Loading... <p>一、ansible简介<br style="padding: 0px;margin: 0px" /></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 1.</span><span style="padding: 0px;margin: 0px;font-weight: bold">ansible</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible是新出现的</span><span style="padding: 0px;margin: 0px;font-family: 宋体">自动化</span><span style="padding: 0px;margin: 0px;font-family: Calibri">运维工具</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,</span><span style="padding: 0px;margin: 0px;font-family: Calibri">基于Python研发</span><span style="padding: 0px;margin: 0px;font-family: 宋体">。</span><span style="padding: 0px;margin: 0px;font-family: Calibri">糅合了众多老牌运维工具的优点实现了批量操作系统配置、批量程序的部署、批量运行命令等功能。</span><span style="padding: 0px;margin: 0px;font-family: 宋体">仅需在管理工作站上安装</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">程序配置被管控主机的</span><span style="padding: 0px;margin: 0px;font-family: Calibri">IP</span><span style="padding: 0px;margin: 0px;font-family: 宋体">信息,被管控的主机无客户端。</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">应用程序存在于</span><span style="padding: 0px;margin: 0px;font-family: Calibri">epel(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">第三方社区</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: 宋体">源,依赖于很多</span><span style="padding: 0px;margin: 0px;font-family: Calibri">python</span><span style="padding: 0px;margin: 0px;font-family: 宋体">组件</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">参考站点:</span><span style="padding: 0px;margin: 0px;font-family: Calibri">http://www.ansible.com.cn</span></p> <p><img src="//cto.wang/usr/uploads/2016/07/20160703170059-85.png" title="1.png" alt="wKioL1a_UZODGTG3AAF3aEdQIeQ983.png" width="650" style="padding: 0px;margin: 0px;vertical-align: top;border: none;float: none" /></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 2.ansible</span><span style="padding: 0px;margin: 0px;font-weight: bold">特性</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">模块化</span><span style="padding: 0px;margin: 0px;font-family: 宋体">设计</span><span style="padding: 0px;margin: 0px;font-family: Calibri">,调用特定的模块来完成特定任务</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,本身是核心组件,短小精悍</span><span style="padding: 0px;margin: 0px;font-family: Calibri">;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">基于Python语言实现,由Paramiko</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(python</span><span style="padding: 0px;margin: 0px;font-family: 宋体">的一个可并发连接</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">主机功能库</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">, PyYAML和Jinja2</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">模板化</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">三个关键模块实现;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">部署简单,agentless</span><span style="padding: 0px;margin: 0px;font-family: 宋体">无客户端工具;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">主从模式</span><span style="padding: 0px;margin: 0px;font-family: 宋体">工作;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">支持自定义模块</span><span style="padding: 0px;margin: 0px;font-family: 宋体">功能;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">支持playbook</span><span style="padding: 0px;margin: 0px;font-family: 宋体">剧本,连续任务按先后设置顺序完成;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: 宋体">期望每个命令具有</span><span style="padding: 0px;margin: 0px;font-family: Calibri">幂等性:</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 3.ansible</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">架构</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible core</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">自身核心模块</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">host inventory:</span><span style="padding: 0px;margin: 0px;font-family: 宋体">主机库,定义可管控的主机列表</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">connection plugins:</span><span style="padding: 0px;margin: 0px;font-family: 宋体">连接插件,一般默认基于</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">协议连接</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">modules:core modules</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">自带模块</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: 宋体">、</span><span style="padding: 0px;margin: 0px;font-family: Calibri">custom modules</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">自定义模块</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">playbooks</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:剧本,按照所设定编排的顺序执行完成安排任务</span></p> <p><img src="//cto.wang/usr/uploads/2016/07/20160703170059-95.png" title="2.png" alt="wKiom1a_UTbwgPO8AAN6D669kL4580.png" width="650" style="padding: 0px;margin: 0px;vertical-align: top;border: none;float: none" /></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 4.