Playbook核心元素
Playbook语法
一个简单的示例# 创建playbook文件 [root@ansible ~]# cat playbook01.yml--- #固定格式- hosts: 192.168.1.31 #定义需要执行主机 remote_user: root #远程用户 vars: #定义变量 http_port: 8088 #变量 tasks: #定义一个任务的开始 - name: create new file #定义任务的名称 file: name=/tmp/playtest.txt state=touch #调用模块,具体要做的事情 - name: create new user user: name=test02 system=yes shell=/sbin/nologin - name: install package yum: name=httpd - name: config httpd template: src=./httpd.conf dest=/etc/httpd/conf/httpd.conf notify: #定义执行一个动作(action)让handlers来引用执行,与handlers配合使用 - restart apache #notify要执行的动作,这里必须与handlers中的name定义内容一致 - name: copy index.html copy: src=/var/www/html/index.html dest=/var/www/html/index.html - name: start httpd service: name=httpd state=started handlers: #处理器:更加tasks中notify定义的action触发执行相应的处理动作 - name: restart apache #要与notify定义的内容相同 service: name=httpd state=restarted #触发要执行的动作 #测试页面准备 [root@ansible ~]# echo "<h1>playbook test file</h1>" >>/var/www/html/index.html #配置文件准备 [root@ansible ~]# cat httpd.conf |grep ^Listen Listen {{ http_port }} #执行playbook, 第一次执行可以加-C选项,检查写的playbook是否ok [root@ansible ~]# ansible-playbook playbook01.yml PLAY [192.168.1.31] *********************************************************************************************TASK [Gathering Facts] ******************************************************************************************ok: [192.168.1.31] TASK [create new file] ******************************************************************************************changed: [192.168.1.31] TASK [create new user] ******************************************************************************************changed: [192.168.1.31] TASK [install package] ******************************************************************************************changed: [192.168.1.31] TASK [config httpd] *********************************************************************************************changed: [192.168.1.31] TASK [copy index.html] ******************************************************************************************changed: [192.168.1.31] TASK [start httpd] **********************************************************************************************changed: [192.168.1.31] PLAY RECAP ******************************************************************************************************192.168.1.31 : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 # 验证上面playbook执行的结果 [root@ansible ~]# ansible 192.168.1.31 -m shell -a 'ls /tmp/playtest.txt && id test02'192.168.1.31 | CHANGED | rc=0 >> /tmp/playtest.txt uid=990(test02) gid=985(test02) 组=985(test02) [root@ansible ~]# curl 192.168.1.31:8088<h1>playbook test file</h1> Playbook的运行方式通过 [root@ansible PlayBook]# ansible-playbook -h #ansible-playbook常用选项:--check or -C #只检测可能会发生的改变,但不真正执行操作--list-hosts #列出运行任务的主机--list-tags #列出playbook文件中定义所有的tags--list-tasks #列出playbook文件中定义的所以任务集--limit #主机列表 只针对主机列表中的某个主机或者某个组执行-f #指定并发数,默认为5个-t #指定tags运行,运行某一个或者多个tags。(前提playbook中有定义tags)-v #显示过程 -vv -vvv更详细 Playbook中元素属性主机与用户在一个 --- - hosts: 192.168.1.31 remote_user: root 除了上面的定义外,还可以在某一个 tasks: - name: run df -h remote_user: test shell: name=df -h 还可以定义使用 tasks: - name: run df -h sudo_user: test sudo: yes shell: name=df -h tasks任务列表每一个 tasks: - name: create new file file: path=/tmp/test01.txt state=touch - name: create new user user: name=test001 state=present Handlers与Notify很多时候当我们某一个配置发生改变,我们需要重启服务,(比如httpd配置文件文件发生改变了)这时候就可以用到 [root@ansible ~]# cat httpd.yml #用于安装httpd并配置启动--- - hosts: 192.168.1.31 remote_user: root tasks: - name: install httpd yum: name=httpd state=installed - name: config httpd template: src=/root/httpd.conf dest=/etc/httpd/conf/httpd.conf notify: - restart httpd - name: start httpd service: name=httpd state=started handlers: - name: restart httpd service: name=httpd state=restarted #这里只要对httpd.conf配置文件作出了修改,修改后需要重启生效,在tasks中定义了restart httpd这个action,然后在handlers中引用上面tasks中定义的notify。 