
"netmask": "255.255.254.0",
"network": "192.168.20.0",
"type": "ether"
},
.......
"ansible_distribution": "CentOS", 系統相關的信息
"ansible_distribution_major_version": "6",
"ansible_distribution_release": "Final",
"ansible_distribution_version": "6.6",
........
"ansible_kernel": "2.6.32-504.el6.x86_64", 內核
"ansible_machine": "x86_64", 架構
"ansible_os_family": "RedHat", 操做系統家族
"ansible_pkg_mgr": "yum", 軟件包管理
。。。。
安裝一個軟件包tree,要使用yum來安裝,且只有遠程主機包管理器是yum時,才使用yum來安裝
[root@node1 ~]# cat tree.yaml 測試不是使用yum,用apt-get
- name: tree install
remote_user: root
hosts: constrol
tasks:
- name: yum install screen package
yum: name=screen
when: ansible_pkg_mgr == "apt-get"
[root@node1 ~]# ansible-playbook tree.yaml
PLAY [tree install] ***********************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.234]
ok: [192.168.21.230]
TASK: [yum install screen package] ********************************************
skipping: [192.168.21.234]
skipping: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=1 changed=0 unreachable=0 failed=0
192.168.21.234 : ok=1 changed=0 unreachable=0 failed=0
[root@node1 ~]# ansible constrol -m command -a 'rpm -q screen' screen沒有安裝
192.168.21.234 | FAILED | rc=1 >>
package screen is not installed
192.168.21.230 | FAILED | rc=1 >>
package screen is not installed
[root@node1 ~]# cat tree.yaml 測試用yum
- name: tree install
remote_user: root
hosts: constrol
tasks:
- name: yum install tree package
yum: name=tree
when: ansible_pkg_mgr == "yum"
[root@node1 ~]# ansible-playbook tree.yaml
PLAY [tree install] ***********************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [yum install tree package] **********************************************
changed: [192.168.21.234]
changed: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=2 changed=1 unreachable=0 failed=0
192.168.21.234 : ok=2 changed=1 unreachable=0 failed=0
[root@node1 ~]# ansible constrol -m command -a 'rpm -q tree' 發現安裝成功了
192.168.21.230 | success | rc=0 >>
tree-1.5.3-2.el6.x86_64
192.168.21.234 | success | rc=0 >>
tree-1.5.3-2.el6.x86_64
4、ansible playbooks
playbook是由一個或多個「play」組成的列表。play的主要功能在於將事先歸併爲一組的主機裝扮成事先經過ansible中的task定義好的角色。從根本上來說,所謂task無非是調用ansible的一個module。將多個play組織在一個playbook中,便可以讓它們聯同起來按事先編排的機制同唱一臺大戲。下面是一個簡單示例。
- hosts: webnodes
vars: 自定義變量
http_port: 80
max_clients: 256
remote_user: root
tasks:
- name: ensure apache is at the latest version
yum: name=httpd state=latest
remote_user: username(tasks下以指定用戶運行)
- name: ensure apache is running
service: name=httpd state=started
handlers: 只有被調用時,才能執行
- name: restart apache
service: name=httpd state=restarted
4.1 playbook基礎組件
4.1.1 Hosts和Users
playbook中的每個play的目的都是爲了讓某個或某些主機以某個指定的用戶身份執行任務。hosts用於指定要執行指定任務的主機,其能夠是一個或多個由冒號分隔主機組;remote_user則用於指定遠程主機上的執行任務的用戶。如上面示例中的
-hosts: webnodes
remote_user: root
不過,remote_user也可用於各task中。也能夠經過指定其經過sudo的方式在遠程主機上執行任務,其可用於play全局或某任務;此外,甚至能夠在sudo時使用sudo_user指定sudo時切換的用戶。
- hosts: webnodes
remote_user: mageedu
tasks:
- name: test connection
ping:
remote_user: mageedu
sudo: yes
4.1.2 任務列表和action
play的主體部分是task list。task list中的各任務按次序逐個在hosts中指定的全部主機上執行,即在全部主機上完成第一個任務後再開始第二個。在運行自上而下某playbook時,若是中途發生錯誤,全部已執行任務都將回滾,所以,在更正playbook後從新執行一次便可。
task的目的是使用指定的參數執行模塊,而在模塊參數中可使用變量。模塊執行是冪等的,這意味着屢次執行是安全的,由於其結果均一致。
每一個task都應該有其name,用於playbook的執行結果輸出,建議其內容儘量清晰地描述任務執行步驟。若是未提供name,則action的結果將用於輸出。
定義task的可使用「action: module options」或「module: options」的格式,推薦使用後者以實現向後兼容。若是action一行的內容過多,也可在行首使用幾個空白字符進行換行。
tasks:
- name: make sure apache is running
service: name=httpd state=running
在衆多模塊中,只有command和shell模塊僅須要給定一個列表而無需使用「key=value」格式,例如:
tasks:
- name: disable selinux
command: /sbin/setenforce 0
若是命令或腳本的退出碼不爲零,可使用以下方式替代:
tasks:
- name: run this command and ignore the result
shell: /usr/bin/somecommand || /bin/true
或者使用ignore_errors來忽略錯誤信息:
tasks:
- name: run this command and ignore the result
shell: /usr/bin/somecommand
ignore_errors: True 前一個命令執行失敗了,就忽略掉
4.1.3 handlers
用於當關注的資源發生變化時採起必定的操做。