</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">配置</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">文件:</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> (1)ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">应用程序的</span><span style="padding: 0px;margin: 0px;font-family: Calibri">主配置文件:/etc/ansible/ansible.cfg</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> (2) </span><span style="padding: 0px;margin: 0px;font-family: Calibri">Host Inventory</span><span style="padding: 0px;margin: 0px;font-family: 宋体">定义管控主机</span><span style="padding: 0px;margin: 0px;font-family: Calibri">:/etc/ansible/hosts</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">遵循</span><span style="padding: 0px;margin: 0px;font-family: Calibri">INI风格;中括号中的字符是组名;一个主机可同时属于多个组;</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">示例:</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"># Ex 1: Ungrouped hosts, specify before any groupheaders.</span><span style="padding: 0px;margin: 0px;font-family: 宋体">直接在任何组的头部前面指定,不属于任何组的主机</span></p> <p>green.example.com</p> <p>blue.example.com</p> <p>192.168.100.1</p> <p>192.168.100.10</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"># Ex 2: A collection of hosts belonging to the'webservers' group</span><span style="padding: 0px;margin: 0px;font-family: 宋体">;一批主机属于一个组,例如定义为</span><span style="padding: 0px;margin: 0px;font-family: Calibri">'webservers'</span><span style="padding: 0px;margin: 0px;font-family: 宋体">的组</span></p> <p>[webservers]</p> <p>alpha.example.org</p> <p>beta.example.org</p> <p>192.168.1.100</p> <p>192.168.1.110</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">注意:默认是以</span><span style="padding: 0px;margin: 0px;font-family: Calibri">root</span><span style="padding: 0px;margin: 0px;font-family: 宋体">用户执行,但是基于</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">连接操作要多次输入密码,为方便可以使用基于</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">密钥方式进行认证</span></p> <p> </p> <p> </p> <p> </p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">二、</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">应用程序命令</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 1.</span><span style="padding: 0px;margin: 0px;font-weight: bold">ansible-doc命令:获取模块列表,及模块使用格式;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible-doc -l</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:获取列表</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible-doc -s module_name</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:获取指定模块的使用信息</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 2.ansible</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">命令格式</span></p> <p> ansible <host-pattern> [-f forks] [-m module_name] [-a args]</p> <table cellpadding="0" cellspacing="0"> <tbody style="padding: 0px;margin: 0px"> <tr style="padding: 0px;margin: 0px" class="firstRow"> <td width="112" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px"><host-pattern></p> </td> <td width="520" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指明管控主机,以模式形式表示或者直接给定</span><span style="padding: 0px;margin: 0px;font-family: Calibri">IP</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,必须事先定义在文件中;</span><span style="padding: 0px;margin: 0px;font-family: Calibri">all</span><span style="padding: 0px;margin: 0px;font-family: 宋体">设置所有</span></p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="36" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px"> [-f forks]</p> </td> <td width="510" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指明每批管控多少主机,默认为</span><span style="padding: 0px;margin: 0px;font-family: Calibri">5</span><span style="padding: 0px;margin: 0px;font-family: 宋体">个主机一批次</span></p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="36" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">[-m module_name]</p> </td> <td width="510" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: 宋体;font-size: 14px">使用何种模块管理操作,所有的操作都需要通过模块来指定</p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="36" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">[-a args]</p> </td> <td width="510" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指明模块专用参数;</span><span style="padding: 0px;margin: 0px;font-family: Calibri">args</span><span style="padding: 0px;margin: 0px;font-family: 宋体">一般为</span><span style="padding: 0px;margin: 0px;font-family: Calibri">key=value</span><span style="padding: 0px;margin: 0px;font-family: 宋体">格式</span></p> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">注意:command模块的参数非为kv格式,而是直接给出要执行的命令即可;</p> </td> </tr> </tbody> </table> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">注意:</span><span style="padding: 0px;margin: 0px;font-family: Calibri"><host-pattern></span><span style="padding: 0px;margin: 0px;font-family: 宋体">默认读取</span><span style="padding: 0px;margin: 0px;font-family: Calibri">/etc/ansible/hosts</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,也可以指明自定义文件路径</span></p> <p> -iPATH, –inventory=PATH:指明使用的host inventory文件路径;</p> <p><span style="padding: 0px;margin: 0px;font-weight: bold">常用模块</span><span style="padding: 0px;margin: 0px;font-weight: bold">(module_name)</span><span style="padding: 0px;margin: 0px;font-weight: bold">:</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">1)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">command:默认模块</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,可省略。