Playbook中变量的使用环境说明:这里配置了两个组,一个apache组和一个nginx组 [root@ansible PlayBook]# cat /etc/ansible/hosts [apache]192.168.1.36192.168.1.33[nginx]192.168.1.3[1:2] 命令行指定变量执行 [root@ansible PlayBook]# cat variables.yml --- - hosts: all remote_user: root tasks: - name: install pkg yum: name={{ pkg }} #执行playbook 指定pkg [root@ansible PlayBook]# ansible-playbook -e "pkg=httpd" variables.yml hosts文件中定义变量在 # 编辑hosts文件定义变量 [root@ansible PlayBook]# vim /etc/ansible/hosts [apache]192.168.1.36 webdir=/opt/test #定义单个主机的变量192.168.1.33[apache:vars] #定义整个组的统一变量 webdir=/web/test [nginx]192.168.1.3[1:2] [nginx:vars] webdir=/opt/web # 编辑playbook文件 [root@ansible PlayBook]# cat variables.yml --- - hosts: all remote_user: root tasks: - name: create webdir file: name={{ webdir }} state=directory #引用变量 # 执行playbook [root@ansible PlayBook]# ansible-playbook variables.yml playbook文件中定义变量编写 # 编辑playbook [root@ansible PlayBook]# cat variables.yml --- - hosts: all remote_user: root vars: #定义变量 pkg: nginx #变量1 dir: /tmp/test1 #变量2 tasks: - name: install pkg yum: name={{ pkg }} state=installed #引用变量 - name: create new dir file: name={{ dir }} state=directory #引用变量 # 执行playbook [root@ansible PlayBook]# ansible-playbook variables.yml # 如果执行时候又重新指定了变量的值,那么会已重新指定的为准 [root@ansible PlayBook]# ansible-playbook -e "dir=/tmp/test2" variables.yml 调用setup模块获取变量
# 编辑playbook文件 [root@ansible PlayBook]# cat variables.yml --- - hosts: all remote_user: root tasks: - name: create file file: name={{ ansible_fqdn }}.log state=touch #引用setup中的ansible_fqdn # 执行playbook [root@ansible PlayBook]# ansible-playbook variables.yml 独立的变量YAML文件中定义为了方便管理将所有的变量统一放在一个独立的变量 # 定义存放变量的文件 [root@ansible PlayBook]# cat var.yml var1: vsftpd var2: httpd # 编写playbook [root@ansible PlayBook]# cat variables.yml --- - hosts: all remote_user: root vars_files: #引用变量文件 - ./var.yml #指定变量文件的path(这里可以是绝对路径,也可以是相对路径) tasks: - name: install package yum: name={{ var1 }} #引用变量 - name: create file file: name=/tmp/{{ var2 }}.log state=touch #引用变量 # 执行playbook [root@ansible PlayBook]# ansible-playbook variables.yml Playbook中标签的使用一个 # 编辑playbook [root@ansible PlayBook]# cat httpd.yml --- - hosts: 192.168.1.31 remote_user: root tasks: - name: install httpd yum: name=httpd state=installed tags: inhttpd - name: start httpd service: name=httpd state=started tags: sthttpd - name: restart httpd service: name=httpd state=restarted tags: - rshttpd - rs_httpd # 正常执行的结果 [root@ansible PlayBook]# ansible-playbook httpd.yml PLAY [192.168.1.31] **************************************************************************************************************************TASK [Gathering Facts] ***********************************************************************************************************************ok: [192.168.1.31] TASK [install httpd] *************************************************************************************************************************ok: [192.168.1.31] TASK [start httpd] ***************************************************************************************************************************ok: [192.168.1.31] TASK [restart httpd] *************************************************************************************************************************changed: [192.168.1.31] PLAY RECAP ***********************************************************************************************************************************192.168.1.31 : ok=4 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 1)通过 # 通过-t指定tags名称,多个tags用逗号隔开 [root@ansible PlayBook]# ansible-playbook -t rshttpd httpd.yml PLAY [192.168.1.31] **************************************************************************************************************************TASK [Gathering Facts] ***********************************************************************************************************************ok: [192.168.1.31] TASK [restart httpd] *************************************************************************************************************************changed: [192.168.1.31] PLAY RECAP ***********************************************************************************************************************************192.168.1.31 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 2)通过 [root@ansible PlayBook]# ansible-playbook --skip-tags inhttpd httpd.yml PLAY [192.168.1.31] **************************************************************************************************************************TASK [Gathering Facts] ***********************************************************************************************************************ok: [192.168.1.31] TASK [start httpd] ***************************************************************************************************************************ok: [192.168.1.31] TASK [restart httpd] *************************************************************************************************************************changed: [192.168.1.31] PLAY RECAP ***********************************************************************************************************************************192.168.1.31 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Playbook中模板的使用
示例:通过template安装httpd 1) [root@ansible PlayBook]# cat testtmp.yml #模板示例--- - hosts: all remote_user: root vars: - listen_port: 88 #定义变量 tasks: - name: Install Httpd yum: name=httpd state=installed - name: Config Httpd template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf #使用模板 notify: Restart Httpd - name: Start Httpd service: name=httpd state=started handlers: - name: Restart Httpd service: name=httpd state=restarted 2)模板文件准备, [root@ansible PlayBook]# cat templates/httpd.conf.j2 |grep ^Listen Listen {{ listen_port }} 3)查看目录结构 # 目录结构 [root@ansible PlayBook]# tree . . ├── templates │ └── httpd.conf.j2 └── testtmp.yml1 directory, 2 files 4)执行 [root@ansible PlayBook]# ansible-playbook testtmp.yml PLAY [all] ******************************************************************************************TASK [Gathering Facts] ******************************************************************************ok: [192.168.1.36] ok: [192.168.1.32] ok: [192.168.1.33] ok: [192.168.1.31] TASK [Install Httpd] ********************************************************************************ok: [192.168.1.36] ok: [192.168.1.33] ok: [192.168.1.32] ok: [192.168.1.31] TASK [Config Httpd] *********************************************************************************changed: [192.168.1.31] changed: [192.168.1.33] changed: [192.168.1.32] changed: [192.168.1.36] TASK [Start Httpd] **********************************************************************************fatal: [192.168.1.36]: FAILED! => {"changed": false, "msg": "httpd: Syntax error on line 56 of /etc/httpd/conf/httpd.conf: Include directory '/etc/httpd/conf.modules.d' not found\n"} changed: [192.168.1.32] changed: [192.168.1.33] changed: [192.168.1.31] RUNNING HANDLER [Restart Httpd] *********************************************************************changed: [192.168.1.31] changed: [192.168.1.32] changed: [192.168.1.33] PLAY RECAP ******************************************************************************************192.168.1.31 : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.1.32 : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.1.33 : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.1.36 : ok=3 