网站要流量有什么用,云商城app下载,公众号平台登录官网,珠宝店网站项目网页设计Ansible的脚本----playbook剧本 1.playbook剧本组成2.playbook剧本实战演练2.1 实战演练一#xff1a;给被管理主机安装Apache服务2.2 实战演练二#xff1a;使用sudo命令将远程主机的普通用户提权为root用户2.3 实战演练三#xff1a;when条件判断指定的IP地址2.4 实战演练… Ansible的脚本----playbook剧本 1.playbook剧本组成2.playbook剧本实战演练2.1 实战演练一给被管理主机安装Apache服务2.2 实战演练二使用sudo命令将远程主机的普通用户提权为root用户2.3 实战演练三when条件判断指定的IP地址2.4 实战演练四使用with_items迭代循环在远程主机创建文件和目录2.5 实战演练五使用with_items迭代循环并调用变量创建指定文件和目录2.6 实战演练六在playbook剧本中基于Templates模块安装Apache服务2.7 实战演练七在playbook剧本中基于Templates模块创建标签 3.playbook知识点总结 1.playbook剧本组成
1Tasks任务即通过task调用ansible的模板将多个操作组织在一个playbook中运行 2Variables变量 3Templates模板 4Handlers处理器当changed状态条件满足时notify触发执行的操作 5Roles角色
2.playbook剧本实战演练
2.1 实战演练一给被管理主机安装Apache服务
在ansible服务器主机给远程被管理主机制作安装Apache服务的剧本文件demo1.yaml
cd /etc/yum.repos.d/ #制作本地yum源
cd /etc/ansible/playbook/ #将修改后的httpd.conf文件复制到当前目录中vim /etc/ansible/playbook/demo1.yaml - name: the first play for install apachegather_facts: falsehosts: dbserversremote_user: roottasks:- name: disable firewalldservice: namefirewalld statestopped enabledno- name: disable selinuxcommand: /usr/sbin/setenforce 0ignore_errors: true- name: disable selinux foreverreplace: path/etc/selinux/config regexpenforcing replacedisabled- name: mount cdrommount: src/dev/sr0 path/mnt fstypeiso9660 statemounted- name: copy local yum configuration filecopy: src/etc/yum.repos.d/repo.bak/local.repo dest/etc/yum.repos.d/local.repo- name: install apacheyum: namehttpd statelatest- name: prepare httpd configuration filecopy: src/etc/ansible/playbook/httpd.conf dest/etc/httpd/conf/httpd.confnotify: reload httpd- name: start apacheservice: namehttpd statestarted enabledyeshandlers:- name: reload httpdservice: namehttpd statereloaded 运行playbook
ansible-playbook test1.yaml
//补充参数
-k–ask-pass用来交互输入ssh密码
-K-ask-become-pass用来交互输入sudo密码
-u指定用户
ansible-playbook demo1.yaml --syntax-check #检查yaml文件的语法是否正确
ansible-playbook demo1.yaml --list-task #检查tasks任务
ansible-playbook demo1.yaml --list-hosts #检查生效的主机
ansible-playbook demo1.yaml --start-at-taskinstall httpd #指定从某个task开始运行2.2 实战演练二使用sudo命令将远程主机的普通用户提权为root用户
准备工作先在远程主机添加clr用户然后在ansible服务主机使用clr用户远程主机提权为root用户 指定远程主机sudo切换用户
---
- hosts: dbserversremote_user: clr become: yes #2.6版本以后的参数之前是sudo意思为切换用户运行become_user: root #指定sudo用户为root在ansible服务器主机给远程被管理主机制作使用clr用户登录然后提权为root用户的剧本文件demo2.yaml
vim /etc/ansible/playbook/demo2.yaml - name: second playhosts: dbserversremote_user: clrbecome: yesbecome_user: rootvars:- username: gzy- groupname: Ayu- filename: /opt/123.txtgather_facts: truetasks:- name: create groupgroup: name{{groupname}} gid2800- name: create user join groupuser: name{{username}} uid{{uid}} groups{{groupname}}- name: copy filecopy: content{{ansible_default_ipv4.address}} dest{{filename}}- name: modify username and groupname of filefile: path{{filename}} owner{{username}} group{{groupname}}ansible-playbook demo2.yaml -k -K -e uid88882.3 实战演练三when条件判断指定的IP地址
在Ansible中提供的唯一一个通用的条件判断是when指令当when指令的值为true时则该任务执行否则不执行该任务。
//when一个比较常见的应用场景是实现跳过某个主机不执行任务或者只有满足条件的主机执行任务
在ansible服务器主机制作剧本文件demo2.yaml设置使用when进行条件判断
vim /etc/ansible/playbook/demo3.yaml - name: third playhosts: Ayuremote_user: roottasks:- name: touch filefile: path/opt/Ayu.txt statetouch#when: ansible_default_ipv4.address ! 192.168.80.20when: inventory_hostname 192.168.80.80ansible-playbook .yaml2.4 实战演练四使用with_items迭代循环在远程主机创建文件和目录
vim /etc/ansible/playbook/demo4.yaml - name: fouth playhosts: dbserversremote_user: rootvars:myfile:- /opt/a- /opt/b- /opt/c- /opt/dtasks:- name: touch directorywith_items: {{myfile}}file: path{{item}} statedirectory- name: touch filewith_items:- /root/a- /root/b- /root/c- /root/dfile:path: {{item}}state: touch ansible-playbook demo4.yaml 2.5 实战演练五使用with_items迭代循环并调用变量创建指定文件和目录