在远程主机上进行操作命令</span></p> <p>-a 'COMMAND'</p> <p><span style="padding: 0px;margin: 0px;font-family: 宋体">注意:</span><span style="padding: 0px;margin: 0px;font-family: Calibri">comand</span><span style="padding: 0px;margin: 0px;font-family: 宋体">模块的参数非</span><span style="padding: 0px;margin: 0px;font-family: Calibri">key=value</span><span style="padding: 0px;margin: 0px;font-family: 宋体">格式,直接给出要执行的命令</span></p> <p>[root@localhost ~]# ansible all -m command -a 'ifconfig'</p> <p>2)user:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'name= state={present</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">创建</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">|absent</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">删除</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">} force=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">是否强制操作删除家目录</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> system= uid= shell= home='</span></p> <p>[root@localhost ~]# ansible all -m user -a 'name=ansible state=present'</p> <p>3)group:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'name= state={present|absent} gid= system=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">系统组</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">'</span></p> <p>[root@localhost ~]# ansible all -m group -a 'name=mygroup state=presentsystem=true'</p> <p>4)cron:</p> <p>-a 'name= state= minute= hour= day= month= weekday= job='</p> <p>[root@localhost ~]# ansible all -m cron -a 'name='Time' state=presentminute='*/5' job='/usr/sbin/ntpdate 172.168.0.1 &> /dev/null''</p> <p>5)ping:</p> <p>无参数</p> <p>[root@localhost ~]# ansible all -m ping</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">6)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">file:</span><span style="padding: 0px;margin: 0px;font-family: 宋体">文件管理</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'path= mode= owner= group= state={file|directory|link|hard|touch|absent} src=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(link</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,链接至何处</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">'</span></p> <p>[root@localhost ~]# ansible all -m file -a 'path=/tmp/testdirstate=directory'</p> <p>[root@localhost ~]# ansible all -m file -a 'path=/tmp/test.txt state=touchmod=600 owner=user1'</p> <p>7)copy:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'dest=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">远程主机上路径</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> src=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">本地主机路径</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> content=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">直接指明内容</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> owner= group= mode='</span></p> <p>[root@localhosttmp]# ansible web -m copy -a 'src=/etc/yum.repos.d/aliyun.repodest=/etc/yum.repos.d/'</p> <p>8)template</p> <p>-a 'dest= src=\'#\'" content= owner= group= mode='</p> <p>9)yum:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'name= conf_file=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">指明配置文件</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> state={present|latest|absent} enablerepo= disablerepo=' </span></p> <p>[root@localhost ~]# ansible all -m yum 'name=httpd state=present' </p> <p>10)service:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'name= state={started|stopped|restarted} enabled=</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">是否开机自动启动</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> runlevel='</span></p> <p>[root@localhost ~]# ansible all -m service -a 'name=httpd state=started'</p> <p>11)shell:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a 'COMMAND'</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">运行</span><span style="padding: 0px;margin: 0px;font-family: Calibri">shell</span><span style="padding: 0px;margin: 0px;font-family: 宋体">命令</span></p> <p>[root@localhost ~]# ansible all -m shell -a echo "123456789" |passwd –stdin user1'</p> <p>12)script:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">-a '/PATH/TO/SCRIPT'</span><span style="padding: 0px;margin: 0px;font-family: 宋体">运行脚本</span></p> <p>[root@localhost ~]# ansible all -m script -a '/tmp/a.sh'</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">13)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">setup:获取指定主机的facts</span><span style="padding: 0px;margin: 0px;font-family: 宋体">变量</span><span style="padding: 0px;margin: 0px;font-family: Calibri">;</span></p> <p><img