1.11 使用ansible playbook
相当于把模块写入到配置文件里面,例:
vi /etc/ansible/test.yml //加入如下内容
---
- hosts: cdn002
remote_user: root
tasks:
- name: test_playbook
shell: touch /tmp/cdn002.txt
说明: 第一行需要有三个杠,hosts参数指定了对哪些主机进行参作,如果是多台机器可以用逗号作为分隔,也可以使用主机组,在/etc/ansible/hosts里定义;
user参数指定了使用什么用户登录远程主机操作;
tasks指定了一个任务,其下面的name参数同样是对任务的描述,在执行过程中会打印出来,shell是ansible模块名字
执行:ansible-playbook test.yml
[root@Dasoncheng ~]# vim /etc/ansible/test.yml
[root@Dasoncheng ~]# cat !$
cat /etc/ansible/test.yml
---
- hosts: cdn002
remote_user: root
tasks:
- name: test_playbook
shell: touch /tmp/cdn002.txt
[root@Dasoncheng ~]# ansible-playbook /etc/ansible/test.yml
PLAY [cdn002] ****************************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [cdn002]
TASK [test_playbook] *********************************************************************************
[WARNING]: Consider using the file module with state=touch rather than running touch. If you need
to use command because file is insufficient you can add warn=False to this command task or set
command_warnings=False in ansible.cfg to get rid of this message.
changed: [cdn002]
PLAY RECAP *******************************************************************************************
cdn002 : ok=2 changed=1 unreachable=0 failed=0
[root@Dasoncheng ~]# ansible cdn002 -m command -a "ls -l /tmp/cdn002.txt"
cdn002 | SUCCESS | rc=0 >>
-rw-r--r-- 1 root root 0 Apr 20 20:02 /tmp/cdn002.txt
1.12 playbook里的变量
再来一个创建用户的例子:
vi /etc/ansible/create_user.yml //加入如下内容
---
- name: create_user
hosts: cdn002
user: root
gather_facts: false
vars:
- user: "test"
tasks:
- name: create user
user: name="{{ user }}"
说明:name参数对该playbook实现的功能做一个概述,后面执行过程中,会打印 name变量的值 ,可以省略;gather_facts参数指定了在以下任务部分执行前,是否先执行setup模块获取主机相关信息,这在后面的task会使用到setup获取的信息时用到;vars参数,指定了变量,这里指字一个user变量,其值为test ,需要注意的是,变量值一定要用引号引住;user提定了调用user模块,name是user模块里的一个参数,而增加的用户名字调用了上面user变量的值。
[root@Dasoncheng ~]# vim /etc/ansible/create_user.yml
[root@Dasoncheng ~]# cat !$
cat /etc/ansible/create_user.yml
---
- name: create_user
hosts: cdn002
user: root
gather_facts: false
vars:
- user: "test"
tasks:
- name: create user
user: name="{{ user }}"
[root@Dasoncheng ~]# ansible-playbook /etc/ansible/create_user.yml
PLAY [create_user] ***********************************************************************************
TASK [create user] ***********************************************************************************
changed: [cdn002]
PLAY RECAP *******************************************************************************************
cdn002 : ok=1 changed=1 unreachable=0 failed=0
##看到上面的changed=1了没有?这样就是执行成功了,我再执行一遍 changed=0看下面:
[root@Dasoncheng ~]# ansible cdn002 -m command -a "id test"
cdn002 | SUCCESS | rc=0 >>
uid=1003(test) gid=1003(test) groups=1003(test)
[root@Dasoncheng ~]# ansible-playbook /etc/ansible/create_user.yml
PLAY [create_user] ***********************************************************************************
TASK [create user] ***********************************************************************************
ok: [cdn002]
PLAY RECAP *******************************************************************************************
cdn002 : ok=1 changed=0 unreachable=0 failed=0
1.13 playbook循环
vi /etc/ansible/while.yml //加入如下内容
---
- hosts: testhost
user: root
tasks:
- name: change mode for files
file: path=/tmp/{{ item }} mode=600
with_items:
- 1.txt
- 2.txt
- 3.txt
说明: with_items为循环的对象
执行 ansible-playbook while.yml
[root@Dasoncheng ~]# vim /etc/ansible/while.yml
[root@Dasoncheng ~]# cat /etc/ansible/while.yml
---
- hosts: cdn002
user: root
tasks:
- name: change mode for files
file: path=/tmp/{{ item }} state=touch mode=600
with_items:
- 1.txt
- 2.txt
- 3.txt
[root@Dasoncheng ~]# ansible-playbook !$
ansible-playbook /etc/ansible/while.yml
PLAY [cdn002] ****************************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [cdn002]