vim /etc/ansible/playbook/demo5.yaml - name: fifth playhosts: dbserversremote_user: roottasks:- name: touch filewith_items:- {filename: /opt/a, username: clr, groupname: video}- {filename: /opt/b, username: gzy, groupname: Ayu}file: path{{item.filename}} owner{{item.username}} group{{item.groupname}} statetouch- name: create dirwith_items:- filename: /opt/cdusername: clrgroupname: Ayu- filename: /opt/efusername: gzygroupname: videofile:path: {{item.filename}}owner: {{item.username}}group: {{item.groupname}}state: directory2.6 实战演练六在playbook剧本中基于Templates模块安装Apache服务
1先准备一个以 .j2为后缀的template模板文件设置引用的变量
cp /etc/httpd/conf/httpd.conf /etc/ansible/playbook/httpd.conf.j2vim /etc/ansible/playbook/httpd.conf.j2
Listen {{http_port}} #42行修改
ServerName {{server_name}} #95行修改
DocumentRoot {{root_dir}} #119行修改2修改主机清单文件使用主机变量定义一个变量名相同而值不同的变量
vim /etc/ansible/hosts
[webservers]
192.168.80.50 ip_port192.168.80.50:8050 host_namewww.accp.com:8050 root_dir/var/www/html/accp
192.168.80.60 ip_port192.168.80.60:8060 host_namewww.benet.com:8060 root_dir/var/www/html/benet3编写playbook
vim /etc/ansible/playbook/demo6.yaml - name: sixth playhosts: webserversremote_user: rootvars:- pkg: httpdtasks:- name: disable firewalldservice: namefirewalld statestopped enabledno- name: disable selinuxcommand: /usr/sbin/setenforce 0ignore_errors: true- name: disable selinux foreverreplace: path/etc/selinux/config regexpenforcing replacedisabledignore_errors: true- name: mount cdrommount: src/dev/sr0 path/mnt fstypeiso9660 statemountedignore_errors: true- name: install apacheyum: namehttpd statelatest- name: create root dirfile: statedirectory path{{item}}with_items:- /var/www/html/accp- /var/www/html/benet- name: create index.html in www.accp.comcopy: contenth1this is accp web/h1 dest/var/www/html/accp/index.htmlwhen: ansible_default_ipv4.address 192.168.80.50- name: create index.html in www.benet.comcopy: contenth1this is benet web/h1 dest/var/www/html/benet/index.htmlwhen: inventory_hostname 192.168.80.60- name: prepare configuration filetemplate: src/etc/ansible/playbook/httpd.conf.j2 dest/etc/httpd/conf/httpd.confnotify: reload apache- name: start apacheservice: name{{pkg}} statestarted enabledyeshandlers:- name: reload apacheservice: name{{pkg}} statereloaded ansible-playbook demo6.yaml2.7 实战演练七在playbook剧本中基于Templates模块创建标签
可以在一个playbook中为某个或某些任务定义“标签”在执行此playbook时通过ansible-playbook命令使用–tags选项能实现仅运行指定的tasks。 playbook还提供了一个特殊的tags为always。作用就是当使用always作为tags的task时无论执行哪一个tags时定义有always的tags都会执行。
vim /etc/ansible/playbook/demo7.yaml - name: seventh playhosts: dbserversremote_user: roottasks:- name: create abc.txtfile: path/opt/abc.txt statetouchtags:- clr- gzy- name: create 123.txtfile: path/opt/123.txt statetouchtags:- always- name: create gzy.txtcopy: contentgzy like mygirl dest/opt/wangdian.txttags:- gzyansible-playbook demo7.yaml --tagsgzy3.playbook知识点总结
playbook剧本
vim XXX.yaml
- name: #指定play名称hosts: #指定主机组remote_user: #执行用户 gather_facts: true|false #是否收集远程主机facts信息vars: #定义变量tasks: #定义task任务列表- name: #定义task任务名称模块: #定义任务使用的模块和参数with_items: #定义循环列表when: #定义判断条件 ! true则执行任务否则不执行任务ignore_errors: true #忽略任务失败notify: #定义task任务changed状态时触发的任务名tags: #指定标签ansible-playbook --tags 仅执行拥有指定 tags 标签的任务always标签总会执行handlers: #定义notify触发的任务列表task任务模块语法格式
横向格式
模块名: 参数选项1值 参数选项2{{变量名}} ...纵向格式
模块名:参数选项1: 值参数选项2: {{变量名}}...with_items和变量的语法格式
横向格式
with_items: [值1, 值2, 值3]值为对象键值对字段时
with_items:
- {key1: value1, key2: value2, ...}
- {key1: value3, key2: value4, ...}纵向格式
with_items:
- 值1
- 值2
- 值3值为对象键值对字段时
with_items:
- key1: value1key2: value2
- key1: value3key2: value4template模板模块
1先要准备一个xxx.j2模板文件在文件中使用 {{变量名}} 引用主机变量 或者 vars 自定义的变量 及 facts 字段的值
2在playbook中的tasks中定义template模板配置 template: srcxxx.j2 destxxx