src="//cto.wang/usr/uploads/2016/07/20160703170100-45.png" title="3.png" alt="wKiom1a_UTaTvuQXAACU427vISc235.png" style="padding: 0px;margin: 0px;vertical-align: top;border: none;float: none" /></p> <p> </p> <p> </p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">三、</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">Playbooks</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">剧本</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 1.playbook</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">组织格式:YAML</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">语言格式</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">playbooks</span><span style="padding: 0px;margin: 0px;font-family: 宋体">是</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">更强大的配置管理组件,实现基于文本文件编排执行的多个任务,且多次重复执行</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> (1)YAML</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">简介</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> YAML</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:</span><span style="padding: 0px;margin: 0px;font-family: Calibri">YAML Ain't Markup Language; Yet Another Markup Language;</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">类似于半结构化数据,声明式配置;可读性较高的用来表达资料序列的格式,易于与脚本语言交互</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">官方站点:</span><span style="padding: 0px;margin: 0px;font-family: Calibri">http://www.yaml.org</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> (2)</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">语法</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">格式</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 1)</span><span style="padding: 0px;margin: 0px;font-family: 宋体">任何书记结构都用缩进来标识,可以嵌套</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 2)</span><span style="padding: 0px;margin: 0px;font-family: 宋体">每一行是一个键值数据</span><span style="padding: 0px;margin: 0px;font-family: Calibri">k</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ey</span><span style="padding: 0px;margin: 0px;font-family: Calibri">:v</span><span style="padding: 0px;margin: 0px;font-family: Calibri">alue</span><span style="padding: 0px;margin: 0px;font-family: 宋体">,冒号隔开。若想在一行标识需要用</span><span style="padding: 0px;margin: 0px;font-family: Calibri">{ }</span><span style="padding: 0px;margin: 0px;font-family: 宋体">和</span><span style="padding: 0px;margin: 0px;font-family: Calibri">,</span><span style="padding: 0px;margin: 0px;font-family: 宋体">分隔格式</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 3)</span><span style="padding: 0px;margin: 0px;font-family: 宋体">列表用</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> – </span><span style="padding: 0px;margin: 0px;font-family: 宋体">标识</span></p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 2.</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">inventory参数</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">:主机库</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">参数设置</span></p> <p>ansible基于ssh连接inventory中指定的远程主机时,将以此处的参数指定的属性进行;</p> <table cellpadding="0" cellspacing="0"> <tbody style="padding: 0px;margin: 0px"> <tr style="padding: 0px;margin: 0px" class="firstRow"> <td width="1" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">ansible_ssh_port</p> </td> <td width="329" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指定</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">端口</span></p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="1" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">ansible_ssh_user</p> </td> <td width="316" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指定</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">用户</span></p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="1" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">ansible_ssh_pass</p> </td> <td width="316" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指定</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">用户登录是认证密码,明文密码不安全</span></p> </td> </tr> <tr style="padding: 0px;margin: 0px"> <td width="1" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-family: Calibri;font-size: 14px">ansible_sudo_pass</p> </td> <td width="316" style="padding-right: 5px;padding-left: 5px;margin: 0px;vertical-align: top"> <p style="clear: both;height: auto;overflow: hidden;font-size: 14px"><span style="padding: 0px;margin: 0px;font-family: 宋体">指明</span><span style="padding: 0px;margin: 0px;font-family: Calibri">sudo</span><span style="padding: 0px;margin: 0px;font-family: 宋体">时候的密码</span></p> </td> </tr> </tbody> </table> <p>实例:</p> <p>[websrvs]</p> <p>192.168.0.101 ansible_ssh_port=22 ansible_ssh_user=root ansible_ssh_pass=xuding</p> <p>192.168.0.102</p> <p><span style="padding: 0px;margin: 0px;font-family: 宋体">注意:在</span><span style="padding: 0px;margin: 0px;font-family: Calibri">/etc/ansible/hosts</span><span style="padding: 0px;margin: 0px;font-family: 宋体">中直接定义连接时候的密码不安全,一般建议基于</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ssh</span><span