「notify」這個action可用於在每一個play的最後被觸發,這樣能夠避免屢次有改變發生時每次都執行指定的操做,取而代之,僅在全部的變化發生完成後一次性地執行指定操做。在notify中列出的操做稱爲handler,也即notify中調用handler中定義的操做。
- name: template configuration file
template: src=template.j2 dest=/etc/foo.conf 使用template.j2這個模板配置文件,保存爲foo.conf配置文件,當foo.conf配置文件改變時,通知notify觸發某個handlers
notify:
- restart memcached
- restart apache
handler是task列表,這些task與前述的task並無本質上的不一樣。handler須要和tasks對齊
handlers:
- name: restart memcached
service: name=memcached state=restarted
- name: restart apache
service: name=apache state=restarted
修改httpd.conf下監聽的端口爲8080,把此配置文件複製到遠程節點上,
寫一個playbook,把文件複製到遠程節點上後再啓動服務
[root@node1 conf]# cat httpd.yaml yaml內容以下
- hosts: constrol
remote_user: root
tasks:
- name: Install httpd
yum: name=httpd
- name: copy configuration file
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd enabled=yes state=started
handlers:
- name: restart httpd
service: name=httpd state=restarted
[root@node1 conf]# ansible-playbook httpd.yaml 執行
PLAY [constrol] ***************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [Install httpd] *********************************************************
changed: [192.168.21.230]
changed: [192.168.21.234]
TASK: [copy configuration file] ***********************************************
ok: [192.168.21.234]
ok: [192.168.21.230]
TASK: [start httpd] ***********************************************************
changed: [192.168.21.234]
changed: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=4 changed=2 unreachable=0 failed=0
192.168.21.234 : ok=4 changed=2 unreachable=0 failed=0
[root@node1 conf]# ansible constrol -m shell -a 'ss -tnlp|grep 80' 查看遠程80端口是否啓用了
192.168.21.234 | success | rc=0 >>
LISTEN 0 128 :::80 :::* users:(("httpd",9374,5),("httpd",9377,5),("httpd",9378,5),("httpd",9379,5),("httpd",9380,5),("httpd",9381,5),("httpd",9382,5),("httpd",9383,5),("httpd",9384,5))
192.168.21.230 | success | rc=0 >>
LISTEN 0 128 :::80 :::* users:(("httpd",26676,5),("httpd",26679,5),("httpd",26680,5),("httpd",26681,5),("httpd",26682,5),("httpd",26683,5),("httpd",26684,5),("httpd",26685,5),("httpd",26686,5))
[root@node1 conf]# vim httpd.conf 修改監聽端口爲8080
[root@node1 conf]# grep "8080" httpd.conf
Listen 8080
[root@node1 conf]# ansible constrol -m shell -a 'ss -tnlp|grep 8080'
192.168.21.230 | FAILED | rc=1 >>
192.168.21.234 | FAILED | rc=1 >>
[root@node1 conf]# ansible-playbook httpd.yaml 從新執行
PLAY [constrol] ***************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [Install httpd] *********************************************************
ok: [192.168.21.230]
ok: [192.168.21.234]
TASK: [copy configuration file] ***********************************************
changed: [192.168.21.234]
changed: [192.168.21.230]
TASK: [start httpd] ***********************************************************
ok: [192.168.21.234]
ok: [192.168.21.230]
NOTIFIED: [restart httpd] *****************************************************
changed: [192.168.21.230]
changed: [192.168.21.234]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=5 changed=2 unreachable=0 failed=0
192.168.21.234 : ok=5 changed=2 unreachable=0 failed=0
[root@node1 conf]# ansible constrol -m shell -a 'ss -tnlp|grep 8080' 8080端口ok
192.168.21.234 | success | rc=0 >>
LISTEN 0 128 :::8080 :::* users:(("httpd",9668,6),("httpd",9671,6),("httpd",9672,6),("httpd",9673,6),("httpd",9674,6),("httpd",9675,6),("httpd",9676,6),("httpd",9677,6),("httpd",9678,6))
192.168.21.230 | success | rc=0 >>
LISTEN 0 128 :::8080 :::* users:(("httpd",26967,6),("httpd",26970,6),("httpd",26971,6),("httpd",26972,6),("httpd",26973,6),("httpd",26974,6),("httpd",26975,6),("httpd",26976,6),("httpd",26977,6))
這裏咱們每次修改配置文件只要作的事就是重啓一下服務,不用再按照httpd.yaml依次往下的執行,咱們經過設定標籤,爲每一個任務分別添加一個標籤,重啓對應的服務,只須要重啓對應的標籤便可。用tags來指定,再來測試以下
[root@node1 ~]# man ansible-playbook
ANSIBLE-PLAYBOOK(1) System administration commands ANSIBLE-PLAYBOOK(1)
NAME
ansible-playbook - run an ansible playbook
SYNOPSIS
ansible-playbook <filename.yml> ... [options]
..............