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 template之when条件测试:如果需要根据变量、 类似这样: tasks: - command: /bin/false register: result ignore_errors: True - command: /bin/something when: result|failed - command: /bin/something_else when: result|success - command: /bin/still/something_else when: result|skipped 示例:通过when语句完善上面的httpd配置 1)准备两个配置文件,一个 [root@ansible PlayBook]# tree templates/templates/├── httpd6.conf.j2 #6系统2.2.15版本httpd配置文件 └── httpd7.conf.j2 #7系统2.4.6版本httpd配置文件0 directories, 2 files 2)修改 [root@ansible PlayBook]# cat testtmp.yml #when示例--- - hosts: all remote_user: root vars: - listen_port: 88 tasks: - name: Install Httpd yum: name=httpd state=installed - name: Config System6 Httpd template: src=httpd6.conf.j2 dest=/etc/httpd/conf/httpd.conf when: ansible_distribution_major_version == "6" #判断系统版本,为6便执行上面的template配置6的配置文件 notify: Restart Httpd - name: Config System7 Httpd template: src=httpd7.conf.j2 dest=/etc/httpd/conf/httpd.conf when: ansible_distribution_major_version == "7" #判断系统版本,为7便执行上面的template配置7的配置文件 notify: Restart Httpd - name: Start Httpd service: name=httpd state=started handlers: - name: Restart Httpd service: name=httpd state=restarted 3)执行playbook [root@ansible PlayBook]# ansible-playbook testtmp.yml PLAY [all] ******************************************************************************************TASK [Gathering Facts] ******************************************************************************ok: [192.168.1.31] ok: [192.168.1.32] ok: [192.168.1.33] ok: [192.168.1.36] TASK [Install Httpd] ********************************************************************************ok: [192.168.1.32] ok: [192.168.1.33] ok: [192.168.1.31] ok: [192.168.1.36] TASK [Config System6 Httpd] *************************************************************************skipping: [192.168.1.33] skipping: [192.168.1.31] skipping: [192.168.1.32] changed: [192.168.1.36] TASK [Config System7 Httpd] *************************************************************************skipping: [192.168.1.36] changed: [192.168.1.33] changed: [192.168.1.31] changed: [192.168.1.32] TASK [Start Httpd] **********************************************************************************ok: [192.168.1.36] ok: [192.168.1.31] ok: [192.168.1.32] ok: [192.168.1.33] RUNNING HANDLER [Restart Httpd] *********************************************************************changed: [192.168.1.33] changed: [192.168.1.31] changed: [192.168.1.32] changed: [192.168.1.36] PLAY RECAP ******************************************************************************************192.168.1.31 : ok=5 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.1.32 : ok=5 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.1.33 : ok=5 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 192.168.1.36 : ok=5 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 template之with_items
示例1:通过with_items安装多个不同软件 编写 [root@ansible PlayBook]# cat testwith.yml # 示例with_items--- - hosts: all remote_user: root tasks: - name: Install Package yum: name={{ item }} state=installed #引用item获取值 with_items: #定义with_items - httpd - vsftpd - nginx 上面 --- - hosts: all remote_user: root tasks: - name: Install Httpd yum: name=httpd state=installed - name: Install Vsftpd yum: name=vsftpd state=installed - name: Install Nginx yum: name=nginx state=installed 示例2:通过嵌套子变量创建用户并加入不同的组 1)编写 [root@ansible PlayBook]# cat testwith01.yml # 示例with_items嵌套子变量--- - hosts: all remote_user: root tasks: - name: Create New Group group: name={{ item }} state=present with_items: - group1 - group2 - group3 - name: Create New User user: name={{ item.name }} group={{ item.group }} state=present with_items: - { name: 'user1', group: 'group1' } - { name: 'user2', group: 'group2' } - { name: 'user3', group: 