style="padding: 0px;margin: 0px;font-family: 宋体">的密钥认证方式实现</span></p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 3.playbooks</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> (1)</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">核心元素</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">Tasks</span><span style="padding: 0px;margin: 0px;font-family: 宋体">任务、</span><span style="padding: 0px;margin: 0px;font-family: Calibri">Variables</span><span style="padding: 0px;margin: 0px;font-family: 宋体">变量、</span><span style="padding: 0px;margin: 0px;font-family: Calibri">Templates</span><span style="padding: 0px;margin: 0px;font-family: 宋体">模板、</span><span style="padding: 0px;margin: 0px;font-family: Calibri">Handlers</span><span style="padding: 0px;margin: 0px;font-family: 宋体">处理器、</span><span style="padding: 0px;margin: 0px;font-family: Calibri">Roles</span><span style="padding: 0px;margin: 0px;font-family: 宋体">角色</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> (2)playbooks</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">中</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">定义任务:</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">– name: task description</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">注释</span><span style="padding: 0px;margin: 0px;font-family: 宋体">描述信息</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> module_name: module_args</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">声明模块:定义</span><span style="padding: 0px;margin: 0px;font-family: Calibri">ansible</span><span style="padding: 0px;margin: 0px;font-family: 宋体">模块参数</span></p> <p><img src="//cto.wang/usr/uploads/2016/07/20160703170100-18.png" title="4.png" alt="wKioL1a_UZWxwwKsAACJv5PV1o8650.png" style="padding: 0px;margin: 0px;vertical-align: top;border: none;float: none" /></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> (3)</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">ansible-playbook</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">执行</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">命令:</span></p> <p> ansible-playbook <filename.yml> … [options]</p> <p><img src="//cto.wang/usr/uploads/2016/07/20160703170100-92.png" title="5.png" alt="wKioL1a_UZXAMlY-AABkfVb3p2Q769.png" style="padding: 0px;margin: 0px;vertical-align: top;border: none;float: none" /></p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 4.playbook— </span><span style="padding: 0px;margin: 0px;font-weight: bold">变量</span></p> <p> (1)变量命名:字母、数字和下划线组成,仅能以字母开头;</p> <p> (2)变量种类:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 1)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">facts:由远程主机发回的主机</span><span style="padding: 0px;margin: 0px;font-family: 宋体">特有的</span><span style="padding: 0px;margin: 0px;font-family: Calibri">属性信息,这些信息被保存在ansible变量中;无须</span><span style="padding: 0px;margin: 0px;font-family: 宋体">声明</span><span style="padding: 0px;margin: 0px;font-family: Calibri">,可直接调用;</span></p> <p> 2)自定义变量:</p> <p> 通过命令行传递:ansible-playbook test.yml –extra-vars "host=www user=test"</p> <p> 通过roles传递</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 3)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">主机变量:定义在inventory中的主机之后的变量;</span><span style="padding: 0px;margin: 0px;font-family: 宋体">直接传递给单个主机的变量</span></p> <p>实例:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">[root@localhost ~]# vim /etc/ansible/hosts</span><span style="padding: 0px;margin: 0px;font-family: 宋体">中直接定义在主机之后</span></p> <p>[web]</p> <p>192.168.0.101 host=mail</p> <p>192.168.0.102</p> <p>192.168.0.103</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 4)</span><span style="padding: 0px;margin: 0px;font-family: Calibri">组变量:定义在inventory中的组上的变量</span><span style="padding: 0px;margin: 0px;font-family: Calibri">(</span><span style="padding: 0px;margin: 0px;font-family: 宋体">例如在默认的文件</span><span style="padding: 0px;margin: 0px;font-family: Calibri">/etc/ansible/hosts</span><span style="padding: 0px;margin: 0px;font-family: 宋体">上编辑</span><span style="padding: 0px;margin: 0px;font-family: Calibri">)</span></p> <p>[group_name:vars]</p> <p>var1=value</p> <p>var2=value</p> <p>注意:组名要事先存在,实例如下:</p> <p>[websrvs]</p> <p>192.168.0.101</p> <p>192.168.0.102</p> <p>[websrvs:vars]</p> <p>host=mail</p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> </span><span style="padding: 0px;margin: 0px;font-weight: bold">变量使用示例:</span></p> <p> [root@localhost~]# vim useradd.yml</p> <p>– hosts: websrvs</p> <p> remote_user: root</p> <p> vars:</p> <p>username: testuser</p> <p>password: xuding</p> <p> tasks:</p> <p>-name: add user</p> <p> user: name={{ username }} state=present</p> <p>-name: set password</p> <p> shell: /bin/echo {{ password }} |/usr/bin/passwd –stdin {{ username }}</p> <p>注释:</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 1) {{ }} </span><span style="padding: 0px;margin: 