-t, TAGS, --tags=TAGS
Only run plays and tasks tagged with these values.
--skip-tags=SKIP_TAGS
Only run plays and tasks whose tags do not match these values.
[root@node1 conf]# cat httpd.yaml
- hosts: constrol
remote_user: root
tasks:
- name: Install httpd
yum: name=httpd
- name: copy configuration file
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
tags: conf
notify: restart httpd
- name: start httpd
service: name=httpd enabled=yes state=started
handlers:
- name: restart httpd
service: name=httpd state=restarted
[root@node1 conf]# vim httpd.conf
[root@node1 conf]# grep 80 httpd.conf
#Listen 12.34.56.78:80
Listen 80
#ServerName www.example.com:80
#NameVirtualHost *:80
# (e.g. :80) if mod_ssl is being used, due to the nature of the
#<VirtualHost *:80>
[root@node1 conf]# ansible-playbook httpd.yaml -t conf
PLAY [constrol] ***************************************************************
GATHERING FACTS ***************************************************************
ok: [192.168.21.234]
ok: [192.168.21.230]
TASK: [copy configuration file] *********************************************** 複製配置文件發生了changed
changed: [192.168.21.234]
changed: [192.168.21.230]
NOTIFIED: [restart httpd] ***************************************************** 觸發restart了也爲changed
changed: [192.168.21.234]
changed: [192.168.21.230]
PLAY RECAP ********************************************************************
192.168.21.230 : ok=3 changed=2 unreachable=0 failed=0
192.168.21.234 : ok=3 changed=2 unreachable=0 failed=0
[root@node1 conf]# ansible constrol -m shell -a 'ss -tnlp|grep 80'
192.168.21.234 | success | rc=0 >>
LISTEN 0 128 :::80 :::* users:(("httpd",9873,6),("httpd",9875,6),("httpd",9876,6),("httpd",9877,6),("httpd",9878,6),("httpd",9879,6),("httpd",9881,6),("httpd",9882,6),("httpd",9883,6))
192.168.21.230 | success | rc=0 >>
LISTEN 0 128 :::80 :::* users:(("httpd",27169,6),("httpd",27172,6),("httpd",27173,6),("httpd",27174,6),("httpd",27175,6),("httpd",27176,6),("httpd",27177,6),("httpd",27178,6),("httpd",27179,6))
對httpd.yaml進行切分,經過- include來包含切分後的任務
[root@node1 conf]# cat httpd.yaml
- hosts: constrol
remote_user: root
tasks:
- include: tasks/tasks.yaml tasks文件的位置
handlers:
- include: handlers/handlers.yaml handlers文件的位置
[root@node1 conf]# mkdir tasks handlers 新建目錄和文件
[root@node1 conf]# vim handlers/handlers.yaml
[root@node1 conf]# cat handlers/handlers.yaml
- name: restart httpd
service: name=httpd state=restarted
[root@node1 conf]# vim tasks/tasks.yaml
[root@node1 conf]# cat tasks/tasks.yaml
- name: Install httpd
yum: name=httpd
- name: copy configuration file
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
notify: restart httpd
- name: start httpd
service: name=httpd enabled=yes state=started
[root@node1 conf]# vim httpd.conf
[root@node1 conf]# grep "8080" httpd.conf 修改了一下端口
Listen 8080
[root@node1 conf]# ansible-playbook httpd.yaml 執行yaml ... [root@node1 conf]# ansible constrol -m shell -a 'ss -tnlp|grep 8080' 修改端口ok 192.168.21.234 | success | rc=0 >> LISTEN 0 128 :::8080 :::* users:(("httpd",10379,6),("httpd",10382,6),("httpd",10383,6),("httpd",10384,6),("httpd",10385,6),("httpd",10386,6),("httpd",10387,6),("httpd",10388,6),("httpd",10389,6)) 192.168.21.230 | success | rc=0 >> LISTEN 0 128 :::8080 :::* users:(("httpd",27646,6),("httpd",27649,6),("httpd",27650,6),("httpd",27651,6),("httpd",27652,6),("httpd",27653,6),("httpd",27654,6),("httpd",27655,6),("httpd",27656,6)) 在httpd.yaml下也可使用tags,能夠自行測試,後面再介紹roles,且以一個實際項目來進行測試,歡迎關注
- 1. 自動化運維工具ansible playbook和roles的使用
- 2. 自動化運維工具Ansible之roles
- 3. 自動化運維工具ansible-playbook
- 4. 運維自動化工具Ansible-playbook
- 5. 自動化運維工具Ansible工具
- 6. 自動化運維工具-Ansible的Roles的使用
- 7. 運維自動化-Ansible roles
- 8. 自動化運維工具ansible再探
- 9. 自動化運維工具-ansible
- 10. 運維自動化工具之Ansible
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • jQuery Mobile 工具欄 - jQuery Mobile 教程
- • PHP開發工具
- • 適用於PHP初學者的學習線路和建議
-
每一个你不满意的现在,都有一个你没有努力的曾经。