'group3' } 2)执行 # 执行playbook [root@ansible PlayBook]# ansible-playbook testwith01.yml # 验证是否成功创建用户及组 [root@ansible PlayBook]# ansible all -m shell -a 'tail -3 /etc/passwd'192.168.1.36 | CHANGED | rc=0 >>user1:x:500:500::/home/user1:/bin/bash user2:x:501:501::/home/user2:/bin/bash user3:x:502:502::/home/user3:/bin/bash192.168.1.32 | CHANGED | rc=0 >>user1:x:1001:1001::/home/user1:/bin/bash user2:x:1002:1002::/home/user2:/bin/bash user3:x:1003:1003::/home/user3:/bin/bash192.168.1.31 | CHANGED | rc=0 >>user1:x:1002:1003::/home/user1:/bin/bash user2:x:1003:1004::/home/user2:/bin/bash user3:x:1004:1005::/home/user3:/bin/bash192.168.1.33 | CHANGED | rc=0 >>user1:x:1001:1001::/home/user1:/bin/bash user2:x:1002:1002::/home/user2:/bin/bash user3:x:1003:1003::/home/user3:/bin/bash template之for if通过使用 示例1 1)编写 [root@ansible PlayBook]# cat testfor01.yml # template for 示例--- - hosts: all remote_user: root vars: nginx_vhost_port: - 81 - 82 - 83 tasks: - name: Templage Nginx Config template: src=nginx.conf.j2 dest=/tmp/nginx_test.conf 2)模板文件编写 # 循环playbook文件中定义的变量,依次赋值给port [root@ansible PlayBook]# cat templates/nginx.conf.j2 {% for port in nginx_vhost_port %} server{ listen: {{ port }}; server_name: localhost; } {% endfor %} 3)执行 [root@ansible PlayBook]# ansible-playbook testfor01.yml # 去到一个节点看下生成的结果发现自动生成了三个虚拟主机 [root@linux ~]# cat /tmp/nginx_test.conf server{ listen: 81; server_name: localhost; } server{ listen: 82; server_name: localhost; } server{ listen: 83; server_name: localhost; } 示例2 1)编写 [root@ansible PlayBook]# cat testfor02.yml # template for 示例--- - hosts: all remote_user: root vars: nginx_vhosts: - web1: listen: 8081 server_name: "web1.example.com" root: "/var/www/nginx/web1" - web2: listen: 8082 server_name: "web2.example.com" root: "/var/www/nginx/web2" - web3: listen: 8083 server_name: "web3.example.com" root: "/var/www/nginx/web3" tasks: - name: Templage Nginx Config template: src=nginx.conf.j2 dest=/tmp/nginx_vhost.conf 2)模板文件编写 [root@ansible PlayBook]# cat templates/nginx.conf.j2 {% for vhost in nginx_vhosts %} server{ listen: {{ vhost.listen }}; server_name: {{ vhost.server_name }}; root: {{ vhost.root }}; } {% endfor %} 3)执行 [root@ansible PlayBook]# ansible-playbook testfor02.yml # 去到一个节点看下生成的结果发现自动生成了三个虚拟主机 [root@linux ~]# cat /tmp/nginx_vhost.conf server{ listen: 8081; server_name: web1.example.com; root: /var/www/nginx/web1; } server{ listen: 8082; server_name: web2.example.com; root: /var/www/nginx/web2; } server{ listen: 8083; server_name: web3.example.com; root: /var/www/nginx/web3; } 示例3 在for循环中再嵌套if判断,让生成的配置文件更加灵活 1)编写 [root@ansible PlayBook]# cat testfor03.yml # template for 示例--- - hosts: all remote_user: root vars: nginx_vhosts: - web1: listen: 8081 root: "/var/www/nginx/web1" - web2: server_name: "web2.example.com" root: "/var/www/nginx/web2" - web3: listen: 8083 server_name: "web3.example.com" root: "/var/www/nginx/web3" tasks: - name: Templage Nginx Config template: src=nginx.conf.j2 dest=/tmp/nginx_vhost.conf 2)模板文件编写 # 说明:这里添加了判断,如果listen没有定义的话,默认端口使用8888,如果server_name有定义,那么生成的配置文件中才有这一项。 [root@ansible PlayBook]# cat templates/nginx.conf.j2 {% for vhost in nginx_vhosts %} server{ {% if vhost.listen is defined %} listen: {{ vhost.listen }}; {% else %} listen: 8888; {% endif %} {% if vhost.server_name is defined %} server_name: {{ vhost.server_name }}; {% endif %} root: {{ vhost.root }}; } {% endfor %} 3)执行 [root@ansible PlayBook]# ansible-playbook testfor03.yml # 去到一个节点看下生成的结果发现自动生成了三个虚拟主机 [root@linux ~]# cat /tmp/nginx_vhost.conf server{ listen: 8081; root: /var/www/nginx/web1; } server{ listen: 8888; server_name: web2.example.com; root: /var/www/nginx/web2; } server{ listen: 8083; server_name: web3.example.com; root: /var/www/nginx/web3; } 上面三个示例的图片展示效果 例一 例二 例三 |
|