0px;font-family: 宋体">调用变量</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> 2) </span><span style="padding: 0px;margin: 0px;font-family: Calibri">#ansible-playbook /PATH/TO/SOME_YAML_FILE { -eVARS|–extra-vars=VARS}</span><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: 宋体">变量的重新赋值调用方法</span></p> <p> [root@localhost ~]# ansible-playbookuseradd.yml –extra-vars "username=ubuntu"</p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> 5.playbook— tasks</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> (1)</span><span style="padding: 0px;margin: 0px;font-weight: bold">条件测试:</span></p> <p> 在某task后面添加when子句即可实现条件测试功能;when语句支持Jinja2语法;</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> </span> 实例<span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">:</span><span style="padding: 0px;margin: 0px;font-family: 宋体">当时</span><span style="padding: 0px;margin: 0px;font-family: Calibri">RedHat</span><span style="padding: 0px;margin: 0px;font-family: 宋体">系列系统时候调用</span><span style="padding: 0px;margin: 0px;font-family: Calibri">yum</span><span style="padding: 0px;margin: 0px;font-family: 宋体">安装</span></p> <p>tasks:</p> <p>-name: install web server package</p> <p> yum: name=httpd state=present</p> <p> when: ansible_os_family == "RedHat"</p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> (2)</span><span style="padding: 0px;margin: 0px;font-weight: bold">迭代:</span><span style="padding: 0px;margin: 0px;font-weight: bold">item</span></p> <p> 在task中调用内置的item变量;在某task后面使用with_items语句来定义元素列表;</p> <p>tasks:</p> <p>-name: add four users</p> <p> user: name={{ item }} state=present</p> <p> with_items:</p> <p>-testuser1</p> <p>-testuser2</p> <p>-testuser3</p> <p>-testuser4</p> <p> 注意:迭代中,列表中的每个元素可以为字典格式;</p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">实例:</span></p> <p>-name: add two users</p> <p> user: name={{ item.name }} state=present groups={{ item.groups }}</p> <p> with_items:</p> <p> – { name: 'testuser5', groups: 'wheel' }</p> <p> – { name: 'testuser6', groups: 'root' }</p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 6.playbook— </span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri">handlers:</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">处理器;触发器</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-family: Calibri">只有其关注的条件满足时,才会被触发执行</span><span style="padding: 0px;margin: 0px;font-family: 宋体">的任务;</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold">实例:配置文件发生改变触发重启服务</span></p> <p>-hosts: websrvs</p> <p> remote_user: root</p> <p> tasks:</p> <p>-name: install httpd</p> <p>yum:name=httpd state=present</p> <p>-name: install config file</p> <p> copy: src=/root/httpd.confdest=/etc/httpd/conf/httpd.conf</p> <p> notify: restart httpd</p> <p>-name: start httpd service</p> <p> service: name=httpd state=started</p> <p>handlers:</p> <p>-name: restart httpd</p> <p> service: name=httpd state=restarted</p> <p> </p> <p><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: Calibri"> 7.playbook</span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">模板</span></p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> </span><span style="padding: 0px;margin: 0px;font-weight: bold">templates:</span></p> <p> 用于生成文本文件(配置文件);模板文件中可使用jinja2表达式,表达式要定义在{{}},也可以简单地仅执行变量替换;</p> <p><span style="padding: 0px;margin: 0px;font-weight: bold"> </span><span style="padding: 0px;margin: 0px;font-weight: bold">roles:</span></p> <p> roles用于实现“代码复用”;</p> <p> roles以特定的层次型格式组织起来的playbook元素(variables,tasks, templates, handlers);</p> <p> 可被playbook以role的名字直接进行调用;</p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri"> </span><span style="padding: 0px;margin: 0px;font-weight: bold;font-family: 宋体">用法</span><span style="padding: 0px;margin: 0px;font-family: 宋体">:在</span><span style="padding: 0px;margin: 0px;font-family: Calibri">roles/</span><span style="padding: 0px;margin: 0px;font-family: 宋体">下建立</span><span style="padding: 0px;margin: 0px;font-family: Calibri">[group_name]</span><span style="padding: 0px;margin: 0px;font-family: 宋体">子目录,并非全部都要创建;例如:</span></p> <p><span style="padding: 0px;margin: 0px;font-family: Calibri">/etc/ansible/roles/</span><span style="padding: 0px;margin: 0px;font-family: 宋体">(在</span><span style="padding: 0px;margin: 0px;font-family: Calibri">/etc/ansible/ansible.cfg</span><span style="padding: 0px;margin: 0px;font-family: 宋体">定义</span><span style="padding: 0px;margin: 0px;font-family: Calibri">roles</span><span style="padding: 0px;margin: 0px;font-family: 宋体">目录)</span></p> <p>webserver/</p> <p>files/:此角色中用到的所有文件均放置于此目录中;</p> <p>templates/:Jinja2模板文件存放位置;</p> <p>tasks/:任务列表文件;可以有多个,但至少有一个叫做main.yml的文件;</p> <p>handlers/:处理器列表文件;可以有多个,但至少有一个叫做main.yml的文件;</p> <p>vars/:变量字典文件;可以有多个,但至少有一个叫做main.yml的文件;</p> <p>meta/:此角色的特殊设定及依赖关系;</p> <p></p> <p>Nicolo.51cto原地址:http://xuding.blog.51cto.com/4890434/1741852</p> <p></p> 最后修改:2021 年 12 月 10 日 10 : 53 AM © 允许规范转载 赞赏 如果觉得我的文章对你有用,请随意赞赏 赞赏作者 支付宝微信