TASK [change mode for files] *************************************************************************
changed: [cdn002] => (item=1.txt)
changed: [cdn002] => (item=2.txt)
changed: [cdn002] => (item=3.txt)
PLAY RECAP *******************************************************************************************
cdn002 : ok=2 changed=1 unreachable=0 failed=0
[root@Dasoncheng ~]# ansible cdn002 -m shell -a 'ls -l /tmp/*.txt'
cdn002 | SUCCESS | rc=0 >>
-rw------- 1 root root 0 Apr 20 20:28 /tmp/1.txt
-rw------- 1 root root 0 Apr 20 20:28 /tmp/2.txt
-rw------- 1 root root 0 Apr 20 20:28 /tmp/3.txt
-rw-r--r-- 1 root root 29 Apr 20 17:54 /tmp/ansible_test.txt
-rw-r--r-- 1 root root 0 Apr 20 20:02 /tmp/cdn002.txt
1.14 playbook中的条件判断
vi /etc/ansible/when.yml //加入如下内容
---
- hosts: testhost
user: root
gather_facts: True
tasks:
- name: use when
shell: touch /tmp/when.txt
when: ansible_ens33.ipv4.address == "172.7.15.114“
说明:ansible cdn002 -m setup 可以查看到所有的facter信息
[root@Dasoncheng ~]# vim /etc/ansible/when.sh
[root@Dasoncheng ~]# cat !$
cat /etc/ansible/when.sh
---
- hosts: testhost
user: root
gather_facts: True
tasks:
- name: use when
shell: touch /tmp/when.txt
when: ansible_ens33.ipv4.address == "192.168.60.12"
[root@Dasoncheng ~]# ansible-playbook /etc/ansible/when.sh
PLAY [testhost] **************************************************************************************
TASK [Gathering Facts] *******************************************************************************
ok: [127.0.0.1]
ok: [cdn002]
ok: [192.168.60.12]
TASK [use when] **************************************************************************************
skipping: [127.0.0.1]
[WARNING]: Consider using the file module with state=touch rather than running touch. If you need
to use command because file is insufficient you can add warn=False to this command task or set
command_warnings=False in ansible.cfg to get rid of this message.
changed: [192.168.60.12]
changed: [cdn002]
PLAY RECAP *******************************************************************************************
127.0.0.1 : ok=1 changed=0 unreachable=0 failed=0
192.168.60.12 : ok=2 changed=1 unreachable=0 failed=0
cdn002 : ok=2 changed=1 unreachable=0 failed=0
1.15 Ansible playbook中的handlers
这个handlers可用于比如像Nginx配置文件修改,需要重新加载的时候可以这样操作(类似于shell里面的"&&")!
执行task之后,服务器发生变化之后要执行的一些操作,比如我们修改了配置文件后,需要重启一下服务 vi /etc/ansible/hand.yml//加入如下内容
---
- name: handlers test
hosts: cdn002
user: root
tasks:
- name: copy file
copy: src=/etc/passwd dest=/tmp/aaa.txt
notify: test handlers_custom
handlers:
- name: test handlers_custom ##这里需要和上面的notify一致
shell: echo "11111111" >> /tmp/aaa.txt
说明,只有copy模块真正执行后,才会去调用下面的handlers相关的操作。也就是说如果1.txt和2.txt内容是一样的,并不会去执行handlers里面的shell相关命令。 这种比较适合配置文件发生更改后,重启服务的操作。
[root@Dasoncheng ~]# vim /etc/ansible/hand.yml
[root@Dasoncheng ~]# cat /etc/ansible/hand.yml
---
- name: handlers test
hosts: cdn002
user: root
gather_facts: false
tasks:
- name: copy file
copy: src=/etc/passwd dest=/tmp/aaa.txt
notify: test handlers_custom
handlers:
- name: test handlers_custom
shell: echo "11111111" >> /tmp/aaa.txt
[root@Dasoncheng ~]# ansible-playbook /etc/ansible/hand.yml
PLAY [handlers test] *********************************************************************************
TASK [copy file] *************************************************************************************
changed: [cdn002]
RUNNING HANDLER [test handlers_custom] ***************************************************************
changed: [cdn002]
PLAY RECAP *******************************************************************************************
cdn002 : ok=2 changed=2 unreachable=0 failed=0
[root@Dason02 ~]# tail /tmp/aaa.txt
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
gecz:x:1000:0::/home/gecz:/bin/bash
mysql:x:1001:1001::/home/mysql:/sbin/nologin
jenkins:x:997:995:Jenkins Automation Server:/var/lib/jenkins:/bin/false
11111111